Merged from McMasterReports branch

2024-04-02 12:12:16 +00:00 · 2010-01-14 07:45:37 +00:00
parent 18dbb16138
commit d1b139d315
1884 changed files with 555891 additions and 364768 deletions
--- a/admin/databasestrings.php
+++ b/admin/databasestrings.php
@@ -72,5 +72,6 @@ T_("Thursday");
 T_("Friday");
 T_("Saturday");
 T_("Sunday");
 T_("Quota filled");
 ?>
--- a/admin/index.php
+++ b/admin/index.php
@@ -64,6 +64,8 @@ print "<li><a href=\"javascript:link('mainobj','dataoutput.php');\">" . T_("Data
 print "<li><h3>" . T_("Questionnaire progress") . "</h3>";
 print "<ul><li><a href=\"javascript:link('mainobj','displayappointments.php');\">" . T_("Display all future appointments") . "</a></li>";
 print "<li><a href=\"javascript:link('mainobj','samplecallattempts.php');\">" . T_("Sample call attempts report") . "</a></li>";
 print "<li><a href=\"javascript:link('mainobj','quotareport.php');\">" . T_("Quota report") . "</a></li>";
 print "<li><a href=\"javascript:link('mainobj','outcomes.php');\">" . T_("Questionnaire outcomes") . "</a></li></ul></li>";
 print "<li><h3>" . T_("Performance") . "</h3>";
--- a/admin/new.php
+++ b/admin/new.php
@@ -96,10 +96,11 @@ if (isset($_POST['import_file']))
 	if ($rs)
 	{
 		$qid = $db->Insert_ID();
-		print "<p>Successfully inserted $name as questionnaire $qid, linked to $lime_sid</p>";
+		print "<p>" . T_("Successfully inserted") . " $name " . T_("as questionnaire") . " $qid, " . T_("linked to") . " $lime_sid</p>";
 		print "<p>" . T_("You must now edit and activate the questionnaire") . "</p>";
 	}else
 	{
-		print "<p>Error: Failed to insert questionnaire</p>";
+		print "<p>" . T_("Error: Failed to insert questionnaire") . "</p>";
 	}
--- a/admin/operatorperformance.php
+++ b/admin/operatorperformance.php
@@ -64,12 +64,11 @@ include("../functions/functions.input.php");
 */
 include("../functions/functions.operator.php");
-xhtml_head(T_("Operator Performance"),true,false,array("../js/window.js"));
+xhtml_head(T_("Operator Performance"),true,array("../css/table.css"),array("../js/window.js"));
-$rs = get_CPH();
+$rs = get_stats_total(get_stats());
 print "<h2>" . T_("Overall") . "</h2>";
-xhtml_table($rs,array("firstName","completions","time","CPH"),array(T_("Operator"),T_("Completions"),T_("Total time"),T_("Completions per hour")),"tclass");
+xhtml_table($rs,array("firstName","completions","totalcalls","time","callt","CPH","CALLSPH","effectiveness"),array(T_("Operator"),T_("Completions"),T_("Calls"),T_("Total time"),T_("Call time"),T_("Completions p/h"),T_("Calls p/h"),T_("Effectiveness")));
 xhtml_table(get_effectiveness(),array("firstName","effectiveness"),array(T_("Operator"),T_("Effectiveness (proportion of time on a call in a case)")),"tclass");
 $questionnaire_id = false;
 if (isset($_GET['questionnaire_id'])) $questionnaire_id = bigintval($_GET['questionnaire_id']);
@@ -77,10 +76,9 @@ display_questionnaire_chooser($questionnaire_id);
 if ($questionnaire_id)
 {
-	$rs = get_CPH_by_questionnaire($questionnaire_id);
+	$rs = get_stats_total(get_stats_by_questionnaire($questionnaire_id));
 	print "<h2>" . T_("This project") . "</h2>";
-	xhtml_table($rs,array("firstName","completions","time","CPH"),array(T_("Operator"),T_("Completions"),T_("Total time"),T_("Completions per hour")),"tclass");
+	xhtml_table($rs,array("firstName","completions","totalcalls","time","callt","CPH","CALLSPH","effectiveness"),array(T_("Operator"),T_("Completions"),T_("Calls"),T_("Total time"),T_("Call time"),T_("Completions p/h"),T_("Calls p/h"),T_("Effectiveness")));
 	xhtml_table(get_effectiveness_by_questionnaire($questionnaire_id),array("firstName","effectiveness"),array(T_("Operator"),T_("Effectiveness (proportion of time on a call in a case)")),"tclass");
 	$operator_id = get_operator_id();
@@ -99,9 +97,9 @@ if ($questionnaire_id)
 	if ($shift_id)
 	{
-		$rs = get_CPH_by_shift($questionnaire_id,$shift_id);
+		$rs = get_stats_total(get_stats_by_shift($questionnaire_id,$shift_id));
 		print "<h2>" . T_("This shift") . "</h2>";
-		xhtml_table($rs,array("firstName","completions","time","CPH"),array(T_("Operator"),T_("Completions"),T_("Total time"),T_("Completions per hour")),"tclass");
+		xhtml_table($rs,array("firstName","completions","totalcalls","time","callt","CPH","CALLSPH","effectiveness"),array(T_("Operator"),T_("Completions"),T_("Calls"),T_("Total time"),T_("Call time"),T_("Completions p/h"),T_("Calls p/h"),T_("Effectiveness")));
 	}
 }
--- a/admin/outcomes.php
+++ b/admin/outcomes.php
@@ -69,7 +69,7 @@ include ("../functions/functions.operator.php");
 */
 include("../functions/functions.input.php");
-$operator_id = get_operator_id();
+$admin_operator_id = get_operator_id();
 $questionnaire_id = false;
 if (isset($_GET['questionnaire_id'])) $questionnaire_id = bigintval($_GET['questionnaire_id']);
@@ -122,7 +122,7 @@ if ($questionnaire_id != false)
 	print "</table>";
-	$sql = "SELECT o.description as des, o.outcome_id, count( c.case_id ) as count
+	$sql = "SELECT o.description as des, o.outcome_id, count( c.case_id ) as count, ROUND((count(c.case_id) / (SELECT count(case_id) FROM `case` WHERE questionnaire_id = '$questionnaire_id')) * 100,2) as perc
 		FROM `case` AS c, `outcome` AS o
 		WHERE c.questionnaire_id = '$questionnaire_id'
 		AND c.current_outcome_id = o.outcome_id
@@ -133,75 +133,111 @@ if ($questionnaire_id != false)
 	if (!empty($rs))
 	{
 		translate_array($rs,array("des"));
-		xhtml_table($rs,array("des","count"),array(T_("Outcome"),T_("Count")),"tclass",array("des" => "Complete"));
+		xhtml_table($rs,array("des","count","perc"),array(T_("Outcome"),T_("Count"),T_("%")),"tclass",array("des" => "Complete"),array("count","perc"));
 		$operator_id = false;
 		if (isset($_GET['operator_id'])) $operator_id = bigintval($_GET['operator_id']); 
 		//display a list of operators
 		$sql = "SELECT s.operator_id as value,s.firstname as description, CASE WHEN s.operator_id = '$operator_id' THEN 'selected=\'selected\'' ELSE '' END AS selected
 			FROM operator as s, operator_questionnaire as q
 			WHERE s.operator_id = q.operator_id
 			AND q.questionnaire_id = '$questionnaire_id'";
 		$r = $db->GetAll($sql);
 		print "<h2>" . T_("Operator") . ": " . "</h2>";
 		if(!empty($r))
 			display_chooser($r,"operator_id","operator_id",true,"questionnaire_id=$questionnaire_id");
 		if ($operator_id != false)
 		{
 			print "<p>" . T_("Operator call outcomes") . "</p>";
 			$sql = "SELECT o.description as des, o.outcome_id, count( c.call_id ) as count, ROUND((count(c.call_id) / (SELECT count(call.call_id) FROM `call` JOIN `case` ON (call.case_id = `case`.case_id AND `case`.questionnaire_id = $questionnaire_id ) WHERE call.operator_id = '$operator_id')) * 100,2) as perc
 				FROM `call` AS c, `case` as ca, `outcome` AS o
 				WHERE ca.questionnaire_id = '$questionnaire_id'
 				AND ca.case_id = c.case_id
 				AND c.operator_id = '$operator_id'
 				AND c.outcome_id = o.outcome_id
 				GROUP BY o.outcome_id";
 			$rs = $db->GetAll($sql);
 			if (!empty($rs))
 			{
 				translate_array($rs,array("des"));
 				xhtml_table($rs,array("des","count","perc"),array(T_("Outcome"),T_("Count"),T_("%")),"tclass",array("des" => "Complete"),array("count","perc"));
 			}
 		}
 		$sample_import_id = false;
 		if (isset($_GET['sample_import_id'])) $sample_import_id = bigintval($_GET['sample_import_id']); 
 		//display a list of samples
 		$sql = "SELECT s.sample_import_id as value,s.description, CASE WHEN s.sample_import_id = '$sample_import_id' THEN 'selected=\'selected\'' ELSE '' END AS selected
 			FROM sample_import as s, questionnaire_sample as q
 			WHERE s.sample_import_id = q.sample_import_id
 			AND q.questionnaire_id = '$questionnaire_id'";
 		$r = $db->GetAll($sql);
 		print "<h2>" . T_("Sample") . ": " . "</h2>";
 		if(!empty($r))
 			display_chooser($r,"sample_import_id","sample_import_id",true,"questionnaire_id=$questionnaire_id");
 		if ($sample_import_id != false)
 		{
 			print "<p>" . T_("Sample status") . "</p>";
 			$sql = "SELECT CASE WHEN (c.sample_id is not null) = 1 THEN '" . T_("Drawn from sample") . "' ELSE '" . T_("Remain in sample") . "' END as drawn,
 					count(*) as count
 				FROM sample as s
 				JOIN questionnaire_sample as qs ON (qs.questionnaire_id = '$questionnaire_id' and qs.sample_import_id = s.import_id)
 				LEFT JOIN `case` as c ON (c.questionnaire_id = qs.questionnaire_id and c.sample_id = s.sample_id)
 				WHERE s.import_id = '$sample_import_id'
 				GROUP BY (c.sample_id is not null)";
 			xhtml_table($db->GetAll($sql),array("drawn","count"),array(T_("Status"),T_("Number")));
 			print "<p>" . T_("Outcomes") . "</p>";
 			$sql = "SELECT o.description as des, o.outcome_id, count( c.case_id ) as count,ROUND(count(c.case_id) / (SELECT count(case_id) FROM `case` JOIN sample ON (`case`.sample_id = sample.sample_id AND sample.import_id = '$sample_import_id') WHERE questionnaire_id = '$questionnaire_id' ) * 100,2) as perc
 				FROM `case` AS c, `outcome` AS o, sample as s
 				WHERE c.questionnaire_id = '$questionnaire_id'
 				AND c.sample_id = s.sample_id
 				AND s.import_id = '$sample_import_id'
 				AND c.current_outcome_id = o.outcome_id
 				GROUP BY o.outcome_id";
 			$rs = $db->GetAll($sql);
 			if (!empty($rs))
 			{
 				translate_array($rs,array("des"));
 				xhtml_table($rs,array("des","count","perc"),array(T_("Outcome"),T_("Count"),T_("%")),"tclass",array("des" => "Complete"),array("count","perc"));
 			}
 			else
 				print "<p>" . T_("No outcomes recorded for this sample") . "</p>";
 		}
 	}
 	else
 		print "<p>" . T_("No outcomes recorded for this questionnaire") . "</p>";
 	$sample_import_id = false;
 	if (isset($_GET['sample_import_id'])) $sample_import_id = bigintval($_GET['sample_import_id']); 
 	//display a list of samples
 	$sql = "SELECT s.sample_import_id as value,s.description, CASE WHEN s.sample_import_id = '$sample_import_id' THEN 'selected=\'selected\'' ELSE '' END AS selected
 		FROM sample_import as s, questionnaire_sample as q
 		WHERE s.sample_import_id = q.sample_import_id
 		AND q.questionnaire_id = '$questionnaire_id'";
 	$r = $db->GetAll($sql);
 	print "<h2>" . T_("Sample") . ": " . "</h2>";
 	if(!empty($r))
 		display_chooser($r,"sample_import_id","sample_import_id",true,"questionnaire_id=$questionnaire_id");
 	if ($sample_import_id != false)
 	{
 		print "<p>" . T_("Sample status") . "</p>";
 		$sql = "SELECT CASE WHEN (c.sample_id is not null) = 1 THEN '" . T_("Drawn from sample") . "' ELSE '" . T_("Remain in sample") . "' END as drawn,
 				count(*) as count
 			FROM sample as s
 			JOIN questionnaire_sample as qs ON (qs.questionnaire_id = '$questionnaire_id' and qs.sample_import_id = s.import_id)
 			LEFT JOIN `case` as c ON (c.questionnaire_id = qs.questionnaire_id and c.sample_id = s.sample_id)
 			WHERE s.import_id = '$sample_import_id'
 			GROUP BY (c.sample_id is not null)";
 		xhtml_table($db->GetAll($sql),array("drawn","count"),array(T_("Status"),T_("Number")));
 		print "<p>" . T_("Outcomes") . "</p>";
 		$sql = "SELECT o.description as des, o.outcome_id, count( c.case_id ) as count
 			FROM `case` AS c, `outcome` AS o, sample as s
 			WHERE c.questionnaire_id = '$questionnaire_id'
 			AND c.sample_id = s.sample_id
 			AND s.import_id = '$sample_import_id'
 			AND c.current_outcome_id = o.outcome_id
 			GROUP BY o.outcome_id";
 		$rs = $db->GetAll($sql);
 		if (!empty($rs))
 		{
 			translate_array($rs,array("des"));
 			xhtml_table($rs,array("des","count"),array(T_("Outcome"),T_("Count")),"tclass",array("des" => "Complete"));
 		}
 		else
 			print "<p>" . T_("No outcomes recorded for this sample") . "</p>";
 	}
 	//display a list of shifts with completions and a link to either add a report or view reports
 	print "<h2>" . T_("Shifts") . "</h2>";
 	$sql = "SELECT s.shift_id, CONCAT(DATE_FORMAT(CONVERT_TZ(s.start,'UTC',o.Time_zone_name),'" . DATE_TIME_FORMAT ."'), ' - ', DATE_FORMAT(CONVERT_TZ(s.end,'UTC',o.Time_zone_name),'" . DATE_TIME_FORMAT ."')) as description,
 		CASE WHEN sr.shift_id IS NULL THEN CONCAT('<a href=\'shiftreport.php?questionnaire_id=$questionnaire_id&amp;shift_id=', s.shift_id, '&amp;createnewreport=yes\'>" . T_("No shift reports: Add report") . "</a>') ELSE CONCAT('<a href=\'shiftreport.php?questionnaire_id=$questionnaire_id&amp;shift_id=', s.shift_id, '\'>" . T_("View shift reports") . "</a>') END AS link, c.completions as completions, CONCAT('<a href=\'operatorperformance.php?questionnaire_id=$questionnaire_id&amp;shift_id=', s.shift_id, '\'>" . T_("View operator performance") . "</a>') as operform
 		FROM `shift` as s
-		JOIN operator as o on (o.operator_id = '$operator_id')
+		JOIN operator as o on (o.operator_id = '$admin_operator_id')
 		LEFT JOIN shift_report as sr on (sr.shift_id = s.shift_id)
 		LEFT JOIN (  SELECT count(*) as completions,sh.shift_id
 			FROM `call` as a, `case` as b, shift as sh
--- a/admin/quotareport.php
+++ b/admin/quotareport.php
@@ -0,0 +1,245 @@
 <?php
 /**
 * Display a report of all quota's
 * a. (Standard quota) Monitor outcomes of questions in completed questionnaires, and exclude selected sample records when completion limit is reached
 * b. (Replicate quota) Exclude selected sample records 
 * c. (Questionnaire quota) Monitor outcomes of questions in completed questionnaires, and abort interview when completion limit is reached 
 *
 *
 *	This file is part of queXS
 *	
 *	queXS is free software; you can redistribute it and/or modify
 *	it under the terms of the GNU General Public License as published by
 *	the Free Software Foundation; either version 2 of the License, or
 *	(at your option) any later version.
 *	
 *	queXS is distributed in the hope that it will be useful,
 *	but WITHOUT ANY WARRANTY; without even the implied warranty of
 *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *	GNU General Public License for more details.
 *	
 *	You should have received a copy of the GNU General Public License
 *	along with queXS; if not, write to the Free Software
 *	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 *
 * @author Adam Zammit <adam.zammit@acspri.org.au>
 * @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2009
 * @package queXS
 * @subpackage admin
 * @link http://www.acspri.org.au/ queXS was writen for ACSPRI
 * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
 * 
 */
 /**
 * Configuration file
 */
 include_once(dirname(__FILE__).'/../config.inc.php');
 /**
 * Database file
 */
 include ("../db.inc.php");
 /**
 * XHTML functions
 */
 include ("../functions/functions.xhtml.php");
 /**
 * Display functions
 */
 include("../functions/functions.display.php");
 /**
 * Input functions
 */
 include("../functions/functions.input.php");
 /**
 * Operator functions
 */
 include("../functions/functions.operator.php");
 /**
 * Limesurvey functions
 */
 include("../functions/functions.limesurvey.php");
 xhtml_head(T_("Quota report"),true,array("../css/table.css"),array("../js/window.js"));
 print "<h2>" . T_("Select a questionnaire from the list below") . "</h2>";
 $questionnaire_id = false;
 if (isset($_GET['questionnaire_id'])) $questionnaire_id = bigintval($_GET['questionnaire_id']);
 display_questionnaire_chooser($questionnaire_id);
 if ($questionnaire_id)
 {
 	print "<h2>" . T_("Select a sample from the list below") . "</h2>";
 	$sample_import_id = false;
 	if (isset($_GET['sample_import_id'])) $sample_import_id = bigintval($_GET['sample_import_id']);
 	display_sample_chooser($questionnaire_id,$sample_import_id);
 	if ($sample_import_id)
 	{
 		if (isset($_GET['rowquota']))
 		{
 			$qsq = bigintval($_GET['rowquota']);
 			$qr = 0;
 			if (isset($_GET['close'])) $qr = 1;
 			$sql = "UPDATE questionnaire_sample_quota_row
 				SET quota_reached = $qr
 				WHERE questionnaire_sample_quota_row_id = '$qsq'";
 			$db->Execute($sql);
 			if ($qr == 1)
 				close_row_quota($qsq);
 			else
 				open_row_quota($qsq,false);
 		}
 		//Display report of quotas 
 		$report = array();
 		//Rows to display: Strata Status Quota Sample Sample Used Sample Remaining Completes % Complete
 		// Firstly, for the entire sample
 		//We need to calc Sample size, Sample drawn, Sample remain, Completions, %complete
 		$sql = "SELECT (c.sample_id is not null) as type, count(*) as count
 			FROM sample as s
 			JOIN questionnaire_sample as qs ON (qs.questionnaire_id = '$questionnaire_id' and qs.sample_import_id = s.import_id)
 			LEFT JOIN `case` as c ON (c.questionnaire_id = qs.questionnaire_id and c.sample_id = s.sample_id)
 			WHERE s.import_id = '$sample_import_id'
 			GROUP BY (c.sample_id is not null)";
 		$rs = $db->GetAll($sql);
 		//type == 1 is drawn from sample, type == 0 is remains in sample
 		$drawn = 0;
 		$remain = 0;
 		foreach ($rs as $r)
 		{
 			if ($r['type'] == 1) $drawn = $r['count'];
 			if ($r['type'] == 0) $remain = $r['count'];
 		}
 		$sql = "SELECT count(*) as count
 			FROM `case` as c, sample as s
 			WHERE c.current_outcome_id = 10
 			AND s.import_id = '$sample_import_id'
 			AND s.sample_id = c.sample_id
 			AND c.questionnaire_id = '$questionnaire_id'";
 		$rs = $db->GetRow($sql);
 		$completions = $rs['count'];
 		$report[] = array("strata" => T_("Total sample"), "quota" => $drawn + $remain, "sample" => $drawn + $remain, "sampleused" => $drawn, "sampleremain" => $remain, "completions" => $completions, "perc" => ROUND(($completions / ($drawn + $remain)) * 100,2));
 		//a. (Standard quota) Monitor outcomes of questions in completed questionnaires, and exclude selected sample records when completion limit is reached
 		//b. (Replicate quota) Exclude selected sample records (where lime_sgqa == -1) 
 		$sql = "SELECT questionnaire_sample_quota_row_id,lime_sgqa,value,completions,quota_reached,lime_sid,comparison,exclude_var,exclude_val,qsq.description
 			FROM questionnaire_sample_quota_row as qsq, questionnaire as q
 			WHERE qsq.questionnaire_id = '$questionnaire_id'
 			AND qsq.sample_import_id = '$sample_import_id'
 			AND q.questionnaire_id = '$questionnaire_id'";
 		$r = $db->GetAll($sql);
 		foreach ($r as $v)
 		{
 			if ($v['lime_sgqa'] == -1)
 			{
 				$completions = limesurvey_quota_replicate_completions($v['lime_sid'],$questionnaire_id,$sample_import_id,$v['exclude_val'],$v['exclude_var']);
 				$v['completions'] = "";
 				$perc = "";
 			}
 			else
 			{
 				$completions = limesurvey_quota_completions($v['lime_sgqa'],$v['lime_sid'],$questionnaire_id,$sample_import_id,$v['value'],$v['comparison']);
 				$perc = ROUND(($completions / ($v['completions'])) * 100,2);
 			}
 			//We need to calc Sample size, Sample drawn, Sample remain
 			$sql = "SELECT (c.sample_id is not null) as type, count(*) as count
 				FROM sample as s
 				JOIN questionnaire_sample as qs ON (qs.questionnaire_id = '$questionnaire_id' and qs.sample_import_id = s.import_id)
 				JOIN sample_var as sv ON (sv.sample_id = s.sample_id AND sv.var LIKE '{$v['exclude_var']}' AND sv.val LIKE '{$v['exclude_val']}')
 				LEFT JOIN `case` as c ON (c.questionnaire_id = qs.questionnaire_id and c.sample_id = s.sample_id)
 				WHERE s.import_id = '$sample_import_id'
 				GROUP BY (c.sample_id is not null)";
 			$rs = $db->GetAll($sql);
 			//type == 1 is drawn from sample, type == 0 is remains in sample
 			$drawn = 0;
 			$remain = 0;
 			foreach ($rs as $r)
 			{
 				if ($r['type'] == 1) $drawn = $r['count'];
 				if ($r['type'] == 0) $remain = $r['count'];
 			}
 			if ($completions < $v['completions'] || $v['lime_sgqa'] == -1) //if completions less than the quota, allow for closing/opening
 			{
 				if ($v['quota_reached'] == 1)
 					$status = "<a href='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id&amp;rowquota={$v['questionnaire_sample_quota_row_id']}&amp;open=open'>" . T_("closed") . "</a>";
 				else
 					$status = "<a href='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id&amp;rowquota={$v['questionnaire_sample_quota_row_id']}&amp;close=close'>" . T_("open") . "</a>";
 			}
 			else
 			{
 				if ($v['quota_reached'] == 1)
 					$status = T_("closed");
 				else
 					$status = T_("open");
 			}
 			$report[] = array("strata" => "<a href='quotarow.php?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id'>" . $v['description'] . "</a>", "status" => $status, "quota" => $v['completions'], "sample" => $drawn + $remain, "sampleused" => $drawn, "sampleremain" => $remain, "completions" => $completions, "perc" => $perc);
 		}
 		//c. (Questionnaire quota) Monitor outcomes of questions in completed questionnaires, and abort interview when completion limit is reached 
 		$sql = "SELECT *
 			FROM " . LIME_PREFIX . "quota as qu, questionnaire as q
 			WHERE qu.sid = q.lime_sid
 			AND qu.active = 1
 			AND q.questionnaire_id = '$questionnaire_id'";
 		$rs = $db->GetAll($sql);
 		//for each limesurvey quota
 		foreach($rs as $r)
 		{
 			//limesurvey quotas for this question
 			$quotas = (get_limesurvey_quota_info($r['id']));
 			$sqlq = array();
 			foreach ($quotas as $q)
 				$sqlq[] = "s." . $q['fieldname'] . " = '" . $q['value'] . "'";
 			$sql = "SELECT COUNT(id) as count
 				FROM ".LIME_PREFIX."survey_{$r['sid']} as s
 				JOIN `case` as c ON (c.questionnaire_id = '$questionnaire_id')
 				JOIN `sample` as sam ON (c.sample_id = sam.sample_id AND sam.import_id = '$sample_import_id')
 				WHERE ".implode(' AND ',$sqlq)." "." 
 				AND submitdate IS NOT NULL
 				AND s.token = c.case_id";
 			$rs = $db->GetRow($sql);
 			$completions = $rs['count'];
 			$perc = ROUND(($completions / $r['qlimit']) * 100,2);
 			$report[] = array("strata" => "<a href='" . LIME_URL . "/admin/admin.php?action=quotas&sid={$r['sid']}&quota_id={$r['id']}&subaction=quota_editquota'>" . $r['name'] . "</a>", "quota" => $r['qlimit'], "completions" => $completions, "perc" => $perc);
 		}
 		xhtml_table($report,array("strata","status","quota","sample","sampleused","sampleremain","completions","perc"),array(T_("Strata"),T_("Status"),T_("Quota"),T_("Sample"),T_("Sample Used"),T_("Sample Remaining"),T_("Completions"),T_("% Complete")),"tclass",false,false);
 	}
 }
 xhtml_foot();
 ?>
--- a/admin/quotarow.php
+++ b/admin/quotarow.php
@@ -69,22 +69,29 @@ include("../functions/functions.operator.php");
 global $db;
 if (isset($_GET['questionnaire_id']) && isset($_GET['sgqa'])  && isset($_GET['value']) && isset($_GET['completions']) && isset($_GET['sample_import_id']) && isset($_GET['comparison']) && isset($_GET['exclude_var']) && isset($_GET['exclude_val']))
 {
 	//need to add quota
 	$value = -1;
 	$comparison = -1;
 	$completions = -1;
 	$sgqa = -1;
 	$questionnaire_id = bigintval($_GET['questionnaire_id']);
 	$sample_import_id = bigintval($_GET['sample_import_id']);
-	$value = $db->quote($_GET['value']);
+	if ($_GET['sgqa'] != -1)
-	$completions = $db->quote($_GET['completions']);
+	{
-	$sgqa = $db->quote($_GET['sgqa']);
+		$sgqa = $db->quote($_GET['sgqa']);
-	$comparison = $db->quote($_GET['comparison']);
+		$comparison = $db->quote($_GET['comparison']);
 		$value = $db->quote($_GET['value']);
 		$completions = $db->quote($_GET['completions']);
 	}
 	$exclude_val = $db->quote($_GET['exclude_val']);
 	$exclude_var = $db->quote($_GET['exclude_var']);
 	$description = $db->quote($_GET['description']);
-	$sql = "INSERT INTO questionnaire_sample_quota_row(questionnaire_id, sample_import_id, lime_sgqa,value,completions,comparison,exclude_var,exclude_val)
+	$sql = "INSERT INTO questionnaire_sample_quota_row(questionnaire_id, sample_import_id, lime_sgqa,value,completions,comparison,exclude_var,exclude_val,description)
-		VALUES ($questionnaire_id, $sample_import_id, $sgqa, $value, $completions, $comparison, $exclude_var, $exclude_val)";
+		VALUES ($questionnaire_id, $sample_import_id, $sgqa, $value, $completions, $comparison, $exclude_var, $exclude_val, $description)";
 	$db->Execute($sql);
@@ -99,20 +106,7 @@ if (isset($_GET['questionnaire_id']) && isset($_GET['questionnaire_sample_quota_
 	$questionnaire_id = bigintval($_GET['questionnaire_id']);
 	$questionnaire_sample_quota_row_id = bigintval($_GET['questionnaire_sample_quota_row_id']);
-	$db->StartTrans();
+	open_row_quota($questionnaire_sample_quota_row_id);
 	$sql = "DELETE FROM questionnaire_sample_quota_row
 		WHERE questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id'";
 	$db->Execute($sql);
 	$sql = "DELETE FROM questionnaire_sample_quota_row_exclude
 		WHERE questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id'";
 	$db->Execute($sql);
 	$db->CompleteTrans();
 }
 $questionnaire_id = false;
@@ -142,6 +136,12 @@ if ($questionnaire_id != false)
 	if ($sample_import_id != false)
 	{
 		if (isset($_POST['copy_sample_import_id']))
 		{
 			copy_row_quota($questionnaire_id,$sample_import_id,bigintval($_POST['copy_sample_import_id']));
 			print "<h3>" . T_("Copied quotas") . "</h3>";
 		}
 		print "<h1>" . T_("Current row quotas (click to delete)") . "</h1>";
 		$sql = "SELECT questionnaire_sample_quota_row_id,lime_sgqa,value,completions,quota_reached,lime_sid,comparison,exclude_var,exclude_val
@@ -160,18 +160,39 @@ if ($questionnaire_id != false)
 		{
 			foreach($r as $v)
 			{
-				print "<div><a href='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id&amp;questionnaire_sample_quota_row_id={$v['questionnaire_sample_quota_row_id']}'>" . T_("Stop calling") . " " . $v['exclude_var'] . " " . T_("like") . " " . $v['exclude_val'] .  " " . T_("rows from this sample when:") . " {$v['lime_sgqa']} {$v['comparison']} {$v['value']} " . T_("for") .  ": {$v['completions']} " . T_("completions") ."</a> - ";
+				if ($v['lime_sgqa'] == -1)
 					print "<div><a href='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id&amp;questionnaire_sample_quota_row_id={$v['questionnaire_sample_quota_row_id']}'>" . T_("Replicate: Where") . " " . $v['exclude_var'] . " " . T_("like") . " " . $v['exclude_val'] . "</a> - ";
 				else
 					print "<div><a href='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id&amp;questionnaire_sample_quota_row_id={$v['questionnaire_sample_quota_row_id']}'>" . T_("Stop calling") . " " . $v['exclude_var'] . " " . T_("like") . " " . $v['exclude_val'] .  " " . T_("rows from this sample when:") . " {$v['lime_sgqa']} {$v['comparison']} {$v['value']} " . T_("for") .  ": {$v['completions']} " . T_("completions") ."</a> - ";
 				if ($v['quota_reached'] == 1)
-					print T_("Row quota reached");
+					print T_("Row quota reached (Closed)");
 				else
-					print T_("Row quota not yet reached");
+					print T_("Row quota not yet reached (Open)");
-				print " - " . T_("Current completions: ") . limesurvey_quota_completions($v['lime_sgqa'],$v['lime_sid'],$questionnaire_id,$sample_import_id,$v['value'],$v['comparison']);
+				if ($v['lime_sgqa'] != -1)
 					print " - " . T_("Current completions: ") . limesurvey_quota_completions($v['lime_sgqa'],$v['lime_sid'],$questionnaire_id,$sample_import_id,$v['value'],$v['comparison']);
 				print "</div>";
 			}
 			$sql = "SELECT s.sample_import_id as value,s.description, '' AS selected
 			 	FROM sample_import as s, questionnaire_sample as q
 				WHERE q.questionnaire_id = $questionnaire_id
 				AND q.sample_import_id = s.sample_import_id
 				AND s.sample_import_id != '$sample_import_id'";
 			$ss = $db->GetAll($sql);
 			if (!empty($ss))
 			{
 				print "<form action='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id' method='post'><p>" . T_("Copy quotas for this sample to (No error/duplicate checking): ");
 				display_chooser($ss,"copy_sample_import_id","copy_sample_import_id",false,false,false,false);
 				print "<input type='submit' id='submit' value='" . T_("Copy") . "'/></p></form>";
 			}
 		}
@@ -193,8 +214,13 @@ if ($questionnaire_id != false)
 			LEFT JOIN `" . LIME_PREFIX . "answers` AS a ON ( a.qid = q.qid )
 			WHERE q.sid = '$lime_sid'";
-	
+		$rs = $db->GetAll($sql);
-		display_chooser($db->GetAll($sql),"sgqa","sgqa",true,"questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id");
+		
 		$selected = "";
 		if ($sgqa == -1) $selected = "selected='selected'";
 		array_unshift($rs,array("value" => -1, "description" => T_("No question (Replicate)"), "selected" => $selected));
 		display_chooser($rs,"sgqa","sgqa",true,"questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id");
 		if ($sgqa != false)
 		{
@@ -236,9 +262,16 @@ if ($questionnaire_id != false)
 				?>
 				<form action="" method="get">
 				<p>
 				<label for="description"><? echo T_("Describe this quota"); ?> </label><input type="text" name="description" id="description"/>		<br/>
 				<? if ($sgqa != -1) { ?>
 				<label for="value"><? echo T_("The code value to compare"); ?> </label><input type="text" name="value" id="value"/>		<br/>
 				<label for="comparison"><? echo T_("The type of comparison"); ?></label><select name="comparison" id="comparison"><option value="LIKE">LIKE</option><option value="NOT LIKE">NOT LIKE</option><option value="=">=</option><option value="!=">!=</option><option value="&lt;">&lt;</option><option value="&gt;">&gt;</option><option value="&lt;=">&lt;=</option><option value="&gt;=">&gt;=</option></select><br/>
 				<label for="completions"><? echo T_("The number of completions to stop calling at"); ?> </label><input type="text" name="completions" id="completions"/>		<br/>
 				<? } else { ?>
 				<input type="hidden" name="value" value="-1"/>
 				<input type="hidden" name="comparison" value="-1"/>
 				<input type="hidden" name="completions" value="-1"/>
 				<? } ?>
 				<label for="exclude_val"><? echo T_("Exclude from the sample where the value is like"); ?></label>
 				<?
--- a/admin/samplecallattempts.php
+++ b/admin/samplecallattempts.php
@@ -0,0 +1,130 @@
 <?php
 /**
 * Display sample call attempt report (A listing of how many attempts made for cases within a sample)
 *
 *
 *	This file is part of queXS
 *	
 *	queXS is free software; you can redistribute it and/or modify
 *	it under the terms of the GNU General Public License as published by
 *	the Free Software Foundation; either version 2 of the License, or
 *	(at your option) any later version.
 *	
 *	queXS is distributed in the hope that it will be useful,
 *	but WITHOUT ANY WARRANTY; without even the implied warranty of
 *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *	GNU General Public License for more details.
 *	
 *	You should have received a copy of the GNU General Public License
 *	along with queXS; if not, write to the Free Software
 *	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 *
 * @author Adam Zammit <adam.zammit@acspri.org.au>
 * @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2009
 * @package queXS
 * @subpackage admin
 * @link http://www.acspri.org.au/ queXS was writen for ACSPRI
 * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
 * 
 */
 /**
 * Configuration file
 */
 include_once(dirname(__FILE__).'/../config.inc.php');
 /**
 * Database file
 */
 include ("../db.inc.php");
 /**
 * XHTML functions
 */
 include ("../functions/functions.xhtml.php");
 /**
 * Display functions
 */
 include("../functions/functions.display.php");
 /**
 * Input functions
 */
 include("../functions/functions.input.php");
 xhtml_head(T_("Sample call attempt"),true,array("../css/table.css"),array("../js/window.js"));
 print "<h2>" . T_("Overall") . "</h2>";
 $sql = "SELECT ca1 AS callattempts, COUNT( ca1 ) AS sample
 	FROM (	SELECT count( call_attempt_id ) AS ca1
 		FROM call_attempt
 		GROUP BY case_id) AS t1
 	GROUP BY ca1";
 xhtml_table($db->GetAll($sql),array("sample","callattempts"),array(T_("Number of cases"),T_("Call attempts made")),"tclass",false,array("sample"));
 $questionnaire_id = false;
 if (isset($_GET['questionnaire_id'])) $questionnaire_id = bigintval($_GET['questionnaire_id']);
 display_questionnaire_chooser($questionnaire_id);
 if ($questionnaire_id)
 {
 	$sql = "SELECT ca1 AS callattempts, COUNT( ca1 ) AS sample
 		FROM (	SELECT count( call_attempt.call_attempt_id ) AS ca1
 			FROM call_attempt
 			JOIN `case` ON (`case`.case_id = call_attempt.case_id AND `case`.questionnaire_id = '$questionnaire_id')
 			GROUP BY call_attempt.case_id) AS t1
 		GROUP BY ca1";
 	print "<h2>" . T_("This project") . "</h2>";
 	xhtml_table($db->GetAll($sql),array("sample","callattempts"),array(T_("Number of cases"),T_("Call attempts made")),"tclass",false,array("sample"));
 	$sample_import_id = false;
 	if (isset($_GET['sample_import_id'])) $sample_import_id = bigintval($_GET['sample_import_id']);
 	display_sample_chooser($questionnaire_id,$sample_import_id);
 	if ($sample_import_id)
 	{
 		$sql = "SELECT ca1 AS callattempts, COUNT( ca1 ) AS sample
 			FROM (	SELECT count( call_attempt.call_attempt_id ) AS ca1
 				FROM call_attempt
 				JOIN `case` ON (`case`.case_id = call_attempt.case_id AND `case`.questionnaire_id = '$questionnaire_id')
 				JOIN sample ON (sample.sample_id = `case`.sample_id AND sample.import_id = '$sample_import_id')
 				GROUP BY call_attempt.case_id) AS t1
 			GROUP BY ca1";
 		print "<h2>" . T_("This sample") . "</h2>";
 		xhtml_table($db->GetAll($sql),array("sample","callattempts"),array(T_("Number of cases"),T_("Call attempts made")),"tclass",false,array("sample"));
 		$questionnaire_sample_quota_row_id = false;
 		if (isset($_GET['questionnaire_sample_quota_row_id'])) $questionnaire_sample_quota_row_id = bigintval($_GET['questionnaire_sample_quota_row_id']);
 		display_quota_chooser($questionnaire_id,$sample_import_id,$questionnaire_sample_quota_row_id);
 		if ($questionnaire_sample_quota_row_id)
 		{
 			$sql = "SELECT ca1 AS callattempts, COUNT( ca1 ) AS sample
 				FROM (	SELECT count( call_attempt.call_attempt_id ) AS ca1
 					FROM call_attempt
 					JOIN `case` ON (`case`.case_id = call_attempt.case_id AND `case`.questionnaire_id = '$questionnaire_id')
 					JOIN sample ON (sample.sample_id = `case`.sample_id AND sample.import_id = '$sample_import_id')
 					JOIN questionnaire_sample_quota_row as q ON (q.questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id')
 					JOIN sample_var ON (sample_var.sample_id = `case`.sample_id AND sample_var.var LIKE q.exclude_var AND sample_var.val LIKE q.exclude_val)
 					GROUP BY call_attempt.case_id) AS t1
 				GROUP BY ca1";
 			print "<h2>" . T_("This quota") . "</h2>";
 			xhtml_table($db->GetAll($sql),array("sample","callattempts"),array(T_("Number of cases"),T_("Call attempts made")),"tclass",false,array("sample"));
 		}
 	}
 }
 xhtml_foot();
 ?>
--- a/call.php
+++ b/call.php
@@ -83,6 +83,12 @@ function display_outcomes($contacted,$ca,$case_id)
 			FROM outcome
 			WHERE outcome_id = 10";
 	}
 	else if (limesurvey_is_quota_full($case_id))
 	{
 		$sql = "SELECT outcome_id,description
 			FROM outcome
 			WHERE outcome_id = 32";
 	}
 	else
 	{
 		//see if we have made an appointment on this call attempt
--- a/database/quexs.sql
+++ b/database/quexs.sql
@@ -405,6 +405,7 @@ INSERT INTO `outcome` VALUES(28, '2.332', 'Respondent language problem', 0, 4, 0
 INSERT INTO `outcome` VALUES(29, '3.14', 'Answering machine - Not a household', 0, 4, 1, 1, 0, 0, 0, 'UH');
 INSERT INTO `outcome` VALUES(30, '4.10', 'Out of sample', 0, 4, 0, 1, 0, 0, 0, '');
 INSERT INTO `outcome` VALUES(31, '2.20', 'Non contact', 180, 1, 1, 1, 1, 1, 0, 'NC');
 INSERT INTO `outcome` VALUES(32, '4.80', 'Quota filled', 0, 4, 0, 1, 0, 0, 0, '');
 -- --------------------------------------------------------
@@ -534,6 +535,7 @@ CREATE TABLE IF NOT EXISTS `questionnaire_sample_quota_row` (
  `exclude_var` char(128) collate utf8_unicode_ci NOT NULL,
  `exclude_val` varchar(256) collate utf8_unicode_ci NOT NULL,
  `quota_reached` tinyint(1) NOT NULL default '0',
  `description` text collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`questionnaire_sample_quota_row_id`),
  KEY `questionnaire_id` (`questionnaire_id`),
  KEY `sample_import_id` (`sample_import_id`),
--- a/functions/functions.display.php
+++ b/functions/functions.display.php
@@ -104,7 +104,6 @@ function display_shift_chooser($questionnaire_id, $shift_id = false)
 	print "</select></div>";
 }
 /**
 * Display a list of samples to choose from in a drop down list
 *
@@ -133,6 +132,35 @@ function display_sample_chooser($questionnaire_id, $sample_import_id = false)
 	print "</select></div>";
 }
 /**
 * Display a list of quota rows to choose from in a drop down list
 *
 * @param int $questionnaire_id The questionnaire id
 * @param int $sample_import_id The sample import id 
 * @param int|bool $qsqri The sample import id or false if none selected
 */
 function display_quota_chooser($questionnaire_id, $sample_import_id, $qsqri = false)
 {
 	global $db;
 	$sql = "SELECT q.questionnaire_sample_quota_row_id,q.description,CASE WHEN q.questionnaire_sample_quota_row_id = '$qsqri' THEN 'selected=\'selected\'' ELSE '' END AS selected
 		FROM questionnaire_sample_quota_row as q
 		WHERE q.questionnaire_id = '$questionnaire_id'
 		AND q.sample_import_id = '$sample_import_id'";
 	$rs = $db->GetAll($sql);
 	print "<div><select id='questionnaire_sample_quota_row_id' name='questionnaire_sample_quota_row_id' onchange=\"LinkUp('questionnaire_sample_quota_row_id')\"><option value='?questionnaire_id=$questionnaire_id&amp;sample_import_id=$sample_import_id'></option>";
 	if (!empty($rs))
 	{
 		foreach($rs as $r)
 		{
 			print "<option value='?sample_import_id=$sample_import_id&amp;questionnaire_id=$questionnaire_id&amp;questionnaire_sample_quota_row_id={$r['questionnaire_sample_quota_row_id']}' {$r['selected']}>{$r['questionnaire_sample_quota_row_id']}: {$r['description']}</option>";
 		}
 	}
 	print "</select></div>";
 }
 ?>
--- a/functions/functions.limesurvey.php
+++ b/functions/functions.limesurvey.php
@@ -42,6 +42,40 @@ include_once(dirname(__FILE__).'/../config.inc.php');
 */
 include_once(dirname(__FILE__).'/../db.inc.php');
 /**
 * Return the number of completions for a given
 * questionnaire, where the given sample var has
 * the given sample value
 *
 * @param int $lime_sid The limesurvey survey id 
 * @param int $questionnaire_id The questionnaire ID
 * @param int $sample_import_id The sample import ID
 * @param string $val The value to compare
 * @param string $var The variable to compare
 * @return bool|int False if failed, otherwise the number of completions
 * 
 */
 function limesurvey_quota_replicate_completions($lime_sid,$questionnaire_id,$sample_import_id,$val,$var)
 {
 	global $db;
 	$sql = "SELECT count(*) as c
 		FROM " . LIME_PREFIX . "survey_$lime_sid as s
 		JOIN `case` as c ON (c.questionnaire_id = '$questionnaire_id')
 		JOIN `sample` as sam ON (c.sample_id = sam.sample_id AND sam.import_id = '$sample_import_id')
 		JOIN `sample_var` as sv ON (sv.sample_id = sam.sample_id AND sv.var LIKE '$var' AND sv.val LIKE '$val')
 		WHERE s.submitdate IS NOT NULL
 		AND s.token = c.case_id";
 	$rs = $db->GetRow($sql);
 	if (isset($rs) && !empty($rs))
 		return $rs['c'];
 	return false;
 }
 /**
 * Return the number of completions for a given
@@ -77,6 +111,71 @@ function limesurvey_quota_completions($lime_sgqa,$lime_sid,$questionnaire_id,$sa
 	return false;
 }
 /**
 * Get information on limesurvey quota's
 * Based on GetQuotaInformation() from common.php in Limesurvey
 *
 * @param int $lime_quota_id The quota id to get information on
 * @param string $baselang The base language for getting information from questions
 * @return array An array containing the question information for comparison
 */
 function get_limesurvey_quota_info($lime_quota_id,$baselang = DEFAULT_LOCALE)
 {
 	global $db;
 	$ret = array();
 	$sql = "SELECT *
 		FROM ".LIME_PREFIX."quota_members
 		WHERE quota_id='$lime_quota_id'";
 	$rs = $db->GetAll($sql);
 	foreach($rs as $quota_entry)
 	{
 		$lime_qid = $quota_entry['qid'];
 		$surveyid = $quota_entry['sid'];
 		$sql = "SELECT type, title,gid
 			FROM ".LIME_PREFIX."questions
 			WHERE qid='$lime_qid' 
 			AND language='$baselang'";
 		$qtype = $db->GetRow($sql);
 		$fieldnames = "0";
 		if ($qtype['type'] == "I" || $qtype['type'] == "G" || $qtype['type'] == "Y")
 		{
 			$fieldnames= ($surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid']);
 			$value = $quota_entry['code'];
 		}
 		if($qtype['type'] == "L" || $qtype['type'] == "O" || $qtype['type'] =="!") 
