aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFriedrich Beckmann <friedrich.beckmann@gmx.de>2026-01-30 17:59:23 +0100
committerFriedrich Beckmann <friedrich.beckmann@gmx.de>2026-01-30 17:59:23 +0100
commitd0fce093ef2f16fc2897baf7ddf93b6f969890bf (patch)
treec39446943c2a36c4bafcaa5e1640d3ea85721a90
initial commit
The first prototype where you can upload student data from moodle and change the marks. In student view the results for the logged in person can be viewed.
Diffstat
-rw-r--r--ReadMe.md28
-rw-r--r--admin-addusers.php226
-rw-r--r--admin-show.php154
-rw-r--r--admin-update.php39
-rw-r--r--database.php138
-rw-r--r--index.php46
-rw-r--r--login.php47
-rw-r--r--logout.php18
-rw-r--r--setup.php93
-rw-r--r--show-user.php133
10 files changed, 922 insertions, 0 deletions
diff --git a/ReadMe.md b/ReadMe.md
new file mode 100644
index 0000000..5bb50d2
--- /dev/null
+++ b/ReadMe.md
@@ -0,0 +1,28 @@
+# praktrack - Verwaltung von Portfolioprüfungen
+
+Mit diesem Webtool können die Teilleistungen von den
+Portfolioprüfungen Digitaltechnik und Technische Informatik
+verwaltet werden. Portfolioprüfungen bestehen aus
+
+ * Laborteil der bestanden/nicht bestanden sein kann
+ * Klausur mit einer Note
+
+Erst wenn beide Prüfungsteile erfolgreich absolviert sind,
+wird die Note ans Prüfungsamt gemeldet.
+
+## Ansicht der Studenten
+
+Die Studenten authentifizieren sich über ldap und können dann die eigenen Daten einsehen.
+
+## Adminansicht
+
+Als Admin kann man Studenten für ein Semester und eine Prüfung (ti/dt) anlegen und dann die Prüfungsergebnisse ändern.
+
+## Anlegen der Studentendaten
+
+Die Prüfungsteilnehmer werden über die Daten aus dem Moodlekurs
+in das Tool importiert. Dazu werden die Teilnehmerdaten des Moodlekurses als .csv exportiert und dann in praktrack importiert.
+
+## Eingabe der Prüfungsergebnisse
+
+Die Prüfungsergebnisse werden in der Listenansicht eingegeben und mit dem Knopf "update" in die Datenbank gespeichert.
diff --git a/admin-addusers.php b/admin-addusers.php
new file mode 100644
index 0000000..880a535
--- /dev/null
+++ b/admin-addusers.php
@@ -0,0 +1,226 @@
+<?php
+include "setup.php";
+my_session_start();
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+if ($login !== "admin") {
+ header("Location: index.php");
+ exit;
+}
+?>
+<!DOCTYPE html>
+<html>
+<body>
+<h1>Add Users</h1>
+<table>
+<tr>
+<td>
+ <a href="admin-addusers.php">Add students</a>
+</td>
+<td>
+ <a href="admin-show.php">Show students</a>
+</td>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<p> Die Teilnehmer werden aus dem Moodlekurs der Veranstaltung übernommen.
+ Dazu die Teilnehmer als csv exportieren. Die csv Datei
+ dann mit den Angaben zum Kurs und zum Semester hier hochladen. Die
+ csv Datei enthält die Namen, Matrikelnummer und die Gruppen.
