1
Homework 2
Testing Framework and Basic Security Controls
Overview:
This homework will demonstrate your knowledge of creating a testing framework and using that
framework to conduct some basic server and web application security controls.
Assignment:
Develop a testing framework with these phases as guidelines for your organization or an organization
you would like to work for in the future.
• Before development begins
• During definition and design
• During development
• During deployment
• Maintenance and operations
You will need to fill in the details for each phase by 1) describing what each phase encompasses and 2) 3
or more activities you will engage in for each phase. In addition, you will apply part of this framework in
the phase “During development” by engaging in three tests/security controls outlined below:
1. Fingerprint Web Server (OTG-INFO-002)
The following command was run from a sample website:
nc localhost 80
HEAD / HTTP/1.0
This output was received:
HTTP/1.1 200 OK
Date: Mon, 15 Jul 2019 01:40:42 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 10 Aug 2014 22:02:57 GMT
ETag: "2cf6-5004d99d98b8a"
Accept-Ranges: bytes
Content-Length: 11510
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Connection: close
Content-Type: text/html
Perform online research about the discovered software vendor and release. Report upon documented
vulnerabilities with the release.
Report upon how you would mitigate any documented vulnerabilities
2
2. Review webpage comments and metadata for information leakage (OTG-INFO-005). Manually
review the sample HTML/PHP application provided in the zip file attached in this project.
Based upon online research, what are three or more categories of information that would be considered
unacceptable information leakage?
After unzipping the file, you will need to review each file possible leakage of sensitive information.
Summarize upon what you have discovered, your method of discovery and what recommendations you
have for mitigating the issues.
3. Test HTTP Methods (OTG-CONFIG-006) – See which HTTP methods are available on the sample
website.
The following command was run from a sample website:
nc localhost 80
OPTIONS / HTTP/1.1
This output was received:
HTTP/1.1 200 OK
Date: Mon, 15 Jul 2019 01:46:37 GMT
Server: Apache/2.4.7 (Ubuntu)
Allow: GET,HEAD,POST,OPTIONS,TRACE
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 0
Connection: close
Content-Type: text/html
What HTTP methods are enabled and disabled on this site? Which methods potentially pose a security
risk for a web application. Describe how these pose a risk.
Deliverables:
You should submit your source testing framework document along with the results testing the three
security controls listed above.
Your document should be well-organized, well-written using paragraph style, incl ...
POL 110 – Student NotesCOURSE DESCRIPTIONThis course serve.docx
1 Homework 2 Testing Framework and Basic Security Cont
1. 1
Homework 2
Testing Framework and Basic Security Controls
Overview:
This homework will demonstrate your knowledge of creating a
testing framework and using that
framework to conduct some basic server and web application
security controls.
Assignment:
Develop a testing framework with these phases as guidelines for
your organization or an organization
you would like to work for in the future.
• Before development begins
• During definition and design
• During development
• During deployment
• Maintenance and operations
You will need to fill in the details for each phase by 1)
describing what each phase encompasses and 2) 3
2. or more activities you will engage in for each phase. In
addition, you will apply part of this framework in
the phase “During development” by engaging in three
tests/security controls outlined below:
1. Fingerprint Web Server (OTG-INFO-002)
The following command was run from a sample website:
nc localhost 80
HEAD / HTTP/1.0
This output was received:
HTTP/1.1 200 OK
Date: Mon, 15 Jul 2019 01:40:42 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 10 Aug 2014 22:02:57 GMT
ETag: "2cf6-5004d99d98b8a"
Accept-Ranges: bytes
Content-Length: 11510
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
3. Connection: close
Content-Type: text/html
Perform online research about the discovered software vendor
and release. Report upon documented
vulnerabilities with the release.
Report upon how you would mitigate any documented
vulnerabilities
2
2. Review webpage comments and metadata for information
leakage (OTG-INFO-005). Manually
review the sample HTML/PHP application provided in the zip
file attached in this project.
Based upon online research, what are three or more categories
of information that would be considered
unacceptable information leakage?
After unzipping the file, you will need to review each file
possible leakage of sensitive information.
Summarize upon what you have discovered, your method of
discovery and what recommendations you
have for mitigating the issues.
4. 3. Test HTTP Methods (OTG-CONFIG-006) – See which HTTP
methods are available on the sample
website.
The following command was run from a sample website:
nc localhost 80
OPTIONS / HTTP/1.1
This output was received:
HTTP/1.1 200 OK
Date: Mon, 15 Jul 2019 01:46:37 GMT
Server: Apache/2.4.7 (Ubuntu)
Allow: GET,HEAD,POST,OPTIONS,TRACE
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 0
Connection: close
Content-Type: text/html
What HTTP methods are enabled and disabled on this site?
Which methods potentially pose a security
risk for a web application. Describe how these pose a risk.
5. Deliverables:
You should submit your source testing framework document
along with the results testing the three
security controls listed above.
Your document should be well-organized, well-written using
paragraph style, includes page numbers,
includes all references used and contains minimal spelling and
grammar errors.
Demo/authcheck.php
getTychoname())==0)
{
// Show the login form again.
include('index.html');
?>
Login Error
Sorry, the username and email do not match any current
account.
Try again, or create an account using the link above.
Demo/Cancelit.php
6. Thank you! The tutoring session has been cancelled.";
echo "
Return to search
";
// Retrieve the session information
$myschedule=getGroupSchedule($sid);
$messageshort = $myschedule->getThedate() . "," .
$myschedule->getDay() . "," . $myschedule->getTimestart() . "-
" . $myschedule->getTimeend();
$subject = "Tutor Session Cancelled:
$messageshort";
$message="The following tutoring session was
cancelled by $theuser: $messageshort " .
getLocation($myschedule->getF2f())
. "," . getGroupCourses($myschedule-
>getGroupname()) . " for " . $myschedule->getSname();
// Determine who the tutor of this session was as this
is who will receive the email:
$tutor = getTutor($sid);
$student=getStudentbyID($theuser);
$temail = $tutor->getEmail();
$semail = $student->getEmail();
// Send email to Tutor
// Removed email functionality for this demo
}
else
{
echo "Based on the user response, the tutoring session
was not cancelled.
