Hi,
habe hier http://freizeitumfrage.net/index.php?pa ... -mitmachen das problem, dass der iframe bei der 2. und 3. seite nicht wieder oben anfängt. Wollte das mit diesem Script machen:
onload="scroller();"
in der function.embed.php, aber das hat nit funktioniert.
Wo muss das da denn rein? Oder wie kann ich es sonst erzeugen, dass die Seite automatisch wieder nach oben springt. Denke, das wird den User sonst verunsichern.
vg
pod
iframe onscroll
Re: iframe onscroll
Nimm das Script aus der function.embed.php wieder raus.
Pack diesen Code in die Dateien, die in dem Iframe aufgerufen werden. Dann sollte es eigentlich funktionieren.
Code: Select all
<__script__ type="text/javascript">parent.scrollTo(0,0);</__script>
Re: iframe onscroll
Ok, aus der function.embed hab ichs raus.
Aber wo soll denn das da rein????
Aber wo soll denn das da rein????
Re: iframe onscroll
In die Datei, die Du in dem Iframe lädst.
Das Iframe greift ja auf die Datei "http://freizeitumfrage.net/limesurvey/index.php" zu.
In diese Datei musst Du das reinpacken. (Sofern Du Zugriff darauf hast)
ändere das in folgendes:
Das Iframe greift ja auf die Datei "http://freizeitumfrage.net/limesurvey/index.php" zu.
In diese Datei musst Du das reinpacken. (Sofern Du Zugriff darauf hast)
Code: Select all
<__script__ type="text/javascript" src="http://freizeitumfrage.net/limesurvey/scripts/surveyRuntime.js">
</__script>
</head>
Code: Select all
<__script__ type="text/javascript" src="http://freizeitumfrage.net/limesurvey/scripts/surveyRuntime.js">
</__script>
<__script__ type="text/javascript">parent.scrollTo(0,0);</__script>
</head>
Re: iframe onscroll
vielen Dank schonmal für eure hilfe!
also zugriff hab ich auf die datei.
allerdings weiß ich immer noch nit genau, wo das script da jetz rein muss.
habs mal einfach ans ende gesetzt, das ging aber nit, kam ne fehlermeldung.
also zugriff hab ich auf die datei.
allerdings weiß ich immer noch nit genau, wo das script da jetz rein muss.
habs mal einfach ans ende gesetzt, das ging aber nit, kam ne fehlermeldung.
Re: iframe onscroll
Ich weiß leider nicht, wie die index.php Datei genau aussieht.
Findest Du in der Datei die Zeichenfolge "" ?
Wenn ja, dann ersetze diese durch
"
parent.scrollTo(0,0);
"
Ansonsten wäre es hilfreich wenn Du den Inhalt der Datei mal hier posten könntest.
Findest Du in der Datei die Zeichenfolge "" ?
Wenn ja, dann ersetze diese durch
"
parent.scrollTo(0,0);
"
Ansonsten wäre es hilfreich wenn Du den Inhalt der Datei mal hier posten könntest.
Re: iframe onscroll
nee das hatte ich ja schon gesucht.
ok ich poste sie mal in mehreren teilen, in einem ist sie zu lang
ErrorMsg()); //Checked
if ($actresult->RecordCount() > 0)
{
$issurveyactive=true;
}
}
if ($surveyid &&
$issurveyactive===false &&
isset ($surveyPreview_require_Auth) &&
$surveyPreview_require_Auth === true)
{
// admin session and permission have not already been imported
// for this particular survey
if ( !isset($_SESSION['USER_RIGHT_PREVIEW']) ||
$_SESSION['USER_RIGHT_PREVIEW'] != $surveyid)
{
// Store initial session name
$initial_session_name=session_name();
// One way (not implemented here) would be to start the
// user session from a duplicate of the admin session
// - destroy the new session
// - load admin session (with correct session name)
// - close admin session
// - change used session name to default
// - open new session (takes admin session id)
// - regenerate brand new session id for this session
// The solution implemented here is to copy some
// fields from the admin session to the new session
// - first destroy the new (empty) user session
// - then open admin session
// - record interresting values from the admin session
// - duplicate admin session under another name and Id
// - destroy the duplicated admin session
// - start a brand new user session
// - copy interresting values in this user session
@session_destroy(); // make it silent because for
// some strange reasons it fails sometimes
// which is not a problem
// but if it throughs an error then future
// session functions won't work because
// headers are already sent.
$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true); //Checked
if ($usresult)
{
$usrow = $usresult->FetchRow();
@session_name($usrow['stg_value']);
}
else
{
session_name("LimeSurveyAdmin");
}
@session_start(); // Loads Admin Session
$previewright=false;
$savesessionvars=Array();
if (isset($_SESSION['loginID']))
{
$rightquery="SELECT * FROM {$dbprefix}surveys_rights WHERE sid=".db_quote($surveyid)." AND uid = ".db_quote($_SESSION['loginID']);
$rightresult = db_execute_assoc($rightquery); //Checked
// Currently it is enough to be listed in the survey
// user operator list to get preview access
if ($rightresult->RecordCount() > 0 || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
{
$previewright=true;
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
}
// change session name and id
// then delete this new session
// ==> the original admin session remains valid
// ==> it is possible to start a new session
session_name($initial_session_name);
if (session_regenerate_id() === false) { safe_die("Error Regenerating Session Id");}
@session_destroy();
// start new session
@session_start();
// regenerate id so that the header geenrated by previous
// regenerate_id is overwritten
// needed after clearall
if (session_regenerate_id() === false) { safe_die("Error Regenerating Session Id");}
if ( $previewright === true)
{
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
}
}
else
{ // already authorized
$previewright = true;
}
if ( $previewright === false)
{
// print an error message
if (isset($_REQUEST['rootdir'])) {safe_die('You cannot start this script directly');}
require_once(dirname(__FILE__).'/classes/core/language.php');
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = new limesurvey_lang($baselang);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("ERROR")."
\n"
."\t\t\t".$clang->gT("We are sorry but you don't have permissions to do this.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail)."\n"
."\t\t
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
}
if (isset($_SESSION['srid']))
{
$saved_id = $_SESSION['srid'];
}
if (!isset($_SESSION['grouplist']) && (isset($move)) )
// geez ... a session time out! RUN!
{
if (isset($_REQUEST['rootdir'])) {safe_die('You cannot start this script directly');}
require_once(dirname(__FILE__).'/classes/core/language.php');
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = new limesurvey_lang($baselang);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("ERROR")."
\n"
."\t\t\t".$clang->gT("We are sorry but your session has expired.")."
".$clang->gT("Either you have been inactive for too long, you have cookies disabled for your browser, or there were problems with your connection.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail)."\n"
."\t\t
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
};
// Set the language of the survey, either from POST, GET parameter of session var
if (isset($_POST['lang']) && $_POST['lang']!='') // this one comes from the language question
{
$templang = sanitize_languagecode($_POST['lang']);
$clang = SetSurveyLanguage( $surveyid, $templang);
UpdateSessionGroupList($templang); // to refresh the language strings in the group list session variable
UpdateFieldArray(); // to refresh question titles and question text
}
else
if (isset($_GET['lang']) && $surveyid)
{
$templang = sanitize_languagecode($_GET['lang']);
$clang = SetSurveyLanguage( $surveyid, $templang);
UpdateSessionGroupList($templang); // to refresh the language strings in the group list session variable
UpdateFieldArray(); // to refresh question titles and question text
}
if (isset($_SESSION['s_lang']))
{
$clang = SetSurveyLanguage( $surveyid, $_SESSION['s_lang']);
}
elseif (isset($surveyid) && $surveyid)
{
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = SetSurveyLanguage( $surveyid, $baselang);
}
else
{
$baselang=$defaultlang;
}
if (isset($_REQUEST['embedded_inc'])) {safe_die('You cannot start this script directly');}
if ( $embedded_inc != '' )
require_once( $embedded_inc );
//CHECK FOR REQUIRED INFORMATION (sid)
if (!$surveyid)
{
if(isset($_GET['lang']))
{
$baselang = sanitize_languagecode($_GET['lang']);
}
elseif (!isset($baselang))
{
$baselang=$defaultlang;
}
$clang = new limesurvey_lang($baselang);
if(!isset($defaulttemplate)) {$defaulttemplate="default";}
$languagechanger = makelanguagechanger();
//Find out if there are any publicly available surveys
$query = "SELECT a.sid, b.surveyls_title
FROM ".db_table_name('surveys')." AS a
INNER JOIN ".db_table_name('surveys_languagesettings')." AS b
ON ( surveyls_survey_id = a.sid AND surveyls_language = a.language )
WHERE surveyls_survey_id=a.sid
AND surveyls_language=a.language
AND a.active='Y'
AND a.listpublic='Y'
AND ((a.expires >= '".date("Y-m-d")."'
AND a.useexpiry = 'Y') OR
(a.useexpiry = 'N'))
ORDER BY surveyls_title";
$result = db_execute_assoc($query,false,true) or die("Could not connect to database. If you try to install LimeSurvey please refer to the installation docs and/or contact the system administrator of this webpage."); //Checked
$list=array();
if($result->RecordCount() > 0)
{
while($rows = $result->FetchRow())
{
$link = "".$rows['surveyls_title']."\n";
$list[]=$link;
}
}
if(count($list) ".$clang->gT("No available surveys")."";
}
$surveylist=array(
"nosid"=>$clang->gT("You have not provided a survey identification number"),
"contact"=>sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail),
"listheading"=>$clang->gT("The following surveys are available:"),
"list"=>implode("\n",$list),
);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/startpage.pstpl"));
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/surveylist.pstpl"));
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/endpage.pstpl"));
doFooter();
exit;
}
// Get token
if (!isset($token))
{
$token=$clienttoken;
}
//GET BASIC INFORMATION ABOUT THIS SURVEY
$totalBoilerplatequestions =0;
$thissurvey=getSurveyInfo($surveyid, $_SESSION['s_lang']);
if (is_array($thissurvey))
{
$surveyexists=1;
}
else
{
$surveyexists=0;
}
// If token was submitted from token form
// Disabled for the moment (1.50) with function captcha_enabled
//if (isset($_GET['tokenSEC']) && $_GET['tokenSEC'] == 1 && function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
//{
// if (!isset($_GET['loadsecurity']) || $_GET['loadsecurity'] != $_SESSION['secanswer'])
// {
// $secerror = $clang->gT("The answer to the security question is incorrect")."
\n";
// $_GET['token'] = "";
// }
//}
if (isset($_GET['newtest']) && $_GET['newtest'] = "Y") unset($_GET['token']);
//SEE IF SURVEY USES TOKENS
$i = 0; //$tokensexist = 0;
if ($surveyexists == 1 && bHasSurveyGotTokentable($thissurvey))
{
$tokensexist = 1;
}
else
{
$tokensexist = 0;
}
//SET THE TEMPLATE DIRECTORY
if (!$thissurvey['templatedir'])
{
$thistpl=$tpldir."/".$defaulttemplate;
}
else
{
$thistpl=$tpldir."/".validate_templatedir($thissurvey['templatedir']);
}
//MAKE SURE SURVEY HASN'T EXPIRED
if ($thissurvey['expiry']
\n"
."\t\t\t".$clang->gT("This survey is no longer available.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail']).".\n"
."
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
//CHECK FOR PREVIOUSLY COMPLETED COOKIE
//If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE"
$cookiename="PHPSID".returnglobal('sid')."STATUS";
if (isset($_COOKIE[$cookiename]) && $_COOKIE[$cookiename] == "COMPLETE" && $thissurvey['usecookie'] == "Y" && $tokensexist != 1 && (!isset($_GET['newtest']) || $_GET['newtest'] != "Y"))
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("Error")."
\n"
."\t\t\t".$clang->gT("You have already completed this survey.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail'])."\n"
."
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
//CHECK IF SURVEY ID DETAILS HAVE CHANGED
if (isset($_SESSION['oldsid'])) {$oldsid=$_SESSION['oldsid'];}
if (!isset($oldsid)) {$_SESSION['oldsid'] = $surveyid;}
if (isset($oldsid) && $oldsid && $oldsid != $surveyid)
{
$savesessionvars=Array();
if (isset($_SESSION['USER_RIGHT_PREVIEW']))
{
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
session_unset();
$_SESSION['oldsid']=$surveyid;
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
}
if (isset($_GET['loadall']) && $_GET['loadall'] == "reload")
{
if (returnglobal('loadname') && returnglobal('loadpass'))
{
$_POST['loadall']="reload";
}
}
//LOAD SAVED SURVEY
if (isset($_POST['loadall']) && $_POST['loadall'] == "reload")
{
$errormsg="";
// if (loadname is not set) or if ((loadname is set) and (loadname is NULL))
if (!isset($loadname) || (isset($loadname) && ($loadname == null)))
{
$errormsg .= $clang->gT("You did not provide a name")."
\n";
}
// if (loadpass is not set) or if ((loadpass is set) and (loadpass is NULL))
if (!isset($loadpass) || (isset($loadpass) && ($loadpass == null)))
{
$errormsg .= $clang->gT("You did not provide a password")."
\n";
}
// if security question answer is incorrect
if (function_exists("ImageCreate") && captcha_enabled('saveandloadscreen',$thissurvey['usecaptcha']))
{
if ( (!isset($_POST['loadsecurity']) ||
!isset($_SESSION['secanswer']) ||
$_POST['loadsecurity'] != $_SESSION['secanswer']) &&
!isset($_GET['scid']))
{
$errormsg .= $clang->gT("The answer to the security question is incorrect")."
\n";
}
}
// Load session before loading the values from the saved data
if (isset($_GET['loadall']))
{
buildsurveysession();
}
$_SESSION['holdname']=$loadname; //Session variable used to load answers every page.
$_SESSION['holdpass']=$loadpass; //Session variable used to load answers every page.
if ($errormsg == "") loadanswers();
$move = "movenext";
if ($errormsg)
{
$_POST['loadall'] = $clang->gT("Load Unfinished Survey");
}
}
//Allow loading of saved survey
if (isset($_POST['loadall']) && $_POST['loadall'] == $clang->gT("Load Unfinished Survey"))
{
require_once("load.php");
}
//Check if TOKEN is used for EVERY PAGE
//This function fixes a bug where users able to submit two surveys/votes
//by checking that the token has not been used at each page displayed.
// bypass only this check at first page (Step=0) because
// this check is done in buildsurveysession and error message
// could be more interresting there (takes into accound captcha if used)
if ($tokensexist == 1 && isset($token) && $token &&
isset($_SESSION['step']) && $_SESSION['step']>0)
{
//check if token actually does exist
ok ich poste sie mal in mehreren teilen, in einem ist sie zu lang
ErrorMsg()); //Checked
if ($actresult->RecordCount() > 0)
{
$issurveyactive=true;
}
}
if ($surveyid &&
$issurveyactive===false &&
isset ($surveyPreview_require_Auth) &&
$surveyPreview_require_Auth === true)
{
// admin session and permission have not already been imported
// for this particular survey
if ( !isset($_SESSION['USER_RIGHT_PREVIEW']) ||
$_SESSION['USER_RIGHT_PREVIEW'] != $surveyid)
{
// Store initial session name
$initial_session_name=session_name();
// One way (not implemented here) would be to start the
// user session from a duplicate of the admin session
// - destroy the new session
// - load admin session (with correct session name)
// - close admin session
// - change used session name to default
// - open new session (takes admin session id)
// - regenerate brand new session id for this session
// The solution implemented here is to copy some
// fields from the admin session to the new session
// - first destroy the new (empty) user session
// - then open admin session
// - record interresting values from the admin session
// - duplicate admin session under another name and Id
// - destroy the duplicated admin session
// - start a brand new user session
// - copy interresting values in this user session
@session_destroy(); // make it silent because for
// some strange reasons it fails sometimes
// which is not a problem
// but if it throughs an error then future
// session functions won't work because
// headers are already sent.
$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true); //Checked
if ($usresult)
{
$usrow = $usresult->FetchRow();
@session_name($usrow['stg_value']);
}
else
{
session_name("LimeSurveyAdmin");
}
@session_start(); // Loads Admin Session
$previewright=false;
$savesessionvars=Array();
if (isset($_SESSION['loginID']))
{
$rightquery="SELECT * FROM {$dbprefix}surveys_rights WHERE sid=".db_quote($surveyid)." AND uid = ".db_quote($_SESSION['loginID']);
$rightresult = db_execute_assoc($rightquery); //Checked
// Currently it is enough to be listed in the survey
// user operator list to get preview access
if ($rightresult->RecordCount() > 0 || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
{
$previewright=true;
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
}
// change session name and id
// then delete this new session
// ==> the original admin session remains valid
// ==> it is possible to start a new session
session_name($initial_session_name);
if (session_regenerate_id() === false) { safe_die("Error Regenerating Session Id");}
@session_destroy();
// start new session
@session_start();
// regenerate id so that the header geenrated by previous
// regenerate_id is overwritten
// needed after clearall
if (session_regenerate_id() === false) { safe_die("Error Regenerating Session Id");}
if ( $previewright === true)
{
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
}
}
else
{ // already authorized
$previewright = true;
}
if ( $previewright === false)
{
// print an error message
if (isset($_REQUEST['rootdir'])) {safe_die('You cannot start this script directly');}
require_once(dirname(__FILE__).'/classes/core/language.php');
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = new limesurvey_lang($baselang);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("ERROR")."