+</p>
+
+<?php
+
+if (!empty($_POST["upload"]) and $_POST["upload"] === "upload") {
+ $pfach = $_POST["fach"];
+ $psemester = $_POST["semester"];
+ $newstudents = [];
+ $newgroups = [];
+} else {
+ $pfach = empty($_SESSION["fach"]) ? "" :$_SESSION["fach"];
+ $psemester = empty($_SESSION["semester"]) ? "" :$_SESSION["semester"];
+ $newstudents = empty($_SESSION["newstudents"]) ? [] :$_SESSION["newstudents"];
+ $newgroups = empty($_SESSION["newgroups"]) ? [] :$_SESSION["newgroups"];
+}
+
+unset($_SESSION["newstudents"]);
+unset($_SESSION["newgroups"]);
+unset($_SESSION["fach"]);
+unset($_SESSION["semester"]);
+
+
+// Check if student is in any group. If the student is found
+// return the first groupname, otherwise FALSE
+function is_student_in_any_group($matrikelnummer, $grouplist) {
+ if (empty($grouplist) or empty($matrikelnummer)) {
+ return FALSE;
+ }
+ foreach ($grouplist as $gname => $teilnehmerliste) {
+ if (in_array($matrikelnummer, $teilnehmerliste)) {
+ return $gname;
+ }
+ }
+}
+
+function parseuserfile($fname) {
+ global $pfach,$psemester,$newstudents,$newgroups,$students,$groups;
+ if (($fh = fopen($fname, "r")) !== FALSE) {
+ while (($line = fgetcsv($fh, 1000, ",", "\"", ""))) {
+ $vorname = $line[0];
+ $nachname = $line[1];
+ $matrikelnummer = is_numeric($line[2]) ? $line[2] : "";
+ $student = array (
+ "vorname" => $vorname,
+ "nachname" => $nachname,
+ "noten" => array (
+ $pfach => []
+ )
+ );
+ $newgruppe = "";
+ if (!empty($line[4])) {
+ $gruppen = str_getcsv($line[4],",","\"","");
+ foreach ($gruppen as $gruppe) {
+ if (preg_match("/.*-G[0-9].*/u", $gruppe) or
+ preg_match("/G[0-9].*/u", $gruppe) ) {
+ $newgruppe = trim($gruppe);
+ }
+ }
+ }
+
+ if (empty($newgruppe) or empty($matrikelnummer)) {
+ echo "<p>WARNING: $vorname $nachname has no group or no matrikelnummer.</p>";
+ } elseif (!empty($groups[$psemester][$pfach]) and
+ $gname = is_student_in_any_group($matrikelnummer, $groups[$psemester][$pfach])) {
+ echo "<p>WARNING: $matrikelnummer is already in $gname in database.</p>";
+ } elseif ($gname = is_student_in_any_group($matrikelnummer, $newgroups)) {
+ echo "<p>WARNING: $matrikelnummer is already in $gname in this file</p>";
+ } else {
+ if (empty($students[$matrikelnummer])) {
+ //db_student_new($matrikelnummer,$student);
+ echo "<p>Adding student $matrikelnummer</p>";
+ $newstudents[$matrikelnummer] = $student;
+ } elseif (!array_key_exists($pfach,$students[$matrikelnummer]["noten"])) {
+ echo "<p>Adding $pfach to student $matrikelnummer</p>";
+ $newstudents[$matrikelnummer] = $student;
+ } else {
+ echo "<p>WARNING: student $matrikelnummer is already in database.</p>";
+ }
+ if (empty($groups[$psemester][$pfach][$newgruppe])) {
+ if (empty($newgroups[$newgruppe])) {
+ $newgroups[$newgruppe] = [$matrikelnummer];
+ } elseif (!in_array($matrikelnummer,$newgroups[$newgruppe])) {
+ $newgroups[$newgruppe][] = $matrikelnummer;
+ } else {
+ echo "<p>WARNING: student $matrikelnummer is already in group $newgruppe</p>";
+ }
+ } elseif (!in_array($matrikelnummer,$groups[$psemester][$pfach][$newgruppe])) {
+ echo "<p>ERROR: TODO group $newgruppe without $matrikelnummer already in database but </p>";
+ } else {
+ echo "<p>WARNING: group $newgruppe with $matrikelnummer already in database</p>";
+ }
+ }
+ //echo "<p>",$vorname,$nachname,$matrikelnummer,$newgruppe,"</p>";
+ }
+ ksort($newgroups);
+ $_SESSION["newstudents"] = $newstudents;
+ $_SESSION["newgroups"] = $newgroups;
+ $_SESSION["fach"] = $pfach;
+ $_SESSION["semester"] = $psemester;
+ } else {
+ echo "<p>Error: Could not open file</p>";
