You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

212 lines
8.3 KiB

<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Prints attendance info for particular user
*
* @package mod_attendance
* @copyright 2014 Dan Marsden
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once(dirname(__FILE__).'/../../config.php');
require_once(dirname(__FILE__).'/locallib.php');
require_once(dirname(__FILE__).'/student_attendance_form.php');
$pageparams = new mod_attendance_sessions_page_params();
// Check that the required parameters are present.
$id = required_param('sessid', PARAM_INT);
$qrpass = optional_param('qrpass', '', PARAM_TEXT);
$attforsession = $DB->get_record('attendance_sessions', array('id' => $id), '*', MUST_EXIST);
$attendance = $DB->get_record('attendance', array('id' => $attforsession->attendanceid), '*', MUST_EXIST);
$cm = get_coursemodule_from_instance('attendance', $attendance->id, 0, false, MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
Qr rotation dev (#400) * Fix #378 - Removing sesskey requirement for viewing attendance.php * Fix #378 - Show password icon when only QR code is selected. * Fix #378 - Refactor/Add functionality for QR Code &amp; No Password * Changes to DB structure for rotateqrcode feature * Added Rotate QR code function * Adding new field to settings and DB create/update functions * Added function to check QR code pass and cookies, error messages. * Added function to return QR passwords as JSON * Moved unix timestamp generation to PHP * Added function that outputs JS to render the rotation code * Add QR code library qrcode.js * Added code to display and rotate the QR code. * Ammended password.php to not show text password when rotating. * Load information from database earlier, fixed check for password * Set expiry time for cookie * Autofill password for authenticated rotateqrcode users * Disable conflicting settings if rotateqr is enabled * Updating version number * Added maximum length to password field and amended key, name for table * Ammend upgrade.php to update db structure for qrcode rotation * Add id column to attendance_rotate_passwords * Removed interval setting from session. Using plugin setting instead. * Amend return passwords function * Update version numbers for DB/version.php * Hide rotate option when students cannot mark on update page. * Show QR icon when rotateqrcode is enabled. * Rename qrcoderotate JS file, frakenstyle * Add qrcode.js to thirdpartylibs.xml * Generate random password when rotateqrcode session is updated. * Add qrcodesecret column to database * Use separate password for rotateqrcode cookie * Remove unnecessary qrcodeinterval database field * Replacing $_GET with optional_param * Clarified time unit (seconds) for Rotate QR Code strings. * Moved rotateqrcodeinterval under studentscanmark setting * Fix code formatting in attendance.php and locallib.php * Add rotateqrcodesecret to structure * Add task to clear temporary qrrotation passwords * Functionality to allow password to be accepted if expired within 2sec * Documenting class clear_temporary_passwords * Updating delete temporary passwords task
6 years ago
// If the randomised code is on grab it.
if ($attforsession->rotateqrcode == 1) {
$cookiename = 'attendance_'.$attforsession->id;
$secrethash = md5($USER->id.$attforsession->rotateqrcodesecret);
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
// Check if cookie is set and verify
if (isset($_COOKIE[$cookiename])) {
// Check the token
if ($secrethash !== $_COOKIE[$cookiename]) {
// Flag error
print_error('qr_cookie_error', 'mod_attendance', $url);
}
} else {
// Check password
$sql = 'SELECT * FROM {attendance_rotate_passwords}'.
' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2';
$qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - 2]);
$qrpassflag = false;
foreach ($qrpassdatabase as $qrpasselement) {
if ($qrpass == $qrpasselement->password) {
$qrpassflag = true;
}
}
if ($qrpassflag) {
// Create and store the token
setcookie($cookiename, $secrethash, time() + (60 * 5), "/");
} else {
// Flag error
print_error('qr_pass_wrong', 'mod_attendance', $url);
}
}
}
// Require the user is logged in.
require_login($course, true, $cm);
list($canmark, $reason) = attendance_can_student_mark($attforsession);
if (!$canmark) {
redirect(new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)), get_string($reason, 'attendance'));
exit;
}
// Check if subnet is set and if the user is in the allowed range.
if (!empty($attforsession->subnet) && !address_in_subnet(getremoteaddr(), $attforsession->subnet)) {
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
notice(get_string('subnetwrong', 'attendance'), $url);
exit; // Notice calls this anyway.
