aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ReadMe.md28
-rw-r--r--admin-addusers.php226
-rw-r--r--admin-show.php154
-rw-r--r--admin-update.php39
-rw-r--r--database.php138
-rw-r--r--index.php46
-rw-r--r--login.php47
-rw-r--r--logout.php18
-rw-r--r--setup.php93
-rw-r--r--show-user.php133
10 files changed, 922 insertions, 0 deletions
diff --git a/ReadMe.md b/ReadMe.md
new file mode 100644
index 0000000..5bb50d2
--- /dev/null
+++ b/ReadMe.md
@@ -0,0 +1,28 @@
+# praktrack - Verwaltung von Portfolioprüfungen
+
+Mit diesem Webtool können die Teilleistungen von den
+Portfolioprüfungen Digitaltechnik und Technische Informatik
+verwaltet werden. Portfolioprüfungen bestehen aus
+
+ * Laborteil der bestanden/nicht bestanden sein kann
+ * Klausur mit einer Note
+
+Erst wenn beide Prüfungsteile erfolgreich absolviert sind,
+wird die Note ans Prüfungsamt gemeldet.
+
+## Ansicht der Studenten
+
+Die Studenten authentifizieren sich über ldap und können dann die eigenen Daten einsehen.
+
+## Adminansicht
+
+Als Admin kann man Studenten für ein Semester und eine Prüfung (ti/dt) anlegen und dann die Prüfungsergebnisse ändern.
+
+## Anlegen der Studentendaten
+
+Die Prüfungsteilnehmer werden über die Daten aus dem Moodlekurs
+in das Tool importiert. Dazu werden die Teilnehmerdaten des Moodlekurses als .csv exportiert und dann in praktrack importiert.
+
+## Eingabe der Prüfungsergebnisse
+
+Die Prüfungsergebnisse werden in der Listenansicht eingegeben und mit dem Knopf "update" in die Datenbank gespeichert.
diff --git a/admin-addusers.php b/admin-addusers.php
new file mode 100644
index 0000000..880a535
--- /dev/null
+++ b/admin-addusers.php
@@ -0,0 +1,226 @@
+<?php
+include "setup.php";
+my_session_start();
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+if ($login !== "admin") {
+ header("Location: index.php");
+ exit;
+}
+?>
+<!DOCTYPE html>
+<html>
+<body>
+<h1>Add Users</h1>
+<table>
+<tr>
+<td>
+ <a href="admin-addusers.php">Add students</a>
+</td>
+<td>
+ <a href="admin-show.php">Show students</a>
+</td>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<p> Die Teilnehmer werden aus dem Moodlekurs der Veranstaltung übernommen.
+ Dazu die Teilnehmer als csv exportieren. Die csv Datei
+ dann mit den Angaben zum Kurs und zum Semester hier hochladen. Die
+ csv Datei enthält die Namen, Matrikelnummer und die Gruppen.
+</p>
+
+<?php
+
+if (!empty($_POST["upload"]) and $_POST["upload"] === "upload") {
+ $pfach = $_POST["fach"];
+ $psemester = $_POST["semester"];
+ $newstudents = [];
+ $newgroups = [];
+} else {
+ $pfach = empty($_SESSION["fach"]) ? "" :$_SESSION["fach"];
+ $psemester = empty($_SESSION["semester"]) ? "" :$_SESSION["semester"];
+ $newstudents = empty($_SESSION["newstudents"]) ? [] :$_SESSION["newstudents"];
+ $newgroups = empty($_SESSION["newgroups"]) ? [] :$_SESSION["newgroups"];
+}
+
+unset($_SESSION["newstudents"]);
+unset($_SESSION["newgroups"]);
+unset($_SESSION["fach"]);
+unset($_SESSION["semester"]);
+
+
+// Check if student is in any group. If the student is found
+// return the first groupname, otherwise FALSE
+function is_student_in_any_group($matrikelnummer, $grouplist) {
+ if (empty($grouplist) or empty($matrikelnummer)) {
+ return FALSE;
+ }
+ foreach ($grouplist as $gname => $teilnehmerliste) {
