grade.php

<?php
# Based on https://github.com/csev/pythonauto/blob/master/grade.php
require_once('bower_components/pythonauto/util/lti_util.php');
session_start();

if (isset($_REQUEST["exercise"]) && preg_match("/^\d+$/", $_REQUEST["exercise"])) {
  $exercise = $_REQUEST["exercise"];
} else {
  echo json_encode(Array("status" => "failure", "detail" => "No exercise in request"));
  return;
}

if (isset($_REQUEST["code"])) {
  $code = $_REQUEST["code"];
  $grade = "1.0";
} else {
  $grade = "0.0";
}

$context = new BLTI(false, true, false);
if (!$context->valid) {
    echo json_encode(Array("status" => "failure", "detail" => "No context in session"));
    return;
}

$endpoint = $context->getOutcomeService();
if ($endpoint === false) {
    echo json_encode(Array("status" => "failure", "detail" => "No grade service available"));
    return;
}

$sourcedid = $context->getOutcomeSourceDID();
# Hack to work with UNE's LMS
$sourcedid = str_replace("\\\"", "\"", $sourcedid);
if ($sourcedid === false) {
    echo json_encode(Array("status" => "failure", "detail" => "No grade entry available"));
    return;
}

if (isset($_SESSION['oauth_consumer_key']) && isset($_SESSION['oauth_consumer_secret'])
    && $_SESSION['oauth_consumer_key'] !== '' && $_SESSION['oauth_consumer_secret'] !== '') {
    $oauth_consumer_key = $_SESSION['oauth_consumer_key'];
    $oauth_consumer_secret = $_SESSION['oauth_consumer_secret'];
} else {
    echo json_encode(Array("status" => "failure", "detail" => "No key/secret in session"));
    return;
}

function execAvailable() {
  # Function based on http://stackoverflow.com/questions/3938120/check-if-exec-is-disabled#answer-12980534
  $exec_available = true;
  if (ini_get('safe_mode')) {
    $exec_available = false;
  } else {
    $d = ini_get('disable_functions');
    $s = ini_get('suhosin.executor.func.blacklist');
    if ("$d$s") {
      $array = preg_split('/,\s*/', "$d,$s");
      if (in_array('exec', $array)) {
        $exec_available = false;
      }
    }
  }
    return $exec_available;
}

# Ensure code passes tests on server
if (isset($code) && execAvailable() && is_executable("./test_code.sh")) {
    $file = tempnam(sys_get_temp_dir(), "automark_");
    $handle = fopen($file, "w");