9. echo "You can only cancel sessions you created
";
}
}
else
{
echo "Someone might be trying to hack the system";
}
}
Demo/createStudent.php
0 )
{
echo "
";
echo "Are you sure you want to cancel this
session?$dtext
";
echo "
";
echo "";
echo "
Warning! Form Entry Errors Exist.
";
echo "Please revise based on the following issues and
10. submit again.
";
echo "
";
foreach ($messages as $m)
{
echo " $m
";
}
echo "";
echo "
";
echo "";
echo "
";
echo "
";
}
// Assign post values if exist
$firstname="";
$lastname="";
$wsname="";
$email="";
if (isset($_POST["firstname"]))
$firstname=check_input($_POST["firstname"]);
if (isset($_POST["lastname"]))
$lastname=check_input($_POST["lastname"]);
12. {
echo "A student account with that WenTycho
username already exists.
";
echo "Please login using $wsname
";
}
}
}
?>
Demo/Deleteit.php
getThedate() . "," . $myschedule->getDay() . "," . $myschedule-
>getTimestart() . "-" . $myschedule->getTimeend();
$subject = "Tutor Session Deleted: $messageshort";
$message="The following tutoring session was
deleted by $theuser: $messageshort " .
getLocation($myschedule->getF2f())
. "," . getGroupCourses($myschedule-
>getGroupname()) . " for " . $myschedule->getSname();
// Determine who the tutor of this session was as this
is who will receive the email:
// Need to gather student data to send email
$tutor = getTutor($sid);
$temail=$tutor->getEmail();
13. // Double check to see if a student has already been
scheduled
$exists = checkReservation($sid);
if($exists > 0)
{
// Get student email to send note of cancellation
$mysched = getJoinStudent($sid);
$semail = $mysched->getEmail();
$messages=$message . "
Please visit the tutor site to select another available session.";
// Delete the student schedule
$rowsdeleted=cancelSession($sid);
// Send email to Tutor and student about cancellation
// removed for this app
}
// Send copy of cancellations to director
$semail = "[email protected]";
// Delete the session
$rowsdeleted=deleteSession($sid);
// Echo successful response
echo "Thank you! The tutoring session has been
Deleted.
";
echo "
Show all of my sessions
";
14. // Send email to Tutor
// removed email functionality
}
else
{
echo "Based on the user response, the tutoring session
was not deleted.
";
echo "
Show all of my sessions
";
}
}
?>
Demo/DeleteSession.php
getTname() == $_SESSION['wsuser'])
{
$dtext= getGroupCourses($schedule->getGroup()) .
"," . $schedule->getThedate() . "," . $schedule->getDay() . "," .
$schedule->getTStart() . "-" . $schedule-
>getTend() ;
echo " ";
16. ";
}
else
{
echo "You can only cancel sessions you own.
";
}
}
else
{
echo "Someone might be trying to hack the system";
}
}
Demo/Images/Thumbs.db
Demo/Images/umuc_logo.jpg
Demo/Includes/Dbconnect.php
<?php
// Location of the DBParms class
require_once('Includes/DBObjects.php');
function connectdb() {
// Get the DBParameters
18. $vals = array();
foreach($trimmed as $line)
{
$pairs = explode("=",$line);
$key[] = $pairs[0];
$vals[] = $pairs[1];
}
// Combine Key and values into an array
$mypairs = array_combine($key,$vals);
// Assign values to ParametersClass
$myDbparms = new
DbparmsClass($mypairs['username'],$mypairs['password'],
$mypairs['host'],$mypairs['db']);
// Display the Paramters values
return $myDbparms;
}
19. ?>
Demo/Includes/DBObjects.php
<?php
// Class to construct Database parameters with
getters/setter
class DBparmsClass
{
// property declaration
private $username="";
private $password="";
private $host="";
private $db="";
// Constructor
public function
__construct($myusername,$mypassword,$myhost,$mydb)
20. {
$this->username = $myusername;
$this->password = $mypassword;
$this->host = $myhost;
$this->db = $mydb;
}
// Get methods
public function getUsername ()
{
return $this->username;
}
public function getPassword ()
{
return $this->password;
}
public function getHost ()
{
21. return $this->host;
}
public function getDb ()
{
return $this->db;
}
// Set methods
public function setUsername ($myusername)
{
$this->username = $myusername;
}
public function setPassword ($mypassword)
{
$this->password = $mypassword;
}
public function setHost ($myhost)
{
22. $this->host = $myhost;
}
public function setDb ($mydb)
{
$this->db = $mydb;
}
} // End DBparms class
?>
Demo/Includes/FormObjects.php
<?php
// Class to construct Students with getters/setter
class StudentClass
{
// property declaration
private $firstname="";
23. private $lastname="";
private $email="";
private $tychoname="";
// Constructor
public function
__construct($firstname,$lastname,$email,$tychoname)
{
$this->firstname = $firstname;
$this->lastname = $lastname;
$this->email = $email;
$this->tychoname = $tychoname;
}
// Get methods
public function getFirstname ()
{
return $this->firstname;
}
24. public function getLastname ()
{
return $this->lastname;
}
public function getEmail ()
{
return $this->email;
}
public function getTychoname ()
{
return $this->tychoname;
}
// Set methods
public function setFirstname ($value)
{
$this->firstname = $value;
25. }
public function setLastname ($value)
{
$this->lastname = $value;
}
public function setEmail ($value)
{
$this->email = $value;
}
public function setTychoname ($value)
{
$this->tychoname = $value;
}
} // End Studentclass
// Class to construct Tutor Join view with getters/setter
class TutorJoinClass
27. // Get methods
public function getSid ()
{
return $this->sid;
}
public function getFirstname ()
{
return $this->firstname;
}
public function getLastname ()
{
return $this->lastname;
}
public function getEmail ()
{
return $this->email;
}
28. public function getTychoname ()
{
return $this->tychoname;
}
// Set methods
public function setSid ($value)
{
$this->sid = $value;
}
public function setFirstname ($value)
{
$this->firstname = $value;
}
public function setLastname ($value)
{
$this->lastname = $value;
}
29. public function setEmail ($value)
{
$this->email = $value;
}
public function setTychoname ($value)
{
$this->tychoname = $value;
}
} // End TutorJoinclass
// Class to construct ScheduleJoin data with getters/setter
class ScheduleJoinClass
{
// property declaration
private $scheduleid="";
private $thedate="";
private $day="";
31. // Get methods
public function getScheduleid ()