+ if (in_array($matrikelnummer, $teilnehmerliste)) {
+ return $gname;
+ }
+ }
+}
+
+function parseuserfile($fname) {
+ global $pfach,$psemester,$newstudents,$newgroups,$students,$groups;
+ if (($fh = fopen($fname, "r")) !== FALSE) {
+ while (($line = fgetcsv($fh, 1000, ",", "\"", ""))) {
+ $vorname = $line[0];
+ $nachname = $line[1];
+ $matrikelnummer = is_numeric($line[2]) ? $line[2] : "";
+ $student = array (
+ "vorname" => $vorname,
+ "nachname" => $nachname,
+ "noten" => array (
+ $pfach => []
+ )
+ );
+ $newgruppe = "";
+ if (!empty($line[4])) {
+ $gruppen = str_getcsv($line[4],",","\"","");
+ foreach ($gruppen as $gruppe) {
+ if (preg_match("/.*-G[0-9].*/u", $gruppe) or
+ preg_match("/G[0-9].*/u", $gruppe) ) {
+ $newgruppe = trim($gruppe);
+ }
+ }
+ }
+
+ if (empty($newgruppe) or empty($matrikelnummer)) {
+ echo "<p>WARNING: $vorname $nachname has no group or no matrikelnummer.</p>";
+ } elseif (!empty($groups[$psemester][$pfach]) and
+ $gname = is_student_in_any_group($matrikelnummer, $groups[$psemester][$pfach])) {
+ echo "<p>WARNING: $matrikelnummer is already in $gname in database.</p>";
+ } elseif ($gname = is_student_in_any_group($matrikelnummer, $newgroups)) {
+ echo "<p>WARNING: $matrikelnummer is already in $gname in this file</p>";
+ } else {
+ if (empty($students[$matrikelnummer])) {
+ //db_student_new($matrikelnummer,$student);
+ echo "<p>Adding student $matrikelnummer</p>";
+ $newstudents[$matrikelnummer] = $student;
+ } elseif (!array_key_exists($pfach,$students[$matrikelnummer]["noten"])) {
+ echo "<p>Adding $pfach to student $matrikelnummer</p>";
+ $newstudents[$matrikelnummer] = $student;
+ } else {
+ echo "<p>WARNING: student $matrikelnummer is already in database.</p>";
+ }
+ if (empty($groups[$psemester][$pfach][$newgruppe])) {
+ if (empty($newgroups[$newgruppe])) {
+ $newgroups[$newgruppe] = [$matrikelnummer];
+ } elseif (!in_array($matrikelnummer,$newgroups[$newgruppe])) {
+ $newgroups[$newgruppe][] = $matrikelnummer;
+ } else {
+ echo "<p>WARNING: student $matrikelnummer is already in group $newgruppe</p>";
+ }
+ } elseif (!in_array($matrikelnummer,$groups[$psemester][$pfach][$newgruppe])) {
+ echo "<p>ERROR: TODO group $newgruppe without $matrikelnummer already in database but </p>";
+ } else {
+ echo "<p>WARNING: group $newgruppe with $matrikelnummer already in database</p>";
+ }
+ }
+ //echo "<p>",$vorname,$nachname,$matrikelnummer,$newgruppe,"</p>";
+ }
+ ksort($newgroups);
+ $_SESSION["newstudents"] = $newstudents;
+ $_SESSION["newgroups"] = $newgroups;
+ $_SESSION["fach"] = $pfach;
+ $_SESSION["semester"] = $psemester;
+ } else {
+ echo "<p>Error: Could not open file</p>";
+ return FALSE;
+ }
+ return;
+}
+
+echo "<form action=\"admin-addusers.php\" method=\"post\" enctype=\"multipart/form-data\">";
+echo "<label for \"fach\">Fach: </label>";
+echo "<select name=\"fach\">";
+foreach ($pfp as $fach => $value) {
+ echo "<option value=\"$fach\">$fach</option>";
+}
+echo "</select>";
+echo "<select name=\"semester\">";
+foreach ($semester as $semestername) {
+ echo "<option value=\"$semestername\">$semestername</option>";
+}
+echo "</select>";
+echo "<input type=\"file\" name=\"csvfile\" id=\"csvfile\">";
+echo "<input type=\"submit\" name=\"upload\" value=\"upload\">";
