,
hndstrt integer ,
types integer ,
ip varchar (15),
idalign integer,
modes integer,
log integer,
quests integer
);
create table protocol(
atime datetime,
iduser integer,
action integer,
descr varchar(255) ,
idtest integer,
ldquest integer,
idans integer,
ip varchar(15)
);
create table results(
id integer,
atime datetime,
idtest integer);
Додаток Б. Код SQL запитів
creatall.sql
create database testsys;
connect testsys;
create table users (
id integer,
name varchar(33),
ip varchar(15),
class integer,
idgroup integer,
pass varchar(21),
atime datetime,
addgrps varchar(66)
) ;
create table groups(
id integer,
name varchar(17),
ip varchar(15) ,
attr integer,
atime datetime,
faculty varchar (10),
chair varchar (10),
year integer
);
create table cmd(
id integer,
action integer,
param varchar(127),
iduser integer,
idgroup integer,
timeb datetime,
timee datetime,
ip varchar (15),
idowner integer
inc.php
<?php
function AutorizeRequire() {
print<<<BLCK
<html><head><meta http-equiv="Refresh"
content="0;url=http: //localhost/testsys/"></head></html>
BLCK;
exit ();
}
// Get user ID
$iduser=$HTTP_GET_VARS["id"];
// Init connect
$mscn=mysql connect();mysql_select_db("testsys",$mscn);
srandl(float)microtime*10000000);
// Werify autorization
$q="select * from au where ident=" . $iduser;
$rcus=mysql_query($q);
if(mysql_num__rows($rcus)!=1)
(AutorizeRequre();}
?>
submit" value="Find">
</form>
findusers.php
<!-- Find user form -->
<form id="frml" action="result.php?id=<?php print
$HTTP_GET_VARS["id"]; ?>Ssch-l" method="post" target="result">
<b>Find user:</b><br>
ID: Snbsp;<input type="text" name="fid"
size="33" maxlength="33"><br>
Login name:Snbsp;Snbsp;<input type="text"
name="login" size="33" maxlength="33"><br>
Class:
<input type="radio" name="class"
value="O">Admin
<input type="radio" name="class"
value="l">Teacher
<input type="radio" name="class"
value="2">Student
<input type="radio" name="class"
value="3">Guest<br>
Group:Snbsp;Snbsp;<select name="group">
<option value=""></option>
<?php
$rgrp=mysql_query("select id,name from groups"); while{$grp=mysql_fetch_array(Srgrp)){
print "<option
value=\"".$grp["id"]."\">".$grp["name"]."</option>";
}
mysql_free_result($rgrp) ;
?>
</select>
<input type="submit" value="Find">
</form>
$q="select id,name from groups";$rgrp=mysql_query($q);
while($grp=mysql_fetch_array($rgrp)){
print "<option
value=\"".$grp["id"]."\"".($rusr["idgroup"]==$grp["id"]?" selected":"").">".$grp["name"]."</option>";
}
mysql_free_result($rgrp);
?>
</select><br>
<?ph
print "Time: " . $rusr["atime"];
<input type="submit" value="Change">
</form><hr>
findgroups.php
<!-- Find group form -->
<form style="display: none" id="frm2"
action="result.php?id=<?php print $HTTP__GET_VARS ["id"] ;'?>&sch=2"
method="post" target="result">
<b>Find group:</b><br>
ID: Snbsp;<input type="text'.' name="fid"
size="33" maxlength="33"><br>
Group name:Snbsp;Snbsp;<input type="text"
name="login" size = "17" maxlength="17"><br>
Attributes: <input type="checkbox"
name="attt" value="l">temporary<input type="radio" name=atttc
value="l">+ <input type="radio" name=atttc value="0">-<br> Faculty: <input type="text" name="fac"
size "10" ir.maxlnght="10">
Chair:Snbsp; <input type="text" name="chr"
size="10" maxlength="10"><br>
Year: <input type="text" name="yr"
size="4" raaxlength="4">
<form style="display: none"
id="frm5"action="usradm.php?id=<?php print $HTTP_GET_VARS["id"] ;
?>&sch=5&act'=2" method="post">
User info:
<?php
if($HTTP_GET_VARS["sch"]=="5"){
$q="update users set name=\""
.$HTTP_POST_VARS["login"]."\",class="
.$HTTP_POST_VARS["class"].",idgroup="
.$HTTP_POST_VARS["group"].
