Fix a possible race condition in the PaintWeb DML code.
[moodle/mihaisucan.git] / mod / exercise / submissions.php
blob68d5bb4d9b3f4f115b07d5770bbc19cb070a08eb
1 <?php // $Id$
3 /*************************************************
4 ACTIONS handled are:
6 adminamendtitle
7 adminclearlate
8 adminconfirmdelete
9 admindelete
10 adminlateflag
11 adminlist
12 displayfinalgrades (teachers only)
13 listforassessmentstudent
14 listforassessmentteacher
15 saveweights
16 userconfirmdelete
17 userdelete
20 ************************************************/
22 require_once("../../config.php");
23 require_once("lib.php");
24 require_once("locallib.php");
25 require_once("version.php");
27 $id = required_param('id', PARAM_INT); // Course Module ID
28 $action = required_param('action', PARAM_ALPHA);
29 $aid = optional_param('aid', 0, PARAM_INT);
30 $sid = optional_param('sid', 0, PARAM_INT);
31 $title = optional_param('title', '', PARAM_CLEAN);
33 // get some essential stuff...
34 if (! $cm = get_coursemodule_from_id('exercise', $id)) {
35 error("Course Module ID was incorrect");
38 if (! $course = get_record("course", "id", $cm->course)) {
39 error("Course is misconfigured");
42 if (! $exercise = get_record("exercise", "id", $cm->instance)) {
43 error("Course module is incorrect");
46 require_login($course->id, false, $cm);
48 $strexercises = get_string("modulenameplural", "exercise");
49 $strexercise = get_string("modulename", "exercise");
50 $strsubmissions = get_string("submissions", "exercise");
52 // ... print the header and...
53 $navigation = build_navigation($strsubmissions, $cm);
54 print_header_simple(format_string($exercise->name), "", $navigation,
55 "", "", true);
58 /******************* admin amend title ************************************/
59 if ($action == 'adminamendtitle' ) {
61 if (!isteacher($course->id)) {
62 error("Only teachers can look at this page");
64 if (empty($sid)) {
65 error("Admin Amend Title: submission id missing");
68 $submission = get_record("exercise_submissions", "id", $sid);
69 print_heading(get_string("amendtitle", "exercise"));
71 <form id="amendtitleform" action="submissions.php" method="post">
72 <input type="hidden" name="action" value="adminupdatetitle" />
73 <input type="hidden" name="id" value="<?php echo $cm->id ?>" />
74 <input type="hidden" name="sid" value="<?php echo $sid ?>" />
75 <center>
76 <table celpadding="5" border="1">
77 <?php
79 // now get the comment
80 echo "<tr valign=\"top\">\n";
81 echo " <td align=\"right\"><p><b>". get_string("title", "exercise").":</b></p></td>\n";
82 echo " <td>\n";
83 echo " <input type=\"text\" name=\"title\" size=\"60\" maxlength=\"100\" value=\"$submission->title\" />\n";
84 echo " </td></tr></table>\n";
85 echo "<input type=\"submit\" value=\"".get_string("amendtitle", "exercise")."\" />\n";
86 echo "</center></form>\n";
91 /******************* admin clear late (flag) ************************************/
92 elseif ($action == 'adminclearlate' ) {
94 if (!isteacher($course->id)) {
95 error("Only teachers can look at this page");
97 if (empty($sid)) {
98 error("Admin clear late flag: submission id missing");
101 if (!$submission = get_record("exercise_submissions", "id", $sid)) {
102 error("Admin clear late flag: can not get submission record");
104 if (set_field("exercise_submissions", "late", 0, "id", $sid)) {
105 print_heading(get_string("clearlateflag", "exercise")." ".get_string("ok"));
108 add_to_log($course->id, "exercise", "late flag cleared", "view.php?id=$cm->id", "submission $submission->id");
110 redirect("submissions.php?id=$cm->id&amp;action=adminlist");
114 /******************* admin confirm delete ************************************/
115 elseif ($action == 'adminconfirmdelete' ) {
117 if (!isteacher($course->id)) {
118 error("Only teachers can look at this page");
120 if (empty($sid)) {
121 error("Admin confirm delete: submission id missing");
123 if (!$submission = get_record("exercise_submissions", "id", $sid)) {
124 error("Admin delete: can not get submission record");
127 if (isteacher($course->id, $submission->userid)) {
128 if (!isteacheredit($course->id)) {
129 error("Only teacher with editing permissions can delete teacher submissions.");
131 if ($assessments = exercise_get_assessments($submission)) {
132 echo "<p align=\"center\">".get_string("deletesubmissionwarning", "exercise", count($assessments)).
133 "</p>\n";
136 notice_yesno(get_string("confirmdeletionofthisitem","exercise", get_string("submission", "exercise")),
137 "submissions.php?action=admindelete&amp;id=$cm->id&amp;sid=$sid", "submissions.php?id=$cm->id&amp;action=adminlist");
141 /******************* admin delete ************************************/
142 elseif ($action == 'admindelete' ) {
144 if (!isteacher($course->id)) {
145 error("Only teachers can look at this page");
147 if (empty($sid)) {
148 error("Admin delete: submission id missing");
151 if (!$submission = get_record("exercise_submissions", "id", $sid)) {
152 error("Admin delete: can not get submission record");
154 print_string("deleting", "exercise");
155 // first get any assessments...