+
+if (!empty($_POST["save"]) and $_POST["save"] === "save") {
+ foreach ($newstudents as $matrikelnummer => $student) {
+ if (empty($students[$matrikelnummer])) {
+ db_student_new($matrikelnummer,$student);
+ } elseif (empty($students[$matrikelnummer]["noten"][$pfach])) {
+ db_student_add_fach($matrikelnummer,$pfach);
+ } else {
+ echo "<p>ERROR: $matrikelnummer with $pfach already in database.</p>";
+ }
+ }
+ foreach ($newgroups as $gname => $teilnehmerarray) {
+ db_group_new($psemester,$pfach,$gname,$teilnehmerarray);
+ }
+ $newstudents = [];
+ $newgroups = [];
+ echo "<h1>Saved.</h1>";
+} elseif (!empty($_POST["cancel"]) and $_POST["cancel"] === "cancel") {
+ $newstudents = [];
+ $newgroups = [];
+ echo "<h1>Canceled.</h1>";
+} elseif (!empty($_POST["upload"]) and $_POST["upload"] === "upload") {
+ $fname = $_FILES["csvfile"]["tmp_name"];
+ $ftype = $_FILES["csvfile"]["type"];
+
+ if (!empty($fname)) {
+ if ($ftype !== "text/csv") {
+ echo "<p>ERROR: Filetype must be csv</p>";
+ } else {
+ parseuserfile($fname);
+ }
+ }
+}
+if (!empty($newstudents) or !empty($newgroups)) {
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Semester</th>";
+ echo "<th>Prüfung</th>";
+ echo "<th>Gruppe</th>";
+ echo "<th>Nachname</th>";
+ echo "<th>Vorname</th>";
+ echo "</tr>";
+ foreach ($newgroups as $gname => $teilnehmera) {
+ foreach ($teilnehmera as $matrikelnummer) {
+ if (!empty($newstudents[$matrikelnummer])) {
+ $vorname = $newstudents[$matrikelnummer]["vorname"];
+ $nachname = $newstudents[$matrikelnummer]["nachname"];
+ } else {
+ $vorname = $students[$matrikelnummer]["vorname"];
+ $nachname = $students[$matrikelnummer]["nachname"];
+ }
+ echo "<tr>";
+ echo "<td>",$psemester,"</td>";
+ echo "<td>",$pfach,"</td>";
+ echo "<td>",$gname,"</td>";
+ echo "<td>",$nachname,"</td>";
+ echo "<td>",$vorname,"</td>";
+ echo "</tr>";
+ }
+ }
+ echo "</table>";
+
+ echo "<input type=\"submit\" name=\"save\" value=\"save\">";
+ echo "<input type=\"submit\" name=\"cancel\" value=\"cancel\">";
+}
+
+echo "</form>";
+
+?>
+
+</body>
+</html> \ No newline at end of file
diff --git a/admin-show.php b/admin-show.php
new file mode 100644
index 0000000..10394d8
--- /dev/null
+++ b/admin-show.php
@@ -0,0 +1,154 @@
+<?php
+include "setup.php";
+if (session_status() === PHP_SESSION_NONE) {
+ my_session_start();
+}
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login !== "admin") {
+ header("Location: index.php");
+ exit;
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<body>
+<h1>Listenansicht</h1>
+
+<table>
+<tr>
+<td>
+ <a href="admin-addusers.php">Add students</a>
+</td>
+<td>
+ <a href="admin-show.php">Show students</a>
+</td>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<?php
+
+
+// If we pushed the update button, update the database
+if (!empty($_POST["update"])) {
+ include "admin-update.php";
+}
+
+//var_dump($_POST);
+
+if (!empty($_POST["note"])) {
+ //var_dump($_POST["note"]);
+}
+
+if (!empty($_POST["semester"])) {
+ $selectedsemester = $_POST["semester"];
+} else {
+ $selectedsemester = "alle";
+}
+if (!empty($_POST["pruefung"])) {
+ $selectedpruefung = $_POST["pruefung"];
+} else {
+ $selectedpruefung = "alle";
+}
+echo "<form action=\"admin-show.php\" method=\"post\">";
