Talenttic_survey/CATI_Tool
2
0
Fork 0
mirror of https://github.com/ACSPRI/queXS synced 2024-04-02 12:12:16 +00:00
Code Issues Releases Activity

merge from client_panel

Browse Source
This commit is contained in:
Alex
2015-10-05 19:49:11 +03:00
parent 7fa4536b08 c66cc02132
commit 75be2b0dcf
6 changed files with 254 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
admin/clientquestionnaire.php
View File

@@ -49,6 +49,8 @@ require ("auth-admin.php");
*/
include ("../functions/functions.xhtml.php");
$msg = "";
/**
* Return if an client has already been assigned to this questionnaire
*
@@ -78,78 +80,125 @@ function vq($client_id,$questionnaire_id)
*
* @param int $client_id Client id
* @param int $questionnaire_id Questionnaire id
* @param int $lime_sid Lime survey ID
* @param int $uid Lime user ID
*
*/
function vqi($client_id,$questionnaire_id)
function vqi($client_id,$questionnaire_id,$lime_sid,$uid)
{
global $db;
$db->StartTrans();
$sql = "INSERT INTO
client_questionnaire (client_id,questionnaire_id)
VALUES('$client_id','$questionnaire_id')";
$db->Execute($sql);
}
/**
* Unassign an client from a questionnaire
*
* @param int $client_id Client id
* @param int $questionnaire_id Questionnaire id
*
*/
function vqd($client_id,$questionnaire_id)
{
global $db;
$sql = "DELETE FROM
client_questionnaire
WHERE client_id = '$client_id' and questionnaire_id = '$questionnaire_id'";
$db->Execute($sql);
/* Add client questionnaire permissions to view Lime results + statistics and quotas, //preserve superadmin permissions */
if ($uid != 1 && empty($db->GetAll("SELECT * FROM " . LIME_PREFIX . "survey_permissions WHERE `sid` = '$lime_sid' AND `uid` = '$uid'")))
{
$sql = "INSERT INTO " . LIME_PREFIX . "survey_permissions (`sid`,`uid`,`permission`,`create_p`,`read_p`,`update_p`,`delete_p`,`import_p`,`export_p`)
VALUES ($lime_sid,$uid,'survey',0,1,0,0,0,0),($lime_sid,$uid,'statistics',0,1,0,0,0,0),($lime_sid,$uid,'quotas',0,1,0,0,0,0)";
$db->Execute($sql);
}
$db->CompleteTrans();
}
if (isset($_POST['submit']))
{
$db->StartTrans();
$sql = "DELETE
FROM client_questionnaire
WHERE questionnaire_id IN (
SELECT questionnaire_id
FROM questionnaire
WHERE enabled = 1)";
/* Unassign a client from a questionnaire , remove survey_permissions*/
$sql = "DELETE FROM client_questionnaire
WHERE questionnaire_id IN ( SELECT questionnaire_id FROM questionnaire WHERE enabled = 1)";
$db->Execute($sql);
/*Currently disabled -> need to decide how to manage permissions set earlier*/
/* $questionnaires = $db->GetAll("SELECT lime_sid FROM questionnaire WHERE enabled = 1");
$clients = $db->GetAll("SELECT uid FROM client, " . LIME_PREFIX . "users WHERE `users_name` = `username`");
foreach($questionnaires as $q){
foreach($clients as $v){
$sql = "DELETE FROM " . LIME_PREFIX . "survey_permissions WHERE `uid` = {$v['uid']} AND `sid`={$q['lime_sid']} AND `uid` != 1";
$db->Execute($sql);
}
} */
/* - end - */
foreach ($_POST as $g => $v)
{
$a = explode("_",$g);
if ($a[0] == "cb")
vqi($a[2],$a[1]);
vqi($a[2],$a[1],$a[3],$a[4]);
}
$db->CompleteTrans();
}
/* delete client from quexs and lime tables*/ //requires data-toggle-confirmation to finalize
if (isset($_POST['delete']) && isset($_POST['uid']))
{
$client_id = intval($_POST['delete']);
$uid = intval($_POST['uid']);
$uname = $_POST['uname'];
global $db;
$db->StartTrans();
if ($uid !=1){ //double protect superadmin from being deleted
$sql = "DELETE FROM " . LIME_PREFIX . "templates_rights WHERE `uid` = '$uid' AND `uid` != 1";
$db->Execute($sql);
$sql = "DELETE FROM " . LIME_PREFIX . "survey_permissions WHERE `uid` = '$uid' AND `uid` != 1";
