diff --git a/db/StoredProcedures.sql b/db/StoredProcedures.sql
index 60b841fca0f7e5edc77a21575ffc392ba9af3838..fbad2b66e975641e89e534e6a262cd9a23bbf4df 100644
--- a/db/StoredProcedures.sql
+++ b/db/StoredProcedures.sql
@@ -5,7 +5,7 @@ DROP FUNCTION IF EXISTS ChangeModule//
DROP FUNCTION IF EXISTS ChangeModuleOrder//
DROP FUNCTION IF EXISTS ChangeSubmoduleControlType//
DROP FUNCTION IF EXISTS ChangeSubmoduleMaxRate//
-DROP PROCEDURE IF EXISTS GetGroupsForDiscipline//
+DROP PROCEDURE IF EXISTS GetGroupsForDiscipline //
DROP PROCEDURE IF EXISTS SearchStudentsNew//
DROP FUNCTION IF EXISTS CreateRequest//
DROP PROCEDURE IF EXISTS GetAccInfoByID//
@@ -1533,8 +1533,9 @@ END //
DROP PROCEDURE IF EXISTS GetStudentsByFaculty//
-CREATE PROCEDURE `GetStudentsByFaculty` ( IN `FacultyID` INT
- )
+CREATE PROCEDURE `GetStudentsByFaculty` ( IN `FacultyID` INT,
+ IN `GradeID` INT,
+ IN `GroupID` INT )
NO SQL
BEGIN
SELECT students.ID AS 'ID',
@@ -1548,10 +1549,12 @@ BEGIN
study_groups.GroupNum AS 'GroupNum',
grades.Degree AS 'Degree'
FROM `students`
- INNER JOIN `study_groups` ON study_groups.ID = students.StudyGroupID
- INNER JOIN `grades` ON study_groups.GradeID = grades.ID
- INNER JOIN `specializations` ON study_groups.SpecializationID = specializations.ID AND
- FacultyID = specializations.FacultyID
+ INNER JOIN `study_groups` ON study_groups.ID = students.StudyGroupID AND
+ (GroupID = students.StudyGroupID OR GroupID = 0)
+ INNER JOIN `grades` ON study_groups.GradeID = grades.ID AND
+ (GradeID = grades.ID OR GradeID = 0)
+ INNER JOIN `specializations` ON study_groups.SpecializationID = specializations.ID AND
+ FacultyID = specializations.FacultyID
ORDER BY students.LastName ASC,
students.FirstName ASC,
students.SecondName ASC;
@@ -2080,10 +2083,26 @@ BEGIN
DisciplineID = modules.DisciplineID
LEFT JOIN `rating_table` ON submodules.ID = rating_table.SubmoduleID AND
StudentID = rating_table.StudentID
- ORDER BY modules.OrderNum ASC,
+ ORDER BY OrderModuleTypesForSession(modules.Type) ASC,
submodules.OrderNum ASC;
END //
+DROP FUNCTION IF EXISTS OrderModuleTypesForSession//
+CREATE FUNCTION `OrderModuleTypesForSession` (`ModuleType` INT
+ ) RETURNS INT(3)
+ NO SQL
+BEGIN
+ DECLARE Res INT;
+ SET Res = 0;
+ IF ModuleType = 4 THEN SET Res = 1; # extra
+ ELSEIF ModuleType = 2 THEN SET Res = 2; # exam
+ ELSEIF ModuleType = 3 THEN SET Res = 3; # bonus
+ ELSE SET Res = 4; # regular
+ END IF;
+
+ RETURN Res;
+END //
+
DROP PROCEDURE IF EXISTS GetMapForDiscipline//
@@ -2148,7 +2167,7 @@ BEGIN
INNER JOIN `subjects` ON disciplines.SubjectID = subjects.ID
WHERE modules.DisciplineID = DisciplineID AND
(modules.Type = 4 OR modules.Type = 2)
- ORDER BY modules.OrderNum ASC,
+ ORDER BY OrderModuleTypesForSession(modules.Type) ASC,
submodules.OrderNum ASC;
END IF;
END //
@@ -3330,13 +3349,14 @@ CREATE FUNCTION `ChangeSubmoduleMaxAndControl` ( `TeacherID` INT,
) RETURNS int(11)
NO SQL
BEGIN
- DECLARE checker, disciplineID INT;
+ DECLARE checker, disciplineID, curMaxRate INT;
SET checker = -1;
SET disciplineID = -1;
SELECT submodules.ID,
- disciplines.ID
- INTO checker, disciplineID
+ disciplines.ID,
+ submodules.MaxRate
+ INTO checker, disciplineID, curMaxRate
FROM `submodules`
INNER JOIN `modules` ON submodules.ModuleID = modules.ID
INNER JOIN `disciplines` ON disciplines.ID = modules.DisciplineID
@@ -3345,7 +3365,8 @@ BEGIN
LIMIT 1;
IF checker <= 0 OR
disciplineID <= 0 OR
- InternalIsMapLocked(disciplineID) THEN
+ InternalIsMapLocked(disciplineID) OR
+ GetDisciplineMaxRate(disciplineID) - curMaxRate + MaxRate > 100 THEN
RETURN -1;
END IF;
@@ -4248,4 +4269,38 @@ BEGIN
LIMIT 1;
END //
+-- -1 - не сотрудник деканата и не преподаватель дисциплины
+-- 0 - только чтение
+-- 1 - редактирование
+DROP FUNCTION IF EXISTS GetEditRightsForTeacher//
+CREATE FUNCTION `GetEditRightsForTeacher` ( `TeacherID` INT,
+ `DisciplineID` INT
+ ) RETURNS int(11)
+ NO SQL
+BEGIN
+ DECLARE userRole INT;
+ DECLARE countDiscTeacher INT;
+
+ SELECT UserRoleID INTO userRole
+ FROM teachers
+ JOIN accounts ON teachers.AccountID=accounts.ID
+ WHERE teachers.ID=TeacherID;
+
+
+ SELECT COUNT(*) INTO countDiscTeacher
+ FROM disciplines_teachers
+ WHERE disciplines_teachers.DisciplineID=DisciplineID AND
+ disciplines_teachers.TeacherID=TeacherID;
+
+ if userRole=4 AND countDiscTeacher=0 THEN -- 4 - сотрудник деканата
+ RETURN 0;
+ END IF;
+
+ IF countDiscTeacher=0 THEN
+ return -1;
+ END IF;
+
+ RETURN 1;
+END //
+
DELIMITER ;
\ No newline at end of file
diff --git a/db/fix.sql b/db/fix.sql
index 062831a73442de5fa5990d767d314d52fb550ec9..1496acbfaff2e2a9a8bb74426a8bcc62c695b0bb 100644
--- a/db/fix.sql
+++ b/db/fix.sql
@@ -9,7 +9,7 @@ NO SQL
semesters.Num
FROM `semesters`
ORDER BY semesters.ID DESC;
- END
+ END //
DELIMITER ;
\ No newline at end of file
diff --git a/patches/patch_mpdf_1.diff b/patches/patch_mpdf_1.diff
new file mode 100644
index 0000000000000000000000000000000000000000..913caeac7cfb0f31608bc7f7e0a7ac78381c1daf
--- /dev/null
+++ b/patches/patch_mpdf_1.diff
@@ -0,0 +1,26 @@
+From 732263777a1a8cc5bcd97958ce6b8be40746d31b Mon Sep 17 00:00:00 2001
+From: RomanSteinberg <romanofficial@yandex.ru>
+Date: Thu, 25 Dec 2014 17:36:13 +0300
+Subject: [PATCH] FIX: mpdf; FIX: Select of subjects
+
+---
+ ~dev_rating/modules/mpdf/vendor/mpdf/mpdf.php | 3 +++
+ 1 files changed, 3 insertions(+), 0 deletions(-)
+
+diff --git a/~dev_rating/modules/mpdf/vendor/mpdf/mpdf.php b/~dev_rating/modules/mpdf/vendor/mpdf/mpdf.php
+index d8352fc..efc0536 100644
+--- a/~dev_rating/modules/mpdf/vendor/mpdf/mpdf.php
++++ b/~dev_rating/modules/mpdf/vendor/mpdf/mpdf.php
+@@ -17980,6 +17980,9 @@ function OpenTag($tag,$attr)
+ // mPDF 5.3.75
+ case 'TH':
+ case 'TD':
++ if (isset($attr['STYLE'])) {
++ $attr['STYLE'] = str_replace(" !important", "", $attr['STYLE']);
++ }
+ $this->ignorefollowingspaces = true;
+ $this->lastoptionaltag = $tag; // Save current HTML specified optional endtag
+ $this->tbCSSlvl++;
+--
+1.8.3.msysgit.0
+
diff --git a/patches/patch_mpdf_2.diff b/patches/patch_mpdf_2.diff
new file mode 100644
index 0000000000000000000000000000000000000000..e54a2308468a7d7714611885938620f9b0b97268
--- /dev/null
+++ b/patches/patch_mpdf_2.diff
@@ -0,0 +1,28 @@
+From 5ae0c50bc67130cda4c1efbeceecce9fa66fad10 Mon Sep 17 00:00:00 2001
+From: RomanSteinberg <romanofficial@yandex.ru>
+Date: Mon, 2 Mar 2015 17:04:18 +0300
+Subject: [PATCH] FIX: 100+ submodules rate sum in db; FIX: /e modifier in
+ preg_replace
+
+---
+ ~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php b/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
+index 9db003a..3e4b070 100644
+--- a/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
++++ b/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
+@@ -63,8 +63,8 @@ if(!function_exists('strcode2utf')){
+ function strcode2utf($str,$lo=true) {
+ //converts all the &#nnn; and &#xhhh; in a string to Unicode
+ if ($lo) { $lo = 1; } else { $lo = 0; }
+- $str = preg_replace('/\&\#([0-9]+)\;/me', "code2utf('\\1',{$lo})",$str);
+- $str = preg_replace('/\&\#x([0-9a-fA-F]+)\;/me', "codeHex2utf('\\1',{$lo})",$str);
++ $str = preg_replace('/\&\#([0-9]+)\;/m', "code2utf('\\1',{$lo})",$str);
++ $str = preg_replace('/\&\#x([0-9a-fA-F]+)\;/m', "codeHex2utf('\\1',{$lo})",$str);
+ return $str;
+ }
+ }
+--
+1.8.3.msysgit.0
+
diff --git a/~dev_rating/application/classes/Controller/Handler/AdmStudents.php b/~dev_rating/application/classes/Controller/Handler/AdmStudents.php
index aa7762d065da73f934e8f7d64d3bec4f6b83b437..f32b016afa9cdfdca7100bc5c201f30163298ae5 100644
--- a/~dev_rating/application/classes/Controller/Handler/AdmStudents.php
+++ b/~dev_rating/application/classes/Controller/Handler/AdmStudents.php
@@ -1,5 +1,13 @@
<?php defined('SYSPATH') or die('No direct script access.');
+class SortingOptions { //extends SplEnum {
+ //const __default = self::Name;
+
+ const Name = 0;
+ const Grade = 1;
+ const Group = 2;
+}
+
class Controller_Handler_AdmStudents extends Controller_Handler {
public function before() {
@@ -103,11 +111,39 @@ class Controller_Handler_AdmStudents extends Controller_Handler {
$this->response->body(json_encode($studyGroupsHandled));
}
}
-
+
+ public function action_getStudentsList($option = SortingOptions::Name)
+ {
+ $success = false;
+ $facultyID = $this->post->offsetGet('facultyID');
+ $gradeID = $this->post->offsetGet('gradeID');