+ return FALSE;
+ }
+ return;
+}
+
+echo "<form action=\"admin-addusers.php\" method=\"post\" enctype=\"multipart/form-data\">";
+echo "<label for \"fach\">Fach: </label>";
+echo "<select name=\"fach\">";
+foreach ($pfp as $fach => $value) {
+ echo "<option value=\"$fach\">$fach</option>";
+}
+echo "</select>";
+echo "<select name=\"semester\">";
+foreach ($semester as $semestername) {
+ echo "<option value=\"$semestername\">$semestername</option>";
+}
+echo "</select>";
+echo "<input type=\"file\" name=\"csvfile\" id=\"csvfile\">";
+echo "<input type=\"submit\" name=\"upload\" value=\"upload\">";
+
+if (!empty($_POST["save"]) and $_POST["save"] === "save") {
+ foreach ($newstudents as $matrikelnummer => $student) {
+ if (empty($students[$matrikelnummer])) {
+ db_student_new($matrikelnummer,$student);
+ } elseif (empty($students[$matrikelnummer]["noten"][$pfach])) {
+ db_student_add_fach($matrikelnummer,$pfach);
+ } else {
+ echo "<p>ERROR: $matrikelnummer with $pfach already in database.</p>";
+ }
+ }
+ foreach ($newgroups as $gname => $teilnehmerarray) {
+ db_group_new($psemester,$pfach,$gname,$teilnehmerarray);
+ }
+ $newstudents = [];
+ $newgroups = [];
+ echo "<h1>Saved.</h1>";
+} elseif (!empty($_POST["cancel"]) and $_POST["cancel"] === "cancel") {
+ $newstudents = [];
+ $newgroups = [];
+ echo "<h1>Canceled.</h1>";
+} elseif (!empty($_POST["upload"]) and $_POST["upload"] === "upload") {
+ $fname = $_FILES["csvfile"]["tmp_name"];
+ $ftype = $_FILES["csvfile"]["type"];
+
+ if (!empty($fname)) {
+ if ($ftype !== "text/csv") {
+ echo "<p>ERROR: Filetype must be csv</p>";
+ } else {
+ parseuserfile($fname);
+ }
+ }
+}
+if (!empty($newstudents) or !empty($newgroups)) {
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Semester</th>";
+ echo "<th>Prüfung</th>";
+ echo "<th>Gruppe</th>";
+ echo "<th>Nachname</th>";
+ echo "<th>Vorname</th>";
+ echo "</tr>";
+ foreach ($newgroups as $gname => $teilnehmera) {
+ foreach ($teilnehmera as $matrikelnummer) {
+ if (!empty($newstudents[$matrikelnummer])) {
+ $vorname = $newstudents[$matrikelnummer]["vorname"];
+ $nachname = $newstudents[$matrikelnummer]["nachname"];
+ } else {
+ $vorname = $students[$matrikelnummer]["vorname"];
+ $nachname = $students[$matrikelnummer]["nachname"];
+ }
+ echo "<tr>";
+ echo "<td>",$psemester,"</td>";
+ echo "<td>",$pfach,"</td>";
+ echo "<td>",$gname,"</td>";
+ echo "<td>",$nachname,"</td>";
+ echo "<td>",$vorname,"</td>";
+ echo "</tr>";
+ }
+ }
+ echo "</table>";
+
+ echo "<input type=\"submit\" name=\"save\" value=\"save\">";
+ echo "<input type=\"submit\" name=\"cancel\" value=\"cancel\">";
+}
+
+echo "</form>";
+
+?>
+
+</body>
+</html> \ No newline at end of file
diff --git a/admin-show.php b/admin-show.php
new file mode 100644
index 0000000..10394d8
--- /dev/null
+++ b/admin-show.php
@@ -0,0 +1,154 @@
+<?php
+include "setup.php";
+if (session_status() === PHP_SESSION_NONE) {
+ my_session_start();
+}
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login !== "admin") {
+ header("Location: index.php");
+ exit;
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<body>
+<h1>Listenansicht</h1>
+
+<table>
+<tr>
+<td>
+ <a href="admin-addusers.php">Add students</a>
+</td>
+<td>
+ <a href="admin-show.php">Show students</a>
+</td>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<?php
+
+
+// If we pushed the update button, update the database
+if (!empty($_POST["update"])) {
+ include "admin-update.php";
+}
+
+//var_dump($_POST);
+
+if (!empty($_POST["note"])) {
+ //var_dump($_POST["note"]);
+}