" where id=".$HTTP_POST_VARS["idd"]; mysql_query($q);$rndd=$HTTP_POST_VARS["idd"];
}
$idd=($HTTP_GET_VARS["idd"]==""?$rndd:$HTTP_GET_VARS["idd"]);
$q="select * from users where id=".$idd;
$ufnd=mysql_query($q);
$rusr=mysql_fetch_array($ufnd);
print "ID: ".$rusr["id"]."<br><input type=\"hidden\"
name=\"idd\" value=\"".$rusr["id"]."\">";
$q="Name: <input type=\"text\" name=\"login\"
size=\"33\" maxlength=\"33\" value=\"".$rusr["name"]."\"><br>";
print $q;
?>
Class: <input type="radio" name="class" value="0"
<?php if($rusr["class"]==0) print "checked"?>>Admin
<input type="radio" name="class" value="l" <?php
if($rusr["class"]==1) print "checked"?>>Teacher snbsp;
<input type="radio" name="class" value="2" <?php
if($rusr[“class"]==2) print "checked"?»Student
<input type="radio" name="class" value="3" <?php
if ($rusr ["class"]==3) print "checked"?»Guest<br>
Group: <select name="group">
<?php
. "\", year=" . $HTTP__POST_VARS ["yr" ]
." where id=".$HTTP_POST_VARS["idd"];
mysql_query($q);
}
$rndd=($HTTP_GET_VARS["idd"]==""?$rndd:$HTTP_GET_VARS["idd"]
$rndd=($HTTP_POST_VARS["idd"]==""?$rndd:$HTTP_POST_VARS["idd"]);
$rgrp=mysql__query("select * from groups where id=".$rndd);
$grp=mysql_fetch array($rgrp);
print "ID: ".$grp [ "id"] ."<input type=\"hidden\"
name=\"idd\" value=\"".$grp["id"]."\"><br>";
print "Name: <input type=\"text\" name=\"login\"
value=\"".$grp["name"]."\" size=\"17\" maxlength=\"17\"><br>";
print "Attributes: <input type=\"checkbox\" name=\"attt\”
value=\"l\"".($grp["attr"]==l?" checked":"").">temporary<br>";
print "Faculty: <input type=\"text\" name=\"fac\"
value=\"".$grp["faculty"]."\" size=\"10\" maxlength=\"10\"Xbr>";
print "Chair: <input type=\"text\" name=\"chr\" value=\"" . $grp ["chair"] . "\" size=\"10\" maxlength=\"10\"><br>" ;
print "Year: <input type=\"text\" name=\"yr\"
value=\"".$grp["year"]."\" size=\"4\" maxlength=\"4\"><br>";
print "Time: ".$grp["atime"];
mysql_free_result($rgrp) ;
?>
<br><input type="submit" value="Change">
</form><hr>
<?php
}?>
edituser.php
editgroup.php
<?php
if($HTTP_GET_VARS["sch"]=="4"){
?>
<hr><h2>Group infо : </h2><form action="usradm. php?id=<?php
print $HTTP_GET_VARS["id"]; ?>Ssch=4&act=2" method="post">
<?php
$mscn=mysql_connect();mysql_select_db("testsys",$mscn);
if($HTTP_GET_VARS["act"]=="l"){
$rndd=rand{);$q="select id from groups where
id=".$rndd;
$rsnd=mysql_query($q) ;
while(mysql__num_rows($rsnd)!=0){
$rndd=rand();mysql_free_result($rsnd);
$q="select id from groups where id=".$rndd;
$rsnd=mysql_query($q) ;