+ $groupID = $this->post->offsetGet('groupID');
+
+ $this->post-> rule('FacultyID', 'not_empty')
+ -> rule('facultyID', 'digit')
+ -> rule('GradeID', 'not_empty')
+ -> rule('gradeID', 'digit')
+ -> rule('GroupID', 'not_empty')
+ -> rule('groupID', 'digit');
+ if($this->post->check()) {
+// $result = $this->commonModel->GetStudentsList($this->user['UserID'], $facultyID , $gradeID, $groupID);
+ $result = DataArray::factory('Students')->byFaculty($facultyID , $gradeID, $groupID)->asArray();
+ if (!empty($result)) {
+ $success = true;
+ }
+
+ }
+ //$this->response->body(json_encode($data));
+ $twig = Twig::factory('admin/students/handler/listOutput');
+ $twig->List = $result;
+ $twig->Success = $success;
+ $this->response->body($twig);
+ }
+
public function action_getStudentsByGrade()
{
$gradeID = $this->post->offsetGet('gradeID');
- if($groupID != 0)
+ if($gradeID != 0)
{
$twig = Twig::factory('admin/students/handler/listOutput');
$twig->List = DataArray::factory('Students')->byGrade($gradeID)->asArray();
diff --git a/~dev_rating/application/classes/Controller/Handler/Settings.php b/~dev_rating/application/classes/Controller/Handler/Settings.php
index 6fa77af8abb2d8626f32a85a3de21f8ef00dff3e..aa184f91ca8683453aee132fa6b37cc5cc53451c 100644
--- a/~dev_rating/application/classes/Controller/Handler/Settings.php
+++ b/~dev_rating/application/classes/Controller/Handler/Settings.php
@@ -100,7 +100,9 @@ class Controller_Handler_Settings extends Controller_Handler {
$this->post
->rule('semesterID', 'not_empty')
->rule('semesterID', 'digit');
- $semesterID = $this->post->offsetGet('semesterID');
- User::instance()->SetSemester($semesterID);
+ if($this->post->check()) {
+ $semesterID = $this->post->offsetGet('semesterID');
+ User::instance()->SetSemester($semesterID);
+ }
}
}
\ No newline at end of file
diff --git a/~dev_rating/application/classes/Controller/Teacher/Rating.php b/~dev_rating/application/classes/Controller/Teacher/Rating.php
index 630af019b4f8b6d85ed1bcc7e6d43cb9a4547ad5..29f107b7e33bb47f88b36e3146c4fa7e0fac6b61 100644
--- a/~dev_rating/application/classes/Controller/Teacher/Rating.php
+++ b/~dev_rating/application/classes/Controller/Teacher/Rating.php
@@ -1,6 +1,7 @@
<?php defined('SYSPATH') or die('No direct script access.');
class Controller_Teacher_Rating extends Controller_UserEnvi {
+ protected $model_rating;
public function before() {
Cookie::set('fD', 'true'); // Ставим кук fD, чтоб иметь возможность скачать отчет TODO
@@ -32,7 +33,7 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
}
// Шапка таблицы: структура УКД (модули и мероприятия)
- private function getStructure($id, $type)
+ private function getStructure($id, $type)
{
$teacherID = $this->UserInfo['TeacherID'];
if ($type == "rating") {
@@ -112,7 +113,7 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
return $out;
}
- private function getRatesForRatingPage($info)
+ private function getRatesForRatingPage($info)
{
$rates = array();
@@ -140,102 +141,114 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
return $rates;
}
- private function correctExtra(&$curStudent, $examType, $lastExtra, $nextExtra) {
+ private function correctExtra(&$curStudent, $examType, $lastExtraIndex, $firstEmptyExtraIndex, $totalExtraRate) {
$bottomLimit = 0;
- $max_extra_rate = 0;
+ $maxExtraRate = 0;
$topLimit = ($examType == 'exam') ? 38 : 60;
if ($curStudent['RateSemesterResult'] >= $bottomLimit &&
$curStudent['RateSemesterResult'] < $topLimit) // студент задолженик
{
- $max_extra_rate = $topLimit - $curStudent['RateSemesterResult'];
+ $maxExtraRate = $topLimit - $curStudent['RateSemesterResult'];
}
- if ($lastExtra >= 0) {
- $curStudent['Rates'][$lastExtra]['MaxRate'] = $max_extra_rate;
+ if ($lastExtraIndex >= 0) {
+ $curStudent['Rates'][$lastExtraIndex]['MaxRate'] = $maxExtraRate - $totalExtraRate
+ + $curStudent['Rates'][$lastExtraIndex]['Rate'];
}
- if ($nextExtra >= 0) {
- $curStudent['Rates'][$nextExtra]['MaxRate'] = $max_extra_rate;
- }
+ if ($firstEmptyExtraIndex >= 0) {
+ $curStudent['Rates'][$firstEmptyExtraIndex]['MaxRate'] = $maxExtraRate - $totalExtraRate;
+ }
}
private function getRatesForExamPage(&$curStudent, $rate, $examType, $disciplineID)
{
- $i_r = 0;
- $lastExam = $lastExtra = $lastNilExam = $lastNilExtra = -1;
+ $rowIndex = 0;
+ $lastExam = $lastExtraIndex = $lastNilExam = $firstEmptyExtra = -1;
+ $rateExtra = 0;
$curStudent['RateSemesterResult'] = 0;
- foreach($rate as $r) {
+ foreach($rate as $curRate) {
- if (($r['ModuleType'] == 'exam') or ($r['ModuleType'] == 'extra')) {
- $curStudent['Rates'][$i_r] = array();
- $curStudent['Rates'][$i_r]['SubmoduleID'] = $r['SubmoduleID'];
- $curStudent['Rates'][$i_r]['Rate'] = $r['Rate'];
- $curStudent['Rates'][$i_r]['ModuleType'] = $r['ModuleType'];
+ if (($curRate['ModuleType'] == 'exam') or ($curRate['ModuleType'] == 'extra')) {
+ $curStudent['Rates'][$rowIndex] = array();
+ $curStudent['Rates'][$rowIndex]['SubmoduleID'] = $curRate['SubmoduleID'];
+ $curStudent['Rates'][$rowIndex]['Rate'] = $curRate['Rate'];
+ $curStudent['Rates'][$rowIndex]['ModuleType'] = $curRate['ModuleType'];
}
- switch ($r['ModuleType'])
+ switch ($curRate['ModuleType'])
{
case 'regular':
- $curStudent['RateSemesterResult'] += $r['Rate'];
+ $curStudent['RateSemesterResult'] += $curRate['Rate'];
break;
case 'exam':
- if (!is_null($r['Rate'])) {
+ if (!is_null($curRate['Rate'])) {
if ($lastExam >= 0) {
$curStudent['Rates'][$lastExam]['Block'] = 'True';
}
- $lastExam = $i_r;
+ $lastExam = $rowIndex;
} else {
if ($lastNilExam < 0) {
- $lastNilExam = $i_r;
+ $lastNilExam = $rowIndex;
} else {
- $curStudent['Rates'][$i_r]['Block'] = 'True';
+ $curStudent['Rates'][$rowIndex]['Block'] = 'True';
}
}
break;
case 'bonus':
- $curStudent['Bonus'] = $r['Rate'];
+ $curStudent['Bonus'] = $curRate['Rate'];
break;
case 'extra':
- if (!is_null($r['Rate'])) {
- if ($lastExtra >= 0) {
- $curStudent['Rates'][$lastExtra]['Block'] = 'True';
+ if ($curRate['Rate']) {
+ if ($lastExtraIndex >= 0) {
+ $curStudent['Rates'][$lastExtraIndex]['Block'] = 'True';
}
- $lastExtra = $i_r;
- $curStudent['Rate'] += $r['Rate'];
+ $lastExtraIndex = $rowIndex;
+ $curStudent['Rate'] += $curRate['Rate'];
+ $rateExtra += $curRate['Rate'];
+ } else {
+ if ($firstEmptyExtra < 0) {
+ $firstEmptyExtra = $rowIndex;
} else {
- if ($lastNilExtra < 0) {
- $lastNilExtra = $i_r;
- } else {
- $curStudent['Rates'][$i_r]['Block'] = 'True';
- }
+ $curStudent['Rates'][$rowIndex]['Block'] = 'True';
}
- break;
+ }
+ break;
default:
throw HTTP_Exception::factory (500, "Некорректный тип модуля!");
}
- $i_r++;
+ $rowIndex++;
}
- $total = $this->model_rating->GetStudentRate($curStudent['ID'], $disciplineID);
- $total = $total[0]['Num'];
- if (is_null($total)) $total = 0;
+// $total = $this->model_rating->GetStudentRate($curStudent['ID'], $disciplineID);
+// $total = ($total[0])?$total[0]['Num']:0;
+// if ($total)
+// $total = 0;
+ $curStudent['RateResult'] = $curStudent['RateSemesterResult'] + $rateExtra;
if ($lastExam >= 0) {
$curStudent['RateResult'] += $curStudent['Rates'][$lastExam]['Rate'];
}
- $curStudent['RateResult'] = $total;
- $this->correctExtra($curStudent, $examType, $lastExtra, $lastNilExtra);
+ $this->correctExtra($curStudent, $examType, $lastExtraIndex, $firstEmptyExtra, $rateExtra);
}
+
+ protected function get_edit_rights_for_teacher($teacherID, $disciplineID) // $this->UserInfo['TeacherID']=id
+ {
+ $sql = "SELECT `GetEditRightsForTeacher`('$teacherID', '$disciplineID') AS `Num`;";//"CALL `GetEditRightsForTeacher`('$teacherID', '$disciplineID'); ";
+ $res = DB::query(Database::SELECT, $sql)->execute();
+ //$row = mysql_fetch_array($res);
+ return $res['Num'];
+ }
protected function stub_action($page_type) //$page_type: rating, exam
{
$twig = Twig::factory("teacher/".$page_type); //TODO: validate twig
- $id = $this->request->param('id');
- $disciplineInfo = $this->getDisciplineInformation($id);
- $structureHandled = $this->getStructure($id, $page_type);
+ $disciplineId = $this->request->param('id');
+ $disciplineInfo = $this->getDisciplineInformation($disciplineId);
+ $structureHandled = $this->getStructure($disciplineId, $page_type);
// Студенты и их баллы
- $students = $this->model_rating->GetStudentsForRating($this->UserInfo['TeacherID'], $id);
+ $students = $this->model_rating->GetStudentsForRating($this->UserInfo['TeacherID'], $disciplineId);