+
+if (!empty($_POST["semester"])) {
+ $selectedsemester = $_POST["semester"];
+} else {
+ $selectedsemester = "alle";
+}
+if (!empty($_POST["pruefung"])) {
+ $selectedpruefung = $_POST["pruefung"];
+} else {
+ $selectedpruefung = "alle";
+}
+echo "<form action=\"admin-show.php\" method=\"post\">";
+echo "<table>";
+echo "<tr>";
+echo "<th>Semester</th>";
+echo "<th>Prüfung</th>";
+echo "<th>Gruppe</th>";
+echo "<th>Nachname</th>";
+echo "<th>Vorname</th>";
+echo "<th>Labor</th>";
+echo "<th>Klausur</th>";
+echo "</tr>";
+echo "<tr>";
+echo "<td>";
+echo "<select name=\"semester\">";
+if ($selectedsemester === "alle") {
+echo "<option value=\"alle\" selected>alle</option>";
+} else {
+echo "<option value=\"alle\">alle</option>";
+}
+foreach ($semester as $semestername) {
+ if ($selectedsemester === $semestername) {
+ echo "<option value=\"$semestername\" selected>$semestername</option>";
+ } else {
+ echo "<option value=\"$semestername\">$semestername</option>";
+ }
+}
+echo "</select>";
+echo "</td>";
+echo "<td>";
+echo "<select name=\"pruefung\">";
+if ($selectedpruefung === "alle") {
+echo "<option value=\"alle\" selected>alle</option>";
+} else {
+echo "<option value=\"alle\">alle</option>";
+}
+foreach ($pfp as $pruefung => $value) {
+ if ($selectedpruefung === $pruefung) {
+ echo "<option value=\"$pruefung\" selected>$pruefung</option>";
+ } else {
+ echo "<option value=\"$pruefung\">$pruefung</option>";
+ }
+}
+echo "</select>";
+echo "</td>";
+echo "<td></td>";
+echo "<td>";
+echo "<input type=\"submit\" name=\"filter\" value=\"filter\">";
+echo "</td>";
+//echo "</form>";
+echo "</tr>";
+//echo "</table>";
+
+//echo "<form action=\"admin-show.php\" method=\"post\">";
+//echo "<table>";
+foreach ($groups as $semester => $pruefungen) {
+ if ($selectedsemester === "alle" or $selectedsemester === $semester) {
+ foreach ($pruefungen as $pruefung => $groupsperpruefung) {
+ if ($selectedpruefung === "alle" or $selectedpruefung === $pruefung) {
+ foreach ($groupsperpruefung as $groupname => $teilnehmerarray) {
+ foreach ($teilnehmerarray as $matrikelnummer) {
+ echo "<tr>";
+ echo "<td> $semester </td>";
+ echo "<td> $pruefung </td>";
+ echo "<td> $groupname </td>";
+ $student = $students[$matrikelnummer];
+ $nachname = $student["nachname"];
+ $vorname = $student["vorname"];
+ if (!empty($student["noten"][$pruefung]["klausur"])) {
+ $klausurnote = $student["noten"][$pruefung]["klausur"];
+ } else {
+ $klausurnote = "";
+ }
+ if (!empty($student["noten"][$pruefung]["labor"])) {
+ $labornote = $student["noten"][$pruefung]["labor"];
+ } else {
+ $labornote = "";
+ }
+ echo "<td><a href=\"show-user.php?matrikelnummer=$matrikelnummer\">$nachname</a></td>";
+ echo "<td> $vorname </td>";
+ echo "<td><input type=\"text\" name=\"note[$matrikelnummer][$pruefung][labor][$semester]\" value=\"$labornote\" size=2 maxlength=2></td>";
+ echo "<td><input type=\"text\" name=\"note[$matrikelnummer][$pruefung][klausur][$semester]\" value=\"$klausurnote\" size=3 maxlength=3></td>";
+ echo "</tr>";
+ }
+ }
+ }
+ }
+ }
+}
+echo "</table>";
+echo "<input type=\"submit\" name=\"update\" value=\"update\">";
+echo "</form>";
+?>
+
+</body>
+</html> \ No newline at end of file
diff --git a/admin-update.php b/admin-update.php
new file mode 100644
index 0000000..f0d3896
--- /dev/null
+++ b/admin-update.php
@@ -0,0 +1,39 @@
+<?php
+// Check the entries in the form and compare them with the
+// data in the database. If there are updates, then change
+// the data in the database and append the json file with
+// the changes.