{
return $this->scheduleid;
}
public function getThedate ()
{
return $this->thedate;
}
public function getDay ()
{
return $this->day;
}
public function getTimestart ()
{
return $this->timestart;
}
32. public function getTimeend ()
{
return $this->timeend;
}
public function getGroupname ()
{
return $this->groupname;
}
public function getF2f ()
{
return $this->f2f;
}
public function getSname ()
{
return $this->sname;
}
// Set methods
33. public function setScheduleid ($value)
{
$this->scheduleid = $value;
}
public function setThedate ($value)
{
$this->thedate = $value;
}
public function setDay ($value)
{
$this->day = $value;
}
public function setTimestart ($value)
{
$this->timestart = $value;
}
public function setTimeend ($value)
{
34. $this->timeend = $value;
}
public function setGroupname ($value)
{
$this->groupname = $value;
}
public function setF2f ($value)
{
$this->f2f = $value;
}
public function setSname ($value)
{
$this->sname = $value;
}
} // End ScheduleJoinClass
// Class to construct Students with getters/setter
36. }
// Get methods
public function getFirstname ()
{
return $this->firstname;
}
public function getLastname ()
{
return $this->lastname;
}
public function getEmail ()
{
return $this->email;
}
public function getTychoname ()
{
return $this->tychoname;
37. }
public function getF2f ()
{
return $this->f2f;
}
// Set methods
public function setFirstname ($value)
{
$this->firstname = $value;
}
public function setLastname ($value)
{
$this->lastname = $value;
}
public function setEmail ($value)
{
$this->email = $value;
38. }
public function setTychoname ($value)
{
$this->tychoname = $value;
}
public function setF2f ($value)
{
$this->f2f = $value;
}
} // End Tutorclass
// Class to construct Tutor Schedule View with getters/setter
class TutorViewClass
{
// property declaration
private $id = "";
private $thedate = "";
41. }
public function getThedate ()
{
return $this->thedate;
}
public function getDay ()
{
return $this->day;
}
public function getTstart ()
{
return $this->tstart;
}
public function getTend ()
{
return $this->tend;
}
public function getF2f ()
42. {
return $this->f2f;
}
public function getSname ()
{
return $this->sname;
}
public function getTname ()
{
return $this->tname;
}
public function getHelp ()
{
return $this->help;
}
public function getCourse ()
{
return $this->course;
43. }
public function getFirstname ()
{
return $this->firstname;
}
public function getLastname ()
{
return $this->lastname;
}
public function getEmail ()
{
return $this->email;
}
// Set methods
public function setID ($value)
{
$this->id = $value;
44. }
public function setThedate ($value)
{
$this->thedate = $value;
}
public function setDay ($value)
{
$this->day = $value;
}
public function setTstart ($value)
{
$this->tstart = $value;
}
public function setTend ($value)
{
$this->tend = $value;
}
public function setF2f ($value)
45. {
$this->f2f = $value;
}
public function setSname ($value)
{
$this->sname = $value;
}
public function setTname ($value)
{
$this->tname = $value;
}
public function setHelp ($value)
{
$this->help = $value;
}
public function setCourse ($value)
{
$this->course = $value;
46. }
public function setFirstname ($value)
{
$this->firstname = $value;
}
public function setLastname ($value)
{
$this->lastname = $value;
}
public function setEmail ($value)
{
$this->email = $value;
}
} // End TutorViewclass
// Class to construct Tutor Cancel View with getters/setter
class TutorCancelClass
48. $this->thedate = $thedate;
$this->day = $day;
$this->tstart = $tstart;
$this->tend = $tend;
$this->group = $group;
$this->f2f = $f2f;
$this->sname = $sname;
$this->tname = $tname;
}
// Get methods
public function getID ()
{
return $this->id;
}
public function getThedate ()
{
return $this->thedate;
49. }
public function getDay ()
{
return $this->day;
}
public function getTstart ()
{
return $this->tstart;
}
public function getTend ()
{
return $this->tend;
}
public function getGroup ()
{
return $this->group;
}
public function getF2f ()
50. {
return $this->f2f;
}
public function getSname ()
{
return $this->sname;
}
public function getTname ()
{
return $this->tname;
}
// Set methods
public function setID ($value)
{
$this->id = $value;
}
51. public function setThedate ($value)
{
$this->thedate = $value;
}
public function setDay ($value)
{
$this->day = $value;
}
public function setTstart ($value)
{
$this->tstart = $value;
}
public function setTend ($value)
{
$this->tend = $value;
}
public function setGroup ($value)
{
52. $this->group = $value;
}
public function setF2f ($value)
{
$this->f2f = $value;
}
public function setSname ($value)
{
$this->sname = $value;
}
public function setTname ($value)
{
$this->tname = $value;
}
} // End TutorCancelclass
55. $this->email = $email;
}
// Get methods
public function getID ()
{
return $this->id;
}
public function getThedate ()
{
return $this->thedate;
}
public function getDay ()
{
return $this->day;
}
public function getTstart ()
{
56. return $this->tstart;
}
public function getTend ()
{
return $this->tend;
}
public function getF2f ()
{
return $this->f2f;
}
public function getTname ()
{
return $this->tname;
}
public function getHelp ()
{
return $this->help;
}
57. public function getCourse ()
{
return $this->course;
}
public function getRegisterdate ()
{
return $this->registerdate;
}
public function getFirstname ()
{
return $this->firstname;
}
public function getLastname ()
{
return $this->lastname;
}
public function getEmail ()
{
58. return $this->email;
}
// Set methods
public function setID ($value)
{
$this->id = $value;
}
public function setThedate ($value)
{
$this->thedate = $value;
}
public function setDay ($value)
{
$this->day = $value;
}
public function setTstart ($value)
{
59. $this->tstart = $value;
}
public function setTend ($value)
{
$this->tend = $value;
}
public function setF2f ($value)
{
$this->f2f = $value;
}
public function setTname ($value)
{
$this->tname = $value;
}
public function setHelp ($value)
{
$this->help = $value;
}
60. public function setCourse ($value)
{
$this->course = $value;
}
public function setRegisterdate ($value)
{
$this->course = $registerdate;
}
public function setFirstname ($value)
{
