$HOME_PAGE = !isset($_POST["student_id"]);

if(

!$HOME_PAGE

){

// EXPERIMENT HAS ENDED

// Redirecting user back home

header("Location: ./?error=ended");

exit("Ended");

// Check Student ID is Valid

if (!preg_match("/^\d{8}$/", $_POST["student_id"])) {

//exit("Invalid student ID. Please enter an 8-digit number.");

header("Location: ./?error=invalid_id");

}

// Load Calendar Library

$path = realpath("icalendar/zapcallib.php");

require $path;

// Load Secrets

require_once("secret.php");

// Load functions

require_once("func.php");

// Load CURL

$curl = curl_init();

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

// Cycle Through Quarters

$quarter = 2248;

$thresh = 10;

$thresh_reset = $thresh;

$all_classes = [];

$total_class_count = 0;

while ($thresh > 0) {

$all_classes[$quarter] = [];

// Get ICS File

$ics = getScheduleForQuarter($curl, $_POST["student_id"], $quarter);

$cal = new ZCiCal($ics);

//$classes = [];

foreach($cal->tree->child as $node) {

if($node->getName() == "VEVENT") {

foreach($node->data as $key => $value) {

if($key == "SUMMARY") {

$class_name = $value->getValues();

//echo "class title: " . $class_name . "\n<br/>";

}

if($key == "LOCATION") {

$location = $value->getValues();

//echo "location: " . $location . "\n<br/>";

}

if($key == "DTSTART") {

$start_date = strtotime($value->getValues());

$week_day = date('l',$start_date);

//echo "week day: " . $week_day . "\n<br/>";

//echo "start: " . date('H:i',$start_date) . "\n<br/>";

}

if($key == "DTEND") {

$end_date = strtotime($value->getValues());

//echo "end: " . date('H:i',$end_date) . "\n<br/>";

}

}

// Create class if it doesn't already exists

if(!array_key_exists($class_name, $all_classes[$quarter])) {

$all_classes[$quarter][$class_name] = [];

$all_classes[$quarter][$class_name]["location"] = $location;

$all_classes[$quarter][$class_name]["start_time"] = date('H:i',$start_date);

$all_classes[$quarter][$class_name]["end_time"] = date('H:i',$end_date);

$all_classes[$quarter][$class_name]["days"] = [];

}

// Check if week day already in

if(!in_array($week_day, $all_classes[$quarter][$class_name]["days"])) {

$all_classes[$quarter][$class_name]["days"][] = $week_day;

}

}

}

// Increase Total Class Count

$total_class_count += sizeof($all_classes[$quarter]);

// Reduce Threshold if No Classes, Otherwise Reset It

if(sizeof($all_classes[$quarter]) == 0){

$thresh -= 1;

} else {

$thresh = $thresh_reset;

}

// Compute Next Quarter

$quarter -= 2;

if ($quarter % 10 == 0) {

$quarter -= 2;

}

}

// Show Error if No Classes

if($total_class_count == 0) {

header("Location: ./?error=no_classes");

}

###############################

### Save data into database ###

###############################

try {

// Connect to DB

$conn = new PDO("mysql:host=$DB_HOST;dbname=$DB_NAME", $DB_USER, $DB_PASS);

// set the PDO error mode to exception

$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

// Check whether this user has already participated

$stmt = $conn->prepare("SELECT student_id FROM participants WHERE student_id = :student_id");

$stmt->bindParam(':student_id', $_POST["student_id"]);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

$participated = !($row == False);

if(!$participated and $total_class_count > 0){

// Save this Participant

$stmt = $conn->prepare('INSERT INTO participants (student_id) VALUES (:student_id)');

$stmt->bindParam(':student_id', $_POST["student_id"]);

$stmt->execute();

// Create a pseudo student ID

$found_new_id = False;

while(!$found_new_id){

$pseudo_student_id = mt_rand(10000000,99999999);

$stmt = $conn->prepare("SELECT pseudo_student_id FROM pseudo_students WHERE pseudo_student_id = :pseudo_student_id");

$stmt->bindParam(':pseudo_student_id', $pseudo_student_id);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

$found_new_id = $row == False;

}

// Save Pseudo Student

$stmt = $conn->prepare('INSERT INTO pseudo_students (pseudo_student_id) VALUES (:pseudo_student_id)');

$stmt->bindParam(':pseudo_student_id', $pseudo_student_id);

$stmt->execute();

// Navigate Through Classes

foreach($all_classes as $quarter => $quarter_classes) {

if(sizeof($quarter_classes) == 0) {

continue;

}

foreach($quarter_classes as $class_name => $class_details){

// Check if Class Exists

$stmt = $conn->prepare("SELECT id FROM classes WHERE name = :name AND quarter = :quarter AND location = :location AND days = :days AND start_time = :start_time AND end_time = :end_time");