$rateHandled = array();
$groupsHandled = array();
$i_g = $i_s = $curGroup = 0;
@@ -256,7 +269,7 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
// Баллы студента
if ($page_type == "rating") {
- $rates_raw = $this->model_rating->getMapForStudent($row['ID'], $id);
+ $rates_raw = $this->model_rating->getMapForStudent($row['ID'], $disciplineId);
$rates = $this->getRatesForRatingPage($rates_raw);
$curStudent['RateResult'] = $rates['RateResult'];
unset($rates['RateResult']);
@@ -264,14 +277,20 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
$rateHandled[$i_g]['Students'][$i_s] = $curStudent;
} else {
- $rate = $this->model_rating->getMapForStudentExam($row['ID'], $id);
- $this->getRatesForExamPage($curStudent, $rate, $disciplineInfo['ExamType'], $id);
+ $rate = $this->model_rating->getMapForStudentExam($row['ID'], $disciplineId);
+ $this->getRatesForExamPage($curStudent, $rate, $disciplineInfo['ExamType'], $disciplineId);
$rateHandled[$i_g]['Students'][$i_s] = $curStudent;
}
$i_s++;
}
- // На вывод
+ $editRights=$this->get_edit_rights_for_teacher($this->UserInfo['TeacherID'], $disciplineInfo['ID']);
+ if($editRights == 1)
+ $twig->editRights=$editRights;
+ else
+ $twig->editRights=0;
+
+ // На вывод
$twig->User = $this->UserInfo;
$twig->headerRate = $structureHandled; // Шапка таблицы: структура УКД (модули и мероприятия)
$twig->rateTable = $rateHandled;
@@ -279,7 +298,6 @@ class Controller_Teacher_Rating extends Controller_UserEnvi {
$twig->disciplineInfo = $disciplineInfo;
$twig->disciplineInfo_JSON = json_encode($twig->disciplineInfo);
$this->response->body($twig);
-
}
diff --git a/~dev_rating/application/classes/DataArr/Students.php b/~dev_rating/application/classes/DataArr/Students.php
index 4d1d8e9669c2e29f77be37a9a895630fd33a042d..fae81e5447690c607939be37b9c053095997b29b 100644
--- a/~dev_rating/application/classes/DataArr/Students.php
+++ b/~dev_rating/application/classes/DataArr/Students.php
@@ -19,9 +19,9 @@ class DataArr_Students {
return new DataArray_Result($this->generateArray($students));
}
- public function byFaculty($facultyID)
+ public function byFaculty($facultyID, $gradeID, $groupID)
{
- $students = $this->model->getStudentsByFaculty($facultyID);
+ $students = $this->model->getStudentsByFaculty($facultyID, $gradeID, $groupID);
return new DataArray_Result($this->generateArray($students));
}
diff --git a/~dev_rating/application/classes/Model/Admin/Students.php b/~dev_rating/application/classes/Model/Admin/Students.php
index 03222f0317c848646a7b5b54395b2bbaba2d0cc7..e77fab402e3557a5b199ceee17a9b999a7db89ef 100644
--- a/~dev_rating/application/classes/Model/Admin/Students.php
+++ b/~dev_rating/application/classes/Model/Admin/Students.php
@@ -11,7 +11,8 @@ class Model_Admin_Students extends Model
public function getGradeID($gradeNum, $degree)
{
- $sql = "SELECT `GetGradeID`('$gradeNum', '$degree') AS `ID`; ";
+ $degree = Database::instance()->escape($degree);
+ $sql = "SELECT `GetGradeID`('$gradeNum', $degree) AS `ID`; ";
return DB::query(Database::SELECT, $sql)->execute()->get('ID');
}
diff --git a/~dev_rating/application/classes/Model/DataArr/Students.php b/~dev_rating/application/classes/Model/DataArr/Students.php
index 004887c8c1b0a2c8201cf3a1cc817f52595ca356..6ac6ed30e2d160b10bf2344e1778e0ec6249ac3d 100644
--- a/~dev_rating/application/classes/Model/DataArr/Students.php
+++ b/~dev_rating/application/classes/Model/DataArr/Students.php
@@ -8,9 +8,9 @@ class Model_DataArr_Students extends Model
return DB::query(Database::SELECT, $sql)->execute();
}
- public function getStudentsByFaculty($facultyID)
+ public function getStudentsByFaculty($facultyID, $gradeID, $groupID)
{
- $sql = "CALL `GetStudentsByFaculty`('$facultyID'); ";
+ $sql = "CALL `GetStudentsByFaculty`('$facultyID', '$gradeID', $groupID); ";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -41,7 +41,8 @@ class Model_DataArr_Students extends Model
public function SearchStudents($GradeID, $GroupID, $FacultyID, $Name, $DisciplineID)
{
- $sql = "CALL `SearchStudents`('$GradeID', '$GroupID', '$FacultyID', '$Name', '$DisciplineID'); ";
+ $Name = Database::instance()->escape($Name);
+ $sql = "CALL `SearchStudents`('$GradeID', '$GroupID', '$FacultyID', $Name, '$DisciplineID'); ";
return DB::query(Database::SELECT, $sql)->execute();
}
}
diff --git a/~dev_rating/application/classes/Model/DataArr/Teachers.php b/~dev_rating/application/classes/Model/DataArr/Teachers.php
index a449650a3a9c72606891702afb78bd1bfaf1fef8..866d15006c04eab232011e7b202415230eec3028 100644
--- a/~dev_rating/application/classes/Model/DataArr/Teachers.php
+++ b/~dev_rating/application/classes/Model/DataArr/Teachers.php
@@ -21,12 +21,20 @@ class Model_DataArr_Teachers extends Model
}
public function searchTeachers($FacultyID, $DepartmentID, $Last, $First, $Second) {
- $sql = "CALL `SearchTeachers`('$FacultyID', '$DepartmentID', '$Last', '$First', '$Second'); ";
+ $db = Database::instance();
+ $Last = $db->escape($Last);
+ $Second = $db->escape($Second);
+ $First = $db->escape($First);
+ $sql = "CALL `SearchTeachers`('$FacultyID', '$DepartmentID', $Last, $First, $Second); ";
return DB::query(Database::SELECT, $sql)->execute();
}
public function searchTeacherNew($FacultyID, $DepartmentID, $Last, $First, $Second, $DisciplineID) {
- $sql = "CALL `SearchTeacherNew`('$FacultyID', '$DepartmentID', '$Last', '$First', '$Second', '$DisciplineID'); ";
+ $db = Database::instance();
+ $Last = $db->escape($Last);
+ $Second = $db->escape($Second);
+ $First = $db->escape($First);
+ $sql = "CALL `SearchTeacherNew`('$FacultyID', '$DepartmentID', $Last, $First, $Second, '$DisciplineID'); ";
return DB::query(Database::SELECT, $sql)->execute();
}
diff --git a/~dev_rating/application/classes/Model/Student.php b/~dev_rating/application/classes/Model/Student.php
index 331dd6bb63872d1fc5cbe74741ff03d688215367..72c588e365b8e34d01047d1837228c9296b78fa2 100644
--- a/~dev_rating/application/classes/Model/Student.php
+++ b/~dev_rating/application/classes/Model/Student.php
@@ -26,7 +26,7 @@ class Model_Student extends Model
return DB::query(Database::SELECT, $sql)->execute();
}
- public function getSemesterInfo($id)
+ public function getSemesterInfo($id) // TODO: перенести в common.php
{
$sql = "CALL `GetSemesterInfo`('$id'); ";
return DB::query(Database::SELECT, $sql)->execute()->offsetGet(0);
diff --git a/~dev_rating/application/classes/Model/System.php b/~dev_rating/application/classes/Model/System.php
index 0ec6304bf4317f9dc43354a0b7f64075fe10b85a..4b43e4213ce3bd2d6f2a94c380af4075ea9454fe 100644
--- a/~dev_rating/application/classes/Model/System.php
+++ b/~dev_rating/application/classes/Model/System.php
@@ -4,7 +4,9 @@ class Model_System extends Model
{
public function getBitmaskForRoute($routeName)
{
- $sql = "SELECT `GetBitmaskByPagename`('$routeName') AS `Bitmask`; ";
+ $db = Database::instance();
+ $routeName = $db->escape($routeName);
+ $sql = "SELECT `GetBitmaskByPagename`($routeName) AS `Bitmask`; ";
return DB::query(Database::SELECT, $sql)->execute()->get('Bitmask');
}
}
diff --git a/~dev_rating/application/classes/Model/Teacher/Map.php b/~dev_rating/application/classes/Model/Teacher/Map.php
index 30790463b0f54975102f59eea697894cc089000e..efe4beaa5801ce984cc1f534b031433789466482 100644
--- a/~dev_rating/application/classes/Model/Teacher/Map.php
+++ b/~dev_rating/application/classes/Model/Teacher/Map.php
@@ -25,7 +25,9 @@ class Model_Teacher_Map extends Model
public function addModule($teacherID, $disciplineID, $title)
{
- $sql = "SELECT `AddModule`('$teacherID', '$disciplineID', '$title') AS `Num`;";
+ $db = Database::instance();
+ $title = $db->escape($title);
+ $sql = "SELECT `AddModule`('$teacherID', '$disciplineID', $title) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -43,7 +45,9 @@ class Model_Teacher_Map extends Model
public function changeModuleName($teacherID, $moduleID, $Name)
{
- $sql = "SELECT `ChangeModuleName`('$teacherID', '$moduleID', '$Name') AS `Num`;";
+ $db = Database::instance();
+ $Name = $db->escape($Name);
+ $sql = "SELECT `ChangeModuleName`('$teacherID', '$moduleID', $Name) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -61,7 +65,9 @@ class Model_Teacher_Map extends Model
public function changeSubmoduleName($teacherID, $submoduleID, $Name)
{