$this->firstname = $value;
}
public function setLastname ($value)
{
$this->lastname = $value;
}
public function setEmail ($value)
{
61. $this->email = $value;
}
} // End StudentViewclass
// Class to construct StudentSchedule Class with getters/setter
class StudentScheduleClass
{
// property declaration
private $id = "";
private $tycho = "";
private $help = "";
private $course = "";
private $register = "";
// Constructor
public function
__construct($id,$tycho,$help,$course,$register)
{
62. $this->id = $id;
$this->tycho = $tycho;
$this->help = $help;
$this->course = $course;
$this->register = $register;
}
// Get methods
public function getID ()
{
return $this->id;
}
public function getTycho ()
{
return $this->tycho;
}
public function getHelp ()
{
63. return $this->help;
}
public function getCourse ()
{
return $this->course;
}
public function getRegister ()
{
return $this->register;
}
// Set methods
public function setID ($value)
{
$this->id = $value;
}
public function setTycho ($value)
{
64. $this->tycho = $value;
}
public function setHelp ($value)
{
$this->help = $value;
}
public function setCourse ($value)
{
$this->course = $value;
}
public function setRegister ($value)
{
$this->register = $value;
}
} // End StudentScheduleclass
65. // Class to construct StudentJoin Class with getters/setter
class StudentJoinClass
{
// property declaration
private $id = "";
private $tycho = "";
private $help = "";
private $course = "";
private $register = "";
private $email = "";
// Constructor
public function
__construct($id,$tycho,$help,$course,$register,$email)
{
$this->id = $id;
$this->tycho = $tycho;
$this->help = $help;
66. $this->course = $course;
$this->register = $register;
$this->email = $email;
}
// Get methods
public function getID ()
{
return $this->id;
}
public function getTycho ()
{
return $this->tycho;
}
public function getHelp ()
{
return $this->help;
}
67. public function getCourse ()
{
return $this->course;
}
public function getRegister ()
{
return $this->register;
}
public function getEmail ()
{
return $this->email;
}
// Set methods
public function setID ($value)
{
$this->id = $value;
}
68. public function setTycho ($value)
{
$this->tycho = $value;
}
public function setHelp ($value)
{
$this->help = $value;
}
public function setCourse ($value)
{
$this->course = $value;
}
public function setRegister ($value)
{
$this->register = $value;
}
public function setEmail ($value)
{
71. {
return $this->smtpport;
}
public function getsmtpauth ()
{
return $this->smtpauth;
}
public function getsmtpuser ()
{
return $this->smtpuser;
}
public function getsmtppass ()
{
return $this->smtppass;
}
public function getsmtpfrom ()
{
return $this->smtpfrom;
72. }
// Set methods
public function setsmtphost ($smtphost)
{
$this->smtphost = $smtphost;
}
public function setsmtpport ($smtpport)
{
$this->smtpport = $smtpport;
}
public function setsmtpauth ($smtpauth)
{
$this->smtpauth = $smtpauth;
}
public function setsmtpuser ($smtpuser)
{
$this->smtpuser = $smtpuser;
73. }
public function setsmtppass ($smtppass)
{
$this->smtppass = $smtppass;
}
public function setsmtpfrom ($smtpfrom)
{
$this->smtpfrom = $smtpfrom;
}
} // End Emailparms class
?>
Demo/Includes/Header.php
<?php
// This provides the header displayed on all Pages
?>
<DIV>
<table id="myheader">
74. <tbody>
<tr>
<td><img src="Images/umuc_logo.jpg" alt="UMUC
logo"/></td>
<td>CS Tutor</td>
</tr>
</tbody>
</table>
</DIV>
<?php
?>
Demo/Includes/SQLFunctions.php
<?php
// Include the required DBConnection information
require_once('Includes/Dbconnect.php');
// Include the Faculty999Class definition
require_once('Includes/FormObjects.php');
75. function getStudent($tname,$em)
{
// Init values to ""
$firstname="";
$lastname="";
$email="";
$tychoname="";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT firstName, lastName, eMail,
tychoName from Students
where tychoName='$tname' and eMail='$em'";
76. if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$firstname=$row["firstName"];
$lastname = $row["lastName"];
$email=$row["eMail"];
$tychoname = $row["tychoName"];
}
$myStudent = new
StudentClass($firstname,$lastname,$email,$tychoname);
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
77. return $myStudent;
}
function countStudent ($student)
{
// Connect to the database
$mysqli = connectdb();
$firstname = $student->getFirstname();
$lastname = $student->getLastname();
$wsname = $student->getTychoname();
$email = $student->getEmail();
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
78. $Myquery = "SELECT count(*) as count from Students
where tychoName='$wsname'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$count=$row["count"];
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
79. return $count;
}
function insertStudent ($student)
{
// Connect to the database
$mysqli = connectdb();
$firstname = $student->getFirstname();
$lastname = $student->getLastname();
$wsname = $student->getTychoname();
$email = $student->getEmail();
// Now we can insert
$Query = "INSERT INTO Students
81. // Need to get the group for this course
$groupname = getGroupname($area,$num);
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT
scheduleID,thedate,day,timeStart,timeEnd,groupName,f2f,sNam
e
from GroupSchedules where
(thedate between CURDATE() and
DATE_ADD(CURDATE(), INTERVAL 14 DAY)
and f2f='$f2f'
and GroupName='$groupname')
and scheduleID NOT IN (select scheduleID from
StudentSchedules)";
if ($result = $mysqli->query($Myquery))
{
82. /* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$scheduleid=$row["scheduleID"];
$thedate = $row["thedate"];
$day=$row["day"];
$timestart = $row["timeStart"];
$timeend = $row["timeEnd"];
$groupname = $row["groupName"];
$f2f = $row["f2f"];
$sname = $row["sName"];
$mySchedule[] = new
ScheduleJoinClass($scheduleid,$thedate,$day,$timestart,$timee
nd,$groupname,$f2f,$sname);
}
/* Destroy the result set and free the memory used for it
*/
84. // Changed to CourseGroups2
$Myquery = "SELECT courseDisc,courseNum from
CourseGroups where groupname='$groupname'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$coursedisc=$row["courseDisc"];
$coursenum = $row["courseNum"];
$mycourses = $mycourses . $coursedisc .