+if (empty($_POST["note"])) {
+ return;
+}
+$notenneu = $_POST["note"];
+
+foreach ($notenneu as $matrikelnummer => $pruefungen) {
+ foreach ($pruefungen as $fach => $teilpruefungen) {
+ foreach ($teilpruefungen as $teilpruefung => $semesterliste) {
+ foreach ($semesterliste as $semestername => $note) {
+ if (!array_key_exists($fach,$students[$matrikelnummer]["noten"])) {
+ var_dump($students[$matrikelnummer]);
+ echo "<p>ERROR: Fach $fach bei $matrikelnummer existiert nicht</p>";
+ } else {
+ if (!empty($note) and (
+ empty($students[$matrikelnummer]["noten"][$fach][$teilpruefung]) or
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] !== $note)) {
+ if (($teilpruefung === "klausur" and in_array($note,$notenklausur) or
+ $teilpruefung === "labor" and in_array($note,$notenlabor))) {
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] = $note;
+ db_student_update_note($matrikelnummer,$fach,$teilpruefung,$note);
+ break;
+ } else {
+ var_dump($students[$matrikelnummer]);
+ echo "<p>ERROR: Note $note ungueltig fuer $matrikelnummer,$fach,$teilpruefung </p>";
+ }
+ }
+ }
+ }
+ }
+
+ }
+}
+
+?> \ No newline at end of file
diff --git a/database.php b/database.php
new file mode 100644
index 0000000..9c14920
--- /dev/null
+++ b/database.php
@@ -0,0 +1,138 @@
+<?php
+
+function db_student_new($matrikelnummer,$student) {
+ date_default_timezone_set("UTC");
+ $json_student_add = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "student_new",
+ "matrikelnummer" => $matrikelnummer,
+ "vorname" => $student["vorname"],
+ "nachname" => $student["nachname"],
+ "noten" => $student["noten"]
+ );
+ $json_string = json_encode($json_student_add, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+
+ //echo $json_string;
+}
+
+function db_student_add_fach($matrikelnummer,$fach) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "student_add_fach",
+ "matrikelnummer" => $matrikelnummer,
+ "fach" => $fach
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+}
+
+function db_student_update_note($matrikelnummer,$fach,$teilpruefung,$note) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "note_upd",
+ "fach" => $fach,
+ "teilpruefung" => $teilpruefung,
+ "note" => $note,
+ "matrikelnummer" => $matrikelnummer
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+}
+
+function db_group_new($semester,$fach,$gname,$teilnehmerarray) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "group_new",
+ "semester" => $semester,
+ "fach" => $fach,
+ "name" => $gname,
+ "teilnehmer" => $teilnehmerarray
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+ //echo $json_string;
+}
+
+function db_read () {
+ global $students,$groups,$pfp;
+ $fh = fopen("database.json", "r");
+ if ($fh === FALSE) {
+ echo "<p>Cannot open database.json</p>";
+ return FALSE;
+ }
+ while ($line = fgets($fh)) {
+ $cmd = json_decode($line,JSON_UNESCAPED_UNICODE);
+ switch ($cmd["cmd"]) {
+ case "student_new" :
+ $matrikelnummer = $cmd["matrikelnummer"];
+ if (empty($students[$matrikelnummer])) {
+ $students[$matrikelnummer]["vorname"] = $cmd["vorname"];
+ $students[$matrikelnummer]["nachname"] = $cmd["nachname"];
+ $students[$matrikelnummer]["noten"] = $cmd["noten"];
+ $fach = array_key_first($cmd["noten"]);
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." student new with ".$fach;
+ } else {
+ echo "<p>ERROR: Student ",$matrikelnummer," is already in database.</p>";