\n"
."\t\t\t".$clang->gT("We are sorry but you don't have permissions to do this.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail)."\n"
."\t\t
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
}
if (isset($_SESSION['srid']))
{
$saved_id = $_SESSION['srid'];
}
if (!isset($_SESSION['grouplist']) && (isset($move)) )
// geez ... a session time out! RUN!
{
if (isset($_REQUEST['rootdir'])) {safe_die('You cannot start this script directly');}
require_once(dirname(__FILE__).'/classes/core/language.php');
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = new limesurvey_lang($baselang);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("ERROR")."
\n"
."\t\t\t".$clang->gT("We are sorry but your session has expired.")."
".$clang->gT("Either you have been inactive for too long, you have cookies disabled for your browser, or there were problems with your connection.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail)."\n"
."\t\t
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
};
// Set the language of the survey, either from POST, GET parameter of session var
if (isset($_POST['lang']) && $_POST['lang']!='') // this one comes from the language question
{
$templang = sanitize_languagecode($_POST['lang']);
$clang = SetSurveyLanguage( $surveyid, $templang);
UpdateSessionGroupList($templang); // to refresh the language strings in the group list session variable
UpdateFieldArray(); // to refresh question titles and question text
}
else
if (isset($_GET['lang']) && $surveyid)
{
$templang = sanitize_languagecode($_GET['lang']);
$clang = SetSurveyLanguage( $surveyid, $templang);
UpdateSessionGroupList($templang); // to refresh the language strings in the group list session variable
UpdateFieldArray(); // to refresh question titles and question text
}
if (isset($_SESSION['s_lang']))
{
$clang = SetSurveyLanguage( $surveyid, $_SESSION['s_lang']);
}
elseif (isset($surveyid) && $surveyid)
{
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = SetSurveyLanguage( $surveyid, $baselang);
}
else
{
$baselang=$defaultlang;
}
if (isset($_REQUEST['embedded_inc'])) {safe_die('You cannot start this script directly');}
if ( $embedded_inc != '' )
require_once( $embedded_inc );
//CHECK FOR REQUIRED INFORMATION (sid)
if (!$surveyid)
{
if(isset($_GET['lang']))
{
$baselang = sanitize_languagecode($_GET['lang']);
}
elseif (!isset($baselang))
{
$baselang=$defaultlang;
}
$clang = new limesurvey_lang($baselang);
if(!isset($defaulttemplate)) {$defaulttemplate="default";}
$languagechanger = makelanguagechanger();
//Find out if there are any publicly available surveys
$query = "SELECT a.sid, b.surveyls_title
FROM ".db_table_name('surveys')." AS a
INNER JOIN ".db_table_name('surveys_languagesettings')." AS b
ON ( surveyls_survey_id = a.sid AND surveyls_language = a.language )
WHERE surveyls_survey_id=a.sid
AND surveyls_language=a.language
AND a.active='Y'
AND a.listpublic='Y'
AND ((a.expires >= '".date("Y-m-d")."'
AND a.useexpiry = 'Y') OR
(a.useexpiry = 'N'))
ORDER BY surveyls_title";
$result = db_execute_assoc($query,false,true) or die("Could not connect to database. If you try to install LimeSurvey please refer to the installation docs and/or contact the system administrator of this webpage."); //Checked
$list=array();
if($result->RecordCount() > 0)
{
while($rows = $result->FetchRow())
{
$link = "".$rows['surveyls_title']."\n";
$list[]=$link;
}
}
if(count($list) ".$clang->gT("No available surveys")."";
}
$surveylist=array(
"nosid"=>$clang->gT("You have not provided a survey identification number"),
"contact"=>sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$siteadminname,$siteadminemail),
"listheading"=>$clang->gT("The following surveys are available:"),
"list"=>implode("\n",$list),
);
//A nice exit
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/startpage.pstpl"));
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/surveylist.pstpl"));
echo templatereplace(file_get_contents("$tpldir/$defaulttemplate/endpage.pstpl"));
doFooter();
exit;
}
// Get token
if (!isset($token))
{
$token=$clienttoken;
}
//GET BASIC INFORMATION ABOUT THIS SURVEY
$totalBoilerplatequestions =0;
$thissurvey=getSurveyInfo($surveyid, $_SESSION['s_lang']);
if (is_array($thissurvey))
{
$surveyexists=1;
}
else
{
$surveyexists=0;
}
// If token was submitted from token form
// Disabled for the moment (1.50) with function captcha_enabled
//if (isset($_GET['tokenSEC']) && $_GET['tokenSEC'] == 1 && function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
//{
// if (!isset($_GET['loadsecurity']) || $_GET['loadsecurity'] != $_SESSION['secanswer'])
// {
// $secerror = $clang->gT("The answer to the security question is incorrect")."
\n";
// $_GET['token'] = "";
// }
//}
if (isset($_GET['newtest']) && $_GET['newtest'] = "Y") unset($_GET['token']);
//SEE IF SURVEY USES TOKENS
$i = 0; //$tokensexist = 0;
if ($surveyexists == 1 && bHasSurveyGotTokentable($thissurvey))
{
$tokensexist = 1;
}
else
{
$tokensexist = 0;
}
//SET THE TEMPLATE DIRECTORY
if (!$thissurvey['templatedir'])
{
$thistpl=$tpldir."/".$defaulttemplate;
}
else
{
$thistpl=$tpldir."/".validate_templatedir($thissurvey['templatedir']);
}
//MAKE SURE SURVEY HASN'T EXPIRED
if ($thissurvey['expiry']
\n"
."\t\t\t".$clang->gT("This survey is no longer available.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail']).".\n"
."
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
//CHECK FOR PREVIOUSLY COMPLETED COOKIE
//If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE"
$cookiename="PHPSID".returnglobal('sid')."STATUS";
if (isset($_COOKIE[$cookiename]) && $_COOKIE[$cookiename] == "COMPLETE" && $thissurvey['usecookie'] == "Y" && $tokensexist != 1 && (!isset($_GET['newtest']) || $_GET['newtest'] != "Y"))
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$tpldir/default/startpage.pstpl"));
echo "\t\t
\n"
."\t\t\t".$clang->gT("Error")."
\n"
."\t\t\t".$clang->gT("You have already completed this survey.")."
\n"
."\t\t\t".sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail'])."\n"
."
\n";
echo templatereplace(file_get_contents("$tpldir/default/endpage.pstpl"));
doFooter();
exit;
}
//CHECK IF SURVEY ID DETAILS HAVE CHANGED
if (isset($_SESSION['oldsid'])) {$oldsid=$_SESSION['oldsid'];}
if (!isset($oldsid)) {$_SESSION['oldsid'] = $surveyid;}
if (isset($oldsid) && $oldsid && $oldsid != $surveyid)
{
$savesessionvars=Array();
if (isset($_SESSION['USER_RIGHT_PREVIEW']))
{
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
session_unset();
$_SESSION['oldsid']=$surveyid;
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
}
if (isset($_GET['loadall']) && $_GET['loadall'] == "reload")
{
if (returnglobal('loadname') && returnglobal('loadpass'))
{
$_POST['loadall']="reload";
}
}
//LOAD SAVED SURVEY
if (isset($_POST['loadall']) && $_POST['loadall'] == "reload")
{
$errormsg="";
// if (loadname is not set) or if ((loadname is set) and (loadname is NULL))
if (!isset($loadname) || (isset($loadname) && ($loadname == null)))
{
$errormsg .= $clang->gT("You did not provide a name")."
\n";
}
// if (loadpass is not set) or if ((loadpass is set) and (loadpass is NULL))
if (!isset($loadpass) || (isset($loadpass) && ($loadpass == null)))
{
$errormsg .= $clang->gT("You did not provide a password")."
\n";
}
// if security question answer is incorrect
if (function_exists("ImageCreate") && captcha_enabled('saveandloadscreen',$thissurvey['usecaptcha']))
{
if ( (!isset($_POST['loadsecurity']) ||
!isset($_SESSION['secanswer']) ||
$_POST['loadsecurity'] != $_SESSION['secanswer']) &&
!isset($_GET['scid']))
{
$errormsg .= $clang->gT("The answer to the security question is incorrect")."
\n";
}
}
// Load session before loading the values from the saved data
if (isset($_GET['loadall']))
{
buildsurveysession();
}
$_SESSION['holdname']=$loadname; //Session variable used to load answers every page.
$_SESSION['holdpass']=$loadpass; //Session variable used to load answers every page.
if ($errormsg == "") loadanswers();
$move = "movenext";
if ($errormsg)
{
$_POST['loadall'] = $clang->gT("Load Unfinished Survey");
}
}
//Allow loading of saved survey
if (isset($_POST['loadall']) && $_POST['loadall'] == $clang->gT("Load Unfinished Survey"))
{
require_once("load.php");
}
//Check if TOKEN is used for EVERY PAGE
//This function fixes a bug where users able to submit two surveys/votes
//by checking that the token has not been used at each page displayed.
// bypass only this check at first page (Step=0) because
// this check is done in buildsurveysession and error message
// could be more interresting there (takes into accound captcha if used)
if ($tokensexist == 1 && isset($token) && $token &&
isset($_SESSION['step']) && $_SESSION['step']>0)
{
//check if token actually does exist
Re: iframe onscroll
$tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($token)."' AND (completed = 'N' or completed='')";
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a closed-access survey, so you must supply a valid token. Please contact the administrator for assistance.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//CLEAR SESSION IF REQUESTED
if (isset($_GET['move']) && $_GET['move'] == "clearall")
{
$s_lang = $_SESSION['s_lang'];
session_unset();
session_destroy();
setcookie(session_name(),"EXPIRED",time()-120);
sendcacheheaders();
if (isset($_GET['redirect'])) {
session_write_close();
header("Location: {$_GET['redirect']}");
}
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\n\n\n"
."\t\n"
."\t\n"
."\t\n\n";
//Present the clear all page using clearall.pstpl template
echo templatereplace(file_get_contents("$thistpl/clearall.pstpl"));
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
if (isset($_GET['newtest']) && $_GET['newtest'] == "Y")
{
$savesessionvars=Array();
if (isset($_SESSION['USER_RIGHT_PREVIEW']))
{
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
session_unset();
$_SESSION['oldsid']=$surveyid;
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
//DELETE COOKIE (allow to use multiple times)
setcookie("$cookiename", "INCOMPLETE", time()-120);
//echo "Reset Cookie!";
}
//Check to see if a refering URL has been captured.
getreferringurl();
// Let's do this only if
// - a saved answer record hasn't been loaded through the saved feature
// - the survey is not anonymous
// - the survey is active
// - a token information has been provided
// - the survey is setup to allow token-response-persistence
if ($thissurvey['tokenanswerspersistence'] == 'Y' &&
!isset($_SESSION['srid']) &&
$thissurvey['private'] == "N" &&
$thissurvey['active'] == "Y" && $token !='')
{
// load previous answers if any (dataentry with nosubmit)
$srquery="SELECT id FROM {$thissurvey['tablename']}"
. " WHERE {$thissurvey['tablename']}.token='".$token."'\n";
$result = db_execute_assoc($srquery) or safe_die ("Error loading results
$query
".$connect->ErrorMsg()); //Checked
while ($srrow = $result->FetchRow() )
{
$_SESSION['srid'] = $srrow['id'];
}
}
// SAVE POSTED ANSWERS TO DATABASE IF MOVE (NEXT,PREV,LAST, or SUBMIT) or RETURNING FROM SAVE FORM
if (isset($move) || isset($_POST['saveprompt']))
{
require_once("save.php");
// RELOAD THE ANSWERS INCASE SOMEONE ELSE CHANGED THEM
if ($thissurvey['active'] == "Y" && $thissurvey['allowsave'] == "Y") {
loadanswers();
}
}
sendcacheheaders();
//CALL APPROPRIATE SCRIPT
switch ($thissurvey['format'])
{
case "A": //All in one
require_once("survey.php");
break;
case "S": //One at a time
require_once("question.php");
break;
case "G": //Group at a time
require_once("group.php");
break;
default:
require_once("question.php");
}
if (isset($_POST['saveall']))
{
print " alert('".$clang->gT("Survey Saved","js")."'); ";
}
function loadanswers()
{
global $dbprefix,$surveyid,$errormsg;
global $thissurvey, $thisstep, $clang;
global $databasetype, $clienttoken;
$scid=returnglobal('scid');
if (isset($_POST['loadall']) && $_POST['loadall'] == "reload")
{
$query = "SELECT * FROM ".db_table_name('saved_control')." INNER JOIN {$thissurvey['tablename']}
ON ".db_table_name('saved_control').".srid = {$thissurvey['tablename']}.id
WHERE ".db_table_name('saved_control').".sid=$surveyid\n";
if (isset($scid)) //Would only come from email
{
$query .= "AND ".db_table_name('saved_control').".scid={$scid}\n";
}
$query .="AND ".db_table_name('saved_control').".identifier = '".auto_escape($_SESSION['holdname'])."'
AND ".db_table_name('saved_control').".access_code ". (($databasetype == 'mysql')? "=": "like" ) ." '".md5(auto_unescape($_SESSION['holdpass']))."'\n";
}
elseif (isset($_SESSION['srid']))
{
$query = "SELECT * FROM {$thissurvey['tablename']}
WHERE {$thissurvey['tablename']}.id=".$_SESSION['srid']."\n";
}
else
{
return;
}
$result = db_execute_assoc($query) or safe_die ("Error loading results
$query
".$connect->ErrorMsg()); //Checked
if ($result->RecordCount() gT("There is no matching saved survey")."
\n";
}
else
{
//A match has been found. Let's load the values!
//If this is from an email, build surveysession first
$row=$result->FetchRow();
foreach ($row as $column => $value)
{
if ($column == "token")
{
$clienttoken=$value;
$token=$value;
}
if ($column == "saved_thisstep")
{
$_SESSION['step']=$value;
$thisstep=$value-1;
}
if ($column == "scid")
{
$_SESSION['scid']=$value;
}
if ($column == "srid")
{
$_SESSION['srid']=$value;
}
if ($column == "datestamp")
{
$_SESSION['datestamp']=$value;
}
else
{
//Only make session variables for those in insertarray[]
if (in_array($column, $_SESSION['insertarray']))
{
$_SESSION[$column]=$value;
}
}
} // foreach
}
return true;
}
function getTokenData($surveyid, $token)
{
global $dbprefix, $connect;
$query = "SELECT * FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($token)."'";
$result = db_execute_assoc($query) or safe_die("Couldn't get token info in getTokenData()
".$query."
".$connect->ErrorMsg()); //Checked
while($row=$result->FetchRow())
{
$thistoken=array("firstname"=>$row['firstname'],
"lastname"=>$row['lastname'],
"email"=>$row['email'],
"language" =>$row['language'],
"attribute_1"=>$row['attribute_1'],
"attribute_2"=>$row['attribute_2']);
} // while
return $thistoken;
}
function makegraph($currentstep, $total)
{
global $thissurvey;
global $publicurl, $clang;
$shchart = "$publicurl/templates/".validate_templatedir($thissurvey['templatedir'])."/chart.jpg";
$graph = "\n"
. "\n"
. "0% \n";
$size=intval(($currentstep-1)/$total*100);
$graph .= "\n"
. "\n"
. "\n"
. "gT('%s %% complete'), $size)."' />\n"
. "\n"
. "\n"
. "\n"
. " 100%\n"
. "\n"
. "\n\n";
return $graph;
}
function makelanguagechanger()
{
global $relativeurl;
if (!isset($surveyid))
{
$surveyid=returnglobal('sid');
}
if (isset($surveyid))
{
$slangs = GetAdditionalLanguagesFromSurveyID($surveyid);
}
$token = trim(sanitize_xss_string(strip_tags(returnglobal('token'))));
if ($token != '')
{
$tokenparam = "&token=$token";
}
else
{
$tokenparam = "";
}
if (!empty($slangs))
{
if (isset($_SESSION['s_lang']) && $_SESSION['s_lang'] != '')
{
$lang = sanitize_languagecode($_SESSION['s_lang']);
}
else if(isset($_POST['lang']) && $_POST['lang']!='')
{
$lang = sanitize_languagecode($_POST['lang']);
}
else if (isset($_GET['lang']) && $_GET['lang'] != '')
{
$lang = sanitize_languagecode($_GET['lang']);
}
else
$lang = GetBaseLanguageFromSurveyID($surveyid);
$htmlcode ="\n";
$htmlcode .= "".getLanguageNameFromCode($lang,false)."\n";
foreach ($slangs as $otherlang)
{
if($otherlang != $lang)
$htmlcode .= "\t".getLanguageNameFromCode($otherlang,false)."\n";
}
if($lang != GetBaseLanguageFromSurveyID($surveyid))
{
$htmlcode .= "".getLanguageNameFromCode(GetBaseLanguageFromSurveyID($surveyid),false)."\n";
}
$htmlcode .= "\n";
// . "";
return $htmlcode;
} elseif (!isset($surveyid)) {
global $defaultlang, $baselang;
$htmlcode = "\n";
$htmlcode .= "".getLanguageNameFromCode($defaultlang,false)."\n";
foreach(getlanguagedata() as $key=>$val)
{
$htmlcode .= "\t".getLanguageNameFromCode($key,false)."\n";
}
$htmlcode .= "\n";
return $htmlcode;
}
}
function checkgroupfordisplay($gid)
{
//This function checks all the questions in a group to see if they have
//conditions, and if the do - to see if the conditions are met.