156 if ($assessments = exercise_get_assessments($submission)) {
157 foreach($assessments as $assessment) {
158 // ...and all the associated records...
159 delete_records("exercise_grades", "assessmentid", $assessment->id);
160 echo ".";
162 // ...now delete the assessments...
163 delete_records("exercise_assessments", "submissionid", $submission->id);
165 // ...and the submission record...
166 delete_records("exercise_submissions", "id", $submission->id);
167 // ..and finally the submitted file
168 exercise_delete_submitted_files($exercise, $submission);
169 add_to_log($course->id, "exercise", "delete", "view.php?id=$cm->id", "submission $submission->id");
171 print_continue("submissions.php?id=$cm->id&amp;action=adminlist");
175 /******************* admin (confirm) late flag ************************************/
176 elseif ($action == 'adminlateflag' ) {
178 if (!isteacher($course->id)) {
179 error("Only teachers can look at this page");
181 if (empty($sid)) {
182 error("Admin confirm late flag: submission id missing");
184 if (!$submission = get_record("exercise_submissions", "id", $sid)) {
185 error("Admin confirm late flag: can not get submission record");
188 notice_yesno(get_string("clearlateflag","exercise")."?",
189 "submissions.php?action=adminclearlate&amp;id=$cm->id&amp;sid=$sid",
190 "submissions.php?id=$cm->id&amp;action=adminlist");
194 /******************* list all submissions ************************************/
195 elseif ($action == 'adminlist' ) {
197 if (!isteacher($course->id)) {
198 error("Only teachers can look at this page");
201 echo "<p><small>Exercise Version-> $module->version</small></p>";
202 exercise_list_submissions_for_admin($exercise);
203 print_continue("view.php?id=$cm->id");
208 /******************* admin update title ************************************/
209 elseif ($action == 'adminupdatetitle' ) {
211 if (!isteacher($course->id)) {
212 error("Only teachers can look at this page");
214 if (empty($sid)) {
215 error("Admin Update Title: submission id missing");
218 if (set_field("exercise_submissions", "title", $title, "id", $sid)) {
219 print_heading(get_string("amendtitle", "exercise")." ".get_string("ok"));
221 redirect("submissions.php?id=$cm->id&amp;action=adminlist");
225 /*************** display final grades (by teacher) ***************************/
226 elseif ($action == 'displayfinalgrades') {
227 $groupid = get_current_group($course->id);
228 // Get all the students
229 if (!$users = get_course_students($course->id, "u.lastname, u.firstname")) {
230 print_heading(get_string("nostudentsyet"));
231 print_footer($course);
232 exit;
235 // show the final grades as stored in the tables...
236 print_heading_with_help(get_string("displayoffinalgrades", "exercise"), "finalgrades", "exercise");
237 echo "<center><table border=\"1\" width=\"90%\"><tr>\n";
238 echo "<td><b>".$course->student."</b></td>";
239 echo "<td><b>".get_string("submission", "exercise")."</b></td>";
240 echo "<td align=\"center\"><b>".get_string("gradeforassessment", "exercise")."</b></td>";
241 echo "<td align=\"center\"><b>".get_string("gradeforsubmission", "exercise")."</b></td>";
242 echo "<td align=\"center\"><b>".get_string("overallgrade", "exercise")."</b></td></tr>\n";
243 // now the weights
244 echo "<tr><td><b>".get_string("maximumgrade")."</b></td>";
245 echo "<td><b>&nbsp;</b></td>\n";
246 echo "<td align=\"center\"><b>$exercise->gradinggrade</b></td>\n";
247 echo "<td align=\"center\"><b>$exercise->grade</b></td>\n";
248 echo "<td><b>&nbsp;</b></td></tr>\n";
249 foreach ($users as $user) {
250 // check group membership, if necessary
251 if ($groupid) {
252 // check user's group
253 if (!groups_is_member($groupid, $user->id)) {
254 continue; // skip this user
257 // first get user's own assessment reord, it should contain their grading grade
258 if ($ownassessments = exercise_get_user_assessments($exercise, $user)) {
259 foreach ($ownassessments as $ownassessment) {
260 break; // there should only be one
263 else {
264 $ownassessment->gradinggrade = 0;
266 if ($submissions = exercise_get_user_submissions($exercise, $user)) {
267 foreach ($submissions as $submission) {
268 if ($assessments = exercise_get_assessments($submission)) {
269 foreach ($assessments as $assessment) { // (normally there should only be one
270 $gradinggrade = number_format($ownassessment->gradinggrade * $exercise->gradinggrade /
271 100.0, 1);
272 $grade = number_format($assessment->grade * $exercise->grade / 100.0, 1);
273 $overallgrade = number_format(($assessment->grade * $exercise->grade / 100.0) +
274 ($ownassessment->gradinggrade * $exercise->gradinggrade / 100.0), 1);
275 if ($submission->late) {
276 $grade = "<font color=\"red\">(".$grade.")</font>";