- $sql = "SELECT `ChangeSubmoduleName`('$teacherID', '$submoduleID', '$Name') AS `Num`;";
+ $db = Database::instance();
+ $Name = $db->escape($Name);
+ $sql = "SELECT `ChangeSubmoduleName`('$teacherID', '$submoduleID', $Name) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -83,7 +89,9 @@ class Model_Teacher_Map extends Model
public function changeSubmoduleMaxAndControl($teacherID, $SubmoduleID, $MaxRate, $ControlType)
{
- $sql = "SELECT `ChangeSubmoduleMaxAndControl`('$teacherID', '$SubmoduleID', '$MaxRate', '$ControlType') AS `Num`;";
+ $db = Database::instance();
+ $ControlType = $db->escape($ControlType);
+ $sql = "SELECT `ChangeSubmoduleMaxAndControl`('$teacherID', '$SubmoduleID', '$MaxRate', $ControlType) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -126,13 +134,17 @@ class Model_Teacher_Map extends Model
public function changeDisciplineControl($teacherID, $DisciplineID, $Control)
{
- $sql = "SELECT `ChangeDisciplineControl`('$teacherID', '$DisciplineID', '$Control') AS `Num`;";
+ $db = Database::instance();
+ $Control = $db->escape($Control);
+ $sql = "SELECT `ChangeDisciplineControl`('$teacherID', '$DisciplineID', $Control) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
public function changeDisciplineHours($teacherID, $DisciplineID, $Hours, $Type)
{
- $sql = "SELECT `ChangeDisciplineHours`('$teacherID', '$DisciplineID', '$Hours', '$Type') AS `Num`;";
+ $db = Database::instance();
+ $Type = $db->escape($Type);
+ $sql = "SELECT `ChangeDisciplineHours`('$teacherID', '$DisciplineID', '$Hours', $Type) AS `Num`;";
return DB::query(Database::SELECT, $sql)->execute();
}
@@ -191,8 +203,11 @@ class Model_Teacher_Map extends Model
// }
// deprecated (moved in helpers)
- public function searchTeachers($FacultyID, $DepartmentID, $Name, $DisciplineID) {
- $sql = "CALL `SearchTeachers`('$FacultyID', '$DepartmentID', '$Name', '$DisciplineID'); ";
+ public function searchTeachers($FacultyID, $DepartmentID, $Name, $DisciplineID)
+ {
+ $db = Database::instance();
+ $Name = $db->escape($Name);
+ $sql = "CALL `SearchTeachers`('$FacultyID', '$DepartmentID', $Name, '$DisciplineID'); ";
return DB::query(Database::SELECT, $sql)->execute();
}
diff --git a/~dev_rating/application/classes/Model/errMessages.php b/~dev_rating/application/classes/Model/errMessages.php
index 5ae82590bd648a655787cd82523399e79c922491..51d46d930484cada3481a6194640155cbe52c19a 100644
--- a/~dev_rating/application/classes/Model/errMessages.php
+++ b/~dev_rating/application/classes/Model/errMessages.php
@@ -11,7 +11,10 @@ class Model_errMessages extends Model
public function newRequest($accID, $title, $description)
{
- $sql = "SELECT `CreateRequest`('$accID', '$title', '$description') AS 'Num'; ";
+ $db = Database::instance();
+ $description = $db->escape($description);
+ $title = $db->escape($title);
+ $sql = "SELECT `CreateRequest`('$accID', $title, $description) AS 'Num'; ";
return DB::query(Database::SELECT, $sql)->execute();
}
diff --git a/~dev_rating/application/updates.txt b/~dev_rating/application/updates.txt
index 084b0e50ed4703cbd0e1f52cadbe145c4dce7523..a4f499b500f025a87e7a971bee2efd8a2bd2174b 100644
--- a/~dev_rating/application/updates.txt
+++ b/~dev_rating/application/updates.txt
@@ -1,5 +1,2 @@
-п»ї08.02.15
-Добавлено ведение дисциплин по семестрам
-Добавлена возможность указать неявку и экзамен автоматом (при 60 баллах)
-Рсправлен механизм РґРѕР±РѕСЂР° баллов
-Обновлен интерфейс
\ No newline at end of file
+п»ї05.03.15
+Устранена уязвимость в безопасности системы
\ No newline at end of file
diff --git a/~dev_rating/application/updates_log.txt b/~dev_rating/application/updates_log.txt
index 4ea557220a53fd7602d272b8ec31fdf40ea822a3..7b93e138eadda300cf1904c18c483c5b074bf82a 100644
--- a/~dev_rating/application/updates_log.txt
+++ b/~dev_rating/application/updates_log.txt
@@ -1,4 +1,7 @@
-п»ї08.02.15
+п»ї05.03.15
+Устранена уязвимость в безопасности системы
+
+08.02.15
Добавлено ведение дисциплин по семестрам
Добавлена возможность указать неявку и экзамен автоматом (при 60 баллах)
Рсправлен механизм РґРѕР±РѕСЂР° баллов
diff --git a/~dev_rating/application/views/admin/students/index.twig b/~dev_rating/application/views/admin/students/index.twig
index 4bee002066ea2e61afc846c513bd618d94739d41..225eeb1770d79f599577258d430c0ae110915b71 100644
--- a/~dev_rating/application/views/admin/students/index.twig
+++ b/~dev_rating/application/views/admin/students/index.twig
@@ -1,8 +1,9 @@
{% extends "admin/base" %}
{% block media %}
-{{ HTML.style('media/css/admin/searchBox.css')|raw }}
-{{ HTML.script('media/js/admin/students/index.js')|raw }}
+ {{ HTML.style('media/css/admin/searchBox.css')|raw }}
+ {{ HTML.script('media/js/admin/students/index.js')|raw }}
+ {{ HTML.script('media/js/common/Studentslist.js')|raw }}
{% endblock %}
{% block title %}Студенты{% endblock %}
@@ -10,6 +11,13 @@
{% block main_content %}
+ <div class="action_bar">
+ {{ admin.action(URL.site('admin/students/add'), URL.site('media/img/addUser.png'), 'Добавить нового студента', 'Добавить в систему '~System.Title~' нового студента. '~
+ 'Для него будет создан аккаунт и сгенерирован код активации.') }}
+ {{ admin.action(URL.site('admin/students/upload'), URL.site('media/img/uploadList.png'), 'Загрузить список студентов',
+ 'Загрузить в систему '~System.Title~' список студентов из заранее подготовленных csv-файлов. '~
+ 'Для каждого студента, загруженного данной утилитой, будет создан аккаунт и сгенерирован код активации.') }}
+ </div>
<div class='search'>
<div class='search_box'>
<div class='search_inputs'>
@@ -54,11 +62,5 @@
</div>
</div>
</div>
- <div class="action_bar">
- {{ admin.action(URL.site('admin/students/add'), URL.site('media/img/addUser.png'), 'Добавить нового студента', 'Добавить в систему '~System.Title~' нового студента. '~
- 'Для него будет создан аккаунт и сгенерирован код активации.') }}
- {{ admin.action(URL.site('admin/students/upload'), URL.site('media/img/uploadList.png'), 'Загрузить список студентов',
- 'Загрузить в систему '~System.Title~' список студентов из заранее подготовленных csv-файлов. '~
- 'Для каждого студента, загруженного данной утилитой, будет создан аккаунт и сгенерирован код активации.') }}
- </div>
+
{% endblock %}
\ No newline at end of file
diff --git a/~dev_rating/application/views/teacher/discipline/CreateDiscipline.twig b/~dev_rating/application/views/teacher/discipline/CreateDiscipline.twig
index a8698f80a430efbad2d038c6197d72fe85af2339..5685cdb86a10b71517958c4f196e2809ad19fe2e 100644
--- a/~dev_rating/application/views/teacher/discipline/CreateDiscipline.twig
+++ b/~dev_rating/application/views/teacher/discipline/CreateDiscipline.twig
@@ -81,8 +81,10 @@
<div class="itemBlock">
<div class="title">Бонусные баллы:</div>
<div class="field">
- <input name="BonusRate" class="BonusRate" type="checkbox">
- <label>Добавить ли бонусные баллы?</label>
+ <label>
+ <input name="BonusRate" class="BonusRate" type="checkbox">
+ Добавить ли бонусные баллы?
+ </label>
</div>
</div>
</div>
@@ -91,10 +93,10 @@
<div class="title">Форма контроля:</div>
<div class="field">
<div class="ExamTypeDiv">
- <input class="ExamType" name="ExamType" type="radio" value="exam"> Ркзамен
+ <label><input class="ExamType" name="ExamType" type="radio" value="exam"> Ркзамен</label>
</div>
<div class="ExamTypeDiv">
- <input class="ExamType" name="ExamType" type="radio" value="credit"> Зачет
+ <label><input class="ExamType" name="ExamType" type="radio" value="credit"> Зачет</label>
</div>
</div>
</div>
diff --git a/~dev_rating/application/views/teacher/discipline/EditSettings.twig b/~dev_rating/application/views/teacher/discipline/EditSettings.twig
index dc5ad2d2f4f14f7348f92be6a5df6bdc5ad97e44..fe00004b66c1f7931b57cccbb3b0d106367481f4 100644
--- a/~dev_rating/application/views/teacher/discipline/EditSettings.twig
+++ b/~dev_rating/application/views/teacher/discipline/EditSettings.twig
@@ -66,7 +66,9 @@
<div class="itemBlock">
<div class="title">Бонусные баллы:</div>
<div class="field">
- <input name="BonusRate" class="BonusRate" type="checkbox" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.isBonus == '1' %}checked{% endif %}> Добавить ли бонусные баллы?
+ <label>
+ <input name="BonusRate" class="BonusRate" type="checkbox" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.isBonus == '1' %}checked{% endif %}> Добавить ли бонусные баллы?
