#!/usr/bin/perl -Tw # check for student 4x4 and group # to start review # get review item number from list # Copyright 2002 Dean F. Hougen. All rights reserved. $review_dir = '/home/hougen/www/cgi-bin/IIRreviews2002/'; $class_file = $review_dir . 'classfile'; $sendmail = '/usr/lib/sendmail'; $num_groups = 10; use CGI; use Fcntl qw(:DEFAULT :flock); $review = new CGI; $ENV{'PATH'} = '/usr/bin:/usr/lib'; delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; # sub untaint; # sub user_login_form; # sub validate_login; # sub user_review_form; # sub thank_you; $action = $review->param('action'); if (!$action) { # there is no action, must be the first time here, present login form user_login_form(); } elsif ($action eq 'LOGIN'){ validate_login(); user_review_form(); } elsif ($action eq 'SUBMIT'){ validate_login(); process_review_form(); $review_num++; if ($review_num <= $num_reviews) { user_review_form(); } elsif ($review_num == $num_reviews + 1) { thank_you(); } else { die "Invalid Review Num: $review_num\n"; } } else { # action is undefined error_page ("
Note, for reviews of group projects, each person should evaluate the work of all of the groups individually. While I have given only a single copy of each group's work to each group, the reviews are NOT to be done as a group. Each of you should independently look at each proposal and arrive at your own conclusions about the work of the groups. Think of this as homework that you are assigned to do on your own.
Note, for peer reviews of group members, you should evaluate yourself as well as each of your team mates.
4 x 4 Given: $four_by_four
"); } #untaint 4x4 $four_by_four = untaint($four_by_four); #check for length of Group Number unless (length($group_num) < 3 && $group_num > 0 && $group_num < 11) { error_page("Group Number Given: $group_num
"); } #untaint Group Number $group_num = untaint($group_num); #check for length of Group Size unless (length($group_size) < 2 && $group_size > 3 && $group_size < 6) { error_page("Group Size Given: $group_size
"); } #untaint Group Size $group_size = untaint($group_size); #untaint Review Item $review_item = untaint($review_item); #determine number of times through form if ($review_item eq 'P0Tasks'){ $num_reviews = $num_groups; } else { $num_reviews = $group_size; } #untaint Email Address $email_addr = untaint($email_addr); #combine 4x4 and Group Number into a single data item $login_code = $four_by_four . $group_num . $email_addr ; #$login_code = $four_by_four . $group_num; #debug_page("Login code is: $login_code"); #open class file non-destructively, read in entries #entry format is "4x4#email_addr" on each line $found = 0; #debug_page("Classfile is: $class_file"); sysopen(STUDENTS, "$class_file", O_RDONLY) or die "Can't open $class_file: $!"; #debug_page("class file opened"); flock(STUDENTS, LOCK_SH) or die "Can't get shared lock on $class_file: $!"; while(4 x 4 Given: $four_by_four
Group Number Given: $group_num
OU Email Address Given: $email_addr\@ou.edu
Data Value (must be 1000 characters or less): $value
"); } $review_data .= "$field: $value\n"; } } #generate file name from data $filename = $review_dir . $review_item . $login_code . $review_num; $filename = untaint($filename); #debug_page($filename); #open file, write, and close sysopen(REVIEW_FILE, "$filename", O_CREAT | O_EXCL | O_WRONLY) #open(REVIEW_FILE, ">$filename") or error_page ("We already have this review on file for you. If this is incorrect, please contact Prof. Hougen.
"); flock(REVIEW_FILE, LOCK_EX) or error_page ("Can't write to $filename: $!
"); close(REVIEW_FILE) or error_page ("Can't close $filename: $!
"); } ####################################################################### sub user_review_form{ #the file name to open is built from the review item name $filename = $review_dir . $review_item . '.html'; #debug_page("$filename should be opened"); print "Content-type: text/html\n\n"; sysopen(FORM_FILE, "$filename", O_RDONLY) or die "Can't open $filename: $!"; #debug_page("$filename opened"); flock(FORM_FILE, LOCK_SH) or die "Can't get shared lock on $filename: $!"; while(