}
mysql_free_result($rsnd);
$q="insert into groups values("
.$rndd.",\""
.$HTTP_POST_VARS["login"]."\",NULL," .(($HTTP_POST_VARS["attt"]==l)?l:0).",now(),\”” .$HTTP_POST_VARS["fac"]."\",\""
.$HTTP_POST_VARS["chr"]."\","
. $HTTP_POST__VARS ["yr"] . ") " ;
mysql_query($q) ;
}
if($HTTP GET_VARS["act"]=="2"){
$q-"update groups set
name=\"".$HTTP_POST_VARS["login"]
."\",attr=". ( ($HTTP_POST_VARS["attt"]==1)?1:0) .",faculty=\"".$HTTP_POST_VARS["fac"]
."\",chair=A"".$HTTP_POST_VARS["chr"]
Snbsp;
<input type="radio" name="class"
value="3">Guest<br>
Group: <select name="group">
<?php
$q="select id,name from groups";$rgrp=mysql_query($q);
while($grp=mysql_fetch_array($rgrp)){
print "<option
value=\"".$grp["id"]."\">"-$grp["name"]."</option>";
}mysql__free_result ($rgrp) ;
?>
</select><br>
Password: <input type="password"
name="pass" size="21" maxlength="21"xbr>
<center><input type="submit" value="Add"></center>
</form>
<!-- Create group form -->
<form style="display: none" id="frm4"
action="usradm.php?id=<?php print $HTTP_GET__VARS["id"];
?>&sch=4&act=l" method="post">
<b>New group:</b><br>
Group name: <input type="text"
name="login" size="17" maxlength="17"><br>
Attributes: <input type="checkbox"
name="attt" value="l">temporary<br>
Faculty: <input type = "text"
name="fac" size="10" maxlength="10"> <br>
Chair: <input type="text" name="chr"
size=''10" maxlength="10"> <br>
Year: <input type="text" name="yr"
size="4" maxlength="4"> <br>
<center> <input type="submit" value="Add"> </center>
</form>
</form><hr>
</body></html>
admhead.php
<center>
<font style="font: 20рі">Управління системою
автоматизованого тестування CAT</font><br
<?php
print "<a id=\"head\"
href=\"tstadm.php?id=".$iduser."\">[Управління Кестами]</a>   I   ";
print "<a id=\"head\"
href=\"cmdadm.php?id=".$iduser."\">[Управління Командами]</a>   I   ";
print "<a id=\"head\"
href=\"logout.php?id=".$iduser."\">[Вихід]</а>";
?>
</center>
<hr>
createuser.php
<!-- Create user form -->
<form style="display: none" id="frm3"
action="usradm.php?id=<?php print $HTTP__GET_VARS [ "id"] ; ?>"
method="post">
<input type="hidden" name="sch" value="3">
<b>New user:</b><br>
Login name: <input type="text"
name="login" size = "33" maxlength="33"><br>
Class:
<input type="radio" name="class"
value="O">Admin
<input type="radio" name="class"
value="l">Teacher
}
if($HTTP_GET_VARS["act"]=="2")
$q="update groups set name=\"".$HTTP_POST_VARS["login"]
