From 612f3aaea9e154c0acac886ae32d28ae77d59174 Mon Sep 17 00:00:00 2001
From: Alex <ddrmoscow@gmail.com>
Date: Mon, 5 Oct 2015 18:34:02 +0300
Subject: [PATCH 1/5] Added in-page Lime statistics block, Bootstrapted
 interface

---
 client/index.php | 41 ++++++++++++++++++++++++-----------------
 css/custom.css   |  4 ++++
 2 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/client/index.php b/client/index.php
index c3b0728c..3e3ab9ca 100644
--- a/client/index.php
+++ b/client/index.php
@@ -41,7 +41,7 @@ include_once(dirname(__FILE__).'/../db.inc.php');
 /** 
  * Authentication
  */
-include ("auth-client.php");
+require ("auth-client.php");
 
 
 /**
@@ -62,11 +62,11 @@ include ("../functions/functions.client.php");
 
 $client_id = get_client_id();
 
-xhtml_head(T_("Questionnaire Outcomes"),true,array("css/table.css"));
+xhtml_head(T_("Questionnaire Outcomes"),true,array("../include/bootstrap/css/bootstrap.min.css", "../css/custom.css"));
 
 if ($client_id)
 {
-	$sql = "SELECT q.questionnaire_id,q.description
+	$sql = "SELECT q.questionnaire_id,q.description,q.lime_sid
 		FROM questionnaire as q, client_questionnaire as cq
 		WHERE cq.questionnaire_id = q.questionnaire_id
 		AND q.enabled = 1
@@ -75,14 +75,17 @@ if ($client_id)
 	$qs = $db->GetAll($sql);
 
 	if (empty($qs))
-		print "<p>" . T_("There are no questionnaires assigned to you") . "</p>";
+		print "<p class='alert alert-info'>" . T_("There are no questionnaires assigned to you") . "</p>";
 	else
 	{
+		print "<div class='col-lg-2'>";
+		
 		foreach($qs as $q)
 		{
-			print "<h2>{$q['description']}</h2>";
+			print "<div class=' '><h2>{$q['description']}</h2>";
 
 			$questionnaire_id = $q['questionnaire_id'];
+			$qsid=$q['lime_sid'];
 
 			$sql = "SELECT o.calc, count( c.case_id )
 				FROM `case` AS c, `outcome` AS o
@@ -91,15 +94,15 @@ if ($client_id)
 				GROUP BY o.calc";
 			
 			$a = $db->GetAssoc($sql);
+			
 			$a = aapor_clean($a);
 		
-			
-			print "<table><tr><th>" . T_("Outcome") . "</th><th>" . T_("Rate") . "</th></tr>"; 
+			print "<table class='table-hover table-condensed tclass'><thead class=\"highlight\"><tr><th>" . T_("Outcome") . "</th><th>" . T_("Rate") . "</th></tr></thead>"; 
 			print "<tr><td>" . T_("Response Rate 1") . "</td><td>" . round(aapor_rr1($a),2) . "</td></tr>";
 			print "<tr><td>" . T_("Refusal Rate 1") . "</td><td>" . round(aapor_ref1($a),2) . "</td></tr>";
 			print "<tr><td>" . T_("Cooperation Rate 1") . "</td><td>" . round(aapor_coop1($a),2) . "</td></tr>";
 			print "<tr><td>" . T_("Contact Rate 1") . "</td><td>" . round(aapor_con1($a),2) . "</td></tr>";
-			print "</table>";
+			print "</table></br>";
 			
 			
 			$sql = "SELECT o.description as des, o.outcome_id, count( c.case_id ) as count
@@ -115,20 +118,24 @@ if ($client_id)
 				translate_array($rs,array("des"));
 				xhtml_table($rs,array("des","count"),array(T_("Outcome"),T_("Count")),"tclass",array("des" => "Complete"));
 			}
-			else
-				print "<p>" . T_("No outcomes recorded for this questionnaire") . "</p>";
-		
+			else print "<p class='alert alert-info'>" . T_("No outcomes recorded for this questionnaire") . "</p>";
+
+			print "</br><a href=\"?page=".LIME_URL."admin/admin.php\" class=\"btn btn-default btn-block btn-lime\">" . T_("Lime results") . "</a></div>";
 		}
+		
+		$page =''; if (isset($_GET['page'])) $page = $_GET['page'] . "?action=browse&amp;sid=$qsid"; 
+?>		
+		</div>
+		
+		<div class="col-lg-10" id=" " style="height:820px;">
+			<?php xhtml_object($page,' ',"full"); ?>
+		</div>	
+<?php
 