 		{
 		    $fieldnames=( $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid']);
 		    $value = $quota_entry['code'];
 		}
 		if($qtype['type'] == "M")
 		{
 			$fieldnames=( $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$quota_entry['code']);
 			$value = "Y";
 		}
 		if($qtype['type'] == "A" || $qtype['type'] == "B")
 		{
 			$temp = explode('-',$quota_entry['code']);
 			$fieldnames=( $surveyid.'X'.$qtype['gid'].'X'.$quota_entry['qid'].$temp[0]);
 			$value = $temp[1];
 		}
 		$ret[] = array('code' => $quota_entry['code'], 'value' => $value, 'qid' => $quota_entry['qid'], 'fieldname' => $fieldnames);
 	}
 	return $ret;
 }
 /** 
 * Taken from common.php in the LimeSurvey package
@@ -133,33 +232,33 @@ function create_limesurvey_questionnaire($title)
 	while (!empty($isresult) && $isresult->RecordCount() > 0);
 	$isquery = "INSERT INTO ". LIME_PREFIX ."surveys\n"
-	. "(sid, owner_id, admin, active, useexpiry, expires, "
+	. "(sid, owner_id, admin, active, expires, "
-	. "adminemail, private, faxto, format, template, url, "
+	. "adminemail, private, faxto, format, template, "
-	. "language, datestamp, ipaddr, refurl, usecookie, notification, allowregister, attribute1, attribute2, "
+	. "language, datestamp, ipaddr, refurl, usecookie, notification, allowregister, "
 	. "allowsave, autoredirect, allowprev,datecreated,tokenanswerspersistence)\n"
 	. "VALUES ($surveyid, 1,\n"
 	. "'', 'N', \n"
-	. "'N','1980-01-01', '', 'N',\n"
+	. "NULL, '', 'N',\n"
-	. "'', 'S', 'quexs', '" . QUEXS_URL . "rs_project_end.php',\n"
+	. "'', 'S', 'quexs',\n"
-	. "'en', 'Y', 'N', 'N',\n"
+	. "'" . DEFAULT_LOCALE . "', 'Y', 'N', 'N',\n"
 	. "'N', '0', 'Y',\n"
 	. "'att1', 'att2', \n"
 	. "'Y', 'Y', 'Y','".date("Y-m-d")."','Y')";
-	$isresult = $db->Execute($isquery);
+	$isresult = $db->Execute($isquery) or die ($isquery."<br/>".$db->ErrorMsg());
 	// insert base language into surveys_language_settings
 	$isquery = "INSERT INTO ".db_table_name('surveys_languagesettings')
 	. "(surveyls_survey_id, surveyls_language, surveyls_title, surveyls_description, surveyls_welcometext, surveyls_urldescription, "
 	. "surveyls_email_invite_subj, surveyls_email_invite, surveyls_email_remind_subj, surveyls_email_remind, "
-	. "surveyls_email_register_subj, surveyls_email_register, surveyls_email_confirm_subj, surveyls_email_confirm)\n"
+	. "surveyls_email_register_subj, surveyls_email_register, surveyls_email_confirm_subj, surveyls_email_confirm,surveyls_url)\n"
-	. "VALUES ($surveyid, 'en', $title, $title,\n"
+	. "VALUES ($surveyid, '" . DEFAULT_LOCALE . "', $title, $title,\n"
 	. "'',\n"
 	. "'', '',\n"
 	. "'', '',\n"
 	. "'', '',\n"
 	. "'', '',\n"
-	. "'')";
+	. "'', '" . QUEXS_URL . "rs_project_end.php')";
-	$isresult = $db->Execute($isquery);
+	$isresult = $db->Execute($isquery) or die ($isquery."<br/>".$db->ErrorMsg());
 	// Insert into survey_rights
 	$isrquery = "INSERT INTO ". LIME_PREFIX . "surveys_rights VALUES($surveyid,1,1,1,1,1,1,1)";
@@ -249,6 +348,32 @@ function get_lime_sid($case_id)
 	return $l['lime_sid'];
 }
 /**
 * Check if LimeSurvey has marked a questionnaire as quota filled
 *
 * @param int $case_id The case id
 * @return bool True if complete, false if not or unknown
 *
 */
 function limesurvey_is_quota_full($case_id)
 {
 	global $db;
 	$lime_sid = get_lime_sid($case_id);
 	if ($lime_sid == false) return false;
 	$sql = "SELECT completed
 		FROM " . LIME_PREFIX . "tokens_$lime_sid 
 		WHERE token = '$case_id'";
 	$r = $db->GetRow($sql);
 	if (!empty($r))
 		if ($r['completed'] == 'Q') return true;
 	return false;
 }
 /**
 * Check if LimeSurvey has marked a questionnaire as complete
@@ -271,12 +396,9 @@ function limesurvey_is_completed($case_id)
 	$r = $db->GetRow($sql);
 	if (!empty($r))
-		if ($r['completed'] != 'N') return true;
+		if ($r['completed'] != 'N' && $r['completed'] != 'Q') return true;
 	return false;
 }
--- a/functions/functions.operator.php
+++ b/functions/functions.operator.php
@@ -464,8 +464,8 @@ function get_case_id($operator_id, $create = false)
 						if ($lime_sid)
 						{
-							$sql = "INSERT INTO ".LIME_PREFIX."tokens_$lime_sid (tid,firstname,lastname,email,token,language,sent,completed,attribute_1,attribute_2,mpid)
+							$sql = "INSERT INTO ".LIME_PREFIX."tokens_$lime_sid (tid,firstname,lastname,email,token,language,sent,completed,mpid)
-							VALUES (NULL,'','','',$case_id,'en','N','N','','',NULL)";
+							VALUES (NULL,'','','',$case_id,'en','N','N',NULL)";
 							$db->Execute($sql);
 						}
@@ -1035,6 +1035,98 @@ function update_quota($questionnaire_id)
 }
 /**
 * "Open" a row quota (allow to access)
 *
 * @param int $questionnaire_sample_quota_row_id The qsqri
 */
 function open_row_quota($questionnaire_sample_quota_row_id,$delete = true)
 {
 	global $db;
 	$db->StartTrans();
 	if ($delete)
 	{
 		$sql = "DELETE FROM questionnaire_sample_quota_row
 			WHERE questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id'";
 		$db->Execute($sql);
 	}
 	$sql = "DELETE FROM questionnaire_sample_quota_row_exclude
 		WHERE questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id'";
 	$db->Execute($sql);
 	$db->CompleteTrans();
 }
 /**
 * "Close" a row quota (set to completed)
 *
 *
 */
 function close_row_quota($questionnaire_sample_quota_row_id)
 {	
 	global $db;
 	$db->StartTrans();
 	//only insert where we have to
 	$sql = "SELECT count(*) as c
 		FROM questionnaire_sample_quota_row_exclude
 		WHERE questionnaire_sample_quota_row_id = '$questionnaire_sample_quota_row_id'";
 	$coun = $db->GetRow($sql);
 	if (isset($coun['c']) && $coun['c'] == 0)
 	{
 		//store list of sample records to exclude
 		$sql = "INSERT INTO questionnaire_sample_quota_row_exclude (questionnaire_sample_quota_row_id,questionnaire_id,sample_id)
 			SELECT $questionnaire_sample_quota_row_id,qs.questionnaire_id,s.sample_id
 			FROM sample as s, sample_var as sv, questionnaire_sample_quota_row as qs
 			WHERE s.import_id = qs.sample_import_id
 			AND qs.questionnaire_sample_quota_row_id = $questionnaire_sample_quota_row_id
 			AND s.sample_id = sv.sample_id
 			AND sv.var = qs.exclude_var
 			AND qs.exclude_val LIKE sv.val";
 		$db->Execute($sql);
 	}
 	$db->CompleteTrans();
 }
 /**
 * Copy row quotas from one sample to another
 * Set quota_reached to 0 by default
 *
 * @param int $questionnaire_id
 * @param int $sample_import_id
 * @param int $copy_sample_import_id The sample_import_id to copy to
 */
 function copy_row_quota($questionnaire_id,$sample_import_id,$copy_sample_import_id)
 {
 	global $db;
 	$db->StartTrans();
 	//Set quota_reached to 0 always
 	$sql = "INSERT INTO questionnaire_sample_quota_row (questionnaire_id,sample_import_id,lime_sgqa,value,comparison,completions,exclude_var,exclude_val,quota_reached,description)
 		SELECT questionnaire_id, $copy_sample_import_id, lime_sgqa,value,comparison,completions,exclude_var,exclude_val,0,description
 		FROM questionnaire_sample_quota_row
 		WHERE questionnaire_id = '$questionnaire_id'
 		AND sample_import_id = '$sample_import_id'";
 	$db->Execute($sql);
 	update_quotas($questionnaire_id);
 	$db->CompleteTrans();
 }
 /**
 * Update the row quota table
@@ -1051,7 +1143,8 @@ function update_row_quota($questionnaire_id)
 		FROM questionnaire_sample_quota_row as qsq, questionnaire as q
 		WHERE qsq.questionnaire_id = '$questionnaire_id'
 		AND q.questionnaire_id = '$questionnaire_id'
-		AND qsq.quota_reached != '1'";
+		AND qsq.quota_reached != '1'
 		AND qsq.lime_sgqa != -1";
 	$rs = $db->GetAll($sql);
@@ -1074,28 +1167,7 @@ function update_row_quota($questionnaire_id)
 				$db->Execute($sql);
-				
+				close_row_quota($r['questionnaire_sample_quota_row_id']);
 				//only insert where we have to
 				$sql = "SELECT count(*) as c
 					FROM questionnaire_sample_quota_row_exclude
 					WHERE questionnaire_sample_quota_row_id = '{$r['questionnaire_sample_quota_row_id']}'";
 				$coun = $db->GetRow($sql);
 				if (isset($coun['c']) && $coun['c'] == 0)
 				{
 					//store list of sample records to exclude
 					$sql = "INSERT INTO questionnaire_sample_quota_row_exclude (questionnaire_sample_quota_row_id,questionnaire_id,sample_id)
 						SELECT {$r['questionnaire_sample_quota_row_id']},'$questionnaire_id',s.sample_id
 						FROM sample as s, sample_var as sv
 						WHERE s.import_id = '{$r['sample_import_id']}'
 						AND s.sample_id = sv.sample_id
 						AND sv.var = '{$r['exclude_var']}'
 						AND '{$r['exclude_val']}' LIKE sv.val";
 					$db->Execute($sql);
 				}
 			}
 		}
--- a/functions/functions.performance.php
+++ b/functions/functions.performance.php
@@ -51,7 +51,7 @@ function get_CPH_by_shift($qid,$sid)
 {
 	global $db;
-	$sql = "SELECT o.firstName,o.operator_id,c.completions,ca.time, c.completions/ca.time as CPH
+	$sql = "SELECT o.firstName,o.operator_id,c.completions,SEC_TO_TIME(ca.time) as time, c.completions/(ca.time / 3600) as CPH
 		FROM operator as o
 		JOIN (  SELECT count(*) as completions,a.operator_id
 			FROM `call` as a, `case` as b, `shift` as s
@@ -62,7 +62,7 @@ function get_CPH_by_shift($qid,$sid)
 			AND s.`start` <= a.`start`
 			AND s.`end` >= a.`start`
 			GROUP BY a.operator_id) as c on (c.operator_id = o.operator_id)
-		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , a.start, IFNULL(a.end,CONVERT_TZ(NOW(),'System','UTC')))) /3600 as time, a.operator_id
+		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , a.start, IFNULL(a.end,CONVERT_TZ(NOW(),'System','UTC')))) as time, a.operator_id
 			FROM `call_attempt` as a, `case` as b, `shift` as s
 			WHERE a.case_id = b.case_id
 			AND b.questionnaire_id = '$qid'
@@ -85,7 +85,7 @@ function get_CPH_by_questionnaire($qid)
 {
 	global $db;
-	$sql = "SELECT o.firstName,o.operator_id,c.completions,ca.time, c.completions/ca.time as CPH
+	$sql = "SELECT o.firstName,o.operator_id,c.completions,SEC_TO_TIME(ca.time) as time, c.completions/(ca.time / 3600) as CPH
 		FROM operator as o
 		JOIN (  SELECT count(*) as completions,a.operator_id
 			FROM `call` as a, `case` as b
@@ -93,13 +93,216 @@ function get_CPH_by_questionnaire($qid)
 			AND a.case_id = b.case_id
 			AND b.questionnaire_id = '$qid'
 			GROUP BY a.operator_id) as c on (c.operator_id = o.operator_id)
-		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , a.start, IFNULL(a.end,CONVERT_TZ(NOW(),'System','UTC')))) /3600 as time, a.operator_id
+		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , a.start, IFNULL(a.end,CONVERT_TZ(NOW(),'System','UTC')))) as time, a.operator_id
 			FROM `call_attempt` as a, `case` as b
 			WHERE a.case_id = b.case_id
 			AND b.questionnaire_id = '$qid'
 			GROUP BY operator_id) as ca on (ca.operator_id = o.operator_id)
 		ORDER BY cph DESC";
 	return $db->GetAll($sql);
 }
 /**
 * Get stats by interviewer by questionnaire by shift
 *
 * @param int $questionnaire_id The questionnaire
 * @param int $shift_id The shift id
 * @return arrayh An array containing operator_id,firstName,CPH,effectiveness,
 */
 function get_stats_by_shift($questionnaire_id,$shift_id)
 {
 	global $db;
 	$sql = "SELECT o.operator_id, o.firstName, (calltime.totaltime / callattempttime.totaltime) AS effectiveness, c.completions,SEC_TO_TIME(callattempttime.totaltime) as time, c.completions/(callattempttime.totaltime / 3600) as CPH, SEC_TO_TIME(calltime.totaltime) as callt, SEC_TO_TIME(callattempttime.totaltime) as callatemptt, calls.calls as totalcalls, calls.calls/(callattempttime.totaltime / 3600) as CALLSPH, calltime.totaltime as calltotaltime, callattempttime.totaltime as callattempttotaltime
 		FROM operator AS o
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call` AS c, `case` as b, `shift` as s
 			WHERE c.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			AND s.shift_id = '$shift_id'
 			AND s.`start` <= c.`start`
 			AND s.`end` >= c.`start`
 			GROUP BY operator_id
 			) AS calltime ON ( calltime.operator_id = o.operator_id )
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call_attempt` AS c, `case` as b, `shift` as s
 			WHERE c.case_id = b.case_id
 			AND s.shift_id = '$shift_id'
 			AND s.`start` <= c.`start`
 			AND s.`end` >= c.`start`
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY operator_id
 		) AS callattempttime ON ( callattempttime.operator_id = o.operator_id )
 		JOIN (  SELECT count(*) as completions,a.operator_id
 			FROM `call` as a, `case` as b, `shift` as s
 			WHERE a.outcome_id = '10'
 			AND s.shift_id = '$shift_id'
 			AND s.`start` <= a.`start`
 			AND s.`end` >= a.`start`
 			AND a.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY a.operator_id) as c on (c.operator_id = o.operator_id)
 		JOIN (  SELECT count(*) as calls,a.operator_id
 			FROM `call` as a, `case` as b, `shift` as s
 			WHERE a.case_id = b.case_id
 			AND s.shift_id = '$shift_id'
 			AND s.`start` <= a.`start`
 			AND s.`end` >= a.`start`
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY a.operator_id) as calls on (calls.operator_id = o.operator_id)
 		ORDER BY effectiveness DESC";
 	return $db->GetAll($sql);
 }
 /**
 * Convert seconds to time in HH:MM:SS
 *
 * @param int Seconds
 * @return string Time in format HH:MM:SS
 */
 function sec_to_time($seconds)
 {
 	if($seconds >= 3600){
      		$h = floor($seconds/3600);
 		$seconds = ($seconds%3600);
    	}
    	if($seconds >= 60){
 		$m = floor($seconds/60);
    		$seconds = ($seconds%60);
    	}
    	$s = floor($seconds);
 	return sprintf("%02d:%02d:%02d", $h, $m, $s);
 }
 /**
 * Given the stats, add a total line
 *
 * @param array The result set from the database
 * @return array The result set plus a total row
 */
 function get_stats_total($rs)
 {
 	$completions = 0;
 	$calls = 0;
 	$totaltime = 0;
 	$calltime = 0;
 	foreach($rs as $r)
 	{
 		$completions += $r['completions'];
 		$calls += $r['totalcalls'];
 		$totaltime += $r['callattempttotaltime'];
 		$calltime += $r['calltotaltime'];
 	}
 	if ($totaltime == 0)
 	{
 		$effectiveness = 0;
 		$cph = 0;
 		$callsph = 0;
 	}
 	else
 	{
 		$effectiveness = round($calltime / $totaltime,4);
 		$cph = round($completions/($totaltime/3600),4);
 		$callsph = round($calls/($totaltime/3600),4);
 	}
 	$rs[] = array("effectiveness" => $effectiveness, "completions" => $completions,"time" => sec_to_time($totaltime),"totalcalls" => $calls,"callt" => sec_to_time($calltime),"CPH" => $cph,"CALLSPH" => $callsph);
 	return $rs;
 }
 /**
 * Get stats by interviewer 
 *
 * @return arrayh An array containing operator_id,firstName,CPH,effectiveness,
 */
 function get_stats()
 {
 	global $db;
 	$sql = "SELECT o.operator_id, o.firstName, (calltime.totaltime / callattempttime.totaltime) AS effectiveness, c.completions,SEC_TO_TIME(callattempttime.totaltime) as time, c.completions/(callattempttime.totaltime / 3600) as CPH, SEC_TO_TIME(calltime.totaltime) as callt, SEC_TO_TIME(callattempttime.totaltime) as callatemptt, calls.calls as totalcalls, calls.calls/(callattempttime.totaltime / 3600) as CALLSPH, calltime.totaltime as calltotaltime, callattempttime.totaltime as callattempttotaltime
 		FROM operator AS o
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call` AS c
 			GROUP BY operator_id
 			) AS calltime ON ( calltime.operator_id = o.operator_id )
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call_attempt` AS c, `case` as b
 			GROUP BY operator_id
 		) AS callattempttime ON ( callattempttime.operator_id = o.operator_id )
 		JOIN (  SELECT count(*) as completions,a.operator_id
 			FROM `call` as a
 			WHERE a.outcome_id = '10'
 			GROUP BY a.operator_id) as c on (c.operator_id = o.operator_id)
 		JOIN (  SELECT count(*) as calls,a.operator_id
 			FROM `call` as a
 			GROUP BY a.operator_id) as calls on (calls.operator_id = o.operator_id)
 		ORDER BY effectiveness DESC";
 	return $db->GetAll($sql);
 }
 /**
 * Get stats by interviewer by questionnaire
 *
 * @param int $questionnaire_id The questionnaire
 * @return arrayh An array containing operator_id,firstName,CPH,effectiveness,
 */
 function get_stats_by_questionnaire($questionnaire_id)
 {
 	global $db;
 	$sql = "SELECT o.operator_id, o.firstName, (calltime.totaltime / callattempttime.totaltime) AS effectiveness, c.completions,SEC_TO_TIME(callattempttime.totaltime) as time, c.completions/(callattempttime.totaltime / 3600) as CPH, SEC_TO_TIME(calltime.totaltime) as callt, SEC_TO_TIME(callattempttime.totaltime) as callatemptt, calls.calls as totalcalls, calls.calls/(callattempttime.totaltime / 3600) as CALLSPH, calltime.totaltime as calltotaltime, callattempttime.totaltime as callattempttotaltime
 		FROM operator AS o
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call` AS c, `case` as b
 			WHERE c.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY operator_id
 			) AS calltime ON ( calltime.operator_id = o.operator_id )
 		JOIN (
 			SELECT SUM( TIMESTAMPDIFF(
 			SECOND , c.start, IFNULL( c.end, CONVERT_TZ( NOW( ) , 'System', 'UTC' ) ) ) ) AS totaltime, operator_id
 			FROM `call_attempt` AS c, `case` as b
 			WHERE c.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY operator_id
 		) AS callattempttime ON ( callattempttime.operator_id = o.operator_id )
 		JOIN (  SELECT count(*) as completions,a.operator_id
 			FROM `call` as a, `case` as b
 			WHERE a.outcome_id = '10'
 			AND a.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY a.operator_id) as c on (c.operator_id = o.operator_id)
 		JOIN (  SELECT count(*) as calls,a.operator_id
 			FROM `call` as a, `case` as b
 			WHERE a.case_id = b.case_id
 			AND b.questionnaire_id = '$questionnaire_id'
 			GROUP BY a.operator_id) as calls on (calls.operator_id = o.operator_id)
 		ORDER BY effectiveness DESC";
 	return $db->GetAll($sql);
 }
@@ -113,13 +316,13 @@ function get_CPH()
 {
 	global $db;
-	$sql = "SELECT o.firstName,o.operator_id,c.completions,ca.time, c.completions/ca.time as CPH
+	$sql = "SELECT o.firstName,o.operator_id,c.completions,SEC_TO_TIME(ca.time) as time, c.completions/(ca.time / 3600) as CPH
 		FROM operator as o
 		JOIN (  SELECT count(*) as completions,operator_id
 			FROM `call`
 			WHERE outcome_id = '10'
 			GROUP BY operator_id) as c on (c.operator_id = o.operator_id)
-		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , start, IFNULL(end,CONVERT_TZ(NOW(),'System','UTC')))) /3600 as time, operator_id
+		JOIN (  SELECT SUM( TIMESTAMPDIFF(SECOND , start, IFNULL(end,CONVERT_TZ(NOW(),'System','UTC')))) as time, operator_id
 			FROM `call_attempt`
 			GROUP BY operator_id) as ca on (ca.operator_id = o.operator_id)
 		ORDER BY cph DESC";
--- a/functions/functions.xhtml.php
+++ b/functions/functions.xhtml.php
@@ -94,10 +94,12 @@ function xhtml_foot()
 * @param bool|array $head False if no header otherwise array of header titles
 * @param string $class Table CSS class
 * @param bool|array $highlight False if nothing to highlight else an array containing the field to highlight
 * @param bool|array $total False if nothing to total else an array containing the fields to total
 * 
 */
-function xhtml_table($content,$fields,$head = false,$class = "tclass",$highlight=false)
+function xhtml_table($content,$fields,$head = false,$class = "tclass",$highlight=false,$total=false)
 {
 	$tot = array();
 	print "<table class='$class'>";
 	if ($head)
 	{
@@ -114,8 +116,23 @@ function xhtml_table($content,$fields,$head = false,$class = "tclass",$highlight
 			print "<tr>";
 		foreach ($fields as $e)
 		{
 			print "<td>{$row[$e]}</td>";
-		
+			if ($total && in_array($e,$total))
 				$tot[$e] += $row[$e];
 		}
 		print "</tr>";
 	}
 	if ($total)
 	{
 		print "<tr>";
 		foreach ($fields as $e)
 		{
 			print "<td>";
 			if (in_array($e,$total))
 				print $tot[$e];
 			print "</td>";
 		}
 		print "</tr>";
 	}
 	print "</table>";
--- a/include/limesurvey/COPYRIGHT.php
+++ b/include/limesurvey/COPYRIGHT.php
@@ -1,96 +1,101 @@
-<?php
+<?php
-/**
+/**
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: COPYRIGHT.php 4381 2008-02-29 22:51:41Z c_schmitz $
+* $Id: COPYRIGHT.php 5431 2008-08-16 21:05:52Z c_schmitz $
-*/
+*/
-
+
-// no direct access
+// no direct access
-if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
-?>
+?>
-
+
-LimeSurvey derives from copyrighted works licensed under the GNU General
+LimeSurvey derives from copyrighted works licensed under the GNU General
-Public License.  This version has been modified pursuant to the
+Public License.  This version has been modified pursuant to the
-GNU General Public License as of August 5, 2007, and as distributed,
+GNU General Public License as of August 5, 2007, and as distributed,
-it includes or is derivative of works licensed under the GNU General
+it includes or is derivative of works licensed under the GNU General
-Public License or other free or open source software licenses, including
+Public License or other free or open source software licenses, including
-works copyrighted by any or all of the following, from 2003 through 2007:
+works copyrighted by any or all of the following, from 2003 through 2007:
-Jason Cleeland, Carsten Schmitz, Thibault Le Meur, Josef Prandstetter,
+Jason Cleeland, Carsten Schmitz, Thibault Le Meur, Josef Prandstetter,
-David Olivier, Gustavo San Roman, Sébastien Gaugry, Esteban Adrián Pérez,
+David Olivier, Gustavo San Roman, Sébastien Gaugry, Esteban Adrián Pérez,
-Gasper Koren, Yeung Kai Sun, Shawn Wales, Ronald Leenes, Mario Marani,
+Gasper Koren, Yeung Kai Sun, Shawn Wales, Ronald Leenes, Mario Marani,
-Darrel O'Pry, Marco Ermini, Patrick McKnight, Chris Wessells, Johannes Kutsam, 
+Darrel O'Pry, Marco Ermini, Patrick McKnight, Chris Wessells, Johannes Kutsam, 
-Karyl Stein, Arjen Gideonse, Nikolay Tsanov, Thomas Lee, Liang Zhao,
+Karyl Stein, Arjen Gideonse, Nikolay Tsanov, Thomas Lee, Liang Zhao,
-Katarina Pavic, Mikkel Skovgaard Sørensen, Rolf Njor Jensen, Johan Geertsma,
+Katarina Pavic, Mikkel Skovgaard Sørensen, Rolf Njor Jensen, Johan Geertsma,
-Ronald Leenes, Peter De Berdt, Patrick Drews, Peter Sereinigg, 
+Ronald Leenes, Peter De Berdt, Patrick Drews, Peter Sereinigg, 
-Artemis Mendrinos, David Selmeczi, Gabriele Carioli, Masaru Ryumae,
+Artemis Mendrinos, David Selmeczi, Gabriele Carioli, Masaru Ryumae,
-Odd-Jarle Kristoffersen, Eirik Sunde, Rosaura Gazzola, Job Vieira Lúcio,
+Odd-Jarle Kristoffersen, Eirik Sunde, Rosaura Gazzola, Job Vieira Lúcio,
-Bogdan Anastasiei, Alexei G. Tchernov, Alexander Shilov, Gasper Koren, 
+Bogdan Anastasiei, Alexei G. Tchernov, Alexander Shilov, Gasper Koren, 
-Luis M. Martinez, Juan Rafael Fernández, Jose Luis Ramirez, Björn Mildh,
+Luis M. Martinez, Juan Rafael Fernández, Jose Luis Ramirez, Björn Mildh,
-Niklas Andersson, Vinh Ngo and Mitchell Butler.
+Niklas Andersson, Vinh Ngo and Mitchell Butler.
-
+
-LimeSurvey also includes or is derivative of works distributed under the following copyright notices:
+LimeSurvey also includes or is derivative of works distributed under the following copyright notices:
-
+
-PHPSurveyor
+PHPSurveyor
----
+----
-Copyright:  Jason Cleeland, 2003
+Copyright:  Jason Cleeland, 2003
-License:	GNU General Public License (GPL V2 or later) 
+License:	GNU General Public License (GPL V2 or later) 
-
+
-ADOdb
+ADOdb
----
+----
-Copyright:  John Lim, 2004 
+Copyright:  John Lim, 2004 
-License:	GNU Lesser General Public License (LGPL)
+License:	GNU Lesser General Public License (LGPL)
-
+
-PHP-gettext
+PHP-gettext
----
+----
-Copyright:  Danilo Segan, 2003, 2006 
+Copyright:  Danilo Segan, 2003, 2006 
-License:	GNU General Public License (GPL V2 or later) 
+License:	GNU General Public License (GPL V2 or later) 
-
+
-DHTML Calendar Widget
+DHTML Calendar Widget
----
+----
-Copyright:	Mihai Bazon, 2002-2005
+Copyright:	Mihai Bazon, 2002-2005
-License:	GNU Lesser General Public License (LGPL)
+License:	GNU Lesser General Public License (LGPL)
-
+
-Slider
+Slider
----
+----
-Copyright:  Erik Arvidsson, 1999 - 2002
+Copyright:  Erik Arvidsson, 1999 - 2002
-License:    GNU General Public License
+License:    GNU General Public License
-
+
-SHA256 static class
+SHA256 static class
----
+----
-Copyright:  Developer's Network (2005)
+Copyright:  Developer's Network (2005)
-Author: feyd _at_ devnetwork .dot. net
+Author: feyd _at_ devnetwork .dot. net
-License:	GNU Lesser General Public License (LGPL)
+License:	GNU Lesser General Public License (LGPL)
-
+
-tabPANE
+tabPANE
----
+----
-Copyright:  Emil A Eklund (2004) http://webfx.eae.net
+Copyright:  Emil A Eklund (2004) http://webfx.eae.net
-License:	Apache Software License 2.0
+License:	Apache Software License 2.0
-
+
-PEAR
+PEAR
----
+----
-Copyright:	1997-2004 The PHP Group
+Copyright:	1997-2004 The PHP Group
-License:	PHP license
+License:	PHP license
-
+
-phpMailer
+phpMailer
----
+----
-Copyright:	2001 - 2003  Brent R. Matzelle
+Copyright:	2001 - 2003  Brent R. Matzelle
-License:	GNU Lesser General Public License (LGPL)
+License:	GNU Lesser General Public License (LGPL)
-
+
-Sanitize Library
+Sanitize Library
---
+----
-Copyright:  2002,2003 Free Software Foundation
+Copyright:  2002,2003 Free Software Foundation
-License:	GNU General Public License (GPL)
+License:	GNU General Public License (GPL)
-
+
-TCPDF Class
+TCPDF Class
---
+----
-Copyright: 2006 Nicola Asuni
+Copyright:  2006 Nicola Asuni
-License: GNU Lesser General Public License (LGPL)
+License:    GNU Lesser General Public License (LGPL)
-
+
 mint_idea Template
 ----
 Copyright:  David Kohout http://www.davidkohout.cz
 License:	GNU General Public License (GPL)
--- a/include/limesurvey/LICENSE.php
+++ b/include/limesurvey/LICENSE.php
@@ -1,340 +1,340 @@
-GNU GENERAL PUBLIC LICENSE
+GNU GENERAL PUBLIC LICENSE
-		       Version 2, June 1991
+		       Version 2, June 1991
-
+
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- Everyone is permitted to copy and distribute verbatim copies
+ Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
+ of this license document, but changing it is not allowed.
-
+
-			    Preamble
+			    Preamble
-
+
-  The licenses for most software are designed to take away your
+  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
+freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
+License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
+software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
+General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
+Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
+using it.  (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.)  You can apply it to
+the GNU Library General Public License instead.)  You can apply it to
-your programs, too.
+your programs, too.
-
+
-  When we speak of free software, we are referring to freedom, not
+  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
+price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
+have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
+this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
+if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
+in new free programs; and that you know you can do these things.
-
+
-  To protect your rights, we need to make restrictions that forbid
+  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
+anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
+These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
+distribute copies of the software, or if you modify it.
-
+
-  For example, if you distribute copies of such a program, whether
+  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
+gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
+you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
+source code.  And you must show them these terms so they know their
-rights.
+rights.
-
+
-  We protect your rights with two steps: (1) copyright the software, and
+  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
+(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
+distribute and/or modify the software.
-
+
-  Also, for each author's protection and ours, we want to make certain
+  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
+that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
+software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
+want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
+that any problems introduced by others will not reflect on the original
-authors' reputations.
+authors' reputations.
-
+
-  Finally, any free program is threatened constantly by software
+  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
+patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
+program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
+program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
+patent must be licensed for everyone's free use or not licensed at all.
-
+
-  The precise terms and conditions for copying, distribution and
+  The precise terms and conditions for copying, distribution and
-modification follow.
+modification follow.
-
+
-		    GNU GENERAL PUBLIC LICENSE
+		    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
+
-  0. This License applies to any program or other work which contains
+  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
+a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
+under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
+refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
+means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
+that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
+either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
+language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
+the term "modification".)  Each licensee is addressed as "you".
-
+
-Activities other than copying, distribution and modification are not
+Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
+covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
+running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
+is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
+Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
+Whether that is true depends on what the Program does.
-
+
-  1. You may copy and distribute verbatim copies of the Program's
+  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
+source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
+conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
+copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
+notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
+and give any other recipients of the Program a copy of this License
-along with the Program.
+along with the Program.
-
+
-You may charge a fee for the physical act of transferring a copy, and
+You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
+you may at your option offer warranty protection in exchange for a fee.
-
+
-  2. You may modify your copy or copies of the Program or any portion
+  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
+of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
+distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
+above, provided that you also meet all of these conditions:
-
+
-    a) You must cause the modified files to carry prominent notices
+    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
+    stating that you changed the files and the date of any change.
-
+
-    b) You must cause any work that you distribute or publish, that in
+    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
+    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
+    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
+    parties under the terms of this License.
-
+
-    c) If the modified program normally reads commands interactively
+    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
+    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
+    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
+    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
+    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
+    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
+    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
+    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
+    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
+    the Program is not required to print an announcement.)
-
+
-These requirements apply to the modified work as a whole.  If
+These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
+identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
+and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
+themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
+sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
+distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
+on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
+this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
+entire whole, and thus to each and every part regardless of who wrote it.
-
+
-Thus, it is not the intent of this section to claim rights or contest
+Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
+your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
+exercise the right to control the distribution of derivative or
-collective works based on the Program.
+collective works based on the Program.
-
+
-In addition, mere aggregation of another work not based on the Program
+In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
+with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
+a storage or distribution medium does not bring the other work under
-the scope of this License.
+the scope of this License.
-
+
-  3. You may copy and distribute the Program (or a work based on it,
+  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
+under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
+Sections 1 and 2 above provided that you also do one of the following:
-
+
-    a) Accompany it with the complete corresponding machine-readable
+    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
+    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
+    1 and 2 above on a medium customarily used for software interchange; or,
-
+
-    b) Accompany it with a written offer, valid for at least three
+    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
+    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
+    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
+    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
+    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
+    customarily used for software interchange; or,
-
+
-    c) Accompany it with the information you received as to the offer
+    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
+    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
+    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
+    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
+    an offer, in accord with Subsection b above.)
-
+
-The source code for a work means the preferred form of the work for
+The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
+making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
+code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
+associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
+control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
+special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
+anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
+form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
+operating system on which the executable runs, unless that component
-itself accompanies the executable.
+itself accompanies the executable.
-
+
-If distribution of executable or object code is made by offering
+If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
+access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
+access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
+distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
+compelled to copy the source along with the object code.
-
+
-  4. You may not copy, modify, sublicense, or distribute the Program
+  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
+except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
+otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
+void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
+However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
+this License will not have their licenses terminated so long as such
-parties remain in full compliance.
+parties remain in full compliance.
-
+
-  5. You are not required to accept this License, since you have not
+  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
+signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
+distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
+prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
+modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
+Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
+all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
+the Program or works based on it.
-
+
-  6. Each time you redistribute the Program (or any work based on the
+  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
+Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
+original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
+these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
+restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
+You are not responsible for enforcing compliance by third parties to
-this License.
+this License.
-
+
-  7. If, as a consequence of a court judgment or allegation of patent
+  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
+infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
+conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
+otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
+excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
+distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
+License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
+may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
+license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
+all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
+the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
+refrain entirely from distribution of the Program.
-
+
-If any portion of this section is held invalid or unenforceable under
+If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
+any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
+apply and the section as a whole is intended to apply in other
-circumstances.
+circumstances.
-
+
-It is not the purpose of this section to induce you to infringe any
+It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
+patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
+such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
+integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
+implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
+generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
+through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
+system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
+to distribute software through any other system and a licensee cannot
-impose that choice.
+impose that choice.
-
+
-This section is intended to make thoroughly clear what is believed to
+This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
+be a consequence of the rest of this License.
-
+
-  8. If the distribution and/or use of the Program is restricted in
+  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
+certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
+original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
+may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
+those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
+countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
+the limitation as if written in the body of this License.
-
+
-  9. The Free Software Foundation may publish revised and/or new versions
+  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
+of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
+be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
+address new problems or concerns.
-
+
-Each version is given a distinguishing version number.  If the Program
+Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
+specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
+later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
+either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
+Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
+this License, you may choose any version ever published by the Free Software
-Foundation.
+Foundation.
-
+
-  10. If you wish to incorporate parts of the Program into other free
+  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
+programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
+to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
+Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
+make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
+of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
+of promoting the sharing and reuse of software generally.
-
+
-			    NO WARRANTY
+			    NO WARRANTY
-
+
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
+REPAIR OR CORRECTION.
-
+
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
+POSSIBILITY OF SUCH DAMAGES.
-
+
-		     END OF TERMS AND CONDITIONS
+		     END OF TERMS AND CONDITIONS
-
+
-	    How to Apply These Terms to Your New Programs
+	    How to Apply These Terms to Your New Programs
-
+
-  If you develop a new program, and you want it to be of the greatest
+  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
+possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
+free software which everyone can redistribute and change under these terms.
-
+
-  To do so, attach the following notices to the program.  It is safest
+  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
+to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
+convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
+the "copyright" line and a pointer to where the full notice is found.
-
+
-    <one line to give the program's name and a brief idea of what it does.>
+    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
+    Copyright (C) <year>  <name of author>
-
+
-    This program is free software; you can redistribute it and/or modify
+    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
+    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
+    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
+    (at your option) any later version.
-
+
-    This program is distributed in the hope that it will be useful,
+    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
+    GNU General Public License for more details.
-
+
-    You should have received a copy of the GNU General Public License
+    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
+    along with this program; if not, write to the Free Software
-    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
-
+
-
+
-Also add information on how to contact you by electronic and paper mail.
+Also add information on how to contact you by electronic and paper mail.
-
+
-If the program is interactive, make it output a short notice like this
+If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
+when it starts in an interactive mode:
-
+
-    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision version 69, Copyright (C) year name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
+    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
+    under certain conditions; type `show c' for details.
-
+
-The hypothetical commands `show w' and `show c' should show the appropriate
+The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
+parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
+be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
+mouse-clicks or menu items--whatever suits your program.
-
+
-You should also get your employer (if you work as a programmer) or your
+You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
+school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
+necessary.  Here is a sample; alter the names:
-
+
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
+
-  <signature of Ty Coon>, 1 April 1989
+  <signature of Ty Coon>, 1 April 1989
-  Ty Coon, President of Vice
+  Ty Coon, President of Vice
-
+
-This General Public License does not permit incorporating your program into
+This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
+proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
+consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Library General
+library.  If this is what you want to do, use the GNU Library General
-Public License instead of this License.
+Public License instead of this License.