+echo "<table>";
+echo "<tr>";
+echo "<th>Semester</th>";
+echo "<th>Prüfung</th>";
+echo "<th>Gruppe</th>";
+echo "<th>Nachname</th>";
+echo "<th>Vorname</th>";
+echo "<th>Labor</th>";
+echo "<th>Klausur</th>";
+echo "</tr>";
+echo "<tr>";
+echo "<td>";
+echo "<select name=\"semester\">";
+if ($selectedsemester === "alle") {
+echo "<option value=\"alle\" selected>alle</option>";
+} else {
+echo "<option value=\"alle\">alle</option>";
+}
+foreach ($semester as $semestername) {
+ if ($selectedsemester === $semestername) {
+ echo "<option value=\"$semestername\" selected>$semestername</option>";
+ } else {
+ echo "<option value=\"$semestername\">$semestername</option>";
+ }
+}
+echo "</select>";
+echo "</td>";
+echo "<td>";
+echo "<select name=\"pruefung\">";
+if ($selectedpruefung === "alle") {
+echo "<option value=\"alle\" selected>alle</option>";
+} else {
+echo "<option value=\"alle\">alle</option>";
+}
+foreach ($pfp as $pruefung => $value) {
+ if ($selectedpruefung === $pruefung) {
+ echo "<option value=\"$pruefung\" selected>$pruefung</option>";
+ } else {
+ echo "<option value=\"$pruefung\">$pruefung</option>";
+ }
+}
+echo "</select>";
+echo "</td>";
+echo "<td></td>";
+echo "<td>";
+echo "<input type=\"submit\" name=\"filter\" value=\"filter\">";
+echo "</td>";
+//echo "</form>";
+echo "</tr>";
+//echo "</table>";
+
+//echo "<form action=\"admin-show.php\" method=\"post\">";
+//echo "<table>";
+foreach ($groups as $semester => $pruefungen) {
+ if ($selectedsemester === "alle" or $selectedsemester === $semester) {
+ foreach ($pruefungen as $pruefung => $groupsperpruefung) {
+ if ($selectedpruefung === "alle" or $selectedpruefung === $pruefung) {
+ foreach ($groupsperpruefung as $groupname => $teilnehmerarray) {
+ foreach ($teilnehmerarray as $matrikelnummer) {
+ echo "<tr>";
+ echo "<td> $semester </td>";
+ echo "<td> $pruefung </td>";
+ echo "<td> $groupname </td>";
+ $student = $students[$matrikelnummer];
+ $nachname = $student["nachname"];
+ $vorname = $student["vorname"];
+ if (!empty($student["noten"][$pruefung]["klausur"])) {
+ $klausurnote = $student["noten"][$pruefung]["klausur"];
+ } else {
+ $klausurnote = "";
+ }
+ if (!empty($student["noten"][$pruefung]["labor"])) {
+ $labornote = $student["noten"][$pruefung]["labor"];
+ } else {
+ $labornote = "";
+ }
+ echo "<td><a href=\"show-user.php?matrikelnummer=$matrikelnummer\">$nachname</a></td>";
+ echo "<td> $vorname </td>";
+ echo "<td><input type=\"text\" name=\"note[$matrikelnummer][$pruefung][labor][$semester]\" value=\"$labornote\" size=2 maxlength=2></td>";
+ echo "<td><input type=\"text\" name=\"note[$matrikelnummer][$pruefung][klausur][$semester]\" value=\"$klausurnote\" size=3 maxlength=3></td>";
+ echo "</tr>";
+ }
+ }
+ }
+ }
+ }
+}
+echo "</table>";
+echo "<input type=\"submit\" name=\"update\" value=\"update\">";
+echo "</form>";
+?>
+
+</body>
+</html> \ No newline at end of file
diff --git a/admin-update.php b/admin-update.php
new file mode 100644
index 0000000..f0d3896
--- /dev/null
+++ b/admin-update.php
@@ -0,0 +1,39 @@
+<?php
+// Check the entries in the form and compare them with the
+// data in the database. If there are updates, then change
+// the data in the database and append the json file with
+// the changes.