//If none of the questions in the group are set to display, then
//the function will return false, to indicate that the whole group
//should not display at all.
global $dbprefix, $connect;
$countQuestionsInThisGroup=0;
$countConditionalQuestionsInThisGroup=0;
foreach ($_SESSION['fieldarray'] as $ia) //Run through all the questions
{
if ($ia[5] == $gid) //If the question is in the group we are checking:
{
$countQuestionsInThisGroup++;
if ($ia[7] == "Y") //This question is conditional
{
$countConditionalQuestionsInThisGroup++;
$QuestionsWithConditions[]=$ia; //Create an array containing all the conditional questions
}
}
}
if ($countQuestionsInThisGroup===0)
{
return false;
}
elseif ($countQuestionsInThisGroup != $countConditionalQuestionsInThisGroup || !isset($QuestionsWithConditions) )
{
//One of the questions in this group is NOT conditional, therefore
//the group MUST be displayed
return true;
}
else
{
//All of the questions in this group are conditional. Now we must
//check every question, to see if the condition for each has been met.
//If 1 or more have their conditions met, then the group should
//be displayed.
foreach ($QuestionsWithConditions as $cc)
{
$totalands=0;
$query = "SELECT * FROM ".db_table_name('conditions')."\n"
."WHERE qid=$cc[0] ORDER BY cqid";
$result = db_execute_assoc($query) or safe_die("Couldn't check conditions
$query
".$connect->ErrorMsg()); //Checked
$andedMultipleCqidCount=0; // count of multiple cqids for type Q or K
while($row=$result->FetchRow())
{
//Iterate through each condition for this question and check if it is met.
$query2= "SELECT type, gid FROM ".db_table_name('questions')."\n"
." WHERE qid={$row['cqid']} AND language='".$_SESSION['s_lang']."'";
$result2=db_execute_assoc($query2) or safe_die ("Coudn't get type from questions
$ccquery
".$connect->ErrorMsg()); //Checked
while($row2=$result2->FetchRow())
{
$cq_gid=$row2['gid'];
//Find out the "type" of the question this condition uses
$thistype=$row2['type'];
}
if ($thistype == 'K' || $thistype == 'Q')
{
// will be used as an index for Multiple conditions
// on type Q or K so that there will be ANDed and
// not ORed
$andedMultipleCqidCount++;
}
if ($gid == $cq_gid)
{
//Don't do anything - this cq is in the current group
}
elseif ($thistype == "M" || $thistype == "P")
{
// For multiple choice type questions, the "answer" value will be "Y"
// if selected, the fieldname will have the answer code appended.
$fieldname=$row['cfieldname'].$row['value'];
$cvalue="Y";
if (isset($_SESSION[$fieldname])) { $cfieldname=$_SESSION[$fieldname]; } else { $cfieldname=""; }
}
elseif (ereg('^@([0-9]+X[0-9]+X[^@]+)@',$row['value'],$targetconditionfieldname) &&
isset($_SESSION[$targetconditionfieldname[1]]) )
{
// If value uses @SIDXGIDXQID@ codes i
// then try to replace them with a
// value recorded in SESSION if any
$cvalue=$_SESSION[$targetconditionfieldname[1]];
if (isset($_SESSION[$fieldname])) { $cfieldname=$_SESSION[$fieldname]; } else { $cfieldname=""; }
}
else
{
//For all other questions, the "answer" value will be the answer code.
if (isset($_SESSION[$row['cfieldname']])) {$cfieldname=$_SESSION[$row['cfieldname']];} else {$cfieldname=' ';}
$cvalue=$row['value'];
}
if ($row['method'] != 'RX')
{
if (trim($row['method'])=='')
{
$row['method']='==';
}
if (eval('if (trim($cfieldname)'. $row['method'].' trim($cvalue)) return true; else return false;'))
{
$conditionMatches=true;
//This condition is met
}
else
{
$conditionMatches=false;
}
}
else
{
if (ereg(trim($cvalue),trim($cfieldname)))
{
$conditionMatches=true;
}
else
{
$conditionMatches=false;
}
}
if ($conditionMatches === true)
{
if ($thistype != 'Q' && $thistype != 'K')
{
//This condition is met
if (!isset($distinctcqids[$row['cqid']]) || $distinctcqids[$row['cqid']] == 0)
{
$distinctcqids[$row['cqid']]=1;
}
}
else
{ //$andedMultipleCqidCount
if (!isset($distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]) || $distinctcqids[$row['cqid']] == 0)
{
$distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]=1;
}
}
}
else
{
if ($thistype != 'Q' && $thistype != 'K')
{
if (!isset($distinctcqids[$row['cqid']]))
{
$distinctcqids[$row['cqid']]=0;
}
}
else
{
if (!isset($distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]))
{
$distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]=0;
}
}
}
} // while
foreach($distinctcqids as $key=>$val)
{
//Because multiple cqids are treated as "AND", we only check
//one condition per conditional qid (cqid). As long as one
//match is found for each distinct cqid, then the condition is met.
$totalands=$totalands+$val;
}
if ($totalands >= count($distinctcqids))
{
//The number of matches to conditions exceeds the number of distinct
//conditional questions, therefore a condition has been met.
//As soon as any condition for a question is met, we MUST show the group.
return true;
}
unset($distinctcqids);
}
//Since we made it this far, there mustn't have been any conditions met.
//Therefore the group should not be displayed.
return false;
}
}
function checkconfield($value)
{
global $dbprefix, $connect;
$fieldisdisplayed=true;
//$value is the fieldname for the field we are checking for conditions
foreach ($_SESSION['fieldarray'] as $sfa) //Go through each field
{
if ($sfa[1] == $value && $sfa[7] == "Y" && isset($_SESSION[$value]) && $_SESSION[$value]) //Do this if there is a condition based on this answer
{
$currentcfield="";
$query = "SELECT ".db_table_name('conditions').".*, ".db_table_name('questions').".type "
. "FROM ".db_table_name('conditions').", ".db_table_name('questions')." "
. "WHERE ".db_table_name('conditions').".cqid=".db_table_name('questions').".qid "
. "AND ".db_table_name('conditions').".qid=$sfa[0] "
. "ORDER BY ".db_table_name('conditions').".qid";
$result=db_execute_assoc($query) or safe_die($query."
".$connect->ErrorMsg()); //Checked
while($rows = $result->FetchRow()) //Go through the condition on this field
{
if($rows['type'] == "M" || $rows['type'] == "P")
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a closed-access survey, so you must supply a valid token. Please contact the administrator for assistance.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//CLEAR SESSION IF REQUESTED
if (isset($_GET['move']) && $_GET['move'] == "clearall")
{
$s_lang = $_SESSION['s_lang'];
session_unset();
session_destroy();
setcookie(session_name(),"EXPIRED",time()-120);
sendcacheheaders();
if (isset($_GET['redirect'])) {
session_write_close();
header("Location: {$_GET['redirect']}");
}
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\n\n\n"
."\t\n"
."\t\n"
."\t\n\n";
//Present the clear all page using clearall.pstpl template
echo templatereplace(file_get_contents("$thistpl/clearall.pstpl"));
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
if (isset($_GET['newtest']) && $_GET['newtest'] == "Y")
{
$savesessionvars=Array();
if (isset($_SESSION['USER_RIGHT_PREVIEW']))
{
$savesessionvars["USER_RIGHT_PREVIEW"]=$surveyid;
$savesessionvars["loginID"]=$_SESSION['loginID'];
$savesessionvars["user"]=$_SESSION['user'];
}
session_unset();
$_SESSION['oldsid']=$surveyid;
foreach ($savesessionvars as $sesskey => $sessval)
{
$_SESSION[$sesskey]=$sessval;
}
//DELETE COOKIE (allow to use multiple times)
setcookie("$cookiename", "INCOMPLETE", time()-120);
//echo "Reset Cookie!";
}
//Check to see if a refering URL has been captured.
getreferringurl();
// Let's do this only if
// - a saved answer record hasn't been loaded through the saved feature
// - the survey is not anonymous
// - the survey is active
// - a token information has been provided
// - the survey is setup to allow token-response-persistence
if ($thissurvey['tokenanswerspersistence'] == 'Y' &&
!isset($_SESSION['srid']) &&
$thissurvey['private'] == "N" &&
$thissurvey['active'] == "Y" && $token !='')
{
// load previous answers if any (dataentry with nosubmit)
$srquery="SELECT id FROM {$thissurvey['tablename']}"
. " WHERE {$thissurvey['tablename']}.token='".$token."'\n";
$result = db_execute_assoc($srquery) or safe_die ("Error loading results
$query
".$connect->ErrorMsg()); //Checked
while ($srrow = $result->FetchRow() )
{
$_SESSION['srid'] = $srrow['id'];
}
}
// SAVE POSTED ANSWERS TO DATABASE IF MOVE (NEXT,PREV,LAST, or SUBMIT) or RETURNING FROM SAVE FORM
if (isset($move) || isset($_POST['saveprompt']))
{
require_once("save.php");
// RELOAD THE ANSWERS INCASE SOMEONE ELSE CHANGED THEM
if ($thissurvey['active'] == "Y" && $thissurvey['allowsave'] == "Y") {
loadanswers();
}
}
sendcacheheaders();
//CALL APPROPRIATE SCRIPT
switch ($thissurvey['format'])
{
case "A": //All in one
require_once("survey.php");
break;
case "S": //One at a time
require_once("question.php");
break;
case "G": //Group at a time
require_once("group.php");
break;
default:
require_once("question.php");
}
if (isset($_POST['saveall']))
{
print " alert('".$clang->gT("Survey Saved","js")."'); ";
}
function loadanswers()
{
global $dbprefix,$surveyid,$errormsg;
global $thissurvey, $thisstep, $clang;
global $databasetype, $clienttoken;
$scid=returnglobal('scid');
if (isset($_POST['loadall']) && $_POST['loadall'] == "reload")
{
$query = "SELECT * FROM ".db_table_name('saved_control')." INNER JOIN {$thissurvey['tablename']}
ON ".db_table_name('saved_control').".srid = {$thissurvey['tablename']}.id
WHERE ".db_table_name('saved_control').".sid=$surveyid\n";
if (isset($scid)) //Would only come from email
{
$query .= "AND ".db_table_name('saved_control').".scid={$scid}\n";
}
$query .="AND ".db_table_name('saved_control').".identifier = '".auto_escape($_SESSION['holdname'])."'
AND ".db_table_name('saved_control').".access_code ". (($databasetype == 'mysql')? "=": "like" ) ." '".md5(auto_unescape($_SESSION['holdpass']))."'\n";
}
elseif (isset($_SESSION['srid']))
{
$query = "SELECT * FROM {$thissurvey['tablename']}
WHERE {$thissurvey['tablename']}.id=".$_SESSION['srid']."\n";
}
else
{
return;
}
$result = db_execute_assoc($query) or safe_die ("Error loading results
$query
".$connect->ErrorMsg()); //Checked
if ($result->RecordCount() gT("There is no matching saved survey")."
\n";
}
else
{
//A match has been found. Let's load the values!
//If this is from an email, build surveysession first
$row=$result->FetchRow();
foreach ($row as $column => $value)
{
if ($column == "token")
{
$clienttoken=$value;
$token=$value;
}
if ($column == "saved_thisstep")
{
$_SESSION['step']=$value;
$thisstep=$value-1;
}
if ($column == "scid")
{
$_SESSION['scid']=$value;
}
if ($column == "srid")
{
$_SESSION['srid']=$value;
}
if ($column == "datestamp")
{
$_SESSION['datestamp']=$value;
}
else
{
//Only make session variables for those in insertarray[]
if (in_array($column, $_SESSION['insertarray']))
{
$_SESSION[$column]=$value;
}
}
} // foreach
}
return true;
}
function getTokenData($surveyid, $token)
{
global $dbprefix, $connect;
$query = "SELECT * FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($token)."'";
$result = db_execute_assoc($query) or safe_die("Couldn't get token info in getTokenData()
".$query."
".$connect->ErrorMsg()); //Checked
while($row=$result->FetchRow())
{
$thistoken=array("firstname"=>$row['firstname'],
"lastname"=>$row['lastname'],
"email"=>$row['email'],
"language" =>$row['language'],
"attribute_1"=>$row['attribute_1'],
"attribute_2"=>$row['attribute_2']);
} // while
return $thistoken;
}
function makegraph($currentstep, $total)
{
global $thissurvey;
global $publicurl, $clang;
$shchart = "$publicurl/templates/".validate_templatedir($thissurvey['templatedir'])."/chart.jpg";
$graph = "\n"
. "\n"
. "0% \n";
$size=intval(($currentstep-1)/$total*100);
$graph .= "\n"
. "\n"
. "\n"
. "gT('%s %% complete'), $size)."' />\n"
. "\n"
. "\n"
. "\n"
. " 100%\n"
. "\n"
. "\n\n";
return $graph;
}
function makelanguagechanger()
{
global $relativeurl;
if (!isset($surveyid))
{
$surveyid=returnglobal('sid');
}
if (isset($surveyid))
{
$slangs = GetAdditionalLanguagesFromSurveyID($surveyid);
}
$token = trim(sanitize_xss_string(strip_tags(returnglobal('token'))));
if ($token != '')
{
$tokenparam = "&token=$token";
}
else
{
$tokenparam = "";
}
if (!empty($slangs))
{
if (isset($_SESSION['s_lang']) && $_SESSION['s_lang'] != '')
{
$lang = sanitize_languagecode($_SESSION['s_lang']);
}
else if(isset($_POST['lang']) && $_POST['lang']!='')
{
$lang = sanitize_languagecode($_POST['lang']);
}
else if (isset($_GET['lang']) && $_GET['lang'] != '')
{
$lang = sanitize_languagecode($_GET['lang']);
}
else
$lang = GetBaseLanguageFromSurveyID($surveyid);
$htmlcode ="\n";
$htmlcode .= "".getLanguageNameFromCode($lang,false)."\n";
foreach ($slangs as $otherlang)
{
if($otherlang != $lang)
$htmlcode .= "\t".getLanguageNameFromCode($otherlang,false)."\n";
}
if($lang != GetBaseLanguageFromSurveyID($surveyid))
{
$htmlcode .= "".getLanguageNameFromCode(GetBaseLanguageFromSurveyID($surveyid),false)."\n";
}
$htmlcode .= "\n";
// . "";
return $htmlcode;
} elseif (!isset($surveyid)) {
global $defaultlang, $baselang;
$htmlcode = "\n";
$htmlcode .= "".getLanguageNameFromCode($defaultlang,false)."\n";
foreach(getlanguagedata() as $key=>$val)
{
$htmlcode .= "\t".getLanguageNameFromCode($key,false)."\n";
}
$htmlcode .= "\n";
return $htmlcode;
}
}
function checkgroupfordisplay($gid)
{
//This function checks all the questions in a group to see if they have
//conditions, and if the do - to see if the conditions are met.