+ }
+ break;
+ case "student_add_fach" :
+ $matrikelnummer = $cmd["matrikelnummer"];
+ $fach = $cmd["fach"];
+ if (empty($students[$matrikelnummer])) {
+ echo "<p>ERROR: Cannot add $fach to $matrikelnummer as student is not in database.</p>";
+ } elseif (array_key_exists($fach,$students[$matrikelnummer]["noten"])) {
+ echo "<p>ERROR: $fach already exists for $matrikelnummer in database.</p>";
+ } else {
+ $students[$matrikelnummer]["noten"][$fach] = [];
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." add ".$fach;
+ }
+ break;
+ case "group_new" :
+ $semester = $cmd["semester"];
+ $fach = $cmd["fach"];
+ $gname = $cmd["name"];
+ if (empty($groups[$semester][$fach][$gname])) {
+ $groups[$semester][$fach][$gname] = $cmd["teilnehmer"];
+ } else {
+ echo "<p>ERROR: Group $gname for $fach in $semester is already in database.</p>";
+ }
+ break;
+ case "note_upd":
+ $fach = $cmd["fach"];
+ $teilpruefung = $cmd["teilpruefung"];
+ $matrikelnummer = $cmd["matrikelnummer"];
+ $note = $cmd["note"];
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] = $note;
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." ".$fach."/".$teilpruefung.": ".$note;
+ break;
+ default :
+ echo "<p>ERROR: database cmd ", $cmd["cmd"],"is unknown.</p>";
+ }
+ }
+ fclose($fh);
+}
+
+// Search user with name and return matrikelnummer if found
+function db_find_user($vorname,$nachname) {
+ global $students;
+ foreach ($students as $matrikelnummer => $student) {
+ if ($student["vorname"] === $vorname and $student["nachname"] === $nachname) {
+ return $matrikelnummer;
+ break;
+ }
+ }
+ return FALSE;
+}
+?> \ No newline at end of file
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..3997484
--- /dev/null
+++ b/index.php
@@ -0,0 +1,46 @@
+<?php
+include "setup.php";
+include "login.php";
+my_session_start();
+
+$login = FALSE;
+if (!empty($_POST["login"]) and $_POST["login"] === "login") {
+ $login = try_login($_POST["username"],$_POST["password"]);
+} elseif (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login === "admin") {
+ include "admin-show.php";
+} elseif ($login === "user") {
+ include "show-user.php";
+} else {
+?>
+<!DOCTYPE html>
+<html>
+<body>
+ <h1>Ergebnisse der Portfolioprüfungen</h1>
+ <p>Hier können sie die Teilleistungen der Portfolioprüfungen für
+ die Veranstaltungen „Technische Informatik für EIT/ME“ und
+ „Digitaltechnik für TI“ einsehen. Sie müssen für den Login im Netz
+ der Hochschule oder über VPN mit dem Hochschulnetz verbunden sein.
+ </p>
+
+ <form action="index.php" method="post">
+ <label for="username">Username: </label>
+ <input type="text" name="username"><br>
+ <label for="password">Password: </label>
+ <input type="password" name="password"><br>
+ <input type="submit" name="login" value="login">
+ </form>
+<?php
+ if ($login === "nodb") {
+ echo "<p>Login hat funktioniert. Leider habe ich sie nicht in der
+ Datenbank gefunden.</p>";
+ } elseif ($login === "failed") {
+ echo "<p>Login failed </p>";
+ }
+ echo "</body>";
+ echo "</html>";
+}
+?> \ No newline at end of file
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..a767266
--- /dev/null
+++ b/login.php
@@ -0,0 +1,47 @@
+
+<?php
+
+function try_login($username,$password) {
+ global $admins;
+ if (strlen($username) < 8 or strlen($username) > 100) {
+ return "failed";
+ }
+ if (strlen($password) < 8 or strlen($password) > 1000) {
+ return "failed";