--- a/include/limesurvey/admin/access_denied.php
+++ b/include/limesurvey/admin/access_denied.php
@@ -1,141 +1,141 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: access_denied.php 4247 2008-02-16 00:24:07Z lemeur $
+* $Id: access_denied.php 7140 2009-06-18 06:56:20Z mennodekker $
-*/
+*/
-
+
-
+
-if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly (access_denied)");}
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly (access_denied)");}
-
+
-if (isset($_SESSION['loginID']))
+if (isset($_SESSION['loginID']))
-	{
+	{
-	
+	
-	$accesssummary = "<br /><strong>".$clang->gT("Access denied!")."</strong><br />\n";
+	$accesssummary = "<br /><strong>".$clang->gT("Access denied!")."</strong><br />\n";
-
+
-    $action=returnglobal('action');
+    $action=returnglobal('action');
-	if  (  $action == "dumpdb"  )
+	if  (  $action == "dumpdb"  )
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed dump the database!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed dump the database!")."</p>";
-		$accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}	
+		}	
-    elseif($action == "dumplabel")
+    elseif($action == "dumplabel")
-        {        
+        {        
-        $accesssummary .= "<p>".$clang->gT("You are not allowed export a label set!")."</p>";
+        $accesssummary .= "<p>".$clang->gT("You are not allowed export a label set!")."</p>";
-        $accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+        $accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-        }    
+        }    
-	elseif($action == "edituser")
+	elseif($action == "edituser")
-		{
+		{
-		$accesssummary .= $clang->gT("You are not allowed to change user data!");
+		$accesssummary .= $clang->gT("You are not allowed to change user data!");
-		$accesssummary .= "<br /><br /><a href='$scriptname?action=editusers'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<br /><br /><a href='$scriptname?action=editusers'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		} 
+		} 
-    elseif($action == "newsurvey")
+    elseif($action == "newsurvey")
-        {        
+        {        
-        $accesssummary .= "<p>".$clang->gT("You are not allowed to create new surveys!")."</p>";
+        $accesssummary .= "<p>".$clang->gT("You are not allowed to create new surveys!")."</p>";
-        $accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+        $accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-        }    
+        }    
-	elseif($action == "deletesurvey")
+	elseif($action == "deletesurvey")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to delete this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to delete this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "addquestion")
+	elseif($action == "addquestion")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to add new questions for this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to add new questions for this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "activate")
+	elseif($action == "activate")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to activate this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to activate this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "deactivate")
+	elseif($action == "deactivate")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to deactivate this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to deactivate this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "addgroup")
+	elseif($action == "addgroup")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to add a group to this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to add a group to this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "ordergroups")
+	elseif($action == "ordergroups")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to order groups in this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to order groups in this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "editsurvey")
+	elseif($action == "editsurvey")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to edit this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to edit this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "editgroup")
+	elseif($action == "editgroup")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to edit groups in this survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to edit groups in this survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "browse_response" || $action == "listcolumn" || $action == "vvexport" || $action == "vvimport")
+	elseif($action == "browse_response" || $action == "listcolumn" || $action == "vvexport" || $action == "vvimport")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to browse responses!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to browse responses!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "assessment")
+	elseif($action == "assessment")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to set assessment rules!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to set assessment rules!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "delusergroup")
+	elseif($action == "delusergroup")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to delete this group!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to delete this group!")."</p>";
-		$accesssummary .= "<a href='$scriptname?action=editusergroups'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?action=editusergroups'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "importsurvey")
+	elseif($action == "importsurvey")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to import a survey!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to import a survey!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}	
+		}	
-
+
-	elseif($action == "importgroup")
+	elseif($action == "importgroup")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to import a group!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to import a group!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "importquestion")
+	elseif($action == "importquestion")
-		{		
+		{		
-		$accesssummary .= "<p>".$clang->gT("You are not allowed to to import a question!")."</p>";
+		$accesssummary .= "<p>".$clang->gT("You are not allowed to to import a question!")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "CSRFwarn")
+	elseif($action == "CSRFwarn")
-		{		
+		{		
-		$accesssummary .= "<p><font color='red'>".$clang->gT("Security Alert")."</font>: ".$clang->gT("Someone may be trying to use your LimeSurvey session (CSRF attack suspected). If you just clicked on a malicious link, please report this to your system administrator.")."</p>";
+		$accesssummary .= "<p><font color='red'>".$clang->gT("Security Alert")."</font>: ".$clang->gT("Someone may be trying to use your LimeSurvey session (CSRF attack suspected). If you just clicked on a malicious link, please report this to your system administrator.")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	elseif($action == "FakeGET")
+	elseif($action == "FakeGET")
-		{		
+		{		
-		$accesssummary .= "<p><font color='red'>".$clang->gT("Security Alert")."</font>: ".$clang->gT("Someone may be trying to use your LimeSurvey session by using dangerous GET requests (CSRF attack suspected). If you just clicked on a malicious link, please report this to your system administrator.")."</p>";
+		$accesssummary .= "<p><font color='red'>".$clang->gT("Security Alert")."</font>: ".$clang->gT("Someone may be trying to use your LimeSurvey session by using dangerous GET requests (CSRF attack suspected). If you just clicked on a malicious link, please report this to your system administrator.")."</p>";
-		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+		$accesssummary .= "<a href='$scriptname?sid={$sid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-	else
+	else
-		{
+		{
-		$accesssummary .= "<br />".$clang->gT("You are not allowed to perform this operation!")."<br />\n";		
+		$accesssummary .= "<br />".$clang->gT("You are not allowed to perform this operation!")."<br />\n";		
-		if(!empty($sid))
+		if(!empty($sid))
-			$accesssummary .= "<br /><br /><a href='$scriptname?sid=$sid>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+			$accesssummary .= "<br /><br /><a href='$scriptname?sid=$sid>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		elseif(!empty($ugid))
+		elseif(!empty($ugid))
-		//elseif(isset($_GET['ugid']))
+		//elseif(isset($_GET['ugid']))
-			{
+			{
-			$accesssummary .= "<br /><br /><a href='$scriptname?action=editusergroups&ugid={$ugid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+			$accesssummary .= "<br /><br /><a href='$scriptname?action=editusergroups&ugid={$ugid}'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-					}
+					}
-		else 
+		else 
-			$accesssummary .= "<br /><br /><a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
+			$accesssummary .= "<br /><br /><a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";
-		}
+		}
-		
+		
-	}
+	}
-?>
+?>
--- a/include/limesurvey/admin/activate.php
+++ b/include/limesurvey/admin/activate.php
--- a/include/limesurvey/admin/admin.php
+++ b/include/limesurvey/admin/admin.php
--- a/include/limesurvey/admin/assessments.php
+++ b/include/limesurvey/admin/assessments.php
@@ -1,223 +1,330 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: assessments.php 5096 2008-06-18 08:28:32Z c_schmitz $
+* $Id: assessments.php 7428 2009-08-10 10:26:46Z c_schmitz $
-*/
+*/
-
+
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
+if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-if (!isset($action)) {$action=returnglobal('action');}
+if (!isset($action)) {$action=returnglobal('action');}
-
+
-
+$surveyinfo=getSurveyInfo($surveyid);
-$actsurquery = "SELECT edit_survey_property FROM {$dbprefix}surveys_rights WHERE sid=$surveyid AND uid = ".$_SESSION['loginID']; //Getting rights for this survey
+
-$actsurresult = $connect->Execute($actsurquery) or safe_die($connect->ErrorMsg());		
+$js_adminheader_includes[]= $homeurl.'/scripts/assessments.js';
-$actsurrows = $actsurresult->FetchRow();
+$js_adminheader_includes[]= $rooturl.'/scripts/jquery/jquery-ui.js';
-
+//                          . "<link rel=\"stylesheet\" type=\"text/css\" media=\"all\" href=\"styles/default/jquery-ui.css\" />\n";
-if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $actsurrows['edit_survey_property']){
+
-
+
-	if ($action == "assessmentadd") {
+$actsurquery = "SELECT edit_survey_property FROM {$dbprefix}surveys_rights WHERE sid=$surveyid AND uid = ".$_SESSION['loginID']; //Getting rights for this survey
-		$inserttable=$dbprefix."assessments";
+$actsurresult = $connect->Execute($actsurquery) or safe_die($connect->ErrorMsg());		
-		$query = $connect->GetInsertSQL($inserttable, array(
+$actsurrows = $actsurresult->FetchRow();
-		'sid' => $surveyid,
+
-		'scope' => $_POST['scope'],
+
-		'gid' => $_POST['gid'],
+$assessmentlangs = GetAdditionalLanguagesFromSurveyID($surveyid);
-		'minimum' => $_POST['minimum'],
+$baselang = GetBaseLanguageFromSurveyID($surveyid);
-		'maximum' => $_POST['maximum'],
+array_unshift($assessmentlangs,$baselang);      // makes an array with ALL the languages supported by the survey -> $assessmentlangs     
-		'name' => $_POST['name'],
+
-		'message' => $_POST['message'],
+
-		'link' => $_POST['link'] ));
+if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $actsurrows['edit_survey_property']){
-		$result=$connect->Execute($query) or safe_die("Error inserting<br />$query<br />".$connect->ErrorMsg());
+
-	} elseif ($action == "assessmentupdate") {
+	if ($action == "assessmentadd") {
-		$query = "UPDATE {$dbprefix}assessments
+		$inserttable=$dbprefix."assessments";
-				  SET scope='".db_quote($_POST['scope'])."',
+        $first=true;
-				  gid=".sanitize_int($_POST['gid']).",
+        foreach ($assessmentlangs as $assessmentlang)
-				  minimum='".sanitize_int($_POST['minimum'])."',
+        {
-				  maximum='".sanitize_int($_POST['maximum'])."',
+            if (!isset($_POST['gid'])) $_POST['gid']=0;   
-				  name='".db_quote($_POST['name'])."',
+                        
-				  message='".db_quote($_POST['message'])."',
+            $datarray=array(
-				  link='".db_quote($_POST['link'])."'
+            'sid' => $surveyid,
-				  WHERE id=".sanitize_int($_POST['id']);
+            'scope' => $_POST['scope'],
-		$result = $connect->Execute($query) or safe_die("Error updating<br />$query<br />".$connect->ErrorMsg());
+            'gid' => $_POST['gid'],
-	} elseif ($action == "assessmentdelete") {
+            'minimum' => $_POST['minimum'],
-		$query = "DELETE FROM {$dbprefix}assessments
+            'maximum' => $_POST['maximum'],
-				  WHERE id=".sanitize_int($_POST['id']);
+            'name' => $_POST['name_'.$assessmentlang],
-		$result=$connect->Execute($query);
+            'language' => $assessmentlang,
-	}
+            'message' => $_POST['assessmentmessage_'.$assessmentlang]);
-	
+            
-    $assessmentsoutput=  "<table width='100%' border='0' >\n"
+            if ($first==false)
-        . "\t<tr>\n"
+            {
-        . "\t\t<td>\n"
+                $datarray['id']=$aid;
-        . "\t\t\t<table class='menubar'>\n"
+            }
-        . "\t\t\t<tr>\n"
+            
-        . "\t\t\t\t<td colspan='2' height='8'>\n"
+		    $query = $connect->GetInsertSQL($inserttable, $datarray, get_magic_quotes_gpc());
-        . "\t\t\t\t\t<strong>".$clang->gT("Assessments")."</strong></td></tr>\n";
+		    $result=$connect->Execute($query) or safe_die("Error inserting<br />$query<br />".$connect->ErrorMsg());
-	
+            if ($first==true)
-	$assessmentsoutput.= "\t<tr >\n"
+            {
-	. "\t\t<td>\n"
+              $first=false;
-	. "\t\t\t<a href=\"#\" onclick=\"window.open('$scriptname?sid=$surveyid', '_self')\" onmouseout=\"hideTooltip()\" onmouseover=\"showTooltip(event,'".$clang->gT("Return to Survey Administration", "js")."');return false\">" .
+              $aid=$connect->Insert_ID(db_table_name_nq('assessments'),"id");           
-			"<img name='Administration' src='$imagefiles/home.png' title='' alt='' align='left'  /></a>\n"
+            }
-	. "\t\t\t<img src='$imagefiles/blank.gif' alt='' width='11' border='0' hspace='0' align='left' />\n"
+        }
-	. "\t\t\t<img src='$imagefiles/seperator.gif' alt='' border='0' hspace='0' align='left' />\n"
+	} elseif ($action == "assessmentupdate") {
-	. "\t\t</td>\n"
+
-	. "\t</tr>\n";
+        if ($filterxsshtml)    
-	$assessmentsoutput.= "</table>";
+        {
-	
+            require_once("../classes/inputfilter/class.inputfilter_clean.php");
-	if ($surveyid == "") {
+            $myFilter = new InputFilter('','',1,1,1); 
-		$assessmentsoutput.= $clang->gT("No SID Provided");
+        }
-		exit;
+        
-	}
+        foreach ($assessmentlangs as $assessmentlang)
-	
+        {
-	$assessments=getAssessments($surveyid);
+        
-	//$assessmentsoutput.= "<pre>";print_r($assessments);echo "</pre>";
+            if (!isset($_POST['gid'])) $_POST['gid']=0;
-	$groups=getGroups($surveyid);
+            if ($filterxsshtml)    
-	$groupselect="<select name='gid'>\n";
+            {
-	foreach($groups as $group) {
+              $_POST['name_'.$assessmentlang]=$myFilter->process($_POST['name_'.$assessmentlang]);  
-		$groupselect.="<option value='".$group['gid']."'>".$group['group_name']."</option>\n";
+              $_POST['assessmentmessage_'.$assessmentlang]=$myFilter->process($_POST['assessmentmessage_'.$assessmentlang]);  
-	}
+            }
-	$groupselect .="</select>\n";
+	        $query = "UPDATE {$dbprefix}assessments
-	$headings=array($clang->gT("Scope"), $clang->gT("Group"), $clang->gT("Minimum"), $clang->gT("Maximum"), $clang->gT("Heading"), $clang->gT("Message"), $clang->gT("URL"));
+			          SET scope='".db_quote($_POST['scope'])."',
-	$inputs=array("<select name='scope'><option value='T'>".$clang->gT("Total")."</option><option value='G'>".$clang->gT("Group")."</option></select>",
+			          gid=".sanitize_int($_POST['gid']).",
-	$groupselect,
+			          minimum='".sanitize_signedint($_POST['minimum'])."',
-	"<input type='text' name='minimum' />",
+			          maximum='".sanitize_signedint($_POST['maximum'])."',
-	"<input type='text' name='maximum' />",
+			          name='".db_quote($_POST['name_'.$assessmentlang],true)."',
-	"<input type='text' name='name' size='80'/>",
+			          message='".db_quote($_POST['assessmentmessage_'.$assessmentlang],true)."'
-	"<textarea name='message' rows='10' cols='80'></textarea >",
+			          WHERE language='$assessmentlang' and id=".sanitize_int($_POST['id']);
-	"<input type='text' name='link' size='80' />");
+	        $result = $connect->Execute($query) or safe_die("Error updating<br />$query<br />".$connect->ErrorMsg());
-	$actiontitle=$clang->gT("Add");
+        }
-	$actionvalue="assessmentadd";
+	} elseif ($action == "assessmentdelete") {
-	$thisid="";
+		$query = "DELETE FROM {$dbprefix}assessments
-	
+				  WHERE id=".sanitize_int($_POST['id']);
-	if ($action == "assessmentedit") {
+		$result=$connect->Execute($query);
-		$query = "SELECT * FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id']);
+	}
-		$results = db_execute_assoc($query);
+	
-		while($row=$results->FetchRow()) {
+    $assessmentsoutput=PrepareEditorScript();  
-			$editdata=$row;
+    $assessmentsoutput.="<script type=\"text/javascript\">
-		}
+                        <!-- 
-		$scopeselect = "<select name='scope'><option ";
+                            var strnogroup='".$clang->gT("There are no groups available.", "js")."';
-		if ($editdata['scope'] == "T") {$scopeselect .= "selected='selected' ";}
+                        --></script>";
-		$scopeselect .= "value='T'>".$clang->gT("Total")."</option><option value='G'";
+    $assessmentsoutput.="<table width='100%' border='0' >\n"
-		if ($editdata['scope'] == "G") {$scopeselect .= " selected='selected'";}
+        . "\t<tr>\n"
-		$scopeselect .= ">".$clang->gT("Group")."</option></select>";
+        . "\t\t<td>\n"
-		$groupselect=str_replace("'".$editdata['gid']."'", "'".$editdata['gid']."' selected", $groupselect);
+        . "<div class='menubar'>\n"
-		$inputs=array($scopeselect,
+        . "\t<div class='menubar-title'>\n"
-		$groupselect,
+        . "\t\t<strong>".$clang->gT("Assessments")."</strong>\n";
-		"<input type='text' name='minimum' value='".$editdata['minimum']."' />",
+	
-		"<input type='text' name='maximum' value='".$editdata['maximum']."' />",
+	$assessmentsoutput.= "\t</div>\n"
-		"<input type='text' name='name' size='80' value='".htmlentities(stripslashes($editdata['name']), ENT_QUOTES,'UTF-8')."'/>",
+    . "\t<div class='menubar-main'>\n"
-		"<textarea name='message' rows='10' cols='80'>".htmlentities(stripslashes($editdata['message']), ENT_QUOTES,'UTF-8')."</textarea>",
+    . "\t\t<div class='menubar-left'>\n"
-		"<input type='text' name='link' size='80' value='".$editdata['link']."' />");
+	. "\t\t\t<a href=\"#\" onclick=\"window.open('$scriptname?sid=$surveyid', '_self')\" onmouseout=\"hideTooltip()\" onmouseover=\"showTooltip(event,'".$clang->gT("Return to Survey Administration", "js")."');return false\">" .
-		$actiontitle=$clang->gT("Edit");	
+			"<img name='Administration' src='$imagefiles/home.png' title='' alt='' /></a>\n"
-		$actionvalue="assessmentupdate";
+	. "\t\t\t<img src='$imagefiles/blank.gif' alt='' width='11'  />\n"
-		$thisid=$editdata['id'];
+	. "\t\t\t<img src='$imagefiles/seperator.gif' alt='' />\n";
-	}
+    
-	//$assessmentsoutput.= "<pre>"; print_r($edits); $assessmentsoutput.= "</pre>";
+    if ($surveyinfo['assessments']!='Y')
-	//PRESENT THE PAGE
+    {
-	
+        $assessmentsoutput.='<span style="font-size:11px;">'.sprintf($clang->gT("Notice: Assessment mode for this survey is not activated. You can activate it in the %s survey settings %s (tab 'Notification & data management')."),'<a href="admin.php?action=editsurvey&sid='.$surveyid.'">','</a>').'</span>';   
-	$assessmentsoutput.= "<br /><table align='center'  width='90%'>
+    }
-		<tr><td colspan='12'>".$clang->gT("If you create any assessments in this page, for the currently selected survey, the assessment will be performed at the end of the survey after submission")."</th></tr>"
+	$assessmentsoutput.= "\t\t</div>\n"
-		."<tr><th>ID</th><th>SID</th>\n";
+	. "\t</div>\n"
-	foreach ($headings as $head) {
+    . "</div>\n";
-		$assessmentsoutput.= "<th>$head</th>\n";
+    $assessmentsoutput .= "<p style='margin:0;font-size:1px;line-height:1px;height:1px;'>&nbsp;</p>"; //CSS Firefox 2 transition fix
-	}
+	
-	$assessmentsoutput.= "<th>".$clang->gT("Actions")."</th>";
+	if ($surveyid == "") {
-	$assessmentsoutput.= "</tr>\n";
+		$assessmentsoutput.= $clang->gT("No SID Provided");
-    $flipflop=true;
+		exit;
-	foreach($assessments as $assess) {
+	}
-        $flipflop=!$flipflop;
+	
-		if ($flipflop==true){$assessmentsoutput.= "<tr class='oddrow'>\n";}
+	$assessments=getAssessments($surveyid);
-          else {$assessmentsoutput.= "<tr class='evenrow'>\n";} 
+	//$assessmentsoutput.= "<pre>";print_r($assessments);echo "</pre>";
-		$assessmentsoutput.= "<td>".$assess['id']."</td>\n";
+	$groups=getGroups($surveyid);
-		$assessmentsoutput.= "<td>".$assess['sid']."</td>\n";
+	$groupselect="<select name='gid' id='newgroupselect'>\n";
-
+	foreach($groups as $group) {
-		if ($assess['scope'] == "T") {	$assessmentsoutput.= "<td>".$clang->gT("Total")."</td>\n"; }
+		$groupselect.="<option value='".$group['gid']."'>".$group['group_name']."</option>\n";
-		else {$assessmentsoutput.= "<td>".$clang->gT("Group")."</td>\n"; }
+	}
-
+	$groupselect .="</select>\n";
-		$assessmentsoutput.= "<td>".$groups[$assess['gid']]['group_name']." (".$assess['gid'].")</td>\n";
+	$headings=array($clang->gT("Scope"), $clang->gT("Question group"), $clang->gT("Minimum"), $clang->gT("Maximum"));
-		
+	$inputs=array("<input type='radio' id='radiototal' name='scope' value='T' checked='checked'>".$clang->gT("Total")."</input><input type='radio' id='radiogroup' name='scope' value='G'>".$clang->gT("Group")."</input>",
-		$assessmentsoutput.= "<td>".$assess['minimum']."</td>\n";
+	$groupselect,
-		$assessmentsoutput.= "<td>".$assess['maximum']."</td>\n";
+	"<input type='text' name='minimum' class='numbersonly' />",
-		$assessmentsoutput.= "<td>".stripslashes($assess['name'])."</td>\n";
+	"<input type='text' name='maximum' class='numbersonly' />");
-		$assessmentsoutput.= "<td>".stripslashes($assess['message'])."</td>\n";
+	$actiontitle=$clang->gT("Add");
-		$assessmentsoutput.= "<td>".stripslashes($assess['link'])."</td>\n";
+	$actionvalue="assessmentadd";
-		
+	$thisid="";
-		$assessmentsoutput.= "<td>
+	
-			   <table width='100%'>
+	if ($action == "assessmentedit") {
-				<tr><td align='center'><form method='post' action='$scriptname?sid=$surveyid'>
+		$query = "SELECT * FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id'])." and language='$baselang'";
-				 <input type='submit' value='".$clang->gT("Edit")."' />
+		$results = db_execute_assoc($query);
-				 <input type='hidden' name='action' value='assessmentedit' />
+		while($row=$results->FetchRow()) {
-				 <input type='hidden' name='id' value='".$assess['id']."' />
+			$editdata=$row;
-				 </form></td>
+		}
-				 <td align='center'><form method='post' action='$scriptname?sid=$surveyid'>
+		$scopeselect = "<input type='radio' id='radiototal' name='scope' ";
-				 <input type='submit' value='".$clang->gT("Delete")."' onclick='return confirm(\"".$clang->gT("Are you sure you want to delete this entry?","js")."\")' />
+		if ($editdata['scope'] == "T") {$scopeselect .= "checked='checked' ";}
-				 <input type='hidden' name='action' value='assessmentdelete' />
+		$scopeselect .= "value='T'>".$clang->gT("Total")."</input>";
-				 <input type='hidden' name='id' value='".$assess['id']."' />
+        $scopeselect .= "<input type='radio' name='scope' id='radiogroup' value='G'";
-				 </form>
+		if ($editdata['scope'] == "G") {$scopeselect .= " checked='checked'";}
-				 </td>
+		$scopeselect .= ">".$clang->gT("Question group")."</input>";
-				</tr>
+		$groupselect=str_replace("'".$editdata['gid']."'", "'".$editdata['gid']."' selected", $groupselect);
-			   </table>
+		$inputs=array($scopeselect,
-			  </td>\n";
+		$groupselect,
-		$assessmentsoutput.= "</tr>\n";
+		"<input type='text' name='minimum' value='".$editdata['minimum']."' class='numbersonly' />",
-	}
+		"<input type='text' name='maximum' value='".$editdata['maximum']."' class='numbersonly' />",
-	$assessmentsoutput.= "</table>";
+		"<input type='text' name='name' size='80' value='".htmlentities(stripslashes($editdata['name']), ENT_QUOTES,'UTF-8')."'/>",
-	$assessmentsoutput.= "<br /><form method='post' name='assessmentsform' action='$scriptname?sid=$surveyid'><table align='center' cellspacing='0' border='0' class='form2columns'>\n";
+		"<textarea name='message' id='assessmentmessage' rows='10' cols='80'>".htmlentities(stripslashes($editdata['message']), ENT_QUOTES,'UTF-8')."</textarea>");
-	$assessmentsoutput.= "<tr><th colspan='2'>$actiontitle</th></tr>\n";
+		$actiontitle=$clang->gT("Edit");	
-	$i=0;
+		$actionvalue="assessmentupdate";
-	
+		$thisid=$editdata['id'];
-	foreach ($headings as $head) {
+	}
-		$assessmentsoutput.= "<tr><td>$head</td><td>".$inputs[$i]."</td></tr>\n";
+	//$assessmentsoutput.= "<pre>"; print_r($edits); $assessmentsoutput.= "</pre>";
-		$i++;
+	//PRESENT THE PAGE
-	}
+
-	$assessmentsoutput.= "<tr><th colspan='2' align='center'><input type='submit' value='".$clang->gT("Save")."' />\n";
+	
-	if ($action == "assessmentedit") $assessmentsoutput.= "&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' value='".$clang->gT("Cancel")."' onclick=\"document.assessmentsform.action.value='assessments'\" />\n";
+	$assessmentsoutput.= "<br /><table align='center'  width='90%'>
-	$assessmentsoutput.= "<input type='hidden' name='sid' value='$surveyid' />\n"
+		<tr><th colspan='12'>".$clang->gT("Assessment rules")."</th></tr>"
-	."<input type='hidden' name='action' value='$actionvalue' />\n"
+		."<tr><th>".$clang->gT("ID")."</th><th>".$clang->gT("SID")."</th>\n";
-	."<input type='hidden' name='id' value='$thisid' />\n"
+	foreach ($headings as $head) {
-	."</th></tr>\n"                                            
+		$assessmentsoutput.= "<th>$head</th>\n";
-	."</table></form></td></tr></table>\n";
+	}
-	}
+	$assessmentsoutput.= "<th>".$clang->gT("Title")."</th><th>".$clang->gT("Message")."</th><th>".$clang->gT("Actions")."</th>";
-else
+	$assessmentsoutput.= "</tr>\n";
-	{
+    $flipflop=true;
-	$action = "assessment";
+	foreach($assessments as $assess) {
-	include("access_denied.php");
+        $flipflop=!$flipflop;
-	include("admin.php");
+		if ($flipflop==true){$assessmentsoutput.= "<tr class='oddrow'>\n";}
-	}
+          else {$assessmentsoutput.= "<tr class='evenrow'>\n";} 
-	
+		$assessmentsoutput.= "<td>".$assess['id']."</td>\n";
-function getAssessments($surveyid) {
+		$assessmentsoutput.= "<td>".$assess['sid']."</td>\n";
-	global $dbprefix, $connect;
+
-	$query = "SELECT id, sid, scope, gid, minimum, maximum, name, message, link
+		if ($assess['scope'] == "T") 
-			  FROM ".db_table_name('assessments')."
+        {	
-			  WHERE sid='$surveyid'
+            $assessmentsoutput.= "<td>".$clang->gT("Total")."</td>\n"; 
-			  ORDER BY scope, gid";
+            $assessmentsoutput.= "<td>-</td>\n";
-	$result=db_execute_assoc($query) or safe_die("Error getting assessments<br />$query<br />".$connect->ErrorMsg());
+        }
-	$output=array();
+		else 
-	while($row=$result->FetchRow()) {
+        {
-		$output[]=$row;
+            $assessmentsoutput.= "<td>".$clang->gT("Question group")."</td>\n"; 
-	}
+            $assessmentsoutput.= "<td>".$groups[$assess['gid']]['group_name']." (".$assess['gid'].")</td>\n";
-	return $output;
+        }
-}
+
-
+		
-function getGroups($surveyid) {
+		$assessmentsoutput.= "<td>".$assess['minimum']."</td>\n";
-	global $dbprefix, $connect;
+		$assessmentsoutput.= "<td>".$assess['maximum']."</td>\n";
-	$baselang = GetBaseLanguageFromSurveyID($surveyid);
+		$assessmentsoutput.= "<td>".stripslashes($assess['name'])."</td>\n";
-	$query = "SELECT gid, group_name
+		$assessmentsoutput.= "<td>".strip_tags(strip_javascript($assess['message']))."</td>\n";
-			  FROM ".db_table_name('groups')."
+		
-			  WHERE sid='$surveyid' and language='$baselang'
+		$assessmentsoutput.= "<td>
-			  ORDER BY group_order";
+			   <table width='100%'>
-	$result = db_execute_assoc($query) or safe_die("Error getting groups<br />$query<br />".$connect->ErrorMsg());
+				<tr><td align='center'><form method='post' action='$scriptname?sid=$surveyid'>
-	$output=array();
+				 <input type='submit' value='".$clang->gT("Edit")."' />
-	while($row=$result->FetchRow()) {
+				 <input type='hidden' name='action' value='assessmentedit' />
-		$output[$row['gid']]=$row;
+				 <input type='hidden' name='id' value='".$assess['id']."' />
-	}
+				 </form></td>
-	return $output;
+				 <td align='center'><form method='post' action='$scriptname?sid=$surveyid'>
-}
+				 <input type='submit' value='".$clang->gT("Delete")."' onclick='return confirm(\"".$clang->gT("Are you sure you want to delete this entry?","js")."\")' />
-?>
+				 <input type='hidden' name='action' value='assessmentdelete' />
 				 <input type='hidden' name='id' value='".$assess['id']."' />
 				 </form>
 				 </td>
 				</tr>
 			   </table>
 			  </td>\n";
 		$assessmentsoutput.= "</tr>\n";
 	}
 	$assessmentsoutput.= "</table>";
    //now present edit/insert form
 	$assessmentsoutput.= "<br /><form method='post' name='assessmentsform' action='$scriptname?sid=$surveyid'><table align='center' cellspacing='0' border='0' class='form2columns'>\n";
 	$assessmentsoutput.= "<tr><th colspan='2'>$actiontitle</th></tr>\n";
 	$i=0;
 	foreach ($headings as $head) {
 		$assessmentsoutput.= "<tr><td>$head</td><td>".$inputs[$i]."<br /></td></tr>\n";
 		$i++;
 	}
    // start tabs
    $assessmentsoutput.= "<tr><td>&nbsp;</td><td>&nbsp;</td></tr>\n";
    $assessmentsoutput.='</table><div id="languagetabs">'
                        .'<ul>';
    foreach ($assessmentlangs as $assessmentlang)
    {
        $position=0;
        $assessmentsoutput .= '<li><a href="#tablang'.$assessmentlang.'"><span>'.getLanguageNameFromCode($assessmentlang, false);
        if ($assessmentlang==$baselang) {$assessmentsoutput .= ' ('.$clang->gT("Base Language").')';}
        $assessmentsoutput .='</span></a></li>';
    }
    $assessmentsoutput.= '</ul>';
    foreach ($assessmentlangs as $assessmentlang)
    {
        $heading=''; $message='';
        if ($action == "assessmentedit") 
        {       
            $query = "SELECT * FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id'])." and language='$assessmentlang'";
            $results = db_execute_assoc($query);
            while($row=$results->FetchRow()) {
                $editdata=$row;
            }
            $heading=$editdata['name'];
            $message=$editdata['message'];
        }
        $assessmentsoutput .= '<div id="tablang'.$assessmentlang.'">';
        $assessmentsoutput .= $clang->gT("Heading")."<br/>"
        ."<input type='text' name='name_$assessmentlang' size='80' value='$heading'/><br /><br />"
        .$clang->gT("Message")
        ."<textarea name='assessmentmessage_$assessmentlang' id='assessmentmessage_$assessmentlang' rows='10' cols='80'>$message</textarea >";
        $assessmentsoutput .='</div>';
    }    
    $assessmentsoutput .='</div>'; 
 	$assessmentsoutput.= "<div style='width:200px;margin:5px auto;'><input type='submit' value='".$clang->gT("Save")."' />\n";
 	if ($action == "assessmentedit") $assessmentsoutput.= "&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' value='".$clang->gT("Cancel")."' onclick=\"document.assessmentsform.action.value='assessments'\" />\n";
 	$assessmentsoutput.= "<input type='hidden' name='sid' value='$surveyid' />\n"
 	."<input type='hidden' name='action' value='$actionvalue' />\n"
 	."<input type='hidden' name='id' value='$thisid' />\n"
 	."<div>\n"                                            
 	."</form>\n";
    foreach ($assessmentlangs as $assessmentlang)   
    {
        $assessmentsoutput.=getEditor("assessment-text","assessmentmessage_$assessmentlang", "[".$clang->gT("Message:", "js")."]",$surveyid,$gid,$qid,$action);
    }
 	}
 else
 	{
 	$action = "assessment";
 	include("access_denied.php");
 	include("admin.php");
 	}
 function getAssessments($surveyid) {
 	global $dbprefix, $connect, $baselang;
 	$query = "SELECT id, sid, scope, gid, minimum, maximum, name, message
 			  FROM ".db_table_name('assessments')."
 			  WHERE sid='$surveyid' and language='$baselang'
 			  ORDER BY scope, gid";
 	$result=db_execute_assoc($query) or safe_die("Error getting assessments<br />$query<br />".$connect->ErrorMsg());
 	$output=array();
 	while($row=$result->FetchRow()) {
 		$output[]=$row;
 	}
 	return $output;
 }
 function getGroups($surveyid) {
 	global $dbprefix, $connect;
 	$baselang = GetBaseLanguageFromSurveyID($surveyid);
 	$query = "SELECT gid, group_name
 			  FROM ".db_table_name('groups')."
 			  WHERE sid='$surveyid' and language='$baselang'
 			  ORDER BY group_order";
 	$result = db_execute_assoc($query) or safe_die("Error getting groups<br />$query<br />".$connect->ErrorMsg());
 	$output=array();
 	while($row=$result->FetchRow()) {
 		$output[$row['gid']]=$row;
 	}
 	return $output;
 }
 ?>
--- a/include/limesurvey/admin/browse.php
+++ b/include/limesurvey/admin/browse.php
--- a/include/limesurvey/admin/classes/core/domxml-php4-to-php5.php
+++ b/include/limesurvey/admin/classes/core/domxml-php4-to-php5.php
@@ -30,7 +30,7 @@
 If you want to distribute this code, please do it as a link to:
 http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
 */
-
+@ini_set('zend.ze1_compatibility_mode', '0'); 
 define('DOMXML_LOAD_PARSING',0);
 define('DOMXML_LOAD_VALIDATING',1);
 define('DOMXML_LOAD_RECOVERING',2);
@@ -79,7 +79,7 @@ function xmldocfile($filename) {return domxml_open_file($filename);}
 function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->xpath_eval($eval_str,$contextnode);}
 function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}
 function xpath_register_ns($xpath_context,$prefix,$namespaceURI) {return $xpath_context->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
-function _entityDecode($text) {return html_entity_decode_php4(strtr($text,array('&apos;'=>'\'')),ENT_QUOTES,'UTF-8');}
+function _entityDecode($text) {return html_entity_decode(strtr($text,array('&apos;'=>'\'')),ENT_QUOTES,'UTF-8');}
 function _error_report($error) {return array('errormessage'=>$error->message,'nodename'=>'','line'=>$error->line,'col'=>$error->column)+($error->file==''?array():array('directory'=>dirname($error->file),'file'=>basename($error->file)));}
 class php4DOMAttr extends php4DOMNode
--- a/include/limesurvey/admin/classes/core/sha256.php
+++ b/include/limesurvey/admin/classes/core/sha256.php
@@ -3,7 +3,7 @@
 /*******************************************************************************
 *
- *      SHA256 static class for PHP4
+ *      SHA256 static class for PHP
 *      implemented by feyd _at_ devnetwork .dot. net
 *      specification from http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf
 *
@@ -15,10 +15,10 @@
 *----- Version 1.0.1 ----------------------------------------------------------
 *
 *      Syntax:
- *            string SHA256::hash( string message[, string format ])
+ *            string SHA256::hashing( string message[, string format ])
 *
 *      Description:
- *            SHA256::hash() is a static function that must be called with `message`
+ *            SHA256::hashing() is a static function that must be called with `message`
 *            and optionally `format`. Possible values for `format` are:
 *            'bin' binary string output
 *            'hex' default; hexidecimal string output (lower case)
@@ -26,7 +26,7 @@
 *            Failures return FALSE.
 *
 *      Usage:
- *            $hash = SHA256::hash('string to hash');
+ *            $hash = SHA256::hashing('string to hash');
 *
 ******************************************************************************/
@@ -136,7 +136,7 @@ class SHA256Data extends hashData
 //      static class. Access via SHA256::hash()
 class SHA256 extends hash
 {
-        function hash($str, $mode = 'hex')
+        static function hashing($str, $mode = 'hex')
        {
                static $modes = array( 'hex', 'bin', 'bit' );
                $ret = false;
@@ -147,7 +147,7 @@ class SHA256 extends hash
                }
                else
                {
-                        $data =& new SHA256Data($str);
+                        $data = new SHA256Data($str);
                        SHA256::compute($data);
@@ -171,7 +171,7 @@ class SHA256 extends hash
        //      begin internal functions
        //      32-bit summation
-        function sum()
+        static function sum()
        {
                $T = 0;
                for($x = 0, $y = func_num_args(); $x < $y; $x++)
@@ -202,7 +202,7 @@ class SHA256 extends hash
        //      compute the hash
-        function compute(&$hashData)
+        static function compute(&$hashData)
        {
                static $vars = 'abcdefgh';
                static $K = null;
@@ -292,7 +292,7 @@ class SHA256 extends hash
        //      set up the display of the hash in hex.
-        function hashHex(&$hashData)
+        static function hashHex(&$hashData)
        {
                $str = '';
@@ -385,7 +385,7 @@ function test1()
                echo 'Testing ' . var_export($str,true) . "\n";
                list($s1,$s2) = explode(' ', microtime());
                for($x = 0; $x < $it; $x++)
-                        $data =& new SHA256Data($str);
+                        $data = new SHA256Data($str);
                list($e1,$e2) = explode(' ', microtime());
                echo hexerize($data->chunks);
                echo hexerize($data->hash);
--- a/include/limesurvey/admin/classes/pear/OLE/OLE.php
+++ b/include/limesurvey/admin/classes/pear/OLE/OLE.php
@@ -305,7 +305,7 @@ class OLE extends PEAR
    * @param string $ascii The ASCII string to transform
    * @return string The string in Unicode
    */
-    function Asc2Ucs($ascii)
+    static function Asc2Ucs($ascii)
    {
        $rawname = '';
        for ($i = 0; $i < strlen($ascii); $i++) {
@@ -323,7 +323,7 @@ class OLE extends PEAR
    * @param integer $date A timestamp 
    * @return string The string for the OLE container
    */
-    function LocalDate2OLE($date = null)
+    static function LocalDate2OLE($date = null)
    {
        if (!isset($date)) {
            return "\x00\x00\x00\x00\x00\x00\x00\x00";
@@ -370,7 +370,7 @@ class OLE extends PEAR
    * @param integer $string A binary string with the encoded date
    * @return string The timestamp corresponding to the string
    */
-    function OLE2LocalDate($string)
+    static function OLE2LocalDate($string)
    {
        if (strlen($string) != 8) {
            return new PEAR_Error("Expecting 8 byte string");
--- a/include/limesurvey/admin/classes/pear/PEAR.php
+++ b/include/limesurvey/admin/classes/pear/PEAR.php
@@ -263,10 +263,10 @@ class PEAR
     *                        $code is an integer and $obj->getCode() == $code
     * @access  public
     * @return  bool    true if parameter is an error
-     */
+     */                             
    function isError($data, $code = null)
    {
-        if (is_a($data, 'PEAR_Error')) {
+        if ($data instanceof PEAR_Error) {
            if (is_null($code)) {
                return true;
            } elseif (is_string($code)) {
@@ -554,10 +554,10 @@ class PEAR
            $ec = 'PEAR_Error';
        }
        if ($skipmsg) {
-            $a = &new $ec($code, $mode, $options, $userinfo);
+            $a = new $ec($code, $mode, $options, $userinfo);
            return $a;
        } else {
-            $a = &new $ec($message, $code, $mode, $options, $userinfo);
+            $a = new $ec($message, $code, $mode, $options, $userinfo);
            return $a;
        }
    }
--- a/include/limesurvey/admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php
+++ b/include/limesurvey/admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php
@@ -1207,7 +1207,7 @@ class Spreadsheet_Excel_Writer_Parser extends PEAR
            default:
                // if it's a reference
                if (preg_match('/^\$?[A-Ia-i]?[A-Za-z]\$?[0-9]+$/',$token) and
-                   !ereg("[0-9]",$this->_lookahead) and 
+                   !preg_match("/[0-9]/",$this->_lookahead) and 
                   ($this->_lookahead != ':') and ($this->_lookahead != '.') and
                   ($this->_lookahead != '!'))
                {
@@ -1215,39 +1215,39 @@ class Spreadsheet_Excel_Writer_Parser extends PEAR
                }
                // If it's an external reference (Sheet1!A1 or Sheet1:Sheet2!A1)
                elseif (preg_match("/^\w+(\:\w+)?\![A-Ia-i]?[A-Za-z][0-9]+$/u",$token) and
-                       !ereg("[0-9]",$this->_lookahead) and
+                       !preg_match("/[0-9]/",$this->_lookahead) and
                       ($this->_lookahead != ':') and ($this->_lookahead != '.'))
                {
                    return $token;
                }
                // If it's an external reference ('Sheet1'!A1 or 'Sheet1:Sheet2'!A1)
                elseif (preg_match("/^'[\w -]+(\:[\w -]+)?'\![A-Ia-i]?[A-Za-z][0-9]+$/u",$token) and
-                       !ereg("[0-9]",$this->_lookahead) and
+                       !preg_match("/[0-9]/",$this->_lookahead) and
                       ($this->_lookahead != ':') and ($this->_lookahead != '.'))
                {
                    return $token;
                }
                // if it's a range (A1:A2)
                elseif (preg_match("/^(\$)?[A-Ia-i]?[A-Za-z](\$)?[0-9]+:(\$)?[A-Ia-i]?[A-Za-z](\$)?[0-9]+$/",$token) and 
-                       !ereg("[0-9]",$this->_lookahead))
+                       !preg_match("/[0-9]/",$this->_lookahead))
                {
                    return $token;
                }
                // if it's a range (A1..A2)
                elseif (preg_match("/^(\$)?[A-Ia-i]?[A-Za-z](\$)?[0-9]+\.\.(\$)?[A-Ia-i]?[A-Za-z](\$)?[0-9]+$/",$token) and 
-                       !ereg("[0-9]",$this->_lookahead))
+                       !preg_match("/[0-9]/",$this->_lookahead))
                {
                    return $token;
                }
                // If it's an external range like Sheet1!A1 or Sheet1:Sheet2!A1:B2
                elseif (preg_match("/^\w+(\:\w+)?\!([A-Ia-i]?[A-Za-z])?[0-9]+:([A-Ia-i]?[A-Za-z])?[0-9]+$/u",$token) and
-                       !ereg("[0-9]",$this->_lookahead))
+                       !preg_match("/[0-9]/",$this->_lookahead))
                {
                    return $token;
                }
                // If it's an external range like 'Sheet1'!A1 or 'Sheet1:Sheet2'!A1:B2
                elseif (preg_match("/^'[\w -]+(\:[\w -]+)?'\!([A-Ia-i]?[A-Za-z])?[0-9]+:([A-Ia-i]?[A-Za-z])?[0-9]+$/u",$token) and
-                       !ereg("[0-9]",$this->_lookahead))
+                       !preg_match("/[0-9]/",$this->_lookahead))
                {
                    return $token;
                }
@@ -1259,12 +1259,12 @@ class Spreadsheet_Excel_Writer_Parser extends PEAR
                    return $token;
                }
                // If it's a string (of maximum 255 characters)
-                elseif (ereg("^\"[^\"]{0,255}\"$",$token))
+                elseif (preg_match("/^\"[^\"]{0,255}\"$/",$token))
                {
                    return $token;
                }
                // if it's a function call
-                elseif (eregi("^[A-Z0-9\xc0-\xdc\.]+$",$token) and ($this->_lookahead == "("))
+                elseif (preg_match("/^[A-Z0-9\xc0-\xdc\.]+$/i",$token) and ($this->_lookahead == "("))
                {
                    return $token;
                }
@@ -1364,7 +1364,7 @@ class Spreadsheet_Excel_Writer_Parser extends PEAR
    function _expression()
    {
        // If it's a string return a string node
-        if (ereg("^\"[^\"]{0,255}\"$", $this->_current_token)) {
+        if (preg_match("/^\"[^\"]{0,255}\"$/", $this->_current_token)) {
            $result = $this->_createTree($this->_current_token, '', '');
            $this->_advance();
            return $result;
@@ -1522,7 +1522,7 @@ class Spreadsheet_Excel_Writer_Parser extends PEAR
            return $result;
        }
        // if it's a function call
-        elseif (eregi("^[A-Z0-9\xc0-\xdc\.]+$",$this->_current_token))
+        elseif (preg_match("/^[A-Z0-9\xc0-\xdc\.]+$/i",$this->_current_token))
        {
            $result = $this->_func();
            return $result;
--- a/include/limesurvey/admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php
+++ b/include/limesurvey/admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php
@@ -184,7 +184,7 @@ class Spreadsheet_Excel_Writer_Workbook extends Spreadsheet_Excel_Writer_BIFFwri
        $this->Spreadsheet_Excel_Writer_BIFFwriter();
        $this->_filename         = $filename;
-        $this->_parser           =& new Spreadsheet_Excel_Writer_Parser($this->_byte_order, $this->_BIFF_version);
+        $this->_parser           = new Spreadsheet_Excel_Writer_Parser($this->_byte_order, $this->_BIFF_version);
        $this->_1904             = 0;
        $this->_activesheet      = 0;
        $this->_firstsheet       = 0;
@@ -193,7 +193,7 @@ class Spreadsheet_Excel_Writer_Workbook extends Spreadsheet_Excel_Writer_BIFFwri
        $this->_fileclosed       = 0;
        $this->_biffsize         = 0;
        $this->_sheetname        = 'Sheet';
-        $this->_tmp_format       =& new Spreadsheet_Excel_Writer_Format($this->_BIFF_version);
+        $this->_tmp_format       = new Spreadsheet_Excel_Writer_Format($this->_BIFF_version);
        $this->_worksheets       = array();
        $this->_sheetnames       = array();
        $this->_formats          = array();
--- a/include/limesurvey/admin/classes/phpCAS/CAS.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS.php
--- a/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-db.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-db.php
@@ -0,0 +1,190 @@
 <?php
 /**
 * @file CAS/PGTStorage/pgt-db.php
 * Basic class for PGT database storage
 */
 /**
 * @class PGTStorageDB
 * The PGTStorageDB class is a class for PGT database storage. An instance of 
 * this class is returned by CASClient::SetPGTStorageDB().
 *
 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 *
 * @ingroup internalPGTStorageDB
 */
 class PGTStorageDB extends PGTStorage
 {
  /** 
   * @addtogroup internalPGTStorageDB
   * @{ 
   */
  /**
   * a string representing a PEAR DB URL to connect to the database. Written by
   * PGTStorageDB::PGTStorageDB(), read by getURL().
