forked from laozhoubuluo/HomeworkManager
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhomework.php
More file actions
executable file
·233 lines (224 loc) · 8.8 KB
/
homework.php
File metadata and controls
executable file
·233 lines (224 loc) · 8.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
<?php
/*
作業上傳系统独立精简版 v1
原始版本作者:CopyRight(C) 程式设计 Coding axer@tc.edu.tw 20120216-0314
修改版本作者:CopyRight(C) 老周部落
版权宣告:本程式遵从GNUv3规范 http://www.gnu.org/licenses/gpl.html
使用者作業管理程式
*/
include "includes/init.php";
include "includes/homework.class.php";
$obj = new Homework_class();
$obj->DB= $DB;
$obj->f = $f;
$obj->SetSession($_SESSION);
// $obj->InitAllCatArr();
//For index only
$view->caching = 0;
//$view->compile_check = true;
//$view->cache_lifetime = 10800; //3 hours
$view->assign('obj', $obj);
$view->assign('f', "HW");
switch($f){
case "ChkCanUpload": //AJAX
$hID = (int)$_POST['sn'];
$upPasswd= isset( $_POST['p'])?$_POST['p']:"";
print $IsOk= $obj->CheckCanUpload($hID, $upPasswd);
break;
case "DlHwIframe":
$sn = (int)$obj->LongDecode($_GET['c']);
$obj->SendFile2Browser($sn);
break;
case "DoMyHw":
$wt=5000;
$sn = (int)$obj->LongDecode($_POST['c']);
$crypt = md5($_POST['passwd']);
$IsOk= $obj->CheckHwPasswd($sn, $crypt);
if($IsOk <0){
$msg="密碼錯誤,操作失敗 Err{$IsOk}";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , $wt);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
switch($_POST['o']){
case 'd':
$IsOk =$obj->ProcDelOneUploadHw( $sn );
if( $IsOk>0 ) { $msg ="檔案删除成功 <br />"; $wt=2000; }
else $msg = "檔案删除失敗 Err{$IsOk}";
break;
case 'dl':
$view->assign('sn', $sn);
$view->assign('c', $_POST['c']);
$view->display('HwDownloadPage.mtpl');
exit; //中止
break;
case 'm':
$view->assign('sn', $sn);
$view->display('HwModPage.mtpl');
exit; //中止
break;
default:
$msg="不明的操作錯誤Err-11";
break;
}
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , $wt);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
case "ModMyHw":
$sn = (int)$obj->LongDecode($_POST['snc']);
$arr= array();
$row = $obj-> GetOneUploadHw($sn);
//判断作業編號是否正确
if(!isset($row['hID']) || $row['hID']<= 0){
$msg="錯誤的作業編號Err-12";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
//判断作業是否在可上傳状态
$ret = $obj-> GetOneHw($row['hID']);
if ($ret['canUpload'] == 0){
$msg="檔案修改失敗,非上傳时间Err-3";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
//从POST请求中获取学号、姓名
$cid = mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cid'] ));//学号
$cname = mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cname'] ));//姓名
if(!$obj-> CheckCidByRegex($cid, $row['hID'])){
$msg="您输入的学号不符合管理员在后台设置的正则表达式,请重新输入!";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
if($_FILES['MyFile']['size']>0){ // 有上傳新档
//通过数据库获取作業标题,并将其传送给ProcUpFiles, 作業标准化命名需求
$title = $obj-> GetHwTitle($row['hID']);
$imgDir = HWPREFIX ."{$row['hID']}/"; //ex: 2008DecMedia/
if(empty($obj->GetHwFolderNameFormat($row['hID']))) {
$foldername = '';
} else {
$foldername = $obj->GetHwFolderNameFormat($row['hID']) . "/"; //ex: xx00/
}
if(empty($obj->GetHwFileNameFormat($row['hID']))) {
$rd= date('dis');
$filename = "\$title-\$cid-". $rd .".\$ext";
} else {
$filename = $obj->GetHwFileNameFormat($row['hID']);
}
$IsOk= $obj->ProcUpFiles($_FILES['MyFile'], $imgDir, $rrr, $title, $cid, $cname, $foldername, $filename);
if( $IsOk >0){ $arr= $rrr; }
else $msg="檔案上傳失敗 Err{$IsOk}";
} else {