 	}
-
-
-
 }
 else
-	print "<p>" . T_("You are not a valid client") . "</p>";
-
-
+	print "<p class='alert alert-danger'>" . T_("You are not a valid client") . "</p>";
 
 xhtml_foot();
 
diff --git a/css/custom.css b/css/custom.css
index 8dc3463f..9e2441bd 100644
--- a/css/custom.css
+++ b/css/custom.css
@@ -74,4 +74,8 @@ text-shadow: 1px 2px 1px #ababab;
 .h1, .h2, .h3, h1, h2, h3 {
 margin-bottom: 0.4em;
 margin-top: 0.25em;
+}
+.full {
+  width:100%;
+  height:100%;
 }
\ No newline at end of file

From 48068aec5b8090cd7d3cd1c8b17da50e1497ad45 Mon Sep 17 00:00:00 2001
From: Alex <ddrmoscow@gmail.com>
Date: Mon, 5 Oct 2015 18:35:11 +0300
Subject: [PATCH 2/5] remove unused css

---
 client/css/table.css | 13 -------------
 1 file changed, 13 deletions(-)
 delete mode 100644 client/css/table.css

diff --git a/client/css/table.css b/client/css/table.css
deleted file mode 100644
index cf86e2a9..00000000
--- a/client/css/table.css
+++ /dev/null
@@ -1,13 +0,0 @@
-tr.odd {
-	background-color: #eeeeee;
-}
-.tclass th {
-	text-align:left;
-	border: 1px solid #aaa;
-}
-.tclass td {
-	border: 1px solid #aaa;
-}
-.highlight {
-	background-color: #cccccc;
-}

From e2f91e470c25f87e9666b0e46724ab695ff6112e Mon Sep 17 00:00:00 2001
From: Alex <ddrmoscow@gmail.com>
Date: Mon, 5 Oct 2015 18:52:59 +0300
Subject: [PATCH 3/5] let's make clients accounts editable, check for
 duplicated clients username

---
 admin/clients.php | 176 +++++++++++++++++++++++++++++++++-------------
 1 file changed, 127 insertions(+), 49 deletions(-)

diff --git a/admin/clients.php b/admin/clients.php
index f9309c2a..4b9e8a2a 100644
--- a/admin/clients.php
+++ b/admin/clients.php
@@ -45,7 +45,7 @@ include ("../db.inc.php");
 /**
  * Authentication file
  */
-include ("auth-admin.php");
+require ("auth-admin.php");
 
 /**
  * XHTML functions
@@ -57,7 +57,9 @@ global $db;
 
 $a = false;
 
-if (isset($_POST['client']))
+$client =""; $firstname="";$lastname="";$email=""; $time_zone_name="";
+
+if (isset($_POST['client']) && !empty($_POST['client']))
 {
 	$client = $db->qstr($_POST['client'],get_magic_quotes_gpc());
 	$firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc());
@@ -65,46 +67,108 @@ if (isset($_POST['client']))
 	$lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc());
 	$time_zone_name = $db->qstr($_POST['Time_zone_name'],get_magic_quotes_gpc());
 	
-	if (!empty($_POST['client']))
-	{
-		$sql = "INSERT INTO client
-			(`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
-			VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
+	/* check if there'a record with this username*/
+	$sql = "SELECT `username`,`client_id` from client WHERE `username` LIKE $client";
+	$rs = $db->GetAll($sql);
 	
-		if ($db->Execute($sql))
-		{
-      include_once("../include/limesurvey/admin/classes/core/sha256.php");
-
-      //Insert into lime_users
-      $sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
-              VALUES ($client, '" . SHA256::hashing($_POST['password']) . "',$firstname,1,0,$email,'auto')";
-
-      $db->Execute($sql);
-
+	if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
+		
+		$clid = intval($_GET['edit']);
+		$uid = intval($_POST['uid']);
+	}
+		
 	
