/lenasys/trunk

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/trunk

« back to all changes in this revision

Viewing changes to DuggaSys/quizAjax/answerQuiz.php

  • Committer: gustav.hartvigsson at gmail
  • Date: 2013-04-03 11:52:56 UTC
  • Revision ID: gustav.hartvigsson@gmail.com-20130403115256-sz6zermzoom4lifc
Ignored .DS_Store files.

Show diffs side-by-side

added added

removed removed

Lines of Context:
DuggaSys/quizAjax/answerQuiz.php
1
 
<?php
2
 
////Handels quiz answers 
3
 
////Parameters: loginName, courseName, courseOccasion, quizNr, quizAnswer
4
 
////If autoCorrection==false the answer is stored without checking
5
 
////Else the quiz answer is checked for correctness, 
6
 
////    if incorrect -> the answer is not stored
7
 
////    else -> stored 
8
 
 
9
 
session_start();
10
 
//Check if the sent login name is the same as the one stored in the session
11
 
if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']) { 
12
 
        include "../../php/dbconnect.php";
13
 
        //Store answer and loginName+answer hash
14
 
        function storeAnswer($loginName,$courseName,$courseOccasion,$quizNr,$qVarRr,$quizAnswer,$grade,$gradeComment,$ip,$userAgent,$pdo) {
15
 
                $updateQuery="UPDATE AssignedQuizzes 
16
 
                                          SET AssignedQuizzes.answer=:ANSWER, 
17
 
                                                  AssignedQuizzes.answerHash=:ANSWERHASH, 
18
 
                                                  AssignedQuizzes.grade=:GRADE, 
19
 
                                                  AssignedQuizzes.gradeComment=:GRADECOMMENT, 
20
 
                                                  AssignedQuizzes.answeredDateTime=:DATETIME,
21
 
                                                  AssignedQuizzes.userAgent=:AGENT,
22
 
                                                  AssignedQuizzes.userIP=:IP
23
 
                                          WHERE AssignedQuizzes.ssn=(SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN)
24
 
                                                AND AssignedQuizzes.quizNr=:QNR
25
 
                                                AND AssignedQuizzes.quizCourseName=:CNAME
26
 
                                                AND AssignedQuizzes.courseOccasion=:COCCASION;";
27
 
                $updateStmt = $pdo->prepare($updateQuery);
28
 
                $updateStmt->bindParam(':LOGIN', $loginName);
29
 
                $updateStmt->bindParam(':CNAME', $courseName);
30
 
                $updateStmt->bindParam(':QNR', $quizNr);
31
 
                $updateStmt->bindParam(':COCCASION', $courseOccasion);
32
 
                $updateStmt->bindParam(':ANSWER', $quizAnswer);
33
 
                $hashedAnswer=md5($loginName.$quizAnswer);
34
 
                $updateStmt->bindParam(':ANSWERHASH', $hashedAnswer);
35
 
                $updateStmt->bindParam(':GRADE', $grade);
36
 
                $updateStmt->bindParam(':GRADECOMMENT', $gradeComment);
37
 
                $now=new DateTime();
38
 
                $dateString=$now->format('Y-m-d H:i:s');
39
 
                $updateStmt->bindParam(':DATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
40
 
