/lenasys/trunk

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/trunk

« back to all changes in this revision

Viewing changes to DuggaSys/quizAjax/getQuiz.php

  • Committer: gustav.hartvigsson at gmail
  • Date: 2013-04-03 11:52:56 UTC
  • Revision ID: gustav.hartvigsson@gmail.com-20130403115256-sz6zermzoom4lifc
Ignored .DS_Store files.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
<?php
2
 
//// Returns a quiz variant including quiz data (If the student is registered for the course and the quiz is open)
3
 
//// If no quiz variant already assigned to the student a variant will be randomly selected and assigned
4
 
//// Parameters: (POST) login, courseName, courseOccasion, quizNr
5
 
//// Returns:   quizNr 
6
 
////                    quizCourseName 
7
 
////                    quizData 
8
 
////                    quizObjectIDs 
9
 
 
10
 
session_start();
11
 
//Check if the sent login name is the same as the one stored in the session
12
 
if($_POST['loginName']==$_SESSION['loginName'] && $_POST['courseName']==$_SESSION['courseName'] && $_POST['quizNr']==$_SESSION['quizNr']) { 
13
 
 
14
 
//Prevents browsers (IE) from caching the response
15
 
header('Cache-Control: no-cache, must-revalidate');
16
 
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
17
 
//header('Content-type: application/json');
18
 
header('Content-type: application/json; charset=utf-8'); 
19
 
include "../../php/dbconnect.php";
20
 
/* Function used to fetch quiz variant data */
21
 
function fetchQuizVariant($courseName, $quizNr, $quizVariantNr, $pdo) {
22
 
        $queryString=" SELECT QuizVariant.quizNr, QuizVariant.quizCourseName, QuizVariant.quizObjectIDs, Quiz.quizData 
23
 
                                        FROM QuizVariant, Quiz
24
 
                                        WHERE QuizVariant.quizNr=Quiz.nr 
25
 
                                        AND QuizVariant.qVarNr=:VARNR 
26
 
                                        AND QuizVariant.quizCourseName=:CNAME 
27
 
                                        AND QuizVariant.quizNr=:QNR;)";
28
 
        $stmt = $pdo->prepare($queryString);
29
 
        $stmt->bindParam(':CNAME', $courseName);
30
 
        $stmt->bindParam(':QNR', $quizNr);
31
 
        $stmt->bindParam(':VARNR', $quizVariantNr);
32
 
        $stmt->execute();
33
 
 
34
 
        $quizVariantData=$stmt->fetch(PDO::FETCH_ASSOC);
35
 
        $quizVariantData['quizData']=htmlspecialchars_decode($quizVariantData['quizData']);
36
 
        return $quizVariantData;
37
 
}
38
 
 
39
 
 
40
 
 
41
 
//Check if the student is a praticipant of the course
42
 
$queryString="SELECT COUNT(*) 
43
 
               FROM Student, StudentCourseRegistration 
44
 
                           WHERE Student.ssn=StudentCourseRegistration.studentSsn
45
 
                           AND Student.loginName=:LOGINN
46
 
                           AND Student.passw=:PASSW
47
 
                           AND courseName=:CNAME 
48
 
                           AND courseOccasion=:COCCASION;";
49
 
$stmt = $pdo->prepare($queryString);
50
 
$stmt->bindParam(':LOGINN', $_SESSION['loginName']);
51
 
$stmt->bindParam(':PASSW', $_SESSION['password']);
52
 
$stmt->bindParam(':CNAME', $_POST['courseName']);
53
 
$stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
54
 
$stmt->execute();
55
 
 
56
 
if($stmt->fetchColumn()==1) { //Student is registered for the course - COUNT result read from the first column of the next unread row (i.e. the first row) 
57
 
        
58
 
        //Check if quiz is open
59
 
        $queryString="SELECT Quiz.opening, Quiz.closing, Quiz.allowMultipleReplies
60
 
                                   FROM Quiz
61
 
                                   WHERE Quiz.nr=:QNR
62
 
                                   AND Quiz.courseName=:CNAME;";
63
 
        $stmt = $pdo->prepare($queryString);
64
 
        $stmt->bindParam(':QNR', $_POST['quizNr']);
65
 
        $stmt->bindParam(':CNAME', $_POST['courseName']);
66
 
        $stmt->execute();
67
 
        $quizData=$stmt->fetch(PDO::FETCH_ASSOC); 
68
 
        if($quizData) {
69
 
                $now = new DateTime();
70
 
                $opening = new DateTime($quizData['opening']);
71
 
                $closing = new DateTime($quizData['closing']);
72
 
 
73
 
                if($now<$opening) { //Quiz is not open yet
74
 
                        echo json_encode(array('Error' => 'Requested quiz is not open yet'));
75
 
                        exit();
76
 
                } else if($now>$closing) { //Quiz is closed
77
 
                        echo json_encode(array('Error' => 'Requested quiz is closed'));
78
 
                        exit();
79
 
                } // else continue (Not the best coding practice...)
80
 
                
81
 
        } else { //Quiz does not exist
82
 
                echo json_encode(array('Error' => 'Requested quiz does not exist'));
83
 
                exit();
84
 
        }
85
 
        
86
 
        //Check if student already has been assigned a quiz variant
87
 
        $queryString="SELECT AssignedQuizzes.qVarNr, AssignedQuizzes.answerHash, AssignedQuizzes.answer 
88
 