-			$a =  T_("Added: $client");	
+	if (empty($rs) || count($rs)==1 && $rs[0]['client_id'] == $clid){
+		
+		// update client
+		if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
+			
+			$sql = "UPDATE `client` SET `username`= $client,`firstName` = $firstname,`lastName` = $lastname,`Time_zone_name` = $time_zone_name
+					WHERE `client_id` = $clid ";
+					
+			if ($db->Execute($sql))
+			{
+				$sql = "UPDATE " . LIME_PREFIX . "users SET `users_name` = $client, `full_name` = $firstname, `email` = $email";
+				
+				/* rewrite 'password' only if not blank in edit mode */
+				if (isset($_GET['edit']) && $_GET['edit'] >0 && isset($_POST['password']) && !empty($_POST['password'])) {
+					
+					include_once("../include/limesurvey/admin/classes/core/sha256.php");
+					$sql .=",`password` = '" . SHA256::hashing($_POST['password']) . "'";
+				}
+				
+				$sql .= "WHERE `uid` = $uid";
+
+				$db->Execute($sql);
+
+				if ($db->Execute($sql)) $a =  T_("Updated") . ": " . $client; else $a =  T_("Update error");
+			}
+			else 
+				$a = T_("Could not update") . " " . $client;
 		}
-		else
-			$a = T_("Could not add") . " " . $client . ". " . T_("There may already be a client of this name");
+		else {  //save as a new client
+
+			$sql = "INSERT INTO client (`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
+					VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
+		
+			if ($db->Execute($sql)) {
+						
+				include_once("../include/limesurvey/admin/classes/core/sha256.php");
+
+				//Insert into lime_users 
+				$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`) 
+						VALUES ($client, '" . SHA256::hashing($_POST['password']) . "', $firstname ,1,0,$email,'auto')";
+
+				$db->Execute($sql);
+
+				if ($db->Execute($sql)) $a = T_("Added") . ": " . $client; else $a =  T_("Error adding client");	
+			}
+			else 
+				$a = T_("Could not add") . " " . $client;
+		}
+	}
+	else $a = T_("Username") . " " . $client . ". " . T_("is already in use");
+}
+
+$header = T_("Add a client");
+$sbut = T_("Add new client");
+$req = "required";
+
+if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
+	
+	$header = T_("Edit client data");
+
+	$clid = intval($_GET['edit']);
+			
+	$sql = "SELECT client.*, u.email, u.uid from client, " . LIME_PREFIX . "users as u WHERE client_id=$clid and u.users_name=username";
+			
+	$cdata = $db->GetRow($sql);
+
+	if (!$cdata) {
+		unset($_GET['edit']);
+		die(T_("NO such client"));
+	}  
+	else{
+		$uid = $cdata['uid'];
+		$client = $cdata['username'];
+		$firstname= $cdata['firstName'];
+		$lastname= $cdata['lastName'];
+		$email= $cdata['email'];
+		$time_zone_name = $cdata['Time_zone_name'];
+		$sbut = T_("Update client data");
+		$req = "";
 	}
 }
 
-
-xhtml_head(T_("Add a client"),true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
+xhtml_head($header,true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
 
 $sql = "SELECT Time_zone_name as value, Time_zone_name as description
 	FROM timezone_template";
+$tzs = $db->GetAll($sql);
 
-$rs = $db->GetAll($sql);
-
-
-if ($a)
-{
-?>
+if ($a) { ?>
 	<div class='alert alert-info'><?php  echo $a; ?></div>
-<?php 
-}
-?>
+<?php } ?>
 
 <script type="text/javascript">	
 //Password generator
@@ -145,38 +209,52 @@ function generate() {
 
 
 <div class="well">
-	<p><?php  echo T_("Adding a client here will allow them to access project information in the client subdirectory. You can assign a client to a particular project using the"); ?> <a href="clientquestionnaire.php"><?php  echo T_("Assign client to Questionnaire"); ?></a> <?php  echo T_("tool."); ?></p>
+	<p><?php  echo T_("Adding a client here will allow them to access project information in the client subdirectory.");
 	