+if (empty($_POST["note"])) {
+ return;
+}
+$notenneu = $_POST["note"];
+
+foreach ($notenneu as $matrikelnummer => $pruefungen) {
+ foreach ($pruefungen as $fach => $teilpruefungen) {
+ foreach ($teilpruefungen as $teilpruefung => $semesterliste) {
+ foreach ($semesterliste as $semestername => $note) {
+ if (!array_key_exists($fach,$students[$matrikelnummer]["noten"])) {
+ var_dump($students[$matrikelnummer]);
+ echo "<p>ERROR: Fach $fach bei $matrikelnummer existiert nicht</p>";
+ } else {
+ if (!empty($note) and (
+ empty($students[$matrikelnummer]["noten"][$fach][$teilpruefung]) or
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] !== $note)) {
+ if (($teilpruefung === "klausur" and in_array($note,$notenklausur) or
+ $teilpruefung === "labor" and in_array($note,$notenlabor))) {
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] = $note;
+ db_student_update_note($matrikelnummer,$fach,$teilpruefung,$note);
+ break;
+ } else {
+ var_dump($students[$matrikelnummer]);
+ echo "<p>ERROR: Note $note ungueltig fuer $matrikelnummer,$fach,$teilpruefung </p>";
+ }
+ }
+ }
+ }
+ }
+
+ }
+}
+
+?> \ No newline at end of file
diff --git a/database.php b/database.php
new file mode 100644
index 0000000..9c14920
--- /dev/null
+++ b/database.php
@@ -0,0 +1,138 @@
+<?php
+
+function db_student_new($matrikelnummer,$student) {
+ date_default_timezone_set("UTC");
+ $json_student_add = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "student_new",
+ "matrikelnummer" => $matrikelnummer,
+ "vorname" => $student["vorname"],
+ "nachname" => $student["nachname"],
+ "noten" => $student["noten"]
+ );
+ $json_string = json_encode($json_student_add, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+
+ //echo $json_string;
+}
+
+function db_student_add_fach($matrikelnummer,$fach) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "student_add_fach",
+ "matrikelnummer" => $matrikelnummer,
+ "fach" => $fach
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+}
+
+function db_student_update_note($matrikelnummer,$fach,$teilpruefung,$note) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "note_upd",
+ "fach" => $fach,
+ "teilpruefung" => $teilpruefung,
+ "note" => $note,
+ "matrikelnummer" => $matrikelnummer
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+}
+
+function db_group_new($semester,$fach,$gname,$teilnehmerarray) {
+ date_default_timezone_set("UTC");
+ $cmd = array (
+ "time" => date('Y-m-d H:i:s', time()),
+ "cmd" => "group_new",
+ "semester" => $semester,
+ "fach" => $fach,
+ "name" => $gname,
+ "teilnehmer" => $teilnehmerarray
+ );
+ $json_string = json_encode($cmd, JSON_UNESCAPED_UNICODE)."\n";
+ $fh = fopen("database.json", "a");
+ fwrite($fh,$json_string);
+ fclose($fh);
+ //echo $json_string;
+}
+
+function db_read () {
+ global $students,$groups,$pfp;
+ $fh = fopen("database.json", "r");
+ if ($fh === FALSE) {
+ echo "<p>Cannot open database.json</p>";
+ return FALSE;
+ }
+ while ($line = fgets($fh)) {
+ $cmd = json_decode($line,JSON_UNESCAPED_UNICODE);
+ switch ($cmd["cmd"]) {
+ case "student_new" :
+ $matrikelnummer = $cmd["matrikelnummer"];
+ if (empty($students[$matrikelnummer])) {
+ $students[$matrikelnummer]["vorname"] = $cmd["vorname"];
+ $students[$matrikelnummer]["nachname"] = $cmd["nachname"];
+ $students[$matrikelnummer]["noten"] = $cmd["noten"];
+ $fach = array_key_first($cmd["noten"]);
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." student new with ".$fach;
