-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprocess_submission.php
More file actions
54 lines (43 loc) · 1.55 KB
/
Copy pathprocess_submission.php
File metadata and controls
54 lines (43 loc) · 1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
session_start();
require "config.php";
if (!isset($_SESSION['id']) || $_SESSION['role'] !== 'student') {
die("Access denied");
}
$user_id = $_SESSION['id'];
$assignment_id = intval($_POST['assignment_id'] ?? 0);
if (!isset($_FILES['submission_file'])) {
die("No file uploaded");
}
$file = $_FILES['submission_file'];
if ($file['error'] !== UPLOAD_ERR_OK) {
die("Upload error");
}
// validate size (10MB)
if ($file['size'] > 10 * 1024 * 1024) {
die("File too large");
}
// validate extension
$allowed = ['pdf','doc','docx','zip','rar'];
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
if (!in_array($ext, $allowed)) {
die("Invalid file type");
}
// prepare destination
$dir = __DIR__ . "/uploads/assignments/submissions/";
if (!is_dir($dir)) mkdir($dir, 0755, true);
$filename = time() . "_" . preg_replace('/[^A-Za-z0-9._-]/', '_', basename($file['name']));
$destPath = $dir . $filename;
if (!move_uploaded_file($file['tmp_name'], $destPath)) {
die("Move failed");
}
// store in DB: assignment_submissions (id, assignment_id, user_id, filename, filepath, uploaded_at)
$filepath_db = "uploads/assignments/submissions/" . $filename;
$stmt = $pdo->prepare("
INSERT INTO assignment_submissions (assignment_id, user_id, filename, filepath, uploaded_at)
VALUES (?, ?, ?, ?, NOW())
");
$stmt->execute([$assignment_id, $user_id, $file['name'], $filepath_db]);
// redirect back to dashboard or assignment page
header("Location: student_dashboard.php?submission=success");
exit;