/lenasys/0.1

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/0.1 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

<?php
//// Returns a quiz variant including quiz data (If the student is registered for the course and the quiz is open)
//// If no quiz variant already assigned to the student a variant will be randomly selected and assigned
//// Parameters: (POST) login, courseName, courseOccasion, quizNr
//// Returns:	quizNr 
////			quizCourseName 
////			quizData 
////			quizObjectIDs 

session_start();
//Check if the sent login name is the same as the one stored in the session
if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']) { 

//Prevents browsers (IE) from caching the response
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
//header('Content-type: application/json');
header('Content-type: application/json; charset=utf-8'); 
include "../../php/dbconnect.php";
/* Function used to fetch quiz variant data */
function fetchQuizVariant($courseName, $quizNr, $quizVariantNr, $pdo) {
	$queryString=" SELECT QuizVariant.quizNr, QuizVariant.quizCourseName, QuizVariant.quizObjectIDs, Quiz.quizData 
					FROM QuizVariant, Quiz
					WHERE QuizVariant.quizNr=Quiz.nr 
					AND QuizVariant.qVarNr=:VARNR 
					AND QuizVariant.quizCourseName=:CNAME 
					AND QuizVariant.quizNr=:QNR;)";
	$stmt = $pdo->prepare($queryString);
	$stmt->bindParam(':CNAME', $courseName);
	$stmt->bindParam(':QNR', $quizNr);
	$stmt->bindParam(':VARNR', $quizVariantNr);
	$stmt->execute();

	$quizVariantData=$stmt->fetch(PDO::FETCH_ASSOC);
	$quizVariantData['quizData']=htmlspecialchars_decode($quizVariantData['quizData']);
	return $quizVariantData;
}


 
//Check if the student is a praticipant of the course
$queryString="SELECT COUNT(*) 
               FROM Student, StudentCourseRegistration 
			   WHERE Student.ssn=StudentCourseRegistration.studentSsn
			   AND Student.loginName=:LOGINN
			   AND Student.passw=:PASSW
			   AND courseName=:CNAME 
			   AND courseOccasion=:COCCASION;";
$stmt = $pdo->prepare($queryString);
$stmt->bindParam(':LOGINN', $_SESSION['loginName']);
$stmt->bindParam(':PASSW', $_SESSION['password']);
$stmt->bindParam(':CNAME', $_POST['courseName']);
$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
$stmt->execute();

if($stmt->fetchColumn()==1) { //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row) 
	
	//Check if quiz is open
	$queryString="SELECT Quiz.opening, Quiz.closing, Quiz.allowMultipleReplies
				   FROM Quiz
				   WHERE Quiz.nr=:QNR
				   AND Quiz.courseName=:CNAME;";
	$stmt = $pdo->prepare($queryString);
	$stmt->bindParam(':QNR', $_POST['quizNr']);
	$stmt->bindParam(':CNAME', $_POST['courseName']);
	$stmt->execute();
	$quizData=$stmt->fetch(PDO::FETCH_ASSOC); 
	if($quizData) {
		$now = new DateTime();
		$opening = new DateTime($quizData['opening']);
		$closing = new DateTime($quizData['closing']);

		if($now<$opening) { //Quiz is not open yet
			echo json_encode(array('Error' => 'Requested quiz is not open yet'));
			exit();
		} else if($now>$closing) { //Quiz is closed
			echo json_encode(array('Error' => 'Requested quiz is closed'));
			exit();
		} // else continue (Not the best coding practice...)
		
	} else { //Quiz does not exist
		echo json_encode(array('Error' => 'Requested quiz does not exist'));
		exit();
	}
	
	//Check if student already has been assigned a quiz variant
	$queryString="SELECT AssignedQuizzes.qVarNr, AssignedQuizzes.answerHash, AssignedQuizzes.answer 
				  FROM AssignedQuizzes, Student
				  WHERE Student.ssn=AssignedQuizzes.ssn
				  AND Student.loginName=:LOGIN
				  AND AssignedQuizzes.quizNr=:QNR
				  AND AssignedQuizzes.quizCourseName=:CNAME
				  AND AssignedQuizzes.courseOccasion=:COCCASION;";
	$stmt = $pdo->prepare($queryString);
	$stmt->bindParam(':LOGIN', $_POST['loginName']);
	$stmt->bindParam(':QNR', $_POST['quizNr']);
	$stmt->bindParam(':CNAME', $_POST['courseName']);
	$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
	$stmt->execute();
	$result=$stmt->fetch(PDO::FETCH_ASSOC);
	if($result){ //If this quiz is assigned to the student
	//if($stmt->rowCount() >= 1){ //If this quiz is assigned to the student

		if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
			echo json_encode(array('Error' => 'This student has already answered this quiz', 'answerHash'=>$result['answerHash']));
			exit();
		} else { //Return quiz variant data assigned to student
			$quizVariant=$result['qVarNr'];
			$quizVariantData=fetchQuizVariant($_POST['courseName'], $_POST['quizNr'], $quizVariant, $pdo);
			$quizVariantData['storedAnswer']=$result['answer'];
			echo json_encode($quizVariantData);
			exit();
		}
	} else { //This quiz has not been assigned to the student
		//Select random variant for requested quiz nr (for a particular course)
		//$queryString="SELECT COUNT(QuizVariant.quizNr) 
		//              FROM QuizVariant 
		//			  WHERE QuizVariant.quizNr=:QNR AND QuizVariant.quizCourseName=:CNAME;";
		//SELECT COUNT(QuizVariant.quizNr) FROM QuizVariant WHERE QuizVariant.quizNr=1 AND QuizVariant.quizCourseName='DA133G Webbutveckling - datorgrafik G1N, 7,5hp (IKI)';
		
		$queryString="SELECT QuizVariant.qVarNr 
					  FROM QuizVariant
					  WHERE QuizVariant.quizNr=:QNR 
					  AND QuizVariant.quizCourseName=:CNAME;";
		
		$stmt = $pdo->prepare($queryString);
		$stmt->bindParam(':QNR', $_POST['quizNr']);
		$stmt->bindParam(':CNAME', $_POST['courseName']);
		$stmt->execute();
		$quizVariants=$stmt->fetchAll(PDO::FETCH_NUM);
		if(count($quizVariants)>0) {
			$randomIndex=rand(0,count($quizVariants)-1);
			$quizVariant=$quizVariants[$randomIndex][0];
			$quizVariantData=fetchQuizVariant($_POST['courseName'], $_POST['quizNr'], $quizVariant, $pdo);

			//Store selected variant
			$insertString="INSERT INTO AssignedQuizzes(ssn, quizNr, qVarNr, quizCourseName, courseOccasion) 
						   VALUES((SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN), :QNR, :QVARNR, :CNAME, :COCCASION);";
			$insertStmt = $pdo->prepare($insertString);
			$insertStmt->bindParam(':LOGIN', $_SESSION['loginName']);
			$insertStmt->bindParam(':CNAME', $quizVariantData['quizCourseName']);
			$insertStmt->bindParam(':QNR', $quizVariantData['quizNr']);
			$insertStmt->bindParam(':QVARNR', $quizVariant);  
			$insertStmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
			$insertStmt->execute();

			echo json_encode($quizVariantData);	
			exit();
		} else {
			echo json_encode(array('Error' => 'No quiz variants found'));
			exit();
		}
	}

} else {
	//TODO: Store login attempt in log-table
	echo json_encode(array('Error' => 'Student not registered for this course'));
	exit();
}
} else { //Sent login name does not match the login name stored in the session
	echo json_encode(array('Error' => 'Sent login name does not match stored login name'));
}
?>