Modified acceptable upload extensions.

diff --git a/detail_root.php b/detail_root.php
index 1532182..685052d 100644 (file)
--- a/detail_root.php
+++ b/detail_root.php
@@ -210,11 +210,10 @@ if($_GET["user"] == '' ) {
                                </div>
                        </div>
                </div><br><br>';
-       }
+               }
 
        }
 
-
        /* get comments for this assignment */
        $sql = 'select comment_id, stdusers.name, sub_id, fac_id, facusers.name as facname, txt, timeposted, comments.role from users stdusers, comments LEFT JOIN users facusers on (facusers.user_id = comments.fac_id) where (stdusers.user_id = comments.user_id) and comments.user_id='.$_GET["user"].' and sub_id='.$_GET["sched"].' order by timeposted';
 
@@ -293,16 +292,26 @@ $result = mysql_query($sql);
 
 $row = mysql_fetch_row($result);
 
-if($row[0] == 1) { 
-       $upload_form = '<div class="comment_box">Upload File:<form action="upload.php?sched='.$_GET["sched"].'" method="post" enctype="multipart/form-data">
+if($row[0] == 1) { // assignment is open
+       if($role == 0 && $_GET["user"] == 1) {
+               $upload_form = '<div class="comment_box">Upload File:<form action="upload.php?sched='.$_GET["sched"].'" method="post" enctype="multipart/form-data">
                <input type="file" name="file" size="40"><br><br>
+               <input name="user" type="hidden" value='.$_GET["user"].'>
+               <input name="action" type="hidden" value="ret">
                <input type="submit" name="submit" value="Submit"/>
                </form></div>';
-} else {
+       } else if($role != 0) {
+               $upload_form = '<div class="comment_box">Upload File:<form action="upload.php?sched='.$_GET["sched"].'" method="post" enctype="multipart/form-data">
+               <input type="file" name="file" size="40"><br><br>
+               <input type="submit" name="submit" value="Submit"/>
+               </form></div>';
+       } else {
+               $upload_form = '';
+       }
+} else { // assignment is closed
        $upload_form = '';
 }
 
-
 /* generate next and back buttons */
 
 if($role == 0) {

diff --git a/upload.php b/upload.php
index 298bba3..307fab6 100644 (file)
--- a/upload.php
+++ b/upload.php
@@ -23,7 +23,7 @@ $deadline = $row[1];
 $class_id = $row[2];
 
 /* check for correct file extension */
-$allowedExtensions = array("c", "cpp", "c++", "h");
+$allowedExtensions = array("c", "cpp", "c++", "h", "hpp");
 if(!in_array(end(explode(".", $_FILES["file"]["name"])), $allowedExtensions)) { die("File Extension Not Correct"); }
 
 /* check for file type */
@@ -79,12 +79,10 @@ mail($user_email, "File Received", "", $header);
 
 /* move to classes page */
 
-
-//echo "Data Posted Sucessfully<br><br>";
-
-//echo 'Click <a href=detail_root.php?sched='.$_GET["sched"].'>Here</a> To Return to Assignment Details';
-
-echo '<html><meta http-equiv="refresh" content="0;url=detail_root.php?sched='.$_GET["sched"].'" /></html>';
-//echo '<html><meta http-equiv="refresh" content="0; detail.php?sched='.$_GET["sched"].'" />Data Posted Sucessfully</html>';
+if($_POST["action"] == 'ret') {
+       echo '<html><meta http-equiv="refresh" content="0;url=detail_root.php?sched='.$_GET["sched"].'&user='.$_POST["user"].'" /></html>';
+} else {
+       echo '<html><meta http-equiv="refresh" content="0;url=detail_root.php?sched='.$_GET["sched"].'" /></html>';
+}
 
 ?>