+ }
+ $ldapserver = "ldap://ldap.hs-augsburg.de";
+ $ldapusertree = 'ou=People, dc=fh-augsburg, dc=de';
+
+ $ldapconn = ldap_connect($ldapserver)
+ or die ("Cannot connect to ldap server ".$ldapserver);
+ ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ldapconn, LDAP_OPT_NETWORK_TIMEOUT, 3);
+
+ $ldapbind = ldap_bind($ldapconn,"uid=$username, ".$ldapusertree,$password);
+ if ($ldapbind) {
+ // Login was successfull
+ session_regenerate_id(TRUE);
+ $sr=ldap_search($ldapconn,$ldapusertree,"uid=$username",["sn","givenname"]);
+ $info = ldap_get_entries($ldapconn,$sr);
+ ldap_unbind($ldapconn);
+ $vorname = $info[0]["givenname"][0];
+ $nachname = $info[0]["sn"][0];
+ $matrikelnummer = db_find_user($vorname,$nachname);
+ if (in_array($username,$admins)) {
+ $_SESSION["login"] = "admin";
+ return "admin";
+ } elseif ($matrikelnummer) {
+ $_SESSION["login"] = "user";
+ $_SESSION["myusername"] = $username;
+ $_SESSION["mymatrikelnummer"] = $matrikelnummer;
+ return "user";
+ } else {
+ $_SESSION["login"] = "nodb";
+ return "nodb";
+ }
+ } else {
+ $_SESSION["login"] = "failed";
+ return "failed";
+ }
+}
+?> \ No newline at end of file
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..5fec951
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,18 @@
+<?php
+include "setup.php";
+my_session_start();
+session_unset();
+$params = session_get_cookie_params();
+setcookie(
+ session_name(),
+ '',
+ time() - 42000,
+ $params["path"],
+ $params["domain"],
+ $params["secure"],
+ $params["httponly"]
+);
+session_destroy();
+header("Location: index.php");
+exit;
+?> \ No newline at end of file
diff --git a/setup.php b/setup.php
new file mode 100644
index 0000000..640ee56
--- /dev/null
+++ b/setup.php
@@ -0,0 +1,93 @@
+<?php
+if (!isset($setupdone)) {
+$setupdone=TRUE;
+include "database.php";
+
+$semester = ["WiSe 2025/26", "SoSe 2025", "WiSe 2024/25"];
+
+$admins = ["beckmanf"];
+
+function my_session_start() {
+ $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
+ session_start([
+ 'use_strict_mode' => 1,
+ 'cookie_httponly' => 1,
+ 'cookie_secure' => $secure, // Only if using HTTPS
+ 'cookie_samesite' => 'Strict', // or 'Lax'
+ 'use_only_cookies' => 1
+ ]);
+ // Set session timeout
+ if (isset($_SESSION['LAST_ACTIVITY']) &&
+ (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) { // 30 minutes
+ session_unset();
+ session_destroy();
+ }
+ $_SESSION['LAST_ACTIVITY'] = time();
+}
+
+$pfp = array (
+ "ti" => array (
+ "name" => "Technische Informatik",
+ "pnr" => ["1710080", "3707100"],
+ "studiengang" => ["EI", "ME"]
+ ),
+ "dt" => array (
+ "name" => "Digitaltechnik",
+ "pnr" => ["3976090"],
+ "studiengang" => ["TI"]
+ )
+);
+
+$notenlabor = ["BE", "NB", "AB", "NM", "NA"];
+$notenklausur = ["100","130","170","200","230","270","300","330","370","400","500"];
+
+$students = array (
+ "12345" => array (
+ "vorname" => "Karl",
+ "nachname" => "Meier",
+ "studiengang" => "EI",
+ "noten" => array (
+ "ti" => array (
+ "klausur" => "500",
+ "labor" => "BE"
+ ),
+ "dt" => []
+ )
+ ),
+ "11111" => array (
+ "vorname" => "Claudia",
+ "nachname" => "Darbo",
+ "studiengang" => "ME",
+ "noten" => array("ti" => [],"dt" => [])
+ ),
+ "22222" => array (
+ "vorname" => "Günther",
+ "nachname" => "Kohl",
+ "studiengang" => "TI",
+ "noten" => array("ti" => [],"dt" => [])
+ )
+);
+
+$groups = array (
+ "WiSe 2025/26" => array (