}
$pageparams->sessionid = $id;
$att = new mod_attendance_structure($attendance, $cm, $course, $PAGE->context, $pageparams);
if (empty($attforsession->includeqrcode)) {
$qrpass = ''; // Override qrpass if set, as it is not allowed.
}
// Check to see if autoassignstatus is in use and no password required.
if ($attforsession->autoassignstatus && empty($attforsession->studentpassword)) {
$statusid = attendance_session_get_highest_status($att, $attforsession);
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
if (empty($statusid)) {
print_error('attendance_no_status', 'mod_attendance', $url);
}
$take = new stdClass();
$take->status = $statusid;
$take->sessid = $attforsession->id;
$success = $att->take_from_student($take);
if ($success) {
// Redirect back to the view page.
redirect($url, get_string('studentmarked', 'attendance'));
} else {
print_error('attendance_already_submitted', 'mod_attendance', $url);
}
}
if (!empty($qrpass) && !empty($attforsession->autoassignstatus)) {
$fromform = new stdClass();
// Check if password required and if set correctly.
if (!empty($attforsession->studentpassword) &&
$attforsession->studentpassword !== $qrpass) {
$url = new moodle_url('/mod/attendance/attendance.php', array('sessid' => $id, 'sesskey' => sesskey()));
redirect($url, get_string('incorrectpassword', 'mod_attendance'), null, \core\output\notification::NOTIFY_ERROR);
}
// Set the password and session id in the form, because they are saved in the attendance log.
$fromform->studentpassword = $qrpass;
$fromform->sessid = $attforsession->id;
$fromform->status = attendance_session_get_highest_status($att, $attforsession);
if (empty($fromform->status)) {
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
print_error('attendance_no_status', 'mod_attendance', $url);
}
if (!empty($fromform->status)) {
$success = $att->take_from_student($fromform);
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
if ($success) {
// Redirect back to the view page.
redirect($url, get_string('studentmarked', 'attendance'));
} else {
print_error('attendance_already_submitted', 'mod_attendance', $url);
}
}
}
$PAGE->set_url($att->url_sessions());
// Create the form.
Qr rotation dev (#400) * Fix #378 - Removing sesskey requirement for viewing attendance.php * Fix #378 - Show password icon when only QR code is selected. * Fix #378 - Refactor/Add functionality for QR Code &amp; No Password * Changes to DB structure for rotateqrcode feature * Added Rotate QR code function * Adding new field to settings and DB create/update functions * Added function to check QR code pass and cookies, error messages. * Added function to return QR passwords as JSON * Moved unix timestamp generation to PHP * Added function that outputs JS to render the rotation code * Add QR code library qrcode.js * Added code to display and rotate the QR code. * Ammended password.php to not show text password when rotating. * Load information from database earlier, fixed check for password * Set expiry time for cookie * Autofill password for authenticated rotateqrcode users * Disable conflicting settings if rotateqr is enabled * Updating version number * Added maximum length to password field and amended key, name for table * Ammend upgrade.php to update db structure for qrcode rotation * Add id column to attendance_rotate_passwords * Removed interval setting from session. Using plugin setting instead. * Amend return passwords function * Update version numbers for DB/version.php * Hide rotate option when students cannot mark on update page. * Show QR icon when rotateqrcode is enabled. * Rename qrcoderotate JS file, frakenstyle * Add qrcode.js to thirdpartylibs.xml * Generate random password when rotateqrcode session is updated. * Add qrcodesecret column to database * Use separate password for rotateqrcode cookie * Remove unnecessary qrcodeinterval database field * Replacing $_GET with optional_param * Clarified time unit (seconds) for Rotate QR Code strings. * Moved rotateqrcodeinterval under studentscanmark setting * Fix code formatting in attendance.php and locallib.php * Add rotateqrcodesecret to structure * Add task to clear temporary qrrotation passwords * Functionality to allow password to be accepted if expired within 2sec * Documenting class clear_temporary_passwords * Updating delete temporary passwords task