+	if (isset($_GET['edit']) && $_GET['edit'] >0 ){
+		echo "&emsp;" . T_("You can assign a client to a particular project with"). "&emsp;"; ?> <a href="clientquestionnaire.php" class="btn btn-default"><?php  echo T_("Assign client to Questionnaire") . "</a>";
+	} ?>
+	</p>
+</div>	
+
 <form enctype="multipart/form-data" action="" method="post" class="form-horizontal" name="addclient" >
 	<div class="form-group form-inline">
-		<label class="control-label col-sm-3"><?php  echo T_("Enter the username of a client to add:"); ?></label>
-		<input name="client" type="text" class="form-control pull-left" required size="40" />
+		<label class="control-label col-lg-3"><?php  echo T_("Username"); ?>:</label>
+		<input name="client" type="text" class="form-control" required size="40" value="<?php echo $client;?>"/>
 	</div>
 	<div class="form-group form-inline">
-		<label class="control-label col-sm-3"><?php  echo T_("Enter the password of a client to add:"); ?></label>
-		<input name="password" type="text" class="form-control pull-left" size="40" required />
+		<label class="control-label col-lg-3"><?php  echo T_("Password"); ?>:</label>
+		<input name="password" type="text" class="form-control pull-left" size="40" <?php echo $req;?> placeholder="<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) echo T_("Leave this blank to keep current password");?>"/>
 		<div class="form-inline">&emsp;&emsp;
 			<input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp;
 			<input type="number" name="number" value="25" min="8" max="50" style="width:5em;"  class="form-control" />&ensp;<?php echo T_("characters");?>
 		</div>
 	</div>
 	<div class="form-group form-inline">
-		<label class="control-label col-sm-3"><?php  echo T_("Enter the first name of a client to add:"); ?></label>
-		<input name="firstname" type="text" class="form-control pull-left" size="40" />
+		<label class="control-label col-lg-3"><?php  echo T_("First name"); ?> :</label>
+		<input name="firstname" type="text" class="form-control" size="40" value="<?php echo $firstname;?>"/>
 	</div>
 	<div class="form-group form-inline">
-		<label class="control-label col-sm-3"><?php  echo T_("Enter the surname of a client to add:"); ?></label>
-		<input name="lastname" type="text" class="form-control pull-left" size="40"/>
-  </div>
-  <div class="form-group form-inline">
-		<label class="col-sm-3 control-label"><?php echo T_("Email") . ": ";?></label>
-    <input name="email" type="text" class="form-control pull-left"/>
-  </div>
-	<div class="form-group form-inline">
-		<label class="control-label col-sm-3"><a href='timezonetemplate.php'><?php  echo T_("Enter the Time Zone of a client to add:"); echo "</a></label>";
-		display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"pull-left"); ?>
+		<label class="control-label col-lg-3"><?php  echo T_("Surname"); ?>:</label>
+		<input name="lastname" type="text" class="form-control" size="40"value="<?php echo $lastname;?>"/>
+	</div>
+	<div class="form-group form-inline">
+		<label class="col-lg-3 control-label"><?php echo T_("Email"); ?>:</label>
+		<input name="email" type="text" class="form-control" size="40" value="<?php echo $email;?>"/>
+	</div>
+	<div class="form-group form-inline">
+		<label class="control-label col-lg-3"><a href='timezonetemplate.php'><?php  echo T_("Timezone"); echo ":</a></label><div size=\"40\">";
+		if (isset($_GET['edit']) && $_GET['edit'] >0)  $dtz = $time_zone_name; else $dtz = get_setting("DEFAULT_TIME_ZONE");
+		display_chooser($tzs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value", $dtz),true,"pull-left"); ?> </div>
+	</div>
+	<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) { ?>
+		<input name="uid" type="hidden" value="<?php echo $uid;?>"/>
+	<?php } ?>
+	
+	<div class="form-group">
+		<a href="clientquestionnaire.php" style="" class="btn btn-default col-lg-1 col-lg-offset-1"><?php  echo T_("Cancel"); ?></a>
+		<input type="submit" value="<?php  echo $sbut; ?>" style="width:336px;" class="btn btn-primary col-lg-offset-1"/>
 	</div>
-	<input type="submit" value="<?php  echo T_("Add a client"); ?>" class="btn btn-primary col-sm-offset-3 col-sm-3"/>
 </form>
 
 <?php 

From 4344d613af102e1b414b2c891fa74697258bf05f Mon Sep 17 00:00:00 2001
From: Alex <ddrmoscow@gmail.com>
Date: Mon, 5 Oct 2015 19:09:20 +0300
Subject: [PATCH 4/5] New options: * possible to delete clients, * possible to
 edit clients accounts, * enable and pre-set client quesionnaire permissions
 to view results, statistics and quotas when assigning questionnaire to client
 @ 1st time, * link to edit quesionnaire permissions in Lime