   *
   * @hideinitializer
   * @private
   */
  var $_url='';
  /**
   * This method returns the PEAR DB URL to use to connect to the database.
   *
   * @return a PEAR DB URL
   *
   * @private
   */
  function getURL()
    {
      return $this->_url;
    }
  /**
   * The handle of the connection to the database where PGT's are stored. Written by
   * PGTStorageDB::init(), read by getLink().
   *
   * @hideinitializer
   * @private
   */
  var $_link = null;
  /**
   * This method returns the handle of the connection to the database where PGT's are 
   * stored.
   *
   * @return a handle of connection.
   *
   * @private
   */
  function getLink()
    {
      return $this->_link;
    }
  /**
   * The name of the table where PGT's are stored. Written by 
   * PGTStorageDB::PGTStorageDB(), read by getTable().
   *
   * @hideinitializer
   * @private
   */
  var $_table = '';
  /**
   * This method returns the name of the table where PGT's are stored.
   *
   * @return the name of a table.
   *
   * @private
   */
  function getTable()
    {
      return $this->_table;
    }
  // ########################################################################
  //  DEBUGGING
  // ########################################################################
  /**
   * This method returns an informational string giving the type of storage
   * used by the object (used for debugging purposes).
   *
   * @return an informational string.
   * @public
   */
  function getStorageType()
    {
      return "database";
    }
  /**
   * This method returns an informational string giving informations on the
   * parameters of the storage.(used for debugging purposes).
   *
   * @public
   */
  function getStorageInfo()
    {
      return 'url=`'.$this->getURL().'\', table=`'.$this->getTable().'\'';
    }
  // ########################################################################
  //  CONSTRUCTOR
  // ########################################################################
  /**
   * The class constructor, called by CASClient::SetPGTStorageDB().
   *
   * @param $cas_parent the CASClient instance that creates the object.
   * @param $user the user to access the data with
   * @param $password the user's password
   * @param $database_type the type of the database hosting the data
   * @param $hostname the server hosting the database
   * @param $port the port the server is listening on
   * @param $database the name of the database
   * @param $table the name of the table storing the data
   *
   * @public
   */
  function PGTStorageDB($cas_parent,$user,$password,$database_type,$hostname,$port,$database,$table)
    {
      phpCAS::traceBegin();
      // call the ancestor's constructor
      $this->PGTStorage($cas_parent);
      if ( empty($database_type) ) $database_type = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE;
      if ( empty($hostname) ) $hostname = CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME;
      if ( $port==0 ) $port = CAS_PGT_STORAGE_DB_DEFAULT_PORT;
      if ( empty($database) ) $database = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE;
      if ( empty($table) ) $table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE;
      // build and store the PEAR DB URL
      $this->_url = $database_type.':'.'//'.$user.':'.$password.'@'.$hostname.':'.$port.'/'.$database;
      // XXX should use setURL and setTable
      phpCAS::traceEnd();
    }
  // ########################################################################
  //  INITIALIZATION
  // ########################################################################
  /**
   * This method is used to initialize the storage. Halts on error.
   *
   * @public
   */
  function init()
    {
      phpCAS::traceBegin();
      // if the storage has already been initialized, return immediatly
      if ( $this->isInitialized() )
 		return;
      // call the ancestor's method (mark as initialized)
      parent::init();
 	  //include phpDB library (the test was introduced in release 0.4.8 for 
 	  //the integration into Tikiwiki).
 	  if (!class_exists('DB')) {
 		include_once('DB.php');
 	  }
      // try to connect to the database
      $this->_link = DB::connect($this->getURL());
      if ( DB::isError($this->_link) ) {
 	phpCAS::error('could not connect to database ('.DB::errorMessage($this->_link).')');
      }
      var_dump($this->_link);
      phpCAS::traceBEnd();
    }
  /** @} */
 }
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-file.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-file.php
@@ -0,0 +1,249 @@
 <?php
 /**
 * @file CAS/PGTStorage/pgt-file.php
 * Basic class for PGT file storage
 */
 /**
 * @class PGTStorageFile
 * The PGTStorageFile class is a class for PGT file storage. An instance of 
 * this class is returned by CASClient::SetPGTStorageFile().
 *
 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 *
 * @ingroup internalPGTStorageFile
 */
 class PGTStorageFile extends PGTStorage
 {
  /** 
   * @addtogroup internalPGTStorageFile 
   * @{ 
   */
  /**
   * a string telling where PGT's should be stored on the filesystem. Written by
   * PGTStorageFile::PGTStorageFile(), read by getPath().
   *
   * @private
   */
  var $_path;
  /**
   * This method returns the name of the directory where PGT's should be stored 
   * on the filesystem.
   *
   * @return the name of a directory (with leading and trailing '/')
   *
   * @private
   */
  function getPath()
    {
      return $this->_path;
    }
  /**
   * a string telling the format to use to store PGT's (plain or xml). Written by
   * PGTStorageFile::PGTStorageFile(), read by getFormat().
   *
   * @private
   */
  var $_format;
  /**
   * This method returns the format to use when storing PGT's on the filesystem.
   *
   * @return a string corresponding to the format used (plain or xml).
   *
   * @private
   */
  function getFormat()
    {
      return $this->_format;
    }
  // ########################################################################
  //  DEBUGGING
  // ########################################################################
  /**
   * This method returns an informational string giving the type of storage
   * used by the object (used for debugging purposes).
   *
   * @return an informational string.
   * @public
   */
  function getStorageType()
    {
      return "file";
    }
  /**
   * This method returns an informational string giving informations on the
   * parameters of the storage.(used for debugging purposes).
   *
   * @return an informational string.
   * @public
   */
  function getStorageInfo()
    {
      return 'path=`'.$this->getPath().'\', format=`'.$this->getFormat().'\'';
    }
  // ########################################################################
  //  CONSTRUCTOR
  // ########################################################################
  /**
   * The class constructor, called by CASClient::SetPGTStorageFile().
   *
   * @param $cas_parent the CASClient instance that creates the object.
   * @param $format the format used to store the PGT's (`plain' and `xml' allowed).
   * @param $path the path where the PGT's should be stored
   *
   * @public
   */
  function PGTStorageFile($cas_parent,$format,$path)
    {
      phpCAS::traceBegin();
      // call the ancestor's constructor
      $this->PGTStorage($cas_parent);
      if (empty($format) ) $format = CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT;
      if (empty($path) ) $path = CAS_PGT_STORAGE_FILE_DEFAULT_PATH;
      // check that the path is an absolute path
      if (getenv("OS")=="Windows_NT"){
      	 if (!preg_match('`^[a-zA-Z]:`', $path)) {
 	     	phpCAS::error('an absolute path is needed for PGT storage to file');
      	}
      }
      else
      {
      	if ( $path[0] != '/' ) {
 			phpCAS::error('an absolute path is needed for PGT storage to file');
      	}
      	// store the path (with a leading and trailing '/')      
      	$path = preg_replace('|[/]*$|','/',$path);
      	$path = preg_replace('|^[/]*|','/',$path);
      }
      $this->_path = $path;
      // check the format and store it
      switch ($format) {
      case CAS_PGT_STORAGE_FILE_FORMAT_PLAIN:
      case CAS_PGT_STORAGE_FILE_FORMAT_XML:
 	$this->_format = $format;
 	break;
      default:
 	phpCAS::error('unknown PGT file storage format (`'.CAS_PGT_STORAGE_FILE_FORMAT_PLAIN.'\' and `'.CAS_PGT_STORAGE_FILE_FORMAT_XML.'\' allowed)');
      }
      phpCAS::traceEnd();      
    }
  // ########################################################################
  //  INITIALIZATION
  // ########################################################################
  /**
   * This method is used to initialize the storage. Halts on error.
   *
   * @public
   */
  function init()
    {
      phpCAS::traceBegin();
      // if the storage has already been initialized, return immediatly
      if ( $this->isInitialized() )
 	return;
      // call the ancestor's method (mark as initialized)
      parent::init();
      phpCAS::traceEnd();      
    }
  // ########################################################################
  //  PGT I/O
  // ########################################################################
  /**
   * This method returns the filename corresponding to a PGT Iou.
   *
   * @param $pgt_iou the PGT iou.
   *
   * @return a filename
   * @private
   */
  function getPGTIouFilename($pgt_iou)
    {
      phpCAS::traceBegin();
      $filename = $this->getPath().$pgt_iou.'.'.$this->getFormat();
      phpCAS::traceEnd($filename);
      return $filename;
    }
  /**
   * This method stores a PGT and its corresponding PGT Iou into a file. Echoes a
   * warning on error.
   *
   * @param $pgt the PGT
   * @param $pgt_iou the PGT iou
   *
   * @public
   */
  function write($pgt,$pgt_iou)
    {
      phpCAS::traceBegin();
      $fname = $this->getPGTIouFilename($pgt_iou);
      if ( $f=fopen($fname,"w") ) {
 	if ( fputs($f,$pgt) === FALSE ) {
 	  phpCAS::error('could not write PGT to `'.$fname.'\'');
 	}
 	fclose($f);
      } else {
 	phpCAS::error('could not open `'.$fname.'\'');
      }
      phpCAS::traceEnd();      
    }
  /**
   * This method reads a PGT corresponding to a PGT Iou and deletes the 
   * corresponding file.
   *
   * @param $pgt_iou the PGT iou
   *
   * @return the corresponding PGT, or FALSE on error
   *
   * @public
   */
  function read($pgt_iou)
    {
      phpCAS::traceBegin();
      $pgt = FALSE;
      $fname = $this->getPGTIouFilename($pgt_iou);
      if ( !($f=fopen($fname,"r")) ) {
 	phpCAS::trace('could not open `'.$fname.'\'');
      } else {
 	if ( ($pgt=fgets($f)) === FALSE ) {
 	  phpCAS::trace('could not read PGT from `'.$fname.'\'');
 	} 
 	fclose($f);
      }
      // delete the PGT file
      @unlink($fname);
      phpCAS::traceEnd($pgt);
      return $pgt;
    }
  /** @} */
 }
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-main.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/PGTStorage/pgt-main.php
@@ -0,0 +1,188 @@
 <?php
 /**
 * @file CAS/PGTStorage/pgt-main.php
 * Basic class for PGT storage
 */
 /**
 * @class PGTStorage
 * The PGTStorage class is a generic class for PGT storage. This class should
 * not be instanciated itself but inherited by specific PGT storage classes.
 *
 * @author   Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 *
 * @ingroup internalPGTStorage
 */
 class PGTStorage
 {
  /** 
   * @addtogroup internalPGTStorage
   * @{ 
   */
  // ########################################################################
  //  CONSTRUCTOR
  // ########################################################################
  /**
   * The constructor of the class, should be called only by inherited classes.
   *
   * @param $cas_parent the CASclient instance that creates the current object.
   *
   * @protected
   */
  function PGTStorage($cas_parent)
    {
      phpCAS::traceBegin();
      if ( !$cas_parent->isProxy() ) {
 	phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy'); 
      }
      phpCAS::traceEnd();
    }
  // ########################################################################
  //  DEBUGGING
  // ########################################################################
  /**
   * This virtual method returns an informational string giving the type of storage
   * used by the object (used for debugging purposes).
   *
   * @public
   */
  function getStorageType()
    {
      phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); 
    }
  /**
   * This virtual method returns an informational string giving informations on the
   * parameters of the storage.(used for debugging purposes).
   *
   * @public
   */
  function getStorageInfo()
    {
      phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); 
    }
  // ########################################################################
  //  ERROR HANDLING
  // ########################################################################
  /**
   * string used to store an error message. Written by PGTStorage::setErrorMessage(),
   * read by PGTStorage::getErrorMessage().
   *
   * @hideinitializer
   * @private
   * @deprecated not used.
   */
  var $_error_message=FALSE;
  /**
   * This method sets en error message, which can be read later by 
   * PGTStorage::getErrorMessage().
   *
   * @param $error_message an error message
   *
   * @protected
   * @deprecated not used.
   */
  function setErrorMessage($error_message)
    {
      $this->_error_message = $error_message;
    }
  /**
   * This method returns an error message set by PGTStorage::setErrorMessage().
   *
   * @return an error message when set by PGTStorage::setErrorMessage(), FALSE
   * otherwise.
   *
   * @public
   * @deprecated not used.
   */
  function getErrorMessage()
    {
      return $this->_error_message;
    }
  // ########################################################################
  //  INITIALIZATION
  // ########################################################################
  /**
   * a boolean telling if the storage has already been initialized. Written by 
   * PGTStorage::init(), read by PGTStorage::isInitialized().
   *
   * @hideinitializer
   * @private
   */
  var $_initialized = FALSE;
  /**
   * This method tells if the storage has already been intialized.
   *
   * @return a boolean
   *
   * @protected
   */
  function isInitialized()
    {
      return $this->_initialized;
    }
  /**
   * This virtual method initializes the object.
   *
   * @protected
   */
  function init()
    {
      $this->_initialized = TRUE;
    }
  // ########################################################################
  //  PGT I/O
  // ########################################################################
  /**
   * This virtual method stores a PGT and its corresponding PGT Iuo.
   * @note Should never be called.
   *
   * @param $pgt the PGT
   * @param $pgt_iou the PGT iou
   *
   * @protected
   */
  function write($pgt,$pgt_iou)
    {
      phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); 
    }
  /**
   * This virtual method reads a PGT corresponding to a PGT Iou and deletes
   * the corresponding storage entry.
   * @note Should never be called.
   *
   * @param $pgt_iou the PGT iou
   *
   * @protected
   */
  function read($pgt_iou)
    {
      phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); 
    }
  /** @} */
 } 
 // include specific PGT storage classes
 include_once(dirname(__FILE__).'/pgt-file.php'); 
 include_once(dirname(__FILE__).'/pgt-db.php');
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/client.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/client.php
--- a/include/limesurvey/admin/classes/phpCAS/CAS/domxml-php4-php5.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/domxml-php4-php5.php
@@ -0,0 +1,277 @@
 <?php
 /**
 * @file domxml-php4-php5.php
 * Require PHP5, uses built-in DOM extension.
 * To be used in PHP4 scripts using DOMXML extension.
 * Allows PHP4/DOMXML scripts to run on PHP5/DOM.
 * (Requires PHP5/XSL extension for domxml_xslt functions)
 *
 * Typical use:
 * <pre>
 * {
 *  if (version_compare(PHP_VERSION,'5','>='))
 *   require_once('domxml-php4-to-php5.php');
 * }
 * </pre>
 *
 * Version 1.5.5, 2005-01-18, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
 *
 * ------------------------------------------------------------------<br>
 * Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/
 *
 * Copyright 2004, Licence: Creative Commons "Attribution-ShareAlike 2.0 France" BY-SA (FR),
 * http://creativecommons.org/licenses/by-sa/2.0/fr/
 * http://alexandre.alapetite.net/divers/apropos/#by-sa
 * - Attribution. You must give the original author credit
 * - Share Alike. If you alter, transform, or build upon this work,
 *   you may distribute the resulting work only under a license identical to this one
 * - The French law is authoritative
 * - Any of these conditions can be waived if you get permission from Alexandre Alapetite
 * - Please send to Alexandre Alapetite the modifications you make,
 *   in order to improve this file for the benefit of everybody
 *
 * If you want to distribute this code, please do it as a link to:
 * http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
 */
 function domxml_new_doc($version) {return new php4DOMDocument('');}
 function domxml_open_file($filename) {return new php4DOMDocument($filename);}
 function domxml_open_mem($str)
 {
 $dom=new php4DOMDocument('');
 $dom->myDOMNode->loadXML($str);
 return $dom;
 }
 function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->query($eval_str,$contextnode);}
 function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}
 class php4DOMAttr extends php4DOMNode
 {
 function php4DOMAttr($aDOMAttr) {$this->myDOMNode=$aDOMAttr;}
 function Name() {return $this->myDOMNode->name;}
 function Specified() {return $this->myDOMNode->specified;}
 function Value() {return $this->myDOMNode->value;}
 }
 class php4DOMDocument extends php4DOMNode
 {
 function php4DOMDocument($filename='')
 {
  $this->myDOMNode=new DOMDocument();
  if ($filename!='') $this->myDOMNode->load($filename);
 }
 function create_attribute($name,$value)
 {
  $myAttr=$this->myDOMNode->createAttribute($name);
  $myAttr->value=$value;
  return new php4DOMAttr($myAttr,$this);
 }
 function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);}
 function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);}
 function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);}
 function create_text_node($content) {return new php4DOMNode($this->myDOMNode->createTextNode($content),$this);}
 function document_element() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
 function dump_file($filename,$compressionmode=false,$format=false) {return $this->myDOMNode->save($filename);}
 function dump_mem($format=false,$encoding=false) {return $this->myDOMNode->saveXML();}
 function get_element_by_id($id) {return new php4DOMElement($this->myDOMNode->getElementById($id),$this);}
 function get_elements_by_tagname($name)
 {
  $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
  $nodeSet=array();
  $i=0;
  if (isset($myDOMNodeList))
   while ($node=$myDOMNodeList->item($i))
   {
    $nodeSet[]=new php4DOMElement($node,$this);
    $i++;
   }
  return $nodeSet;
 }
 function html_dump_mem() {return $this->myDOMNode->saveHTML();}
 function root() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
 }
 class php4DOMElement extends php4DOMNode
 {
 function get_attribute($name) {return $this->myDOMNode->getAttribute($name);}
 function get_elements_by_tagname($name)
 {
  $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
  $nodeSet=array();
  $i=0;
  if (isset($myDOMNodeList))
   while ($node=$myDOMNodeList->item($i))
   {
    $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
    $i++;
   }
  return $nodeSet;
 }
 function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);}
 function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);}
 function set_attribute($name,$value) {return $this->myDOMNode->setAttribute($name,$value);}
 function tagname() {return $this->myDOMNode->tagName;}
 }
 class php4DOMNode
 {
 var $myDOMNode;
 var $myOwnerDocument;
 function php4DOMNode($aDomNode,$aOwnerDocument)
 {
  $this->myDOMNode=$aDomNode;
  $this->myOwnerDocument=$aOwnerDocument;
 }
 function __get($name)
 {
  if ($name=='type') return $this->myDOMNode->nodeType;
  elseif ($name=='tagname') return $this->myDOMNode->tagName;
  elseif ($name=='content') return $this->myDOMNode->textContent;
  else
  {
   $myErrors=debug_backtrace();
   trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE);
   return false;
  }
 }
 function append_child($newnode) {return new php4DOMElement($this->myDOMNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
 function append_sibling($newnode) {return new php4DOMElement($this->myDOMNode->parentNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
 function attributes()
 {
  $myDOMNodeList=$this->myDOMNode->attributes;
  $nodeSet=array();
  $i=0;
  if (isset($myDOMNodeList))
   while ($node=$myDOMNodeList->item($i))
   {
    $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument);
    $i++;
   }
  return $nodeSet;
 }
 function child_nodes()
 {
  $myDOMNodeList=$this->myDOMNode->childNodes;
  $nodeSet=array();
  $i=0;
  if (isset($myDOMNodeList))
   while ($node=$myDOMNodeList->item($i))
   {
    $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
    $i++;
   }
  return $nodeSet;
 }
 function children() {return $this->child_nodes();}
 function clone_node($deep=false) {return new php4DOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);}
 function first_child() {return new php4DOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);}
 function get_content() {return $this->myDOMNode->textContent;}
 function has_attributes() {return $this->myDOMNode->hasAttributes();}
 function has_child_nodes() {return $this->myDOMNode->hasChildNodes();}
 function insert_before($newnode,$refnode) {return new php4DOMElement($this->myDOMNode->insertBefore($newnode->myDOMNode,$refnode->myDOMNode),$this->myOwnerDocument);}
 function is_blank_node()
 {
  $myDOMNodeList=$this->myDOMNode->childNodes;
  $i=0;
  if (isset($myDOMNodeList))
   while ($node=$myDOMNodeList->item($i))
   {
    if (($node->nodeType==XML_ELEMENT_NODE)||
        (($node->nodeType==XML_TEXT_NODE)&&!preg_match('/^([[:cntrl:]]|[[:space:]])*$/',$node->nodeValue)))
     return false;
    $i++;
   }
  return true;
 }
 function last_child() {return new php4DOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);}
 function new_child($name,$content)
 {
  $mySubNode=$this->myDOMNode->ownerDocument->createElement($name);
  $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($content));
  $this->myDOMNode->appendChild($mySubNode);
  return new php4DOMElement($mySubNode,$this->myOwnerDocument);
 }
 function next_sibling() {return new php4DOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);}
 function node_name() {return $this->myDOMNode->localName;}
 function node_type() {return $this->myDOMNode->nodeType;}
 function node_value() {return $this->myDOMNode->nodeValue;}
 function owner_document() {return $this->myOwnerDocument;}
 function parent_node() {return new php4DOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);}
 function prefix() {return $this->myDOMNode->prefix;}
 function previous_sibling() {return new php4DOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);}
 function remove_child($oldchild) {return new php4DOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);}
 function replace_child($oldnode,$newnode) {return new php4DOMElement($this->myDOMNode->replaceChild($oldnode->myDOMNode,$newnode->myDOMNode),$this->myOwnerDocument);}
 function set_content($text)
 {
  if (($this->myDOMNode->hasChildNodes())&&($this->myDOMNode->firstChild->nodeType==XML_TEXT_NODE))
   $this->myDOMNode->removeChild($this->myDOMNode->firstChild);
  return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($text));
 }
 }
 class php4DOMNodelist
 {
 var $myDOMNodelist;
 var $nodeset;
 function php4DOMNodelist($aDOMNodelist,$aOwnerDocument)
 {
  $this->myDOMNodelist=$aDOMNodelist;
  $this->nodeset=array();
  $i=0;
  if (isset($this->myDOMNodelist))
   while ($node=$this->myDOMNodelist->item($i))
   {
    $this->nodeset[]=new php4DOMElement($node,$aOwnerDocument);
    $i++;
   }
 }
 }
 class php4DOMXPath
 {
 var $myDOMXPath;
 var $myOwnerDocument;
 function php4DOMXPath($dom_document)
 {
  $this->myOwnerDocument=$dom_document;
  $this->myDOMXPath=new DOMXPath($dom_document->myDOMNode);
 }
 function query($eval_str,$contextnode)
 {
  if (isset($contextnode)) return new php4DOMNodelist($this->myDOMXPath->query($eval_str,$contextnode->myDOMNode),$this->myOwnerDocument);
  else return new php4DOMNodelist($this->myDOMXPath->query($eval_str),$this->myOwnerDocument);
 }
 function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
 }
 if (extension_loaded('xsl'))
 {//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/
 function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));}
 function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);}
 function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));}
 class php4DomXsltStylesheet
 {
  var $myxsltProcessor;
  function php4DomXsltStylesheet($dom_document)
  {
   $this->myxsltProcessor=new xsltProcessor();
   $this->myxsltProcessor->importStyleSheet($dom_document);
  }
  function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false)
  {
   foreach ($xslt_parameters as $param=>$value)
    $this->myxsltProcessor->setParameter('',$param,$value);
   $myphp4DOMDocument=new php4DOMDocument();
   $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode);
   return $myphp4DOMDocument;
  }
  function result_dump_file($dom_document,$filename)
  {
   $html=$dom_document->myDOMNode->saveHTML();
   file_put_contents($filename,$html);
   return $html;
  }
  function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();}
 }
 }
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/catalan.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/catalan.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/spanish.php
 * @author Iván-Benjamín García Torà <ivaniclixx AT gmail DOT com>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'usant servidor',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'Autentificació CAS necessària!',
 CAS_STR_LOGOUT 
 => 'Sortida de CAS necessària!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'Ja hauria d\ haver estat redireccionat al servidor CAS. Feu click <a href="%s">aquí</a> per a continuar.',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'Autentificació CAS fallida!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>No estàs autentificat.</p><p>Pots tornar a intentar-ho fent click <a href="%s">aquí</a>.</p><p>Si el problema persisteix hauría de contactar amb l\'<a href="mailto:%s">administrador d\'aquest llocc</a>.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'El servei `<b>%s</b>\' no està disponible (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/english.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/english.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/english.php
 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'using server',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'CAS Authentication wanted!',
 CAS_STR_LOGOUT 
 => 'CAS logout wanted!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'You should already have been redirected to the CAS server. Click <a href="%s">here</a> to continue.',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'CAS Authentication failed!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>You were not authenticated.</p><p>You may submit your request again by clicking <a href="%s">here</a>.</p><p>If the problem persists, you may contact <a href="mailto:%s">the administrator of this site</a>.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'The service `<b>%s</b>\' is not available (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/french.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/french.php
@@ -0,0 +1,28 @@
 <?php
 /**
 * @file languages/english.php
 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'utilisant le serveur',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'Authentication CAS nécessaire&nbsp;!',
 CAS_STR_LOGOUT 
 => 'Déconnexion demandée&nbsp;!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'Vous auriez du etre redirigé(e) vers le serveur CAS. Cliquez <a href="%s">ici</a> pour continuer.',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'Authentification CAS infructueuse&nbsp;!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>Vous n\'avez pas été authentifié(e).</p><p>Vous pouvez soumettre votre requete à nouveau en cliquant <a href="%s">ici</a>.</p><p>Si le problème persiste, vous pouvez contacter <a href="mailto:%s">l\'administrateur de ce site</a>.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'Le service `<b>%s</b>\' est indisponible (<b>%s</b>)'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/german.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/german.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/german.php
 * @author Henrik Genssen <hg at mediafactory.de>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'via Server',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'CAS Authentifizierung erforderlich!',
 CAS_STR_LOGOUT 
 => 'CAS Abmeldung!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'eigentlich h&auml;ten Sie zum CAS Server weitergeleitet werden sollen. Dr&uuml;cken Sie <a href="%s">hier</a> um fortzufahren.',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'CAS Anmeldung fehlgeschlagen!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>Sie wurden nicht angemeldet.</p><p>Um es erneut zu versuchen klicken Sie <a href="%s">hier</a>.</p><p>Wenn das Problem bestehen bleibt, kontkatieren Sie den <a href="mailto:%s">Administrator</a> dieser Seite.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'Der Dienst `<b>%s</b>\' ist nicht verf&uuml;gbar (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/greek.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/greek.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/greek.php
 * @author Vangelis Haniotakis <haniotak at ucnet.uoc.gr>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => '÷ñçóéìïðïéåßôáé ï åîõðçñåôçôÞò',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'Áðáéôåßôáé ç ôáõôïðïßçóç CAS!',
 CAS_STR_LOGOUT 
 => 'Áðáéôåßôáé ç áðïóýíäåóç áðü CAS!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'Èá Ýðñåðå íá åß÷áôå áíáêáôåõèõíèåß óôïí åîõðçñåôçôÞ CAS. ÊÜíôå êëßê <a href="%s">åäþ</a> ãéá íá óõíå÷ßóåôå.',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'Ç ôáõôïðïßçóç CAS áðÝôõ÷å!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>Äåí ôáõôïðïéçèÞêáôå.</p><p>Ìðïñåßôå íá îáíáðñïóðáèÞóåôå, êÜíïíôáò êëßê <a href="%s">åäþ</a>.</p><p>Åáí ôï ðñüâëçìá åðéìåßíåé, åëÜôå óå åðáöÞ ìå ôïí <a href="mailto:%s">äéá÷åéñéóôÞ</a>.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'Ç õðçñåóßá `<b>%s</b>\' äåí åßíáé äéáèÝóéìç (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/japanese.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/japanese.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/japanese.php
 * @author fnorif (fnorif@yahoo.co.jp)
 * 
 * Now Encoding is EUC-JP and LF
 **/
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'using server',
 CAS_STR_AUTHENTICATION_WANTED 
 => 'CASによる認証を行います',
 CAS_STR_LOGOUT 
 => 'CASからログアウトします!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'CASサーバに行く必要があります。自動的に転送されない場合は <a href="%s">こちら</a> をクリックして続行します。',
 CAS_STR_AUTHENTICATION_FAILED 
 => 'CASによる認証に失敗しました',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>認証できませんでした.</p><p>もう一度リクエストを送信する場合は<a href="%s">こちら</a>をクリック.</p><p>問題が解決しない場合は <a href="mailto:%s">このサイトの管理者</a>に問い合わせてください.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'サービス `<b>%s</b>\' は利用できません (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/languages.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/languages.php
@@ -0,0 +1,24 @@
 <?php
 /**
 * @file languages/languages.php
 * Internationalization constants
 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 //@{
 /**
 * a phpCAS string index
 */
 define("CAS_STR_USING_SERVER",                1);
 define("CAS_STR_AUTHENTICATION_WANTED",       2);
 define("CAS_STR_LOGOUT",                      3);
 define("CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED", 4);
 define("CAS_STR_AUTHENTICATION_FAILED",       5);
 define("CAS_STR_YOU_WERE_NOT_AUTHENTICATED",  6);
 define("CAS_STR_SERVICE_UNAVAILABLE",         7);
 //@}
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/CAS/languages/spanish.php
+++ b/include/limesurvey/admin/classes/phpCAS/CAS/languages/spanish.php
@@ -0,0 +1,27 @@
 <?php
 /**
 * @file languages/spanish.php
 * @author Iván-Benjamín García Torà <ivaniclixx AT gmail DOT com>
 * @sa @link internalLang Internationalization @endlink
 * @ingroup internalLang
 */
 $this->_strings = array(
 CAS_STR_USING_SERVER 
 => 'usando servidor',
 CAS_STR_AUTHENTICATION_WANTED 
 => '¡Autentificación CAS necesaria!',
 CAS_STR_LOGOUT 
 => '¡Salida CAS necesaria!',
 CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED 
 => 'Ya debería haber sido redireccionado al servidor CAS. Haga click <a href="%s">aquí</a> para continuar.',
 CAS_STR_AUTHENTICATION_FAILED 
 => '¡Autentificación CAS fallida!',
 CAS_STR_YOU_WERE_NOT_AUTHENTICATED 
 => '<p>No estás autentificado.</p><p>Puedes volver a intentarlo haciendo click <a href="%s">aquí</a>.</p><p>Si el problema persiste debería contactar con el <a href="mailto:%s">administrador de este sitio</a>.</p>',
 CAS_STR_SERVICE_UNAVAILABLE
 => 'El servicio `<b>%s</b>\' no está disponible (<b>%s</b>).'
 );
 ?>
--- a/include/limesurvey/admin/classes/phpCAS/README
+++ b/include/limesurvey/admin/classes/phpCAS/README
@@ -0,0 +1,36 @@
 README
 phpCAS - http://www.ja-sig.org/wiki/display/CASC/phpCAS
 This software contains a client library for PHP, which can be used to identify
 Central Authentication Service (CAS) authenticated users.
 Please see the phpCAS website for more information.
 http://www.ja-sig.org/wiki/display/CASC/phpCAS
 LICENSE
 Copyright © 2003-2008, The ESUP-Portail consortium & the JA-SIG Collaborative.
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of the ESUP-Portail consortium & the JA-SIG
      Collaborative nor the names of its contributors may be used to endorse or
      promote products derived from this software without specific prior
      written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
 ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/include/limesurvey/admin/classes/phpzip/phpzip.inc.php
+++ b/include/limesurvey/admin/classes/phpzip/phpzip.inc.php
@@ -1,273 +1,271 @@
-<?php
+<?php
-# 
+# 
-# PHPZip v1.2 by Sext (sext@neud.net) 2002-11-18
+# PHPZip v1.2 by Sext (sext@neud.net) 2002-11-18
-# 	(Changed: 2003-03-01)
+# 	(Changed: 2003-03-01)
-# 
+# 
-# Makes zip archive
+# Makes zip archive
-#
+#
-# Based on "Zip file creation class", uses zLib
+# Based on "Zip file creation class", uses zLib
-#
+#
-#
+#
-# Modified by Jason Cleeland - removed "subdirectory" capacity for LimeSurvey use
+# Modified by Jason Cleeland - removed "subdirectory" capacity for LimeSurvey use
-
+
-class PHPZip
+class PHPZip
-{
+{
-	function Zip($dir, $zipfilename)
+	function Zip($dir, $zipfilename)
-	{
+	{
-    	if (@function_exists('gzcompress'))
+    	if (@function_exists('gzcompress'))
-		{	
+		{	
-			$curdir = getcwd();
+			$curdir = getcwd();
-			if (is_array($dir)) 
+			if (is_array($dir)) 
-			{
+			{
-					$filelist = $dir;
+					$filelist = $dir;
-			}
+			}
-			else 
+			else 
-			{
+			{
-				$filelist = $this -> GetFileList($dir);
+				$filelist = $this -> GetFileList($dir);
-			}
+			}
-			
+			
-			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
-			else chdir($curdir);
+			else chdir($curdir);
-
+
-			if (count($filelist)>0)
+			if (count($filelist)>0)
-			{
+			{
-				foreach($filelist as $filename)
+				foreach($filelist as $filename)
-				{
+				{
-					if (is_file($filename))
+					if (is_file($filename))
-					{
+					{
-						$fd = fopen ($filename, "r");
+						$fd = fopen ($filename, "r");
-						$content = fread ($fd, filesize ($filename));
+						$content = @fread ($fd, filesize ($filename));
-						fclose ($fd);
+						fclose ($fd);
-
+
-						if (is_array($dir)) $filename = basename($filename);
+						if (is_array($dir)) $filename = basename($filename);
-						$this -> addFile($content, $filename);
+						$this -> addFile($content, $filename);
-					}
+					}
-				}
+				}
-				$out = $this -> file();
+				$out = $this -> file();
-
+
-				chdir($curdir);
+				chdir($curdir);
-				$fp = fopen($zipfilename, "w");
+				$fp = fopen($zipfilename, "w");
-				fwrite($fp, $out, strlen($out));
+				fwrite($fp, $out, strlen($out));
-				fclose($fp);
+				fclose($fp);
-			}
+			}
-			return 1;
+			return 1;
-		} 
+		} 
-		else return 0;
+		else return 0;
-	}
+	}
-
+
-	function GetFileList($dir)
+	function GetFileList($dir)
-	{
+	{
-		$file=Array();
+		$file=Array();
-		if (file_exists($dir))
+		if (file_exists($dir))
-		{
+		{
-			$args = func_get_args();
+			$args = func_get_args();
-			if(isset($args[1])) {$pref = $args[1];} else {$pref="";}
+			if(isset($args[1])) {$pref = $args[1];} else {$pref="";}
-			   	
+			   	
-			$dh = opendir($dir);
+			$dh = opendir($dir);
-			while($files = readdir($dh))
+			while($files = readdir($dh))
-			{
+			{
-				if (($files!=".")&&($files!="..")) 
+				if (($files!=".")&&($files!="..")) 
-				{
+				{
-					if (!is_dir($dir.$files)) 
+					if (!is_dir($dir.$files)) 
-					{
+					{
-						$file[]=$pref.$files;
+						$file[]=$pref.$files;
-					}
+					}
-				}
+				}
-			}
+			}
-			closedir($dh);
+			closedir($dh);
-		}
+		}
-		return $file;
+		return $file;
-	}
+	}
-
+
-    var $datasec      = array();
+    var $datasec      = array();
-    var $ctrl_dir     = array();
+    var $ctrl_dir     = array();
-    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
-    var $old_offset   = 0;
+    var $old_offset   = 0;
-
+
-    /**
+    /**
-     * Converts an Unix timestamp to a four byte DOS date and time format (date
+     * Converts an Unix timestamp to a four byte DOS date and time format (date
-     * in high two bytes, time in low two bytes allowing magnitude comparison).
+     * in high two bytes, time in low two bytes allowing magnitude comparison).
-     *
+     *
-     * @param  integer  the current Unix timestamp
+     * @param  integer  the current Unix timestamp
-     *
+     *
-     * @return integer  the current date in a four byte DOS format
+     * @return integer  the current date in a four byte DOS format
-     *
+     *
-     * @access private
+     * @access private
-     */
+     */
-    function unix2DosTime($unixtime = 0) {
+    function unix2DosTime($unixtime = 0) {
-        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
-
+
-        if ($timearray['year'] < 1980) {
+        if ($timearray['year'] < 1980) {
-        	$timearray['year']    = 1980;
+        	$timearray['year']    = 1980;
-        	$timearray['mon']     = 1;
+        	$timearray['mon']     = 1;
-        	$timearray['mday']    = 1;
+        	$timearray['mday']    = 1;
-        	$timearray['hours']   = 0;
+        	$timearray['hours']   = 0;
-        	$timearray['minutes'] = 0;
+        	$timearray['minutes'] = 0;
-        	$timearray['seconds'] = 0;
+        	$timearray['seconds'] = 0;
-        } // end if
+        } // end if
-
+
-        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
-                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
-    } // end of the 'unix2DosTime()' method
+    } // end of the 'unix2DosTime()' method
-
+
-
+
-    /**
+    /**
-     * Adds "file" to archive
+     * Adds "file" to archive
-     *
+     *
-     * @param  string   file contents
+     * @param  string   file contents
-     * @param  string   name of the file in the archive (may contains the path)
+     * @param  string   name of the file in the archive (may contains the path)
-     * @param  integer  the current timestamp
+     * @param  integer  the current timestamp
-     *
+     *
-     * @access public
+     * @access public
-     */
+     */
-    function addFile($data, $name, $time = 0)
+    function addFile($data, $name, $time = 0)
-    {
+    {
-        $name     = str_replace('\\', '/', $name);
+        $name     = str_replace('\\', '/', $name);
-
+
-        $dtime    = dechex($this->unix2DosTime($time));
+        $dtime    = dechex($this->unix2DosTime($time));
-        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
-                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[4] . $dtime[5]
-                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[2] . $dtime[3]
-                  . '\x' . $dtime[0] . $dtime[1];
+                  . '\x' . $dtime[0] . $dtime[1];
-        eval('$hexdtime = "' . $hexdtime . '";');
+        eval('$hexdtime = "' . $hexdtime . '";');
-
+
-        $fr   = "\x50\x4b\x03\x04";
+        $fr   = "\x50\x4b\x03\x04";
-        $fr   .= "\x14\x00";            // ver needed to extract
+        $fr   .= "\x14\x00";            // ver needed to extract
-        $fr   .= "\x00\x00";            // gen purpose bit flag
+        $fr   .= "\x00\x00";            // gen purpose bit flag
-        $fr   .= "\x08\x00";            // compression method
+        $fr   .= "\x08\x00";            // compression method
-        $fr   .= $hexdtime;             // last mod time and date
+        $fr   .= $hexdtime;             // last mod time and date
-
+
-        // "local file header" segment
+        // "local file header" segment
-        $unc_len = strlen($data);
+        $unc_len = strlen($data);
-        $crc     = crc32($data);
+        $crc     = crc32($data);
-        $zdata   = gzcompress($data);
+        $zdata   = gzcompress($data);
-        $c_len   = strlen($zdata);
+        $c_len   = strlen($zdata);
-        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug
-        $fr      .= pack('V', $crc);             // crc32
+        $fr      .= pack('V', $crc);             // crc32
-        $fr      .= pack('V', $c_len);           // compressed filesize
+        $fr      .= pack('V', $c_len);           // compressed filesize
-        $fr      .= pack('V', $unc_len);         // uncompressed filesize
+        $fr      .= pack('V', $unc_len);         // uncompressed filesize
-        $fr      .= pack('v', strlen($name));    // length of filename
+        $fr      .= pack('v', strlen($name));    // length of filename
-        $fr      .= pack('v', 0);                // extra field length
+        $fr      .= pack('v', 0);                // extra field length
-        $fr      .= $name;
+        $fr      .= $name;
-
+
-        // "file data" segment
+        // "file data" segment
-        $fr .= $zdata;
+        $fr .= $zdata;
-
+
-        // "data descriptor" segment (optional but necessary if archive is not
+        // "data descriptor" segment (optional but necessary if archive is not
-        // served as file)
+        // served as file)
-        $fr .= pack('V', $crc);                 // crc32
+        $fr .= pack('V', $crc);                 // crc32
-        $fr .= pack('V', $c_len);               // compressed filesize
+        $fr .= pack('V', $c_len);               // compressed filesize
-        $fr .= pack('V', $unc_len);             // uncompressed filesize
+        $fr .= pack('V', $unc_len);             // uncompressed filesize
-
+
-        // add this entry to array
+        // add this entry to array
-        $this -> datasec[] = $fr;
+        $this -> datasec[] = $fr;
-        $new_offset        = strlen(implode('', $this->datasec));
+        $new_offset        = strlen(implode('', $this->datasec));
-
+
-        // now add to central directory record
+        // now add to central directory record
-        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec = "\x50\x4b\x01\x02";
-        $cdrec .= "\x00\x00";                // version made by
+        $cdrec .= "\x00\x00";                // version made by
-        $cdrec .= "\x14\x00";                // version needed to extract
+        $cdrec .= "\x14\x00";                // version needed to extract
-        $cdrec .= "\x00\x00";                // gen purpose bit flag
+        $cdrec .= "\x00\x00";                // gen purpose bit flag
-        $cdrec .= "\x08\x00";                // compression method
+        $cdrec .= "\x08\x00";                // compression method
-        $cdrec .= $hexdtime;                 // last mod time & date
+        $cdrec .= $hexdtime;                 // last mod time & date
-        $cdrec .= pack('V', $crc);           // crc32
+        $cdrec .= pack('V', $crc);           // crc32
-        $cdrec .= pack('V', $c_len);         // compressed filesize
+        $cdrec .= pack('V', $c_len);         // compressed filesize
-        $cdrec .= pack('V', $unc_len);       // uncompressed filesize
+        $cdrec .= pack('V', $unc_len);       // uncompressed filesize
-        $cdrec .= pack('v', strlen($name) ); // length of filename
+        $cdrec .= pack('v', strlen($name) ); // length of filename
-        $cdrec .= pack('v', 0 );             // extra field length
+        $cdrec .= pack('v', 0 );             // extra field length
-        $cdrec .= pack('v', 0 );             // file comment length
+        $cdrec .= pack('v', 0 );             // file comment length
-        $cdrec .= pack('v', 0 );             // disk number start
+        $cdrec .= pack('v', 0 );             // disk number start
-        $cdrec .= pack('v', 0 );             // internal file attributes
+        $cdrec .= pack('v', 0 );             // internal file attributes
-        $cdrec .= pack('V', 32 );            // external file attributes - 'archive' bit set
+        $cdrec .= pack('V', 32 );            // external file attributes - 'archive' bit set
-
+
-        $cdrec .= pack('V', $this -> old_offset ); // relative offset of local header
+        $cdrec .= pack('V', $this -> old_offset ); // relative offset of local header
-        $this -> old_offset = $new_offset;
+        $this -> old_offset = $new_offset;
-
+
-        $cdrec .= $name;
+        $cdrec .= $name;
-
+
-        // optional extra field, file comment goes here
+        // optional extra field, file comment goes here
-        // save to central directory
+        // save to central directory
-        $this -> ctrl_dir[] = $cdrec;
+        $this -> ctrl_dir[] = $cdrec;
-    } // end of the 'addFile()' method
+    } // end of the 'addFile()' method
-
+
-
+
-    /**
+    /**
-     * Dumps out file
+     * Dumps out file
-     *
+     *
-     * @return  string  the zipped file
+     * @return  string  the zipped file
-     *
+     *
-     * @access public
+     * @access public
-     */
+     */
-    function file()
+    function file()
-    {
+    {
-        $data    = implode('', $this -> datasec);
+        $data    = implode('', $this -> datasec);
-        $ctrldir = implode('', $this -> ctrl_dir);
+        $ctrldir = implode('', $this -> ctrl_dir);
-
+
-        return
+        return
-            $data .
+            $data .
-            $ctrldir .
+            $ctrldir .
-            $this -> eof_ctrl_dir .
+            $this -> eof_ctrl_dir .