277 $overallgrade = "<font color=\"red\">(".$overallgrade.")</font>";
279 echo "<tr><td>".fullname($user)."</td>\n";
280 echo "<td>".exercise_print_submission_title($exercise, $submission)."</td>\n";
281 echo "<td align=\"center\">$gradinggrade</td>";
282 echo "<td align=\"center\">$grade</td>";
283 echo "<td align=\"center\">$overallgrade</td></tr>\n";
289 echo "</table><br clear=\"all\" />\n";
290 if ($exercise->showleaguetable) {
291 exercise_print_league_table($exercise);
292 echo "<br />\n";
294 echo get_string("maximumgrade").": $exercise->grade\n";
295 print_continue("view.php?id=$cm->id");
299 /******************* list for assessment student (submissions) ************************************/
300 elseif ($action == 'listforassessmentstudent' ) {
301 if (!$users = get_course_students($course->id)) {
302 print_heading(get_string("nostudentsyet"));
303 print_footer($course);
304 exit;
306 if (!isteacher($course->id)) {
307 error("Only teachers can look at this page");
309 exercise_list_unassessed_student_submissions($exercise, $USER);
310 print_continue("view.php?id=$cm->id");
315 /******************* list for assessment teacher (submissions) ************************************/
316 elseif ($action == 'listforassessmentteacher' ) {
317 if (!$users = get_course_students($course->id)) {
318 print_heading(get_string("nostudentsyet"));
319 print_footer($course);
320 exit;
322 exercise_list_unassessed_teacher_submissions($exercise, $USER);
323 print_continue("view.php?id=$cm->id");
328 /****************** save league table entries and anonimity setting (by teacher) **************/
329 elseif ($action == 'saveleaguetable') {
331 $form = (object)$_POST;
333 if (!isteacher($course->id)) {
334 error("Only teachers can look at this page");
337 // save the number of league table entries from the form...
338 if ($form->nentries == 'All') {
339 $nentries = 99;
340 } else {
341 $nentries = $form->nentries;
343 // ...and save it
344 set_field("exercise", "showleaguetable", $nentries, "id", "$exercise->id");
346 // ...and save the anonimity setting
347 set_field("exercise", "anonymous", $form->anonymous, "id", "$exercise->id");
349 redirect("submissions.php?id=$cm->id&amp;action=adminlist", get_string("entriessaved", "exercise"));
352 /*************** save weights (by teacher) ***************************/
353 elseif ($action == 'saveweights') {
355 $form = (object)$_POST;
357 if (!isteacher($course->id)) {
358 error("Only teachers can look at this page");
361 // save the weights from the form...
362 if (isset($form->teacherweight)) {
363 $teacherweight = $form->teacherweight;
364 // ...and save them
365 set_field("exercise", "teacherweight", $teacherweight, "id", "$exercise->id");
368 if (isset($form->gradingweight)) {
369 $gradingweight = $form->gradingweight;
370 // ...and save them
371 set_field("exercise", "gradingweight", $gradingweight, "id", "$exercise->id");
374 redirect("submissions.php?id=$cm->id&amp;action=adminlist", get_string("weightssaved", "exercise"));
378 /******************* user confirm delete ************************************/
379 elseif ($action == 'userconfirmdelete' ) {
381 if (empty($sid)) {
382 error("User Confirm Delete: submission id missing");
385 notice_yesno(get_string("confirmdeletionofthisitem","exercise", get_string("submission", "exercise")),
386 "submissions.php?action=userdelete&amp;id=$cm->id&amp;sid=$sid", "view.php?id=$cm->id");
390 /******************* user delete ************************************/
391 elseif ($action == 'userdelete' ) {
393 if (empty($sid)) {
394 error("User Delete: submission id missing");
397 if (!$submission = get_record("exercise_submissions", "id", $sid)) {
398 error("User Delete: can not get submission record");
400 print_string("deleting", "exercise");
401 // first get any assessments...
402 if ($assessments = exercise_get_assessments($submission)) {
403 foreach($assessments as $assessment) {
404 // ...and all the associated records...
405 delete_records("exercise_grades", "assessmentid", $assessment->id);
406 echo ".";
408 // ...now delete the assessments...
409 delete_records("exercise_assessments", "submissionid", $submission->id);
411 // ...and the submission record...
412 delete_records("exercise_submissions", "id", $submission->id);
413 // ..and finally the submitted file
414 exercise_delete_submitted_files($exercise, $submission);
415 add_to_log($course->id, "exercise", "delete", "view.php?id=$cm->id", "submission $submission->id");
417 print_continue("view.php?id=$cm->id");
421 /*************** no man's land **************************************/
423 else {
425 error("Fatal Error: Unknown Action: ".$action."\n");
430 print_footer($course);