Webbserverprogrammering 1

Källkod

Följande filer och mappar finns under mappen webbserverprogrammering.
Mappar visas till vänster och filer till höger. Klicka på en fil eller mapp för att öppna nedan eller visa dess innehåll.

webbserverprogrammering/projects/quiz-extended/

26 filer

admin.php
confirm_account.php
create_account.php
create_quiz.php
css/
dbconnection.php
highscore.php
index.php
js/
logbook.php
login.php
mysql_create_table_options.php
mysql_create_table_questions.php
mysql_create_table_quizzes.php
mysql_create_table_results.php
mysql_create_table_submits.php
mysql_create_table_users.php
plan.php
planering.txt
profile.php
projektrapport.txt
quizzes.php
resources/
result.php
send_email.php
session_variable_array_check.php

admin.php

144 lines ASCII Windows (CRLF)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<?php

error_reporting(-1); // Report all type of errors
ini_set('display_errors'1); // Display all errors 
ini_set('output_buffering'0); // Do not buffer outputs, write directly

function dump($dump) {
 echo "<pre>";
 var_dump($dump);
 echo "</pre>";
}

session_start();
include "session_variable_array_check.php";

if (!$_SESSION['quizExtended']['loggedIn']) {
 header("Location:login.php");
}
if (!$_SESSION['quizExtended']['admin']) {
 header("Location:index.php");
}

include "dbconnection.php";

if (isset($_POST['deleteQuiz'])) {
 $deleteQuizId = (int) $_POST['deleteQuiz'];

 // delete specified quiz as well as questions and options of that quiz 

 $tables = ["quizext_quizzes""quizext_questions""quizext_options"];

 foreach ($tables as $tableName) {
  $sql "DELETE FROM {$tableName} WHERE quiz_id=?";
  $stmt $dbconn->prepare($sql);
  $stmt->execute([$deleteQuizId]);
 }
}
if (isset($_POST['deleteUser'])) {
 $deleteUserId = (int) $_POST['deleteUser'];

 // delete specified user

 $sql "DELETE FROM quizext_users WHERE user_id=?";
 $stmt $dbconn->prepare($sql);
 $stmt->execute([$deleteUserId]);
}

// select all quizzes for showing in table
$sql "SELECT * FROM quizext_quizzes";
$stmt $dbconn->prepare($sql);
$stmt->execute();
$quizzes $stmt->fetchAll(PDO::FETCH_ASSOC);

// select all users
$sql "SELECT user_id, displayname, username, user_level FROM quizext_users";
$stmt $dbconn->prepare($sql);
$stmt->execute();
$users $stmt->fetchAll(PDO::FETCH_ASSOC PDO::FETCH_UNIQUE);


?>

<!DOCTYPE html>
<html lang="sv">
<head>
 <title>Administration</title>
 <meta charset="utf-8">
 <link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
 <a href="index.php" id="logo">
  CuriousQuizzes
 </a>
 <h1>Administration</h1>

 <?php
 if (isset($quizId)) { ?>
  <h4>Successfully deleted quiz! (ID: <?= $quizId ?>)</h4><?php
 ?>

 <main class="wideMain">
  <table>
   <tr>
    <th>Quiz Name</th>
    <th>Creator</th>
    <th>Question count</th>
    <th>Link</th>
    <th>Delete</th>
   </tr>
   <?php
   foreach ($quizzes as $quizInfo) {?>
   <tr>
    <td><?= $quizInfo['quiz_name'?></td>
    <td><?php
     if (isset($users[$quizInfo['creator_user_id']])) {
      $userId $quizInfo['creator_user_id'];
      echo "<a class='user' href='profile.php?user={$userId}'>{$users[$userId]['displayname']}</a>";
     } else {
      echo "<span class='cursive'>deleted user</span>";
     }
     ?></td>
    <td><?= $quizInfo['nr_of_questions'?> questions</td>
    <td><a href="quizzes.php?q=<?= $quizInfo['quiz_id'?>">run quiz</a></td>
    <td class="centerCell">
     <form method="post" action="">
      <input type="hidden" name="deleteQuiz" value="<?= $quizInfo['quiz_id'?>">
      <input type="submit" name="deleteQuizSubmit" value="delete">
     </form>
    </td>
   </tr>
   <?php }
   if (count($quizzes) < 1) { ?>
    <td colspan="5">No quizzes to show</td><?php
   ?>
  </table>

  <table>
   <tr>
    <th>Display name</th>
    <th>Username</th>
    <th>User level</th>
    <th>Delete</th>
   </tr>
   <?php
   foreach ($users as $userId => $user) {?>
   <tr>
    <td><?= $user['displayname'?></td>
    <td><?= $user['username'?></td>
    <td><?= $user['user_level'?></td>
    <td class="centerCell">
     <form method="post" action="">
      <input type="hidden" name="deleteUser" value="<?= $userId ?>">
      <input type="submit" name="deleteUserSubmit" value="delete">
     </form>
    </td>
   </tr>
   <?php }
   if (count($quizzes) < 1) { ?>
    <td colspan="4">No quizzes to show</td><?php
   ?>
  </table>
 </main>
</body>
</html>