♦ simple remote one-time pseudorandom draw of exam question-paper online, in PHP & MySQL ♦
You are an examinator (say, teacher) who wants to arrange... what is described and shown above — a remote exam, where participants (say, students) draw question-papers online. They should do it remotely, the choice of variant is done only once per exam, in principle any participant can get any variant, the variant is chosen in a non-predictable way, although a participant affects the choice. And a participant sees only her/his variant, unless others are willing to share theirs. Also, everything begins simultaneously for all participants.
In the end, they send you the photos or scans of their papers.
Surely, this functionality is available in «big» online education platforms/learning management systems, but if you do not want the overhead, both in price and complexity, consider this thing. Speaking of price, it's 0, and speaking of complexity, its simplicity (the script has approx. 700 lines) makes it easy to modify, adding the features you need.
On the other hand, it may be better for you to use more sophisticated systems, e.g. because the submission process occurs within such system and does not require external email services.
An online and publicly accessible website with PHP & MySQL at server side, where you have the webmaster permissions: to modify the site content, to work with databases from PHP scripts and phpMyAdmin-like tools. The sendmail PHP extension should be installed to send individual links to participants automatically.
Perhaps you will consult someone who can do the setup for you, although it is preferable that you understand and control everything yourself. Then you improve this thing to satisfy more needs and sell it (under different name, please) to get tons of cash!!!
«OK, I want to try»
$hashstr = hash('sha256', HASHCALC_KEY . $id . microtime() . $salt . HASHCALC_KEY);
$var = 1 + (intval(substr($hashstr, 0, 7), 0x10) % $varnum);
Nothing in RemotExam prevents participants from sharing their IDs or screenshots of question-papers, period. (Particularly, you may be such participant, reading these pages to reveal some additional backdoor... good luck.) Security-related issues RemotExam actually deals with (if not misconfigured, of course) are:
• input verification against SQL injections
• participants do not know the internal indices of chosen variants
• participants do not know the URLs of image files with variants
• participants do not know what code they must enter to get a given variant
• examinator alone cannot limit participant to some subset of variants
• examinator and participant cannot limit the latter to some subset of variants as well
• other participants will know ID of a given participant and can visit her/his page only if she/he shares it with them (or has compromized mailbox/computer/...)
• to obtain the collection of all variants, participants must cooperate
• participants may (will!) read these very pages, download source code etc., but previous assertions remain true as long as your server and RemotExam installation are properly configured
Do you trust these statements without inspecting the source? Also, governmental agencies with ¤109-budgets can break this protection through your hosting... yeah, your exams are their primary target.
It becomes more secure if the connection to the site where you deploy RemotExam is through https:// instead of http://. There are other reasons to add that s to your site.
Copyright © 2014–2020 Sunkware
〈VisitIPs is watching you〉