//If none of the questions in the group are set to display, then
//the function will return false, to indicate that the whole group
//should not display at all.
global $dbprefix, $connect;
$countQuestionsInThisGroup=0;
$countConditionalQuestionsInThisGroup=0;
foreach ($_SESSION['fieldarray'] as $ia) //Run through all the questions
{
if ($ia[5] == $gid) //If the question is in the group we are checking:
{
$countQuestionsInThisGroup++;
if ($ia[7] == "Y") //This question is conditional
{
$countConditionalQuestionsInThisGroup++;
$QuestionsWithConditions[]=$ia; //Create an array containing all the conditional questions
}
}
}
if ($countQuestionsInThisGroup===0)
{
return false;
}
elseif ($countQuestionsInThisGroup != $countConditionalQuestionsInThisGroup || !isset($QuestionsWithConditions) )
{
//One of the questions in this group is NOT conditional, therefore
//the group MUST be displayed
return true;
}
else
{
//All of the questions in this group are conditional. Now we must
//check every question, to see if the condition for each has been met.
//If 1 or more have their conditions met, then the group should
//be displayed.
foreach ($QuestionsWithConditions as $cc)
{
$totalands=0;
$query = "SELECT * FROM ".db_table_name('conditions')."\n"
."WHERE qid=$cc[0] ORDER BY cqid";
$result = db_execute_assoc($query) or safe_die("Couldn't check conditions
$query
".$connect->ErrorMsg()); //Checked
$andedMultipleCqidCount=0; // count of multiple cqids for type Q or K
while($row=$result->FetchRow())
{
//Iterate through each condition for this question and check if it is met.
$query2= "SELECT type, gid FROM ".db_table_name('questions')."\n"
." WHERE qid={$row['cqid']} AND language='".$_SESSION['s_lang']."'";
$result2=db_execute_assoc($query2) or safe_die ("Coudn't get type from questions
$ccquery
".$connect->ErrorMsg()); //Checked
while($row2=$result2->FetchRow())
{
$cq_gid=$row2['gid'];
//Find out the "type" of the question this condition uses
$thistype=$row2['type'];
}
if ($thistype == 'K' || $thistype == 'Q')
{
// will be used as an index for Multiple conditions
// on type Q or K so that there will be ANDed and
// not ORed
$andedMultipleCqidCount++;
}
if ($gid == $cq_gid)
{
//Don't do anything - this cq is in the current group
}
elseif ($thistype == "M" || $thistype == "P")
{
// For multiple choice type questions, the "answer" value will be "Y"
// if selected, the fieldname will have the answer code appended.
$fieldname=$row['cfieldname'].$row['value'];
$cvalue="Y";
if (isset($_SESSION[$fieldname])) { $cfieldname=$_SESSION[$fieldname]; } else { $cfieldname=""; }
}
elseif (ereg('^@([0-9]+X[0-9]+X[^@]+)@',$row['value'],$targetconditionfieldname) &&
isset($_SESSION[$targetconditionfieldname[1]]) )
{
// If value uses @SIDXGIDXQID@ codes i
// then try to replace them with a
// value recorded in SESSION if any
$cvalue=$_SESSION[$targetconditionfieldname[1]];
if (isset($_SESSION[$fieldname])) { $cfieldname=$_SESSION[$fieldname]; } else { $cfieldname=""; }
}
else
{
//For all other questions, the "answer" value will be the answer code.
if (isset($_SESSION[$row['cfieldname']])) {$cfieldname=$_SESSION[$row['cfieldname']];} else {$cfieldname=' ';}
$cvalue=$row['value'];
}
if ($row['method'] != 'RX')
{
if (trim($row['method'])=='')
{
$row['method']='==';
}
if (eval('if (trim($cfieldname)'. $row['method'].' trim($cvalue)) return true; else return false;'))
{
$conditionMatches=true;
//This condition is met
}
else
{
$conditionMatches=false;
}
}
else
{
if (ereg(trim($cvalue),trim($cfieldname)))
{
$conditionMatches=true;
}
else
{
$conditionMatches=false;
}
}
if ($conditionMatches === true)
{
if ($thistype != 'Q' && $thistype != 'K')
{
//This condition is met
if (!isset($distinctcqids[$row['cqid']]) || $distinctcqids[$row['cqid']] == 0)
{
$distinctcqids[$row['cqid']]=1;
}
}
else
{ //$andedMultipleCqidCount
if (!isset($distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]) || $distinctcqids[$row['cqid']] == 0)
{
$distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]=1;
}
}
}
else
{
if ($thistype != 'Q' && $thistype != 'K')
{
if (!isset($distinctcqids[$row['cqid']]))
{
$distinctcqids[$row['cqid']]=0;
}
}
else
{
if (!isset($distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]))
{
$distinctcqids[$row['cqid']."-$andedMultipleCqidCount"]=0;
}
}
}
} // while
foreach($distinctcqids as $key=>$val)
{
//Because multiple cqids are treated as "AND", we only check
//one condition per conditional qid (cqid). As long as one
//match is found for each distinct cqid, then the condition is met.
$totalands=$totalands+$val;
}
if ($totalands >= count($distinctcqids))
{
//The number of matches to conditions exceeds the number of distinct
//conditional questions, therefore a condition has been met.
//As soon as any condition for a question is met, we MUST show the group.
return true;
}
unset($distinctcqids);
}
//Since we made it this far, there mustn't have been any conditions met.
//Therefore the group should not be displayed.
return false;
}
}
function checkconfield($value)
{
global $dbprefix, $connect;
$fieldisdisplayed=true;
//$value is the fieldname for the field we are checking for conditions
foreach ($_SESSION['fieldarray'] as $sfa) //Go through each field
{
if ($sfa[1] == $value && $sfa[7] == "Y" && isset($_SESSION[$value]) && $_SESSION[$value]) //Do this if there is a condition based on this answer
{
$currentcfield="";
$query = "SELECT ".db_table_name('conditions').".*, ".db_table_name('questions').".type "
. "FROM ".db_table_name('conditions').", ".db_table_name('questions')." "
. "WHERE ".db_table_name('conditions').".cqid=".db_table_name('questions').".qid "
. "AND ".db_table_name('conditions').".qid=$sfa[0] "
. "ORDER BY ".db_table_name('conditions').".qid";
$result=db_execute_assoc($query) or safe_die($query."
".$connect->ErrorMsg()); //Checked
while($rows = $result->FetchRow()) //Go through the condition on this field
{
if($rows['type'] == "M" || $rows['type'] == "P")
Re: iframe onscroll
{
$matchfield=$rows['cfieldname'].$rows['value'];
$matchmethod=$rows['method'];
$matchvalue="Y";
}
else
{
$matchfield=$rows['cfieldname'];
$matchmethod=$rows['method'];
$matchvalue=$rows['value'];
}
$cqval[]=array("cfieldname"=>$rows['cfieldname'],
"value"=>$rows['value'],
"type"=>$rows['type'],
"matchfield"=>$matchfield,
"matchvalue"=>$matchvalue,
"matchmethod"=>$matchmethod
);
if ($rows['cfieldname'] != $currentcfield)
{
$container[]=$rows['cfieldname'];
}
$currentcfield=$rows['cfieldname'];
}
//At least one match must be found for each "$container"
$total=0;
foreach($container as $con)
{
$addon=0;
foreach($cqval as $cqv)
{//Go through each condition
// Replace @SGQA@ condition values
// By corresponding value
if (ereg('^@([0-9]+X[0-9]+X[^@]+)@',$cqv["matchvalue"], $targetconditionfieldname))
{
$cqv["matchvalue"] = $_SESSION[$targetconditionfieldname[1]];
}
// Use == as default operator
if (trim($cqv['matchmethod'])=='') {$cqv['matchmethod']='==';}
if($cqv['cfieldname'] == $con)
{
if ($cqv['matchmethod'] != "RX")
{
if (isset($_SESSION[$cqv['matchfield']]) && eval('if ($_SESSION[$cqv["matchfield"]]'.$cqv['matchmethod'].' $cqv["matchvalue"]) {return true;} else {return false;}'))
{//plug successful matches into appropriate container
$addon=1;
}
}
elseif (ereg($cqv["matchvalue"],$_SESSION[$cqv["matchfield"]]))
{
$addon=1;
}
}
}
if($addon==1){$total++;}
}
if($totalErrorMsg()); //Checked
while($pregrow=$pregresult->FetchRow())
{
$preg=$pregrow['preg'];
} // while
if (isset($preg) && $preg)
{
if (!@preg_match($preg, $_POST[$field]))
{
$notvalidated[]=$field;
}
}
}
}
}
//The following section checks for question attribute validation, looking for values in a particular field
if (isset($_POST['qattribute_answer']))
{
foreach ($_POST['qattribute_answer'] as $maxvalueanswer)
{
//$maxvalue_answername="maxvalue_answer".$maxvalueanswer;
if (!empty($_POST['qattribute_answer'.$maxvalueanswer]) && $_POST['display'.$maxvalueanswer] == "on")
{
if (isset($move) && $move == "moveprev") {$_SESSION['step'] = $thisstep;}
if (isset($move) && $move == "movenext") {$_SESSION['step'] = $thisstep;}
$notvalidated[]=$maxvalueanswer;
return $notvalidated;
}
}
}
if (isset($notvalidated) && is_array($notvalidated))
{
if (isset($move) && $move == "moveprev") {$_SESSION['step'] = $thisstep;}
if (isset($move) && $move == "movenext") {$_SESSION['step'] = $thisstep;}
return $notvalidated;
}
}
}
function addtoarray_single($array1, $array2)
{
//Takes two single element arrays and adds second to end of first if value exists
if (is_array($array2))
{
foreach ($array2 as $ar)
{
if ($ar && $ar !== null)
{
$array1[]=$ar;
}
}
}
return $array1;
}
function remove_nulls_from_array($array)
{
foreach ($array as $ar)
{
if ($ar !== null)
{
$return[]=$ar;
}
}
if (isset($return))
{
return $return;
}
else
{
return false;
}
}
function submittokens()
{
global $thissurvey, $timeadjust;
global $dbprefix, $surveyid, $connect;
global $sitename, $thistpl, $clang, $clienttoken;
// Put date into sent and completed
$today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i", $timeadjust);
$utquery = "UPDATE {$dbprefix}tokens_$surveyid\n";
if (bIsTokenCompletedDatestamped($thissurvey))
{
$utquery .= "SET completed='$today'\n";
}
else
{
$utquery .= "SET completed='Y'\n";
}
$utquery .= "WHERE token='".db_quote($clienttoken)."'";
$utresult = $connect->Execute($utquery) or safe_die ("Couldn't update tokens table!
\n$utquery
\n".$connect->ErrorMsg()); //Checked
// TLR change to put date into sent and completed
$cnfquery = "SELECT * FROM ".db_table_name("tokens_$surveyid")." WHERE token='".db_quote($clienttoken)."' AND completed!='N' AND completed!=''";
$cnfresult = db_execute_assoc($cnfquery); //Checked
$cnfrow = $cnfresult->FetchRow();
if (isset($cnfrow))
{
$from = "{$thissurvey['adminname']} ";
$to = $cnfrow['email'];
$subject=$thissurvey['email_confirm_subj'];
$fieldsarray["{ADMINNAME}"]=$thissurvey['adminname'];
$fieldsarray["{ADMINEMAIL}"]=$thissurvey['adminemail'];
$fieldsarray["{SURVEYNAME}"]=$thissurvey['name'];
$fieldsarray["{SURVEYDESCRIPTION}"]=$thissurvey['description'];
$fieldsarray["{FIRSTNAME}"]=$cnfrow['firstname'];
$fieldsarray["{LASTNAME}"]=$cnfrow['lastname'];
$fieldsarray["{ATTRIBUTE_1}"]=$cnfrow['attribute_1'];
$fieldsarray["{ATTRIBUTE_2}"]=$cnfrow['attribute_2'];
$subject=Replacefields($subject, $fieldsarray);
$subject=html_entity_decode_php4($subject, ENT_QUOTES, "UTF-8");
if (getEmailFormat($surveyid) == 'html')
{
$ishtml=true;
}
else
{
$ishtml=false;
}
if ($thissurvey['email_confirm'])
{
$message=$thissurvey['email_confirm'];
$message=Replacefields($message, $fieldsarray);
if (!$ishtml)
{
$message=strip_tags(br2nl(html_entity_decode_php4($message, ENT_QUOTES, "UTF-8")));
}
else
{
$message=html_entity_decode_php4($message,ENT_QUOTES, "UTF-8");
}
}
else
{
//Get the default email_confirm from the default language file
// Todo: This can't be right
$message = conditional_nl2br($clang->gT("Dear {FIRSTNAME},\n\nThis email is to confirm that you have completed the survey titled {SURVEYNAME} and your response has been saved. Thank you for participating.\n\nIf you have any further questions about this email, please contact {ADMINNAME} on {ADMINEMAIL}.\n\nSincerely,\n\n{ADMINNAME}"),$ishtml);
$message=Replacefields($message, $fieldsarray);
}
//Only send confirmation email if there is a valid email address
if (validate_email($cnfrow['email']))
{
MailTextMessage($message, $subject, $to, $from, $sitename,$ishtml);
}
}
}
function sendsubmitnotification($sendnotification)
{
global $thissurvey, $debug;
global $dbprefix, $clang;
global $sitename, $homeurl, $surveyid, $publicurl, $maildebug;
$subject = $clang->gT("Answer Submission for Survey","unescaped")." ".$thissurvey['name'];
$message = $clang->gT("Survey Submitted","unescaped")." - {$thissurvey['name']}\n"
. $clang->gT("A new response was entered for your survey","unescaped")."\n\n";
if ($thissurvey['allowsave'] == "Y" && isset($_SESSION['scid']))
{
$message .= $clang->gT("Click the following link to reload the survey:","unescaped")."\n";
$message .= " $publicurl/index.php?sid=$surveyid&loadall=reload&scid=".$_SESSION['scid']."&loadname=".urlencode($_SESSION['holdname'])."&loadpass=".urlencode($_SESSION['holdpass'])."\n\n";
}
$message .= $clang->gT("Click the following link to see the individual response:","unescaped")."\n"
. " $homeurl/admin.php?action=browse&sid=$surveyid&subaction=id&id=".$_SESSION['srid']."\n\n"
// Add link to edit individual responses from notification email
. $clang->gT("Click the following link to edit the individual response:","unescaped")."\n"
. " $homeurl/admin.php?action=dataentry&sid=$surveyid&subaction=edit&surveytable=survey_$surveyid&id=".$_SESSION['srid']."\n\n"
. $clang->gT("View statistics by clicking here:","unescaped")."\n"
. " $homeurl/admin.php?action=statistics&sid=$surveyid\n\n";
if ($sendnotification > 1)
{ //Send results as well. Currently just bare-bones - will be extended in later release
$message .= "----------------------------\n";
$prevquestion='';
foreach ($_SESSION['insertarray'] as $value)
{
$qaarray=returnquestiontitlefromfieldcode($value);
if ($prevquestion!=$qaarray[0])
{
$prevquestion=$qaarray[0];
$questiontitle=strip_tags(html_entity_decode_php4($prevquestion, ENT_QUOTES, 'UTF-8'));
$message .= "$questiontitle: ";
if ($qaarray[1]!='')
{
$message .= "\n";
}
}
if ($qaarray[1]!='')
{
$answeroption=strip_tags(html_entity_decode_php4($qaarray[1], ENT_QUOTES, 'UTF-8'));
$message .= "[$answeroption]: ";
}
$details = arraySearchByKey($value, createFieldMap($surveyid),"fieldname", 1);
if ( $details['type'] == "T" or $details['type'] == "U")
{
$message .= "\r\n";
if (isset($_SESSION[$value]))
{
foreach (explode("\n",getextendedanswer($value,$_SESSION[$value])) as $line)
{
$message .= "\t" . strip_tags(html_entity_decode_php4($line, ENT_QUOTES, "UTF-8"));
$message .= "\n";
}
}
}
elseif (isset($_SESSION[$value]))
{
$message .= strip_tags(html_entity_decode_php4(getextendedanswer($value, $_SESSION[$value],ENT_QUOTES, "UTF-8")));
$message .= "\n";
}
}
$message .= "\n\n----------------------------\n\n";
}
$message.= "LimeSurvey";
$from = $thissurvey['adminname'].' ';
if ($recips=explode(";", $thissurvey['adminemail']))
{
foreach ($recips as $rc)
{
if (!MailTextMessage($message, $subject, trim($rc), $from, $sitename, false, getBounceEmail($surveyid)))
{
if ($debug>0) {echo '
Email could not be sent. Reason: '.$maildebug.'';}
}
}
}
else
{
if (!MailTextMessage($message, $subject, $thissurvey['adminemail'], $from, $sitename, false, getBounceEmail($surveyid)))
{
if ($debug>0) {echo '
Email could not be sent. Reason: '.$maildebug.'';}
}
}
}
function submitfailed($errormsg)
{
global $thissurvey, $clang;
global $thistpl, $subquery, $surveyid, $connect;
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
$completed = "
"
. $clang->gT("Did Not Save")."