$coursenum . "<br>";
}
/* Destroy the result set and free the memory used for it
*/
86. // For Windows MYSQL String is case insensitive
$Myquery = "SELECT
courseDisc,courseNum,courseTitle from Courses";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$coursedisc=$row["courseDisc"];
$coursenum = $row["courseNum"];
$coursetitle = $row["courseTitle"];
$mycourses[] = $coursedisc . $coursenum . "-" .
$coursetitle;
}
/* Destroy the result set and free the memory used for it
88. // For Windows MYSQL String is case insensitive
$Myquery = "SELECT groupName from CourseGroups
where courseDisc='$area' and courseNum='$num'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$groupname = $row["groupName"];
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
89. return $groupname;
}
function getSchedulebyID($id)
{
$mySchedule = "";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT
scheduleID,thedate,day,timeStart,timeEnd,groupName,f2f,s Nam
e
from GroupSchedules where
scheduleID = '$id'";
90. if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$scheduleid=$row["scheduleID"];
$thedate = $row["thedate"];
$day=$row["day"];
$timestart = $row["timeStart"];
$timeend = $row["timeEnd"];
$groupname = $row["groupName"];
$f2f = $row["f2f"];
$sname = $row["sName"];
$mySchedule = new
ScheduleJoinClass($scheduleid,$thedate,$day,$timestart,$timee
nd,$groupname,$f2f,$sname);
}
91. /* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $mySchedule;
}
function getTutorbyID($id)
{
$mytutor = "";
// Connect to the database
$mysqli = connectdb();
92. // Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT
firstName,lastName,eMail,tychoName,f2f from Tutors
where tychoName =
(select tychoName from TutorSchedules where
scheduleID = '$id')";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$firstname=$row["firstName"];
$lastname = $row["lastName"];
$email=$row["eMail"];
$tychoname = $row["tychoName"];
$f2f = $row["f2f"];
$mytutor = new
94. $email="";
$tychoname="";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT firstName, lastName, eMail,
tychoName from Students
where tychoName='$tname'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$firstname=$row["firstName"];
$lastname = $row["lastName"];
95. $email=$row["eMail"];
$tychoname = $row["tychoName"];
}
$myStudent = new
StudentClass($firstname,$lastname,$email,$tychoname);
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $myStudent;
}
// Method to see if the session has already been taken
function checkReservation($id)
96. {
$mycount = 0;
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT count(*) thecount
from StudentSchedules where
scheduleID = '$id'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$mycount = $row["thecount"];
97. }
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $mycount;
}
// Method to see if the session has already been taken
function getJoinStudent($id)
{
$myjoin = "";
98. // Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "select scheduleID, a.tychoName,
helpDescription, courseInfo, RegisterDate , email
from StudentSchedules a, Students b
where a.tychoName = b.tychoName
and scheduleID = $id";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$sid = $row["scheduleID"];
$tychoname = $row["tychoName"];
$help = $row["helpDescription"];
99. $course = $row["courseInfo"];
$rdate = $row["RegisterDate"];
$email = $row["email"];
}
$myjoin = new StudentJoinClass
($sid,$tychoname,$help,$course,$rdate,$email);
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $myjoin;
}
function reserveSession ($id,$tname,$course,$help,$today)
100. {
// Check that $help is less than 255 characters.
$helplen = strlen($help);
if ($helplen >255)
{
$help=substr($help,0,254);
}
// Connect to the database
$mysqli = connectdb();
// Remove potential user entered quotes and such so we
can save in the database
$help = $mysqli->real_escape_string($help);
// Now we can insert
$Query = "INSERT INTO StudentSchedules
VALUES ('$id', '$tname', '$help',
'$course','$today')";
101. $Success=false;
if ($result = $mysqli->query($Query)) {
$Success=true;
}
$mysqli->close();
return $Success;
}
function findTutor($tname,$pass)
{
// Init count to 0
$count=0;
// Connect to the database
$mysqli = connectdb();
102. // Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "SELECT count(*) cnt from TutorDetails
where tychoName='$tname' and password='$pass'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$count=$row["cnt"];
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
103. return $count;
}
// Retrieves tutors schedule between today and the next 14
days
function getTutorSchedule($tychoname)
{
$mySchedule = array();
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "Select scheduleID from GroupSchedules
104. where scheduleID IN (select scheduleID from
StudentSchedules)
and scheduleID IN (select scheduleID from
TutorSchedules where tychoName = '$tychoname')
and thedate between CURDATE() and
DATE_ADD(CURDATE(), INTERVAL 14 DAY)";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$mySchedule[]=$row["scheduleID"];
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
105. $mysqli->close();
return $mySchedule;
}
// Retrieves tutors schedule for a specific id
function getTutorSchedulebyID($id)
{
$mySchedule = array();
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "Select a.scheduleID, thedate, day,
timeStart, timeEnd,
106. groupName, f2f, sName,tychoName from
TutorSchedules a, GroupSchedules b
where a.scheduleID = $id
and a.scheduleID=b.scheduleID";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$thedate = $row["thedate"];
$day = $row["day"];
$tstart = $row["timeStart"];
$tend = $row["timeEnd"];
$group = $row["groupName"];
$f2f = $row["f2f"];
$sname = $row["sName"];
$tname = $row["tychoName"];
108. function getTutorview($id)
{
$mySchedule = "";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "Select a.scheduleID, thedate,day,
timeStart,timeEnd,f2f,sName, b.tychoName,
helpDescription, courseInfo, RegisterDate,
firstName, lastName, eMail
from GroupSchedules a, StudentSchedules b,
Students c
where a.scheduleID = b.scheduleID
and b.tychoName = c.tychoName
and a.scheduleID = '$id'
order by thedate,timeStart";
110. $firstname = $row["firstName"];
