Commit 12e2f2d0 authored by William Paul Liggett's avatar William Paul Liggett

Subject Login Page: A test participant can now login if they have a test scheduled.

parent aac74bcc
......@@ -53,11 +53,11 @@
$submitted_username = htmlspecialchars($_POST['username']);
$submitted_password = htmlspecialchars($_POST['password']);
// Confirms whether the login is valid and sets the boolean `$valid_login' variable.
require_once "valid_login.php";
// Confirms whether the login is valid and sets the boolean `$valid_login_admin' variable.
require_once "valid_login_admin.php";
// Login invalid: Re-displays the login <form>.
if(!$valid_login) {
if(!$valid_login_admin) {
echo "<p class='error_msg'>$error_msg</p>";
echo $login_form;
}
......@@ -71,7 +71,7 @@
// Logs into the OpenVigilance Task tests database to control and alter user tests.
// `$pdo' is defined as the database connection.
require_once "../../../../../protected_site_configs/junktext.com/openvigilance_db_connection.php";
require_once "../../../../../protected_site_configs/junktext.com/openvigilance_db_connection_admin.php";
// Test Control: Active tests.
$sql = "SELECT sk, subject_id, test_condition, login_code FROM test_control WHERE test_scheduled=1 ORDER BY subject_id";
......
......@@ -4,12 +4,12 @@
* This Source Code Form is subject to the terms of the Mozilla Public License (MPL), v. 2.0.
* If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/.
*
* Filename: validate_login.php
* Filename: validate_login_admin.php
*
* Purpose: Ensure that only administrators can see or change any OpenVigilance Task settings.
* -------------------------------------------------------------------------------------------------------------- */
$valid_login = false;
$valid_login_admin = false;
// Sets the `$ov_admin_username' and the `$ov_admin_password_hash' variables.
require_once "../../../../../protected_site_configs/junktext.com/openvigilance_admin_account.php";
......@@ -30,5 +30,5 @@ else if(!password_verify($submitted_password, $ov_admin_password_hash)) {
// Valid login!
else {
$valid_login = true;
$valid_login_admin = true;
}
<?php
/* --------------------------------------------------------------------------------------------------------------
* Copyright (C) 2018 by William Paul Liggett (junktext@junktext.com)
* This Source Code Form is subject to the terms of the Mozilla Public License (MPL), v. 2.0.
* If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/.
*
* Filename: validate_login_user.php
*
* Purpose: Ensure that only people with a scheduled OV test can take the test.
* -------------------------------------------------------------------------------------------------------------- */
$valid_login_user = false;
// Logs into the OpenVigilance Task tests database to verify the person is allowed to take a test.
// `$pdo' is defined as the database connection.
require_once "../../../../protected_site_configs/junktext.com/openvigilance_db_connection_user.php";
// Confirms the person's temporary account is valid.
// The `$submitted_username' and `$submitted_password' variables are from the calling PHP script.
$sql = "SELECT sk, subject_id, test_condition, login_code FROM test_control WHERE test_scheduled=1 AND subject_id=:subject_id AND login_code=:login_code";
$statement = $pdo->prepare($sql);
$statement->bindValue(":subject_id", $submitted_username, PDO::PARAM_INT); // Regular users only have numeric account names.
$statement->bindValue(":login_code", $submitted_password, PDO::PARAM_STR);
$statement->execute();
$account_found = $statement->fetch(); // If successful, grabs the stored login details from the database. 'false' if not.
// Determines if the login was valid or not.
// The `$error_msg' is a standardized variable in all calling scripts to output the login error found.
if(!$account_found) {
$error_msg = "Error: The username or password is not valid on this system.<br />Note: A user account is disabled after completing a vigilance test.";
return;
}
// Valid login!
else {
$valid_login_user = true;
}
......@@ -35,11 +35,16 @@
<p class="version_info"><strong>TO DO:</strong></p>
<ol>
<li>Subject Login Page: Allow a test participant to login if they have a test scheduled.</li>
<li>Vigilance Tests: Record the activity of each subject during the test and save it as a CSV data file on the server.</li>
<li>Admin Page: Add a section to show the stored CSV files so that they can be downloaded or deleted at will.</li>
</ol>
<p class="version_info">Version 1.6.0 (2018-02-28):</p>
<p><em>Estimated labor time: <span id="hours_logged_for_update_10">3</span> hours.</em></p>
<ul>
<li>Subject Login Page: A test participant can now login if they have a test scheduled.</li>
</ul>
<p class="version_info">Version 1.5.2 (2018-02-27):</p>
<p><em>Estimated labor time: <span id="hours_logged_for_update_9">3</span> hours.</em></p>
<ul>
......@@ -112,6 +117,7 @@
</ul>
<script src="js/jquery-3.3.1.min.js"></script>
<script>
// Calculates the amount of time spent on the project to reduce human error.
var calculated_labor_time = parseFloat($("#hours_logged_for_update_1").html()) +
parseFloat($("#hours_logged_for_update_2").html()) +
parseFloat($("#hours_logged_for_update_3").html()) +
......@@ -120,8 +126,10 @@
parseFloat($("#hours_logged_for_update_6").html()) +
parseFloat($("#hours_logged_for_update_7").html()) +
parseFloat($("#hours_logged_for_update_8").html()) +
parseFloat($("#hours_logged_for_update_9").html());
parseFloat($("#hours_logged_for_update_9").html()) +
parseFloat($("#hours_logged_for_update_10").html());
// Displays the total labor hours at the top of the page.
$("#total_labor_hours").html(calculated_labor_time);
</script>
</body>
......