-            pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries "on this disk"
+            pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries "on this disk"
-            pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries overall
+            pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries overall
-            pack('V', strlen($ctrldir)) .           // size of central dir
+            pack('V', strlen($ctrldir)) .           // size of central dir
-            pack('V', strlen($data)) .              // offset to start of central dir
+            pack('V', strlen($data)) .              // offset to start of central dir
-            "\x00\x00";                             // .zip file comment length
+            "\x00\x00";                             // .zip file comment length
-    } // end of the 'file()' method
+    } // end of the 'file()' method
-
+
-
+
-// This comes from http://de.tikiwiki.org/xref-BRANCH-1-9/nav.html?lib/sheet/include/org/apicnet/io/archive/CZip.php.source.html
+// This comes from http://de.tikiwiki.org/xref-BRANCH-1-9/nav.html?lib/sheet/include/org/apicnet/io/archive/CZip.php.source.html
-function extract($dir, $zipfilename){
+function extract($dir, $zipfilename){
-          if (function_exists("zip_open")) {
+          if (function_exists("zip_open")) {
-               //$dir  = eregi_replace("(\..*$)", "", $zipfilename);
+
-
+              $this->createDir($dir);
-              $this->createDir($dir);
+              $zip  = zip_open($zipfilename);
-              $zip  = zip_open($zipfilename);
+              if ($zip) {
-              if ($zip) {
+                 while ($zip_entry = zip_read($zip)) {
-                 while ($zip_entry = zip_read($zip)) {
+                     if (zip_entry_open($zip, $zip_entry, "r")) {
-                     if (zip_entry_open($zip, $zip_entry, "r")) {
+                         $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry));
-                         $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry));
+
-//                         if (eregi("(\/)", zip_entry_name($zip_entry))) $this->createDir($dir."/".eregi_replace("\/.*$", "", zip_entry_name($zip_entry))); 
+                 // LimeSurvey Only extract first dir for the moment
-
+                         if ( ! preg_match("/(\/)/i", zip_entry_name($zip_entry)))
-// LimeSurvey Only extract first dir for the moment
+			{ 
-                         if ( ! eregi("(\/)", zip_entry_name($zip_entry)))
+                         $this->createFile($dir."/".zip_entry_name($zip_entry), $buf,zip_entry_filesize($zip_entry));
-			{ 
+			}
-                         $this->createFile($dir."/".zip_entry_name($zip_entry), $buf,zip_entry_filesize($zip_entry));
+                         zip_entry_close($zip_entry);
-			}
+                     }
-                         zip_entry_close($zip_entry);
+                 }
-                     }
+                 zip_close($zip);
-                 }
+              }
-                 zip_close($zip);
+	      else
-              }
+	      {
-	      else
+		return "Error:OpenZip";
-	      {
+	      }
-		return "Error:OpenZip";
+          } 
-	      }
+	  return 'OK';
-          } 
+      }
-	  return 'OK';
+
-      }
+  	function createDir($dir){
-
+          if (preg_match("/(\/$)/", $dir)) @mkdir (substr($dir, 0, strlen($dir) - 1));
-  	function createDir($dir){
+          else @mkdir ($dir);
-          if (eregi("(\/$)", $dir)) @mkdir (substr($dir, 0, strlen($dir) - 1));
+      }
-          else @mkdir ($dir);
+      
-      }
+      
-      
+	// This comes from http://fr.php.net/zip
-      
+  	function createFile($file, $data, $size){
-	// This comes from http://fr.php.net/zip
+          //$file = new File($file, TRUE);
-  	function createFile($file, $data, $size){
+          //if ($file->exists()) {
-          //$file = new File($file, TRUE);
+          //    $file->delFile();
-          //if ($file->exists()) {
+          //    $file->createFile();
-          //    $file->delFile();
+          //}
-          //    $file->createFile();
+          //$file->writeData($data);
-          //}
+
-          //$file->writeData($data);
+	  if (is_file($file))
-
+	{
-	  if (is_file($file))
+		unlink($file);
-	{
+	}
-		unlink($file);
+	$fopen = fopen($file, "w");
-	}
+	fwrite($fopen,$data,$size);
-	$fopen = fopen($file, "w");
+      }
-	fwrite($fopen,$data,$size);
+
-      }
+} // end of the 'PHPZip' class
-
+?>
 } // end of the 'PHPZip' class
 ?>
--- a/include/limesurvey/admin/classes/tcpdf/checkphpversion.php
+++ b/include/limesurvey/admin/classes/tcpdf/checkphpversion.php
@@ -1,10 +0,0 @@
 <?php
 if (version_compare(PHP_VERSION, '5.0.0', '<') && version_compare(PHP_VERSION, '4.0.0', '>'))
 {
  require_once('tcpdf_php4.php');
 }
 else if (version_compare(PHP_VERSION, '5.0.0', '>'))
 {
  require_once('tcpdf.php');
 }
 ?>
--- a/include/limesurvey/admin/classes/tcpdf/extensiontcpdf.php
+++ b/include/limesurvey/admin/classes/tcpdf/extensiontcpdf.php
@@ -1,19 +1,12 @@
 <?php
-require_once('checkphpversion.php');
+require_once('tcpdf.php');      
 class PDF extends TCPDF
 {    
    function PDF($orientation='L', $unit='mm', $format='A4')
    {
-        if (version_compare(PHP_VERSION, '5.0.0', '<') && version_compare(PHP_VERSION, '4.0.0', '>'))
+        parent::__construct($orientation,$unit,$format);
        {
          parent::TCPDF($orientation,$unit,$format);
        }
        else if(version_compare(PHP_VERSION, '5.0.0', '>'))
        {
          parent::__construct($orientation,$unit,$format);
        }
        $this->SetAutoPageBreak(true,10); 
        $this->AliasNbPages();
@@ -21,6 +14,7 @@ class PDF extends TCPDF
    function intopdf($text,$format='')
    {
        $text = $this->delete_html($text);
        $oldformat = $this->FontStyle;
        $this->SetFont('',$format,$this->FontSizePt);
        $this->Write(5,$text);
@@ -31,7 +25,7 @@ class PDF extends TCPDF
    {
        $oldsize = $this->FontSizePt;
        $this->SetFontSize($oldsize-2);
-        $this->Write(5,$text);
+        $this->Write(5,$this->delete_html($text));
        $this->ln(5);
        $this->SetFontSize($oldsize);
    }   
@@ -39,6 +33,7 @@ class PDF extends TCPDF
    {
        if(!empty($title))
        {
            $title = $this->delete_html($title);
            $oldsize = $this->FontSizePt;
            $this->SetFontSize($oldsize+4);
            $this->Line(5,$this->y,($this->w-5),$this->y);
@@ -46,6 +41,7 @@ class PDF extends TCPDF
            $this->MultiCell('','',$title,'','C',0);
            if(!empty($description) && isset($description))
            {
                $description = $this->delete_html($description);
                $this->ln(7);
                $this->SetFontSize($oldsize+2);
                $this->MultiCell('','',$description,'','C',0);
@@ -68,7 +64,7 @@ class PDF extends TCPDF
        {
            for($b=0;$b<sizeof($array[$a]);$b++)
            {
-                $this->Cell($maxwidth[$b]*($this->FontSize),4,$array[$a][$b],0,0,'C');
+                $this->Cell($maxwidth[$b]*($this->FontSize),4,$this->delete_html($array[$a][$b]),0,0,'C');
            }
            $this->ln();
        }
@@ -99,5 +95,11 @@ class PDF extends TCPDF
    {      
        $this->Output($name,"D");
    }
    function delete_html($text)
    {
       $text = html_entity_decode($text);
       return strip_tags($text);
    }
 }    
 ?>
--- a/include/limesurvey/admin/classes/tcpdf/tcpdf.php
+++ b/include/limesurvey/admin/classes/tcpdf/tcpdf.php
@@ -5548,7 +5548,7 @@ if(!class_exists('TCPDF', false)) {
 			if (isset($dash)) {
 				$dash_string = "";
 				if ($dash) {
-					if (ereg("^.+,", $dash)) {
+					if (preg_match("/^.+,/", $dash)) {
 						$tab = explode(",", $dash);
 					} else {
 						$tab = array($dash);
--- a/include/limesurvey/admin/classes/tcpdf/tcpdf_php4.php
+++ b/include/limesurvey/admin/classes/tcpdf/tcpdf_php4.php
--- a/include/limesurvey/admin/cmdline_importsurvey.php
+++ b/include/limesurvey/admin/cmdline_importsurvey.php
@@ -1,92 +1,92 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: cmdline_importsurvey.php 5028 2008-06-09 11:20:29Z c_schmitz $
+* $Id: cmdline_importsurvey.php 6981 2009-05-30 23:04:55Z c_schmitz $
-*/
+*/
-
+
-
+
-if ($argc < 2 || in_array($argv[1], array('--help', '-help', '-h', '-?'))) {
+if ($argc < 2 || in_array($argv[1], array('--help', '-help', '-h', '-?'))) {
-?>
+?>
-
+
-This is a command line LimeSurvey Survey importer.
+This is a command line LimeSurvey Survey importer.
-
+
-  Usage:
+  Usage:
-  php <?php echo $argv[0]; ?> <File to import> [<user> <password>]
+  php <?php echo $argv[0]; ?> <File to import> [<user> <password>]
-
+
-  <File to import> has to be a LimeSurvey survey dump.
+  <File to import> has to be a LimeSurvey survey dump.
-  <user> and <password> are only required if the control access is active
+  <user> and <password> are only required if the control access is active
-  With the --help, -help, -h, or -? options, you can get this help.
+  With the --help, -help, -h, or -? options, you can get this help.
-
+
-<?php
+<?php
-	exit;
+	exit;
-} else {
+} else {
-    $the_full_file_path = $argv[1];
+    $the_full_file_path = $argv[1];
-    
+    
-    $username = ($argc>2)? $argv[2] : "";
+    $username = ($argc>2)? $argv[2] : "";
-    $userpass = ($argc>3)? $argv[3] : "";
+    $userpass = ($argc>3)? $argv[3] : "";
-}
+}
-
+
-if (!file_exists($the_full_file_path)) {
+if (!file_exists($the_full_file_path)) {
-    echo "\nThe file $the_full_file_path does not exist\n";
+    echo "\nThe file $the_full_file_path does not exist\n";
-    exit;
+    exit;
-}
+}
-
+
-$_SERVER['SERVER_NAME'] = "";				// just to avoid notices
+$_SERVER['SERVER_NAME'] = "";				// just to avoid notices
-$_SERVER['SERVER_SOFTWARE'] = "";		// just to avoid notices
+$_SERVER['SERVER_SOFTWARE'] = "";		// just to avoid notices
-require_once(dirname(__FILE__).'/../config-defaults.php'); 
+require_once(dirname(__FILE__).'/../config-defaults.php'); 
-require_once(dirname(__FILE__).'/../common.php');
+require_once(dirname(__FILE__).'/../common.php');
-
+
-if (isset($_REQUEST['homedir'])) {die('');}
+if (isset($_REQUEST['homedir'])) {die('');}
-require_once($homedir."/classes/core/sha256.php"); 
+require_once($homedir."/classes/core/sha256.php"); 
-$adminoutput ="";										// just to avoid notices
+$adminoutput ="";										// just to avoid notices
-include("database.php");
+include("database.php");
-$query = "SELECT uid, password, lang FROM ".db_table_name('users')." WHERE users_name=".$connect->qstr($username);
+$query = "SELECT uid, password, lang FROM ".db_table_name('users')." WHERE users_name=".$connect->qstr($username);
-$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
+$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
-$result = $connect->SelectLimit($query, 1) or die ($query."\n".$connect->ErrorMsg());
+$result = $connect->SelectLimit($query, 1) or die ($query."\n".$connect->ErrorMsg());
-if ($result->RecordCount() < 1)
+if ($result->RecordCount() < 1)
-   {
+   {
-	// wrong or unknown username and/or email
+	// wrong or unknown username and/or email
-	echo "\n".$clang->gT("User name invalid!")."\n";
+	echo "\n".$clang->gT("User name invalid!")."\n";
-	exit;
+	exit;
-	}
+	}
-else
+else
-	{
+	{
-	$fields = $result->FetchRow();
+	$fields = $result->FetchRow();
-	if (SHA256::hash($userpass) == $fields['password'])
+	if (SHA256::hashing($userpass) == $fields['password'])
-		{
+		{
-			$_SESSION['loginID'] = intval($fields['uid']);
+			$_SESSION['loginID'] = intval($fields['uid']);
-			$clang = new limesurvey_lang($fields['lang']);
+			$clang = new limesurvey_lang($fields['lang']);
-	
+	
-			GetSessionUserRights($_SESSION['loginID']);
+			GetSessionUserRights($_SESSION['loginID']);
-			if (!$_SESSION['USER_RIGHT_CREATE_SURVEY'])
+			if (!$_SESSION['USER_RIGHT_CREATE_SURVEY'])
-			{
+			{
-				// no permission to create survey!
+				// no permission to create survey!
-				echo "\n".$clang->gT("You are not allowed to import a survey!")."\n";
+				echo "\n".$clang->gT("You are not allowed to import a survey!")."\n";
-				exit;
+				exit;
-			}
+			}
-		}
+		}
-		else
+		else
-		{
+		{
-			// password don't match username
+			// password don't match username
-			echo "\n".$clang->gT("User name and password do not match!")."\n";
+			echo "\n".$clang->gT("User name and password do not match!")."\n";
-			exit;
+			exit;
-		}
+		}
-	}
+	}
-
+
-echo "\n";
+echo "\n";
-
+
-$importsurvey = "";
+$importsurvey = "";
-
+
-$importingfrom = "cmdline";	// "http" for the web version and "cmdline" for the command line version
+$importingfrom = "cmdline";	// "http" for the web version and "cmdline" for the command line version
-include("importsurvey.php");
+include("importsurvey.php");
-
+
-?>
+?>
--- a/include/limesurvey/admin/conditions.php
+++ b/include/limesurvey/admin/conditions.php
--- a/include/limesurvey/admin/conditionshandling.php
+++ b/include/limesurvey/admin/conditionshandling.php
--- a/include/limesurvey/admin/database.php
+++ b/include/limesurvey/admin/database.php
--- a/include/limesurvey/admin/dataentry.php
+++ b/include/limesurvey/admin/dataentry.php
--- a/include/limesurvey/admin/deactivate.php
+++ b/include/limesurvey/admin/deactivate.php
@@ -1,144 +1,132 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: deactivate.php 4916 2008-05-25 17:25:33Z c_schmitz $
+* $Id: deactivate.php 6976 2009-05-30 00:53:41Z c_schmitz $
-*/
+*/
-
+
-include_once("login_check.php");  //Login Check dies also if the script is started directly
+include_once("login_check.php");  //Login Check dies also if the script is started directly
-
+
-$postsid=returnglobal('sid');
+$postsid=returnglobal('sid');
-
+
-$date = date('YmdHis'); //'Hi' adds 24hours+minutes to name to allow multiple deactiviations in a day
+$date = date('YmdHis'); //'Hi' adds 24hours+minutes to name to allow multiple deactiviations in a day
-$deactivateoutput='';
+$deactivateoutput='';
-if (!isset($_POST['ok']) || !$_POST['ok'])
+if (!isset($_POST['ok']) || !$_POST['ok'])
-{
+{
-	$deactivateoutput .= "<br />\n<table class='alertbox'>\n";
+	$deactivateoutput .= "<br />\n<div class='messagebox'>\n";
-	$deactivateoutput .= "\t\t\t\t<tr ><td height='4'><strong>".$clang->gT("Deactivate Survey")." ($surveyid)</strong></td></tr>\n";
+	$deactivateoutput .= "\t\t\t\t<div class='header'>".$clang->gT("Deactivate Survey")." ($surveyid)</div>\n";
-	$deactivateoutput .= "\t<tr>\n";
+	$deactivateoutput .= "\t<div class='warningheader'>\n";
-	$deactivateoutput .= "\t\t<td align='center' bgcolor='#FFEEEE'>\n";
+	$deactivateoutput .= $clang->gT("Warning")."<br />".$clang->gT("READ THIS CAREFULLY BEFORE PROCEEDING");
-	$deactivateoutput .= "\t\t\t<font color='red'><strong>";
+	$deactivateoutput .= "\t\t</div>\n";
-	$deactivateoutput .= $clang->gT("Warning")."<br />".$clang->gT("READ THIS CAREFULLY BEFORE PROCEEDING");
+	$deactivateoutput .= "\t\t\t".$clang->gT("In an active survey, a table is created to store all the data-entry records.")."\n";
-	$deactivateoutput .= "\t\t</strong></font></td>\n";
+	$deactivateoutput .= "\t\t\t<p>".$clang->gT("When you deactivate a survey all the data entered in the original table will be moved elsewhere, and when you activate the survey again, the table will be empty. You will not be able to access this data using LimeSurvey any more.")."</p>\n";
-	$deactivateoutput .= "\t</tr>\n";
+	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Deactivated survey data can only be accessed by system administrators using a Database data access tool like phpmyadmin. If your survey uses tokens, this table will also be renamed and will only be accessible by system administrators.")."</p>\n";
-	$deactivateoutput .= "\t<tr>";
+	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Your responses table will be renamed to:")." {$dbprefix}old_{$_GET['sid']}_{$date}</p>\n";
-	$deactivateoutput .= "\t\t<td>\n";
+	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Also you should export your responses before deactivating.")."</p>\n";
-	$deactivateoutput .= "\t\t\t".$clang->gT("In an active survey, a table is created to store all the data-entry records.")."\n";
+	$deactivateoutput .= "\t\t\t<input type='submit' value='".$clang->gT("Deactivate Survey")."' onclick=\"".get2post("$scriptname?action=deactivate&amp;ok=Y&amp;sid={$_GET['sid']}")."\" />\n";
-	$deactivateoutput .= "\t\t\t<p>".$clang->gT("When you deactivate a survey all the data entered in the original table will be moved elsewhere, and when you activate the survey again, the table will be empty. You will not be able to access this data using LimeSurvey any more.")."</p>\n";
+	$deactivateoutput .= "</div><br />\n";
-	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Deactivated survey data can only be accessed by system administrators using a Database data access tool like phpmyadmin. If your survey uses tokens, this table will also be renamed and will only be accessible by system administrators.")."</p>\n";
+}
-	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Your responses table will be renamed to:")." {$dbprefix}old_{$_GET['sid']}_{$date}</p>\n";
+
-	$deactivateoutput .= "\t\t\t<p>".$clang->gT("Also you should export your responses before deactivating.")."</p>\n";
+else
-	$deactivateoutput .= "\t\t</td>\n";
+{
-	$deactivateoutput .= "\t</tr>\n";
+	//See if there is a tokens table for this survey
-	$deactivateoutput .= "\t<tr>\n";
+	$tablelist = $connect->MetaTables();
-	$deactivateoutput .= "\t\t<td align='center'>\n";
+	if (in_array("{$dbprefix}tokens_{$postsid}", $tablelist))
-//	$deactivateoutput .= "\t\t\t<input type='submit' value='".$clang->gT("Deactivate Survey")."' onclick=\"window.open('$scriptname?action=deactivate&amp;ok=Y&amp;sid={$_GET['sid']}', '_self')\">\n";
+	{
-	$deactivateoutput .= "\t\t\t<input type='submit' value='".$clang->gT("Deactivate Survey")."' onclick=\"".get2post("$scriptname?action=deactivate&amp;ok=Y&amp;sid={$_GET['sid']}")."\">\n";
+		$toldtable="tokens_{$postsid}";
-	$deactivateoutput .= "\t\t<br />&nbsp;</td>\n";
+		$tnewtable="old_tokens_{$postsid}_{$date}";
-	$deactivateoutput .= "\t</tr>\n";
+		$tdeactivatequery = db_rename_table(db_table_name_nq($toldtable) ,db_table_name_nq($tnewtable));
-	$deactivateoutput .= "</table><br />&nbsp;\n";
+		$tdeactivateresult = $connect->Execute($tdeactivatequery) or die ("Couldn't deactivate tokens table because:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-}
+
-
+	    if ($databasetype=='postgres')
-else
+	    {
-{
+	    // If you deactivate a postgres table you have to rename the according sequence too and alter the id field to point to the changed sequence
-	//See if there is a tokens table for this survey
+	    	$deactivatequery = db_rename_table(db_table_name_nq($toldtable).'_tid_seq',db_table_name_nq($tnewtable).'_tid_seq');
-	$tablelist = $connect->MetaTables();
+			$deactivateresult = $connect->Execute($deactivatequery) or die ("Could not rename the old sequence for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-	if (in_array("{$dbprefix}tokens_{$postsid}", $tablelist))
+	        $setsequence="ALTER TABLE ".db_table_name_nq($tnewtable)." ALTER COLUMN tid SET DEFAULT nextval('".db_table_name_nq($tnewtable)."_tid_seq'::regclass);";
-	{
+			$deactivateresult = $connect->Execute($setsequence) or die ("Could not alter the field 'tid' to point to the new sequence name for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-		$toldtable="tokens_{$postsid}";
+	    	$setidx="ALTER INDEX ".db_table_name_nq($toldtable)."_idx RENAME TO ".db_table_name_nq($tnewtable)."_idx;";
-		$tnewtable="old_tokens_{$postsid}_{$date}";
+			$deactivateresult = $connect->Execute($setidx) or die ("Could not alter the index for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$_GET['sid']}'>".$clang->gT("Main Admin Screen")."</a>");
-		$tdeactivatequery = db_rename_table(db_table_name_nq($toldtable) ,db_table_name_nq($tnewtable));
+		
-		$tdeactivateresult = $connect->Execute($tdeactivatequery) or die ("Couldn't deactivate tokens table because:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+		}
-
+	}
-	    if ($databasetype=='postgres')
+
-	    {
+    // IF there are any records in the saved_control table related to this survey, they have to be deleted
-	    // If you deactivate a postgres table you have to rename the according sequence too and alter the id field to point to the changed sequence
+    $query = "DELETE FROM {$dbprefix}saved_control WHERE sid={$postsid}";
-	    	$deactivatequery = db_rename_table(db_table_name_nq($toldtable).'_tid_seq',db_table_name_nq($tnewtable).'_tid_seq');
+    $result = $connect->Execute($query);
-			$deactivateresult = $connect->Execute($deactivatequery) or die ("Could not rename the old sequence for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+    
-	        $setsequence="ALTER TABLE ".db_table_name_nq($tnewtable)." ALTER COLUMN tid SET DEFAULT nextval('".db_table_name_nq($tnewtable)."_tid_seq'::regclass);";
+	$oldtable="{$dbprefix}survey_{$postsid}";
-			$deactivateresult = $connect->Execute($setsequence) or die ("Could not alter the field 'tid' to point to the new sequence name for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+	$newtable="{$dbprefix}old_survey_{$postsid}_{$date}";
-	    	$setidx="ALTER INDEX ".db_table_name_nq($toldtable)."_idx RENAME TO ".db_table_name_nq($tnewtable)."_idx;";
+
-			$deactivateresult = $connect->Execute($setidx) or die ("Could not alter the index for this token table. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$_GET['sid']}'>".$clang->gT("Main Admin Screen")."</a>");
+	//Update the auto_increment value from the table before renaming
-		
+	$new_autonumber_start=0;
-		}
+	$query = "SELECT id FROM $oldtable ORDER BY id desc";
-	}
+	$result = db_select_limit_assoc($query, 1,-1, false, false);
-
+	if ($result)
-    // IF there are any records in the saved_control table related to this survey, they have to be deleted
+	{
-    $query = "DELETE FROM {$dbprefix}saved_control WHERE sid={$postsid}";
+        while ($row=$result->FetchRow())
-    $result = $connect->Execute($query);
+    	{
-    
+    		if (strlen($row['id']) > 12) //Handle very large autonumbers (like those using IP prefixes)
-	$oldtable="{$dbprefix}survey_{$postsid}";
+    		{
-	$newtable="{$dbprefix}old_survey_{$postsid}_{$date}";
+    			$part1=substr($row['id'], 0, 12);
-
+    			$part2len=strlen($row['id'])-12;
-	//Update the auto_increment value from the table before renaming
+    			$part2=sprintf("%0{$part2len}d", substr($row['id'], 12, strlen($row['id'])-12)+1);
-	$new_autonumber_start=0;
+    			$new_autonumber_start="{$part1}{$part2}";
-	$query = "SELECT id FROM $oldtable ORDER BY id desc";
+    		}
-	$result = db_select_limit_assoc($query, 1,-1, false, false);
+    		else
-	if ($result)
+    		{
-	{
+    			$new_autonumber_start=$row['id']+1;
-        while ($row=$result->FetchRow())
+    		}
-    	{
+    	}
-    		if (strlen($row['id']) > 12) //Handle very large autonumbers (like those using IP prefixes)
+    }
-    		{
+	$query = "UPDATE {$dbprefix}surveys SET autonumber_start=$new_autonumber_start WHERE sid=$surveyid";
-    			$part1=substr($row['id'], 0, 12);
+	@$result = $connect->Execute($query); //Note this won't die if it fails - that's deliberate.
-    			$part2len=strlen($row['id'])-12;
+
-    			$part2=sprintf("%0{$part2len}d", substr($row['id'], 12, strlen($row['id'])-12)+1);
+	$deactivatequery = db_rename_table($oldtable,$newtable);
-    			$new_autonumber_start="{$part1}{$part2}";
+	$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-    		}
+    
-    		else
+    if ($databasetype=='postgres')
-    		{
+    {
-    			$new_autonumber_start=$row['id']+1;
+    // If you deactivate a postgres table you have to rename the according sequence too and alter the id field to point to the changed sequence
-    		}
+    	$deactivatequery = db_rename_table($oldtable.'_id_seq',$newtable.'_id_seq');
-    	}
+		$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-    }
+        $setsequence="ALTER TABLE $newtable ALTER COLUMN id SET DEFAULT nextval('{$newtable}_id_seq'::regclass);";
-	$query = "UPDATE {$dbprefix}surveys SET autonumber_start=$new_autonumber_start WHERE sid=$surveyid";
+		$deactivateresult = $connect->Execute($setsequence) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
-	@$result = $connect->Execute($query); //Note this won't die if it fails - that's deliberate.
+    }
-
+
-	$deactivatequery = db_rename_table($oldtable,$newtable);
+//            $dict = NewDataDictionary($connect);            
-	$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+//            $dropindexquery=$dict->DropIndexSQL(db_table_name_nq($oldtable).'_idx');
-    
+//            $connect->Execute($dropindexquery[0]);
-    if ($databasetype=='postgres')
+
-    {
+	$deactivatequery = "UPDATE {$dbprefix}surveys SET active='N' WHERE sid=$surveyid";
-    // If you deactivate a postgres table you have to rename the according sequence too and alter the id field to point to the changed sequence
+	$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't deactivate because:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br /><a href='$scriptname?sid={$postsid}'>Admin</a>");
-    	$deactivatequery = db_rename_table($oldtable.'_id_seq',$newtable.'_id_seq');
+	$deactivateoutput .= "<br />\n<table class='alertbox'>\n";
-		$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+	$deactivateoutput .= "\t\t\t\t<tr ><td height='4'><strong>".$clang->gT("Deactivate Survey")." ($surveyid)</strong></td></tr>\n";
-        $setsequence="ALTER TABLE $newtable ALTER COLUMN id SET DEFAULT nextval('{$newtable}_id_seq'::regclass);";
+	$deactivateoutput .= "\t<tr>\n";
-		$deactivateresult = $connect->Execute($setsequence) or die ("Couldn't make backup of the survey table. Please try again. The database reported the following error:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br />Survey was not deactivated either.<br /><br /><a href='$scriptname?sid={$postsid}'>".$clang->gT("Main Admin Screen")."</a>");
+	$deactivateoutput .= "\t\t<td align='center'>\n";
-    }
+	$deactivateoutput .= "\t\t\t<strong>".$clang->gT("Survey Has Been Deactivated")."\n";
-
+	$deactivateoutput .= "\t\t</strong></td>\n";
-//            $dict = NewDataDictionary($connect);            
+	$deactivateoutput .= "\t</tr>\n";
-//            $dropindexquery=$dict->DropIndexSQL(db_table_name_nq($oldtable).'_idx');
+	$deactivateoutput .= "\t<tr>\n";
-//            $connect->Execute($dropindexquery[0]);
+	$deactivateoutput .= "\t\t<td>\n";
-
+	$deactivateoutput .= "\t\t\t".$clang->gT("The responses table has been renamed to: ")." $newtable.\n";
-	$deactivatequery = "UPDATE {$dbprefix}surveys SET active='N' WHERE sid=$surveyid";
+	$deactivateoutput .= "\t\t\t".$clang->gT("The responses to this survey are no longer available using LimeSurvey.")."\n";
-	$deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't deactivate because:<br />".htmlspecialchars($connect->ErrorMsg())."<br /><br /><a href='$scriptname?sid={$postsid}'>Admin</a>");
+	$deactivateoutput .= "\t\t\t<p>".$clang->gT("You should note the name of this table in case you need to access this information later.")."</p>\n";
-	$deactivateoutput .= "<br />\n<table class='alertbox'>\n";
+	if (isset($toldtable) && $toldtable)
-	$deactivateoutput .= "\t\t\t\t<tr ><td height='4'><strong>".$clang->gT("Deactivate Survey")." ($surveyid)</strong></td></tr>\n";
+	{
-	$deactivateoutput .= "\t<tr>\n";
+		$deactivateoutput .= "\t\t\t".$clang->gT("The tokens table associated with this survey has been renamed to: ")." $tnewtable.\n";
-	$deactivateoutput .= "\t\t<td align='center'>\n";
+	}
-	$deactivateoutput .= "\t\t\t<strong>".$clang->gT("Survey Has Been Deactivated")."\n";
+	$deactivateoutput .= "\t\t</td>\n";
-	$deactivateoutput .= "\t\t</strong></td>\n";
+	$deactivateoutput .= "\t</tr>\n";
-	$deactivateoutput .= "\t</tr>\n";
+	$deactivateoutput .= "</table><br/>&nbsp;\n";
-	$deactivateoutput .= "\t<tr>\n";
+}
-	$deactivateoutput .= "\t\t<td>\n";
+
-	$deactivateoutput .= "\t\t\t".$clang->gT("The responses table has been renamed to: ")." $newtable.\n";
+?>
 	$deactivateoutput .= "\t\t\t".$clang->gT("The responses to this survey are no longer available using LimeSurvey.")."\n";
 	$deactivateoutput .= "\t\t\t<p>".$clang->gT("You should note the name of this table in case you need to access this information later.")."</p>\n";
 	if (isset($toldtable) && $toldtable)
 	{
 		$deactivateoutput .= "\t\t\t".$clang->gT("The tokens table associated with this survey has been renamed to: ")." $tnewtable.\n";
 	}
 	$deactivateoutput .= "\t\t</td>\n";
 	$deactivateoutput .= "\t</tr>\n";
 	$deactivateoutput .= "</table><br/>&nbsp;\n";
 }
 ?>
--- a/include/limesurvey/admin/deletesurvey.php
+++ b/include/limesurvey/admin/deletesurvey.php
@@ -1,133 +1,141 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: deletesurvey.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: deletesurvey.php 7503 2009-08-21 00:30:44Z jcleeland $
-*/
+*/
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-$deleteok = returnglobal('deleteok');
+$deleteok = returnglobal('deleteok');
-
+
-$deletesurveyoutput = "<br />\n";
+$deletesurveyoutput = "<br />\n";
-$deletesurveyoutput .= "<table class='alertbox' >\n";
+$deletesurveyoutput .= "<table class='alertbox' >\n";
-$deletesurveyoutput .= "\t<tr ><td colspan='2' height='4'><font size='1'><strong>".$clang->gT("Delete Survey")."</strong></font></td></tr>\n";
+$deletesurveyoutput .= "\t<tr ><td colspan='2' height='4'><font size='1'><strong>".$clang->gT("Delete Survey")."</strong></font></td></tr>\n";
-
+
-if (!isset($surveyid) || !$surveyid)
+if (!isset($surveyid) || !$surveyid)
-{
+{
-    $deletesurveyoutput .= "\t<tr ><td align='center'>\n";
+    $deletesurveyoutput .= "\t<tr ><td align='center'>\n";
-	$deletesurveyoutput .= "<br /><font color='red'><strong>".$clang->gT("Error")."</strong></font><br />\n";
+	$deletesurveyoutput .= "<br /><font color='red'><strong>".$clang->gT("Error")."</strong></font><br />\n";
-	$deletesurveyoutput .= $clang->gT("You have not selected a survey to delete")."<br /><br />\n";
+	$deletesurveyoutput .= $clang->gT("You have not selected a survey to delete")."<br /><br />\n";
-	$deletesurveyoutput .= "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+	$deletesurveyoutput .= "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
-	$deletesurveyoutput .= "</td></tr></table>\n";
+	$deletesurveyoutput .= "</td></tr></table>\n";
-	$deletesurveyoutput .= "</body>\n</html>";
+	$deletesurveyoutput .= "</body>\n</html>";
-	return;
+	return;
-}
+}
-
+
-if (!isset($deleteok) || !$deleteok)
+if (!isset($deleteok) || !$deleteok)
-{
+{
-	$tablelist = $connect->MetaTables();
+	$tablelist = $connect->MetaTables();
-
+
-	$deletesurveyoutput .= "\t<tr>\n";
+	$deletesurveyoutput .= "\t<tr>\n";
-	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
+	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
-	$deletesurveyoutput .= "\t\t\t<font color='red'><strong>".$clang->gT("Warning")."</strong></font><br />\n";
+	$deletesurveyoutput .= "\t\t\t<font color='red'><strong>".$clang->gT("Warning")."</strong></font><br />\n";
-	$deletesurveyoutput .= "\t\t\t<strong>".$clang->gT("You are about to delete this survey")." ($surveyid)</strong><br /><br />\n";
+	$deletesurveyoutput .= "\t\t\t<strong>".$clang->gT("You are about to delete this survey")." ($surveyid)</strong><br /><br />\n";
-	$deletesurveyoutput .= "\t\t\t".$clang->gT("This process will delete this survey, and all related groups, questions answers and conditions.")."<br /><br />\n";
+	$deletesurveyoutput .= "\t\t\t".$clang->gT("This process will delete this survey, and all related groups, questions answers and conditions.")."<br /><br />\n";
-	$deletesurveyoutput .= "\t\t\t".$clang->gT("We recommend that before you delete this survey you export the entire survey from the main administration screen.")."\n";
+	$deletesurveyoutput .= "\t\t\t".$clang->gT("We recommend that before you delete this survey you export the entire survey from the main administration screen.")."\n";
-
+
-	if (in_array("{$dbprefix}survey_$surveyid", $tablelist))
+	if (in_array("{$dbprefix}survey_$surveyid", $tablelist))
-	{
+	{
-		$deletesurveyoutput .= "\t\t\t<br /><br />\n".$clang->gT("This survey is active and a responses table exists. If you delete this survey, these responses will be deleted. We recommend that you export the responses before deleting this survey.")."<br /><br />\n";
+		$deletesurveyoutput .= "\t\t\t<br /><br />\n".$clang->gT("This survey is active and a responses table exists. If you delete this survey, these responses will be deleted. We recommend that you export the responses before deleting this survey.")."<br /><br />\n";
-	}
+	}
-
+
-	if (in_array("{$dbprefix}tokens_$surveyid", $tablelist))
+	if (in_array("{$dbprefix}tokens_$surveyid", $tablelist))
-	{
+	{
-		$deletesurveyoutput .= "\t\t\t".$clang->gT("This survey has an associated tokens table. If you delete this survey this tokens table will be deleted. We recommend that you export or backup these tokens before deleting this survey.")."<br /><br />\n";
+		$deletesurveyoutput .= "\t\t\t".$clang->gT("This survey has an associated tokens table. If you delete this survey this tokens table will be deleted. We recommend that you export or backup these tokens before deleting this survey.")."<br /><br />\n";
-	}
+	}
-
+
-	$deletesurveyoutput .= "\t\t</td>\n";
+	$deletesurveyoutput .= "\t\t</td>\n";
-	$deletesurveyoutput .= "\t</tr>\n";
+	$deletesurveyoutput .= "\t</tr>\n";
-	$deletesurveyoutput .= "\t<tr>\n";
+	$deletesurveyoutput .= "\t<tr>\n";
-	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
+	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
-	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Cancel")."' onclick=\"window.open('admin.php?sid=$surveyid', '_self')\" /><br />\n";
+	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Cancel")."' onclick=\"window.open('admin.php?sid=$surveyid', '_self')\" /><br />\n";
-//	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Delete")."' onclick=\"window.open('$scriptname?action=deletesurvey&amp;sid=$surveyid&amp;ok=Y','_self')\" />\n";
+//	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Delete")."' onclick=\"window.open('$scriptname?action=deletesurvey&amp;sid=$surveyid&amp;ok=Y','_top')\" />\n";
-	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Delete")."' onclick=\"".get2post("$scriptname?action=deletesurvey&amp;sid=$surveyid&amp;deleteok=Y")."\" />\n";
+	$deletesurveyoutput .= "\t\t\t<input type='submit'  value='".$clang->gT("Delete")."' onclick=\"".get2post("$scriptname?action=deletesurvey&amp;sid=$surveyid&amp;deleteok=Y")."\" />\n";
-	$deletesurveyoutput .= "\t\t</td>\n";
+	$deletesurveyoutput .= "\t\t</td>\n";
-	$deletesurveyoutput .= "\t</tr>\n";
+	$deletesurveyoutput .= "\t</tr>\n";
-	$deletesurveyoutput .= "\n";
+	$deletesurveyoutput .= "\n";
-}
+}
-
+
-else //delete the survey
+else //delete the survey
-{
+{
-	$tablelist = $connect->MetaTables();
+	$tablelist = $connect->MetaTables();
-	$dict = NewDataDictionary($connect);
+	$dict = NewDataDictionary($connect);
-
+
-	if (in_array("{$dbprefix}survey_$surveyid", $tablelist)) //delete the survey_$surveyid table
+	if (in_array("{$dbprefix}survey_$surveyid", $tablelist)) //delete the survey_$surveyid table
-	{			
+	{			
-		$dsquery = $dict->DropTableSQL("{$dbprefix}survey_$surveyid");	
+		$dsquery = $dict->DropTableSQL("{$dbprefix}survey_$surveyid");	
-		//$dict->ExecuteSQLArray($sqlarray);		
+		//$dict->ExecuteSQLArray($sqlarray);		
-		$dsresult = $dict->ExecuteSQLArray($dsquery) or safe_die ("Couldn't \"$dsquery\" because <br />".$connect->ErrorMsg());
+		$dsresult = $dict->ExecuteSQLArray($dsquery) or safe_die ("Couldn't \"$dsquery\" because <br />".$connect->ErrorMsg());
-	}
+	}
-
+
-	if (in_array("{$dbprefix}tokens_$surveyid", $tablelist)) //delete the tokens_$surveyid table
+	if (in_array("{$dbprefix}tokens_$surveyid", $tablelist)) //delete the tokens_$surveyid table
-	{
+	{
-		$dsquery = $dict->DropTableSQL("{$dbprefix}tokens_$surveyid");
+		$dsquery = $dict->DropTableSQL("{$dbprefix}tokens_$surveyid");
-		$dsresult = $dict->ExecuteSQLArray($dsquery) or safe_die ("Couldn't \"$dsquery\" because <br />".$connect->ErrorMsg());
+		$dsresult = $dict->ExecuteSQLArray($dsquery) or safe_die ("Couldn't \"$dsquery\" because <br />".$connect->ErrorMsg());
-	}
+	}
-
+
-	$dsquery = "SELECT qid FROM {$dbprefix}questions WHERE sid=$surveyid";
+	$dsquery = "SELECT qid FROM {$dbprefix}questions WHERE sid=$surveyid";
-	$dsresult = db_execute_assoc($dsquery) or safe_die ("Couldn't find matching survey to delete<br />$dsquery<br />".$connect->ErrorMsg());
+	$dsresult = db_execute_assoc($dsquery) or safe_die ("Couldn't find matching survey to delete<br />$dsquery<br />".$connect->ErrorMsg());
-	while ($dsrow = $dsresult->FetchRow())
+	while ($dsrow = $dsresult->FetchRow())
-	{
+	{
-		$asdel = "DELETE FROM {$dbprefix}answers WHERE qid={$dsrow['qid']}";
+		$asdel = "DELETE FROM {$dbprefix}answers WHERE qid={$dsrow['qid']}";
-		$asres = $connect->Execute($asdel);
+		$asres = $connect->Execute($asdel);
-		$cddel = "DELETE FROM {$dbprefix}conditions WHERE qid={$dsrow['qid']}";
+		$cddel = "DELETE FROM {$dbprefix}conditions WHERE qid={$dsrow['qid']}";
-		$cdres = $connect->Execute($cddel) or safe_die ("Delete conditions failed<br />$cddel<br />".$connect->ErrorMsg());
+		$cdres = $connect->Execute($cddel) or safe_die ("Delete conditions failed<br />$cddel<br />".$connect->ErrorMsg());
-		$qadel = "DELETE FROM {$dbprefix}question_attributes WHERE qid={$dsrow['qid']}";
+		$qadel = "DELETE FROM {$dbprefix}question_attributes WHERE qid={$dsrow['qid']}";
-		$qares = $connect->Execute($qadel);
+		$qares = $connect->Execute($qadel);
-	}
+	}
-
+
-	$qdel = "DELETE FROM {$dbprefix}questions WHERE sid=$surveyid";
+	$qdel = "DELETE FROM {$dbprefix}questions WHERE sid=$surveyid";
-	$qres = $connect->Execute($qdel);
+	$qres = $connect->Execute($qdel);
-
+
-	$scdel = "DELETE FROM {$dbprefix}assessments WHERE sid=$surveyid";
+	$scdel = "DELETE FROM {$dbprefix}assessments WHERE sid=$surveyid";
-	$scres = $connect->Execute($scdel);
+	$scres = $connect->Execute($scdel);
-
+
-	$gdel = "DELETE FROM {$dbprefix}groups WHERE sid=$surveyid";