                $updateStmt->bindParam(':IP',$ip);
41
 
                $updateStmt->bindParam(':AGENT',$userAgent);
42
 
                
43
 
                return $updateStmt->execute();
44
 
        }
45
 
 
46
 
 
47
 
        //Prevents browsers (IE) from caching the response
48
 
        header('Cache-Control: no-cache, must-revalidate');
49
 
        header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
50
 
        header('Content-type: application/json; charset=utf-8'); 
51
 
 
52
 
        
53
 
        
54
 
        //TODO: Store ALL answer attempts in answerlog
55
 
        // CREATE TABLE AssignedQuizzesAnswerLog(
56
 
    // ssn CHAR(11), /*YYMMDD-XXXX*/
57
 
        // loginName VARCHAR(50),
58
 
    // quizNr INTEGER,
59
 
    // qVarNr INTEGER,
60
 
    // quizCourseName VARCHAR(200),
61
 
        // courseOccasion VARCHAR(25),
62
 
    // answerHash VARCHAR(255), /*Hash of Student login name + answer */
63
 
    // answer TEXT,
64
 
        // grade VARCHAR(10),
65
 
        // gradeComment TEXT,
66
 
        // answeredDateTime TIMESTAMP,
67
 
    // userAgent VARCHAR(1024), /*$_SERVER['HTTP_USER_AGENT']*/
68
 
    // userIP VARCHAR(20) /*$_SERVER['REMOTE_ADDR']*/
69
 
        // ) ENGINE=INNODB CHARACTER SET utf8 COLLATE utf8_swedish_ci;
70
 
        $insertString = "INSERT INTO AssignedQuizzesAnswerLog(
71
 
                                                        ssn,
72
 
                                                        loginName,
73
 
                                                        quizNr,
74
 
                                                        qVarNr,
75
 
                                                        quizCourseName,
76
 
                                                        courseOccasion,
77
 
                                                        answerHash,
78
 
                                                        answer,
79
 
                                                        grade,
80
 
                                                        gradeComment,
81
 
                                                        answeredDateTime,
82
 
                                                        userAgent,
83
 
                                                        userIP) 
84
 
                                                        VALUES(
85
 
                                                        (SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN),
86
 
                                                        :LOGIN,
87
 
                                                        :QNR,
88
 
                                                        (SELECT AssignedQuizzes.qVarNr 
89
 
                                                         FROM AssignedQuizzes, Student 
90
 
                                                         WHERE Student.ssn=AssignedQuizzes.ssn  
91
 
                                                           AND AssignedQuizzes.quizNr=:QNR      
92
 
                                                           AND Student.loginName=:LOGIN 
93
 
                                                           AND AssignedQuizzes.quizCourseName=:CNAME
94
 
                                                           AND AssignedQuizzes.courseOccasion=:COCCASION),
95
 
                                                          :CNAME,
96
 
                                                          :COCCASION,
97
 
                                                          :AHASH,
98
 
                                                          :ANSWER,
99
 
                                                          '',
100
 
                                                          '',
101
 
                                                          :ADATETIME,
102
 
                                                          :UAGENT,
103
 
                                                          :UIP);";
104
 
        $stmt = $pdo->prepare($insertString);
105
 
        $stmt->bindParam(':QNR', $_POST['quizNr']);
106
 
        $stmt->bindParam(':LOGIN', $_POST['loginName']);
107
 
        $stmt->bindParam(':CNAME', $_POST['courseName']);
108
 
        $stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
109
 
        $stmt->bindParam(':ANSWER', $_POST['quizAnswer']);
110
 
        $hashedAnswer=md5($_POST['loginName'].$_POST['quizAnswer']);
111
 
        $stmt->bindParam(':AHASH', $hashedAnswer);
112
 
        $stmt->bindParam(':UAGENT', $_SERVER['HTTP_USER_AGENT']);
113
 
        $now=new DateTime();
114
 
        $dateString=$now->format('Y-m-d H:i:s');
115
 
        $stmt->bindParam(':ADATETIME', $dateString); // date and time formated to string e.g. "2012-08-23 08:59:00"
116
 
        $stmt->bindParam(':UIP', $_SERVER['REMOTE_ADDR']);
117
 
        $stmt->execute();
118
 
        
119
 
        //Check if the student is a praticipant of the course
120
 
        $queryString="SELECT COUNT(*) 
121
 
                                   FROM Student, StudentCourseRegistration 
122
 
                                   WHERE Student.ssn=StudentCourseRegistration.studentSsn
123
 
                                   AND Student.loginName=:LOGIN
124
 
                                   AND Student.passw=:PASSW
125
 
                                   AND courseName=:CNAME 
126
 
                                   AND courseOccasion=:COCCASION;";
127
 
        $stmt = $pdo->prepare($queryString);
128
 
        $stmt->bindParam(':LOGIN', $_SESSION['loginName']);
129
 
        $stmt->bindParam(':PASSW', $_SESSION['password']);
130
 
        $stmt->bindParam(':CNAME', $_SESSION['courseName']);
131
 
        $stmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
132
 
        $stmt->execute();
133
 
 
134
 
        if($stmt->fetchColumn()==1) { //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row) 
135
 