+ } else {
+ echo "<p>ERROR: Student ",$matrikelnummer," is already in database.</p>";
+ }
+ break;
+ case "student_add_fach" :
+ $matrikelnummer = $cmd["matrikelnummer"];
+ $fach = $cmd["fach"];
+ if (empty($students[$matrikelnummer])) {
+ echo "<p>ERROR: Cannot add $fach to $matrikelnummer as student is not in database.</p>";
+ } elseif (array_key_exists($fach,$students[$matrikelnummer]["noten"])) {
+ echo "<p>ERROR: $fach already exists for $matrikelnummer in database.</p>";
+ } else {
+ $students[$matrikelnummer]["noten"][$fach] = [];
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." add ".$fach;
+ }
+ break;
+ case "group_new" :
+ $semester = $cmd["semester"];
+ $fach = $cmd["fach"];
+ $gname = $cmd["name"];
+ if (empty($groups[$semester][$fach][$gname])) {
+ $groups[$semester][$fach][$gname] = $cmd["teilnehmer"];
+ } else {
+ echo "<p>ERROR: Group $gname for $fach in $semester is already in database.</p>";
+ }
+ break;
+ case "note_upd":
+ $fach = $cmd["fach"];
+ $teilpruefung = $cmd["teilpruefung"];
+ $matrikelnummer = $cmd["matrikelnummer"];
+ $note = $cmd["note"];
+ $students[$matrikelnummer]["noten"][$fach][$teilpruefung] = $note;
+ $students[$matrikelnummer]["history"][] = $cmd["time"]." ".$fach."/".$teilpruefung.": ".$note;
+ break;
+ default :
+ echo "<p>ERROR: database cmd ", $cmd["cmd"],"is unknown.</p>";
+ }
+ }
+ fclose($fh);
+}
+
+// Search user with name and return matrikelnummer if found
+function db_find_user($vorname,$nachname) {
+ global $students;
+ foreach ($students as $matrikelnummer => $student) {
+ if ($student["vorname"] === $vorname and $student["nachname"] === $nachname) {
+ return $matrikelnummer;
+ break;
+ }
+ }
+ return FALSE;
+}
+?> \ No newline at end of file
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..3997484
--- /dev/null
+++ b/index.php
@@ -0,0 +1,46 @@
+<?php
+include "setup.php";
+include "login.php";
+my_session_start();
+
+$login = FALSE;
+if (!empty($_POST["login"]) and $_POST["login"] === "login") {
+ $login = try_login($_POST["username"],$_POST["password"]);
+} elseif (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login === "admin") {
+ include "admin-show.php";
+} elseif ($login === "user") {
+ include "show-user.php";
+} else {
+?>
+<!DOCTYPE html>
+<html>
+<body>
+ <h1>Ergebnisse der Portfolioprüfungen</h1>
+ <p>Hier können sie die Teilleistungen der Portfolioprüfungen für
+ die Veranstaltungen „Technische Informatik für EIT/ME“ und
+ „Digitaltechnik für TI“ einsehen. Sie müssen für den Login im Netz
+ der Hochschule oder über VPN mit dem Hochschulnetz verbunden sein.
+ </p>
+
+ <form action="index.php" method="post">
+ <label for="username">Username: </label>
+ <input type="text" name="username"><br>
+ <label for="password">Password: </label>
+ <input type="password" name="password"><br>
+ <input type="submit" name="login" value="login">
+ </form>
+<?php
+ if ($login === "nodb") {
+ echo "<p>Login hat funktioniert. Leider habe ich sie nicht in der
+ Datenbank gefunden.</p>";
+ } elseif ($login === "failed") {
+ echo "<p>Login failed </p>";
+ }
+ echo "</body>";
+ echo "</html>";
+}
+?> \ No newline at end of file
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..a767266
--- /dev/null
+++ b/login.php
@@ -0,0 +1,47 @@
+
+<?php
+
+function try_login($username,$password) {
+ global $admins;
+ if (strlen($username) < 8 or strlen($username) > 100) {
+ return "failed";
+ }