$hwcheck = $obj-> GetOneUploadHw($sn);
if ($hwcheck['cid'] != $cid || $hwcheck['cname'] != $cname){
$msg="如需修改学号及姓名,请重新上傳文档!";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
} else {
$IsOk = 1;//无上傳文件直接标记为成功
}
}
$arr['sn']= $sn;
$arr['modPasswd']= $_POST['passwd'];
$arr['remark']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['remark'] ));
$arr['cid']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cid'] ));//学号
$arr['cname']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cname'] ));//姓名
$arr['uDT']=time();
if( !$row)$msg = "修改失敗,参数錯誤 Err-13";
else {
if( $IsOk>0 ){ $IsOk =$obj->ProcModMyHw ( $arr ); }//文件上傳成功再修改数据库
if( $IsOk>0 ){ $msg ="檔案修改成功 <br />"; }
else $msg = "檔案修改失敗 Err{$IsOk}";
}
$msg .= $obj->JS_CntDn( SITE_URL ."?f=HwDetail&c={$obj->LongEncode($row['hID'])}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
case "UploadHw":
$hID = (int)$_POST['hID'];
$upPasswd= isset( $_POST['upPasswd'])?$_POST['upPasswd']:"";
$IsOk= $obj->CheckCanUpload($hID, $upPasswd);
if( $IsOk <=0){
if($IsOk ==-3) $msg ="檔案上傳失敗,非上傳时间 Err{$IsOk}";
elseif($IsOk ==-4) $msg ="檔案上傳失敗,上傳密码錯誤 Err{$IsOk}";
else $msg= "檔案上傳失敗 Err{$IsOk}";
$msg .= $obj->JS_CntDn( SITE_URL . "?f=HwDetail&c={$obj->LongEncode($hID)}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
//从POST请求中获取学号、姓名,通过数据库获取作業标题,并将其传送给ProcUpFiles, 作業标准化命名需求
$cid = mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cid'] ));//学号
$cname = mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cname'] ));//姓名
$title = $obj-> GetHwTitle($hID);
if(!$obj-> CheckCidByRegex($cid, $hID)){
$msg="您输入的学号不符合管理员在后台设置的正则表达式,请重新输入!";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
/*
if($obj-> CheckUploadStatusByCid($cid, $hID)){
$msg="本学号已经上傳过作業,请使用编辑功能或删除后重新上傳!";
$msg .= $obj->JS_CntDn( "{$_SESSION['currURL']}" , 5000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
*/
$imgDir = HWPREFIX .$hID. "/"; //ex: xx00/
if(empty($obj->GetHwFolderNameFormat($hID))) {
$foldername = '';
} else {
$foldername = $obj->GetHwFolderNameFormat($hID) . "/"; //ex: xx00/
}
if(empty($obj->GetHwFileNameFormat($hID))) {
$rd= date('dis');
$filename = "\$title-\$cid-". $rd .".\$ext";
} else {
$filename = $obj->GetHwFileNameFormat($hID);
}
$IsOk= $obj->ProcUpFiles($_FILES['MyFile'], $imgDir, $rrr, $title, $cid, $cname, $foldername, $filename);
$msg="";
if( $IsOk >0){
$arr=$rrr;
$arr['hID']=$hID;
$arr['modPasswd']= $_POST['passwd'];
$arr['remark']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['remark'] ));
$arr['cid']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cid'] ));
$arr['cname']= mysqli_real_escape_string($obj->DB->_connectionID, trim( $_POST['cname'] ));
$arr['cDT']=time();
$arr['uDT']=$arr['cDT']; //第一次上傳时,更新时间与新增时间相同
$IsOk =$obj->ProcAddHwUpload( $arr );
if( $IsOk>0 ) $msg .="檔案上傳儲存成功 <br />";
else $msg .= "檔案上傳儲存失敗 Err{$IsOk}";
}else{
if($IsOk ==-1) $msg ="檔案傳輸錯誤 Err{$IsOk}";
elseif($IsOk ==-4) $msg ="檔案類型不被允許 Err{$IsOk}";
else $msg= "目錄建立失敗,请检查目錄權限是否可供寫入 Err{$IsOk}";
}
$msg .= $obj->JS_CntDn( SITE_URL . "?f=HwDetail&c={$obj->LongEncode($hID)}" , 3000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
case "View":
$sn = (int)$obj->LongDecode($_GET['c']);
$IsOk= $obj->SendFile2Browser($sn);
break;
default:
$msg = "連結錯誤,3秒後導至首頁{$f}". $obj->JS_CntDn( SITE_URL ,3000);
$view->assign('msg', $msg);
$view->display('Message.mtpl');
break;
}
?>