+	$gdel = "DELETE FROM {$dbprefix}groups WHERE sid=$surveyid";
-	$gres = $connect->Execute($gdel);
+	$gres = $connect->Execute($gdel);
-	
+	
-	$slsdel = "DELETE FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id=$surveyid";
+	$slsdel = "DELETE FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id=$surveyid";
-    $slsres = $connect->Execute($slsdel);
+    $slsres = $connect->Execute($slsdel);
-
+
-    $srdel = "DELETE FROM {$dbprefix}surveys_rights WHERE sid=$surveyid";
+    $srdel = "DELETE FROM {$dbprefix}surveys_rights WHERE sid=$surveyid";
-	$srres = $connect->Execute($srdel);
+	$srres = $connect->Execute($srdel);
-
+
-    $srdel = "DELETE FROM {$dbprefix}saved_control WHERE sid=$surveyid";
+    $srdel = "DELETE FROM {$dbprefix}saved_control WHERE sid=$surveyid";
-	$srres = $connect->Execute($srdel);
+	$srres = $connect->Execute($srdel);
-
+
-	$sdel = "DELETE FROM {$dbprefix}surveys WHERE sid=$surveyid";
+	$sdel = "DELETE FROM {$dbprefix}surveys WHERE sid=$surveyid";
-	$sres = $connect->Execute($sdel);
+	$sres = $connect->Execute($sdel);
-
+
-
+	$sdel = "DELETE {$dbprefix}quota_languagesettings FROM {$dbprefix}quota_languagesettings, {$dbprefix}quota WHERE {$dbprefix}quota_languagesettings.quotals_quota_id={$dbprefix}quota.id and sid=$surveyid";
-	$deletesurveyoutput .= "\t<tr>\n";
+	$sres = $connect->Execute($sdel);
-	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
+
-	$deletesurveyoutput .= "\t\t\t<strong>".$clang->gT("This survey has been deleted.")."<br /><br />\n";
+	$sdel = "DELETE FROM {$dbprefix}quota WHERE sid=$surveyid";
-	$deletesurveyoutput .= "\t\t\t<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\" />\n";
+	$sres = $connect->Execute($sdel);
-	$deletesurveyoutput .= "\t\t</strong></td>\n";
+	
-	$deletesurveyoutput .= "\t</tr>\n";
+	$sdel = "DELETE FROM {$dbprefix}quota_members WHERE sid=$surveyid;";
-    $surveyid=false;
+	$sres = $connect->Execute($sdel);
-
+	
-}
+	$deletesurveyoutput .= "\t<tr>\n";
-$deletesurveyoutput .= "</table><br />&nbsp;\n";
+	$deletesurveyoutput .= "\t\t<td align='center'><br />\n";
-	
+	$deletesurveyoutput .= "\t\t\t<strong>".$clang->gT("This survey has been deleted.")."<br /><br />\n";
-
+	$deletesurveyoutput .= "\t\t\t<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\" />\n";
-
+	$deletesurveyoutput .= "\t\t</strong></td>\n";
-?>
+	$deletesurveyoutput .= "\t</tr>\n";
    $surveyid=false;
 }
 $deletesurveyoutput .= "</table><br />&nbsp;\n";
 ?>
--- a/include/limesurvey/admin/dumpdb.php
+++ b/include/limesurvey/admin/dumpdb.php
@@ -1,129 +1,137 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: dumpdb.php 4727 2008-04-29 04:31:51Z jcleeland $
+* $Id: dumpdb.php 7519 2009-08-23 21:55:32Z c_schmitz $
-*/
+*/
-
+
-include_once("login_check.php");  //Login Check dies also if the script is started directly
+include_once("login_check.php");  //Login Check dies also if the script is started directly
-
+
-if ($database_exists && $databasetype=='mysql') {
+if ($database_exists && ($databasetype=='mysql' || $databasetype=='mysqli') && $demoModeOnly != true) {
-
+
-	$tables = $connect->MetaTables();
+	$tables = $connect->MetaTables();
-	
+	
-	$export="";
+	$export="";
-	$export .="#------------------------------------------"."\n";
+	$export .="#------------------------------------------"."\n";
-	$export .="# LimeSurvey Database Dump of `$databasename`"."\n";
+	$export .="# LimeSurvey Database Dump of `$databasename`"."\n";
-	if ($allowexportalldb==0) {
+	if ($allowexportalldb==0) {
-		$export .="# Only prefixed tables with: ". $dbprefix ."\n";
+		$export .="# Only prefixed tables with: ". $dbprefix ."\n";
-	}
+	}
-	$export .="# Date of Dump: ". date("d-M-Y") ."\n";
+	$export .="# Date of Dump: ". date("d-M-Y") ."\n";
-	$export .="#------------------------------------------"."\n\n\n";
+	$export .="#------------------------------------------"."\n\n\n";
-	
+	
-	foreach($tables as $table) {
+	foreach($tables as $table) {
-		if ($allowexportalldb==0) {
+		if ($allowexportalldb==0) {
-			if ($dbprefix==substr($table, 0, strlen($dbprefix))) {
+			if ($dbprefix==substr($table, 0, strlen($dbprefix))) {
-				$export .= defdump($table);
+				$export .= defdump($table);
-				$export .= datadump($table);
+				$export .= datadump($table);
-			}
+			}
-		}
+		}
-		else {
+		else {
-			$export .= defdump($table);
+			$export .= defdump($table);
-			$export .= datadump($table);
+			$export .= datadump($table);
-		}
+		}
-	}
+	}
-	
+	
-	$file_name = "LimeSurvey_{$databasename}_dump_".date_shift(date("Y-m-d H:i:s"), "Y-m-d", $timeadjust).".sql";
+	$file_name = "LimeSurvey_{$databasename}_dump_".date_shift(date("Y-m-d H:i:s"), "Y-m-d", $timeadjust).".sql";
-	Header("Content-type: application/octet-stream");
+	Header("Content-type: application/octet-stream");
-	Header("Content-Disposition: attachment; filename=$file_name");
+	Header("Content-Disposition: attachment; filename=$file_name");
-	Header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+	Header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
-	echo $export;
+	echo $export;
-	exit;
+	exit;
-}
+}
- else 
+ else 
- {
+ {
-	$dumpdboutput= "<br />\n"
+	$dumpdboutput= "<br />\n"
-				   ."<table class='alertbox' >\n"
+				   ."<table class='alertbox' >\n"
-			   	   ."\t<tr ><td height='4'><font size='1'><strong>".$clang->gT("Export database")."</strong></font></td></tr>\n"
+			   	   ."\t<tr ><td height='4'><font size='1'><strong>".$clang->gT("Export database")."</strong></font></td></tr>\n"
-				   ."\t<tr ><td height='4'>".$clang->gT("The database export is only available for MySQL databases. For other database types please use the according backup mechanism to create a database dump.")."</td></tr>"
+				   ."\t<tr ><td height='4'>".$clang->gT("The database export is only available for MySQL databases. For other database types please use the according backup mechanism to create a database dump.")."</td></tr>"
-			       ."</table><br />";
+			       ."</table><br />";
-    return;           
+    return;           
- }
+ }
-
+
-
+
-	function defdump($tablename)
+	function defdump($tablename)
-	{
+	{
-		global $connect;
+		global $connect;
-		$def = "";
+		$def = "";
-		$def .="#------------------------------------------"."\n";
+		$def .="#------------------------------------------"."\n";
-		$def .="# Table definition for $tablename"."\n";
+		$def .="# Table definition for $tablename"."\n";
-		$def .="#------------------------------------------"."\n";
+		$def .="#------------------------------------------"."\n";
-		$def .= "DROP TABLE IF EXISTS $tablename;"."\n"."\n";
+		$def .= "DROP TABLE IF EXISTS $tablename;"."\n"."\n";
-		$def .= "CREATE TABLE $tablename ("."\n";
+		$def .= "CREATE TABLE $tablename ("."\n";
-		$result = db_execute_assoc("SHOW COLUMNS FROM $tablename") or die("Table $tablename not existing in database");
+		$result = db_execute_assoc("SHOW COLUMNS FROM $tablename") or die("Table $tablename not existing in database");
-		while($row = $result->FetchRow())
+		while($row = $result->FetchRow())
-		{
+		{
-			$def .= "    `$row[Field]` $row[Type]";
+			$def .= "    `$row[Field]` $row[Type]";
-			if (!is_null($row["Default"])) $def .= " DEFAULT '$row[Default]'";
+			if (!is_null($row["Default"])) $def .= " DEFAULT '$row[Default]'";
-			if ($row["Null"] != "YES") $def .= " NOT NULL";
+			if ($row["Null"] != "YES") $def .= " NOT NULL";
-			if ($row["Extra"] != "") $def .= " $row[Extra]";
+			if ($row["Extra"] != "") $def .= " $row[Extra]";
-			$def .= ",\n";
+			$def .= ",\n";
-		}
+		}
-		$def = ereg_replace(",\n$","", $def);
+		$def = preg_replace("#,\n$#","", $def);
-	
+	
-		$result = db_execute_assoc("SHOW KEYS FROM $tablename");
+		$result = db_execute_assoc("SHOW KEYS FROM $tablename");
-		while($row = $result->FetchRow())
+		while($row = $result->FetchRow())
-		{
+		{
-			$kname=$row["Key_name"];
+			$kname=$row["Key_name"];
-			if(($kname != "PRIMARY") && ($row["Non_unique"] == 0)) $kname="UNIQUE|$kname";
+			if(($kname != "PRIMARY") && ($row["Non_unique"] == 0)) $kname="UNIQUE|$kname";
-			if(!isset($index[$kname])) $index[$kname] = array();
+			if(!isset($index[$kname])) $index[$kname] = array();
-			$index[$kname][] = $row["Column_name"];
+			$index[$kname][] = $row["Column_name"];
-		}
+		}
-	
+	
-		while(list($x, $columns) = @each($index))
+		while(list($x, $columns) = @each($index))
-		{
+		{
-			$def .= ",\n";
+			$def .= ",\n";
-			if($x == "PRIMARY") $def .= "   PRIMARY KEY (" . implode($columns, ", ") . ")";
+			if($x == "PRIMARY") $def .= "   PRIMARY KEY (" . implode($columns, ", ") . ")";
-			else if (substr($x,0,6) == "UNIQUE") $def .= "   UNIQUE ".substr($x,7)." (" . implode($columns, ", ") . ")";
+			else if (substr($x,0,6) == "UNIQUE") $def .= "   UNIQUE ".substr($x,7)." (" . implode($columns, ", ") . ")";
-			else $def .= "   KEY $x (" . implode($columns, ", ") . ")";
+			else $def .= "   KEY $x (" . implode($columns, ", ") . ")";
-		}
+		}
-		$def .= "\n);\n\n\n";
+		$def .= "\n);\n\n\n";
-		return (stripslashes($def));
+		return (stripslashes($def));
-	}
+	}
-	
+	
-	
+	
-	function datadump ($table) {
+	function datadump ($table) {
-	
+	
-		global $connect;
+		global $connect;
-	
+	
-		$result = "#------------------------------------------"."\n";
+		$result = "#------------------------------------------"."\n";
-		$result .="# Table data for $table"."\n";
+		$result .="# Table data for $table"."\n";
-		$result .="#------------------------------------------"."\n";
+		$result .="#------------------------------------------"."\n";
-	
+	
-		$query = db_execute_num("select * from $table");
+		$query = db_execute_num("select * from $table");
-		$num_fields = $query->FieldCount();
+		$num_fields = $query->FieldCount();
-		$numrow = $query->RecordCount();
+		$numrow = $query->RecordCount();
-	
+	
-		while($row=$query->FetchRow()){
+		while($row=$query->FetchRow()){
-			@set_time_limit(5);
+			@set_time_limit(5);
-			$result .= "INSERT INTO ".$table." VALUES(";
+			$result .= "INSERT INTO ".$table." VALUES(";
-			for($j=0; $j<$num_fields; $j++) {
+			for($j=0; $j<$num_fields; $j++) {
-				$row[$j] = addslashes($row[$j]);
+				if (isset($row[$j]) && !is_null($row[$j]))
-				$row[$j] = ereg_replace("\n","\\n",$row[$j]);
+                {
-				if (isset($row[$j])) $result .= "\"$row[$j]\"" ; else $result .= "\"\"";
+                    $row[$j] = addslashes($row[$j]);
-				if ($j<($num_fields-1)) $result .= ",";
+                    $row[$j] = preg_replace("#\n#","\\n",$row[$j]);
-			}
+                    $result .= "\"$row[$j]\"";
-			$result .= ");\n";
+                }
-		} // while
+                else 
-		return $result . "\n\n\n";
+                {
-	}	
+                    $result .= "NULL";
-
+                }
-?>
+                
 				if ($j<($num_fields-1)) $result .= ",";
 			}
 			$result .= ");\n";
 		} // while
 		return $result . "\n\n\n";
 	}	
 ?>
--- a/include/limesurvey/admin/dumpgroup.php
+++ b/include/limesurvey/admin/dumpgroup.php
@@ -1,95 +1,155 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: dumpgroup.php 4646 2008-04-14 18:47:45Z awarren $
+* $Id: dumpgroup.php 6853 2009-05-15 12:51:09Z c_schmitz $
-*/
+*/
-
+
-
+
-
+
-// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
+// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
-// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
+// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
-// 1. questions
+// 1. questions
-// 2. answers
+// 2. answers
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-$gid = returnglobal('gid');
+$gid = returnglobal('gid');
-$surveyid = returnglobal('sid');
+$surveyid = returnglobal('sid');
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
-
+
-
+
-//echo $htmlheader;
+//echo $htmlheader;
-if (!$gid)
+if (!$gid)
-{
+{
-	echo $htmlheader;
+	echo $htmlheader;
-	echo "<br />\n";
+	echo "<br />\n";
-	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
+	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
-	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Question")."</strong></td></tr>\n";
+	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Question")."</strong></td></tr>\n";
-	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>$setfont\n";
+	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>$setfont\n";
-	echo "$setfont<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n"._EQ_NOGID."<br />\n";
+	echo "$setfont<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n"._EQ_NOGID."<br />\n";
-	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
-	echo "\t</td></tr>\n";
+	echo "\t</td></tr>\n";
-	echo "</table>\n";
+	echo "</table>\n";
-	echo "</body></html>\n";
+	echo "</body></html>\n";
-	exit;
+	exit;
-}
+}
-
+
-$fn = "limesurvey_group_$gid.csv";
+$fn = "limesurvey_group_$gid.csv";
-
+
-$dumphead = "# LimeSurvey Group Dump\n"
+$dumphead = "# LimeSurvey Group Dump\n"
-        . "# DBVersion $dbversionnumber\n"
+        . "# DBVersion $dbversionnumber\n"
-        . "# This is a dumped group from the LimeSurvey Script\n"
+        . "# This is a dumped group from the LimeSurvey Script\n"
-        . "# http://www.limesurvey.org/\n"
+        . "# http://www.limesurvey.org/\n"
-        . "# Do not change this header!\n";
+        . "# Do not change this header!\n";
-
+
-
+
-header("Content-Type: application/download");
+header("Content-Type: application/download");
-header("Content-Disposition: attachment; filename=$fn");
+header("Content-Disposition: attachment; filename=$fn");
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");  // always modified
+header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");  // always modified
-header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
-header("Pragma: cache");
+header("Pragma: cache");
-
+
-//0: Groups Table
+//0: Groups Table
-$gquery = "SELECT * FROM {$dbprefix}groups WHERE gid=$gid";
+$gquery = "SELECT * 
-$gdump = BuildCSVFromQuery($gquery);
+           FROM {$dbprefix}groups 
-
+		   WHERE gid=$gid";
-//1: Questions Table
+$gdump = BuildCSVFromQuery($gquery);
-$qquery = "SELECT * FROM {$dbprefix}questions WHERE gid=$gid";
+
-$qdump = BuildCSVFromQuery($qquery);
+//1: Questions Table
-
+$qquery = "SELECT * 
-//2: Answers table
+           FROM {$dbprefix}questions 
-$aquery = "SELECT DISTINCT {$dbprefix}answers.* FROM {$dbprefix}answers, {$dbprefix}questions WHERE ({$dbprefix}answers.qid={$dbprefix}questions.qid) AND ({$dbprefix}questions.gid=$gid)";
+		   WHERE gid=$gid";
-$adump = BuildCSVFromQuery($aquery);
+$qdump = BuildCSVFromQuery($qquery);
-
+
-//3: Conditions table - THIS CAN ONLY EXPORT CONDITIONS THAT RELATE TO THE SAME GROUP
+//2: Answers table
-$cquery = "SELECT DISTINCT {$dbprefix}conditions.* FROM {$dbprefix}conditions, {$dbprefix}questions, {$dbprefix}questions b WHERE ({$dbprefix}conditions.cqid={$dbprefix}questions.qid) AND ({$dbprefix}conditions.qid=b.qid) AND ({$dbprefix}questions.gid=$gid) AND (b.gid=$gid)";
+$aquery = "SELECT DISTINCT {$dbprefix}answers.* 
-$cdump = BuildCSVFromQuery($cquery);
+           FROM {$dbprefix}answers, {$dbprefix}questions 
-
+		   WHERE ({$dbprefix}answers.qid={$dbprefix}questions.qid) 
-//4: Labelsets Table
+		   AND ({$dbprefix}questions.gid=$gid)";
-$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid) AND (type in ('F', 'H', 'Z', 'W')) AND (gid=$gid)";
+$adump = BuildCSVFromQuery($aquery);
-$lsdump = BuildCSVFromQuery($lsquery);
+
-
+//3: Conditions table - THIS CAN ONLY EXPORT CONDITIONS THAT RELATE TO THE SAME GROUP
-//5: Labels Table
+$cquery = "SELECT DISTINCT {$dbprefix}conditions.* 
-$lquery = "SELECT {$dbprefix}labels.* FROM {$dbprefix}labels, {$dbprefix}questions WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid) AND (type in ('F', 'H', 'Z', 'W')) AND (gid=$gid)";
+           FROM {$dbprefix}conditions, {$dbprefix}questions, {$dbprefix}questions b 
-$ldump = BuildCSVFromQuery($lquery);
+		   WHERE ({$dbprefix}conditions.cqid={$dbprefix}questions.qid) 
-
+		   AND ({$dbprefix}conditions.qid=b.qid) 
-//8: Question Attributes
+		   AND ({$dbprefix}questions.gid=$gid) 
-$query = "SELECT DISTINCT {$dbprefix}question_attributes.* FROM {$dbprefix}question_attributes, {$dbprefix}questions WHERE ({$dbprefix}question_attributes.qid={$dbprefix}questions.qid) AND ({$dbprefix}questions.gid=$gid)";
+		   AND (b.gid=$gid)";
-$qadump = BuildCSVFromQuery($query);
+$cdump = BuildCSVFromQuery($cquery);
-
+
-// HTTP/1.0
+//4: Labelsets Table
-echo $dumphead, $gdump, $qdump, $adump, $cdump, $lsdump, $ldump, $qadump;
+$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* 
-exit;
+            FROM {$dbprefix}labelsets, {$dbprefix}questions 
-?>
+			WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid) 
 			AND (type in ('F', 'W', 'H', 'Z', '1', ':', ';'))
 			AND (gid=$gid)";
 $lsdump = BuildCSVFromQuery($lsquery);
 //5: Labelsets1 Table
 //This exists specifically to deal with dual-scale questions (or any future question that may have 2 labelsets)
 $lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid1) AND (type in ('1')) AND (gid=$gid)";
 $ls1dump = BuildCSVFromQuery($lsquery);
 $ls1=explode("\n", trim($ls1dump));
 if(count($ls1)>3) {
  //If there is actually some data here, then add just the data (not the headers) into 
  // $ls1dump - which will be outputted directly after $lsdump
  $ls1dump=$ls1[4];
  $ls1dump .= "\n";
 } else {
  //If there is no data then make it an empty string.
  $ls1dump = "";
 }
 //4a: Labels Table
 $lquery = "SELECT {$dbprefix}labels.* FROM {$dbprefix}labels, {$dbprefix}questions WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid) AND (type in ('F', 'H', 'Z', 'W', '1', ':', ';')) AND (gid=$gid)";
 $ldump = BuildCSVFromQuery($lquery);
 //5a: Labels1 Table
 // See explanation for Labelsets1 Table!! These are the actual labels
 $lquery = "SELECT {$dbprefix}labels.* FROM {$dbprefix}labels, {$dbprefix}questions WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid1) AND (type in ('1')) AND (gid=$gid)";
 $l1dump = BuildCSVFromQuery($lquery);
 $ld1=explode("\n", trim($l1dump));
 if(count($ld1)>3) {
  //If there is actually some data here, then add just the data (not the headers) into 
  // $l1dump - which will be outputted directly after $ldump
  $l1dump=array();
  foreach($ld1 as $key=>$ld) {
    //Put every line, other than the first three into this string
    if($key > 3) {
      $l1dump[]=$ld;
    }
  }
  $l1dump = implode("\n", $l1dump);
  $l1dump .= "\n";
 } else {
  //If there is no data then make it an empty string.
  $l1dump = "";
 }
 //8: Question Attributes
 $query = "SELECT DISTINCT {$dbprefix}question_attributes.* 
 	   	  FROM {$dbprefix}question_attributes, {$dbprefix}questions 
 		  WHERE ({$dbprefix}question_attributes.qid={$dbprefix}questions.qid) 
 		  AND ({$dbprefix}questions.gid=$gid)";
 $qadump = BuildCSVFromQuery($query);
 // HTTP/1.0
 echo $dumphead, $gdump, $qdump, $adump, $cdump, $lsdump, $ls1dump, $ldump, $l1dump, $qadump;
 exit;
 ?>
--- a/include/limesurvey/admin/dumplabel.php
+++ b/include/limesurvey/admin/dumplabel.php
@@ -1,67 +1,67 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: dumplabel.php 4769 2008-05-06 23:20:29Z c_schmitz $
+* $Id: dumplabel.php 7382 2009-08-01 19:48:15Z c_schmitz $
-*/
+*/
-
+
-
+
-
+
-// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
+// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
-// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
+// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
-// 1. questions
+// 1. questions
-// 2. answers
+// 2. answers
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-$lid=returnglobal('lid');
+$lid=returnglobal('lid');
-if (!$lid)
+if (!$lid)
-{
+{
-	echo "<br />\n";
+	echo "<br />\n";
-	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
+	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
-	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Label Set")."</strong></td></tr>\n";
+	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Label Set")."</strong></td></tr>\n";
-	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>\n";
+	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>\n";
-	echo "<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n".$clang->gT("No LID has been provided. Cannot dump label set.")."<br />\n";
+	echo "<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n".$clang->gT("No LID has been provided. Cannot dump label set.")."<br />\n";
-	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
-	echo "\t</td></tr>\n";
+	echo "\t</td></tr>\n";
-	echo "</table>\n";
+	echo "</table>\n";
-	echo "</body></html>\n";
+	echo "</body></html>\n";
-	exit;
+	exit;
-}
+}
-
+
-$dumphead = "# LimeSurvey Label Set Dump\n"
+$dumphead = "# LimeSurvey Label Set Dump\n"
-. "# DBVersion $dbversionnumber\n"
+. "# DBVersion $dbversionnumber\n"
-. "# This is a dumped label set from the LimeSurvey Script\n"
+. "# This is a dumped label set from the LimeSurvey Script\n"
-. "# http://www.limesurvey.org/\n"
+. "# http://www.limesurvey.org/\n"
-. "# Do not change this header!\n";
+. "# Do not change this header!\n";
-
+
-//1: Questions Table
+//1: Questions Table
-$qquery = "SELECT * FROM {$dbprefix}labelsets WHERE lid=$lid";
+$qquery = "SELECT * FROM {$dbprefix}labelsets WHERE lid=$lid";
-$qdump = BuildCSVFromQuery($qquery);
+$qdump = BuildCSVFromQuery($qquery);
-
+
-//2: Answers table
+//2: Answers table
-$aquery = "SELECT lid, code, title, sortorder, language FROM {$dbprefix}labels WHERE lid=$lid";
+$aquery = "SELECT lid, code, title, sortorder, language, assessment_value FROM {$dbprefix}labels WHERE lid=$lid";
-$adump = BuildCSVFromQuery($aquery);
+$adump = BuildCSVFromQuery($aquery);
-
+
-$fn = "limesurvey_labelset_$lid.csv";
+$fn = "limesurvey_labelset_$lid.csv";
-
+
-
+
-header("Content-Type: application/download");
+header("Content-Type: application/download");
-header("Content-Disposition: attachment; filename=$fn");
+header("Content-Disposition: attachment; filename=$fn");
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
-header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
-header("Pragma: cache");                          // HTTP/1.0
+header("Pragma: cache");                          // HTTP/1.0
-
+
-echo $dumphead, $qdump, $adump;
+echo $dumphead, $qdump, $adump;
-exit;
+exit;
-
+
-?>
+?>
--- a/include/limesurvey/admin/dumpquestion.php
+++ b/include/limesurvey/admin/dumpquestion.php
@@ -1,118 +1,172 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: dumpquestion.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: dumpquestion.php 6853 2009-05-15 12:51:09Z c_schmitz $
-*/
+*/
-
+
-
+
-
+
-// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
+// DUMP THE RELATED DATA FOR A SINGLE QUESTION INTO A SQL FILE FOR IMPORTING LATER ON OR
-// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
+// ON ANOTHER SURVEY SETUP DUMP ALL DATA WITH RELATED QID FROM THE FOLLOWING TABLES
-// 1. questions
+// 1. questions
-// 2. answers
+// 2. answers
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-$qid = returnglobal('qid');
+$qid = returnglobal('qid');
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-//echo $htmlheader;
+//echo $htmlheader;
-if (!$qid)
+if (!$qid)
-{
+{
-	echo $htmlheader;
+	echo $htmlheader;
-	echo "<br />\n";
+	echo "<br />\n";
-	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
+	echo "<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n";
-	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Question")."</strong></td></tr>\n";
+	echo "\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>".$clang->gT("Export Question")."</strong></td></tr>\n";
-	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>\n";
+	echo "\t<tr bgcolor='#CCCCCC'><td align='center'>\n";
-	echo "<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n".$clang->gT("No QID has been provided. Cannot dump question.")."<br />\n";
+	echo "<br /><strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n".$clang->gT("No QID has been provided. Cannot dump question.")."<br />\n";
-	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+	echo "<br /><input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
-	echo "\t</td></tr>\n";
+	echo "\t</td></tr>\n";
-	echo "</table>\n";
+	echo "</table>\n";
-	echo "</body></html>\n";
+	echo "</body></html>\n";
-	exit;
+	exit;
-}
+}
-
+
-$dumphead = "# LimeSurvey Question Dump\n"
+$dumphead = "# LimeSurvey Question Dump\n"
-          . "# DBVersion $dbversionnumber\n"
+          . "# DBVersion $dbversionnumber\n"
-          . "# This is a dumped question from the LimeSurvey Script\n"
+          . "# This is a dumped question from the LimeSurvey Script\n"
-          . "# http://www.limesurvey.org/\n"
+          . "# http://www.limesurvey.org/\n"
-          . "# Do not change this header!\n";
+          . "# Do not change this header!\n";
-
+
-function BuildOutput($Query)
+function BuildOutput($Query)
-{
+{
-	global $dbprefix, $connect;
+	global $dbprefix, $connect;
-	$QueryResult = db_execute_assoc($Query) or safe_die ("ERROR: $QueryResult<br />".$connect->ErrorMsg());
+	$QueryResult = db_execute_assoc($Query) or safe_die ("ERROR: $QueryResult<br />".$connect->ErrorMsg());
-	preg_match('/FROM (\w+)( |,)/i', $Query, $MatchResults);
+	preg_match('/FROM (\w+)( |,)/i', $Query, $MatchResults);
-	$TableName = $MatchResults[1];;
+	$TableName = $MatchResults[1];;
-	if ($dbprefix)
+	if ($dbprefix)
-	{
+	{
-		$TableName = substr($TableName, strlen($dbprefix), strlen($TableName));
+		$TableName = substr($TableName, strlen($dbprefix), strlen($TableName));
-	}
+	}
-	$Output = "\n#\n# " . strtoupper($TableName) . " TABLE\n#\n";
+	$Output = "\n#\n# " . strtoupper($TableName) . " TABLE\n#\n";
-	$HeaderDone = false;	$ColumnNames = "";
+	$HeaderDone = false;	$ColumnNames = "";
-	while ($Row = $QueryResult->FetchRow())
+	while ($Row = $QueryResult->FetchRow())
-	{
+	{
-
+
-       if (!$HeaderDone)
+       if (!$HeaderDone)
-       {
+       {
-    		foreach ($Row as $Key=>$Value)
+    		foreach ($Row as $Key=>$Value)
-    		{
+    		{
-    			$ColumnNames .= CSVEscape($Key).","; //Add all the column names together
+    			$ColumnNames .= CSVEscape($Key).","; //Add all the column names together
-    		}
+    		}
-			$ColumnNames = substr($ColumnNames, 0, -1); //strip off last comma space
+			$ColumnNames = substr($ColumnNames, 0, -1); //strip off last comma space
-     		$Output .= "$ColumnNames\n";
+     		$Output .= "$ColumnNames\n";
-    		$HeaderDone=true;
+    		$HeaderDone=true;
-       }
+       }
-		$ColumnValues = "";
+		$ColumnValues = "";
-		foreach ($Row as $Key=>$Value)
+		foreach ($Row as $Key=>$Value)
-		{
+		{
-			$ColumnValues .= CSVEscape(str_replace("\r\n", "\n", $Value)) . ",";
+			$ColumnValues .= CSVEscape(str_replace("\r\n", "\n", $Value)) . ",";
-		}
+		}
-		$ColumnValues = substr($ColumnValues, 0, -1); //strip off last comma space
+		$ColumnValues = substr($ColumnValues, 0, -1); //strip off last comma space
-		$Output .= "$ColumnValues\n";
+		$Output .= "$ColumnValues\n";
-	}
+	}
-	return $Output;
+	return $Output;
-}
+}
-
+
-
+
-//1: Questions Table
+//1: Questions Table
-$qquery = "SELECT * FROM {$dbprefix}questions WHERE qid=$qid";
+$qquery = "SELECT * 
-$qdump = BuildCSVFromQuery($qquery);
+           FROM {$dbprefix}questions 
-
+		   WHERE qid=$qid";
-//2: Answers table
+$qdump = BuildCSVFromQuery($qquery);
-$aquery = "SELECT {$dbprefix}answers.* FROM {$dbprefix}answers WHERE {$dbprefix}answers.qid = $qid";
+
-$adump = BuildCSVFromQuery($aquery);
+//2: Answers table
-
+$aquery = "SELECT {$dbprefix}answers.* 
-//3: Labelsets Table
+           FROM {$dbprefix}answers 
-//$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE {$dbprefix}labelsets.lid={$dbprefix}questions.lid AND type='F' AND qid=$qid";
+		   WHERE {$dbprefix}answers.qid = $qid";
-$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE {$dbprefix}labelsets.lid={$dbprefix}questions.lid AND type in ('F', 'H', 'Z', 'W') AND qid=$qid";
+$adump = BuildCSVFromQuery($aquery);
-$lsdump = BuildCSVFromQuery($lsquery);
+
-
+//3: Labelsets Table
-//4: Labels Table
+//$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE {$dbprefix}labelsets.lid={$dbprefix}questions.lid AND type='F' AND qid=$qid";
-$lquery = "SELECT DISTINCT {$dbprefix}labels.* FROM {$dbprefix}labels, {$dbprefix}questions WHERE {$dbprefix}labels.lid={$dbprefix}questions.lid AND type in ('F', 'H', 'Z', 'W') AND qid=$qid";
+$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* 
-$ldump = BuildCSVFromQuery($lquery);
+            FROM {$dbprefix}labelsets, {$dbprefix}questions 
-
+			WHERE {$dbprefix}labelsets.lid={$dbprefix}questions.lid 
-//5: Question Attributes
+			AND type in ('F', 'W', 'H', 'Z', '1', ':', ';') 
-$query = "SELECT {$dbprefix}question_attributes.* FROM {$dbprefix}question_attributes WHERE {$dbprefix}question_attributes.qid=$qid";
+			AND qid=$qid";
-$qadump = BuildCSVFromQuery($query);
+$lsdump = BuildCSVFromQuery($lsquery);
-$fn = "limesurvey_question_$qid.csv";
+
-
+//4: Labels Table
-header("Content-Type: application/download");
+$lquery = "SELECT DISTINCT {$dbprefix}labels.* 
-header("Content-Disposition: attachment; filename=$fn");
+		   FROM {$dbprefix}labels, {$dbprefix}questions 
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
+		   WHERE {$dbprefix}labels.lid={$dbprefix}questions.lid 
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+		   AND type in ('F', 'W', 'H', 'Z', '1', ':', ';') 
-header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+		   AND qid=$qid";
-header("Pragma: cache");                          // HTTP/1.0
+$ldump = BuildCSVFromQuery($lquery);
-echo $dumphead, $qdump, $adump, $lsdump, $ldump, $qadump;
+
-exit;
+//4: Labelsets1 Table
-?>
+//This exists specifically to deal with dual-scale questions (or any future question that may have 2 labelsets)
 $lsquery = "SELECT DISTINCT {$dbprefix}labelsets.* FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE {$dbprefix}labelsets.lid={$dbprefix}questions.lid1 AND type in ('1') AND qid=$qid";
 $ls1dump = BuildCSVFromQuery($lsquery);
 $ls1=explode("\n", trim($ls1dump));
 if(count($ls1)>3) {
  //If there is actually some data here, then add just the data (not the headers) into 
  // $ls1dump - which will be outputted directly after $lsdump
  $ls1dump=$ls1[4];
  $ls1dump .= "\n";
 } else {
  //If there is no data then make it an empty string.
  $ls1dump = "";
 }
 //4a: Labels1 Table
 // See explanation for Labelsets1 Table!! These are the actual labels
 $lquery = "SELECT DISTINCT {$dbprefix}labels.* FROM {$dbprefix}labels, {$dbprefix}questions WHERE {$dbprefix}labels.lid={$dbprefix}questions.lid1 AND type in ('1') AND qid=$qid";
 $l1dump = BuildCSVFromQuery($lquery);
 $ld1=explode("\n", trim($l1dump));
 if(count($ld1)>3) {
  //If there is actually some data here, then add just the data (not the headers) into 
  // $l1dump - which will be outputted directly after $ldump
  $l1dump=array();
  foreach($ld1 as $key=>$ld) {
    //Put every line, other than the first three into this string
    if($key > 3) {
      $l1dump[]=$ld;
    }
  }
  $l1dump = implode("\n", $l1dump);
  $l1dump .= "\n";
 } else {
  //If there is no data then make it an empty string.
  $l1dump = "";
 }
 //5: Question Attributes
 $query = "SELECT {$dbprefix}question_attributes.* 
 	      FROM {$dbprefix}question_attributes 
 		  WHERE {$dbprefix}question_attributes.qid=$qid";
 $qadump = BuildCSVFromQuery($query);
 $fn = "limesurvey_question_$qid.csv";
 header("Content-Type: application/download");
 header("Content-Disposition: attachment; filename=$fn");
 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
 header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
 header("Pragma: cache");                          // HTTP/1.0
 echo $dumphead, $qdump, $adump, $lsdump, $ls1dump, $ldump, $l1dump, $qadump;
 exit;
 ?>
--- a/include/limesurvey/admin/export_data_functions.php
+++ b/include/limesurvey/admin/export_data_functions.php
@@ -0,0 +1,457 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: export_data_functions.php 7406 2009-08-05 12:25:57Z mennodekker $
 */
 $length_vallabel = '120'; // Set the max text length of Value Labels
 $length_data = '255'; // Set the max text length of Text Data
 /**
 * Strips html tags and replaces new lines
 *
 * @param $string
 * @return $string
 */
 function strip_tags_full($string) {
 	$string=html_entity_decode($string, ENT_QUOTES, "UTF-8");
 	//combining these into one mb_ereg_replace call ought to speed things up
 	$string = str_replace(array("\r\n","\r","\n",'-oth-'), '', $string);
 	//The backslashes must be escaped twice, once for php, and again for the regexp
 	$string = str_replace("'|\\\\'", "&apos;", $string);
 	return strip_tags($string);
 }
 /**
 * Returns true if passed $value is numeric
 *
 * @param $value
 * @return bool
 */
 function my_is_numeric($value)  {
 	$american = preg_match ("/^(-){0,1}([0-9]+)(,[0-9][0-9][0-9])*([.][0-9]){0,1}([0-9]*)$/" ,$value) == 1;
 	$world = preg_match ("/^(-){0,1}([0-9]+)(.[0-9][0-9][0-9])*([,][0-9]){0,1}([0-9]*)$/" ,$value) == 1;
 	return ($american or $world);
 }
 function spss_export_data ($na = null) {
 	global $length_data;
 	// Build array that has to be returned
 	$fields = spss_fieldmap();
 	//Now get the query string with all fields to export
 	$query = spss_getquery();
 	$result=db_execute_num($query) or safe_die("Couldn't get results<br />$query<br />".$connect->ErrorMsg()); //Checked
 	$num_fields = $result->FieldCount();
 	while ($row = $result->FetchRow()) {
 		$fieldno = 0;
 		while ($fieldno < $num_fields)
 		{
 			if ($fields[$fieldno]['SPSStype']=='DATETIME23.2'){
 				#convert mysql  datestamp (yyyy-mm-dd hh:mm:ss) to SPSS datetime (dd-mmm-yyyy hh:mm:ss) format
 				if (isset($row[$fieldno]))
 				{
 					list( $year, $month, $day, $hour, $minute, $second ) = split( '([^0-9])', $row[$fieldno] );
 					if ($year != '' && (int)$year >= 1970)
 					{
 						echo "'".date('d-m-Y H:i:s', mktime( $hour, $minute, $second, $month, $day, $year ) )."'";
 					} else
 					{
 						echo ($na);
 					}
 				}  else
 				{
 					echo ($na);
 				}
 			} else if ($fields[$fieldno]['LStype'] == 'Y')
 			{
 				if ($row[$fieldno] == 'Y')    // Yes/No Question Type
 				{
 					echo( "'1'");
 				} else if ($row[$fieldno] == 'N'){
 					echo( "'2'");
 				} else {
 					echo($na);
 				}
 			} else if ($fields[$fieldno]['LStype'] == 'G')    //Gender
 			{
 				if ($row[$fieldno] == 'F')
 				{
 					echo( "'1'");
 				} else if ($row[$fieldno] == 'M'){
 					echo( "'2'");
 				} else {
 					echo($na);
 				}
 			} else if ($fields[$fieldno]['LStype'] == 'C')    //Yes/No/Uncertain
 			{
 				if ($row[$fieldno] == 'Y')
 				{
 					echo( "'1'");
 				} else if ($row[$fieldno] == 'N'){
 					echo( "'2'");
 				} else if ($row[$fieldno] == 'U'){
 					echo( "'3'");
 				} else {
 					echo($na);
 				}
 			} else if ($fields[$fieldno]['LStype'] == 'E')     //Increase / Same / Decrease
 			{
 				if ($row[$fieldno] == 'I')
 				{
 					echo( "'1'");
 				} else if ($row[$fieldno] == 'S'){
 					echo( "'2'");
 				} else if ($row[$fieldno] == 'D'){
 					echo( "'3'");
 				} else {
 					echo($na);
 				}
 			} elseif (($fields[$fieldno]['LStype'] == 'P' || $fields[$fieldno]['LStype'] == 'M') && (substr($fields[$fieldno]['code'],-7) != 'comment' && substr($fields[$fieldno]['code'],-5) != 'other'))
 			{
 				if ($row[$fieldno] == 'Y')
 				{
 					echo("'1'");
 				} else
 				{
 					echo("'0'");
 				}
 			} elseif (!$fields[$fieldno]['hide']) {
 				$strTmp=mb_substr(strip_tags_full($row[$fieldno]), 0, $length_data);
 				if (trim($strTmp) != ''){
 					$strTemp=str_replace(array("'","\n","\r"),array("''",' ',' '),trim($strTmp));
 					/*
 					 * Temp quick fix for replacing decimal dots with comma's
 					 if (my_is_numeric($strTemp)) {
 						$strTemp = str_replace('.',',',$strTemp);
 						}
 						*/
 					echo "'$strTemp'";
 				}
 				else
 				{
 					echo $na;
 				}
 			}
 			$fieldno++;
 			if ($fieldno<$num_fields && !$fields[$fieldno]['hide']) echo ',';
 		}
 		echo "\n";
 	}
 }
 /**
 * Check it the gives field has a labelset and return it as an array if true
 *
 * @param $field array field from spss_fieldmap
 * @return array or false
 */
 function spss_getvalues ($field = array()) {
 	global $surveyid, $dbprefix, $connect, $clang, $language, $length_vallabel;
 	if (!isset($field['LStype']) || empty($field['LStype'])) return false;
 	$answers=array();
 	if (strpos("!LOR",$field['LStype']) !== false) {
 		if (substr($field['code'],-5) == 'other' || substr($field['code'],-7) == 'comment') {
 			//We have a comment field, so free text
 		} else {
 			$query = "SELECT {$dbprefix}answers.code, {$dbprefix}answers.answer,
 			{$dbprefix}questions.type FROM {$dbprefix}answers, {$dbprefix}questions WHERE
 			{$dbprefix}answers.qid = '".$field["qid"]."' and {$dbprefix}questions.language='".$language."' and  {$dbprefix}answers.language='".$language."'
 			    and {$dbprefix}questions.qid='".$field['qid']."' ORDER BY sortorder ASC";
 			$result=db_execute_assoc($query) or safe_die("Couldn't lookup value labels<br />$query<br />".$connect->ErrorMsg()); //Checked
 			$num_results = $result->RecordCount();
 			if ($num_results > 0)
 			{
 				$displayvaluelabel = 0;
 				# Build array that has to be returned
 				for ($i=0; $i < $num_results; $i++)
 				{
 					$row = $result->FetchRow();
 					$answers[] = array('code'=>$row['code'], 'value'=>strip_tags_full(mb_substr($row["answer"],0,$length_vallabel)));
 				}
 			}
 		}
 	} elseif (strpos("FWZWH1",$field['LStype']) !== false) {
 		$query = "SELECT {$dbprefix}questions.lid, {$dbprefix}labels.code, {$dbprefix}labels.title from
 		{$dbprefix}questions, {$dbprefix}labels WHERE {$dbprefix}labels.language='".$language."' and
 		{$dbprefix}questions.language='".$language."' and
 		{$dbprefix}questions.qid ='".$field["qid"]."' and {$dbprefix}questions.lid={$dbprefix}labels.lid ORDER BY sortorder ASC";
 		$result=db_execute_assoc($query) or safe_die("Couldn't get labels<br />$query<br />".$connect->ErrorMsg());   //Checked
 		$num_results = $result->RecordCount();
 		if ($num_results > 0)
 		{
 			for ($i=0; $i < $num_results; $i++)
 			{
 				$row = $result->FetchRow();
 				$answers[] = array('code'=>$row['code'], 'value'=>strip_tags_full(mb_substr($row["title"],0,$length_vallabel)));
 			}
 		}
 	} elseif ($field['LStype'] == ':') {
 		$displayvaluelabel = 0;
 		//Get the labels that could apply!