+ if (strlen($password) < 8 or strlen($password) > 1000) {
+ return "failed";
+ }
+ $ldapserver = "ldap://ldap.hs-augsburg.de";
+ $ldapusertree = 'ou=People, dc=fh-augsburg, dc=de';
+
+ $ldapconn = ldap_connect($ldapserver)
+ or die ("Cannot connect to ldap server ".$ldapserver);
+ ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ldapconn, LDAP_OPT_NETWORK_TIMEOUT, 3);
+
+ $ldapbind = ldap_bind($ldapconn,"uid=$username, ".$ldapusertree,$password);
+ if ($ldapbind) {
+ // Login was successfull
+ session_regenerate_id(TRUE);
+ $sr=ldap_search($ldapconn,$ldapusertree,"uid=$username",["sn","givenname"]);
+ $info = ldap_get_entries($ldapconn,$sr);
+ ldap_unbind($ldapconn);
+ $vorname = $info[0]["givenname"][0];
+ $nachname = $info[0]["sn"][0];
+ $matrikelnummer = db_find_user($vorname,$nachname);
+ if (in_array($username,$admins)) {
+ $_SESSION["login"] = "admin";
+ return "admin";
+ } elseif ($matrikelnummer) {
+ $_SESSION["login"] = "user";
+ $_SESSION["myusername"] = $username;
+ $_SESSION["mymatrikelnummer"] = $matrikelnummer;
+ return "user";
+ } else {
+ $_SESSION["login"] = "nodb";
+ return "nodb";
+ }
+ } else {
+ $_SESSION["login"] = "failed";
+ return "failed";
+ }
+}
+?> \ No newline at end of file
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..5fec951
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,18 @@
+<?php
+include "setup.php";
+my_session_start();
+session_unset();
+$params = session_get_cookie_params();
+setcookie(
+ session_name(),
+ '',
+ time() - 42000,
+ $params["path"],
+ $params["domain"],
+ $params["secure"],
+ $params["httponly"]
+);
+session_destroy();
+header("Location: index.php");
+exit;
+?> \ No newline at end of file
diff --git a/setup.php b/setup.php
new file mode 100644
index 0000000..640ee56
--- /dev/null
+++ b/setup.php
@@ -0,0 +1,93 @@
+<?php
+if (!isset($setupdone)) {
+$setupdone=TRUE;
+include "database.php";
+
+$semester = ["WiSe 2025/26", "SoSe 2025", "WiSe 2024/25"];
+
+$admins = ["beckmanf"];
+
+function my_session_start() {
+ $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
+ session_start([
+ 'use_strict_mode' => 1,
+ 'cookie_httponly' => 1,
+ 'cookie_secure' => $secure, // Only if using HTTPS
+ 'cookie_samesite' => 'Strict', // or 'Lax'
+ 'use_only_cookies' => 1
+ ]);
+ // Set session timeout
+ if (isset($_SESSION['LAST_ACTIVITY']) &&
+ (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) { // 30 minutes
+ session_unset();
+ session_destroy();
+ }
+ $_SESSION['LAST_ACTIVITY'] = time();
+}
+
+$pfp = array (
+ "ti" => array (
+ "name" => "Technische Informatik",
+ "pnr" => ["1710080", "3707100"],
+ "studiengang" => ["EI", "ME"]
+ ),
+ "dt" => array (
+ "name" => "Digitaltechnik",
+ "pnr" => ["3976090"],
+ "studiengang" => ["TI"]
+ )
+);
+
+$notenlabor = ["BE", "NB", "AB", "NM", "NA"];
+$notenklausur = ["100","130","170","200","230","270","300","330","370","400","500"];
+
+$students = array (
+ "12345" => array (
+ "vorname" => "Karl",
+ "nachname" => "Meier",
+ "studiengang" => "EI",
+ "noten" => array (
+ "ti" => array (
+ "klausur" => "500",
+ "labor" => "BE"
+ ),
+ "dt" => []
+ )
+ ),
+ "11111" => array (
+ "vorname" => "Claudia",
+ "nachname" => "Darbo",
+ "studiengang" => "ME",
+ "noten" => array("ti" => [],"dt" => [])
+ ),
+ "22222" => array (
+ "vorname" => "Günther",
+ "nachname" => "Kohl",
+ "studiengang" => "TI",
+ "noten" => array("ti" => [],"dt" => [])
+ )
+);
+
+$groups = array (
+ "WiSe 2025/26" => array (