+ </label>
</div>
</div>
</div>
@@ -75,10 +77,14 @@
<div class="title">Форма контроля:</div>
<div class="field">
<div class="ExamTypeDiv">
- <input name="ExamType" class="ExamType" type="radio" value="exam" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.ExamType == 'exam' %}checked{% endif %}> Ркзамен
+ <label>
+ <input name="ExamType" class="ExamType" type="radio" value="exam" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.ExamType == 'exam' %}checked{% endif %}> Ркзамен
+ </label>
</div>
<div class="ExamTypeDiv">
- <input name="ExamType" class="ExamType" type="radio" value="credit" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.ExamType == 'credit' %}checked{% endif %}> Зачет
+ <label>
+ <input name="ExamType" class="ExamType" type="radio" value="credit" {% if Discipline.isLocked == 1 %}disabled{%endif%} {% if Discipline.ExamType == 'credit' %}checked{% endif %}> Зачет
+ </label>
</div>
</div>
</div>
diff --git a/~dev_rating/application/views/teacher/exam.twig b/~dev_rating/application/views/teacher/exam.twig
index d1205bd63af2b66d0194bfbb5ad1aca12230515b..ff1f2fb1a0f86017c5e6089fa12008d0d0c3a265 100644
--- a/~dev_rating/application/views/teacher/exam.twig
+++ b/~dev_rating/application/views/teacher/exam.twig
@@ -41,14 +41,18 @@
{% for i in 1..headerRate.ModulesCount %}
{% set colSpan = headerRate[i].SubmodulesCount %}
{% set rowSpan = 1 %}
- {% if headerRate[i].ModuleType == 'exam' %}{% set colSpan = 2*colSpan+1 %}{% endif %}
+ {% if headerRate[i].ModuleType == 'exam' %}
+ {% set colSpan = 2*colSpan + 1 %}
+ {% endif %}
{% if headerRate[i].ModuleType == 'extra' %}{% set rowSpan = 3 %}{% endif %}
<td class="subject" colspan="{{colSpan}}" rowspan="{{rowSpan}}">
{{ headerRate[i].ModuleTitle }}
</td>
{% endfor %}
-
<td class="subject" rowspan="3">Бонус</td>
+ {% if disciplineInfo.isBonus == false %}
+
+ {% endif %}
<td class="subject" rowspan="3">Ртог</td>
</tr>
@@ -61,7 +65,7 @@
{% for j in 1..headerRate[i].SubmodulesCount if headerRate[i].ModuleType != 'extra' %}
{% set col = col + 1 %}
{% set colSpan = colSpanGeneral %}
- {% if j == 1 %}{% set colSpan = colSpan+1 %}{% endif %}
+ {% if headerRate[i].ModuleType == 'exam' and j==1 %}{% set colSpan = colSpan+1 %}{% endif %}
<td class="subject col_{{ col }}" colspan="{{colSpan}}"> {{ headerRate[i][j].Title }} </td>
{% endfor %}
{% endfor %}
@@ -73,25 +77,22 @@
<td class="title">Макс. балл</td>
{% for i in 1..headerRate.ModulesCount %}
{% set columnsCount = columnsCount + headerRate[i].SubmodulesCount %}
- {% set examModule = false %}
- {% if headerRate[i].ModuleType == 'exam' %}{% set examModule = true %}{% endif %}
- {% for j in 1..headerRate[i].SubmodulesCount if headerRate[i].ModuleType != 'extra' %}
+ {% for j in 1..headerRate[i].SubmodulesCount %}
{% set col = col + 1 %}
- <td class="subject col_{{ col }}"> {# id="{{ headerRate[i][j].SubmoduleID }}"> #}
- {% if headerRate[i].ModuleType != 'extra' %}{{ headerRate[i][j].MaxRate }}{% endif %}
- {# <input type="hidden" class="MaxRate" value="{{ headerRate[i][j].MaxRate }}"> #}
- </td>
- {% if examModule %}
- {% set columnsCount = columnsCount + 1 %}
- <td class="subject col_absence_{{ col }}">
- Неявка
- </td>
-
- {% if j == 1 %}
+ {% if headerRate[i].ModuleType != 'extra' %}
+ <td class="subject col_{{ col }}"> {{ headerRate[i][j].MaxRate }} </td>
+ {% if headerRate[i].ModuleType == 'exam' %}
{% set columnsCount = columnsCount + 1 %}
- <td class="subject col_autopass_{{ col }}">
- Автомат
+ <td class="subject col_absence_{{ col }}">
+ Неявка
</td>
+
+ {% if j == 1 %}
+ {% set columnsCount = columnsCount + 1 %}
+ <td class="subject col_autopass_{{ col }}">
+ Автомат
+ </td>
+ {% endif %}
{% endif %}
{% endif %}
{% endfor %}
@@ -99,27 +100,27 @@
</tr>
<tr class="RatingTableSubmodulesInfo">
- <td class="info"/>
- <td class="info"/>
+ <td class="info"></td>
+ <td class="info"></td>
- {% set col = 0 %}
+ {% set col = 1 %}
{% for i in 1..headerRate.ModulesCount %}
{% set examModule = false %}
{% if headerRate[i].ModuleType == 'exam' %}{% set examModule = true %}{% endif %}
{% for j in 1..headerRate[i].SubmodulesCount %}
{% set col = col + 1 %}
- <td class="info col_{{ col }}" id="{{ headerRate[i][j].SubmoduleID }}"/>
+ <td class="info col_{{ col }}" id="{{ headerRate[i][j].SubmoduleID }}"></td>
{% if examModule %}
- <td class="info col_absence_{{ col }}" id="absence_{{ headerRate[i][j].SubmoduleID }}"/>
+ <td class="info col_absence_{{ col }}" id="absence_{{ headerRate[i][j].SubmoduleID }}"></td>
{% if j == 1 %}
- <td class="info col_autopass_{{ col }}" id="autopass_{{ headerRate[i][j].SubmoduleID }}"/>
+ <td class="info col_autopass_{{ col }}" id="autopass_{{ headerRate[i][j].SubmoduleID }}"></td>
{% endif %}
{% endif %}
{% endfor %}
{% endfor %}
- <td class="info"/>
- <td class="info"/>
+ <td class="info"></td>
+ <td class="info"></td>
</tr>
{% set row = 0 %}
@@ -133,7 +134,7 @@
{% for student in group.Students %}
{% set row = row + 1 %}
- {% set col = 0 %}
+ {% set col = 1 %}
<tr id="row_{{ row }}" class="group_{{ group.GroupID }}">
<td id="student_{{ student.ID }}" class="studentCell staticCell">{{ student.Last }} {{ student.First }}</td>
<td class="semesterRateResultCell staticCell">{{ student.RateSemesterResult }}</td>
@@ -183,8 +184,8 @@
{% endfor %}
- <td class="bonus staticCell">{{ student.Bonus }}</td>
- <td class="rateResultCell staticCell">{% if student.RateResult > 100 %} 100+ {% else %} {{ student.RateResult }} {% endif %}</td>
+ <td class="bonus staticCell" >{% if student.Bonus is null %}0{% else %}{{ student.Bonus }}{% endif %} </td>
+ <td class="rateResultCell staticCell">{% if student.RateResult + student.Bonus > 100 %} 100+ {% else %} {{ student.RateResult + student.Bonus }} {% endif %}</td>
</tr>
{% endfor %}
{% endfor %}
diff --git a/~dev_rating/media/js/admin/students/index.js b/~dev_rating/media/js/admin/students/index.js
index ddef79b9f9c5bb03e37634c38f9c60117a0780bc..416c335c63277fe3a6af6d6348380dab34299dbb 100644
--- a/~dev_rating/media/js/admin/students/index.js
+++ b/~dev_rating/media/js/admin/students/index.js
@@ -17,31 +17,36 @@ $(function()
// Выбор факультета
$('#facultySelect').change(function(){
+ getStudentsList();
if (($('#facultySelect option:selected').val()!= '0')) {
- $("#search_results").html('<div class="search_load"><img src="' + URLdir + 'media/img/load.gif"/></div>');
+ //$("#search_results").html('<div class="search_load"><img src="' + URLdir + 'media/img/load.gif"/></div>');
$('#gradeSelect').removeAttr('disabled');
- $('#studyGroupSelect').attr('disabled', 'disabled');
- $("#studyGroupSelect").html('<option value="0">--- Учебная группа ---</option>');
-
- $.post(URLdir + 'handler/admStudents/getStudentsByFaculty',
- {
- 'facultyID': $('#facultySelect option:selected').val()
- },
- function(data){
- $("#search_results").html(data);
- });
+
+ //$.post(URLdir + 'handler/admStudents/getStudentsByFaculty',
+ //$.post(URLdir + 'handler/AdmStudents/getStudentsList',
+ //{
+ // 'facultyID': $('#facultySelect option:selected').val(),
+ // 'gradeID': $('#gradeSelect option:selected').val(),
+ // 'groupID': $('#studyGroupSelect option:selected').val()
+ //},
+ //function(data){
+ // $("#search_results").replaceWith(GenerateInfoList(data))
+ //});
}
else
{
$('#gradeSelect').attr('disabled', 'disabled');
- $('#studyGroupSelect').attr('disabled', 'disabled');
}
+
+ $('#studyGroupSelect').attr('disabled', 'disabled');
+ $("#studyGroupSelect").html('<option value="0">--- Учебная группа ---</option>');
+
});
// Выбор курса
$('#gradeSelect').change(function(){
- $("#search_results").html('<div class="search_load">ВЇ \ _ (гѓ„) _ / ВЇ</div>');
+ getStudentsList();
$('#studyGroupSelect').attr('disabled', 'disabled');
$("#studyGroupSelect").html('<option value="0">--- Учебная группа ---</option>');
if (($('#gradeSelect option:selected').val()!= '0')) {
@@ -67,16 +72,19 @@ $(function()
});
// Выбор группы
- $('#studyGroupSelect').change(function(){
+ $('#studyGroupSelect').change(getStudentsList);
+
+ function getStudentsList()
+ {
$("#search_results").html('<div class="search_load"><img src="' + URLdir + 'media/img/load.gif"/></div>');
- if (($('#studyGroupSelect option:selected').val()!= '0')) {
- $.post(URLdir + 'handler/admStudents/getStudentsByStudyGroup',
- {
- 'studyGroupID': $('#studyGroupSelect option:selected').val()
- },
- function(data){
- $("#search_results").html(data);
- });
- }
- });
+ $.post(URLdir + 'handler/admStudents/getStudentsList',
+ {
+ 'facultyID': $('#facultySelect option:selected').val(),
+ 'gradeID': $('#gradeSelect option:selected').val(),
+ 'groupID': $('#studyGroupSelect option:selected').val()
+ },
+ function(data){
+ $("#search_results").html(data);
+ });
+ }
});
\ No newline at end of file
diff --git a/~dev_rating/media/js/discipline/EditStructure.js b/~dev_rating/media/js/discipline/EditStructure.js
index e8a785f815766a1601abba9f70b237b41278df78..82bb4373a991ac59f8aa57074bd3e56ee498a061 100644
--- a/~dev_rating/media/js/discipline/EditStructure.js
+++ b/~dev_rating/media/js/discipline/EditStructure.js
@@ -1,42 +1,47 @@
var $ = jQuery;
-$(function() {
+
+$(document).ready(function() {
+
var jSubmodulePrototype = $($.parseHTML(
- '<div class="submodule">\
- <div class="name">\
- <input type="text" class="inputName submoduleName" value="" placeholder="Наименование мероприятия">\