\n\n"
. $clang->gT("An unexpected error has occurred and your responses cannot be saved.")."
\n";
if ($thissurvey['adminemail'])
{
$completed .= $clang->gT("Your responses have not been lost and have been emailed to the survey administrator and will be entered into our database at a later point.")."
\n";
$email=$clang->gT("An error occurred saving a response to survey id","unescaped")." ".$thissurvey['name']." - $surveyid\n\n";
$email .= $clang->gT("DATA TO BE ENTERED","unescaped").":\n";
foreach ($_SESSION['insertarray'] as $value)
{
$email .= "$value: {$_SESSION[$value]}\n";
}
$email .= "\n".$clang->gT("SQL CODE THAT FAILED","unescaped").":\n"
. "$subquery\n\n"
. $clang->gT("ERROR MESSAGE","unescaped").":\n"
. $errormsg."\n\n";
MailTextMessage($email, $clang->gT("Error saving results","unescaped"), $thissurvey['adminemail'], $thissurvey['adminemail'], "LimeSurvey", false, getBounceEmail($surveyid));
echo "\n";
//An email has been sent, so we can kill off this session.
session_unset();
session_destroy();
}
else
{
$completed .= "".$clang->gT("Try to submit again")."
\n";
$completed .= $subquery;
}
return $completed;
}
function buildsurveysession()
{
// Performance optimized : Nov 22, 2006
// Performance Improvement : 17%
// Optimized By : swales
global $thissurvey, $secerror, $clienttoken;
global $tokensexist, $thistpl;
global $surveyid, $dbprefix, $connect;
global $register_errormsg, $clang;
global $totalBoilerplatequestions;
global $templang;
$matchfield=$rows['cfieldname'].$rows['value'];
$matchmethod=$rows['method'];
$matchvalue="Y";
}
else
{
$matchfield=$rows['cfieldname'];
$matchmethod=$rows['method'];
$matchvalue=$rows['value'];
}
$cqval[]=array("cfieldname"=>$rows['cfieldname'],
"value"=>$rows['value'],
"type"=>$rows['type'],
"matchfield"=>$matchfield,
"matchvalue"=>$matchvalue,
"matchmethod"=>$matchmethod
);
if ($rows['cfieldname'] != $currentcfield)
{
$container[]=$rows['cfieldname'];
}
$currentcfield=$rows['cfieldname'];
}
//At least one match must be found for each "$container"
$total=0;
foreach($container as $con)
{
$addon=0;
foreach($cqval as $cqv)
{//Go through each condition
// Replace @SGQA@ condition values
// By corresponding value
if (ereg('^@([0-9]+X[0-9]+X[^@]+)@',$cqv["matchvalue"], $targetconditionfieldname))
{
$cqv["matchvalue"] = $_SESSION[$targetconditionfieldname[1]];
}
// Use == as default operator
if (trim($cqv['matchmethod'])=='') {$cqv['matchmethod']='==';}
if($cqv['cfieldname'] == $con)
{
if ($cqv['matchmethod'] != "RX")
{
if (isset($_SESSION[$cqv['matchfield']]) && eval('if ($_SESSION[$cqv["matchfield"]]'.$cqv['matchmethod'].' $cqv["matchvalue"]) {return true;} else {return false;}'))
{//plug successful matches into appropriate container
$addon=1;
}
}
elseif (ereg($cqv["matchvalue"],$_SESSION[$cqv["matchfield"]]))
{
$addon=1;
}
}
}
if($addon==1){$total++;}
}
if($totalErrorMsg()); //Checked
while($pregrow=$pregresult->FetchRow())
{
$preg=$pregrow['preg'];
} // while
if (isset($preg) && $preg)
{
if (!@preg_match($preg, $_POST[$field]))
{
$notvalidated[]=$field;
}
}
}
}
}
//The following section checks for question attribute validation, looking for values in a particular field
if (isset($_POST['qattribute_answer']))
{
foreach ($_POST['qattribute_answer'] as $maxvalueanswer)
{
//$maxvalue_answername="maxvalue_answer".$maxvalueanswer;
if (!empty($_POST['qattribute_answer'.$maxvalueanswer]) && $_POST['display'.$maxvalueanswer] == "on")
{
if (isset($move) && $move == "moveprev") {$_SESSION['step'] = $thisstep;}
if (isset($move) && $move == "movenext") {$_SESSION['step'] = $thisstep;}
$notvalidated[]=$maxvalueanswer;
return $notvalidated;
}
}
}
if (isset($notvalidated) && is_array($notvalidated))
{
if (isset($move) && $move == "moveprev") {$_SESSION['step'] = $thisstep;}
if (isset($move) && $move == "movenext") {$_SESSION['step'] = $thisstep;}
return $notvalidated;
}
}
}
function addtoarray_single($array1, $array2)
{
//Takes two single element arrays and adds second to end of first if value exists
if (is_array($array2))
{
foreach ($array2 as $ar)
{
if ($ar && $ar !== null)
{
$array1[]=$ar;
}
}
}
return $array1;
}
function remove_nulls_from_array($array)
{
foreach ($array as $ar)
{
if ($ar !== null)
{
$return[]=$ar;
}
}
if (isset($return))
{
return $return;
}
else
{
return false;
}
}
function submittokens()
{
global $thissurvey, $timeadjust;
global $dbprefix, $surveyid, $connect;
global $sitename, $thistpl, $clang, $clienttoken;
// Put date into sent and completed
$today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i", $timeadjust);
$utquery = "UPDATE {$dbprefix}tokens_$surveyid\n";
if (bIsTokenCompletedDatestamped($thissurvey))
{
$utquery .= "SET completed='$today'\n";
}
else
{
$utquery .= "SET completed='Y'\n";
}
$utquery .= "WHERE token='".db_quote($clienttoken)."'";
$utresult = $connect->Execute($utquery) or safe_die ("Couldn't update tokens table!
\n$utquery
\n".$connect->ErrorMsg()); //Checked
// TLR change to put date into sent and completed
$cnfquery = "SELECT * FROM ".db_table_name("tokens_$surveyid")." WHERE token='".db_quote($clienttoken)."' AND completed!='N' AND completed!=''";
$cnfresult = db_execute_assoc($cnfquery); //Checked
$cnfrow = $cnfresult->FetchRow();
if (isset($cnfrow))
{
$from = "{$thissurvey['adminname']} ";
$to = $cnfrow['email'];
$subject=$thissurvey['email_confirm_subj'];
$fieldsarray["{ADMINNAME}"]=$thissurvey['adminname'];
$fieldsarray["{ADMINEMAIL}"]=$thissurvey['adminemail'];
$fieldsarray["{SURVEYNAME}"]=$thissurvey['name'];
$fieldsarray["{SURVEYDESCRIPTION}"]=$thissurvey['description'];
$fieldsarray["{FIRSTNAME}"]=$cnfrow['firstname'];
$fieldsarray["{LASTNAME}"]=$cnfrow['lastname'];
$fieldsarray["{ATTRIBUTE_1}"]=$cnfrow['attribute_1'];
$fieldsarray["{ATTRIBUTE_2}"]=$cnfrow['attribute_2'];
$subject=Replacefields($subject, $fieldsarray);
$subject=html_entity_decode_php4($subject, ENT_QUOTES, "UTF-8");
if (getEmailFormat($surveyid) == 'html')
{
$ishtml=true;
}
else
{
$ishtml=false;
}
if ($thissurvey['email_confirm'])
{
$message=$thissurvey['email_confirm'];
$message=Replacefields($message, $fieldsarray);
if (!$ishtml)
{
$message=strip_tags(br2nl(html_entity_decode_php4($message, ENT_QUOTES, "UTF-8")));
}
else
{
$message=html_entity_decode_php4($message,ENT_QUOTES, "UTF-8");
}
}
else
{
//Get the default email_confirm from the default language file
// Todo: This can't be right
$message = conditional_nl2br($clang->gT("Dear {FIRSTNAME},\n\nThis email is to confirm that you have completed the survey titled {SURVEYNAME} and your response has been saved. Thank you for participating.\n\nIf you have any further questions about this email, please contact {ADMINNAME} on {ADMINEMAIL}.\n\nSincerely,\n\n{ADMINNAME}"),$ishtml);
$message=Replacefields($message, $fieldsarray);
}
//Only send confirmation email if there is a valid email address
if (validate_email($cnfrow['email']))
{
MailTextMessage($message, $subject, $to, $from, $sitename,$ishtml);
}
}
}
function sendsubmitnotification($sendnotification)
{
global $thissurvey, $debug;
global $dbprefix, $clang;
global $sitename, $homeurl, $surveyid, $publicurl, $maildebug;
$subject = $clang->gT("Answer Submission for Survey","unescaped")." ".$thissurvey['name'];
$message = $clang->gT("Survey Submitted","unescaped")." - {$thissurvey['name']}\n"
. $clang->gT("A new response was entered for your survey","unescaped")."\n\n";
if ($thissurvey['allowsave'] == "Y" && isset($_SESSION['scid']))
{
$message .= $clang->gT("Click the following link to reload the survey:","unescaped")."\n";
$message .= " $publicurl/index.php?sid=$surveyid&loadall=reload&scid=".$_SESSION['scid']."&loadname=".urlencode($_SESSION['holdname'])."&loadpass=".urlencode($_SESSION['holdpass'])."\n\n";
}
$message .= $clang->gT("Click the following link to see the individual response:","unescaped")."\n"
. " $homeurl/admin.php?action=browse&sid=$surveyid&subaction=id&id=".$_SESSION['srid']."\n\n"
// Add link to edit individual responses from notification email
. $clang->gT("Click the following link to edit the individual response:","unescaped")."\n"
. " $homeurl/admin.php?action=dataentry&sid=$surveyid&subaction=edit&surveytable=survey_$surveyid&id=".$_SESSION['srid']."\n\n"
. $clang->gT("View statistics by clicking here:","unescaped")."\n"
. " $homeurl/admin.php?action=statistics&sid=$surveyid\n\n";
if ($sendnotification > 1)
{ //Send results as well. Currently just bare-bones - will be extended in later release
$message .= "----------------------------\n";
$prevquestion='';
foreach ($_SESSION['insertarray'] as $value)
{
$qaarray=returnquestiontitlefromfieldcode($value);
if ($prevquestion!=$qaarray[0])
{
$prevquestion=$qaarray[0];
$questiontitle=strip_tags(html_entity_decode_php4($prevquestion, ENT_QUOTES, 'UTF-8'));
$message .= "$questiontitle: ";
if ($qaarray[1]!='')
{
$message .= "\n";
}
}
if ($qaarray[1]!='')
{
$answeroption=strip_tags(html_entity_decode_php4($qaarray[1], ENT_QUOTES, 'UTF-8'));
$message .= "[$answeroption]: ";
}
$details = arraySearchByKey($value, createFieldMap($surveyid),"fieldname", 1);
if ( $details['type'] == "T" or $details['type'] == "U")
{
$message .= "\r\n";
if (isset($_SESSION[$value]))
{
foreach (explode("\n",getextendedanswer($value,$_SESSION[$value])) as $line)
{
$message .= "\t" . strip_tags(html_entity_decode_php4($line, ENT_QUOTES, "UTF-8"));
$message .= "\n";
}
}
}
elseif (isset($_SESSION[$value]))
{
$message .= strip_tags(html_entity_decode_php4(getextendedanswer($value, $_SESSION[$value],ENT_QUOTES, "UTF-8")));
$message .= "\n";
}
}
$message .= "\n\n----------------------------\n\n";
}
$message.= "LimeSurvey";
$from = $thissurvey['adminname'].' ';
if ($recips=explode(";", $thissurvey['adminemail']))
{
foreach ($recips as $rc)
{
if (!MailTextMessage($message, $subject, trim($rc), $from, $sitename, false, getBounceEmail($surveyid)))
{
if ($debug>0) {echo '
Email could not be sent. Reason: '.$maildebug.'';}
}
}
}
else
{
if (!MailTextMessage($message, $subject, $thissurvey['adminemail'], $from, $sitename, false, getBounceEmail($surveyid)))
{
if ($debug>0) {echo '
Email could not be sent. Reason: '.$maildebug.'';}
}
}
}
function submitfailed($errormsg)
{
global $thissurvey, $clang;
global $thistpl, $subquery, $surveyid, $connect;
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
$completed = "
"
. $clang->gT("Did Not Save")."
\n\n"
. $clang->gT("An unexpected error has occurred and your responses cannot be saved.")."
\n";
if ($thissurvey['adminemail'])
{
$completed .= $clang->gT("Your responses have not been lost and have been emailed to the survey administrator and will be entered into our database at a later point.")."
\n";
$email=$clang->gT("An error occurred saving a response to survey id","unescaped")." ".$thissurvey['name']." - $surveyid\n\n";
$email .= $clang->gT("DATA TO BE ENTERED","unescaped").":\n";
foreach ($_SESSION['insertarray'] as $value)
{
$email .= "$value: {$_SESSION[$value]}\n";
}
$email .= "\n".$clang->gT("SQL CODE THAT FAILED","unescaped").":\n"
. "$subquery\n\n"
. $clang->gT("ERROR MESSAGE","unescaped").":\n"
. $errormsg."\n\n";
MailTextMessage($email, $clang->gT("Error saving results","unescaped"), $thissurvey['adminemail'], $thissurvey['adminemail'], "LimeSurvey", false, getBounceEmail($surveyid));
echo "\n";
//An email has been sent, so we can kill off this session.
session_unset();
session_destroy();
}
else
{
$completed .= "".$clang->gT("Try to submit again")."
\n";
$completed .= $subquery;
}
return $completed;
}
function buildsurveysession()
{
// Performance optimized : Nov 22, 2006
// Performance Improvement : 17%
// Optimized By : swales
global $thissurvey, $secerror, $clienttoken;
global $tokensexist, $thistpl;
global $surveyid, $dbprefix, $connect;
global $register_errormsg, $clang;
global $totalBoilerplatequestions;
global $templang;
Re: iframe onscroll
if (!isset($templang) || $templang='')
{
$templang=$thissurvey['language'];
}
$totalBoilerplatequestions = 0;
//This function builds all the required session variables when a survey is first started.
//It is called from each various format script (ie: group.php, question.php, survey.php)
//if the survey has just begun. This funcion also returns the variable $totalquestions.
// NO TOKEN REQUIRED BUT CAPTCHA ENABLED FOR SURVEY ACCESS
if ($tokensexist == 0 &&
captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
// IF CAPTCHA ANSWER IS NOT CORRECT OR NOT SET
if (!isset($_GET['loadsecurity']) ||
!isset($_SESSION['secanswer']) ||
$_GET['loadsecurity'] != $_SESSION['secanswer'])
{
sendcacheheaders();
doHeader();
// No or bad answer to required security question
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
if (isset($_GET['loadsecurity']))
{ // was a bad answer
echo "".$clang->gT("The answer to the security question is incorrect")."
";
}
echo "".$clang->gT("Please confirm access to survey by answering the security question below and click continue.")."
";
echo "
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//BEFORE BUILDING A NEW SESSION FOR THIS SURVEY, LET'S CHECK TO MAKE SURE THE SURVEY SHOULD PROCEED!
// TOKEN REQUIRED BUT NO TOKEN PROVIDED
if ($tokensexist == 1 && !returnglobal('token'))
{
// DISPLAY REGISTER-PAGE if needed
// DISPLAY CAPTCHA if needed
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
if (isset($thissurvey) && $thissurvey['allowregister'] == "Y")
{
echo templatereplace(file_get_contents("$thistpl/register.pstpl"));
}
else
{
echo "
";
if (isset($secerror)) echo "".$secerror."
";
echo $clang->gT("This is a controlled survey. You need a valid token to participate.")."
";
echo $clang->gT("If you have been issued a token, please enter it in the box below and click continue.")."
"
.$clang->gT("Token")."
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
}
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
// TOKENS REQUIRED, A TOKEN PROVIDED
// SURVEY WITH NO NEED TO USE CAPTCHA
elseif ($tokensexist == 1 && returnglobal('token') &&
!captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
//check if token actually does exist
$tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote(trim(sanitize_xss_string(strip_tags(returnglobal('token')))))."' AND (completed = 'N' or completed='')";
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a controlled survey. You need a valid token to participate.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
// TOKENS REQUIRED, A TOKEN PROVIDED
// SURVEY CAPTCHA REQUIRED
elseif ($tokensexist == 1 && returnglobal('token') &&
captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
// IF CAPTCHA ANSWER IS CORRECT
if (isset($_GET['loadsecurity']) &&
isset($_SESSION['secanswer']) &&
$_GET['loadsecurity'] == $_SESSION['secanswer'])
{
//check if token actually does exist
$tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote(trim(sanitize_xss_string(strip_tags(returnglobal('token')))))."' AND (completed = 'N' or completed='')";
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a controlled survey. You need a valid token to participate.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
// IF CAPTCHA ANSWER IS NOT CORRECT
else
{
$gettoken = $clienttoken;
sendcacheheaders();
doHeader();
// No or bad answer to required security question
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
// If token wasn't provided and public registration
// is enabled then show registration form
if ( !isset($gettoken) && isset($thissurvey) && $thissurvey['allowregister'] == "Y")
{
echo templatereplace(file_get_contents("$thistpl/register.pstpl"));
}
else
{ // only show CAPTCHA
echo "
";
if (isset($_GET['loadsecurity']))
{ // was a bad answer
echo "".$clang->gT("The answer to the security question is incorrect")."