$lastname = $row["lastName"];
$email = $row["eMail"];
// Make this an Object
$mySchedule = new
TutorViewClass($id,$thedate,$day,$tstart,$tend,$f2f,
$sname,$tname,$help,$course,$firstname,$lastname,$email);
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $mySchedule;
111. }
// Retrieves tutors schedule between today and the next 14
days
function getStudentview($tycho)
{
$mySchedule = array();
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "select
a.scheduleID,thedate,day,timeStart,timeEnd,a.tychoName,b.f2f,
helpDescription,courseInfo,RegisterDate,d.firstName,d.lastNam
e,d.eMail
from StudentSchedules a, GroupSchedules b,
TutorSchedules c, Tutors d
where a.tychoName = '$tycho'
112. and a.scheduleID = b.scheduleID
and a.scheduleID = c.scheduleID
and c.tychoName = d.tychoName
order by thedate,timeStart";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$thedate = $row["thedate"];
$day = $row["day"];
$tstart = $row["timeStart"];
$tend = $row["timeEnd"];
$tname = $row["tychoName"];
$f2f = $row["f2f"];
113. $help = $row["helpDescription"];
$course = $row["courseInfo"];
$registerdate = $row["RegisterDate"];
$firstname = $row["firstName"];
$lastname = $row["lastName"];
$email = $row["eMail"];
// Make this an Object
$mySchedule[] = new
StudentViewClass($id,$thedate,$day,$tstart,$tend,$tname,$f2f,
$help,$course,$registerdate,$firstname,$lastname,$email);
}
/* Destroy the result set and free the memory used for i t
*/
$result->close();
}
$mysqli->close();
114. return $mySchedule;
}
function getStudentSchedule($id)
{
$mySchedule = "";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "select
a.scheduleID,thedate,day,timeStart,timeEnd,a.tychoName,b.f2f,
helpDescription,courseInfo,RegisterDate,d.firstName,d.lastNam
e,d.eMail
from StudentSchedules a, GroupSchedules b,
TutorSchedules c, Tutors d
115. where a.scheduleID = b.scheduleID
and a.scheduleID = c.scheduleID
and c.tychoName = d.tychoName
and a.scheduleID=$id
order by thedate,timeStart";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$thedate = $row["thedate"];
$day = $row["day"];
$tstart = $row["timeStart"];
$tend = $row["timeEnd"];
$tname = $row["tychoName"];
116. $f2f = $row["f2f"];
$help = $row["helpDescription"];
$course = $row["courseInfo"];
$registerdate = $row["RegisterDate"];
$firstname = $row["firstName"];
$lastname = $row["lastName"];
$email = $row["eMail"];
// Make this an Object
$mySchedule = new
StudentViewClass($id,$thedate,$day,$tstart,$tend,$tname,$f2f,
$help,$course,$registerdate,$firstname,$lastname,$email);
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
117. $mysqli->close();
return $mySchedule;
}
// Cancels an existing session
function cancelSession($id)
{
$rowdeleted=0;
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "delete from StudentSchedules
where scheduleID = $id";
$mysqli->query($Myquery);
119. where scheduleID = $id";
$mysqli->query($Myquery);
$rowsdeleted=$mysqli->affected_rows;
// Need to delete from Student schedules if it has been
assigned and send a cancelation email
// Define the second query
$Myquery = "delete from GroupSchedules
where scheduleID = $id";
$mysqli->query($Myquery);
$rowsdeleted=$mysqli->affected_rows;
121. if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$thedate = $row["thedate"];
$day = $row["day"];
$tstart = $row["timeStart"];
$tend = $row["timeEnd"];
$groupname = $row["groupName"];
$f2f = $row["f2f"];
$sname = $row["sName"];
// Make this an Object
$mySchedule = new
ScheduleJoinClass($id,$thedate,$day,$tstart,$tend,$groupname,
122. $f2f,
$sname);
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
return $mySchedule;
}
function getGroupSchedulebyTutor($tutor,$semester)
{
$mySchedule = array();
// Connect to the database
123. $mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "Select
scheduleID,thedate,day,ti meStart,timeEnd,groupName,f2f,sNam
e from GroupSchedules
where scheduleID IN (select scheduleID from
TutorSchedules where tychoName = '$tutor')
and sName = '$semester'";
if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$thedate = $row["thedate"];
124. $day = $row["day"];
$tstart = $row["timeStart"];
$tend = $row["timeEnd"];
$groupname = $row["groupName"];
$f2f = $row["f2f"];
$sname = $row["sName"];
// Make this an Object
$mySchedule[] = new
ScheduleJoinClass($id,$thedate,$day,$tstart,$tend,$groupname,
$f2f,$sname);
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
}
$mysqli->close();
125. return $mySchedule;
}
function getTutor($id)
{
$mytutor = "";
// Connect to the database
$mysqli = connectdb();
// Define the Query
// For Windows MYSQL String is case insensitive
$Myquery = "select scheduleID, a.tychoName, firstName,
lastName, eMail
from TutorSchedules a, Tutors b
where a.tychoName = b.tychoName
and a.scheduleID = $id;";
126. if ($result = $mysqli->query($Myquery))
{
/* Fetch the results of the query */
while( $row = $result->fetch_assoc() )
{
$id = $row["scheduleID"];
$tycho = $row["tychoName"];
$firstname = $row["firstName"];
$lastname = $row["lastName"];
$email = $row["eMail"];
// Make this an Object
$mytutor = new
TutorJoinClass($id,$tycho,$firstname,$lastname,$email);
}
/* Destroy the result set and free the memory used for it
*/
$result->close();
131. $mypairs = array_combine($key,$vals);
// Assign values to ParametersClass
$myEmailparms = new
EmailparmsClass($mypairs['smtphost'],$mypairs['smtpport'],
$mypairs['smtpauth'],$mypairs['smtpuser'],
$mypairs['smtppass'],$mypairs['smtpfrom']);
// Display the Paramters values
return $myEmailparms;
}
?>
Demo/index.htmlAre you sure you want to permanently delete
132. this session?$dtextCS TutorWelcome to the CMIS and CMSC
Tutor Request SiteIf you have already created an account, sign
in using your WebTycho username
and email address in the form below.Sign in to your CSTutor
Account: WebTycho username:email address:First time users
need to create an account by clicking on the link below.
Create a new CSTutor Account
Demo/ListSessions.php
0 )
{
echo "
";
echo "You currently have a total of $sessioncnt
tutoring sessions for $currentsem as shown below.
";
echo "To permanently Delete a session click on the
Delete button. Deletions should only be for emergency
situations.