 		$qidattributes=getQuestionAttributes($field["qid"]);
 		if ($maxvalue=arraySearchByKey("multiflexible_max", $qidattributes, "attribute", 1)) {
 			$maxvalue=$maxvalue['value'];
 		} else {
 			$maxvalue=10;
 		}
 		if ($minvalue=arraySearchByKey("multiflexible_min", $qidattributes, "attribute", 1)) {
 			$minvalue=$minvalue['value'];
 		} else {
 			$minvalue=1;
 		}
 		if ($stepvalue=arraySearchByKey("multiflexible_step", $qidattributes, "attribute", 1)) {
 			$stepvalue=$stepvalue['value'];
 		} else {
 			$stepvalue=1;
 		}
 		if (arraySearchByKey("multiflexible_checkbox", $qidattributes, "attribute", 1)) {
 			$minvalue=0;
 			$maxvalue=1;
 			$stepvalue=1;
 		}
 		for ($i=$minvalue; $i<=$maxvalue; $i+=$stepvalue)
 		{
 			$answers[] = array('code'=>$i, 'value'=>$i);
 		}
 	} elseif ($field['LStype'] == 'M' && substr($field['code'],-5) != 'other' && $field['size'] > 0)
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Yes'));
 		$answers[] = array('code'=>0, 'value'=>$clang->gT('Not Selected'));
 	} elseif ($field['LStype'] == "P" && substr($field['code'],-5) != 'other' && substr($field['code'],-7) != 'comment')
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Yes'));
 		$answers[] = array('code'=>0, 'value'=>$clang->gT('Not Selected'));
 	} elseif ($field['LStype'] == "G" && $field['size'] > 0)
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Female'));
 		$answers[] = array('code'=>2, 'value'=>$clang->gT('Male'));
 	} elseif ($field['LStype'] == "Y" && $field['size'] > 0)
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Yes'));
 		$answers[] = array('code'=>2, 'value'=>$clang->gT('No'));
 	} elseif ($field['LStype'] == "C" && $field['size'] > 0)
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Yes'));
 		$answers[] = array('code'=>2, 'value'=>$clang->gT('No'));
 		$answers[] = array('code'=>3, 'value'=>$clang->gT('Uncertain'));
 	} elseif ($field['LStype'] == "E" && $field['size'] > 0)
 	{
 		$answers[] = array('code'=>1, 'value'=>$clang->gT('Increase'));
 		$answers[] = array('code'=>2, 'value'=>$clang->gT('Same'));
 		$answers[] = array('code'=>3, 'value'=>$clang->gT('Decrease'));
 	}
 	if (count($answers)>0) {
 		//check the max width of the answers
 		$size = 0;
 		$spssType = 'F'; //Try if we can use num and use alpha as fallback
 		$size = 1;
 		foreach ($answers as $answer) {
 			$len = mb_strlen($answer['code']);
 			if ($len>$size) $size = $len;
 			if ($spssType =='F' && (my_is_numeric($answer['code'])===false || $size>16)) $spssType='A';
 		}
 		$answers['size'] = $size;
 		$answers['SPSStype'] = $spssType;
 		return $answers;
 	} else {
 		return false;
 	}
 }
 /**
 * Creates a fieldmap with all information necessary to output the fields
 *
 * @param $prefix string prefix for the variable ID
 * @return array
 */
 function spss_fieldmap($prefix = 'V') {
 	global $surveyid, $dbprefix, $typeMap, $connect, $clang;
 	global $surveyprivate, $tokensexist, $language;
 	$fieldmap = createFieldMap($surveyid, 'full');		//Create a FULL fieldmap
 	#See if tokens are being used
 	$tokensexist = tokenTableExists($surveyid);
 	#Lookup the names of the attributes
 	$query="SELECT sid, private, language FROM {$dbprefix}surveys WHERE sid=$surveyid";
 	$result=db_execute_assoc($query) or safe_die("Couldn't count fields<br />$query<br />".$connect->ErrorMsg());  //Checked
 	$num_results = $result->RecordCount();
 	$num_fields = $num_results;
 	# Build array that has to be returned
 	for ($i=0; $i < $num_results; $i++) {
 		$row = $result->FetchRow();
 		$surveyprivate=$row['private'];
 		$language=$row['language'];
 	}
 	$fieldno=0;
 	$fields=array();
 	if (isset($tokensexist) && $tokensexist == true && $surveyprivate == 'N') {
 		$tokenattributes=GetTokenFieldsAndNames($surveyid,false);
 		foreach ($tokenattributes as $attributefield=>$attributedescription)
 		{
 			//Drop the token field, since it is in the survey too
 			if($attributefield!='token') {
 				$fieldno++;
 				$fields[] = array('id'=>"$prefix$fieldno",'name'=>mb_substr($attributefield, 0, 8),
 			    'qid'=>0,'code'=>'','SPSStype'=>'A','LStype'=>'Undef',
 			    'VariableLabel'=>$attributedescription,'sql_name'=>$attributefield,'size'=>'100',
 			    'title'=>$attributefield,'hide'=>0);
 			}
 		}
 	}
 	$tempArray = array();
 	$fieldnames = array_values($connect->MetaColumnNames("{$dbprefix}survey_$surveyid", true));
 	$num_results = count($fieldnames);
 	$num_fields = $num_results;
 	$diff = 0;
 	$noQID = Array('id', 'token', 'datestamp', 'submitdate', 'startdate', 'startlanguage', 'ipaddr', 'refurl');
 	# Build array that has to be returned
 	for ($i=0; $i < $num_results; $i++) {
 		#Conditions for SPSS fields:
 		# - Length may not be longer than 8 characters
 		# - Name may not begin with a digit
 		$fieldname = $fieldnames[$i];
 		$fieldtype = '';
 		$ftype='';
 		$val_size = 1;
 		$hide = 0;
 		$export_scale = '';
 		$code='';
 		#Determine field type
 		if ($fieldname=='submitdate' || $fieldname=='startdate' || $fieldname == 'datestamp') {
 			$fieldtype = 'DATETIME23.2';
 		} elseif ($fieldname=='startlanguage') {
 			$fieldtype = 'A';
 			$val_size = 19;
 		} elseif ($fieldname=='token') {
 			$fieldtype = 'A';
 			$val_size = 16;
 		} elseif ($fieldname=='id') {
 			$fieldtype = 'F';
 			$val_size = 7; //Arbitrarilty restrict to 9,999,999 (7 digits) responses/survey
 		} elseif ($fieldname == 'ipaddr') {
 			$fieldtype = 'A';
 			$val_size = '15';
 		} elseif ($fieldname == 'refurl') {
 			$fieldtype = 'A';
 			$val_size = 255;
 		}
 		#Get qid (question id)
 		if (in_array($fieldname, $noQID) || substr($fieldname,0,10)=='attribute_'){
 			$qid = 0;
 			$varlabel = $fieldname;
 			$ftitle = $fieldname;
 		} else{
 			//GET FIELD DATA
 			$fielddata=arraySearchByKey($fieldname, $fieldmap, 'fieldname', 1);
 			if (count($fielddata)==0) {
 				//Field in database but no longer in survey... how is this possible?
 				//@TODO: think of a fix.
 			} else {
 				$qid=$fielddata['qid'];
 				$ftype=$fielddata['type'];
 				$fsid=$fielddata['sid'];
 				$fgid=$fielddata['gid'];
 				$code=mb_substr($fielddata['fieldname'],strlen($fsid."X".$fgid."X".$qid));
 				$varlabel=$fielddata['question'];
 				$ftitle=$fielddata['title'];
 				if (!is_null($code) && $code<>"" ) $ftitle .= "_$code";
 				if (isset($typeMap[$ftype]['size'])) $val_size = $typeMap[$ftype]['size'];
 				if($fieldtype == '') $fieldtype = $typeMap[$ftype]['SPSStype'];
 				if (isset($typeMap[$ftype]['hide'])) {
 					$hide = $typeMap[$ftype]['hide'];
 					$diff++;
 				}
 				//Get default scale for this type
 				if (isset($typeMap[$ftype]['Scale'])) $export_scale = $typeMap[$ftype]['Scale'];
 				//But allow override
 				$aQuestionAttribs = getQAttributes($qid);
 				if (isset($aQuestionAttribs['scale_export'])) $export_scale = $aQuestionAttribs['scale_export'];
 			}
 		}
 		$fieldno++;
 		$fid = $fieldno - $diff;
 		$lsLong = isset($typeMap[$ftype]["name"])?$typeMap[$ftype]["name"]:$ftype;
 		$tempArray = array('id'=>"$prefix$fid",'name'=>mb_substr($fieldname, 0, 8),
 		    'qid'=>$qid,'code'=>$code,'SPSStype'=>$fieldtype,'LStype'=>$ftype,"LSlong"=>$lsLong,
 		    'ValueLabels'=>'','VariableLabel'=>$varlabel,"sql_name"=>$fieldname,"size"=>$val_size,
 		    'title'=>$ftitle,'hide'=>$hide,'scale'=>$export_scale);
 		//Now check if we have to retrieve value labels
 		$answers = spss_getvalues($tempArray);
 		if (is_array($answers)) {
 			//Ok we have answers
 			if (isset($answers['size'])) {
 				$tempArray['size'] = $answers['size'];
 				unset($answers['size']);
 			}
 			if (isset($answers['SPSStype'])) {
 				$tempArray['SPSStype'] = $answers['SPSStype'];
 				unset($answers['SPSStype']);
 			}
 			$tempArray['answers'] = $answers;
 		}
 		$fields[] = $tempArray;
 	}
 	return $fields;
 }
 /**
 * Creates a query string with all fields for the export
 *
 * @return string
 */
 function spss_getquery() {
 	global $surveyprivate, $dbprefix, $surveyid, $tokensexist;
 	#See if tokens are being used
 	if (isset($tokensexist) && $tokensexist == true && $surveyprivate == 'N') {
 		$query="SELECT ";
 		$tokenattributes=GetTokenFieldsAndNames($surveyid,false);
 		foreach ($tokenattributes as $attributefield=>$attributedescription) {
 			//Drop the token field, since it is in the survey too
 			if($attributefield!='token') {
 				$query .= "{$dbprefix}tokens_$surveyid.$attributefield, ";
 			}
 		}
 		$query .= "{$dbprefix}survey_$surveyid.*
 	    FROM {$dbprefix}survey_$surveyid
 	    LEFT JOIN {$dbprefix}tokens_$surveyid ON {$dbprefix}survey_$surveyid.token = {$dbprefix}tokens_$surveyid.token";
 	} else {
 		$query = "SELECT *
 	    FROM {$dbprefix}survey_$surveyid";
 	}
 	switch (incompleteAnsFilterstate()) {
 		case 'inc':
 			//Inclomplete answers only
 			$query .= ' WHERE submitdate is null ';
 			break;
 		case 'filter':
 			//Inclomplete answers only
 			$query .= ' WHERE submitdate is not null ';
 			break;
 	}
 	return $query;
 }
 ?>
--- a/include/limesurvey/admin/export_data_r.php
+++ b/include/limesurvey/admin/export_data_r.php
@@ -0,0 +1,244 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: export_data_r.php 7315 2009-07-14 11:12:04Z mennodekker $
 */
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
 /*
 * The SPSS DATA LIST / BEGIN DATA parser is rather simple minded, the number after the type
 * specifier identifies the field width (maximum number of characters to scan)
 * It will stop short of that number of characters, honouring quote delimited
 * space separated strings, however if the width is too small the remaining data in the current
 * line becomes part of the next column.  Since we want to restrict this script to ONE scan of
 * the data (scan & output at same time), the information needed to construct the
 * DATA LIST is held in the $fields array, while the actual data is written to a
 * to a temporary location, updating length (size) values in the $fields array as
 * the tmp file is generated (uses @fwrite's return value rather than strlen).
 * Final output renders $fields to a DATA LIST, and then stitches in the tmp file data.
 *
 * Optimization opportunities remain in the VALUE LABELS section, which runs a query / column
 */
 $length_varlabel = '255'; // Set the max text length of Variable Labels
 $headerComment = '';
 $tempFile = '';
 include_once('login_check.php');
 //for scale 1=nominal, 2=ordinal, 3=scale
 $typeMap = array(
 '5'=>Array('name'=>'5 Point Choice','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'B'=>Array('name'=>'Array (10 Point Choice)','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'A'=>Array('name'=>'Array (5 Point Choice)','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'F'=>Array('name'=>'Array (Flexible Labels)','size'=>1,'SPSStype'=>'F'),
 '1'=>Array('name'=>'Array (Flexible Labels) Dual Scale','size'=>1,'SPSStype'=>'F'),
 'H'=>Array('name'=>'Array (Flexible Labels) by Column','size'=>1,'SPSStype'=>'F'),
 'E'=>Array('name'=>'Array (Increase, Same, Decrease)','size'=>1,'SPSStype'=>'F','Scale'=>2),
 'C'=>Array('name'=>'Array (Yes/No/Uncertain)','size'=>1,'SPSStype'=>'F'),
 'X'=>Array('name'=>'Boilerplate Question','size'=>1,'SPSStype'=>'A','hide'=>1),
 'D'=>Array('name'=>'Date','size'=>10,'SPSStype'=>'SDATE'),
 'G'=>Array('name'=>'Gender','size'=>1,'SPSStype'=>'F'),
 'U'=>Array('name'=>'Huge Free Text','size'=>1,'SPSStype'=>'A'),
 'I'=>Array('name'=>'Language Switch','size'=>1,'SPSStype'=>'A'),
 '!'=>Array('name'=>'List (Dropdown)','size'=>1,'SPSStype'=>'F'),
 'W'=>Array('name'=>'List (Flexible Labels) (Dropdown)','size'=>1,'SPSStype'=>'F'),
 'Z'=>Array('name'=>'List (Flexible Labels) (Radio)','size'=>1,'SPSStype'=>'F'),
 'L'=>Array('name'=>'List (Radio)','size'=>1,'SPSStype'=>'F'),
 'O'=>Array('name'=>'List With Comment','size'=>1,'SPSStype'=>'F'),
 'T'=>Array('name'=>'Long free text','size'=>1,'SPSStype'=>'A'),
 'K'=>Array('name'=>'Multiple Numerical Input','size'=>1,'SPSStype'=>'F'),
 'M'=>Array('name'=>'Multiple Options','size'=>1,'SPSStype'=>'F'),
 'P'=>Array('name'=>'Multiple Options With Comments','size'=>1,'SPSStype'=>'F'),
 'Q'=>Array('name'=>'Multiple Short Text','size'=>1,'SPSStype'=>'F'),
 'N'=>Array('name'=>'Numerical Input','size'=>3,'SPSStype'=>'F','Scale'=>3),
 'R'=>Array('name'=>'Ranking','size'=>1,'SPSStype'=>'F'),
 'S'=>Array('name'=>'Short free text','size'=>1,'SPSStype'=>'F'),
 'Y'=>Array('name'=>'Yes/No','size'=>1,'SPSStype'=>'F'),
 ':'=>Array('name'=>'Multi flexi numbers','size'=>1,'SPSStype'=>'F','Scale'=>3),
 ';'=>Array('name'=>'Multi flexi text','size'=>1,'SPSStype'=>'A'),
 );
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 if  (!isset($subaction))
 {
 	$exportroutput = browsemenubar($clang->gT('Export results'));
 	$exportroutput .= "<br />\n";
 	$exportroutput .= "<div class='header'>".$clang->gT("Export result data to R")."</div>\n";
 	$exportroutput .= "<p style='width:100%;'><ul style='width:300px;margin:0 auto;'><li><a href='$scriptname?action=exportr&amp;sid=$surveyid&amp;subaction=dlstructure'>".$clang->gT("Export R syntax file")."</a></li><li>"
 	."<a href='$scriptname?action=exportr&amp;sid=$surveyid&amp;subaction=dldata'>".$clang->gT("Export .csv data file")."</a></li></ul></p><br />\n"
 	."<h3>".$clang->gT("Instructions for the impatient")."</h3>"
 	."<ol style='width:500px;margin:0 auto; font-size:8pt;'>"
 	."<li>".$clang->gT("Download the data and the syntax file.")."</li>"
 	."<li>".$clang->gT("Save both of them on the R working directory (use getwd() and setwd() on the R command window to get and set it)").".</li>"
 	."<li>".$clang->gT("digit:       source(\"Surveydata_syntax.R\", encoding = \"UTF-8\")        on the R command window")."</li>"
 	."</ol><br />"
 	.$clang->gT("Your data should be imported now, the data.frame is named \"data\", the variable.labels are attributes of data (\"attributes(data)\$variable.labels\"), like for foreign:read.spss.")
 	."<table><tr><td>";
 } else {
 	// Get Base Language:
 	$language = GetBaseLanguageFromSurveyID($surveyid);
 	$clang = new limesurvey_lang($language);
 	require_once ("export_data_functions.php");
 }
 if  ($subaction=='dldata') {
 	header("Content-Type: application/download; charset=utf-8");
 	header("Content-Disposition: attachment; filename=survey_".$surveyid."_data_file.csv");
 	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
 	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
 	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
 	header('Pragma: no-cache');
 	sendcacheheaders();
 	$na = "\"\"";
 	spss_export_data($na);
 	exit;
 }
 if  ($subaction=='dlstructure') {
 	header("Content-Type: application/download; charset=utf-8");
 	header("Content-Disposition: attachment; filename=Surveydata_syntax.R");
 	header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
 	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
 	header('Pragma: no-cache');
 	sendcacheheaders();
 	// Build array that has to be returned
 	$fields = spss_fieldmap();
 	//Now get the query string with all fields to export
 	$query = spss_getquery();
 	$result=db_execute_num($query) or safe_die("Couldn't get results<br />$query<br />".$connect->ErrorMsg()); //Checked
 	$num_fields = $result->FieldCount();
 	//Now we check if we need to adjust the size of the field or the type of the field
 	while ($row = $result->FetchRow()) {
 		$fieldno = 0;
 		while ($fieldno < $num_fields)
 		{
 			//Performance improvement, don't recheck fields that have valuelabels
 			if (!isset($fields[$fieldno]['answers'])) {
 				$strTmp=mb_substr(strip_tags_full($row[$fieldno]), 0, $length_data);
 				$len = mb_strlen($strTmp);
 				if($len > $fields[$fieldno]['size']) $fields[$fieldno]['size'] = $len;
 				if (trim($strTmp) != ''){
 					if ($fields[$fieldno]['SPSStype']=='F' && (my_is_numeric($strTmp)===false || $fields[$fieldno]['size']>16))
 					{
 						$fields[$fieldno]['SPSStype']='A';
 					}
 				}
 			}
 			$fieldno++;
 		}
 	}
 	/**
 	 * End of DATA print out
 	 *
 	 * Now $fields contains accurate length data, and the DATA LIST can be rendered -- then the contents of the temp file can
 	 * be sent to the client.
 	 */
 	echo $headerComment;
 	echo "data=read.table(\"survey_".$surveyid."_data_file.csv\", sep=\",\", quote = \"'\", na.strings=\"\")\n names(data)=paste(\"V\",1:dim(data)[2],sep=\"\")\n";
 	foreach ($fields as $field){
 		if($field['SPSStype'] == 'DATETIME23.2') $field['size']='';
 		if($field['LStype'] == 'N' || $field['LStype']=='K') {
 			$field['size'].='.'.($field['size']-1);
 		}
 		switch ($field['SPSStype']) {
 			case 'F':
 				$type="numeric";
 				break;
 			case 'A':
 				$type="character";
 				break;
 			case 'DATETIME23.2':
 			case 'SDATE':
 				$type="character";
 				//@TODO set $type to format for date
 				break;
 		}
 		if (!$field['hide']) echo " data[,which(names(data)==\"" . $field['id'] . "\")]=as.$type(data[,which(names(data)==\"" . $field['id'] . "\")])\n";
 	}
 	//Create the variable labels:
 	echo "#Define Variable Properties.\n";
 	foreach ($fields as $field) {
 		if (!$field['hide']) echo 'attributes(data)$variable.labels[which(names(data)=="' . $field['id'] . '")]="' . addslashes(strip_tags_full(mb_substr($field['VariableLabel'],0,$length_varlabel))) . '"' . "\n";
 	}
 	// Create our Value Labels!
 	echo "#Define Value labels.\n";
 	foreach ($fields as $field) {
 		if (isset($field['answers'])) {
 			$answers = $field['answers'];
 			//print out the value labels!
 			// data$V14=factor(data$V14,levels=c(1,2,3),labels=c("Yes","No","Uncertain"))
 			echo 'data$' . $field["id"] . '=factor(data$' . $field["id"] . ',levels=c(';
 			$str="";
 			foreach ($answers as $answer) {
 				if ($field['SPSStype']=="F" && my_is_numeric($answer['code'])) {
 					$str .= ",{$answer['code']}";
 				} else {
 					$str .= ",\"{$answer['code']}\"";
 				}
 			}
 			$str = mb_substr($str,1);
 			echo $str . '),labels=c(';
 			$str="";
 			foreach ($answers as $answer) {
 				$str .= ",\"{$answer['value']}\"";
 			}
 			$str = mb_substr($str,1);
 			if($field['scale']!=='' && $field['scale'] == 2 ) {
 				$scale = ",ordered=TRUE";
 			} else {
 				$scale = "";
 			}
 			echo "$str)$scale)\n";
 		}
 	}
 	//Rename the Variables (in case somethings goes wrong, we still have the OLD values
 	$errors = "";
 	echo "v.names=c(";
 	foreach ($fields as $field){
 		if (isset($field['sql_name'])) {
 			$ftitle = $field['title'];
 			if (!preg_match ("/^([a-z]|[A-Z])+.*$/", $ftitle)) {
 				$ftitle = "q_" . $ftitle;
 			}
 			$ftitle = str_replace(array("-",":",";","!"), array("_hyph_","_dd_","_dc_","_excl_"), $ftitle);
 			if (!$field['hide']) {
 				if ($ftitle != $field['title']) $errors .= "# Variable name was incorrect and was changed from {$field['title']} to $ftitle .\n";
 				echo "\"". $ftitle . "\",";
 			}
 		}
 	}
 	echo "NA); names(data)= v.names[-length(v.names)]\nprint(str(data))\n";
 	echo $errors;
 	exit;
 }
 ?>
--- a/include/limesurvey/admin/export_data_spss.php
+++ b/include/limesurvey/admin/export_data_spss.php
@@ -0,0 +1,241 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: export_data_spss.php 7175 2009-06-25 11:06:45Z mennodekker $
 */
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
 /*
 * The SPSS DATA LIST / BEGIN DATA parser is rather simple minded, the number after the type
 * specifier identifies the field width (maximum number of characters to scan)
 * It will stop short of that number of characters, honouring quote delimited
 * space separated strings, however if the width is too small the remaining data in the current
 * line becomes part of the next column.  Since we want to restrict this script to ONE scan of
 * the data (scan & output at same time), the information needed to construct the
 * DATA LIST is held in the $fields array, while the actual data is written to a
 * to a temporary location, updating length (size) values in the $fields array as
 * the tmp file is generated (uses @fwrite's return value rather than strlen).
 * Final output renders $fields to a DATA LIST, and then stitches in the tmp file data.
 *
 * Optimization opportunities remain in the VALUE LABELS section, which runs a query / column
 */
 $length_varlabel = '255'; // Set the max text length of Variable Labels
 $headerComment = '';
 $tempFile = '';
 include_once('login_check.php');
 //for scale 1=nominal, 2=ordinal, 3=scale
 $typeMap = array(
 '5'=>Array('name'=>'5 Point Choice','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'B'=>Array('name'=>'Array (10 Point Choice)','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'A'=>Array('name'=>'Array (5 Point Choice)','size'=>1,'SPSStype'=>'F','Scale'=>3),
 'F'=>Array('name'=>'Array (Flexible Labels)','size'=>1,'SPSStype'=>'F'),
 '1'=>Array('name'=>'Array (Flexible Labels) Dual Scale','size'=>1,'SPSStype'=>'F'),
 'H'=>Array('name'=>'Array (Flexible Labels) by Column','size'=>1,'SPSStype'=>'F'),
 'E'=>Array('name'=>'Array (Increase, Same, Decrease)','size'=>1,'SPSStype'=>'F','Scale'=>2),
 'C'=>Array('name'=>'Array (Yes/No/Uncertain)','size'=>1,'SPSStype'=>'F'),
 'X'=>Array('name'=>'Boilerplate Question','size'=>1,'SPSStype'=>'A','hide'=>1),
 'D'=>Array('name'=>'Date','size'=>10,'SPSStype'=>'SDATE'),
 'G'=>Array('name'=>'Gender','size'=>1,'SPSStype'=>'F'),
 'U'=>Array('name'=>'Huge Free Text','size'=>1,'SPSStype'=>'A'),
 'I'=>Array('name'=>'Language Switch','size'=>1,'SPSStype'=>'A'),
 '!'=>Array('name'=>'List (Dropdown)','size'=>1,'SPSStype'=>'F'),
 'W'=>Array('name'=>'List (Flexible Labels) (Dropdown)','size'=>1,'SPSStype'=>'F'),
 'Z'=>Array('name'=>'List (Flexible Labels) (Radio)','size'=>1,'SPSStype'=>'F'),
 'L'=>Array('name'=>'List (Radio)','size'=>1,'SPSStype'=>'F'),
 'O'=>Array('name'=>'List With Comment','size'=>1,'SPSStype'=>'F'),
 'T'=>Array('name'=>'Long free text','size'=>1,'SPSStype'=>'A'),
 'K'=>Array('name'=>'Multiple Numerical Input','size'=>1,'SPSStype'=>'F'),
 'M'=>Array('name'=>'Multiple Options','size'=>1,'SPSStype'=>'F'),
 'P'=>Array('name'=>'Multiple Options With Comments','size'=>1,'SPSStype'=>'F'),
 'Q'=>Array('name'=>'Multiple Short Text','size'=>1,'SPSStype'=>'F'),
 'N'=>Array('name'=>'Numerical Input','size'=>3,'SPSStype'=>'F','Scale'=>3),
 'R'=>Array('name'=>'Ranking','size'=>1,'SPSStype'=>'F'),
 'S'=>Array('name'=>'Short free text','size'=>1,'SPSStype'=>'F'),
 'Y'=>Array('name'=>'Yes/No','size'=>1,'SPSStype'=>'F'),
 ':'=>Array('name'=>'Multi flexi numbers','size'=>1,'SPSStype'=>'F','Scale'=>3),
 ';'=>Array('name'=>'Multi flexi text','size'=>1,'SPSStype'=>'A'),
 );
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 if  (!isset($subaction))
 {
 	$exportspssoutput = browsemenubar($clang->gT('Export results'));
 	$exportspssoutput .= "<br />\n";
 	$exportspssoutput .= "<div class='header'>".$clang->gT("Export result data to SPSS")."</div>\n";
 	$exportspssoutput .= "<p style='width:100%;'><ul style='width:300px;margin:0 auto;'><li><a href='$scriptname?action=exportspss&amp;sid=$surveyid&amp;subaction=dlstructure'>".$clang->gT("Export SPSS syntax file")."</a></li><li>"
 	."<a href='$scriptname?action=exportspss&amp;sid=$surveyid&amp;subaction=dldata'>".$clang->gT("Export SPSS data file")."</a></li></ul></p><br />\n"
 	."<h3>".$clang->gT("Instructions for the impatient")."</h3>"
 	."<ol style='width:500px;margin:0 auto; font-size:8pt;'>"
 	."<li>".$clang->gT("Download the data and the syntax file.")."</li>"
 	."<li>".$clang->gT("Open the syntax file in SPSS in Unicode mode").".</li>"
 	."<li>".$clang->gT("Edit the 4th line and complete the filename with a full path to the downloaded data file.")."</li>"
 	."<li>".$clang->gT("Choose 'Run/All' from the menu to run the import.")."</li>"
 	."</ol><br />"
 	.$clang->gT("Your data should be imported now.")
 	."<table><tr><td>";
 } else {
 	// Get Base Language:
 	$language = GetBaseLanguageFromSurveyID($surveyid);
 	$clang = new limesurvey_lang($language);
 	require_once ("export_data_functions.php");
 }
 if  ($subaction=='dldata') {
 	header("Content-Type: application/download; charset=utf-8");
 	header("Content-Disposition: attachment; filename=survey_".$surveyid."_SPSS_data_file.dat");
 	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
 	header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
 	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
 	header('Pragma: no-cache');
 	sendcacheheaders();
 	$na = "";
 	spss_export_data($na);
 	exit;
 }
 if  ($subaction=='dlstructure') {
 	header("Content-Type: application/download; charset=utf-8");
 	header("Content-Disposition: attachment; filename=survey_".$surveyid."_SPSS_syntax_file.sps");
 	header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
 	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
 	header('Pragma: no-cache');
 	sendcacheheaders();
 	// Build array that has to be returned
 	$fields = spss_fieldmap();
 	//Now get the query string with all fields to export
 	$query = spss_getquery();
 	$result=db_execute_num($query) or safe_die("Couldn't get results<br />$query<br />".$connect->ErrorMsg()); //Checked
 	$num_fields = $result->FieldCount();
 	//Now we check if we need to adjust the size of the field or the type of the field
 	while ($row = $result->FetchRow()) {
 		$fieldno = 0;
 		while ($fieldno < $num_fields)
 		{
 			//Performance improvement, don't recheck fields that have valuelabels
 			if (!isset($fields[$fieldno]['answers'])) {
 				$strTmp=mb_substr(strip_tags_full($row[$fieldno]), 0, $length_data);
 				$len = mb_strlen($strTmp);
 				if($len > $fields[$fieldno]['size']) $fields[$fieldno]['size'] = $len;
 				if (trim($strTmp) != ''){
 					if ($fields[$fieldno]['SPSStype']=='F' && (my_is_numeric($strTmp)===false || $fields[$fieldno]['size']>16))
 					{
 						$fields[$fieldno]['SPSStype']='A';
 					}
 				}
 			}
 			$fieldno++;
 		}
 	}
 	/**
 	 * End of DATA print out
 	 *
 	 * Now $fields contains accurate length data, and the DATA LIST can be rendered -- then the contents of the temp file can
 	 * be sent to the client.
 	 */
 	echo $headerComment;
 	echo "SET UNICODE=ON.\n"
 	."GET DATA\n"
 	."/TYPE=TXT\n"
 	."/FILE='survey_".$surveyid."_SPSS_data_file.dat'\n"
 	."/DELCASE=LINE\n"
 	."/DELIMITERS=\",\"\n"
 	."/QUALIFIER=\"'\"\n"
 	."/ARRANGEMENT=DELIMITED\n"
 	."/FIRSTCASE=1\n"
 	."/IMPORTCASE=ALL\n"
 	."/VARIABLES=";
 	foreach ($fields as $field){
 		if($field['SPSStype'] == 'DATETIME23.2') $field['size']='';
 		if($field['SPSStype']=='F' && ($field['LStype'] == 'N' || $field['LStype']=='K')) {
 			$field['size'].='.'.($field['size']-1);
 		}
 		if (!$field['hide']) echo "\n {$field['id']} {$field['SPSStype']}{$field['size']}";
 	}
 	echo ".\nCACHE.\n"
 	."EXECUTE.\n";
 	//Create the variable labels:
 	echo "*Define Variable Properties.\n";
 	foreach ($fields as $field) {
 		if (!$field['hide']) echo "VARIABLE LABELS " . $field['id'] . " \"" . addslashes(strip_tags_full(mb_substr($field['VariableLabel'],0,$length_varlabel))) . "\".\n";
 	}
 	// Create our Value Labels!
 	echo "*Define Value labels.\n";
 	foreach ($fields as $field) {
 		if (isset($field['answers'])) {
 			$answers = $field['answers'];
 			//print out the value labels!
 			echo "VALUE LABELS  {$field['id']}\n";
 			$i=0;
 			foreach ($answers as $answer) {
 				$i++;
 				if ($field['SPSStype']=="F" && my_is_numeric($answer['code'])) {
 					$str = "{$answer['code']}";
 				} else {
 					$str = "\"{$answer['code']}\"";
 				}
 				if ($i < count($answers)) {
 					echo " $str \"{$answer['value']}\"\n";
 				} else {
 					echo " $str \"{$answer['value']}\".\n";
 				}
 			}
 		}
 	}
 	foreach ($fields as $field){
 		if($field['scale']!=='') {
 			switch ($field['scale']) {
 				case 2:
 					echo "VARIABLE LEVEL {$field['id']}(ORDINAL).\n";
 					break;
 				case 3:
 					echo "VARIABLE LEVEL {$field['id']}(SCALE).\n";
 			}
 		}
 	}
 	//Rename the Variables (in case somethings goes wrong, we still have the OLD values
 	foreach ($fields as $field){
 		if (isset($field['sql_name']) && $field['hide']===0) {
 			$ftitle = $field['title'];
 			if (!preg_match ("/^([a-z]|[A-Z])+.*$/", $ftitle)) {
 				$ftitle = "q_" . $ftitle;
 			}
 			$ftitle = str_replace(array(" ","-",":",";","!","/","\\"), array("_","_hyph_","_dd_","_dc_","_excl_","_fs_","_bs_"), $ftitle);
 			if ($ftitle != $field['title']) echo "* Variable name was incorrect and was changed from {$field['title']} to $ftitle .\n";
 			echo "RENAME VARIABLE ( " . $field['id'] . " = " . $ftitle . " ).\n";
 		}
 	}
 	exit;
 }
 ?>
--- a/include/limesurvey/admin/export_resources_zip.php
+++ b/include/limesurvey/admin/export_resources_zip.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 * 
-* $Id: templates.php 3685 2007-11-22 04:53:18Z jcleeland $
+* $Id: export_resources_zip.php 6853 2009-05-15 12:51:09Z c_schmitz $
 */
--- a/include/limesurvey/admin/export_structure_csv.php
+++ b/include/limesurvey/admin/export_structure_csv.php
@@ -1,122 +1,163 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: export_structure_csv.php 4646 2008-04-14 18:47:45Z awarren $
+* $Id: export_structure_csv.php 7499 2009-08-20 03:26:29Z jcleeland $
-*/
+*/
-
+
-
+
-
+
-// DUMP THE RELATED DATA FOR A SINGLE SURVEY INTO A SQL FILE FOR IMPORTING LATER ON OR ON ANOTHER SURVEY SETUP
+// DUMP THE RELATED DATA FOR A SINGLE SURVEY INTO A SQL FILE FOR IMPORTING LATER ON OR ON ANOTHER SURVEY SETUP
-// DUMP ALL DATA WITH RELATED SID FROM THE FOLLOWING TABLES
+// DUMP ALL DATA WITH RELATED SID FROM THE FOLLOWING TABLES
-// 1. Surveys
+// 1. Surveys
-// 2. Surveys Language Table
+// 2. Surveys Language Table
-// 3. Groups
+// 3. Groups
-// 4. Questions
+// 4. Questions
-// 5. Answers
+// 5. Answers
-// 6. Conditions 
+// 6. Conditions 
-// 7. Label Sets
+// 7. Label Sets
-// 8. Labels
+// 8. Labels
-// 9. Question Attributes
+// 9. Question Attributes
-// 10. Assessments
+// 10. Assessments
-// 11. Quota
+// 11. Quota
-// 12. Quota Members
+// 12. Quota Members
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
+if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-
+
-
+
-if (!$surveyid)
+if (!$surveyid)
-{
+{
-	echo $htmlheader
+	echo $htmlheader
-	."<br />\n"
+	."<br />\n"
-	."<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n"
+	."<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n"
-	."\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>"
+	."\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>"
-	.$clang->gT("Export Survey")."</strong></td></tr>\n"
+	.$clang->gT("Export Survey")."</strong></td></tr>\n"
-	."\t<tr><td align='center'>\n"
+	."\t<tr><td align='center'>\n"
-	."<br /><strong><font color='red'>"
+	."<br /><strong><font color='red'>"
-	.$clang->gT("Error")."</font></strong><br />\n"
+	.$clang->gT("Error")."</font></strong><br />\n"
-	.$clang->gT("No SID has been provided. Cannot dump survey")."<br />\n"
+	.$clang->gT("No SID has been provided. Cannot dump survey")."<br />\n"
-	."<br /><input type='submit' value='"
+	."<br /><input type='submit' value='"
-	.$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n"
+	.$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n"
-	."\t</td></tr>\n"
+	."\t</td></tr>\n"
-	."</table>\n"
+	."</table>\n"
-	."</body></html>\n";
+	."</body></html>\n";
-	exit;
+	exit;
-}
+}
-
+
-$dumphead = "# LimeSurvey Survey Dump\n"
+$dumphead = "# LimeSurvey Survey Dump\n"
-        . "# DBVersion $dbversionnumber\n"
+        . "# DBVersion $dbversionnumber\n"
-        . "# This is a dumped survey from the LimeSurvey Script\n"
+        . "# This is a dumped survey from the LimeSurvey Script\n"
-        . "# http://www.limesurvey.org/\n"
+        . "# http://www.limesurvey.org/\n"
-        . "# Do not change this header!\n";
+        . "# Do not change this header!\n";
-
+
-//1: Surveys table
+//1: Surveys table
-$squery = "SELECT * FROM {$dbprefix}surveys WHERE sid=$surveyid";
+$squery = "SELECT * 
-$sdump = BuildCSVFromQuery($squery);
+           FROM {$dbprefix}surveys 
-
+		   WHERE sid=$surveyid";
-//2: Surveys Languagsettings table
+$sdump = BuildCSVFromQuery($squery);
-$slsquery = "SELECT * FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id=$surveyid";
+
-$slsdump = BuildCSVFromQuery($slsquery);
+//2: Surveys Languagsettings table
-
+$slsquery = "SELECT * 
-//3: Groups Table
+             FROM {$dbprefix}surveys_languagesettings 
-$gquery = "SELECT * FROM {$dbprefix}groups WHERE sid=$surveyid order by gid";
+			 WHERE surveyls_survey_id=$surveyid";
-$gdump = BuildCSVFromQuery($gquery);
+$slsdump = BuildCSVFromQuery($slsquery);
-
+
-//4: Questions Table
+//3: Groups Table
-$qquery = "SELECT * FROM {$dbprefix}questions WHERE sid=$surveyid order by qid";
+$gquery = "SELECT * 
-$qdump = BuildCSVFromQuery($qquery);
+           FROM {$dbprefix}groups 
-
+		   WHERE sid=$surveyid 
-//5: Answers table
+		   ORDER BY gid";
-$aquery = "SELECT {$dbprefix}answers.* FROM {$dbprefix}answers, {$dbprefix}questions WHERE {$dbprefix}answers.language={$dbprefix}questions.language AND {$dbprefix}answers.qid={$dbprefix}questions.qid AND {$dbprefix}questions.sid=$surveyid";
+$gdump = BuildCSVFromQuery($gquery);
-$adump = BuildCSVFromQuery($aquery);
+
-
+//4: Questions Table
-//6: Conditions table
+$qquery = "SELECT * 
-$cquery = "SELECT DISTINCT {$dbprefix}conditions.* FROM {$dbprefix}conditions, {$dbprefix}questions WHERE {$dbprefix}conditions.qid={$dbprefix}questions.qid AND {$dbprefix}questions.sid=$surveyid";
+           FROM {$dbprefix}questions 
-$cdump = BuildCSVFromQuery($cquery);
+		   WHERE sid=$surveyid 
-
+		   ORDER BY qid";
-//7: Label Sets
+$qdump = BuildCSVFromQuery($qquery);
-$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.lid, label_name, {$dbprefix}labelsets.languages FROM {$dbprefix}labelsets, {$dbprefix}questions WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid or {$dbprefix}labelsets.lid={$dbprefix}questions.lid1) AND type IN ('F', 'H', 'W', 'Z', '1') AND sid=$surveyid";
+
-$lsdump = BuildCSVFromQuery($lsquery);
+//5: Answers table
-
+$aquery = "SELECT {$dbprefix}answers.* 
-//8: Labels
+           FROM {$dbprefix}answers, {$dbprefix}questions 
-$lquery = "SELECT {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language FROM {$dbprefix}labels, {$dbprefix}questions WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid or {$dbprefix}labels.lid={$dbprefix}questions.lid1) AND type in ('F', 'W', 'H', 'Z', '1') AND sid=$surveyid group by {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language";
+		   WHERE {$dbprefix}answers.language={$dbprefix}questions.language 
-$ldump = BuildCSVFromQuery($lquery);
+		   AND {$dbprefix}answers.qid={$dbprefix}questions.qid 
-
+		   AND {$dbprefix}questions.sid=$surveyid";
-//9: Question Attributes
+$adump = BuildCSVFromQuery($aquery);
-$query = "SELECT DISTINCT {$dbprefix}question_attributes.* FROM {$dbprefix}question_attributes, {$dbprefix}questions WHERE {$dbprefix}question_attributes.qid={$dbprefix}questions.qid AND {$dbprefix}questions.sid=$surveyid";
+
-$qadump = BuildCSVFromQuery($query);
+//6: Conditions table
-
+$cquery = "SELECT DISTINCT {$dbprefix}conditions.* 
-//10: Assessments;
+           FROM {$dbprefix}conditions, {$dbprefix}questions 
-$query = "SELECT {$dbprefix}assessments.* FROM {$dbprefix}assessments WHERE {$dbprefix}assessments.sid=$surveyid";
+		   WHERE {$dbprefix}conditions.qid={$dbprefix}questions.qid 
-$asdump = BuildCSVFromQuery($query);
+		   AND {$dbprefix}questions.sid=$surveyid";
-
+$cdump = BuildCSVFromQuery($cquery);
-//11: Quota;
+
-$query = "SELECT {$dbprefix}quota.* FROM {$dbprefix}quota WHERE {$dbprefix}quota.sid=$surveyid";
+//7: Label Sets
-$quotadump = BuildCSVFromQuery($query);
+$lsquery = "SELECT DISTINCT {$dbprefix}labelsets.lid, label_name, {$dbprefix}labelsets.languages 
-
+            FROM {$dbprefix}labelsets, {$dbprefix}questions 
-//12: Quota Members;
+			WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid or {$dbprefix}labelsets.lid={$dbprefix}questions.lid1) 
-$query = "SELECT {$dbprefix}quota_members.* FROM {$dbprefix}quota_members WHERE {$dbprefix}quota_members.sid=$surveyid";
+			AND type IN ('F', 'H', 'W', 'Z', '1', ':', ';') 
-$quotamemdump = BuildCSVFromQuery($query);
+			AND sid=$surveyid";
-
+$lsdump = BuildCSVFromQuery($lsquery);
-$fn = "limesurvey_survey_$surveyid.csv";
+
-
+//8: Labels
-header("Content-Type: application/download");
+$lquery = "SELECT {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language,{$dbprefix}labels.assessment_value
-header("Content-Disposition: attachment; filename=$fn");
+           FROM {$dbprefix}labels, {$dbprefix}questions 
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
+		   WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid or {$dbprefix}labels.lid={$dbprefix}questions.lid1) 
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+		   AND type in ('F', 'W', 'H', 'Z', '1', ':', ';') 
-header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+		   AND sid=$surveyid 
-header("Pragma: cache");                          // HTTP/1.0
+		   GROUP BY {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language,{$dbprefix}labels.assessment_value";
-
+$ldump = BuildCSVFromQuery($lquery);
-echo $dumphead, $sdump, $gdump, $qdump, $adump, $cdump, $lsdump, $ldump, $qadump, $asdump, $slsdump, $quotadump, $quotamemdump."\n";
+
-exit;
+//9: Question Attributes
-?>
+$query = "SELECT {$dbprefix}question_attributes.qaid, {$dbprefix}question_attributes.qid, {$dbprefix}question_attributes.attribute,  {$dbprefix}question_attributes.value
          FROM {$dbprefix}question_attributes 
 		  WHERE {$dbprefix}question_attributes.qid in (select qid from {$dbprefix}questions where sid=$surveyid group by qid)";
 $qadump = BuildCSVFromQuery($query);
 //10: Assessments;
 $query = "SELECT {$dbprefix}assessments.* 
          FROM {$dbprefix}assessments 
 		  WHERE {$dbprefix}assessments.sid=$surveyid";
 $asdump = BuildCSVFromQuery($query);
 //11: Quota;
 $query = "SELECT {$dbprefix}quota.* 
          FROM {$dbprefix}quota 
 		  WHERE {$dbprefix}quota.sid=$surveyid";
 $quotadump = BuildCSVFromQuery($query);
 //12: Quota Members;
 $query = "SELECT {$dbprefix}quota_members.* 
          FROM {$dbprefix}quota_members 
 		  WHERE {$dbprefix}quota_members.sid=$surveyid";
 $quotamemdump = BuildCSVFromQuery($query);
 //13: Quota languagesettings
 $query = "SELECT {$dbprefix}quota_languagesettings.*
          FROM {$dbprefix}quota_languagesettings, {$dbprefix}quota
 		  WHERE {$dbprefix}quota.id = {$dbprefix}quota_languagesettings.quotals_quota_id
 		  AND {$dbprefix}quota.sid=$surveyid";
 $quotalsdump = BuildCSVFromQuery($query);
 $fn = "limesurvey_survey_$surveyid.csv";
 header("Content-Type: application/download");