";
}
echo $clang->gT("This is a controlled survey. You need a valid token to participate.")."
";
// IF TOKEN HAS BEEN GIVEN THEN AUTOFILL IT
// AND HIDE ENTRY FIELD
if (!isset($gettoken))
{
echo $clang->gT("If you have been issued with a token, please enter it in the box below and click continue.")."
";
echo $clang->gT("Token")."";
}
else
{
echo $clang->gT("Please confirm the token by answering the security question below and click continue.")."
";
echo $clang->gT("Token").": $gettoken";
}
echo "
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
}
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//RESET ALL THE SESSION VARIABLES AND START AGAIN
unset($_SESSION['grouplist']);
unset($_SESSION['fieldarray']);
unset($_SESSION['insertarray']);
unset($_SESSION['thistoken']);
//RL: multilingual support
if (isset($_GET['token'])){
//get language from token (if one exists)
$tkquery2 = "SELECT * FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($clienttoken)."' AND (completed = 'N' or completed='')";
//echo $tkquery2;
$result = db_execute_assoc($tkquery2) or safe_die ("Couldn't get tokens
$tkquery
".$connect->ErrorMsg()); //Checked
while ($rw = $result->FetchRow())
{
$tklanguage=$rw['language'];
}
}
if (returnglobal('lang')) { $language_to_set=returnglobal('lang');
} elseif (isset($tklanguage)) { $language_to_set=$tklanguage;}
else {$language_to_set = $thissurvey['language'];}
if (!isset($_SESSION['s_lang'])) {
SetSurveyLanguage($surveyid, $language_to_set);
}
UpdateSessionGroupList($_SESSION['s_lang']);
{
$templang=$thissurvey['language'];
}
$totalBoilerplatequestions = 0;
//This function builds all the required session variables when a survey is first started.
//It is called from each various format script (ie: group.php, question.php, survey.php)
//if the survey has just begun. This funcion also returns the variable $totalquestions.
// NO TOKEN REQUIRED BUT CAPTCHA ENABLED FOR SURVEY ACCESS
if ($tokensexist == 0 &&
captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
// IF CAPTCHA ANSWER IS NOT CORRECT OR NOT SET
if (!isset($_GET['loadsecurity']) ||
!isset($_SESSION['secanswer']) ||
$_GET['loadsecurity'] != $_SESSION['secanswer'])
{
sendcacheheaders();
doHeader();
// No or bad answer to required security question
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
if (isset($_GET['loadsecurity']))
{ // was a bad answer
echo "".$clang->gT("The answer to the security question is incorrect")."
";
}
echo "".$clang->gT("Please confirm access to survey by answering the security question below and click continue.")."
";
echo "
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//BEFORE BUILDING A NEW SESSION FOR THIS SURVEY, LET'S CHECK TO MAKE SURE THE SURVEY SHOULD PROCEED!
// TOKEN REQUIRED BUT NO TOKEN PROVIDED
if ($tokensexist == 1 && !returnglobal('token'))
{
// DISPLAY REGISTER-PAGE if needed
// DISPLAY CAPTCHA if needed
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
if (isset($thissurvey) && $thissurvey['allowregister'] == "Y")
{
echo templatereplace(file_get_contents("$thistpl/register.pstpl"));
}
else
{
echo "
";
if (isset($secerror)) echo "".$secerror."
";
echo $clang->gT("This is a controlled survey. You need a valid token to participate.")."
";
echo $clang->gT("If you have been issued a token, please enter it in the box below and click continue.")."
"
.$clang->gT("Token")."
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
}
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
// TOKENS REQUIRED, A TOKEN PROVIDED
// SURVEY WITH NO NEED TO USE CAPTCHA
elseif ($tokensexist == 1 && returnglobal('token') &&
!captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
//check if token actually does exist
$tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote(trim(sanitize_xss_string(strip_tags(returnglobal('token')))))."' AND (completed = 'N' or completed='')";
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a controlled survey. You need a valid token to participate.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
// TOKENS REQUIRED, A TOKEN PROVIDED
// SURVEY CAPTCHA REQUIRED
elseif ($tokensexist == 1 && returnglobal('token') &&
captcha_enabled('surveyaccessscreen',$thissurvey['usecaptcha']))
{
// IF CAPTCHA ANSWER IS CORRECT
if (isset($_GET['loadsecurity']) &&
isset($_SESSION['secanswer']) &&
$_GET['loadsecurity'] == $_SESSION['secanswer'])
{
//check if token actually does exist
$tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote(trim(sanitize_xss_string(strip_tags(returnglobal('token')))))."' AND (completed = 'N' or completed='')";
$tkresult = db_execute_num($tkquery); //Checked
list($tkexist) = $tkresult->FetchRow();
if (!$tkexist)
{
sendcacheheaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This is a controlled survey. You need a valid token to participate.")."
\n"
."\t".$clang->gT("The token you have provided is either not valid, or has already been used.")."\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
."("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
// IF CAPTCHA ANSWER IS NOT CORRECT
else
{
$gettoken = $clienttoken;
sendcacheheaders();
doHeader();
// No or bad answer to required security question
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
//echo makedropdownlist();
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
// If token wasn't provided and public registration
// is enabled then show registration form
if ( !isset($gettoken) && isset($thissurvey) && $thissurvey['allowregister'] == "Y")
{
echo templatereplace(file_get_contents("$thistpl/register.pstpl"));
}
else
{ // only show CAPTCHA
echo "
";
if (isset($_GET['loadsecurity']))
{ // was a bad answer
echo "".$clang->gT("The answer to the security question is incorrect")."
";
}
echo $clang->gT("This is a controlled survey. You need a valid token to participate.")."
";
// IF TOKEN HAS BEEN GIVEN THEN AUTOFILL IT
// AND HIDE ENTRY FIELD
if (!isset($gettoken))
{
echo $clang->gT("If you have been issued with a token, please enter it in the box below and click continue.")."
";
echo $clang->gT("Token")."";
}
else
{
echo $clang->gT("Please confirm the token by answering the security question below and click continue.")."
";
echo $clang->gT("Token").": $gettoken";
}
echo "
";
if (function_exists("ImageCreate") && captcha_enabled('surveyaccessscreen', $thissurvey['usecaptcha']))
{ echo "
".$clang->gT("Security Question")."
";}
echo "gT("Continue")."' />
";
}
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
}
//RESET ALL THE SESSION VARIABLES AND START AGAIN
unset($_SESSION['grouplist']);
unset($_SESSION['fieldarray']);
unset($_SESSION['insertarray']);
unset($_SESSION['thistoken']);
//RL: multilingual support
if (isset($_GET['token'])){
//get language from token (if one exists)
$tkquery2 = "SELECT * FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($clienttoken)."' AND (completed = 'N' or completed='')";
//echo $tkquery2;
$result = db_execute_assoc($tkquery2) or safe_die ("Couldn't get tokens
$tkquery
".$connect->ErrorMsg()); //Checked
while ($rw = $result->FetchRow())
{
$tklanguage=$rw['language'];
}
}
if (returnglobal('lang')) { $language_to_set=returnglobal('lang');
} elseif (isset($tklanguage)) { $language_to_set=$tklanguage;}
else {$language_to_set = $thissurvey['language'];}
if (!isset($_SESSION['s_lang'])) {
SetSurveyLanguage($surveyid, $language_to_set);
}
UpdateSessionGroupList($_SESSION['s_lang']);
Re: iframe onscroll
// Optimized Query
// Change query to use sub-select to see if conditions exist.
$query = "SELECT ".db_table_name('questions').".*, ".db_table_name('groups').".*,\n"
." (SELECT count(1) FROM ".db_table_name('conditions')."\n"
." WHERE ".db_table_name('questions').".qid = ".db_table_name('conditions').".qid) AS hasconditions\n"
." FROM ".db_table_name('groups')." INNER JOIN ".db_table_name('questions')." ON ".db_table_name('groups').".gid = ".db_table_name('questions').".gid\n"
." WHERE ".db_table_name('questions').".sid=".$surveyid."\n"
." AND ".db_table_name('groups').".language='".$_SESSION['s_lang']."'\n"
." AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."'\n"
." ORDER BY ".db_table_name('groups').".group_order,".db_table_name('questions').".question_order";
//var_dump($_SESSION);
// echo $query."";
$result = db_execute_assoc($query); //Checked
$arows = $result->GetRows();
$totalquestions = $result->RecordCount();
//2. SESSION VARIABLE: totalsteps
//The number of "pages" that will be presented in this survey
//The number of pages to be presented will differ depending on the survey format
switch($thissurvey['format'])
{
case "A":
$_SESSION['totalsteps']=1;
break;
case "G":
if (isset($_SESSION['grouplist'])) {$_SESSION['totalsteps']=count($_SESSION['grouplist']);}
break;
case "S":
$_SESSION['totalsteps']=$totalquestions;
}
if ($totalquestions == "0") //break out and crash if there are no questions!
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This survey does not yet have any questions and cannot be tested or completed.")."
\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
." ("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
//Perform a case insensitive natural sort on group name then question title of a multidimensional array
// usort($arows, 'CompareGroupThenTitle');
//3. SESSION VARIABLE - insertarray
//An array containing information about used to insert the data into the db at the submit stage
//4. SESSION VARIABLE - fieldarray
//See rem at end..
if ($thissurvey['private'] == "N")
{
$_SESSION['token'] = $clienttoken;
$_SESSION['insertarray'][]= "token";
}
if ($tokensexist == 1 && $thissurvey['private'] == "N")
{
//Gather survey data for "non anonymous" surveys, for use in presenting questions
$_SESSION['thistoken']=getTokenData($surveyid, $clienttoken);
}
foreach ($arows as $arow)
{
//WE ARE CREATING A SESSION VARIABLE FOR EVERY FIELD IN THE SURVEY
$fieldname = "{$arow['sid']}X{$arow['gid']}X{$arow['qid']}";
if ($arow['type'] == "M" || $arow['type'] == "A" || $arow['type'] == "B" ||
$arow['type'] == "C" || $arow['type'] == "E" || $arow['type'] == "F" ||
$arow['type'] == "H" || $arow['type'] == "P" || $arow['type'] == "^")
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = db_execute_assoc($abquery); //Checked
while ($abrow = $abresult->FetchRow())
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code'];
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
if (isset($alsoother) && $alsoother) //Add an extra field for storing "Other" answers
{
$_SESSION['insertarray'][] = $fieldname."other";
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname."othercomment";
}
}
}
elseif ($arow['type'] == "1") // Multi Scale
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = db_execute_assoc($abquery); //Checked
while ($abrow = $abresult->FetchRow())
{
$abmultiscalequery = "SELECT l.* FROM ".db_table_name('questions')." as q, ".db_table_name('labels')." as l, ".db_table_name('answers')." as a"
." WHERE a.qid=q.qid AND sid=$surveyid AND q.qid={$arow['qid']} "
." AND l.lid=q.lid AND sid=$surveyid AND q.qid={$arow['qid']}"
." AND l.language='".$_SESSION['s_lang']. "' "
." AND a.language='".$_SESSION['s_lang']. "' "
." AND q.language='".$_SESSION['s_lang']. "' ";
$abmultiscaleresult=db_execute_assoc($abmultiscalequery) or safe_die ("Couldn't get perform answers query
$abquery
".$connect->ErrorMsg()); //Checked
$abmultiscalecount=$abmultiscaleresult->RecordCount();
if ($abmultiscalecount>0)
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."#0";
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
// multi scale
$abmultiscalequery = "SELECT l.* FROM ".db_table_name('questions')." as q, ".db_table_name('labels')." as l, ".db_table_name('answers')." as a"
." WHERE a.qid=q.qid AND sid=$surveyid AND q.qid={$arow['qid']} "
." AND l.lid=q.lid1 AND sid=$surveyid AND q.qid={$arow['qid']}"
." AND l.language='".$_SESSION['s_lang']. "' "
." AND a.language='".$_SESSION['s_lang']. "' "
." AND q.language='".$_SESSION['s_lang']. "' ";
$abmultiscaleresult=db_execute_assoc($abmultiscalequery) or safe_die ("Couldn't get perform answers query
$abquery
".$connect->ErrorMsg()); //Checked
$abmultiscalecount=$abmultiscaleresult->RecordCount();
if ($abmultiscalecount>0)
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."#1";
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
}
if (isset($alsoother) && $alsoother) //Add an extra field for storing "Other" answers
{
$_SESSION['insertarray'][] = $fieldname."other";
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname."othercomment";
}
}
}
elseif ($arow['type'] == "R") // Ranking
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = $connect->Execute($abquery) or safe_die("ERROR:
".$abquery."
".$connect->ErrorMsg()); //Checked
$abcount = $abresult->RecordCount();
for ($i=1; $iFetchRow())
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code'];
}
}
elseif ($arow['type'] == "O") // List With Comment
{
$_SESSION['insertarray'][] = $fieldname;
$fn2 = $fieldname."comment";
$_SESSION['insertarray'][] = $fn2;
}
elseif ($arow['type'] == "L" || $arow['type'] == "!" || $arow['type'] == "Z" || $arow['type'] == "L") // List (Radio) - List (Dropdown)
{
$_SESSION['insertarray'][] = $fieldname;
if ($arow['other'] == "Y") { $_SESSION['insertarray'][] = $fieldname."other";}
//go through answers, and if there is a default, register it now so that conditions work properly the first time
$abquery = "SELECT a.code, a.default_value\n"
. " FROM ".db_table_name('answers')." as a \n"
. " WHERE a.qid={$arow['qid']}\n"
. " ORDER BY a.sortorder, a.answer";
$abresult = db_execute_assoc($abquery); //Checked
while($abrow = $abresult->FetchRow())
{
if ($abrow['default_value'] == "Y")
{
$_SESSION[$fieldname] = $abrow['code'];
}
}
}
elseif ($arow['type'] == "X") // Boilerplate Question
{
$totalBoilerplatequestions++;
$_SESSION['insertarray'][] = $fieldname;
}
else
{
$_SESSION['insertarray'][] = $fieldname;
}
// Separate query for each row no necessary because query above includes a sub-select now.
// Increases performance by at least 17% and reduces number of queries executed
// //Check to see if there are any conditions set for this question
if ($arow['hasconditions']>0)
{
$conditions = "Y";
}
else
{
$conditions = "N";
}
// Change query to use sub-select to see if conditions exist.
$query = "SELECT ".db_table_name('questions').".*, ".db_table_name('groups').".*,\n"
." (SELECT count(1) FROM ".db_table_name('conditions')."\n"
." WHERE ".db_table_name('questions').".qid = ".db_table_name('conditions').".qid) AS hasconditions\n"
." FROM ".db_table_name('groups')." INNER JOIN ".db_table_name('questions')." ON ".db_table_name('groups').".gid = ".db_table_name('questions').".gid\n"
." WHERE ".db_table_name('questions').".sid=".$surveyid."\n"
." AND ".db_table_name('groups').".language='".$_SESSION['s_lang']."'\n"
." AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."'\n"
." ORDER BY ".db_table_name('groups').".group_order,".db_table_name('questions').".question_order";
//var_dump($_SESSION);
// echo $query."";
$result = db_execute_assoc($query); //Checked
$arows = $result->GetRows();
$totalquestions = $result->RecordCount();
//2. SESSION VARIABLE: totalsteps
//The number of "pages" that will be presented in this survey
//The number of pages to be presented will differ depending on the survey format
switch($thissurvey['format'])
{
case "A":
$_SESSION['totalsteps']=1;
break;
case "G":
if (isset($_SESSION['grouplist'])) {$_SESSION['totalsteps']=count($_SESSION['grouplist']);}
break;
case "S":
$_SESSION['totalsteps']=$totalquestions;
}
if ($totalquestions == "0") //break out and crash if there are no questions!
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo templatereplace(file_get_contents("$thistpl/survey.pstpl"));
echo "\t
\n"
."\t".$clang->gT("This survey does not yet have any questions and cannot be tested or completed.")."
