. /** * Prints attendance info for particular user * * @package mod_attendance * @copyright 2014 Dan Marsden * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ require_once(dirname(__FILE__).'/../../config.php'); require_once(dirname(__FILE__).'/locallib.php'); require_once(dirname(__FILE__).'/student_attendance_form.php'); $pageparams = new mod_attendance_sessions_page_params(); // Check that the required parameters are present. $id = required_param('sessid', PARAM_INT); $qrpass = optional_param('qrpass', '', PARAM_TEXT); $attforsession = $DB->get_record('attendance_sessions', array('id' => $id), '*', MUST_EXIST); $attconfig = get_config('attendance'); $attendance = $DB->get_record('attendance', array('id' => $attforsession->attendanceid), '*', MUST_EXIST); $cm = get_coursemodule_from_instance('attendance', $attendance->id, 0, false, MUST_EXIST); $course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST); // If the randomised code is on grab it. if ($attforsession->rotateqrcode == 1) { $cookiename = 'attendance_'.$attforsession->id; $secrethash = md5($USER->id.$attforsession->rotateqrcodesecret); $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); // Check if cookie is set and verify. if (isset($_COOKIE[$cookiename])) { // Check the token. if ($secrethash !== $_COOKIE[$cookiename]) { // Flag error. print_error('qr_cookie_error', 'mod_attendance', $url); } } else { // Check password. $sql = 'SELECT * FROM {attendance_rotate_passwords}'. ' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2'; $qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin]); $qrpassflag = false; foreach ($qrpassdatabase as $qrpasselement) { if ($qrpass == $qrpasselement->password) { $qrpassflag = true; } } if ($qrpassflag) { // Create and store the token. setcookie($cookiename, $secrethash, time() + (60 * 5), "/"); } else { // Flag error. print_error('qr_pass_wrong', 'mod_attendance', $url); } } } // Require the user is logged in. require_login($course, true, $cm); list($canmark, $reason) = attendance_can_student_mark($attforsession); if (!$canmark) { redirect(new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)), get_string($reason, 'attendance')); exit; } // Check if subnet is set and if the user is in the allowed range. if (!empty($attforsession->subnet) && !address_in_subnet(getremoteaddr(), $attforsession->subnet)) { $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); notice(get_string('subnetwrong', 'attendance'), $url); exit; // Notice calls this anyway. } $pageparams->sessionid = $id; $att = new mod_attendance_structure($attendance, $cm, $course, $PAGE->context, $pageparams); if (empty($attforsession->includeqrcode)) { $qrpass = ''; // Override qrpass if set, as it is not allowed. } // Check to see if autoassignstatus is in use and no password required. if ($attforsession->autoassignstatus && empty($attforsession->studentpassword)) { $statusid = attendance_session_get_highest_status($att, $attforsession); $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); if (empty($statusid)) { print_error('attendance_no_status', 'mod_attendance', $url); } $take = new stdClass(); $take->status = $statusid; $take->sessid = $attforsession->id; $success = $att->take_from_student($take); if ($success) { // Redirect back to the view page. redirect($url, get_string('studentmarked', 'attendance')); } else { print_error('attendance_already_submitted', 'mod_attendance', $url); } } if (!empty($qrpass) && !empty($attforsession->autoassignstatus)) { $fromform = new stdClass(); // Check if password required and if set correctly. if (!empty($attforsession->studentpassword) && $attforsession->studentpassword !== $qrpass) { $url = new moodle_url('/mod/attendance/attendance.php', array('sessid' => $id, 'sesskey' => sesskey())); redirect($url, get_string('incorrectpassword', 'mod_attendance'), null, \core\output\notification::NOTIFY_ERROR); } // Set the password and session id in the form, because they are saved in the attendance log. $fromform->studentpassword = $qrpass; $fromform->sessid = $attforsession->id; $fromform->status = attendance_session_get_highest_status($att, $attforsession); if (empty($fromform->status)) { $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); print_error('attendance_no_status', 'mod_attendance', $url); } if (!empty($fromform->status)) { $success = $att->take_from_student($fromform); $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); if ($success) { // Redirect back to the view page. redirect($url, get_string('studentmarked', 'attendance')); } else { print_error('attendance_already_submitted', 'mod_attendance', $url); } } } $PAGE->set_url($att->url_sessions()); // Create the form. if ($attforsession->rotateqrcode == 1) { $mform = new mod_attendance_student_attendance_form(null, array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession, 'attendance' => $att, 'password' => $attforsession->studentpassword)); } else { $mform = new mod_attendance_student_attendance_form(null, array('course' => $course, 'cm' => $cm, 'modcontext' => $PAGE->context, 'session' => $attforsession, 'attendance' => $att, 'password' => $qrpass)); } if ($mform->is_cancelled()) { // The user cancelled the form, so redirect them to the view page. $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); redirect($url); } else if ($fromform = $mform->get_data()) { // Check if password required and if set correctly. if (!empty($attforsession->studentpassword) && $attforsession->studentpassword !== $fromform->studentpassword) { $url = new moodle_url('/mod/attendance/attendance.php', array('sessid' => $id, 'sesskey' => sesskey())); redirect($url, get_string('incorrectpassword', 'mod_attendance'), null, \core\output\notification::NOTIFY_ERROR); } if ($attforsession->autoassignstatus) { $fromform->status = attendance_session_get_highest_status($att, $attforsession); if (empty($fromform->status)) { $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); print_error('attendance_no_status', 'mod_attendance', $url); } } if (!empty($fromform->status)) { $success = $att->take_from_student($fromform); $url = new moodle_url('/mod/attendance/view.php', array('id' => $cm->id)); if ($success) { // Redirect back to the view page. redirect($url, get_string('studentmarked', 'attendance')); } else { print_error('attendance_already_submitted', 'mod_attendance', $url); } } // The form did not validate correctly so we will set it to display the data they submitted. $mform->set_data($fromform); } $PAGE->set_title($course->shortname. ": ".$att->name); $PAGE->set_heading($course->fullname); $PAGE->set_cacheable(true); $PAGE->navbar->add($att->name); $output = $PAGE->get_renderer('mod_attendance'); echo $output->header(); $mform->display(); echo $output->footer();