---
 admin/clientquestionnaire.php | 135 ++++++++++++++++++++++++----------
 1 file changed, 95 insertions(+), 40 deletions(-)

diff --git a/admin/clientquestionnaire.php b/admin/clientquestionnaire.php
index 67ad774d..3bf45b3c 100644
--- a/admin/clientquestionnaire.php
+++ b/admin/clientquestionnaire.php
@@ -42,13 +42,15 @@ include ("../db.inc.php");
 /**
  * Authentication file
  */
-include ("auth-admin.php");
+require ("auth-admin.php");
 
 /**
  * XHTML functions
  */
 include ("../functions/functions.xhtml.php");
 
+$msg = "";
+
 /**
  * Return if an client has already been assigned to this questionnaire
  *
@@ -78,78 +80,125 @@ function vq($client_id,$questionnaire_id)
  *
  * @param int $client_id Client id
  * @param int $questionnaire_id Questionnaire id
+ * @param int $lime_sid Lime survey ID
+ * @param int $uid  Lime user ID
  *
  */
-function vqi($client_id,$questionnaire_id)
+function vqi($client_id,$questionnaire_id,$lime_sid,$uid)
 {
 	global $db;
+	
+	$db->StartTrans();
 
 	$sql = "INSERT INTO
 		client_questionnaire (client_id,questionnaire_id)
 		VALUES('$client_id','$questionnaire_id')";
 
 	$db->Execute($sql);
-}
-
-
-/**
- * Unassign an client from a questionnaire
- *
- * @param int $client_id Client id
- * @param int $questionnaire_id Questionnaire id
- *
- */
-function vqd($client_id,$questionnaire_id)
-{
-	global $db;
-
-	$sql = "DELETE FROM
-		client_questionnaire	
-		WHERE client_id = '$client_id' and questionnaire_id = '$questionnaire_id'";
-
-	$db->Execute($sql);
+	
+	/* Add client questionnaire permissions to view Lime results + statistics and quotas,  //preserve superadmin permissions */
+	if ($uid != 1 && empty($db->GetAll("SELECT * FROM " . LIME_PREFIX . "survey_permissions WHERE `sid` = '$lime_sid' AND `uid` = '$uid'")))
+	{
+		$sql = "INSERT INTO " . LIME_PREFIX . "survey_permissions (`sid`,`uid`,`permission`,`create_p`,`read_p`,`update_p`,`delete_p`,`import_p`,`export_p`)
+              VALUES ($lime_sid,$uid,'survey',0,1,0,0,0,0),($lime_sid,$uid,'statistics',0,1,0,0,0,0),($lime_sid,$uid,'quotas',0,1,0,0,0,0)";
+		$db->Execute($sql);
+	}
+	
+	$db->CompleteTrans();
 }
 
 
 if (isset($_POST['submit']))
 {
 	$db->StartTrans();
-
-	$sql = "DELETE 
-		FROM client_questionnaire
-		WHERE questionnaire_id IN (
-			SELECT questionnaire_id
-			FROM questionnaire	
-			WHERE enabled = 1)";
-
+	
+	/* Unassign a client from a questionnaire , remove survey_permissions*/
+	$sql = "DELETE FROM client_questionnaire
+		WHERE questionnaire_id IN ( SELECT questionnaire_id FROM questionnaire WHERE enabled = 1)";
 	$db->Execute($sql);
+/*Currently disabled -> need to decide how to manage permissions set earlier*/	
+/* 	$questionnaires = $db->GetAll("SELECT lime_sid FROM questionnaire WHERE enabled = 1");
+	
+	$clients = $db->GetAll("SELECT uid FROM client, " . LIME_PREFIX . "users WHERE `users_name` = `username`");
+
+	foreach($questionnaires as $q){
+		foreach($clients as $v){
+			$sql = "DELETE FROM " . LIME_PREFIX . "survey_permissions WHERE `uid` = {$v['uid']} AND `sid`={$q['lime_sid']} AND `uid` != 1";
+			$db->Execute($sql);
+		}
+	} */
+	/* - end - */
 
 	foreach ($_POST as $g => $v)
 	{
 		$a = explode("_",$g);
 		if ($a[0] == "cb")
-			vqi($a[2],$a[1]);
+			vqi($a[2],$a[1],$a[3],$a[4]);
 	}
 
 	$db->CompleteTrans();
 }
 
+/* delete client from quexs and lime tables*/  //requires data-toggle-confirmation to finalize
+if (isset($_POST['delete']) && isset($_POST['uid']))
+{
+	$client_id = intval($_POST['delete']);
+	$uid = intval($_POST['uid']);
+	$uname = $_POST['uname'];
+	
+	global $db;
+	
+	$db->StartTrans();
+	
+	if ($uid !=1){ //double protect superadmin from being deleted
+	
+		$sql = "DELETE FROM " . LIME_PREFIX . "templates_rights WHERE `uid` = '$uid' AND `uid` != 1";
+		$db->Execute($sql);
+		
+		$sql = "DELETE FROM " . LIME_PREFIX . "survey_permissions WHERE `uid` = '$uid' AND `uid` != 1";
+		$db->Execute($sql);
+		
+		$sql = "DELETE FROM " . LIME_PREFIX . "user_in_groups WHERE `uid` = '$uid' AND `uid` != 1";
+		$db->Execute($sql);
+		
+		$sql = "DELETE FROM " . LIME_PREFIX . "users WHERE `uid` = '$uid' AND `uid` != 1";
+		$db->Execute($sql);
+		
+	}
 
-$sql = "SELECT questionnaire_id,description
+	$sql = "DELETE FROM `client_questionnaire` WHERE `client_id` = '$client_id' ";
+	$db->Execute($sql);
+	
+	$sql = "DELETE FROM `client` WHERE `client_id` = '$client_id'";
+	$db->Execute($sql);
+	
+	$db->CompleteTrans();
+	
+	if ($db->CompleteTrans()) $msg = "<p class='alert alert-info'>". T_("Client with username $uname deleted") . "</p>";
+		else $msg = "<p class='alert alert-warning'>". T_("ERROR deleting client with username $uname") . "</p>";
+	
+	unset($_POST['delete'], $_POST['uid'], $_POST['uname'], $client_id, $username, $uid);
+}
+
+
+$sql = "SELECT questionnaire_id,description, lime_sid
 	FROM questionnaire
 	WHERE enabled = 1
 	ORDER by questionnaire_id ASC";
 
 $questionnaires = $db->GetAll($sql);
 
-$sql = "SELECT client_id, CONCAT(firstName,' ', lastName ) as description, username
-	FROM client
+$sql = "SELECT client_id, CONCAT(firstName,' ', lastName ) as description, username, uid
+	FROM client, " . LIME_PREFIX . "users 
+	WHERE `users_name` = `username`
 	ORDER by client_id ASC";
 
 $clients = $db->GetAll($sql);
 
 
-xhtml_head(T_("Assign clients to questionnaires"),true,array("../include/bootstrap/css/bootstrap.min.css","../include/iCheck/skins/square/blue.css","../css/custom.css"),array("../include/jquery/jquery.min.js","../include/iCheck/icheck.min.js"));
+xhtml_head(T_("Clients and questionnaires"),true,array("../include/bootstrap/css/bootstrap.min.css","../include/font-awesome/css/font-awesome.css","../include/iCheck/skins/square/blue.css","../css/custom.css"),array("../include/jquery/jquery.min.js","../include/iCheck/icheck.min.js"));
+
+if (!empty($msg)) print $msg;
 
 ?>
 
@@ -243,7 +292,9 @@ print "<form action=\"\" method=\"post\" class=''><table class='table-bordered t
 print "<tr><th>&emsp;" . T_("Username") . "&emsp;</th><th>&emsp;" . T_("Client") . "&emsp;</th>";
 foreach($questionnaires as $q)
 {
-	print "<th><a href=\"javascript:checkQid({$q['questionnaire_id']})\">{$q['description']}</a></th>";
+	print "<th><a href=\"".LIME_URL."admin/admin.php?sid={$q['lime_sid']}&amp;action=surveysecurity\" title=\"". T_("NOTICE!  Please, check your user righs to edit client permissions or contact your superviser.") ."\"class=\"btn btn-default btn-sm btn-lime\" >" . T_("Questionnaire permissions") . "</a>
+			</br>&emsp;<a href=\"javascript:checkQid({$q['questionnaire_id']})\">{$q['description']}</a>
+			</th>";
 }
 print "</tr></thead>";
 
@@ -251,20 +302,24 @@ print "</tr></thead>";
 foreach($clients as $v)
 {
 	print "<tr class=''>
-			<th>&emsp;{$v['username']}&emsp;</th>
+			<th>&emsp;{$v['username']}&emsp;<div class=\"pull-right\">
+				<a href=\"?delete={$v['client_id']}&amp;uid={$v['uid']}&amp;uname={$v['username']}\" ><i class='fa fa-fw fa-trash-o fa-lg text-danger' data-toggle='tooltip' title=\"" . T_("Delete") . " {$v['username']} ?\"></i></a>&emsp;
+				<a href=\"clients.php?edit={$v['client_id']}\" ><i class='fa fa-fw fa-edit fa-lg' data-toggle='tooltip' title=\"" . T_("Edit") . " {$v['username']}\"></i></a>&ensp;</div></th>
 			<th>&emsp;<a href=\"javascript:checkVid({$v['client_id']})\">{$v['description']}</a>&emsp;</th>";
+
 	foreach($questionnaires as $q)
 	{
-		$checked = "";
-		if (vq($v['client_id'],$q['questionnaire_id'])) $checked="checked=\"checked\"";
-		print "<td class='text-center'><input type=\"checkbox\" name=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" id=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" $checked></input></td>";
+		
+		if (vq($v['client_id'],$q['questionnaire_id'])) $checked="checked=\"checked\""; else $checked = "";
+		print "<td class='text-center'>&emsp;
+			<input type=\"checkbox\" name=\"cb_{$q['questionnaire_id']}_{$v['client_id']}_{$q['lime_sid']}_{$v['uid']}\" id=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" $checked/>&emsp;</td>";
 	}
 
 	print "</tr>";
 }
 
 
-print "</table><input type=\"submit\" class='btn btn-default fa' name=\"submit\" value=\"" . T_("Assign clients to questionnaires") . "\"/></form>";
+print "</table><input type=\"submit\" class='btn btn-primary' name=\"submit\" value=\"" . T_("Assign clients to questionnaires") . "\"/></form>";
 
 ?>
 <script type="text/javascript">

From c66cc02132034fd51861af9d6b04ec67c3998189 Mon Sep 17 00:00:00 2001
From: Alex <ddrmoscow@gmail.com>
Date: Mon, 5 Oct 2015 19:17:10 +0300
Subject: [PATCH 5/5] link to client panel, rename menu item

---
 admin/index.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/admin/index.php b/admin/index.php
index d80bf66c..496ab2fe 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -84,6 +84,11 @@ include ("../functions/functions.operator.php");
 	  </div >
 
 	    <ul class="nav navbar-nav pull-right">
+		  <li class=" ">
+            <a href="../client/index.php" class=" "  target="_blanc" style="padding-top: 20px; ">
+              <i class="fa fa-user-secret fa-lg fa-fw "></i><?php print T_("Client panel");?>           
+            </a>
+          </li>
           <li class="dropdown pull-right user-data">            
             <a href="#" class="dropdown-toggle" data-toggle="dropdown"  style=" min-width: 160px;">
               <i class="fa fa-user fa fa-fw "></i><?php print T_("Logged as:") . "&ensp;" . $username ;?>           
@@ -163,7 +168,7 @@ include ("../functions/functions.operator.php");
           <li class="has_sub"><a href="" class=""><i class="fa fa-lg fa-user-secret fa-fw"></i><span><?php print T_("Clients") ;?></span></a>
               <ul style="<?php if ($g == 7) echo "display:block";?>">
                 <li><a href="?g=7&amp;page=clients.php"><i class="fa fa-lg fa-user-plus fa-fw"></i><?php print T_("Add clients to the system") ;?></a></li>
-                <li><a href="?g=7&amp;page=clientquestionnaire.php"><i class="fa fa-link fa-fw"></i><?php print T_("Assign clients to questionnaires") ;?></a></li>
+                <li><a href="?g=7&amp;page=clientquestionnaire.php"><i class="fa fa-link fa-fw"></i><?php print T_("Manage clients") ;?></a></li>
               </ul>
           </li>
           <li class="has_sub"><a href="" class=""><i class="fa fa-lg fa-briefcase"></i><span><?php print T_("Supervisor functions") ;?></span></a>