6 years ago
if ($attforsession->rotateqrcode == 1) {
$mform = new mod_attendance_student_attendance_form(null,
array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession,
'attendance' => $att, 'password' => $attforsession->studentpassword));
} else {
$mform = new mod_attendance_student_attendance_form(null,
array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession,
Qr rotation dev (#400) * Fix #378 - Removing sesskey requirement for viewing attendance.php * Fix #378 - Show password icon when only QR code is selected. * Fix #378 - Refactor/Add functionality for QR Code &amp; No Password * Changes to DB structure for rotateqrcode feature * Added Rotate QR code function * Adding new field to settings and DB create/update functions * Added function to check QR code pass and cookies, error messages. * Added function to return QR passwords as JSON * Moved unix timestamp generation to PHP * Added function that outputs JS to render the rotation code * Add QR code library qrcode.js * Added code to display and rotate the QR code. * Ammended password.php to not show text password when rotating. * Load information from database earlier, fixed check for password * Set expiry time for cookie * Autofill password for authenticated rotateqrcode users * Disable conflicting settings if rotateqr is enabled * Updating version number * Added maximum length to password field and amended key, name for table * Ammend upgrade.php to update db structure for qrcode rotation * Add id column to attendance_rotate_passwords * Removed interval setting from session. Using plugin setting instead. * Amend return passwords function * Update version numbers for DB/version.php * Hide rotate option when students cannot mark on update page. * Show QR icon when rotateqrcode is enabled. * Rename qrcoderotate JS file, frakenstyle * Add qrcode.js to thirdpartylibs.xml * Generate random password when rotateqrcode session is updated. * Add qrcodesecret column to database * Use separate password for rotateqrcode cookie * Remove unnecessary qrcodeinterval database field * Replacing $_GET with optional_param * Clarified time unit (seconds) for Rotate QR Code strings. * Moved rotateqrcodeinterval under studentscanmark setting * Fix code formatting in attendance.php and locallib.php * Add rotateqrcodesecret to structure * Add task to clear temporary qrrotation passwords * Functionality to allow password to be accepted if expired within 2sec * Documenting class clear_temporary_passwords * Updating delete temporary passwords task
6 years ago
'attendance' => $att, 'password' => $qrpass));
}
if ($mform->is_cancelled()) {
// The user cancelled the form, so redirect them to the view page.
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
redirect($url);
} else if ($fromform = $mform->get_data()) {
// Check if password required and if set correctly.
if (!empty($attforsession->studentpassword) &&
$attforsession->studentpassword !== $fromform->studentpassword) {
$url = new moodle_url('/mod/attendance/attendance.php', array('sessid' => $id, 'sesskey' => sesskey()));
redirect($url, get_string('incorrectpassword', 'mod_attendance'), null, \core\output\notification::NOTIFY_ERROR);
}
if ($attforsession->autoassignstatus) {
$fromform->status = attendance_session_get_highest_status($att, $attforsession);
if (empty($fromform->status)) {
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
print_error('attendance_no_status', 'mod_attendance', $url);
}
}
if (!empty($fromform->status)) {
$success = $att->take_from_student($fromform);
$url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id));
if ($success) {
// Redirect back to the view page.
redirect($url, get_string('studentmarked', 'attendance'));
} else {
print_error('attendance_already_submitted', 'mod_attendance', $url);
}
}
// The form did not validate correctly so we will set it to display the data they submitted.
$mform->set_data($fromform);
}
$PAGE->set_title($course->shortname. ": ".$att->name);
$PAGE->set_heading($course->fullname);
$PAGE->set_cacheable(true);
$PAGE->navbar->add($att->name);
$output = $PAGE->get_renderer('mod_attendance');
echo $output->header();
$mform->display();
echo $output->footer();