\n"
."\t".sprintf($clang->gT("For further information contact %s"), $thissurvey['adminname'])
." ("
."{$thissurvey['adminemail']})
\n"
."\t".$clang->gT("Close this Window")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
exit;
}
//Perform a case insensitive natural sort on group name then question title of a multidimensional array
// usort($arows, 'CompareGroupThenTitle');
//3. SESSION VARIABLE - insertarray
//An array containing information about used to insert the data into the db at the submit stage
//4. SESSION VARIABLE - fieldarray
//See rem at end..
if ($thissurvey['private'] == "N")
{
$_SESSION['token'] = $clienttoken;
$_SESSION['insertarray'][]= "token";
}
if ($tokensexist == 1 && $thissurvey['private'] == "N")
{
//Gather survey data for "non anonymous" surveys, for use in presenting questions
$_SESSION['thistoken']=getTokenData($surveyid, $clienttoken);
}
foreach ($arows as $arow)
{
//WE ARE CREATING A SESSION VARIABLE FOR EVERY FIELD IN THE SURVEY
$fieldname = "{$arow['sid']}X{$arow['gid']}X{$arow['qid']}";
if ($arow['type'] == "M" || $arow['type'] == "A" || $arow['type'] == "B" ||
$arow['type'] == "C" || $arow['type'] == "E" || $arow['type'] == "F" ||
$arow['type'] == "H" || $arow['type'] == "P" || $arow['type'] == "^")
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = db_execute_assoc($abquery); //Checked
while ($abrow = $abresult->FetchRow())
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code'];
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
if (isset($alsoother) && $alsoother) //Add an extra field for storing "Other" answers
{
$_SESSION['insertarray'][] = $fieldname."other";
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname."othercomment";
}
}
}
elseif ($arow['type'] == "1") // Multi Scale
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = db_execute_assoc($abquery); //Checked
while ($abrow = $abresult->FetchRow())
{
$abmultiscalequery = "SELECT l.* FROM ".db_table_name('questions')." as q, ".db_table_name('labels')." as l, ".db_table_name('answers')." as a"
." WHERE a.qid=q.qid AND sid=$surveyid AND q.qid={$arow['qid']} "
." AND l.lid=q.lid AND sid=$surveyid AND q.qid={$arow['qid']}"
." AND l.language='".$_SESSION['s_lang']. "' "
." AND a.language='".$_SESSION['s_lang']. "' "
." AND q.language='".$_SESSION['s_lang']. "' ";
$abmultiscaleresult=db_execute_assoc($abmultiscalequery) or safe_die ("Couldn't get perform answers query
$abquery
".$connect->ErrorMsg()); //Checked
$abmultiscalecount=$abmultiscaleresult->RecordCount();
if ($abmultiscalecount>0)
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."#0";
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
// multi scale
$abmultiscalequery = "SELECT l.* FROM ".db_table_name('questions')." as q, ".db_table_name('labels')." as l, ".db_table_name('answers')." as a"
." WHERE a.qid=q.qid AND sid=$surveyid AND q.qid={$arow['qid']} "
." AND l.lid=q.lid1 AND sid=$surveyid AND q.qid={$arow['qid']}"
." AND l.language='".$_SESSION['s_lang']. "' "
." AND a.language='".$_SESSION['s_lang']. "' "
." AND q.language='".$_SESSION['s_lang']. "' ";
$abmultiscaleresult=db_execute_assoc($abmultiscalequery) or safe_die ("Couldn't get perform answers query
$abquery
".$connect->ErrorMsg()); //Checked
$abmultiscalecount=$abmultiscaleresult->RecordCount();
if ($abmultiscalecount>0)
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."#1";
$alsoother = "";
if ($abrow['other'] == "Y") {$alsoother = "Y";}
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code']."comment";
}
}
}
if (isset($alsoother) && $alsoother) //Add an extra field for storing "Other" answers
{
$_SESSION['insertarray'][] = $fieldname."other";
if ($arow['type'] == "P")
{
$_SESSION['insertarray'][] = $fieldname."othercomment";
}
}
}
elseif ($arow['type'] == "R") // Ranking
{
// Optimized Query
$abquery = "SELECT ".db_table_name('answers').".code, ".db_table_name('questions').".other\n"
. " FROM ".db_table_name('answers')."\n"
. " INNER JOIN ".db_table_name('questions')."\n"
. " ON ".db_table_name('answers').".qid=".db_table_name('questions').".qid\n"
. " WHERE ".db_table_name('questions').".sid=$surveyid\n"
. " AND ".db_table_name('questions').".qid={$arow['qid']}\n"
. " AND ".db_table_name('questions').".language='".$_SESSION['s_lang']."' \n"
. " AND ".db_table_name('answers').".language='".$_SESSION['s_lang']."' \n"
. " ORDER BY ".db_table_name('answers').".sortorder, ".db_table_name('answers').".answer";
$abresult = $connect->Execute($abquery) or safe_die("ERROR:
".$abquery."
".$connect->ErrorMsg()); //Checked
$abcount = $abresult->RecordCount();
for ($i=1; $iFetchRow())
{
$_SESSION['insertarray'][] = $fieldname.$abrow['code'];
}
}
elseif ($arow['type'] == "O") // List With Comment
{
$_SESSION['insertarray'][] = $fieldname;
$fn2 = $fieldname."comment";
$_SESSION['insertarray'][] = $fn2;
}
elseif ($arow['type'] == "L" || $arow['type'] == "!" || $arow['type'] == "Z" || $arow['type'] == "L") // List (Radio) - List (Dropdown)
{
$_SESSION['insertarray'][] = $fieldname;
if ($arow['other'] == "Y") { $_SESSION['insertarray'][] = $fieldname."other";}
//go through answers, and if there is a default, register it now so that conditions work properly the first time
$abquery = "SELECT a.code, a.default_value\n"
. " FROM ".db_table_name('answers')." as a \n"
. " WHERE a.qid={$arow['qid']}\n"
. " ORDER BY a.sortorder, a.answer";
$abresult = db_execute_assoc($abquery); //Checked
while($abrow = $abresult->FetchRow())
{
if ($abrow['default_value'] == "Y")
{
$_SESSION[$fieldname] = $abrow['code'];
}
}
}
elseif ($arow['type'] == "X") // Boilerplate Question
{
$totalBoilerplatequestions++;
$_SESSION['insertarray'][] = $fieldname;
}
else
{
$_SESSION['insertarray'][] = $fieldname;
}
// Separate query for each row no necessary because query above includes a sub-select now.
// Increases performance by at least 17% and reduces number of queries executed
// //Check to see if there are any conditions set for this question
if ($arow['hasconditions']>0)
{
$conditions = "Y";
}
else
{
$conditions = "N";
}
Re: iframe onscroll
//3(b) See if any of the insertarray values have been passed in the query URL
if (isset($_SESSION['insertarray']))
{
foreach($_SESSION['insertarray'] as $field)
{
if (isset($_GET[$field]) && $field!='token')
{
$_SESSION[$field]=$_GET[$field];
}
}
}
//4. SESSION VARIABLE: fieldarray
//NOW WE'RE CREATING AN ARRAY CONTAINING EACH FIELD AND RELEVANT INFO
//ARRAY CONTENTS - [0]=questions.qid,
// [1]=fieldname,
// [2]=questions.title,
// [3]=questions.question
// [4]=questions.type,
// [5]=questions.gid,
// [6]=questions.mandatory,
// [7]=conditionsexist
$_SESSION['fieldarray'][] = array($arow['qid'],
$fieldname,
$arow['title'],
$arow['question'],
$arow['type'],
$arow['gid'],
$arow['mandatory'],
$conditions);
}
// Check if the current survey language is set - if not set it
// this way it can be changed later (for example by a special question type)
return $totalquestions;
}
function surveymover()
{
//This function creates the form elements in the survey navigation bar
//with ">NEXT" in them. The "submit" value determines how the script moves from
//one survey page to another. It is a hidden element, updated by clicking
//on the relevant button - allowing "NEXT" to be the default setting when
//a user presses enter.
//
//Attribute accesskey added for keyboard navigation.
global $thissurvey, $clang;
global $surveyid, $presentinggroupdescription;
$surveymover = "";
if (isset($_SESSION['step']) && $_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && !$presentinggroupdescription && $thissurvey['format'] != "A")
{
$surveymover = "";
}
else
{
$surveymover = "";
}
if (isset($_SESSION['step']) && $_SESSION['step'] > 0 && $thissurvey['format'] != "A" && !$presentinggroupdescription && $thissurvey['allowprev'] != "N")
{
$surveymover .= "gT("Previous")." ' name='move2' />\n";
}
if (isset($_SESSION['step']) && $_SESSION['step'] && (!$_SESSION['totalsteps'] || ($_SESSION['step'] gT("Next")." >> ' name='move2' />\n";
}
// here, in some lace, is where I must modify to turn the next button conditionable
if (!isset($_SESSION['step']) || !$_SESSION['step'])
{
$surveymover .= "\t\t\t\t\tgT("Next")." >> ' name='move2' />\n";
}
if (isset($_SESSION['step']) && $_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && $presentinggroupdescription == "yes")
{
$surveymover .= "\t\t\t\t\tgT("Next")." >> ' name='move2' />\n";
}
if ($_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && !$presentinggroupdescription)
{
$surveymover .= "\t\t\t\t\tgT("Submit")." ' name='move2' />\n";
}
// $surveymover .= "\n";
return $surveymover;
}
function doAssessment($surveyid)
{
global $dbprefix, $thistpl, $connect;
$query = "SELECT * FROM ".db_table_name('assessments')."
WHERE sid=$surveyid
ORDER BY scope";
if ($result = db_execute_assoc($query)) //Checked
{
if ($result->RecordCount() > 0)
{
while ($row=$result->FetchRow())
{
if ($row['scope'] == "G")
{
$assessment['group'][$row['gid']][]=array("name"=>$row['name'],
"min"=>$row['minimum'],
"max"=>$row['maximum'],
"message"=>$row['message'],
"link"=>$row['link']);
}
else
{
$assessment['total'][]=array( "name"=>$row['name'],
"min"=>$row['minimum'],
"max"=>$row['maximum'],
"message"=>$row['message'],
"link"=>$row['link']);
}
}
$fieldmap=createFieldMap($surveyid, "full");
$i=0;
$total=0;
// I added this condition : if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y"))
// because the internal representation of the answer of multiple Options type questions is Y, not the answer code
// for this type of questions I use $field['aid'] insted of $_SESSION[$field['fieldname']]
foreach($fieldmap as $field)
{
if (($field['fieldname'] != "datestamp") and ($field['fieldname'] != "refurl") and ($field['fieldname'] != "ipaddr") and ($field['fieldname'] != "token"))
{
if (isset($_SESSION[$field['fieldname']]))
{
if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y")) // for Multiple Options type questions
{
$fieldmap[$i]['answer']=$field['aid'];
$total=$total+$field['aid'];
}
else // any other type of question
{
$fieldmap[$i]['answer']=$_SESSION[$field['fieldname']];
$total=$total+$_SESSION[$field['fieldname']];
}
}
else {$fieldmap[$i]['answer']=0;}
$groups[]=$field['gid'];
}
$i++;
}
$groups=array_unique($groups);
foreach($groups as $group)
{
$grouptotal=0;
foreach ($fieldmap as $field)
{
if ($field['gid'] == $group && isset($field['answer']))
{
//$grouptotal=$grouptotal+$field['answer'];
if (isset ($_SESSION[$field['fieldname']]))
{
if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y")) // for Multiple Options type questions
$grouptotal=$grouptotal+$field['aid'];
else // any other type of question
$grouptotal=$grouptotal+$_SESSION[$field['fieldname']];
}
}
}
$subtotal[$group]=$grouptotal;
}
}
$assessments = "";
if (isset($subtotal) && is_array($subtotal))
{
foreach($subtotal as $key=>$val)
{
if (isset($assessment['group'][$key]))
{
foreach($assessment['group'][$key] as $assessed)
{
if ($val >= $assessed['min'] && $val
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['name']))."
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['message']))."
".$assessed['link']."
\n";
}
}
}
}
}
if (isset($assessment['total']))
{
foreach($assessment['total'] as $assessed)
{
if ($total >= $assessed['min'] && $total
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['name']))."
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['message']))."
".$assessed['link']."
\n";
}
}
}
return $assessments;
}
}
function UpdateSessionGroupList($language)
//1. SESSION VARIABLE: grouplist
//A list of groups in this survey, ordered by group name.
{
global $surveyid;
unset ($_SESSION['grouplist']);
$query = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND language='".$language."' ORDER BY ".db_table_name('groups').".group_order";
$result = db_execute_assoc($query) or safe_die ("Couldn't get group list
$query
".$connect->ErrorMsg()); //Checked
while ($row = $result->FetchRow())
{
$_SESSION['grouplist'][]=array($row['gid'], $row['group_name'], $row['description']);
}
}
function UpdateFieldArray()
//The FieldArray contains all necessary information regarding the questions
//This function is needed to update it in case the survey is switched to another language
{
global $surveyid;
if (isset($_SESSION['fieldarray']))
{
reset($_SESSION['fieldarray']);
while ( list($key) = each($_SESSION['fieldarray']) )
{
$questionarray =& $_SESSION['fieldarray'][$key];
$query = "SELECT * FROM ".db_table_name('questions')." WHERE qid=".$questionarray[0]." AND language='".$_SESSION['s_lang']."'";
$result = db_execute_assoc($query) or safe_die ("Couldn't get question
$query
".$connect->ErrorMsg()); //Checked
$row = $result->FetchRow();
$questionarray[2]=$row['title'];
$questionarray[3]=$row['question'];
unset($questionarray);
}
}
// This seems to only work in PHP 5 because of the referenced (&) array in the foreach construct
/* foreach($_SESSION['fieldarray'] as &$questionarray)
{
}
*/
}
/**
* getQuotaInformation() returns quota information for the current survey
* @param string $surveyid - Survey identification number
* @return array - nested array, Quotas->Members->Fields
*/
function getQuotaInformation($surveyid)
{
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$query = "SELECT * FROM ".db_table_name('quota')." WHERE sid='{$surveyid}'";
$result = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$quota_info = array();
$x=0;
// Check all quotas for the current survey
if ($result->RecordCount() > 0)
{
while ($survey_quotas = $result->FetchRow())
{
array_push($quota_info,array('Name' => $survey_quotas['name'],'Limit' => $survey_quotas['qlimit'],'Action' => $survey_quotas['action']));
$query = "SELECT * FROM ".db_table_name('quota_members')." WHERE quota_id='{$survey_quotas['id']}'";
$result_qe = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$quota_info[$x]['members'] = array();
if ($result_qe->RecordCount() > 0)
{
while ($quota_entry = $result_qe->FetchRow())
{
$query = "SELECT type, title,gid FROM ".db_table_name('questions')." WHERE qid='{$quota_entry['qid']}' AND language='{$baselang}'";
$result_quest = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$qtype = $result_quest->FetchRow();
$fieldnames = "0";
if ($qtype['type'] == "I" || $qtype['type'] == "G" || $qtype['type'] == "Y")
{
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid']);
$value = $quota_entry['code'];
}
if($qtype['type'] == "M")
{
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$quota_entry['code']);
$value = "Y";
}
if($qtype['type'] == "A" || $qtype['type'] == "B")
{
$temp = explode('-',$quota_entry['code']);
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$temp[0]);
$value = $temp[1];
}
array_push($quota_info[$x]['members'],array('Title' => $qtype['title'],'type' => $qtype['type'],'code' => $quota_entry['code'],'value' => $value,'qid' => $quota_entry['qid'],'fieldnames' => $fieldnames));
}
}
$x++;
}
}
return $quota_info;
}
/**
* check_quota() returns quota information for the current survey
* @param string $checkaction - action the function must take after completing:
* enforce: Enforce the quota action
* return: Return the updated quota array from getQuotaAnswers()
* @param string $surveyid - Survey identification number
* @return array - nested array, Quotas->Members->Fields, includes quota status and which members matched in session.
*/
function check_quota($checkaction,$surveyid)
{
global $thistpl, $clang, $clienttoken;
$global_matched = false;
$quota_info = getQuotaInformation($surveyid);
$x=0;
if(count($quota_info) > 0) // Quota's have to exist
{
// Check each quota on saved data to see if it is full
$querycond = array();
foreach ($quota_info as $quota)
{
if (count($quota['members']) > 0) // Quota can't be empty
{
$fields_list = array(); // Keep a list of fields for easy reference
$y=0;
// We need to make the conditions for the select statement here
// I'm supporting more than one field for a question/answer, not sure if this is necessary.
unset($querycond);
foreach($quota['members'] as $member)
{
$fields_query = array();
$select_query = " (";
foreach($member['fieldnames'] as $fieldname)
{
$fields_list[] = $fieldname;
$fields_query[] = "$fieldname = '{$member['value']}'";
// Check which quota fields and codes match in session, for later use.