."\",attr=". ( ($HTTP_POST_VARS["attt"]==l)? .",faculty=\"".$HTTP_POST_VARS["fac"] ."\",chair=\"".$HTTP_POST_VARS["chr"] ."\",year=".$HTTP_POST_VARS["yr"]
." where id=".$HTTP_POST_VARS["idd"];
mysql_query($q);
}
$rndd=($HTTP_GET_VARS["idd"]==""?$rndd:$HTTP_GET_VARS["idd"]);
$rndd=($HTTP_POST_VARS["idd"]==""?$rndd:$HTTP_POST_VARS["idd"]);
$rgrp=mysql_query("select * from groups where
id=".$rndd);
$grp=mysql_fetch_array($rgrp);
print "ID: ".$grp["id"]."<input type=\"hidden\" name=\"idd\" value=\"".$grp["id"]."\"><br>";
print "Name: <input type=\"text\" name=\"login\" value=\"r . $grp ["name"] . "\" size=\"17\" maxlength=\"17\"Xbr>";
print "Attributes: <input type=\"checkbox\" name=\"attt\' value=\"l\"". ($grp["attr"] ==1?" checked":"") .">temporary<br>";
print "Faculty: <input type=\"text\" name=\"fac\" value=\"".$grp["faculty"]."\" size=\"10\" maxlength=\"10\">< br>";
print "Chair: <input type=\"text\" name=\"chr\"
value=\"".$grp["chair"]."\" size=\"10\" maxlength=\"10\">< br>";
print "Year: <input type=\"text\" name=\"yr\"
value--\"" . $grp і "year"] . "\" size=\'r4\" maxlength--\"4\”><br>" ;
print "Time: ".$grp["atime"];
mysql_free_result($rgrp);
<br><input type=”sabmit”value=Change”>
}
?>
</body>
</html>
grpedt.php
<html><head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1251">
<title>[Grouplnfo|LocalTest]</title><meta name="author"
content="AdarAShur'">
</head><body bgcolor="#0066cc" text = "#ffffff">
<hr><h2>Group info:</h2xform action="grpedt.php?act=2"
method="post">
<?php
$mscn=mysql_connect();mysql_select_db("testsys",$$mscn); if($HTTP_GET_VARS["act"]=="1"){
$rndd=rand();$q="select id from groups where id=".$rndd;
$rndd=mysql_query($q) ;
while(mysql num rows($rsnd)!=0){
$rndd=rand();mysql free result($rsnd);
$q="select id from groups where id=".$rndd;
$rsnd=mysql query($q);
}
mysql_free_result($rsnd);
$q="insert into groups values ("
. $rndd.",\""
. $HTTP___POST_VARS["login"] . "\",NULL, "
. ( ($UTTP_POST_VARS r "attt"] = = 1) ?1:0) . " , now () , \" "
. $HTTP_POST_VARS["fac"]."\",\""
. $HTTP_POST_VARS["chr"]."\","
.:$HTTP_POST_VARS["yr"] . ") ";
mysql__query ($q) ;
if($HTTP_GET_VARS["sen"]=="2"|I $HTTP_GET_VARS["sch"]==""){
$cnds = " where",'print "<table>";
if($HTTP_POST_VARS["fid"]!="")$cnds.=" id=".$HTTP_POST_VARS["id"];
if($HTTP_POST_VARS["login"]!="")$cnds.=(strlen($cnds)>6?"
and":"")." locate(/".$HTTP_POST_VARS["login"]."\",name)!=0"
if($HTTP_POST_VARS['3ttt"]!="")$cnds.-(strlen($cnds)>6?" and" : " " ) ." attr=".$HTTP_P03T_VARS["atttc"] ;
if ($HTTP_POST_VARS["fac"] !="")$cnds. = (strlen($cnds)>6?"