$stmt->bindParam(':name', $class_name);

$stmt->bindParam(':quarter', $quarter);

$stmt->bindParam(':location', $class_details["location"]);

$days_string = implode("", $class_details["days"]);

$stmt->bindParam(':days', $days_string);

$stmt->bindParam(':start_time', $class_details["start_time"]);

$stmt->bindParam(':end_time', $class_details["end_time"]);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

$class_exists = !($row == False);

if($class_exists) {

// Use the found class ID

$class_id = $row["id"];

} else {

// Create a class ID

$found_new_id = False;

while(!$found_new_id){

$class_id = mt_rand(10000000,99999999);

$stmt = $conn->prepare("SELECT id FROM classes WHERE id = :id");

$stmt->bindParam(':id', $class_id);

$stmt->execute();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

$found_new_id = $row == False;

}

// Save Class

$stmt = $conn->prepare('INSERT INTO classes (id, name, quarter, location, days, start_time, end_time) VALUES (:id, :name, :quarter, :location, :days, :start_time, :end_time)');

$stmt->bindParam(':id', $class_id);

$stmt->bindParam(':name', $class_name);

$stmt->bindParam(':quarter', $quarter);

$stmt->bindParam(':location', $class_details["location"]);

$days_string = implode("", $class_details["days"]);

$stmt->bindParam(':days', $days_string);

$stmt->bindParam(':start_time', $class_details["start_time"]);

$stmt->bindParam(':end_time', $class_details["end_time"]);

$stmt->execute();

}

// Register the student for the class

$stmt = $conn->prepare('INSERT INTO registrar (pseudo_student_id, class_id, quarter) VALUES (:pseudo_student_id, :class_id, :quarter)');

$stmt->bindParam(':pseudo_student_id', $pseudo_student_id);

$stmt->bindParam(':class_id', $class_id);

$stmt->bindParam(':quarter', $quarter);

$stmt->execute();

}

}

$greeting = "Hello!";

} else {

$greeting = "Welcome back!";

}

// Disconnect from DB

$conn = null;

} catch(PDOException $e) {

exit("<br/>Database error! <br/> Error: " . $e->getMessage() . "<br/><br/>Please contact [email protected] with the above error message");

}

}

<!doctype html>

<html lang="en" data-bs-theme="dark">

<head>

<!-- Google tag (gtag.js) -->

<script async src="https://www.googletagmanager.com/gtag/js?id=G-NBY0B8EGKP"></script>

<script>

window.dataLayer = window.dataLayer || [];

function gtag(){dataLayer.push(arguments);}

gtag('js', new Date());

gtag('config', 'G-NBY0B8EGKP');

</script>

<!-- Hotjar Tracking Code for https://andreithuler.com -->

<script>

(function(h,o,t,j,a,r){

h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};

h._hjSettings={hjid:5039685,hjsv:6};

a=o.getElementsByTagName('head')[0];

r=o.createElement('script');r.async=1;

r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;

a.appendChild(r);

})(window,document,'https://static.hotjar.com/c/hotjar-','.js?sv=');

</script>

<meta charset="utf-8">

<meta name="viewport" content="width=device-width, initial-scale=1">

<title>Check My UChicago Calendar</title>

<!-- Bootstrap -->

<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">

<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css">

</head>

<body class="container text-center">

<!-- Header -->

<h1 class="mb-3 mt-3">Check My UChicago Calendar</h1>

<p class="mb-3 lead">View all the courses you've ever taken</p>

<br/><br/>

<!-- Experiment Has Ended -->

<div class="alert alert-success show" role="alert">

<strong>The vulnerability has been fixed!</strong> Thank you to everyone who participated in this experiment! <br/><br/>

As of 7 PM on November 11th, 2024, the vulnerability that allowed anyone to check any student's schedule just by using their ID has been fixed. You can read more about it <a href="https://andreithuler.com/uchicago-vulnerability">here</a>!

</div>

<!-- Errors -->

<?php if(isset($_GET["error"])) {

if($_GET["error"] == "invalid_id") {

?>

<div class="alert alert-danger alert-dismissible fade show" role="alert">

<strong>ERROR!</strong> The ID you submitted was invalid. Please try again. If you believe this was an error, <a href="mailto:[email protected]">let us know</a>!

<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>

</div>

<?php } else if($_GET["error"] == "no_classes") { ?>

<div class="alert alert-danger alert-dismissible fade show" role="alert">

<strong>ERROR!</strong> There are no classes associated with the ID you entered. If you believe this was an error, <a href="mailto:[email protected]">let us know</a>!