$db->Execute($sql);
$sql = "DELETE FROM " . LIME_PREFIX . "user_in_groups WHERE `uid` = '$uid' AND `uid` != 1";
$db->Execute($sql);
$sql = "DELETE FROM " . LIME_PREFIX . "users WHERE `uid` = '$uid' AND `uid` != 1";
$db->Execute($sql);
}
$sql = "SELECT questionnaire_id,description
$sql = "DELETE FROM `client_questionnaire` WHERE `client_id` = '$client_id' ";
$db->Execute($sql);
$sql = "DELETE FROM `client` WHERE `client_id` = '$client_id'";
$db->Execute($sql);
$db->CompleteTrans();
if ($db->CompleteTrans()) $msg = "<p class='alert alert-info'>". T_("Client with username $uname deleted") . "</p>";
else $msg = "<p class='alert alert-warning'>". T_("ERROR deleting client with username $uname") . "</p>";
unset($_POST['delete'], $_POST['uid'], $_POST['uname'], $client_id, $username, $uid);
}
$sql = "SELECT questionnaire_id,description, lime_sid
FROM questionnaire
WHERE enabled = 1
ORDER by questionnaire_id ASC";
$questionnaires = $db->GetAll($sql);
$sql = "SELECT client_id, CONCAT(firstName,' ', lastName ) as description, username
FROM client
$sql = "SELECT client_id, CONCAT(firstName,' ', lastName ) as description, username, uid
FROM client, " . LIME_PREFIX . "users
WHERE `users_name` = `username`
ORDER by client_id ASC";
$clients = $db->GetAll($sql);
xhtml_head(T_("Assign clients to questionnaires"),true,array("../include/bootstrap/css/bootstrap.min.css","../include/iCheck/skins/square/blue.css","../css/custom.css"),array("../include/jquery/jquery.min.js","../include/iCheck/icheck.min.js"));
xhtml_head(T_("Clients and questionnaires"),true,array("../include/bootstrap/css/bootstrap.min.css","../include/font-awesome/css/font-awesome.css","../include/iCheck/skins/square/blue.css","../css/custom.css"),array("../include/jquery/jquery.min.js","../include/iCheck/icheck.min.js"));
if (!empty($msg)) print $msg;
?>
@@ -243,7 +292,9 @@ print "<form action=\"\" method=\"post\" class=''><table class='table-bordered t
print "<tr><th>&emsp;" . T_("Username") . "&emsp;</th><th>&emsp;" . T_("Client") . "&emsp;</th>";
foreach($questionnaires as $q)
{
print "<th><a href=\"javascript:checkQid({$q['questionnaire_id']})\">{$q['description']}</a></th>";
print "<th><a href=\"".LIME_URL."admin/admin.php?sid={$q['lime_sid']}&amp;action=surveysecurity\" title=\"". T_("NOTICE! Please, check your user righs to edit client permissions or contact your superviser.") ."\"class=\"btn btn-default btn-sm btn-lime\" >" . T_("Questionnaire permissions") . "</a>
</br>&emsp;<a href=\"javascript:checkQid({$q['questionnaire_id']})\">{$q['description']}</a>
</th>";
}
print "</tr></thead>";
@@ -251,20 +302,24 @@ print "</tr></thead>";
foreach($clients as $v)
{
print "<tr class=''>
<th>&emsp;{$v['username']}&emsp;</th>
<th>&emsp;{$v['username']}&emsp;<div class=\"pull-right\">
<a href=\"?delete={$v['client_id']}&amp;uid={$v['uid']}&amp;uname={$v['username']}\" ><i class='fa fa-fw fa-trash-o fa-lg text-danger' data-toggle='tooltip' title=\"" . T_("Delete") . " {$v['username']} ?\"></i></a>&emsp;
<a href=\"clients.php?edit={$v['client_id']}\" ><i class='fa fa-fw fa-edit fa-lg' data-toggle='tooltip' title=\"" . T_("Edit") . " {$v['username']}\"></i></a>&ensp;</div></th>
<th>&emsp;<a href=\"javascript:checkVid({$v['client_id']})\">{$v['description']}</a>&emsp;</th>";
foreach($questionnaires as $q)
{
$checked = "";
if (vq($v['client_id'],$q['questionnaire_id'])) $checked="checked=\"checked\"";
print "<td class='text-center'><input type=\"checkbox\" name=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" id=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" $checked></input></td>";
if (vq($v['client_id'],$q['questionnaire_id'])) $checked="checked=\"checked\""; else $checked = "";
print "<td class='text-center'>&emsp;
<input type=\"checkbox\" name=\"cb_{$q['questionnaire_id']}_{$v['client_id']}_{$q['lime_sid']}_{$v['uid']}\" id=\"cb_{$q['questionnaire_id']}_{$v['client_id']}\" $checked/>&emsp;</td>";
}
print "</tr>";
}
print "</table><input type=\"submit\" class='btn btn-default fa' name=\"submit\" value=\"" . T_("Assign clients to questionnaires") . "\"/></form>";
print "</table><input type=\"submit\" class='btn btn-primary' name=\"submit\" value=\"" . T_("Assign clients to questionnaires") . "\"/></form>";
?>
<script type="text/javascript">

174
admin/clients.php
View File

@@ -57,7 +57,9 @@ global $db;
$a = false;
if (isset($_POST['client']))
$client =""; $firstname="";$lastname="";$email=""; $time_zone_name="";
if (isset($_POST['client']) && !empty($_POST['client']))
{
$client = $db->qstr($_POST['client'],get_magic_quotes_gpc());
$firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc());
@@ -65,46 +67,108 @@ if (isset($_POST['client']))
$lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc());
$time_zone_name = $db->qstr($_POST['Time_zone_name'],get_magic_quotes_gpc());
if (!empty($_POST['client']))
{
$sql = "INSERT INTO client
(`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
/* check if there'a record with this username*/
$sql = "SELECT `username`,`client_id` from client WHERE `username` LIKE $client";
$rs = $db->GetAll($sql);
if ($db->Execute($sql))
{
include_once("../include/limesurvey/admin/classes/core/sha256.php");
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($client, '" . SHA256::hashing($_POST['password']) . "',$firstname,1,0,$email,'auto')";
$db->Execute($sql);
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$clid = intval($_GET['edit']);
$uid = intval($_POST['uid']);
}
$a = T_("Added: $client");
if (empty($rs) || count($rs)==1 && $rs[0]['client_id'] == $clid){
// update client
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$sql = "UPDATE `client` SET `username`= $client,`firstName` = $firstname,`lastName` = $lastname,`Time_zone_name` = $time_zone_name
WHERE `client_id` = $clid ";
if ($db->Execute($sql))
{
$sql = "UPDATE " . LIME_PREFIX . "users SET `users_name` = $client, `full_name` = $firstname, `email` = $email";
/* rewrite 'password' only if not blank in edit mode */
if (isset($_GET['edit']) && $_GET['edit'] >0 && isset($_POST['password']) && !empty($_POST['password'])) {
include_once("../include/limesurvey/admin/classes/core/sha256.php");
$sql .=",`password` = '" . SHA256::hashing($_POST['password']) . "'";
}
$sql .= "WHERE `uid` = $uid";
$db->Execute($sql);
if ($db->Execute($sql)) $a = T_("Updated") . ": " . $client; else $a = T_("Update error");
}
else
$a = T_("Could not update") . " " . $client;
}
else
$a = T_("Could not add") . " " . $client . ". " . T_("There may already be a client of this name");
else { //save as a new client
$sql = "INSERT INTO client (`client_id` ,`username` ,`firstName` ,`lastName`, `Time_zone_name`)
VALUES (NULL , $client, $firstname , $lastname, $time_zone_name);";
if ($db->Execute($sql)) {
include_once("../include/limesurvey/admin/classes/core/sha256.php");
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($client, '" . SHA256::hashing($_POST['password']) . "', $firstname ,1,0,$email,'auto')";
$db->Execute($sql);
if ($db->Execute($sql)) $a = T_("Added") . ": " . $client; else $a = T_("Error adding client");
}
else
$a = T_("Could not add") . " " . $client;
}
}
else $a = T_("Username") . " " . $client . ". " . T_("is already in use");
}
$header = T_("Add a client");
$sbut = T_("Add new client");
$req = "required";
if (isset($_GET['edit']) && $_GET['edit'] >0 ) {
$header = T_("Edit client data");
$clid = intval($_GET['edit']);
$sql = "SELECT client.*, u.email, u.uid from client, " . LIME_PREFIX . "users as u WHERE client_id=$clid and u.users_name=username";
$cdata = $db->GetRow($sql);
if (!$cdata) {
unset($_GET['edit']);
die(T_("NO such client"));
}
else{
$uid = $cdata['uid'];
$client = $cdata['username'];
$firstname= $cdata['firstName'];
$lastname= $cdata['lastName'];
$email= $cdata['email'];
$time_zone_name = $cdata['Time_zone_name'];
$sbut = T_("Update client data");
$req = "";
}
}
xhtml_head(T_("Add a client"),true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
xhtml_head($header,true,array("../include/bootstrap/css/bootstrap.min.css","../css/custom.css"));
$sql = "SELECT Time_zone_name as value, Time_zone_name as description
FROM timezone_template";
$tzs = $db->GetAll($sql);
$rs = $db->GetAll($sql);
if ($a)
{
?>
if ($a) { ?>
<div class='alert alert-info'><?php echo $a; ?></div>
<?php
}
?>
<?php } ?>
<script type="text/javascript">
//Password generator
@@ -145,38 +209,52 @@ function generate() {
<div class="well">
<p><?php echo T_("Adding a client here will allow them to access project information in the client subdirectory. You can assign a client to a particular project using the"); ?> <a href="clientquestionnaire.php"><?php echo T_("Assign client to Questionnaire"); ?></a> <?php echo T_("tool."); ?></p>
<p><?php echo T_("Adding a client here will allow them to access project information in the client subdirectory.");
if (isset($_GET['edit']) && $_GET['edit'] >0 ){
echo "&emsp;" . T_("You can assign a client to a particular project with"). "&emsp;"; ?> <a href="clientquestionnaire.php" class="btn btn-default"><?php echo T_("Assign client to Questionnaire") . "</a>";
} ?>
</p>
</div>
<form enctype="multipart/form-data" action="" method="post" class="form-horizontal" name="addclient" >
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the username of a client to add:"); ?></label>
<input name="client" type="text" class="form-control pull-left" required size="40" />
<label class="control-label col-lg-3"><?php echo T_("Username"); ?>:</label>
<input name="client" type="text" class="form-control" required size="40" value="<?php echo $client;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the password of a client to add:"); ?></label>
<input name="password" type="text" class="form-control pull-left" size="40" required />
<label class="control-label col-lg-3"><?php echo T_("Password"); ?>:</label>
<input name="password" type="text" class="form-control pull-left" size="40" <?php echo $req;?> placeholder="<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) echo T_("Leave this blank to keep current password");?>"/>
<div class="form-inline">&emsp;&emsp;
<input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp;
<input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?>
</div>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the first name of a client to add:"); ?></label>
<input name="firstname" type="text" class="form-control pull-left" size="40" />
<label class="control-label col-lg-3"><?php echo T_("First name"); ?> :</label>
<input name="firstname" type="text" class="form-control" size="40" value="<?php echo $firstname;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the surname of a client to add:"); ?></label>
<input name="lastname" type="text" class="form-control pull-left" size="40"/>