                //Check if quiz is open (and fetch auto correction setting)
136
 
                $queryString="SELECT Quiz.opening, Quiz.closing, Quiz.autoCorrected, Quiz.allowMultipleReplies
137
 
                                           FROM Quiz
138
 
                                           WHERE Quiz.nr=:QNR
139
 
                                           AND Quiz.courseName=:CNAME;";
140
 
                $stmt = $pdo->prepare($queryString);
141
 
                $stmt->bindParam(':QNR', $_POST['quizNr']);
142
 
                $stmt->bindParam(':CNAME', $_POST['courseName']);
143
 
                $stmt->execute();
144
 
                $quizData=$stmt->fetch(PDO::FETCH_ASSOC);
145
 
                if($quizData){
146
 
                        
147
 
                        $now = new DateTime();
148
 
                        $opening = new DateTime($quizData['opening']);
149
 
                        $closing = new DateTime($quizData['closing']);
150
 
 
151
 
                        if($now<$opening) { //Quiz is not open yet
152
 
                                echo json_encode(array('Error' => 'Requested quiz is not open yet'));
153
 
                                exit();
154
 
                        } else if($now>$closing) { //Quiz is closed
155
 
                                echo json_encode(array('Error' => 'Requested quiz is closed'));
156
 
                                exit();
157
 
                        } // else continue (Not the best coding practice...)
158
 
                        
159
 
                } else { //Quiz does not exist
160
 
                        echo json_encode(array('Error' => 'Requested quiz does not exist'));
161
 
                        exit();
162
 
                }
163
 
                
164
 
                /*
165
 
                        AssignedQuizzes(
166
 
                ssn CHAR(11), //YYMMDD-XXXX
167
 
                quizNr INTEGER,
168
 
                qVarNr INTEGER,
169
 
                quizCourseName VARCHAR(200),
170
 
                courseOccasion VARCHAR(25) NOT NULL,
171
 
                answerHash VARCHAR(255), //Hash of Student login name + answer 
172
 
                answer TEXT,
173
 
                grade VARCHAR(10),
174
 
                gradeComment TEXT,
175
 
                answeredDateTime TIMESTAMP,
176
 
                userAgent VARCHAR(1024),
177
 
                userIP VARCHAR(20), //$_SERVER['REMOTE_ADDR']
178
 
                PRIMARY KEY(ssn, qVarNr, quizNr, quizCourseName),
179
 
                */
180
 
 
181
 
                //Check if student already has answered the assigned quiz variant
182
 
                $queryString="SELECT AssignedQuizzes.answerHash, AssignedQuizzes.qVarNr, AssignedQuizzes.gradeComment 
183
 
                                          FROM AssignedQuizzes, Student
184
 
                                          WHERE Student.ssn=AssignedQuizzes.ssn
185
 
                                                AND AssignedQuizzes.quizNr=:QNR 
186
 
                                                AND Student.loginName=:LOGIN
187
 
                                                AND AssignedQuizzes.quizCourseName=:CNAME
188
 
                                                AND AssignedQuizzes.courseOccasion=:COCCASION;";
189
 
                $stmt = $pdo->prepare($queryString);
190
 
                $stmt->bindParam(':QNR', $_POST['quizNr']);
191
 
                $stmt->bindParam(':LOGIN', $_POST['loginName']);
192
 
                $stmt->bindParam(':CNAME', $_POST['courseName']);
193
 
                $stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
194
 
                $stmt->execute();
195
 
                $result=$stmt->fetch(PDO::FETCH_ASSOC);
196
 
                $stmt->closeCursor();
197
 
                if($result){ //If this quiz is assigned to the student 
198
 
                                if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
199
 
                                        echo json_encode(array('Error' => 'This quiz has already been answered', 'answerHash'=>$result['answerHash']));
200
 