<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>

</div>

<?php } else if($_GET["error"] == "ended") { ?>

<div class="alert alert-danger alert-dismissible fade show" role="alert">

<strong>ERROR!</strong> The experiment has ended!

<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>

</div>

<?php } } ?>

<!-- END Errors -->

<!-- Intake Form -->

<?php if($HOME_PAGE) {?>

<form onsubmit="return validateForm()" id="input_form" action="./" method="POST">

<!-- Student ID -->

<label for="api_key" class="col-sm-auto col-form-label" data-bs-toggle="tooltip" title="It's the 8-digit number you can find on the back of your ID.">Enter your UChicago Student ID:</label>

<div class = "row"><div class = "col-md-2 offset-md-5">

<input type="text" name="student_id" title="Student ID" id="student_id" class="form-control text-center" placeholder="12345678" step="1" required/>

</div></div>

<br/>

<!-- Checkboxes -->

<div class="form-check form-check-inline">

<input class="form-check-input" type="checkbox" value="" id="flexCheckDefault" required>

<label class="form-check-label" for="flexCheckDefault">

This is my UChicago Student ID <span class="requiredField">*</span>

</label>

</div><br/>

<div class="form-check form-check-inline">

<input class="form-check-input" type="checkbox" value="" id="flexCheckChecked" required checked>

<label class="form-check-label" for="flexCheckChecked">

I consent to having my schedule anonymously stored. <span class="requiredField">*</span> <a href="" data-bs-toggle="modal" data-bs-target="#consentModal">Learn more</a>

</label>

</div>

<br/><br/>

<!-- Submit Button -->

<input type="submit" class="text-center btn btn-primary" placeholder="12345678" step="1" value="View My Schedule" required/>

</form><br/><br/>

<!-- END Intake Form --><?php } else { ?>

<!-- Display Classes -->

<p><?=$greeting;?> You have attended a total of <b><?=$total_class_count;?></b> classes.</p></br/>

<?php

foreach($all_classes as $quarter => $quarter_classes) {

if(sizeof($quarter_classes) == 0){

continue;

} ?>

<div class="row text-center">

<h3><?=quarterIdToString($quarter);?> (<?=sizeof($quarter_classes);?> classes)</h3>

</div>

<div class="row">

<?php foreach($quarter_classes as $class_name => $class_details){ ?>

<div class="col-xs-6 col-sm-6 col-lg-4">

<p class=""><b><?=$class_name;?></b></p>

<ul class="text-start">

<li><?=implode(", ", $class_details["days"]);?></li>

<li><?=$class_details["start_time"];?> - <?=$class_details["end_time"];?></li>

<li><?=$class_details["location"];?></li>

</ul>

<br/>

</div>

<?php } ?>

</div><br/>

<?php } ?>

<a href="./"><input type="button" class="btn btn-secondary" value="Back" /></a>

<!-- END Display Classes --> <?php } ?>

<!-- Consent Modal -->

<div class="modal fade" id="consentModal" tabindex="-1" aria-labelledby="consentModalLabel" aria-hidden="true">

<div class="modal-dialog">

<div class="modal-content">

<!-- Header -->

<div class="modal-header">

<h1 class="modal-title fs-5" id="consentModalLabel">Consent Information</h1>

<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>

</div>

<!-- Body -->

<div class="modal-body text-start">

<p><b>Description</b>: We are researchers at the University of Chicago doing a research study about a potential security vulnerability in the University's systems. We are collecting consenting participants' class schedules to determine the potential impact of the potential vulnerability we have discovered. Your participation is voluntary.</p>

<p><b>Risks and Benefits</b>: Your participation in this study does not involve any significant risks to you beyond that of everyday life.</p>

<p><b>Confidentiality</b>: Your University of Chicago class schedule from Fall 2019 until Fall 2024 will be collected and stored anonymously. Your student ID will be recorded to prevent duplicate participation, but stored separately from your schedule. Your anonymized data may be shared as an aggregate summary, but your individual record will not be shared.</p>

<p><b>Contacts & Questions</b>: If you have questions or concerns about the study, you can contact the researchers at: Andrei Thüler, <a href="mailto:[email protected]">[email protected]</a>.</p>

<p>If you have any questions about your rights as a participant in this research, feel you have been harmed, or wish to discuss other study-related concerns with someone who is not part of the research team, you can contact the University of Chicago Social & Behavioral Sciences Institutional Review Board (IRB) Office by phone at <a href="tel:7737022915">(773) 702-2915</a>, or by email at <a href="mailto:[email protected]">[email protected]</a>.