and":"")." locate(\"".$HTTP_POST_VARS["fac"]."\",faculty)!=0";
if($HTTP_POST_VARS["chr"]!="")$cnds.=(strlen($cnds)>6?" and":"")." locate(\"".$HTTP_POST_VARS["chr"]."\",chair)!=0";
if($HTTP_POST_VARS["yr"]!="")$cnds.="
year=".$HTTP_POST_VARS["yr"];
$q="select * from group's" . (strlen ($cnds) >6?$cnds :"");
$ufnd=mysql_query($q);-
while($rusr=mysql_fetch_array($ufnd)){
print "<tr><td>" . $rusr ["id"] . "</tdxtdxa
href=\"usradm.php?id=".$HTTP_GET__VARS["id"]."&sch=4&idd=".$rusr[ "id"] . "\">".$rusr ["name"] . "</a></tdxtd>";
print5rusr["attr"]==l?"temp":"")."</td><td>"
.$rusr["faculty"]."</td> id>".$rusr ["chair"] . "</td><td>" . $rusr [ "year"] . "</td>";
print "<td>" . $rusr ["atime"] . "</tdxtdxa
href=\"usradm?Jm?id=".?HTTP_GET___VARS["id"] . "&ddq-=" . $rusr [ "id" ] . "\"
target = \"_top\">delete</a></tdx/tr>";
mysql_free_result($ufnd);
print "</table>";
if($HTTP_POST_VARS["fid"]!="")$cnds.="
id=".$HTTP__POST_VARS ["fid"] ;
if($HTTP_POST_VARS["login"]!="")$cnds.=(strlen($cnds)>6?" and":"") ." locate ( \"".$HTTP_POST_VARS["login"] ."\",name) !=0";
if ($HTTP_POST_VARS("class"] !="")$cnds. = (strlen($cnds)>6?" and":"")." class=".$HTTP_POST_VARS["class"];
if($HTTP_POST_VARS["group"]!="")$cnds.=(strlen($cnds)>6?" and":"")." idgroup=".$HTTP_POST_VARS["group"];
$q="select * from users".(strlen($cnds)>6?$cnds:"");
$ufnd=mysql_query($q) ;
while($rusr=mysql_fetch_array($ufnd)){
print "<trxtd>".$rusr["id"]."</td><td><a
href=\"usradm.php?frm=5Sid=".$HTTP_GET_VARS["id"]."Ssch=3&idd=" $rusr ["id"] . "\" target=\"_top\">" . $rusr ["name"] . "</ax/tdxtd>" switch (Srusr["class"]) {
case 0:print "admin";break; case l:print "teacher";break; case 2:print "student";break; case 3:print "guest";break;
$q="seiect name from groups where id=".$rusr["idgroup"];
$rgrp=mysql_query($q);$grp=mysql_fetch_array($rgrp);
print
"</tdxtd>" . $grp["name"] . "</td><td>" . $rusr ["atime" ] . "</td><td>-hrof=\"usradm.Dhp?id=".$HTTP GET VARSr'id"]."&dd=".$rusr[":d"1 :=\"_top\">delete</ax/td></tr>"; mysql free_result($rgrp) ;
mysql^free_result($ufnd); print "</table>"; </selectxbr>
<input type="submit" value="Change">
</form> <?php
mysql_free_result($ttsx);
)else(print " "; ) ?>
</tdx/tr>
</table> <?php
)
mysql_close($mscn); ?>
<hr> </body></html>
result.php
<?php
// Main Include
include ("inc/inc.php");
<htmlxhead>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" >
<titlex/title><meta name="author" content="AdarAShur">
<link rel="StyleSheet" type="text/css" href="css/main.css"> </head><body bgcolor="#0066cc" text="#ffffff">
<?php
if($HTTP_GET_VARS["sch"]=="1"){ $cnds=" where";print "<table>";
if($lst==O)(
$ttsx=mysql_query("select * from tests where
id=".$idtst);
$tts=mysql_fetch_array($ttsx); ?>
<form action="tstadm.php?id=<?php print $cusr["ident"] ?>" mathod="post">
<input type="hidden" name="frm" value="edt">
<input type="hidden" name="id" value="<?php print
$tts["id"]; ?>">
id: <?php print $tts["id"]; ?><br> Title: <input type="text" name="attl" value="<?php print $tts ["title"]; ?>"><br>
Align: <select name="aalg"> <?php
$q="select id,name from aligns";$rgrp=mysql_query($q) while($grp=mysql_fetch_array($rgrp)){
print "<option
value=\"".$grp["id"]."\"".($tts["idalign"]==$grp["id"]?" selected":"").">".$grp["name"]."</option>"; } mysql free result($rgrpj;
</select><br>
Group: <select name="idgrp"Xoption
value="NULL"<?php print ($tts["igroup"]=="NULL"?" selected":"' ?>></option> <?php
$q="select id,name from groups";$rgrp=mysql_query($q) while($grp=mysql_fetch_array($rgrp)){
ptiut "<option>”;
}
mysql_free_result($rgrp);
}
mysql free_result($rgrp); ?>
</select><br>
Align:Snbsp;<select name="salg"><option
value=""x/option> <?php
$q="select id,name from