                                        exit();
201
 
                                } else { //check if autoCorrection
202
 
                                
203
 
                                        if($quizData['autoCorrected']=='0'){ //Not auto corrected
204
 
                                                $hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
205
 
                                                if(storeAnswer($_POST['loginName'],
206
 
                                                                           $_POST['courseName'],
207
 
                                                                           $_POST['courseOccasion'],
208
 
                                                                           $_POST['quizNr'],
209
 
                                                                           $result['qVarNr'],
210
 
                                                                           $_POST['quizAnswer'],
211
 
                                                                           "ungraded",
212
 
                                                                           $result['gradeComment']."-",
213
 
                                                                           $_SERVER['REMOTE_ADDR'],
214
 
                                                                           $_SERVER['HTTP_USER_AGENT'],
215
 
                                                                           $pdo)){
216
 
                                                        //Stored answer
217
 
                                                        echo json_encode(array('Success' => 'true','hashedAnswer' => $hashedAnswer));
218
 
                                                } else {
219
 
                                                        //Failed to store answer
220
 
                                                        echo json_encode(array('Success' => 'false','hashedAnswer' => $hashedAnswer));
221
 
                                                }
222
 
                                                exit();
223
 
                                        } else { //Is auto corrected - Check if the correct answer was given 
224
 
                                                /*QuizVariant(
225
 
                                                 qVarNr INTEGER,
226
 
                                                quizNr INTEGER,
227
 
                                                quizCourseName VARCHAR(200),
228
 
                                                correctAnswer VARCHAR(255),
229
 
                                                quizObjectIDs TEXT,
230
 
                                                PRIMARY KEY(qVarNr, quizNr, quizCourseName),
231
 
                                                */
232
 
                                                $queryString = "SELECT QuizVariant.correctAnswer
233
 
                                                                                FROM QuizVariant
234
 
                                                                                WHERE QuizVariant.qVarNr=:QVNR
235
 
                                                                                        AND QuizVariant.quizNr=:QNR
236
 
                                                                                        AND QuizVariant.quizCourseName=:CNAME";
237
 
                                                $stmt = $pdo->prepare($queryString);
238
 
                                                $stmt->bindParam(':QNR', $_POST['quizNr']);
239
 
                                                $stmt->bindParam(':QVNR', $result['qVarNr']);
240
 
                                                $stmt->bindParam(':CNAME', $_POST['courseName']);
241
 
                                                $stmt->execute();
242
 
                                                $qVarData=$stmt->fetch(PDO::FETCH_ASSOC);
243
 
                                                $correctAnswer=$qVarData['correctAnswer'];
244
 
                                                if($_POST['quizAnswer']==$correctAnswer){ //Correct answer was given
245
 
                                                        $hashedAnswer= substr(md5($_POST['loginName'].$_POST['quizAnswer']),0,8);
246
 
                                                        $stmt->closeCursor();
247
 
                                                        if(storeAnswer($_POST['loginName'],
248
 
                                                                           $_POST['courseName'],
249
 
                                                                           $_POST['courseOccasion'],
250
 
                                                                           $_POST['quizNr'],
251
 
                                                                           $result['qVarNr'],
252
 
                                                                           $_POST['quizAnswer'],
253
 
                                                                           "Correct",
254
 
                                                                           $result['gradeComment']." Quiz was corrected automatically",
255
 
                                                                           $_SERVER['REMOTE_ADDR'],
256
 
                                                                           $_SERVER['HTTP_USER_AGENT'],
257
 
                                                                           $pdo)){
258
 
                                                                //Stored answer
259
 
                                                                echo json_encode(array('Success' => 'true', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
260
 
                                                        } else {
261
 
                                                                //Failed to store answer
262
 
                                                                echo json_encode(array('Success' => 'false', 'isCorrect' => 'true', 'hashedAnswer' => $hashedAnswer));
263
 
                                                        }
264
 
                                                        exit();
265
 
                                                } else { //Answer is incorrect
266
 
                                                        
267
 
                                                        echo json_encode(array('isCorrect' => 'false'));
268
 
                                                }
269
 
                                                exit();
270
 
                                        }
271
 
                                }
272
 
                } else {
273
 
                        echo json_encode(array('Error' => 'This student has not been assigned the quiz'));
274
 
                        exit();
275
 
                }
276
 
                
277
 
        } else {
278
 
                echo json_encode(array('Error' => 'Student not registered for this course'));
279
 
                exit();
280
 
        }
281
 
} else { //Sent login name does not match the login name stored in the session
282
 
        echo json_encode(array('Error' => 'Sent login name does not match stored login name')); 
283
 
}
284
 
?>
 
 
b'\\ No newline at end of file'