- </div>\
- <div class="currentControl"><input type="text" class="inputCredit inputCurrentControl" value="0"></div>\
- <div class="landmarkControl"><input type="text" class="inputCredit inputLandmarkControl" value="0"></div>\
- <div class="actions">\
- <div class="deleteSubmodule icon delete"></div>\
- <div class="downSubmodule icon down"></div>\
- <div class="upSubmodule icon up"></div>\
- </div>\
- </div>'
- ));
-
-var jModulePrototype = $($.parseHTML(
- '<div class="moduleGroup">\
- <div class="moduleHead">\
- <div class="name">\
- <input type="text" class="inputName moduleName" value="" placeholder="Наименование модуля">\
- </div>\
- <div class="currentControl">0</div>\
- <div class="landmarkControl">0</div>\
- <div class="actions">\
- <div class="deleteModule icon delete"></div>\
- <div class="downModule icon down"></div>\
- <div class="upModule icon up"></div>\
- </div>\
- </div>\
- <div class="submodules"></div>\
- <button class="addSubmodule">Добавить мероприятие</button>\
- </div>'
- ));
-
-var jConfirmPrototype = $($.parseHTML(
- '<div class="confirmDeleteDiv">Уверены? <span class="confirmDeleteModule">Да</span> <span class="cancel">Нет</span></div>'
- ));
+ '<div class="submodule">' +
+ ' <div class="name">' +
+ ' <input type="text" class="inputName submoduleName" value="" placeholder="Наименование мероприятия">' +
+ ' </div>' +
+ ' <div class="currentControl"><input type="text" class="inputCredit inputCurrentControl" value="0"></div>' +
+ ' <div class="landmarkControl"><input type="text" class="inputCredit inputLandmarkControl" value="0"></div>' +
+ ' <div class="actions">'+
+ ' <div class="deleteSubmodule icon delete"></div>' +
+ ' <div class="downSubmodule icon down"></div>' +
+ ' <div class="upSubmodule icon up"></div>' +
+ ' </div>' +
+ '</div>'
+));
+
+var jModulePrototype = $($.parseHTML(
+ '<div class="moduleGroup">' +
+ ' <div class="moduleHead">' +
+ ' <div class="name">' +
+ ' <input type="text" class="inputName moduleName" value="" placeholder="Наименование модуля">' +
+ ' </div>' +
+ ' <div class="currentControl">0</div>' +
+ ' <div class="landmarkControl">0</div>' +
+ ' <div class="actions">'+
+ ' <div class="deleteModule icon delete"></div>' +
+ ' <div class="downModule icon down"></div>' +
+ ' <div class="upModule icon up"></div>' +
+ ' </div>' +
+ ' </div>' +
+ ' <div class="submodules"></div>' +
+ ' <button class="addSubmodule">Добавить мероприятие</button>' +
+ '</div>'
+));
+
+var jConfirmPrototype = $($.parseHTML(
+ '<div class="confirmDeleteDiv">Уверены? ' +
+ ' <span class="confirmDeleteModule">Да</span> ' +
+ ' <span class="cancel">Нет</span>' +
+ '</div>'
+));
// Шаблон мероприятия
function ConstructSubmodule(){
@@ -52,7 +57,7 @@ var jConfirmPrototype = $($.parseHTML(
ret.children('div.submodules').append(ConstructSubmodule());
return ret;
- };
+ }
// Подсчет текущего контроля
function CountCurrentControl(jSubModulesDiv){
@@ -85,49 +90,46 @@ var jConfirmPrototype = $($.parseHTML(
function(data){
data = $.parseJSON(data);
if(data.success !== true)
- EventInspector_ShowMsg('Ошибка при изменении max балла', 'error');
+ EventInspector_ShowMsg('Ошибка при изменении макс. балла', 'error');
jThis.removeAttr('disabled');
}
);
}
-
+
// Установить новый max балл
function SetNewRateAndControl(jThis, oldMaxRate) {
// DIV с мероприятиями для данного модуля
- var jSubModulesDiv = jThis.parent().parent().parent();
+ var jSubmodulesDiv = jThis.parent().parent().parent();
// ID мероприятия
var ID = jThis.parent().parent().attr('id');
- var newMaxRate = 0;
- if (jThis.val().length > 0 )
- newMaxRate = parseInt(jThis.val());
-
+ var newValue = jThis.val();
+ var newMaxRate = (newValue.length > 0)? parseInt(newValue): 0;
+ var isExam = ($('div.ExamModule').length > 0);
+
// Ограничение 100 баллов
- var maxSumRate = 100;
- if ($('div.ExamModule').first().length > 0) maxSumRate = 60;
+ var maxSumRate = (isExam)? 60: 100;
+ var jModuleHeads = $('div.moduleHead');
var currentControl = 0;
- $('div.moduleHead').children('div.currentControl').each(function(){
+ jModuleHeads.children('div.currentControl').each(function(){
currentControl += parseInt($(this).text());
});
-
+
var landmarkControl = 0;
- $('div.moduleHead').children('div.landmarkControl').each(function(){
+ jModuleHeads.children('div.landmarkControl').each(function(){
landmarkControl += parseInt($(this).text());
});
-
- var subtract = 0;
- if (jThis.parent().attr('class').indexOf('landmarkControl') + 1 > 0)
- subtract = parseInt(jThis.parent().siblings('.currentControl').children().val());
- if (jThis.parent().attr('class').indexOf('currentControl') + 1 > 0)
- subtract = parseInt(jThis.parent().siblings('.landmarkControl').children().val());
-
+
+ // Макс. балл соседней ячейки
+ var subtract = parseInt(jThis.parent().siblings().children(".inputCredit").val());
+
if (currentControl + landmarkControl + newMaxRate - subtract - oldMaxRate > maxSumRate) {
if (newMaxRate == 0)
jThis.val('0');
else {
EventInspector_ShowMsg('Сумма баллов превышает максимум', 'error');
jThis.val(oldMaxRate);
- jThis.removeAttr('disabled')
+ jThis.removeAttr('disabled');
return 0;
}
}
@@ -135,7 +137,7 @@ var jConfirmPrototype = $($.parseHTML(
// Меняем max балл
if (newMaxRate != oldMaxRate) {
- controlType = 'CurrentControl'; // По-умолчанию
+ var controlType = 'CurrentControl'; // По-умолчанию
if ((jThis.parent().attr('class')).indexOf('landmarkControl') + 1 > 0)
controlType = 'LandmarkControl';
@@ -143,9 +145,9 @@ var jConfirmPrototype = $($.parseHTML(
ChangeSubModuleMaxAndControl(jThis, ID, newMaxRate, controlType);
// Счетчик баллов
- var rateIndicarot = currentControl + landmarkControl + newMaxRate - subtract - oldMaxRate;
- if ($('div.ExamModule').length > 0) rateIndicarot += 40;
- $('div.rateIndicatorDIV span.rateIndicator').html(rateIndicarot);
+ var rateIndicator = currentControl + landmarkControl + newMaxRate - subtract - oldMaxRate;
+ if (isExam) rateIndicator += 40;
+ $('div.rateIndicatorDIV span.rateIndicator').html(rateIndicator);
if (controlType == 'CurrentControl')
jThis.parent().parent().find('div.landmarkControl').children('input.inputLandmarkControl').val('0');
@@ -155,8 +157,8 @@ var jConfirmPrototype = $($.parseHTML(
} else jThis.removeAttr('disabled');
// Подсчет текущего и рубежного контроля после изменений
- CountCurrentControl(jSubModulesDiv);
- CountLandmarkControl(jSubModulesDiv);
+ CountCurrentControl(jSubmodulesDiv);
+ CountLandmarkControl(jSubmodulesDiv);
}
@@ -229,42 +231,44 @@ var jConfirmPrototype = $($.parseHTML(
}
//-------------------------------------------------------------------------------------------------------------------------------------------------
-
+
+ var jModuleList = $("div.moduleList");
+
// Переместить вверх МОДУЛЬ
- $(".moduleList").on('click', '.upModule', function(){
- var jCkickedModule = $(this).parent().parent().parent();
- var jModuleGroupDiv = jCkickedModule.prev('div.moduleGroup');
+ jModuleList.on('click', '.upModule', function(){
+ var jClickedModule = $(this).parent().parent().parent();
+ var jModuleGroupDiv = jClickedModule.prev('div.moduleGroup');
if (jModuleGroupDiv.length > 0) {
- SwapModuleOrder(jCkickedModule, jModuleGroupDiv);
+ SwapModuleOrder(jClickedModule, jModuleGroupDiv);
}
});
// Переместить вниз МОДУЛЬ
- $(".moduleList").on('click', '.downModule', function(){
- var jCkickedModule = $(this).parent().parent().parent();
- var jModuleGroupDiv = jCkickedModule.next('div.moduleGroup');
+ jModuleList.on('click', '.downModule', function(){
+ var jClickedModule = $(this).parent().parent().parent();
+ var jModuleGroupDiv = jClickedModule.next('div.moduleGroup');
if (jModuleGroupDiv.length > 0) {
- SwapModuleOrder(jModuleGroupDiv, jCkickedModule);
+ SwapModuleOrder(jModuleGroupDiv, jClickedModule);
}
});
// Переместить вверх мероприятие
- $(".moduleList").on('click', '.upSubmodule', function(){
- var jCkickedSubmodule = $(this).parent().parent();
- var jSubModule = jCkickedSubmodule.prev('div.submodule');
+ jModuleList.on('click', '.upSubmodule', function(){
+ var jClickedSubmodule = $(this).parent().parent();
+ var jSubModule = jClickedSubmodule.prev('div.submodule');
if (jSubModule.length > 0) {
- SwapSubmoduleOrder(jCkickedSubmodule, jSubModule);
+ SwapSubmoduleOrder(jClickedSubmodule, jSubModule);
}
});
// Переместить вниз мероприятие
- $(".moduleList").on('click', '.downSubmodule', function(){
- var jCkickedSubmodule = $(this).parent().parent();
- var jSubModule = jCkickedSubmodule.next('div.submodule');
+ jModuleList.on('click', '.downSubmodule', function(){
+ var jClickedSubmodule = $(this).parent().parent();
+ var jSubModule = jClickedSubmodule.next('div.submodule');
if (jSubModule.length > 0) {
- SwapSubmoduleOrder(jSubModule, jCkickedSubmodule);
+ SwapSubmoduleOrder(jSubModule, jClickedSubmodule);
}
});
@@ -308,7 +312,7 @@ var jConfirmPrototype = $($.parseHTML(
});
// Добавить мероприятие
- $('div.moduleList').on('click', 'button.addSubmodule', function(){
+ jModuleList.on('click', 'button.addSubmodule', function(){
var jThis = $(this);
$(this).attr("disabled", true);
var submoduleID = $(this).parent().attr('id');
@@ -336,14 +340,14 @@ var jConfirmPrototype = $($.parseHTML(
// Удалить модуль
- $('.moduleList').on('click', '.deleteModule', function(){
+ jModuleList.on('click', '.deleteModule', function(){
$(this).parent().css('display', 'none');