......@@ -85,6 +85,7 @@ h2 {
}
/* For styles affecting a <form>. */
form#UserLogin label,
form#AdminLogin label {
width: 5rem;
margin-right: 1.5rem;
......@@ -93,12 +94,14 @@ form#AdminLogin label {
display: inline-block;
}
form#UserLogin input[type = "text"], input[type = "password"],
form#AdminLogin input[type = "text"], input[type = "password"] {
width: 8rem;
margin-bottom: 0.2rem;
display: inline-block;
}
form#UserLogin input[type = "submit"],
form#AdminLogin input[type = "submit"] {
margin-top: 1.5rem;
margin-left: auto;
......@@ -122,6 +125,7 @@ input[type = "button"] {
color: red;
}
form[name = "UserLogin"],
form[name = "AdminLogin"] {
margin: auto;
display: block;
......
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>OpenVigilance Task</title>
<!-- Copyright (C) 2018 by William Paul Liggett (junktext@junktext.com)
This Source Code Form is subject to the terms of the Mozilla Public License (MPL), v. 2.0.
If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. -->
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="description" content="Sustained attention tasks using random letters of O, D, and backwards D to help determine what influences a person's reaction time." />
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<h1>OpenVigilance Task</h1>
<div class="container">
<img id="background-smaller-circles" src="media/background-smaller-circles_(936_by_466_px,_Resolution_at_1360x768_~16_by_9).png" alt="Background of Smaller Circles" />
<div class="random_letter">
<span class="letter_o">O</span>
<span class="letter_d">D</span>
<span class="letter_backwards_d">D</span>
</div>
</div>
<script src="js/jquery-3.3.1.min.js"></script>
<script src="js/openvigilance-task.js"></script>
</body>
</html>
<?php
// Enables user sessions.
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>OpenVigilance Task</title>
<!-- Copyright (C) 2018 by William Paul Liggett (junktext@junktext.com)
This Source Code Form is subject to the terms of the Mozilla Public License (MPL), v. 2.0.
If a copy of the MPL was not distributed with this file, You can obtain one at https://mozilla.org/MPL/2.0/. -->
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="description" content="Sustained attention tasks using random letters of O, D, and backwards D to help determine what influences a person's reaction time." />
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<h1>OpenVigilance Task</h1>
<?php
error_reporting(E_ALL);
// Makes the tab whitespace makes the HTML source look nice. There are 4 spaces.
$tab = " ";
// Displays if any login errors were detected. No error = Non-breaking space character.
// HTML needs something besides an empty string to display the element to the DOM.
$error_msg = "&nbsp;";
// Used to display an HTML login form on first load or if the username and password was incorrect.
// The <form action="." just simply means it sends the request to this page (index.php) in the current directory.
$login_form = PHP_EOL .
"$tab$tab<form action=\".\" name=\"UserLogin\" id=\"UserLogin\" method=\"post\">" . PHP_EOL .
"$tab$tab$tab<label for=\"username\">Username:</label>" . PHP_EOL .
"$tab$tab$tab<input type=\"text\" name=\"username\" id=\"username\" />" . PHP_EOL .
"$tab$tab$tab<br />" . PHP_EOL .
"$tab$tab$tab<label for=\"password\">Password:</label>" . PHP_EOL .
"$tab$tab$tab<input type=\"password\" name=\"password\" id=\"password\" />" . PHP_EOL .
"$tab$tab$tab<br />" . PHP_EOL .
"$tab$tab$tab<input type=\"submit\" value=\"Submit\" />" . PHP_EOL .
"$tab$tab</form>" . PHP_EOL;
// GET: The page upon first load, before the <form> has been submitted.
if($_SERVER['REQUEST_METHOD'] === "GET") {
// Displays the HTML login <form>.
// There should be no error on first load, but this keeps the form layout in the same position.
echo "<p class='error_msg'>$error_msg</p>";
echo $login_form;
}
// POST: Confirms if the administrative password is accurate after the <form> has been submitted.
// Note: I am specifically defining an `else if' clause since REQUEST_METHOD could be: GET, POST, HEAD, or PUT
else if($_SERVER['REQUEST_METHOD'] === "POST") {
// Grabs what the user submitted and sanitizes the input to avoid an SQL injection or XSS attack.
$submitted_username = intval($_POST['username']); // Regular users only have numeric account names.
$submitted_password = htmlspecialchars($_POST['password']);
// Confirms whether the login is valid and sets the boolean `$valid_login_user' variable.
require_once "admin/valid_login_user.php";
// Login invalid: Re-displays the login <form>.
if(!$valid_login_user) {
echo "<p class='error_msg'>$error_msg</p>";
echo $login_form;
}
// Login successful!
else {
// Maintains the authenticated user session across different pages.
if(!isset($_SESSION['ov_user'])) {
$_SESSION['ov_user'] = $submitted_username;
$_SESSION['ov_login_code'] = $submitted_password;
}
// Displays the OV test (images and so forth) to the user.
echo "<div class=\"container\">" . PHP_EOL .
"$tab$tab$tab<img id=\"background-smaller-circles\" src=\"media/background-smaller-circles_(936_by_466_px,_Resolution_at_1360x768_~16_by_9).png\" alt=\"Background of Smaller Circles\" />" . PHP_EOL .
"$tab$tab$tab<div class=\"random_letter\">" . PHP_EOL .
"$tab$tab$tab$tab<span class=\"letter_o\">O</span>" . PHP_EOL .
"$tab$tab$tab$tab<span class=\"letter_d\">D</span>" . PHP_EOL .
"$tab$tab$tab$tab<span class=\"letter_backwards_d\">D</span>" . PHP_EOL .
"$tab$tab$tab</div>" . PHP_EOL .
"$tab$tab</div>" . PHP_EOL;
}
}
?>
<script src="js/jquery-3.3.1.min.js"></script>
<script src="js/openvigilance-task.js"></script>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment