@lesedi - you have a security whole (as I am sure loads of us students have)
but what makes yours worse is the fact that you make it almost imposible NOT to find
you need to place the assignment into a index.php
so that when a person arives at your site that will be the landing page.
by not having an index page arrive at your site and I can see all the files on your site .
is deff not in scope for this course so isn't needed but believe you can solve this ussing a htaccess file
to use a diffrent landing file...other then index.php, and think having error pages show instead of the files on the server (but not100% sure)
as for being marked, need to get confirmation from Mac, but cant imagine you having much luck.