// Incase of multiple fields for an answer - only needs to match once.
if (isset($_SESSION[$fieldname]) && $_SESSION[$fieldname] == $member['value'])
{
$quota_info[$x]['members'][$y]['insession'] = "true";
}
}
$select_query.= implode(' OR ',$fields_query)." )";
$querycond[] = $select_query;
unset($fields_query);
$y++;
}
// Lets only continue if any of the quota fields is in the posted page
$matched_fields = false;
if (isset($_POST['fieldnames']))
{
$posted_fields = explode("|",$_POST['fieldnames']);
foreach ($fields_list as $checkfield)
{
if (in_array($checkfield,$posted_fields))
{
$matched_fields = true;
$global_matched = true;
}
}
}
// A field was submitted that is part of the quota
if ($matched_fields == true)
{
// Check the status of the quota, is it full or not
$querysel = "SELECT id FROM ".db_table_name('survey_'.$surveyid)." WHERE ".implode(' AND ',$querycond)." "." AND submitdate !=''";
$result = db_execute_assoc($querysel) or safe_die($connect->ErrorMsg()); //Checked
$quota_check = $result->FetchRow();
if ($result->RecordCount() >= $quota['Limit']) // Quota is full!!
{
// Now we have to check if the quota matches in the current session
// This will let us know if this person is going to exceed the quota
$counted_matches = 0;
foreach($quota_info[$x]['members'] as $member)
{
if (isset($member['insession']) && $member['insession'] == "true") $counted_matches++;
}
if($counted_matches == count($quota['members']))
{
// They are going to exceed the quota if data is submitted
$quota_info[$x]['status']="matched";
} else
{
$quota_info[$x]['status']="notmatched";
}
} else
{
// Quota is no in danger of being exceeded.
$quota_info[$x]['status']="notmatched";
}
}
}
$x++;
}
} else
{
return false;
}
// Now we have all the information we need about the quotas and their status.
// Lets see what we should do now
if ($checkaction == 'return')
{
return $quota_info;
} else if ($global_matched == true && $checkaction == 'enforce')
{
// Need to add quota action enforcement here.
reset($quota_info);
$tempmsg ="";
$found = false;
foreach($quota_info as $quota)
{
if ((isset($quota['status']) && $quota['status'] == "matched") && (isset($quota['Action']) && $quota['Action'] == "1"))
{
session_destroy();
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\t
\n";
echo "\t".$clang->gT("Sorry your responses have exceeded a quota on this survey.")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
if ((isset($quota['status']) && $quota['status'] == "matched") && (isset($quota['Action']) && $quota['Action'] == "2"))
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\t
\n";
echo "\t".$clang->gT("Sorry your responses have exceeded a quota on this survey.")."
\n";
echo "
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
}
} else {
// Unknown value
return false;
}
}
?>
if (isset($_SESSION['insertarray']))
{
foreach($_SESSION['insertarray'] as $field)
{
if (isset($_GET[$field]) && $field!='token')
{
$_SESSION[$field]=$_GET[$field];
}
}
}
//4. SESSION VARIABLE: fieldarray
//NOW WE'RE CREATING AN ARRAY CONTAINING EACH FIELD AND RELEVANT INFO
//ARRAY CONTENTS - [0]=questions.qid,
// [1]=fieldname,
// [2]=questions.title,
// [3]=questions.question
// [4]=questions.type,
// [5]=questions.gid,
// [6]=questions.mandatory,
// [7]=conditionsexist
$_SESSION['fieldarray'][] = array($arow['qid'],
$fieldname,
$arow['title'],
$arow['question'],
$arow['type'],
$arow['gid'],
$arow['mandatory'],
$conditions);
}
// Check if the current survey language is set - if not set it
// this way it can be changed later (for example by a special question type)
return $totalquestions;
}
function surveymover()
{
//This function creates the form elements in the survey navigation bar
//with ">NEXT" in them. The "submit" value determines how the script moves from
//one survey page to another. It is a hidden element, updated by clicking
//on the relevant button - allowing "NEXT" to be the default setting when
//a user presses enter.
//
//Attribute accesskey added for keyboard navigation.
global $thissurvey, $clang;
global $surveyid, $presentinggroupdescription;
$surveymover = "";
if (isset($_SESSION['step']) && $_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && !$presentinggroupdescription && $thissurvey['format'] != "A")
{
$surveymover = "";
}
else
{
$surveymover = "";
}
if (isset($_SESSION['step']) && $_SESSION['step'] > 0 && $thissurvey['format'] != "A" && !$presentinggroupdescription && $thissurvey['allowprev'] != "N")
{
$surveymover .= "gT("Previous")." ' name='move2' />\n";
}
if (isset($_SESSION['step']) && $_SESSION['step'] && (!$_SESSION['totalsteps'] || ($_SESSION['step'] gT("Next")." >> ' name='move2' />\n";
}
// here, in some lace, is where I must modify to turn the next button conditionable
if (!isset($_SESSION['step']) || !$_SESSION['step'])
{
$surveymover .= "\t\t\t\t\tgT("Next")." >> ' name='move2' />\n";
}
if (isset($_SESSION['step']) && $_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && $presentinggroupdescription == "yes")
{
$surveymover .= "\t\t\t\t\tgT("Next")." >> ' name='move2' />\n";
}
if ($_SESSION['step'] && ($_SESSION['step'] == $_SESSION['totalsteps']) && !$presentinggroupdescription)
{
$surveymover .= "\t\t\t\t\tgT("Submit")." ' name='move2' />\n";
}
// $surveymover .= "\n";
return $surveymover;
}
function doAssessment($surveyid)
{
global $dbprefix, $thistpl, $connect;
$query = "SELECT * FROM ".db_table_name('assessments')."
WHERE sid=$surveyid
ORDER BY scope";
if ($result = db_execute_assoc($query)) //Checked
{
if ($result->RecordCount() > 0)
{
while ($row=$result->FetchRow())
{
if ($row['scope'] == "G")
{
$assessment['group'][$row['gid']][]=array("name"=>$row['name'],
"min"=>$row['minimum'],
"max"=>$row['maximum'],
"message"=>$row['message'],
"link"=>$row['link']);
}
else
{
$assessment['total'][]=array( "name"=>$row['name'],
"min"=>$row['minimum'],
"max"=>$row['maximum'],
"message"=>$row['message'],
"link"=>$row['link']);
}
}
$fieldmap=createFieldMap($surveyid, "full");
$i=0;
$total=0;
// I added this condition : if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y"))
// because the internal representation of the answer of multiple Options type questions is Y, not the answer code
// for this type of questions I use $field['aid'] insted of $_SESSION[$field['fieldname']]
foreach($fieldmap as $field)
{
if (($field['fieldname'] != "datestamp") and ($field['fieldname'] != "refurl") and ($field['fieldname'] != "ipaddr") and ($field['fieldname'] != "token"))
{
if (isset($_SESSION[$field['fieldname']]))
{
if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y")) // for Multiple Options type questions
{
$fieldmap[$i]['answer']=$field['aid'];
$total=$total+$field['aid'];
}
else // any other type of question
{
$fieldmap[$i]['answer']=$_SESSION[$field['fieldname']];
$total=$total+$_SESSION[$field['fieldname']];
}
}
else {$fieldmap[$i]['answer']=0;}
$groups[]=$field['gid'];
}
$i++;
}
$groups=array_unique($groups);
foreach($groups as $group)
{
$grouptotal=0;
foreach ($fieldmap as $field)
{
if ($field['gid'] == $group && isset($field['answer']))
{
//$grouptotal=$grouptotal+$field['answer'];
if (isset ($_SESSION[$field['fieldname']]))
{
if (($field['type'] == "M") and ($_SESSION[$field['fieldname']] == "Y")) // for Multiple Options type questions
$grouptotal=$grouptotal+$field['aid'];
else // any other type of question
$grouptotal=$grouptotal+$_SESSION[$field['fieldname']];
}
}
}
$subtotal[$group]=$grouptotal;
}
}
$assessments = "";
if (isset($subtotal) && is_array($subtotal))
{
foreach($subtotal as $key=>$val)
{
if (isset($assessment['group'][$key]))
{
foreach($assessment['group'][$key] as $assessed)
{
if ($val >= $assessed['min'] && $val
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['name']))."
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['message']))."
".$assessed['link']."
\n";
}
}
}
}
}
if (isset($assessment['total']))
{
foreach($assessment['total'] as $assessed)
{
if ($total >= $assessed['min'] && $total
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['name']))."
".str_replace(array("{PERC}", "{TOTAL}"), array($val, $val), stripslashes($assessed['message']))."
".$assessed['link']."
\n";
}
}
}
return $assessments;
}
}
function UpdateSessionGroupList($language)
//1. SESSION VARIABLE: grouplist
//A list of groups in this survey, ordered by group name.
{
global $surveyid;
unset ($_SESSION['grouplist']);
$query = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND language='".$language."' ORDER BY ".db_table_name('groups').".group_order";
$result = db_execute_assoc($query) or safe_die ("Couldn't get group list
$query
".$connect->ErrorMsg()); //Checked
while ($row = $result->FetchRow())
{
$_SESSION['grouplist'][]=array($row['gid'], $row['group_name'], $row['description']);
}
}
function UpdateFieldArray()
//The FieldArray contains all necessary information regarding the questions
//This function is needed to update it in case the survey is switched to another language
{
global $surveyid;
if (isset($_SESSION['fieldarray']))
{
reset($_SESSION['fieldarray']);
while ( list($key) = each($_SESSION['fieldarray']) )
{
$questionarray =& $_SESSION['fieldarray'][$key];
$query = "SELECT * FROM ".db_table_name('questions')." WHERE qid=".$questionarray[0]." AND language='".$_SESSION['s_lang']."'";
$result = db_execute_assoc($query) or safe_die ("Couldn't get question
$query
".$connect->ErrorMsg()); //Checked
$row = $result->FetchRow();
$questionarray[2]=$row['title'];
$questionarray[3]=$row['question'];
unset($questionarray);
}
}
// This seems to only work in PHP 5 because of the referenced (&) array in the foreach construct
/* foreach($_SESSION['fieldarray'] as &$questionarray)
{
}
*/
}
/**
* getQuotaInformation() returns quota information for the current survey
* @param string $surveyid - Survey identification number
* @return array - nested array, Quotas->Members->Fields
*/
function getQuotaInformation($surveyid)
{
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$query = "SELECT * FROM ".db_table_name('quota')." WHERE sid='{$surveyid}'";
$result = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$quota_info = array();
$x=0;
// Check all quotas for the current survey
if ($result->RecordCount() > 0)
{
while ($survey_quotas = $result->FetchRow())
{
array_push($quota_info,array('Name' => $survey_quotas['name'],'Limit' => $survey_quotas['qlimit'],'Action' => $survey_quotas['action']));
$query = "SELECT * FROM ".db_table_name('quota_members')." WHERE quota_id='{$survey_quotas['id']}'";
$result_qe = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$quota_info[$x]['members'] = array();
if ($result_qe->RecordCount() > 0)
{
while ($quota_entry = $result_qe->FetchRow())
{
$query = "SELECT type, title,gid FROM ".db_table_name('questions')." WHERE qid='{$quota_entry['qid']}' AND language='{$baselang}'";
$result_quest = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$qtype = $result_quest->FetchRow();
$fieldnames = "0";
if ($qtype['type'] == "I" || $qtype['type'] == "G" || $qtype['type'] == "Y")
{
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid']);
$value = $quota_entry['code'];
}
if($qtype['type'] == "M")
{
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$quota_entry['code']);
$value = "Y";
}
if($qtype['type'] == "A" || $qtype['type'] == "B")
{
$temp = explode('-',$quota_entry['code']);
$fieldnames=array(0 => $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$temp[0]);
$value = $temp[1];
}
array_push($quota_info[$x]['members'],array('Title' => $qtype['title'],'type' => $qtype['type'],'code' => $quota_entry['code'],'value' => $value,'qid' => $quota_entry['qid'],'fieldnames' => $fieldnames));
}
}
$x++;
}
}
return $quota_info;
}
/**
* check_quota() returns quota information for the current survey
* @param string $checkaction - action the function must take after completing:
* enforce: Enforce the quota action
* return: Return the updated quota array from getQuotaAnswers()
* @param string $surveyid - Survey identification number
* @return array - nested array, Quotas->Members->Fields, includes quota status and which members matched in session.
*/
function check_quota($checkaction,$surveyid)
{
global $thistpl, $clang, $clienttoken;
$global_matched = false;
$quota_info = getQuotaInformation($surveyid);
$x=0;
if(count($quota_info) > 0) // Quota's have to exist
{
// Check each quota on saved data to see if it is full
$querycond = array();
foreach ($quota_info as $quota)
{
if (count($quota['members']) > 0) // Quota can't be empty
{
$fields_list = array(); // Keep a list of fields for easy reference
$y=0;
// We need to make the conditions for the select statement here
// I'm supporting more than one field for a question/answer, not sure if this is necessary.
unset($querycond);
foreach($quota['members'] as $member)
{
$fields_query = array();
$select_query = " (";
foreach($member['fieldnames'] as $fieldname)
{
$fields_list[] = $fieldname;
$fields_query[] = "$fieldname = '{$member['value']}'";
// Check which quota fields and codes match in session, for later use.
// Incase of multiple fields for an answer - only needs to match once.
if (isset($_SESSION[$fieldname]) && $_SESSION[$fieldname] == $member['value'])
{
$quota_info[$x]['members'][$y]['insession'] = "true";
}
}
$select_query.= implode(' OR ',$fields_query)." )";
$querycond[] = $select_query;
unset($fields_query);
$y++;
}
// Lets only continue if any of the quota fields is in the posted page
$matched_fields = false;
if (isset($_POST['fieldnames']))
{
$posted_fields = explode("|",$_POST['fieldnames']);
foreach ($fields_list as $checkfield)
{
if (in_array($checkfield,$posted_fields))
{
$matched_fields = true;
$global_matched = true;
}
}
}
// A field was submitted that is part of the quota
if ($matched_fields == true)
{
// Check the status of the quota, is it full or not
$querysel = "SELECT id FROM ".db_table_name('survey_'.$surveyid)." WHERE ".implode(' AND ',$querycond)." "." AND submitdate !=''";
$result = db_execute_assoc($querysel) or safe_die($connect->ErrorMsg()); //Checked
$quota_check = $result->FetchRow();
if ($result->RecordCount() >= $quota['Limit']) // Quota is full!!
{
// Now we have to check if the quota matches in the current session
// This will let us know if this person is going to exceed the quota
$counted_matches = 0;
foreach($quota_info[$x]['members'] as $member)
{
if (isset($member['insession']) && $member['insession'] == "true") $counted_matches++;
}
if($counted_matches == count($quota['members']))
{
// They are going to exceed the quota if data is submitted
$quota_info[$x]['status']="matched";
} else
{
$quota_info[$x]['status']="notmatched";
}
} else
{
// Quota is no in danger of being exceeded.
$quota_info[$x]['status']="notmatched";
}
}
}
$x++;
}
} else
{
return false;
}
// Now we have all the information we need about the quotas and their status.
// Lets see what we should do now
if ($checkaction == 'return')
{
return $quota_info;
} else if ($global_matched == true && $checkaction == 'enforce')
{
// Need to add quota action enforcement here.
reset($quota_info);
$tempmsg ="";
$found = false;
foreach($quota_info as $quota)
{
if ((isset($quota['status']) && $quota['status'] == "matched") && (isset($quota['Action']) && $quota['Action'] == "1"))
{
session_destroy();
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\t
\n";
echo "\t".$clang->gT("Sorry your responses have exceeded a quota on this survey.")."
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
if ((isset($quota['status']) && $quota['status'] == "matched") && (isset($quota['Action']) && $quota['Action'] == "2"))
{
sendcacheheaders();
doHeader();
echo templatereplace(file_get_contents("$thistpl/startpage.pstpl"));
echo "\t
\n";
echo "\t".$clang->gT("Sorry your responses have exceeded a quota on this survey.")."
\n";
echo "
\n";
echo templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
doFooter();
exit;
}
}
} else {
// Unknown value
return false;
}
}
?>
Re: iframe onscroll
Dann schau mal, ob Du diese Datei findest:
"startpage.pstpl"
Die müsste in dem Ordner "/templates/default/" sein.
Schau mal, ob Du da " findest.
"startpage.pstpl"
Die müsste in dem Ordner "/templates/default/" sein.
Schau mal, ob Du da " findest.
Re: iframe onscroll
ah jetzt scheints zu klappen.
vielen vielen dank für die hilfe!
vielen vielen dank für die hilfe!