$(this).parent().parent().append(jConfirmPrototype.clone());
});
- // Подтверждение при удаление модуля
- $('.moduleList').on('click', '.confirmDeleteModule', function(){
+ // Подтверждение при удалении модуля
+ jModuleList.on('click', '.confirmDeleteModule', function(){
var jThis = $(this);
$.post(
g_URLdir + 'handler/map/DeleteModule',
@@ -391,7 +395,7 @@ var jConfirmPrototype = $($.parseHTML(
});
// Удалить мероприятие
- $('.moduleList').on('click', '.deleteSubmodule ', function(){
+ jModuleList.on('click', '.deleteSubmodule ', function(){
if ($(this).parent().parent().parent().children().size() <= 1) {
EventInspector_ShowMsg('Невозможно удалить единственное мероприятие в модуле.', 'error');
return;
@@ -400,8 +404,8 @@ var jConfirmPrototype = $($.parseHTML(
$(this).parent().parent().append('<div class="confirmDeleteDiv">Уверены? <span class="confirmDeleteSubmodule">Да</span> <span class="cancel">Нет</span></div>');
});
- // Подтверждение при удаление мероприятия
- $('.moduleList').on('click', '.confirmDeleteSubmodule ', function(){
+ // Подтверждение при удалении мероприятия
+ jModuleList.on('click', '.confirmDeleteSubmodule ', function(){
var jThis = $(this);
var jSubmodulesDiv = $(this).parent().parent().parent();
if (jSubmodulesDiv.children().size() <= 1) {
@@ -446,17 +450,17 @@ var jConfirmPrototype = $($.parseHTML(
});
// Отмена удаления модулей/мероприятий
- $('.moduleList').on('click', '.cancel ', function(){
+ jModuleList.on('click', '.cancel ', function(){
$(this).parent().parent().children('div.actions').css('display', 'block');
$(this).parent().remove();
});
// Поменять название модуля
var moduleName;
- $('div.moduleList').on('focusin', 'input.moduleName', function(){
+ jModuleList.on('focusin', 'input.moduleName', function(){
moduleName = $(this).val();
});
- $('div.moduleList').on('focusout', 'input.moduleName', function(){
+ jModuleList.on('focusout', 'input.moduleName', function(){
var jThis = $(this);
$(this).attr("disabled", true);
var newModuleName = $(this).val();
@@ -477,7 +481,7 @@ var jConfirmPrototype = $($.parseHTML(
);
} else jThis.removeAttr('disabled');
});
- $('.moduleList').on('keydown', '.moduleName', function(e){
+ jModuleList.on('keydown', '.moduleName', function(e){
if(e.keyCode==13){
$('.moduleName').trigger('focusout');
}
@@ -485,10 +489,10 @@ var jConfirmPrototype = $($.parseHTML(
// Поменять название мероприятие
var submoduleName;
- $('div.moduleList').on('focusin', 'input.submoduleName', function(){
+ jModuleList.on('focusin', 'input.submoduleName', function(){
submoduleName = $(this).val();
});
- $('div.moduleList').on('focusout', 'input.submoduleName', function(){
+ jModuleList.on('focusout', 'input.submoduleName', function(){
var jThis = $(this);
$(this).attr("disabled", true);
var newSubmoduleName = $(this).val();
@@ -509,7 +513,7 @@ var jConfirmPrototype = $($.parseHTML(
);
} else jThis.removeAttr('disabled');
});
- $('div.moduleList').on('keydown', 'input.jSubModuleName', function(e){
+ jModuleList.on('keydown', 'input.jSubModuleName', function(e){
if(e.keyCode==13){
$('.jSubModuleName').trigger('focusout');
}
@@ -518,29 +522,29 @@ var jConfirmPrototype = $($.parseHTML(
// При записи в input текущий контроль
// При фокусе
var oldMaxRate = 0;
- $('div.moduleList').on('focusin', 'input.inputCurrentControl', function(){
+ jModuleList.on('focusin', 'input.inputCurrentControl', function(){
oldMaxRate = $(this).val();
});
// При потери фокуса
- $('div.moduleList').on('focusout', 'input.inputCurrentControl', function(){
+ jModuleList.on('focusout', 'input.inputCurrentControl', function(){
$(this).attr("disabled", true);
SetNewRateAndControl($(this), oldMaxRate);
});
// При записи в input рубежный контроль
// При фокусе
- var oldMaxRate = 0;
- $('div.moduleList').on('focusin', 'input.inputLandmarkControl', function(){
+ //var oldMaxRate = 0;
+ jModuleList.on('focusin', 'input.inputLandmarkControl', function(){
oldMaxRate = $(this).val();
});
// При потере фокуса
- $('div.moduleList').on('focusout', 'input.inputLandmarkControl', function(){
+ jModuleList.on('focusout', 'input.inputLandmarkControl', function(){
$(this).attr("disabled", true);
SetNewRateAndControl($(this), oldMaxRate);
});
// В inputCredit (где баллы вводить) разрешаем вводить только цифры
- $("div.moduleList").on('keydown', 'input.inputCredit', function(event) {
+ jModuleList.on('keydown', 'input.inputCredit', function(event) {
KeyDownOnlyNumber(event);
});
diff --git a/~dev_rating/media/js/rating.js b/~dev_rating/media/js/rating.js
index 5d95c7dca8ebc63eb221f379fc16f904664d6673..6ad262cf72225577f1c33630b15c6d16ecc5ad32 100644
--- a/~dev_rating/media/js/rating.js
+++ b/~dev_rating/media/js/rating.js
@@ -134,17 +134,20 @@ $(function() {
function TdInfo(jThis) {
var disciplineType = json_settings.ExamType;
var disciplinePassRate = 60; // credit pass rate
- if (disciplineType == "exam")
+ if (disciplineType === "exam")
disciplinePassRate = 38;
// Получаем подмодуль
- g_submoduleID = parseInt($(".RatingTableSubmodulesInfo .col_"+g_col+":first").attr("id"));
- g_submoduleTitle = $(".RatingTableSubmodulesHead .col_"+g_col+":first").text();
- if ($(".RatingTableSubmodulesHead .col_"+g_col+":first").length < 1 && $(".RatingTableModulesHead .bonus").length > 0 )
+ var jCurSubmoduleInfo = $(".RatingTableSubmodulesInfo .col_"+g_col+":first");
+ var jCurSubmoduleHead = $(".RatingTableSubmodulesHead .col_"+g_col+":first");
+
+ g_submoduleID = parseInt(jCurSubmoduleInfo.attr("id"));
+ g_submoduleTitle = jCurSubmoduleHead.text();
+ if (jCurSubmoduleHead.length < 1 && $(".RatingTableModulesHead .bonus").length > 0 )
g_submoduleTitle = 'Бонусные баллы';
g_submoduleMaxRate = parseInt($(".RatingTableSubmodulesHeadMaxRate .col_"+g_col).text());
+ console.log(g_col);
- //console.log(g_col.toString() + " " + g_submoduleMaxRate.toString() + " " + g_submoduleID.toString());
// Проверяем допустимое значение (только для добора)
if (jThis.attr("class").indexOf("additionalCell") >= 0)
@@ -190,7 +193,7 @@ $(function() {
var rateResult = newRate;
// считаем баллы по строке
- if ($("#pageType").val() == "exam") //(jThis.attr("class").indexOf("attemptCell") >= 0)
+ if ($("#pageType").val() === "exam") //(jThis.attr("class").indexOf("attemptCell") >= 0)
{
// страница сессии
rateResult += parseInt(jThis.siblings(".semesterRateResultCell").text());
@@ -200,7 +203,7 @@ $(function() {
rateResult += parseInt($(this).children("input").val());
});
}
- else if ($("#pageType").val() == "rating")
+ else if ($("#pageType").val() === "rating")
{
// страница оценивания
jThis.siblings(".commonCell").each(function(){ // добавим сумму баллов в соседних ячейках
@@ -323,7 +326,7 @@ $(function() {
$(this).select();
});
- // При нажатие на элемент commonCell дочерный input получает фокус
+ // При нажатии на элемент commonCell дочерный input получает фокус
$(".commonCell ").click(function(){
$(this).children("input").focus();
} );
diff --git a/~dev_rating/media/less/common.css b/~dev_rating/media/less/common.css
index 83c90e589103d8d48c99737e8e12bc251210ae2f..53ab82e9e12efcb75cf26aeae6fca8fd44b9130b 100644
--- a/~dev_rating/media/less/common.css
+++ b/~dev_rating/media/less/common.css
@@ -174,6 +174,10 @@ h2.Blue {
h3 {
font-size: 1.2em;
}
+input[type="checkbox"] {
+ /*для разных браузеров нужно задать размер чекбокса*/
+ height: 13px;
+}
.clearFix {
clear: both;
}
diff --git a/~dev_rating/media/less/common.less b/~dev_rating/media/less/common.less
index cc7de50a26e631803630a0ec9169be824e89b9cb..23cc335cb5eba6980d39c0d02e9c7727c6d3743f 100644
--- a/~dev_rating/media/less/common.less
+++ b/~dev_rating/media/less/common.less
@@ -127,6 +127,10 @@ h3
font-size: 1.2em;
}
+input[type="checkbox"] { /*для разных браузеров нужно задать размер чекбокса*/
+ height: 13px;
+}
+
.clearFix
{
clear: both;
diff --git a/~dev_rating/media/less/teacher/rating.less b/~dev_rating/media/less/teacher/rating.less
index a3b9ec43c78c306da83ba85eaf22ce14127b69b7..cb82fb0fb9236a1aa2f08d6a105d8e947c60c6bf 100644
--- a/~dev_rating/media/less/teacher/rating.less
+++ b/~dev_rating/media/less/teacher/rating.less
@@ -140,13 +140,10 @@ td input {
outline: none
}
-
td input[disabled="disabled"] {
background: #fff;
}
-
-
div#tdInfo_wrap {
display: none;
position: fixed;
diff --git a/~dev_rating/modules/account/classes/Kohana/User.php b/~dev_rating/modules/account/classes/Kohana/User.php
index 4bbb05f51eca38a43705a6e4a1978e059961df6c..d4cfda8fdbf6e4a7abb05a36225ca99710d4b3c6 100644
--- a/~dev_rating/modules/account/classes/Kohana/User.php
+++ b/~dev_rating/modules/account/classes/Kohana/User.php
@@ -57,8 +57,9 @@ class Kohana_User implements ArrayAccess {
}
public function SetSemester($semesterID) {
- $this->_model->SetSemesterID($semesterID);
- $this->_session->set("SemesterID", $semesterID);
+ $res = $this->_model->SetSemesterID($semesterID);
+ if ($res >= 0)
+ $this->_session->set("SemesterID", "$semesterID");
}
diff --git a/~dev_rating/modules/account/classes/Model/Kohana/Account.php b/~dev_rating/modules/account/classes/Model/Kohana/Account.php
index a782516dce2cee5f089d01adff36d8b34d06f76f..61cbbc65a740acf7063d7d64d867d0b267d290d4 100644
--- a/~dev_rating/modules/account/classes/Model/Kohana/Account.php
+++ b/~dev_rating/modules/account/classes/Model/Kohana/Account.php
@@ -4,7 +4,8 @@ class Model_Kohana_Account extends Model