";
echo "Once a session is deleted, no students can
sign up for this session.
";
echo "";
echo "
";
echo "
135. }
?>
Demo/logs/logdata.txt
S3: Reservation success from 6, jrobertson1, CMIS102 on April
18, 2015, 9:57 am was 1
S4: Reservation Email sent to [email protected],
[email protected] on April 18, 2015, 9:57 am was
S3: Reservation success from 31, jrobertson1, CMIS102 on
April 18, 2015, 9:58 am was 1
S4: Reservation Email sent to [email protected],
[email protected] on April 18, 2015, 9:58 am was
S3: Reservation success from 10, jrobertson1, CMIS141 on
April 18, 2015, 10:04 am was 1
S4: Reservation Email sent to [email protected],
[email protected] on April 18, 2015, 10:04 am was
S3: Reservation success from 14, jrobertson1, CMIS242 on
April 18, 2015, 10:04 am was 1
S4: Reservation Email sent to [email protected],
[email protected] on April 18, 2015, 10:04 am was
S3: Reservation success from 8, jrobertson1, CMIS102 on April
18, 2015, 10:04 am was 1
S4: Reservation Email sent to [email protected],
[email protected] on April 18, 2015, 10:04 am was
Demo/parms/dbparms.txt
username=sdev_owner
password=sdev300
host=localhost
db=sdev
138. echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo " ";
echo "";
}
// End the table
echo "
";
echo "";
echo "";
echo "
";
}
} // End Show form
function show_form() {
// Call Function to retrieve available courses
$courses = getCourses();
echo "Select the course and the format you prefer for
your tutoring session and then click Search.
";
139. echo " If a course is not listed, tutoring is not
currently available for that course.
";
// Display table
echo "Search Tutor Sessions
";
echo " ";
// Display first part of the table
echo "
";
echo "";
echo "CourseDateTimeTutoring LocationHelp
RequestedTutorCancel Session?$course$thedate, $day $tstart-
$tend$f2f$help$firstname $lastname ($email)Cancel Session
$id?
";
echo "
";
echo " ";
echo " ";
echo "";
echo "
";
echo " ";
echo " ";
echo "";
echo "
140. ";
echo " Course:
";
echo "Select Course
";
foreach ($courses as $c)
{
// Display the information in the table
echo "$c
";
}
echo "Format:
";
echo "Select Format
";
echo "Online via Wimba
";
echo "Face-to-Face at Largo, MD
";
echo " ";
echo "";
// End the table
echo "
";
echo "";
echo "";
echo "
141. ";
} // End Show form
?>
Demo/ShowSessions.php
0 && strlen($format)>0 )
{
// Break out Subject and Course
$areaname=substr($course,0,4);
$coursenum=substr($course,4,3);
$coursedata=$areaname.$coursenum;
$schedflag='N';
if ($format=='f2f')
$schedflag='Y';
// Call Function to retrieve available tutor slots over
next two weeks
$theSchedule =
getSchedules($schedflag,$areaname,$coursenum);
$sessioncnt = count($theSchedule);
142. if ($sessioncnt > 0)
{
echo "Select an available tutoring session from the
dates and times listed below by clicking the radio button in the
corresponding row.
";
echo "Then enter the topics/assignment you would
like tutoring assistance and click Submit.Sessions available
over the next 2 weeks are displayed.Note: All students must
register for a specific tutoring session to be eligible for
tutoring.
";
//if ($sessioncnt > 0)
//{
// Display table
echo "Tutoring Sessions Matching your Search
Criteria ($sessioncnt)
";
echo " ";
// Display first part of the table
echo "
";
echo "";
echo "
";
echo "
";
echo " ";
143. echo " ";
echo "";
// Display the report
foreach ($theSchedule as $sched)
{
// Extract the data
$myid=$sched->getScheduleid();
$mydate=$sched->getThedate();
$myday=$sched->getDay();
$mystart=$sched->getTimestart();
$myend=$sched->getTimeend();
$mycoursegroup=$sched->getGroupname();
// Call the function to retrieve Course list
$coursenames =
getCourselist($mycoursegroup);
// Display the information in the table
echo "
";
echo " ";
echo " ";
echo "";
}
echo "
";
echo " ";
echo "
";
echo " Course(s)Select Day and
Time$coursenames$mydate,$myday $mystart-$myendDescribe
the topic
144. assignment or other activity
you would like help with.";
echo "";
echo "";
// End the table
echo "";
echo "";
echo "";
echo "";
echo "
";
}
else
{
echo " Sorry. No $format tutor sessions are available
for $course, over the next 2 weeks.
";
echo "
Return to search
";
}
}
else {
echo "
No Course or Format search criteria were selected. Return to
search
145. ";
}
} // End Show form
function validate_form()
{
require_once('Includes/Utils.php');
require_once('Includes/FormObjects.php');
require_once('Includes/SQLFunctions.php');
// Set the Date stamp
date_default_timezone_set('America/New_York');
$today = date("F j, Y, g:i a");
// Show the page header
include('Includes/Header.php');
// Assign values
$scheduleid = check_input($_POST["scheduleid"]);
$coursesave = check_input($_POST["courseinfo"]);
$helpdesc = check_input($_POST["helpdesc"]);
// Just check for null values and email format
if (strlen($scheduleid)==0)
{
echo " No tutor session was selected. Return to search to
start over.
";
}
else
146. {
// Retrieve the Session Information
$myname = $_SESSION['wsuser'];
if (strlen($myname) > 0)
{
// Make sure the time/date is still available
$isReserved = checkReservation($scheduleid);
// If available make the reservation and send
the success message
if ($isReserved==0)
{
// Insert the reservation
$success =
reserveSession($scheduleid,$myname,$coursesave,$helpdesc,$t
oday);
$STDOUT =
fopen('logs/logdata.txt', 'a');
fwrite($STDOUT,"S3:
Reservation success from $scheduleid, $myname, $coursesave
on $today was $successn");
fclose($STDOUT);
// Display the results
// Retrieve the session information
and ask for them to print for their records.