+ "ti" => array (
+ "G99-AA" => ["12345", "11111"],
+ "G99-ZZ" => ["22222", "11111"]
+ )
+ ),
+ "SoSe 2025" => array (
+ "ti" => array (
+ "G99-AA" => ["11111"],
+ "G98-ZZ" => ["22222"]
+ ),
+ "dt" => array (
+ "G99-KK" => ["11111"],
+ "G37-ZZ" => ["22222","12345"]
+ )
+ )
+);
+
+db_read();
+
+} //setupdone
+?>
diff --git a/show-user.php b/show-user.php
new file mode 100644
index 0000000..f0441c7
--- /dev/null
+++ b/show-user.php
@@ -0,0 +1,133 @@
+<?php
+include "setup.php";
+if (session_status() === PHP_SESSION_NONE) {
+ my_session_start();
+}
+$login=false;
+if (isset($_SESSION["login"])) {
+ $login = $_SESSION["login"];
+}
+
+if ($login !== "admin" and $login !== "user") {
+ header("Location: index.php");
+ exit;
+}
+?>
+<!DOCTYPE html>
+<html>
+<body>
+
+<table>
+<tr>
+<td>
+ <a href="logout.php">Logout</a>
+</td>
+</tr>
+</table>
+
+<?php
+
+// return matrikelnummer or FALSE
+function retrieve_get_data () {
+ if (empty($_GET["matrikelnummer"])) {
+ return FALSE;
+ } else {
+ $mat = $_GET["matrikelnummer"];
+ }
+ // Exactly 9 digits
+ if (!preg_match("/^[0-9]{7}$/",$mat)) {
+ return FALSE;
+ }
+ return $mat;
+}
+
+if ($login === "admin") {
+ $matrikelnummer = retrieve_get_data();
+} elseif ($login === "user") {
+ $matrikelnummer = $_SESSION["mymatrikelnummer"];
+} else {
+ $matrikelnummer = FALSE;
+}
+
+if ($matrikelnummer and
+ !empty($students[$matrikelnummer])) {
+ $vorname = $students[$matrikelnummer]["vorname"];
+ $nachname = $students[$matrikelnummer]["nachname"];
+ echo "<h1>$nachname, $vorname ($matrikelnummer)</h1>";
+ echo "<h3>Status</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Fach</th>";
+ echo "<th>Labor</th>";
+ echo "<th>Klausur</th>";
+ echo "</tr>";
+ foreach ($students[$matrikelnummer]["noten"] as $fach => $notenliste) {
+ $fachname = $pfp[$fach]["name"];
+ if (!empty($notenliste["klausur"])) {
+ $klausurnote = $notenliste["klausur"];
+ } else {
+ $klausurnote = "-";
+ }
+ if (!empty($notenliste["labor"])) {
+ $labornote = $notenliste["labor"];
+ } else {
+ $labornote = "-";
+ }
+ echo "<tr>";
+ echo "<td>$fachname</td>";
+ echo "<td>$labornote</td>";
+ echo "<td>$klausurnote</td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+
+ echo "<h3>Gruppen</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Semester</th>";
+ echo "<th>Fach</th>";
+ echo "<th>Gruppenname</th>";
+ echo "<th>Teilnehmer</th>";
+ echo "</tr>";
+ foreach ($groups as $semestername => $fachliste) {
+ foreach ($fachliste as $fachname => $gruppenliste) {
+ foreach ($gruppenliste as $gname => $teilnehmerliste) {
+ if (in_array($matrikelnummer, $teilnehmerliste)) {
+ $tnnamensliste = "";
+ foreach ($teilnehmerliste as $tnmat) {
+ if (empty($tnnamensliste)) {
+ $tnnamensliste = $students[$tnmat]["nachname"];
+ } else {
+ $tnnamensliste = $tnnamensliste.", ".$students[$tnmat]["nachname"];
+ }
+ }
+ echo "<tr>";
+ echo "<td>$semestername</td>";
+ echo "<td>$fachname</td>";
+ echo "<td>$gname</td>";
+ echo "<td>$tnnamensliste</td>";
+ echo "</tr>";
+ }
+ }
+ }
+ }
+ echo "</table>";
+
+ echo "<h3>Geschichte</h3>";
+ echo "<table>";
+ echo "<tr>";
+ echo "<th>Ereignisliste</th>";
+ echo "</tr>";
+ foreach ($students[$matrikelnummer]["history"] as $ereignis) {
+ echo "<tr>";
+ echo "<td>$ereignis</td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+} else {
+ echo "<h1>Error</h1>";
+}
+?>
+
+</body>
+</html> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-04 05:16:41 +0000