</div>
<div class="form-group form-inline">
<label class="col-sm-3 control-label"><?php echo T_("Email") . ": ";?></label>
<input name="email" type="text" class="form-control pull-left"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-sm-3"><a href='timezonetemplate.php'><?php echo T_("Enter the Time Zone of a client to add:"); echo "</a></label>";
display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"pull-left"); ?>
<label class="control-label col-lg-3"><?php echo T_("Surname"); ?>:</label>
<input name="lastname" type="text" class="form-control" size="40"value="<?php echo $lastname;?>"/>
</div>
<div class="form-group form-inline">
<label class="col-lg-3 control-label"><?php echo T_("Email"); ?>:</label>
<input name="email" type="text" class="form-control" size="40" value="<?php echo $email;?>"/>
</div>
<div class="form-group form-inline">
<label class="control-label col-lg-3"><a href='timezonetemplate.php'><?php echo T_("Timezone"); echo ":</a></label><div size=\"40\">";
if (isset($_GET['edit']) && $_GET['edit'] >0) $dtz = $time_zone_name; else $dtz = get_setting("DEFAULT_TIME_ZONE");
display_chooser($tzs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value", $dtz),true,"pull-left"); ?> </div>
</div>
<?php if (isset($_GET['edit']) && $_GET['edit'] >0 ) { ?>
<input name="uid" type="hidden" value="<?php echo $uid;?>"/>
<?php } ?>
<div class="form-group">
<a href="clientquestionnaire.php" style="" class="btn btn-default col-lg-1 col-lg-offset-1"><?php echo T_("Cancel"); ?></a>
<input type="submit" value="<?php echo $sbut; ?>" style="width:336px;" class="btn btn-primary col-lg-offset-1"/>
</div>
<input type="submit" value="<?php echo T_("Add a client"); ?>" class="btn btn-primary col-sm-offset-3 col-sm-3"/>
</form>
<?php

14
admin/index.php
View File

@@ -84,17 +84,17 @@ include ("../functions/functions.operator.php");
</div >
<ul class="nav navbar-nav pull-right">
<li class=" ">
<li class=" ">
<a href="../index.php" class=" " target="_blanc" style="padding-top: 20px; ">
<i class="fa fa-sign-in fa-lg fa-fw "></i><?php print T_("Operator panel");?>
<i class="fa fa-sign-in fa-lg fa-fw "></i><?php print T_("Operator panel");?>
</a>
</li>
<li class=" ">
<li class=" ">
<a href="../client/index.php" class=" " target="_blanc" style="padding-top: 20px; ">
<i class="fa fa-sign-in fa-lg fa-fw "></i><?php print T_("Client panel");?>
<i class="fa fa-user-secret fa-lg fa-fw "></i><?php print T_("Client panel");?>
</a>
</li>
<li class="dropdown pull-right user-data">
</li>
<li class="dropdown pull-right user-data">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" style=" min-width: 160px;">
<i class="fa fa-user fa-fw "></i><?php print T_("Logged as:") . "&ensp;" . $username ;?>
</a>
@@ -173,7 +173,7 @@ include ("../functions/functions.operator.php");
<li class="has_sub"><a href="" class=""><i class="fa fa-lg fa-user-secret fa-fw"></i><span><?php print T_("Clients") ;?></span></a>
<ul style="<?php if ($g == 7) echo "display:block";?>">
<li><a href="?g=7&amp;page=clients.php"><i class="fa fa-lg fa-user-plus fa-fw"></i><?php print T_("Add clients to the system") ;?></a></li>
<li><a href="?g=7&amp;page=clientquestionnaire.php"><i class="fa fa-link fa-fw"></i><?php print T_("Assign clients to questionnaires") ;?></a></li>
<li><a href="?g=7&amp;page=clientquestionnaire.php"><i class="fa fa-link fa-fw"></i><?php print T_("Manage clients") ;?></a></li>
</ul>
</li>
<li class="has_sub"><a href="" class=""><i class="fa fa-lg fa-briefcase"></i><span><?php print T_("Supervisor functions") ;?></span></a>