{
public function setHashKey($key)
{
- $sql = "SELECT `SetHashKey`('$key') AS `Key`;";
+ $key = Database::instance()->escape($key);
+ $sql = "SELECT `SetHashKey`($key) AS `Key`;";
$res = DB::query(Database::SELECT, $sql)->execute();
return $res->get('Key');
}
@@ -17,49 +18,82 @@ class Model_Kohana_Account extends Model
}
public function checkAuth($login, $password) {
- $sql = "SELECT `SignIn`('$login', '$password') AS `ID`;";
+ $db = Database::instance();
+ $login = $db->escape($login);
+ $password = $db->escape($password);
+ $sql = "SELECT `SignIn`($login, $password) AS `ID`;";
$res = DB::query(Database::SELECT, $sql)->execute();
return $res->get('ID');
}
public function ChangeTeacherInfo($id, $lastName, $firstName, $secondName, $degreeID, $departamentID)
{
- $sql = "SELECT `ChangeTeacherInfo`('$id', '$lastName', '$firstName', '$secondName', '$degreeID', '$departamentID') AS `UserID`;";
+ $db = Database::instance();
+ $lastName = $db->escape($lastName);
+ $secondName = $db->escape($secondName);
+ $firstName = $db->escape($firstName);
+ $sql = "SELECT `ChangeTeacherInfo`('$id', $lastName, $firstName, $secondName, '$degreeID', '$departamentID') AS `UserID`;";
$key = DB::query(Database::SELECT, $sql)->execute();
return $key->get('UserID');
}
public function createTeacher($lastName, $firstName, $secondName, $degreeID, $departamentID, $activationCode)
{
- $sql = "SELECT `CreateTeacher`('$lastName', '$firstName', '$secondName', '$degreeID', '$departamentID', '$activationCode') AS `UserID`;";
+ $db = Database::instance();
+ $lastName = $db->escape($lastName);
+ $secondName = $db->escape($secondName);
+ $firstName = $db->escape($firstName);
+ $activationCode = $db->escape($activationCode);
+ $sql = "SELECT `CreateTeacher`($lastName, $firstName, $secondName, '$degreeID', '$departamentID', $activationCode) AS `UserID`;";
$key = DB::query(Database::SELECT, $sql)->execute();
return $key->get('UserID');
}
public function createTeacherByDepName($lastName, $firstName, $secondName, $departamentName, $facultyID, $activationCode)
{
- $sql = "SELECT `CreateTeacherByDepName`('$lastName', '$firstName', '$secondName', '$departamentName', '$facultyID', '$activationCode') AS `UserID`;";
+ $db = Database::instance();
+ $lastName = $db->escape($lastName);
+ $secondName = $db->escape($secondName);
+ $firstName = $db->escape($firstName);
+ $activationCode = $db->escape($activationCode);
+ $departamentName = $db->escape($departamentName);
+ $sql = "SELECT `CreateTeacherByDepName`($lastName, $firstName, $secondName, $departamentName, '$facultyID', $activationCode) AS `UserID`;";
$key = DB::query(Database::SELECT, $sql)->execute();
return $key->get('UserID');
}
public function createStudent($lastName, $firstName, $secondName, $grade, $groupNum, $facultyID, $activationCode)
{
- $sql = "SELECT `CreateStudent`('$lastName', '$firstName', '$secondName', '$grade', '$groupNum', '$facultyID', '$activationCode') AS `UserID`;";
+ $db = Database::instance();
+ $lastName = $db->escape($lastName);
+ $secondName = $db->escape($secondName);
+ $firstName = $db->escape($firstName);
+ $activationCode = $db->escape($activationCode);
+ $sql = "SELECT `CreateStudent`($lastName, $firstName, $secondName, '$grade', '$groupNum', '$facultyID', $activationCode) AS `UserID`;";
$key = DB::query(Database::SELECT, $sql)->execute();
return $key->get('UserID');
}
public function createStudentEx($lastName, $firstName, $secondName, $gradeNum, $groupNum, $degree, $specialization, $facultyID, $activationCode)
{
- $sql = "SELECT `CreateStudentEx`('$lastName', '$firstName', '$secondName', '$gradeNum', '$groupNum', '$degree', '$specialization', '$facultyID', '$activationCode') AS `UserID`;";
+ $db = Database::instance();
+ $lastName = $db->escape($lastName);
+ $secondName = $db->escape($secondName);
+ $firstName = $db->escape($firstName);
+ $activationCode = $db->escape($activationCode);
+ $degree = $db->escape($degree);
+ $specialization = $db->escape($specialization);
+ $sql = "SELECT `CreateStudentEx`($lastName, $firstName, $secondName, '$gradeNum', '$groupNum', $degree, $specialization, '$facultyID', $activationCode) AS `UserID`;";
$key = DB::query(Database::SELECT, $sql)->execute();
return $key->get('UserID');
}
public function createSubject($name, $abbr, $facultyID)
{
- $sql = "SELECT `CreateSubject`('$facultyID', '$name', '$abbr') AS `Num`;";
+ $db = Database::instance();
+ $name = $db->escape($name);
+ $abbr = $db->escape($abbr);
+ $sql = "SELECT `CreateSubject`('$facultyID', $name, $abbr) AS `Num`;";
$response = DB::query(Database::SELECT, $sql)->execute();
return $response->get('Num');
}
@@ -80,42 +114,48 @@ class Model_Kohana_Account extends Model
public function changeMail($id, $mail)
{
- $sql = "SELECT `ChangeMail`('$id', '$mail') AS Num;";
+ $mail = Database::instance()->escape($mail);
+ $sql = "SELECT `ChangeMail`('$id', $mail) AS Num;";
$query = DB::query(Database::SELECT, $sql)->execute();
return $query->get('Num');
}
public function changeLogin($id, $login)
{
- $sql = "SELECT `ChangeLogin`('$id', '$login') AS Num;";
+ $login = Database::instance()->escape($login);
+ $sql = "SELECT `ChangeLogin`('$id', $login) AS Num;";
$query = DB::query(Database::SELECT, $sql)->execute();
return $query->get('Num');
}
public function changePassword($id, $password)
{
- $sql = "SELECT `ChangePassword`('$id', '$password') AS Num;";
+ $password = Database::instance()->escape($password);
+ $sql = "SELECT `ChangePassword`('$id', $password) AS Num;";
$query = DB::query(Database::SELECT, $sql)->execute();
return $query->get('Num');
}
public function getAccNumByLogin($login)
{
- $sql = "SELECT `GetAccCountByLogin`('$login') AS Num;";
+ $login = Database::instance()->escape($login);
+ $sql = "SELECT `GetAccCountByLogin`($login) AS Num;";
$res = DB::query(Database::SELECT, $sql)->execute();
return $res->get('Num');
}
public function getAccNumByMail($email)
{
- $sql = "SELECT `GetAccCountByMail`('$email') AS Num;";
+ $email = Database::instance()->escape($email);
+ $sql = "SELECT `GetAccCountByMail`($email) AS Num;";
$res = DB::query(Database::SELECT, $sql)->execute();
return $res->get('Num');
}
public function isActivationCodeValid($code)
{
- $sql = "SELECT `GetAccCountByCode`('$code') AS Num;";
+ $code = Database::instance()->escape($code);
+ $sql = "SELECT `GetAccCountByCode`($code) AS Num;";
$res = DB::query(Database::SELECT, $sql)->execute();
foreach ($res as $value) {
$count = $value['Num'];
@@ -125,35 +165,46 @@ class Model_Kohana_Account extends Model
public function createRecoveryToken($email, $token)
{
- $sql = "SELECT `CreateRecoveryToken`('$email', '$token') AS Num;";
+ $db = Database::instance();
+ $email = $db->escape($email);
+ $token = $db->escape($token);
+ $sql = "SELECT `CreateRecoveryToken`($email, $token) AS Num;";
$res = DB::query(Database::SELECT, $sql)->execute();
return $res->get('Num');
}
public function getRecoveryInfoByEMail($email)
{
- $sql = "CALL GetRecoveryInfoByEMail('$email');";
+ $email = Database::instance()->escape($email);
+ $sql = "CALL GetRecoveryInfoByEMail($email);";
$query = DB::query(Database::SELECT, $sql)->execute();
return $query;
}
public function getRecoveryInfoByToken($token)
{
- $sql = "CALL GetRecoveryInfoByToken('$token');";
+ $token = Database::instance()->escape($token);
+ $sql = "CALL GetRecoveryInfoByToken($token);";
$query = DB::query(Database::SELECT, $sql)->execute();
return $query;
}
public function useRecoveryToken($token)
{
- $sql = "SELECT `UseRecoveryToken`('$token') AS Num;";
+ $token = Database::instance()->escape($token);
+ $sql = "SELECT `UseRecoveryToken`($token) AS Num;";
$email = DB::query(Database::SELECT, $sql)->execute();
return $email->get('Num');
}
public function activateAccount($login, $password, $email, $code)
{
- $sql = "SELECT `ActivateAccount` ('$code', '$login', '$email', '$password') AS `Num`; ";
+ $db = Database::instance();
+ $login = $db->escape($login);
+ $password = $db->escape($password);
+ $email = $db->escape($email);
+ $code = $db->escape($code);
+ $sql = "SELECT `ActivateAccount` ($code, $login, $email, $password) AS `Num`; ";
$res = DB::query(Database::SELECT, $sql)->execute();
foreach ($res as $value) {
$id = $value['Num'];
@@ -175,6 +226,7 @@ class Model_Kohana_Account extends Model
{
$sql = "SELECT `SetSemesterID`('$semesterID') AS `Num`; ";
$res = DB::query(Database::SELECT, $sql)->execute();
+ $id = 0;
foreach ($res as $value) {
$id = $value['Num'];
}
diff --git a/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php b/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
index 9db003aae98911ee27b2c6d90c96d3067b71f76e..3e4b07026f5622bfd273bf92c1574ab8edab7a58 100644
--- a/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
+++ b/~dev_rating/modules/mpdf/vendor/mpdf/includes/functions.php
@@ -63,8 +63,8 @@ if(!function_exists('strcode2utf')){
function strcode2utf($str,$lo=true) {
//converts all the &#nnn; and &#xhhh; in a string to Unicode
if ($lo) { $lo = 1; } else { $lo = 0; }
- $str = preg_replace('/\&\#([0-9]+)\;/me', "code2utf('\\1',{$lo})",$str);
- $str = preg_replace('/\&\#x([0-9a-fA-F]+)\;/me', "codeHex2utf('\\1',{$lo})",$str);
+ $str = preg_replace('/\&\#([0-9]+)\;/m', "code2utf('\\1',{$lo})",$str);
+ $str = preg_replace('/\&\#x([0-9a-fA-F]+)\;/m', "codeHex2utf('\\1',{$lo})",$str);
return $str;
}
}