                                  FROM AssignedQuizzes, Student
89
 
                                  WHERE Student.ssn=AssignedQuizzes.ssn
90
 
                                  AND Student.loginName=:LOGIN
91
 
                                  AND AssignedQuizzes.quizNr=:QNR
92
 
                                  AND AssignedQuizzes.quizCourseName=:CNAME
93
 
                                  AND AssignedQuizzes.courseOccasion=:COCCASION;";
94
 
        $stmt = $pdo->prepare($queryString);
95
 
        $stmt->bindParam(':LOGIN', $_POST['loginName']);
96
 
        $stmt->bindParam(':QNR', $_POST['quizNr']);
97
 
        $stmt->bindParam(':CNAME', $_POST['courseName']);
98
 
        $stmt->bindParam(':COCCASION', $_POST['courseOccasion']);
99
 
        $stmt->execute();
100
 
        $result=$stmt->fetch(PDO::FETCH_ASSOC);
101
 
        if($result){ //If this quiz is assigned to the student
102
 
        //if($stmt->rowCount() >= 1){ //If this quiz is assigned to the student
103
 
 
104
 
                if($result['answerHash']!=NULL && $quizData['allowMultipleReplies']!='1'){ //Student has already answered the quiz
105
 
                        echo json_encode(array('Error' => 'This student has already answered this quiz', 'answerHash'=>$result['answerHash']));
106
 
                        exit();
107
 
                } else { //Return quiz variant data assigned to student
108
 
                        $quizVariant=$result['qVarNr'];
109
 
                        $quizVariantData=fetchQuizVariant($_POST['courseName'], $_POST['quizNr'], $quizVariant, $pdo);
110
 
                        $quizVariantData['storedAnswer']=$result['answer'];
111
 
                        echo json_encode($quizVariantData);
112
 
                        exit();
113
 
                }
114
 
        } else { //This quiz has not been assigned to the student
115
 
                //Select random variant for requested quiz nr (for a particular course)
116
 
                //$queryString="SELECT COUNT(QuizVariant.quizNr) 
117
 
                //              FROM QuizVariant 
118
 
                //                        WHERE QuizVariant.quizNr=:QNR AND QuizVariant.quizCourseName=:CNAME;";
119
 
                //SELECT COUNT(QuizVariant.quizNr) FROM QuizVariant WHERE QuizVariant.quizNr=1 AND QuizVariant.quizCourseName='DA133G Webbutveckling - datorgrafik G1N, 7,5hp (IKI)';
120
 
                
121
 
                $queryString="SELECT QuizVariant.qVarNr 
122
 
                                          FROM QuizVariant
123
 
                                          WHERE QuizVariant.quizNr=:QNR 
124
 
                                          AND QuizVariant.quizCourseName=:CNAME;";
125
 
                
126
 
                $stmt = $pdo->prepare($queryString);
127
 
                $stmt->bindParam(':QNR', $_POST['quizNr']);
128
 
                $stmt->bindParam(':CNAME', $_POST['courseName']);
129
 
                $stmt->execute();
130
 
                $quizVariants=$stmt->fetchAll(PDO::FETCH_NUM);
131
 
                if(count($quizVariants)>0) {
132
 
                        $randomIndex=rand(0,count($quizVariants)-1);
133
 
                        $quizVariant=$quizVariants[$randomIndex][0];
134
 
                        $quizVariantData=fetchQuizVariant($_POST['courseName'], $_POST['quizNr'], $quizVariant, $pdo);
135
 
 
136
 
                        //Store selected variant
137
 
                        $insertString="INSERT INTO AssignedQuizzes(ssn, quizNr, qVarNr, quizCourseName, courseOccasion) 
138
 
                                                   VALUES((SELECT Student.ssn FROM Student WHERE Student.loginName=:LOGIN), :QNR, :QVARNR, :CNAME, :COCCASION);";
139
 
                        $insertStmt = $pdo->prepare($insertString);
140
 
                        $insertStmt->bindParam(':LOGIN', $_SESSION['loginName']);
141
 
                        $insertStmt->bindParam(':CNAME', $quizVariantData['quizCourseName']);
142
 
                        $insertStmt->bindParam(':QNR', $quizVariantData['quizNr']);
143
 
                        $insertStmt->bindParam(':QVARNR', $quizVariant);  
144
 
                        $insertStmt->bindParam(':COCCASION', $_SESSION['courseOccasion']);
145
 
                        $insertStmt->execute();
146
 
 
147
 
                        echo json_encode($quizVariantData);     
148
 
                        exit();
149
 
                } else {
150
 
                        echo json_encode(array('Error' => 'No quiz variants found'));
151
 
                        exit();
152
 
                }
153
 
        }
154
 
 
155
 
} else {
156
 
        //TODO: Store login attempt in log-table
157
 
        echo json_encode(array('Error' => 'Student not registered for this course'));
158
 
        exit();
159
 
}
160
 
} else { //Sent login name does not match the login name stored in the session
161
 
        echo json_encode(array('Error' => 'Sent login name does not match stored login name'));
162
 
}
163
 
?>
 
 
b'\\ No newline at end of file'