$theschedule =
getSchedulebyID($scheduleid);
// Retrieve the tutor information
$thetutor =
getTutorbyID($scheduleid);
// Retrieve the Student
information
147. $thestudent =
getStudentbyID($myname);
// Logic for determining the
session code and URLs (Probably should be in database also
// Get the Day and GroupName
$cday=$theschedule->getDay();
$cgroup=$theschedule->getGroupName();
$ctime=$theschedule->getTimestart();
// Sunday CMIS102 9AM - 1PM
if ($cday=="Sunday" &&
$cgroup=="A" && $ctime >=900 && $ctime =900 && $ctime
=900 && $ctime =1800 && $ctime =1800 && $ctime =1800
&& $ctime =1800 && $ctime =1800 && $ctime =900 &&
$ctime =900 && $ctime getF2f()=='Y')
$theformat = 'Face-to-Face at
Largo, MD';
$emailstring =
"Congratulations $myname you have successfully signed up for
the following tutoring session!" ."
";
$emailstring .= "nStudent
name:" .$thestudent->getFirstname(). " " .$thestudent-
>getLastname() . "
";
$emailstring .= "Student
email:" .$thestudent->getEmail() . "
";
$emailstring .= "Session Date:"
.$theschedule->getThedate() . "
";
$emailstring .= "Day:"
.$theschedule->getDay() . "
";
149. following details about tutoring sessions:
";
$emailstring .= "F2F tutoring sessions occur in the
student lounge area at the Largo Center (1616 McCormick Drive
Largo MD 20774)
";
$emailstring .= "Online tutoring
sessions occur through WebEx.
";
// Also put the
contact/information
echo "Congratulations
$myname you have successfully signed up for the following
tutoring session!
";
// Display first part of the
table
echo "
";
echo "";
echo "
";
echo "
";
echo " ";
echo " ";
echo "";
152. echo "
";
if ($theschedule-
>getF2f()=='N'){
echo " ";
echo " ";
echo "";
echo "
";
echo " ";
echo " ";
echo "";
echo "
";
echo " ";
echo " ";
echo "";
}
echo "
";
echo " ";
echo " ";
echo "";
echo "";
echo "";
echo "
";
echo " Please print for your
records. An email is also being sent to your email address of "
153. .$thestudent->getEmail() . "
";
echo "Note the following details
about tutoring sessions: ";
echo "F2F tutoring sessions occur in the student
lounge area at the Largo Center (1616 McCormick Drive Largo
MD 20774)
";
echo "Online tutoring sessions
occur through WebEx
";
echo " ";
// Send the email to tutor
and student
// Send email to Tutor
$subject = "Tutor Session
Confirmation";
$temail = $thetutor-
>getEmail();
$semail=$thestudent-
>getEmail();
// Removed email
// Log email being sent
$STDOUT =
fopen('logs/logdata.txt' , 'a');
fwrite($STDOUT,"S4:
Reservation Email sent to $semail, $temail on $today was
$retn");
fclose($STDOUT);
}
154. else
{
// Log Error being sent
$STDOUT =
fopen('logs/logdata.txt', 'a');
fwrite($STDOUT,"S5: Session,
$scheduleID was not saved by $myname on $todayn");
fclose($STDOUT);
echo "Oops! There was an error in
saving your request.
";
echo "Most likely your session has
timed out, or someone else has reserved the time you wanted.
Please try again.
";
echo "Add another Tutoring Session";
}
echo "
";
echo "Add another Tutoring Session";
}
}
}
155. ?>
Demo/tauthcheck.php
FieldValueCourse:$coursesaveHelp requested:$helpdescStudent
name:".$thestudent->getFirstname(). " " .$thestudent-
>getLastname(). "Student email:".$thestudent->getEmail().
"Session Date:".$theschedule-
>getThedate()."Day:".$theschedule->getDay()."Start
time:".$theschedule->getTimestart()."Stop time:".$theschedule-
>getTimeend()."Format:$theformatSemester:".$theschedule-
>getSname()."Tutor name:".$thetutor->getFirstname(). " "
.$thetutor->getLastname(). "Tutor email:".$thetutor-
>getEmail(). "WebEx URL:$sessionURLWebEx Phone
Number:". $phoneIN. "WebEx Session Access Code:".
$accessCode. "Date Reservation submitted:$todayLogin Error
Sorry, the username and password do not match any
current account.
Try again, or contact the Tutor account administrator.
0 )
{
echo "
156. ";
echo "You currently have $count tutoring
sessions over the next 2 weeks.
";
echo "Be sure to check your site daily as
students can register at anytime.
";
echo "Also, students must register and be
on your schedule to receive tutoring assistance.
";
echo "";
echo "
";
echo "
";
echo "Course
";
echo "Student Name
";
echo "Email
";
echo "Tutor Session Details
";
echo "Location
";
echo "Help Details
157. ";
echo "";
// Now retrieve the display information
$tutorview = array();
foreach ($sid as $s)
{
$data = getTutorview($s);
$tutorview [] = $data;
}
// Now display the Tutorview
foreach ($tutorview as $t)
{
// Extract the data
$id = $t->getID();
$thedate = $t->getThedate();
$day = $t->getDay();
$tstart = $t->getTstart();
$tend = $t->getTend();
$f2f = $t->getF2f();
$sname = $t->getSname();
$tname = $t->getTname();
$help = $t->getHelp();
$course = $t->getCourse();
$firstname = $t->getFirstname();
$lastname = $t->getLastname();
$email = $t->getEmail();
echo "
";
echo "$course
";
158. echo "$firstname $lastname
";
echo "$email
";
echo "$thedate,$day,$tstart-
$tend
";
echo "" . getLocation($f2f) .
"
";
echo "$help
";
echo "";
}
echo "";
}
else
{
echo "No students have currently
registered for your scheduled tutoring sessions over the next 14
days
";
}
echo "You can click on the link below to
view all of your sessions for this semester. You can also delete
sessions for emergency situations using this link.
";
159. echo "Show all of my sessions
";
}
?>
Demo/tlogin.htmlCS TutorWelcome to the CMIS and CMSC
Tutor SiteSign in using your WebTycho username
and tutor password in the form below.Sign in to your CSTutor
Account: WebTycho username:Tutor Password:
Demo/tutors.css
/*
Document : webstaffer CSS
Created on : Jan 1, 2011, 4:27:27 PM
Author : James Robertson
Description:
Purpose of the stylesheet follows.
*/
/*