</p>

<p><b>Consent:</b> Participation is voluntary. Refusal to participate or withdrawing from the research will involve no penalty or loss of benefits to which you might otherwise be entitled.</p>

<p>By clicking the checkbox, you confirm that you have read the consent form, are at least 18 years old, and agree to participate in the research. Please print or save a copy of this page for your records.<p>

</div>

<!-- Footer -->

<div class="modal-footer">

<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>

</div>

</div>

</div>

</div>

<!-- iCal Link -->

<!--<div id="reveal" style=" transition: opacity 1s;"><br/>

<div class="row col-md-4 offset-md-4">

<hr/>

<br/>

<label for="ical_link" class="col-sm-auto col-form-label">Add this link to your calendar application of choice</label><br/>

<div class="input-group mb-3 col-sm-auto">

<input name="ical_link" type="text" class="form-control" id="input_to_copy" readonly>

<button class="btn btn-primary" type="button" id="button-addon2" onclick="copyLink()">

<i class="bi bi-clipboard"></i>

</button>

</div>

</div>

</div>-->

<br/><br/><br/>

<!-- Frequently Asked Question -->

<div class="col-sm-6 offset-sm-3">

<h3 class="mb-3">Frequently Asked Questions</h3>

<div class="accordion" id="accordionExample">

<div class="accordion-item">

<h2 class="accordion-header">

<button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">

What is this?

</button>

</h2>

<div id="collapseOne" class="accordion-collapse collapse show" data-bs-parent="#accordionExample">

<div class="accordion-body text-start">

Using this tool, you can view all the courses you've ever taken at the University of Chicago in one simple place.<br/><br/>

This project is part of an investigation into the University of Chicago IT system which requires us to analyze the schedules of many generous volunteers (that's you!).

</div>

</div>

</div>

<div class="accordion-item">

<h2 class="accordion-header">

<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapseTwo" aria-expanded="false" aria-controls="collapseTwo">

How does it work?

</button>

</h2>

<div id="collapseTwo" class="accordion-collapse collapse" data-bs-parent="#accordionExample">

<div class="accordion-body text-start">

After you enter your Student ID and press <code>View My Schedule</code>, we query the University of Chicago servers for all the courses you've ever taken while a student and display them to you!

</div>

</div>

</div>

<div class="accordion-item">

<h2 class="accordion-header">

<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapseThree" aria-expanded="false" aria-controls="collapseThree">

What information do you store?

</button>

</h2>

<div id="collapseThree" class="accordion-collapse collapse" data-bs-parent="#accordionExample">

<div class="accordion-body text-start">

We store an anonymized version of your schedule to use as part of our study into the University of Chicago's IT system. We also record your Student ID to prevent duplicate entries, but store it separately. You can find more information <a href="" data-bs-toggle="modal" data-bs-target="#consentModal">here</a>.<br/><br/>

On this website, we use <a href="https://policies.google.com/privacy" target="__blank">Google Analytics</a> and <a href="https://www.hotjar.com/legal/policies/privacy/" target="__blank">Hotjar</a> which are subject to their respective Privacy Policies.

</div>

</div>

</div>

</div>

</div>

<br/><br/>

<!-- Footer -->

<p>Bugs? Issues? <a href="mailto:[email protected]">Let us know!</a> | <a href="https://andreithuler.com" target="__blank">Website</a> | <a href="https://github.com/athuler/" target="__blank">GitHub</a></p><br/>

<!-- Custom Styles -->

<style>

.requiredField {

color: #ff0066;

}

</style>

<!-- Student ID Validation -->

<script>

function validateForm() {

const studentId = document.getElementById("student_id").value;

const studentIdPattern = /^\d{8}$/; // Regular expression for exactly 8 digits

if (!studentIdPattern.test(studentId)) {

alert("Student ID must contain exactly 8 numeric digits.");

return false; // Prevent form submission

}

return true; // Allow form submission

}

</script>

<!-- Bootstrap Scripts -->

<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>

<script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js" integrity="sha384-I7E8VVD/ismYTF4hNIPjVp/Zjvgyol6VFvRkX/vR+Vc4jQkC+hVqc2pM8ODewa9r" crossorigin="anonymous"></script>

<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.min.js" integrity="sha384-Rx+T1VzGupg4BHQYs2gCW9It+akI2MM/mndMCy36UVfodzcJcF0GGLxZIzObiEfa" crossorigin="anonymous"></script>

<script>

const tooltipTriggerList = document.querySelectorAll('[data-bs-toggle="tooltip"]')

const tooltipList = [...tooltipTriggerList].map(tooltipTriggerEl => new bootstrap.Tooltip(tooltipTriggerEl))

</script>

<!-- JQuery -->

<script src="https://code.jquery.com/jquery-3.7.1.min.js" integrity="sha256-/JqT3SQfawRcv/BIHPThkBvs0OEvtFFmqPF/lYI/Cxo=" crossorigin="anonymous"></script>

</body>

</html>