+ "ti" => array (
+ "G99-AA" => ["12345", "11111"],
+ "G99-ZZ" => ["22222", "11111"]
+ )
+ ),
+ "SoSe 2025" => array (
+ "ti" => array (
+ "G99-AA" => ["11111"],
+ "G98-ZZ" => ["22222"]
+ ),
+ "dt" => array (
+ "G99-KK" => ["11111"],
+ "G37-ZZ" => ["22222","12345"]
+ )
+ )
+);
+
+db_read();
+
+} //setupdone
+?>
diff --git a/show-user.php b/show-user.php
new file mode 100644
index 0000000..f0441c7
--- /dev/null
+++ b/show-user.php
@@ -0,0 +1,133 @@
+<?php
+include "setup.php";
+if (session_status() === PHP_SESSION_NONE) {
+ my_session_start();
+}
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login !== "admin" and $login !== "user") {
+ header("Location: index.php");
+ exit;
+}
+?>
+<!DOCTYPE html>
+<html>
+<body>
+
+<table>
+<tr>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<?php
+
+// return matrikelnummer or FALSE
+function retrieve_get_data () {
+ if (empty($_GET["matrikelnummer"])) {
+ return FALSE;
+ } else {
+ $mat = $_GET["matrikelnummer"];
+ }
+ // Exactly 9 digits
+ if (!preg_match("/^[0-9]{7}$/",$mat)) {
+ return FALSE;
+ }
+ return $mat;
+}
+
+if ($login === "admin") {
+ $matrikelnummer = retrieve_get_data();
+} elseif ($login === "user") {
+ $matrikelnummer = $_SESSION["mymatrikelnummer"];
+} else {
+ $matrikelnummer = FALSE;
+}
+
+if ($matrikelnummer and
+ !empty($students[$matrikelnummer])) {
+ $vorname = $students[$matrikelnummer]["vorname"];
+ $nachname = $students[$matrikelnummer]["nachname"];
+ echo "<h1>$nachname, $vorname ($matrikelnummer)</h1>";
+ echo "<h3>Status</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Fach</th>";
+ echo "<th>Labor</th>";
+ echo "<th>Klausur</th>";
+ echo "</tr>";
+ foreach ($students[$matrikelnummer]["noten"] as $fach => $notenliste) {
+ $fachname = $pfp[$fach]["name"];
+ if (!empty($notenliste["klausur"])) {
+ $klausurnote = $notenliste["klausur"];
+ } else {
+ $klausurnote = "-";
+ }
+ if (!empty($notenliste["labor"])) {
+ $labornote = $notenliste["labor"];
+ } else {
+ $labornote = "-";
+ }
+ echo "<tr>";
+ echo "<td>$fachname</td>";
+ echo "<td>$labornote</td>";
+ echo "<td>$klausurnote</td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+
+ echo "<h3>Gruppen</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Semester</th>";
+ echo "<th>Fach</th>";
+ echo "<th>Gruppenname</th>";
+ echo "<th>Teilnehmer</th>";
+ echo "</tr>";
+ foreach ($groups as $semestername => $fachliste) {
+ foreach ($fachliste as $fachname => $gruppenliste) {
+ foreach ($gruppenliste as $gname => $teilnehmerliste) {
+ if (in_array($matrikelnummer, $teilnehmerliste)) {
+ $tnnamensliste = "";
+ foreach ($teilnehmerliste as $tnmat) {
+ if (empty($tnnamensliste)) {
+ $tnnamensliste = $students[$tnmat]["nachname"];
+ } else {
+ $tnnamensliste = $tnnamensliste.", ".$students[$tnmat]["nachname"];
+ }
+ }
+ echo "<tr>";
+ echo "<td>$semestername</td>";
+ echo "<td>$fachname</td>";
+ echo "<td>$gname</td>";
+ echo "<td>$tnnamensliste</td>";
+ echo "</tr>";
+ }
+ }
+ }
+ }
+ echo "</table>";
+
+ echo "<h3>Geschichte</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Ereignisliste</th>";
+ echo "</tr>";
+ foreach ($students[$matrikelnummer]["history"] as $ereignis) {
+ echo "<tr>";
+ echo "<td>$ereignis</td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+} else {
+ echo "<h1>Error</h1>";
+}
+?>
+
+</body>
+</html> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-04 03:30:29 +0000