 header("Content-Disposition: attachment; filename=$fn");
 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
 header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
 header("Pragma: cache");                          // HTTP/1.0
 echo $dumphead, $sdump, $gdump, $qdump, $adump, $cdump, $lsdump, $ldump, $qadump, $asdump, $slsdump, $quotadump, $quotamemdump, $quotalsdump."\n";
 exit;
 ?>
--- a/include/limesurvey/admin/export_structure_lsrc.php
+++ b/include/limesurvey/admin/export_structure_lsrc.php
@@ -0,0 +1,170 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 * 
 * $Id: export_structure_csv.php 5747 2008-10-07 19:40:33Z c_schmitz $
 */
 // DUMP THE RELATED DATA FOR A SINGLE SURVEY INTO A SQL FILE FOR IMPORTING LATER ON OR ON ANOTHER SURVEY SETUP
 // DUMP ALL DATA WITH RELATED SID FROM THE FOLLOWING TABLES
 // 1. Surveys
 // 2. Surveys Language Table
 // 3. Groups
 // 4. Questions
 // 5. Answers
 // 6. Conditions 
 // 7. Label Sets
 // 8. Labels
 // 9. Question Attributes
 // 10. Assessments
 // 11. Quota
 // 12. Quota Members
 include_once("login_check.php");
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 if (!$surveyid)
 {
 	echo $htmlheader
 	."<br />\n"
 	."<table width='350' align='center' style='border: 1px solid #555555' cellpadding='1' cellspacing='0'>\n"
 	."\t<tr bgcolor='#555555'><td colspan='2' height='4'><font size='1' face='verdana' color='white'><strong>"
 	.$clang->gT("Export Survey")."</strong></td></tr>\n"
 	."\t<tr><td align='center'>\n"
 	."<br /><strong><font color='red'>"
 	.$clang->gT("Error")."</font></strong><br />\n"
 	.$clang->gT("No SID has been provided. Cannot dump survey")."<br />\n"
 	."<br /><input type='submit' value='"
 	.$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_top')\">\n"
 	."\t</td></tr>\n"
 	."</table>\n"
 	."</body></html>\n";
 	exit;
 }
 $dumphead = "# LimeSurvey Survey Dump\n"
        . "# DBVersion $dbversionnumber\n"
        . "# This is a dumped survey from the LimeSurvey Script\n"
        . "# http://www.limesurvey.org/\n"
        . "# Do not change this header!\n";
 //1: Surveys table
 $squery = "SELECT * 
           FROM {$dbprefix}surveys 
 		   WHERE sid=$surveyid";
 $sdump = BuildCSVFromQuery($squery);
 //2: Surveys Languagsettings table
 $slsquery = "SELECT * 
             FROM {$dbprefix}surveys_languagesettings 
 			 WHERE surveyls_survey_id=$surveyid";
 $slsdump = BuildCSVFromQuery($slsquery);
 //3: Groups Table
 $gquery = "SELECT * 
           FROM {$dbprefix}groups 
 		   WHERE sid=$surveyid 
 		   ORDER BY gid";
 $gdump = BuildCSVFromQuery($gquery);
 //4: Questions Table
 $qquery = "SELECT * 
           FROM {$dbprefix}questions 
 		   WHERE sid=$surveyid 
 		   ORDER BY qid";
 $qdump = BuildCSVFromQuery($qquery);
 //5: Answers table
 $aquery = "SELECT {$dbprefix}answers.* 
           FROM {$dbprefix}answers, {$dbprefix}questions 
 		   WHERE {$dbprefix}answers.language={$dbprefix}questions.language 
 		   AND {$dbprefix}answers.qid={$dbprefix}questions.qid 
 		   AND {$dbprefix}questions.sid=$surveyid";
 $adump = BuildCSVFromQuery($aquery);
 //6: Conditions table
 $cquery = "SELECT DISTINCT {$dbprefix}conditions.* 
           FROM {$dbprefix}conditions, {$dbprefix}questions 
 		   WHERE {$dbprefix}conditions.qid={$dbprefix}questions.qid 
 		   AND {$dbprefix}questions.sid=$surveyid";
 $cdump = BuildCSVFromQuery($cquery);
 //7: Label Sets
 $lsquery = "SELECT DISTINCT {$dbprefix}labelsets.lid, label_name, {$dbprefix}labelsets.languages 
            FROM {$dbprefix}labelsets, {$dbprefix}questions 
 			WHERE ({$dbprefix}labelsets.lid={$dbprefix}questions.lid or {$dbprefix}labelsets.lid={$dbprefix}questions.lid1) 
 			AND type IN ('F', 'H', 'W', 'Z', '1', ':', ';') 
 			AND sid=$surveyid";
 $lsdump = BuildCSVFromQuery($lsquery);
 //8: Labels
 $lquery = "SELECT {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language 
           FROM {$dbprefix}labels, {$dbprefix}questions 
 		   WHERE ({$dbprefix}labels.lid={$dbprefix}questions.lid or {$dbprefix}labels.lid={$dbprefix}questions.lid1) 
 		   AND type in ('F', 'W', 'H', 'Z', '1', ':', ';') 
 		   AND sid=$surveyid 
 		   GROUP BY {$dbprefix}labels.lid, {$dbprefix}labels.code, {$dbprefix}labels.title, {$dbprefix}labels.sortorder,{$dbprefix}labels.language";
 $ldump = BuildCSVFromQuery($lquery);
 //9: Question Attributes
 $query = "SELECT DISTINCT {$dbprefix}question_attributes.* 
          FROM {$dbprefix}question_attributes, {$dbprefix}questions 
 		  WHERE {$dbprefix}question_attributes.qid={$dbprefix}questions.qid 
 		  AND {$dbprefix}questions.sid=$surveyid";
 $qadump = BuildCSVFromQuery($query);
 //10: Assessments;
 $query = "SELECT {$dbprefix}assessments.* 
          FROM {$dbprefix}assessments 
 		  WHERE {$dbprefix}assessments.sid=$surveyid";
 $asdump = BuildCSVFromQuery($query);
 //11: Quota;
 $query = "SELECT {$dbprefix}quota.* 
          FROM {$dbprefix}quota 
 		  WHERE {$dbprefix}quota.sid=$surveyid";
 $quotadump = BuildCSVFromQuery($query);
 //12: Quota Members;
 $query = "SELECT {$dbprefix}quota_members.* 
          FROM {$dbprefix}quota_members 
 		  WHERE {$dbprefix}quota_members.sid=$surveyid";
 $quotamemdump = BuildCSVFromQuery($query);
 $fn = "limesurvey_survey_$surveyid.csv";
 //header("Content-Type: application/download");
 //header("Content-Disposition: attachment; filename=$fn");
 //header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
 //header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
 //header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
 //header("Pragma: cache");                          // HTTP/1.0
 include("../config.php");
 include("remotecontrol/lsrc.config.php");
 $lsrcString = $dumphead. $sdump. $gdump. $qdump. $adump. $cdump. $lsdump. $ldump. $qadump. $asdump. $slsdump. $quotadump. $quotamemdump."\n";
 //Select title as Filename and save
 $surveyTitleSql = "SELECT surveyls_title 
 	             FROM {$dbprefix}surveys_languagesettings 
 				 WHERE surveyls_survey_id=$surveyid";
 $surveyTitleRs = db_execute_assoc($surveyTitleSql);   
 $surveyTitle = $surveyTitleRs->FetchRow();
 file_put_contents("remotecontrol/".$coreDir.$surveyTitle['surveyls_title'].".csv",$lsrcString);
 header("Location: $scriptname?sid=$surveyid");
 exit;
 ?>
--- a/include/limesurvey/admin/export_structure_quexml.php
+++ b/include/limesurvey/admin/export_structure_quexml.php
@@ -416,7 +416,7 @@ while ($Row = $QueryResult->FetchRow())
 			    $question->append_child($response);
 		            break;
 		        case "S": //SHORT FREE TEXT
-			    $response->append_child(create_free("text",get_length($qid,"maximum_chars","240"),""));
+			    $response->append_child(create_free("text",get_length($qid,"text_input_width","240"),""));
 			    $question->append_child($response);
 		            break;
 		        case "T": //LONG FREE TEXT
@@ -502,7 +502,8 @@ while ($Row = $QueryResult->FetchRow())
        $response->set_attribute("varName",'datecomp');
 	$response->append_child(create_free("text",16,""));
 	$question->append_child($response);
-	
+
 	$questionnaire->append_child($section);
 }
--- a/include/limesurvey/admin/exportresults.php
+++ b/include/limesurvey/admin/exportresults.php
--- a/include/limesurvey/admin/fck_LimeReplacementFields.php
+++ b/include/limesurvey/admin/fck_LimeReplacementFields.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 * 
-* $Id: conditions.php 3736 2007-11-30 16:13:55Z lemeur $
+* $Id: fck_LimeReplacementFields.php 7161 2009-06-22 19:13:21Z lemeur $
 */
 include_once("login_check.php");
@@ -32,19 +32,30 @@ $InsertansUnsupportedtypes=Array(); // Currently all question types are supporte
 $replFields=Array();
 $isInstertansEnabled=false;
-$limereplacementoutput=""
+$limereplacementoutput="<html>\n"
-	. "<script language=\"javascript\">\n"
+	. "\t<head>\n"
-	. "var oEditor = window.parent.InnerDialogLoaded() ;\n"
+	. "\t\t<title>LimeReplacementFields</title>\n"
-	. "var dialog = oEditor.FCK ;\n"
+	. "\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"
-	. "var FCKLang = oEditor.FCKLang ;\n"
+	. "\t\t<meta content=\"noindex, nofollow\" name=\"robots\">\n"
-	. "var FCKLimeReplacementFieldss = oEditor.FCKLimeReplacementFieldss ;\n"
+	. "\t\t<script src=\"$fckeditordir/editor/dialog/common/fck_dialog_common.js\" type=\"text/javascript\"></script>\n"
-	. "window.onload = function ()\n"
+	. "\t\t<script src=\"$rooturl/scripts/jquery/jquery.js\" type=\"text/javascript\"></script>\n"
-	. "{\n"
+	. "\t\t<script language=\"javascript\">\n"
-	. "\toEditor.FCKLanguageManager.TranslatePage( document ) ;\n"
+	. "\t\t\tvar mydialog = window.parent ;\n"
-	. "\tLoadSelected() ;\n"
+	. "\t\t\tvar oEditor = mydialog.InnerDialogLoaded() ;\n"
-	. "\twindow.parent.SetOkButton( true ) ;\n"
+	. "\t\t\tvar dialog = oEditor.FCK ;\n"
-	. "}\n"
+	. "\t\t\tvar FCKLang = oEditor.FCKLang ;\n"
 	. "\t\t\tvar FCKLimeReplacementFieldss = oEditor.FCKLimeReplacementFieldss ;\n"
 	. "\t\t\$(document).ready(function ()\n"
 	. "\t\t\t{\n"
 	. "\t\t\t\toEditor.FCKLanguageManager.TranslatePage( document ) ;\n"
 	. "\t\t\t\tLoadSelected() ;\n"
 	. "\t\t\t\tmydialog.SetOkButton( true ) ;\n"
 	. "\n"
 	. "\t\t\t\tSelectField( 'cquestions' ) ;\n" 
 	. "\t\t\t});\n"
 	. "\n";
 /**$limereplacementoutput="\n"
 	. "if (! oEditor.FCKBrowserInfo.IsIE)\n"
 	. "{\n"
 	. "\tinnertext = '' + dialog.EditorWindow.getSelection() + '' ;\n"
@@ -52,39 +63,70 @@ $limereplacementoutput=""
 	. "else\n"
 	. "{\n"
 	. "\tinnertext = '' + dialog.EditorDocument.selection.createRange().text + '' ;\n"
-	. "}\n"
+	. "}\n";
-	. "\n"
+**/
-	. "function Ok()\n"
+
-	. "{\n"
+$limereplacementoutput .= ""
-	. "\tvar sValue = document.getElementById('cquestions').value ;\n"
+	. "\t\t\tvar eSelected = dialog.Selection.GetSelectedElement() ;\n"
-	. "\tFCKLimeReplacementFieldss.Add( sValue ) ;\n"
+	. "\n";
-	. "\treturn true ;\n"
+
-	. "}\n"
+/**
 $limereplacementoutput="\n"
 	. "function LoadSelected()\n"
 	. "{\n"
 	. "\tif ( innertext == '' )\n"
 	. "\t\treturn ;\n"
 //	. "\tif ( eSelected.tagName == 'SPAN' && eSelected._fckLimeReplacementFields )\n"
 	. "var replcode=innertext.substring(innertext.indexOf('{')+1,innertext.lastIndexOf('}'));\n"
 //	. "alert('TIBO=' + replcode);\n"
 	. "\t\tdocument.getElementById('cquestions').value = replcode;\n"
-//	. "\telse\n"
+	. "}\n";
-//	. "\t\teSelected == null ;\n"
+**/
-	. "}\n"
+
-	. "</script>\n";
+$limereplacementoutput .= ""
 	. "\t\t\tfunction LoadSelected()\n"
 	. "\t\t\t{\n"
 	. "\t\t\t\tif ( !eSelected )\n"
 	. "\t\t\t\t\treturn ;\n"
 	. "\t\t\t\tif ( eSelected.tagName == 'SPAN' && eSelected._fckLimeReplacementFields )\n"
 	. "\t\t\t\t\t document.getElementById('cquestions').value = eSelected._fckLimeReplacementFields ;\n"
 	. "\t\t\t\telse\n"
 	. "\t\t\t\t\teSelected == null ;\n"
 	. "\t\t\t}\n";
-$limereplacementoutput .= "<table><tr><td>";
+$limereplacementoutput .= ""
 	. "\t\t\tfunction Ok()\n"
 	. "\t\t\t{\n"
 	. "\t\t\t\tvar sValue = document.getElementById('cquestions').value ;\n"
 	. "\t\t\t\tFCKLimeReplacementFieldss.Add( sValue ) ;\n"
 	. "\t\t\t\treturn true ;\n"
 	. "\t\t\t}\n";
 $limereplacementoutput .= ""
 	. "\t\t\t</script>\n"
 	. "\t\t</head>\n";
 $limereplacementoutput .= "\t<body scroll=\"no\" style=\"OVERFLOW: hidden\">\n"
 			. "\t\t<table height=\"100%\" cellSpacing=\"0\" cellPadding=\"0\" width=\"100%\" border=\"0\">\n"
 			. "\t\t\t<tr>\n"
 			. "\t\t\t\t<td>\n";
 switch ($fieldtype)
 {
 	case 'survey-desc':
 	case 'survey-welc':
 	case 'survey-endtext':
 		$replFields[]=array('TOKEN:FIRSTNAME',$clang->gT("Firstname from token"));
 		$replFields[]=array('TOKEN:LASTNAME',$clang->gT("Lastname from token"));
 		$replFields[]=array('TOKEN:EMAIL',$clang->gT("Email from the token"));
-		$replFields[]=array('TOKEN:ATTRIBUTE_1',$clang->gT("Attribute_1 from token"));
+        $attributes=GetTokenFieldsAndNames($surveyid,true);
-		$replFields[]=array('TOKEN:ATTRIBUTE_2',$clang->gT("Attribute_2 from token"));
+        foreach ($attributes as $attributefield=>$attributedescription)
        {
            $replFields[]=array('TOKEN:'.strtoupper($attributefield), sprintf($clang->gT("Token attribute: %s"),$attributedescription));
        }
 		$replFields[]=array('EXPIRY',$clang->gT("Survey expiration date (YYYY-MM-DD)"));
 		$replFields[]=array('EXPIRY-DMY',$clang->gT("Survey expiration date (DD-MM-YYYY)"));
 		$replFields[]=array('EXPIRY-MDY',$clang->gT("Survey expiration date (MM-DD-YYYY)"));
 	break;
 	case 'email-inv':
@@ -99,11 +141,17 @@ switch ($fieldtype)
 		$replFields[]=array('LASTNAME',$clang->gT("Lastname from token"));
 		$replFields[]=array('SURVEYNAME',$clang->gT("Name of the survey"));
 		$replFields[]=array('SURVEYDESCRIPTION',$clang->gT("Description of the survey"));
-		$replFields[]=array('ATTRIBUTE_1',$clang->gT("Attribute_1 from token"));
+        $attributes=GetTokenFieldsAndNames($surveyid,true);
-		$replFields[]=array('ATTRIBUTE_2',$clang->gT("Attribute_2 from token"));
+        foreach ($attributes as $attributefield=>$attributedescription)
        {
            $replFields[]=array(strtoupper($attributefield), sprintf($clang->gT("Token attribute: %s"),$attributedescription));
        }
 		$replFields[]=array('ADMINNAME',$clang->gT("Name of the survey administrator"));
 		$replFields[]=array('ADMINEMAIL',$clang->gT("Email address of the survey administrator"));
 		$replFields[]=array('SURVEYURL',$clang->gT("URL of the survey"));
 		$replFields[]=array('EXPIRY',$clang->gT("Survey expiration date (YYYY-MM-DD)"));
 		$replFields[]=array('EXPIRY-DMY',$clang->gT("Survey expiration date (DD-MM-YYYY)"));
 		$replFields[]=array('EXPIRY-MDY',$clang->gT("Survey expiration date (MM-DD-YYYY)"));
 	break;
 	case 'group-desc':
@@ -112,10 +160,21 @@ switch ($fieldtype)
 		$replFields[]=array('TOKEN:FIRSTNAME',$clang->gT("Firstname from token"));
 		$replFields[]=array('TOKEN:LASTNAME',$clang->gT("Lastname from token"));
 		$replFields[]=array('TOKEN:EMAIL',$clang->gT("Email from the token"));
-		$replFields[]=array('TOKEN:ATTRIBUTE_1',$clang->gT("Attribute_1 from token"));
+        $attributes=GetTokenFieldsAndNames($surveyid,true);
-		$replFields[]=array('TOKEN:ATTRIBUTE_2',$clang->gT("Attribute_2 from token"));
+        foreach ($attributes as $attributefield=>$attributedescription)
        {
            $replFields[]=array('TOKEN:'.strtoupper($attributefield), sprintf($clang->gT("Token attribute: %s"),$attributedescription));
        }
 		$replFields[]=array('EXPIRY',$clang->gT("Survey expiration date (YYYY-MM-DD)"));
 		$replFields[]=array('EXPIRY-DMY',$clang->gT("Survey expiration date (DD-MM-YYYY)"));
 		$replFields[]=array('EXPIRY-MDY',$clang->gT("Survey expiration date (MM-DD-YYYY)"));
 	case 'editanswer':
 		$isInstertansEnabled=true;
 	break;
 	case 'assessment-text':
 		$replFields[]=array('TOTAL',$clang->gT("Overall assessment score"));
 		$replFields[]=array('PERC',$clang->gT("Assessment group score"));
 	break;
 }
@@ -178,6 +237,7 @@ if ($isInstertansEnabled===true)
 				}
 			break;
 			case 'editanswer':
 			case 'copyquestion':
 			case 'editquestion':
 				if (empty($gid)) {die("No GID provided.");}
@@ -314,6 +374,40 @@ if ($isInstertansEnabled===true)
 	      } //while
 	    } //if A,B,C,E,F,H
 	    elseif ($rows['type'] == ":" || $rows['type'] == ";") // Multiflexi
 	    {
 		    //Get the LIDs
 		    $fquery = "SELECT * "
 			    ."FROM {$dbprefix}labels "
 			    ."WHERE lid={$rows['lid']} "
 			    ."AND language='".GetBaseLanguageFromSurveyID($surveyid)."' "
 			    ."ORDER BY sortorder, code ";
 		    $fresult = db_execute_assoc($fquery);
 		    while ($frow=$fresult->FetchRow())
 		    {
 			    $lids[$frow['code']]=$frow['title'];
 		    }
 		    //Now cycle through the answers
 		    $aquery="SELECT * "
 			    ."FROM {$dbprefix}answers "
 			    ."WHERE qid={$rows['qid']} "
 			    ."AND {$dbprefix}answers.language='".GetBaseLanguageFromSurveyID($surveyid)."' "
 			    ."ORDER BY sortorder, "
 			    ."answer";
 		    $aresult=db_execute_assoc($aquery) or safe_die ("Couldn't get answers to Array questions<br />$aquery<br />".$connect->ErrorMsg());
 		    while ($arows = $aresult->FetchRow())
 		    {
 			    $shortanswer = strip_tags($arows['answer']);
 			    $shortanswer .= " [{$arows['code']}]";
 			    foreach($lids as $key=>$val) 
 			    {
 				    $cquestions[]=array("$shortquestion [$shortanswer [$val]] ", $rows['qid'], $rows['type'], $rows['sid'].$X.$rows['gid'].$X.$rows['qid'].$arows['code']."_".$key,$rows['previouspage']);
 			    }
 		    }
 	    } //TIBO
 	    elseif ($rows['type'] == "R") //Answer Ranking
 			{
 	      $aquery="SELECT * "
@@ -396,30 +490,33 @@ if ($isInstertansEnabled===true)
 if (count($replFields) > 0 || isset($cquestions) )
 {
-	$limereplacementoutput .= "\t\t\t<select name='cquestions' id='cquestions' style='font-family:verdana; background-color: #FFFFFF; font-size:10; border: 0px;width:99%;' size='15' ondblclick='Ok();'>\n";
+	$limereplacementoutput .= "\t\t\t\t\t<select name='cquestions' id='cquestions' style='font-family:verdana; background-color: #FFFFFF; font-size:10; border: 0px;width:99%;' size='15' ondblclick='Ok();'>\n";
 	$noselection = false;
 }
 else
 {
-	$limereplacementoutput = $clang->gT("No replacement variable available for this field");
+	$limereplacementoutput .= $clang->gT("No replacement variable available for this field");
-	echo $limereplacementoutput;
+	//echo $limereplacementoutput;
-	return;
+	//return;
 	$noselection = true;
 }
 if (count($replFields) > 0)
 {
-	$limereplacementoutput .= "\t\t\t\t<optgroup label='".$clang->gT("Standard Fields")."'>\n";
+	$limereplacementoutput .= "\t\t\t\t\t\t<optgroup label='".$clang->gT("Standard Fields")."'>\n";
 	foreach ($replFields as $stdfield)
 	{
-		$limereplacementoutput .= "\t\t\t\t<option value='".$stdfield[0]."'";
+		$limereplacementoutput .= "\t\t\t\t\t\t\t<option value='".$stdfield[0]."'";
 		$limereplacementoutput .= ">".$stdfield[1]."</option>\n";
 	}
-	$limereplacementoutput .= "\t\t\t\t</optgroup>\n";
+	$limereplacementoutput .= "\t\t\t\t\t\t</optgroup>\n";
 }
 if (isset($cquestions))
 {
-	$limereplacementoutput .= "\t\t\t\t<optgroup label='".$clang->gT("Previous Answers Fields")."'>\n";
+	$limereplacementoutput .= "\t\t\t\t\t\t<optgroup label='".$clang->gT("Previous Answers Fields")."'>\n";
 	foreach ($cquestions as $cqn)
 	{
 		$isDisabled="";
@@ -432,36 +529,53 @@ if (isset($cquestions))
 			 $isDisabled=" disabled='disabled'";
 		}
-		$limereplacementoutput .= "\t\t\t\t<option value='INSERTANS:$cqn[3]'";
+		$limereplacementoutput .= "\t\t\t\t\t\t\t<option value='INSERTANS:$cqn[3]'";
 		$limereplacementoutput .= " $isDisabled >$cqn[0]</option>\n";
 	}
-	$limereplacementoutput .= "\t\t\t\t</optgroup>\n";
+	$limereplacementoutput .= "\t\t\t\t\t\t</optgroup>\n";
 }
-$limereplacementoutput .= "\t\t\t</select>\n";
+if ($noselection === false)
-$limereplacementoutput .= "</td></tr>\n";
+{
 	$limereplacementoutput .= "\t\t\t\t\t</select>\n";
 }
 $limereplacementoutput .= "\t\t\t\t</td>\n"
 			. "\t\t\t</tr>\n";
 if (isset($surveyformat))
 {
    switch ($surveyformat)
    {
 	    case 'A':
-		    $limereplacementoutput .= "<tr><td>\n";
+		    $limereplacementoutput .= "\t\t\t<tr>\n"
-		    $limereplacementoutput .= "<br /><font color='orange'>".$clang->gT("Some Question have been disabled")."</font>";
+					. "\t\t\t\t<td>\n";
-            $limereplacementoutput .= "<br />".sprintf($clang->gT("Survey Format is %s:"), $clang->gT("All in one"))."<br /><i>".$clang->gT("Only Previous pages answers are available")."</i><br />";
+		    $limereplacementoutput .= "\t\t\t\t\t<br />\n"
-		    $limereplacementoutput .= "</td></tr>\n";
+					. "\t\t\t\t\t<font color='orange'>".$clang->gT("Some Question have been disabled")."</font>\n";
            $limereplacementoutput .= "\t\t\t\t\t<br />\n"
 				. "\t\t\t\t\t".sprintf($clang->gT("Survey Format is %s:"), $clang->gT("All in one"))
 				. "\t\t\t\t\t<br />\n"
 				. "\t\t\t\t\t<i>".$clang->gT("Only Previous pages answers are available")."</i>\n"
 				. "\t\t\t\t\t<br />\n";
 		    $limereplacementoutput .= "\t\t\t\t</td>\n"
 					. "\t\t\t</tr>\n";
 	    break;
 	    case 'G':
-		    $limereplacementoutput .= "<tr><td>\n";
+		    $limereplacementoutput .= "\t\t\t<tr>\n"
-		    $limereplacementoutput .= "<br /><font color='orange'>".$clang->gT("Some Question have been disabled")."</font>";
+					. "\t\t\t\t<td>\n";
-            $limereplacementoutput .= "<br />".sprintf($clang->gT("Survey mode is set to %s:"), $clang->gT("Group by Group"))."<br/><i>".$clang->gT("Only Previous pages answers are available")."</i><br />";		    $limereplacementoutput .= "</td></tr>\n";
+		    $limereplacementoutput .= "\t\t\t\t\t<br /><font color='orange'>".$clang->gT("Some Question have been disabled")."</font>";
            $limereplacementoutput .= "<br />".sprintf($clang->gT("Survey mode is set to %s:"), $clang->gT("Group by Group"))."<br/><i>".$clang->gT("Only Previous pages answers are available")."</i><br />";
 			$limereplacementoutput .= "\t\t\t\t</td>\n"
 						. "\t\t\t</tr>\n";
 	    break;
    }
 }
-$limereplacementoutput .= "</table>\n";
+$limereplacementoutput .= "\t\t</table>\n"
 			. "\t</body>\n"
 			. "</html>";
 echo $limereplacementoutput;
-
+exit;
 ?>
--- a/include/limesurvey/admin/grouphandling.php
+++ b/include/limesurvey/admin/grouphandling.php
@@ -1,175 +1,182 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: grouphandling.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: grouphandling.php 7446 2009-08-11 18:28:47Z c_schmitz $
-*/
+*/
-
+
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-if ($action == "addgroup")
+if ($action == "addgroup")
-{
+{
-    $grplangs = GetAdditionalLanguagesFromSurveyID($surveyid);
+    $grplangs = GetAdditionalLanguagesFromSurveyID($surveyid);
-    $baselang = GetBaseLanguageFromSurveyID($surveyid);
+    $baselang = GetBaseLanguageFromSurveyID($surveyid);
-    $grplangs[] = $baselang;
+    $grplangs[] = $baselang;
-    $grplangs = array_reverse($grplangs);
+    $grplangs = array_reverse($grplangs);
-
+
-    $newgroupoutput = PrepareEditorScript();
+    $newgroupoutput = PrepareEditorScript();
-    $newgroupoutput .= ""
+    $newgroupoutput .= ""
-               ."<table width='100%' border='0' class='tab-page'><tr>\n"
+               ."<table width='100%' border='0' class='tab-page'><tr>\n"
-               ."\t<td colspan='2' class='settingcaption'>\n\t\t<strong>".$clang->gT("Add Group")."</strong></td>"
+               ."\t<td colspan='2' class='settingcaption'>\n\t\t<strong>".$clang->gT("Add Group")."</strong></td>"
-               ."</tr></table>\n";
+               ."</tr></table>\n";
-
+
-
+
-//    $newgroupoutput .="<table width='100%' border='0'  class='tab-page'>\n\t<tr><td>\n"
+//    $newgroupoutput .="<table width='100%' border='0'  class='tab-page'>\n\t<tr><td>\n"
-    $newgroupoutput .= "<form action='$scriptname' id ='addnewgroupfrom' name='addnewgroupfrom' method='post'>";
+    $newgroupoutput .="\n"
-    $newgroupoutput .="\n"
+    .  '<div class="tab-pane" id="tab-pane-newgroup">';
-    .  '<div class="tab-pane" id="tab-pane-1">';
+    $newgroupoutput .= "<form action='$scriptname' id ='addnewgroupfrom' name='addnewgroupfrom' method='post' onsubmit=\"if (1==0 ";
-    foreach ($grplangs as $grouplang)
+
-    {
+    foreach ($grplangs as $grouplang)
-        $newgroupoutput .= '<div class="tab-page"> <h2 class="tab">'.GetLanguageNameFromCode($grouplang,false);
+    {
-        if ($grouplang==$baselang) {$newgroupoutput .= '('.$clang->gT("Base Language").')';}
+      $newgroupoutput .= "|| document.getElementById('group_name_$grouplang').value.length==0 ";
-        $newgroupoutput .= "</h2>"
+    }
-        . "<table width='100%' border='0' class='form2columns'>"
+    $newgroupoutput .=" ) {alert ('".$clang->gT("Error: You have to enter a group title for each language.",'js')."'); return false;}\" ";
-        . "\t\t<tr><td align='right'><strong>".$clang->gT("Title").":</strong></td>\n"
+
-        . "\t\t<td><input type='text' size='80' maxlength='100' name='group_name_$grouplang' id='group_name_$grouplang' /><font color='red' face='verdana' size='1'> ".$clang->gT("Required")."</font></td></tr>\n"
+    foreach ($grplangs as $grouplang)
-        . "\t<tr><td align='right'><strong>".$clang->gT("Description:")."</strong></td>\n"
+    {
-        . "\t\t<td><textarea cols='80' rows='8' name='description_$grouplang'></textarea>"
+        $newgroupoutput .= '<div class="tab-page"> <h2 class="tab">'.GetLanguageNameFromCode($grouplang,false);
-	. getEditor("group-desc","description_".$grouplang, "[".$clang->gT("Description:", "js")."](".$grouplang.")",$surveyid,'','',$action)
+        if ($grouplang==$baselang) {$newgroupoutput .= '('.$clang->gT("Base Language").')';}
-	."</td></tr>\n"
+        $newgroupoutput .= "</h2>"
-        . "</table>";
+        . "<table width='100%' border='0' class='form2columns'>"
-    	$newgroupoutput.= "\t<table><tr><td colspan='2' align='center'><input type='submit' value='".$clang->gT("Add Group")."' />\n"
+        . "\t\t<tr><td align='right'><strong>".$clang->gT("Title").":</strong></td>\n"
-    	. "\t</td></tr></table>\n"
+        . "\t\t<td><input type='text' size='80' maxlength='100' name='group_name_$grouplang' id='group_name_$grouplang' /><font color='red' face='verdana' size='1'> ".$clang->gT("Required")."</font></td></tr>\n"
-    	. "\n";
+        . "\t<tr><td align='right'><strong>".$clang->gT("Description:")."</strong></td>\n"
-	$newgroupoutput.= "</div>\n";
+        . "\t\t<td><textarea cols='80' rows='8' name='description_$grouplang'></textarea>"
-
+	. getEditor("group-desc","description_".$grouplang, "[".$clang->gT("Description:", "js")."](".$grouplang.")",$surveyid,'','',$action)
-    }
+	."</td></tr>\n"
-
+        . "</table>";
-    $newgroupoutput.= ""
+    	$newgroupoutput.= "\t<table><tr><td colspan='2' align='center'><input type='submit' value='".$clang->gT("Add Group")."' />\n"
-    . "\t<input type='hidden' name='action' value='insertnewgroup' />\n"
+    	. "\t</td></tr></table>\n"
-    . "\t<input type='hidden' name='sid' value='$surveyid' />\n"
+    	. "\n";
-    . "</form>\n";
+	$newgroupoutput.= "</div>\n";
-
+
-
+    }
-    // Import TAB
+
-    $newgroupoutput .= '<div class="tab-page"> <h2 class="tab">'.$clang->gT("Import Group")."</h2>\n";
+    $newgroupoutput.= ""
-    $newgroupoutput.= ""
+    . "\t<input type='hidden' name='action' value='insertnewgroup' />\n"
-    . "<form enctype='multipart/form-data' name='importgroup' action='$scriptname' method='post' onsubmit='return validatefilename(this,\"".$clang->gT('Please select a file to import!','js')."\");'>\n"
+    . "\t<input type='hidden' name='sid' value='$surveyid' />\n"
-    . "<table width='100%' border='0' class='form2columns'>\n"
+    . "</form>\n";
-    . "\t\t<tr>"
+
-    . "\t\n"
+
-    . "\t\t<td><strong>".$clang->gT("Select CSV File:")."</strong></td>\n"
+    // Import TAB
-    . "\t\t<td><input name=\"the_file\" type=\"file\" size=\"35\" /></td></tr>\n"
+    $newgroupoutput .= '<div class="tab-page"> <h2 class="tab">'.$clang->gT("Import Group")."</h2>\n";
-    . "\t\t<tr>\t\t<td>".$clang->gT("Convert Resources links ?")."</td>\n"
+    $newgroupoutput.= ""
-    . "\t\t<td><input name=\"translinksfields\" type=\"checkbox\" /></td></tr>\n"
+    . "<form enctype='multipart/form-data' name='importgroup' action='$scriptname' method='post' onsubmit='return validatefilename(this,\"".$clang->gT('Please select a file to import!','js')."\");'>\n"
-    . "\t<tr><td colspan='2'class='centered'><input type='submit' value='".$clang->gT("Import Group")."' />\n"
+    . "<table width='100%' border='0' class='form2columns'>\n"
-    . "\t<input type='hidden' name='action' value='importgroup' />\n"
+    . "\t\t<tr>"
-    . "\t<input type='hidden' name='sid' value='$surveyid' />\n"
+    . "\t\n"
-    . "\t</td></tr>\n</table></form>\n";
+    . "\t\t<td><strong>".$clang->gT("Select CSV File:")."</strong></td>\n"
-
+    . "\t\t<td><input name=\"the_file\" type=\"file\" size=\"35\" /></td></tr>\n"
-    // End Import TABS
+    . "\t\t<tr>\t\t<td>".$clang->gT("Convert resources links?")."</td>\n"
-    $newgroupoutput.= "</div>";
+    . "\t\t<td><input name=\"translinksfields\" type=\"checkbox\" checked=\"checked\"/></td></tr>\n"
-
+    . "\t<tr><td colspan='2'class='centered'><input type='submit' value='".$clang->gT("Import Group")."' />\n"
-	// End of TABS
+    . "\t<input type='hidden' name='action' value='importgroup' />\n"
-    $newgroupoutput.= "</div>";
+    . "\t<input type='hidden' name='sid' value='$surveyid' />\n"
-
+    . "\t</td></tr>\n</table></form>\n";
-    $newgroupoutput.= ""
+
-	."<script type='text/javascript'>\n"
+    // End Import TABS
-	."<!--\n"
+    $newgroupoutput.= "</div>";
-	."document.getElementById('group_name_$grouplang').focus();\n"
+
-	."//-->\n"
+	// End of TABS
-	."</script>\n";
+    $newgroupoutput.= "</div>";
-}
+
-
+    $newgroupoutput.= ""
-
+	."<script type='text/javascript'>\n"
-if ($action == "editgroup")
+	."<!--\n"
-{
+	."document.getElementById('group_name_$grouplang').focus();\n"
-    $grplangs = GetAdditionalLanguagesFromSurveyID($surveyid);
+	."//-->\n"
-    $baselang = GetBaseLanguageFromSurveyID($surveyid);
+	."</script>\n";
-
+}
-    $grplangs[] = $baselang;
+
-    $grplangs = array_flip($grplangs);
+
-
+if ($action == "editgroup")
-    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid";
+{
-    $egresult = db_execute_assoc($egquery);
+    $grplangs = GetAdditionalLanguagesFromSurveyID($surveyid);
-    while ($esrow = $egresult->FetchRow())
+    $baselang = GetBaseLanguageFromSurveyID($surveyid);
-    {
+
-        if(!array_key_exists($esrow['language'], $grplangs)) // Language Exists, BUT ITS NOT ON THE SURVEY ANYMORE.
+    $grplangs[] = $baselang;
-        {
+    $grplangs = array_flip($grplangs);
-            $egquery = "DELETE FROM ".db_table_name('groups')." WHERE sid='{$surveyid}' AND gid='{$gid}' AND language='".$esrow['language']."'";
+
-            $egresultD = $connect->Execute($egquery);
+    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid";
-        } else {
+    $egresult = db_execute_assoc($egquery);
-            $grplangs[$esrow['language']] = 99;
+    while ($esrow = $egresult->FetchRow())
-        }
+    {
-        if ($esrow['language'] == $baselang) $basesettings = array('group_name' => $esrow['group_name'],'description' => $esrow['description'],'group_order' => $esrow['group_order']);
+        if(!array_key_exists($esrow['language'], $grplangs)) // Language Exists, BUT ITS NOT ON THE SURVEY ANYMORE.
-
+        {
-    }
+            $egquery = "DELETE FROM ".db_table_name('groups')." WHERE sid='{$surveyid}' AND gid='{$gid}' AND language='".$esrow['language']."'";
-
+            $egresultD = $connect->Execute($egquery);
-    while (list($key,$value) = each($grplangs))
+        } else {
-    {
+            $grplangs[$esrow['language']] = 99;
-        if ($value != 99)
+        }
-        {
+        if ($esrow['language'] == $baselang) $basesettings = array('group_name' => $esrow['group_name'],'description' => $esrow['description'],'group_order' => $esrow['group_order']);
-            $egquery = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description,group_order,language) VALUES ('{$gid}', '{$surveyid}', '{$basesettings['group_name']}', '{$basesettings['description']}','{$basesettings['group_order']}', '{$key}')";
+
-            $egresult = $connect->Execute($egquery);
+    }
-        }
+
-    }
+    while (list($key,$value) = each($grplangs))
-    
+    {
-    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid AND language='$baselang'";
+        if ($value != 99)
-    $egresult = db_execute_assoc($egquery);
+        {
-    $editgroup = PrepareEditorScript();
+            $egquery = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description,group_order,language) VALUES ('{$gid}', '{$surveyid}', '{$basesettings['group_name']}', '{$basesettings['description']}','{$basesettings['group_order']}', '{$key}')";
-    $editgroup .= "<table width='100%' border='0'>\n\t<tr><td class='settingcaption'>"
+            $egresult = $connect->Execute($egquery);
-    . "\t\t".$clang->gT("Edit Group")."</td></tr></table>\n"
+        }
-    . "<form name='editgroup' action='$scriptname' method='post'>\n"
+    }
-    . '<div class="tab-pane" id="tab-pane-1">';
+    
-
+    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid AND language='$baselang'";
-    $esrow = $egresult->FetchRow();
+    $egresult = db_execute_assoc($egquery);
-    $editgroup .= '<div class="tab-page"> <h2 class="tab">'.getLanguageNameFromCode($esrow['language'],false);
+    $editgroup = PrepareEditorScript();
-    $editgroup .= '('.$clang->gT("Base Language").')';
+    $editgroup .= "<table width='100%' border='0'>\n\t<tr><td class='settingcaption'>"
-    $esrow = array_map('htmlspecialchars', $esrow);
+    . "\t\t".$clang->gT("Edit Group")."</td></tr></table>\n"
-    $editgroup .= '</h2>';
+    . "<form name='editgroup' action='$scriptname' method='post'>\n"
-    $editgroup .= "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Title").":</span>\n"
+    . '<div class="tab-pane" id="tab-pane-group-'.$gid.'">';
-    . "\t\t<span class='settingentry'><input type='text' maxlength='100' size='80' name='group_name_{$esrow['language']}' value=\"{$esrow['group_name']}\" />\n"
+
-    . "\t</span></div>\n"
+    $esrow = $egresult->FetchRow();
-    . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Description:")."</span>\n"
+    $editgroup .= '<div class="tab-page"> <h2 class="tab">'.getLanguageNameFromCode($esrow['language'],false);
-    . "\t\t<span class='settingentry'><textarea cols='70' rows='8' name='description_{$esrow['language']}'>{$esrow['description']}</textarea>\n"
+    $editgroup .= '('.$clang->gT("Base Language").')';
-    . getEditor("group-desc","description_".$esrow['language'], "[".$clang->gT("Description:", "js")."](".$esrow['language'].")",$surveyid,$gid,'',$action)
+    $esrow = array_map('htmlspecialchars', $esrow);
-    . "\t</span></div><div class='settingrow'></div></div>"; // THis empty div class is needed for forcing the tabpage border under the button
+    $editgroup .= '</h2>';
-
+    $editgroup .= "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Title").":</span>\n"
-
+    . "\t\t<span class='settingentry'><input type='text' maxlength='100' size='80' name='group_name_{$esrow['language']}' value=\"{$esrow['group_name']}\" />\n"
-    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid AND language!='$baselang'";
+    . "\t</span></div>\n"
-    $egresult = db_execute_assoc($egquery);
+    . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Description:")."</span>\n"
-    while ($esrow = $egresult->FetchRow())
+    . "\t\t<span class='settingentry'><textarea cols='70' rows='8' name='description_{$esrow['language']}'>{$esrow['description']}</textarea>\n"
-    {
+    . getEditor("group-desc","description_".$esrow['language'], "[".$clang->gT("Description:", "js")."](".$esrow['language'].")",$surveyid,$gid,'',$action)
-        $editgroup .= '<div class="tab-page"> <h2 class="tab">'.getLanguageNameFromCode($esrow['language'],false);
+    . "\t</span></div><div class='settingrow'></div></div>"; // THis empty div class is needed for forcing the tabpage border under the button
-        $esrow = array_map('htmlspecialchars', $esrow);
+
-        $editgroup .= '</h2>';
+
-        $editgroup .= "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Title").":</span>\n"
+    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid AND language!='$baselang'";
-        . "\t\t<span class='settingentry'><input type='text' maxlength='100' size='80' name='group_name_{$esrow['language']}' value=\"{$esrow['group_name']}\" />\n"
+    $egresult = db_execute_assoc($egquery);
-        . "\t</span></div>\n"
+    while ($esrow = $egresult->FetchRow())
-        . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Description:")."</span>\n"
+    {
-        . "\t\t<span class='settingentry'><textarea cols='70' rows='8' name='description_{$esrow['language']}'>{$esrow['description']}</textarea>\n"
+        $editgroup .= '<div class="tab-page"> <h2 class="tab">'.getLanguageNameFromCode($esrow['language'],false);
-    	. getEditor("group-desc","description_".$esrow['language'], "[".$clang->gT("Description:", "js")."](".$esrow['language'].")",$surveyid,$gid,'',$action)
+        $esrow = array_map('htmlspecialchars', $esrow);
-        . "\t</span></div><div class='settingrow'></div></div>"; // THis empty div class is needed for forcing the tabpage border under the button
+        $editgroup .= '</h2>';
-    }
+        $editgroup .= "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Title").":</span>\n"
-    $editgroup .= '</div>';
+        . "\t\t<span class='settingentry'><input type='text' maxlength='100' size='80' name='group_name_{$esrow['language']}' value=\"{$esrow['group_name']}\" />\n"
-    $editgroup .= "\t<p><input type='submit' class='standardbtn' value='".$clang->gT("Update Group")."' />\n"
+        . "\t</span></div>\n"
-    . "\t<input type='hidden' name='action' value='updategroup' />\n"
+        . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Description:")."</span>\n"
-    . "\t<input type='hidden' name='sid' value=\"{$surveyid}\" />\n"
+        . "\t\t<span class='settingentry'><textarea cols='70' rows='8' name='description_{$esrow['language']}'>{$esrow['description']}</textarea>\n"
-    . "\t<input type='hidden' name='gid' value='{$gid}' />\n"
+    	. getEditor("group-desc","description_".$esrow['language'], "[".$clang->gT("Description:", "js")."](".$esrow['language'].")",$surveyid,$gid,'',$action)
-    . "\t<input type='hidden' name='language' value=\"{$esrow['language']}\" />\n"
+        . "\t</span></div><div class='settingrow'></div></div>"; // THis empty div class is needed for forcing the tabpage border under the button
-    . "\t</p>\n"
+    }
-    . "</form>\n";
+    $editgroup .= '</div>';
-}
+    $editgroup .= "\t<p><input type='submit' class='standardbtn' value='".$clang->gT("Update Group")."' />\n"
-
+    . "\t<input type='hidden' name='action' value='updategroup' />\n"
-  
+    . "\t<input type='hidden' name='sid' value=\"{$surveyid}\" />\n"
-?>
+    . "\t<input type='hidden' name='gid' value='{$gid}' />\n"
    . "\t<input type='hidden' name='language' value=\"{$esrow['language']}\" />\n"
    . "\t</p>\n"
    . "</form>\n";
 }
 ?>
--- a/include/limesurvey/admin/html.php
+++ b/include/limesurvey/admin/html.php
--- a/include/limesurvey/admin/htmleditor-functions.php
+++ b/include/limesurvey/admin/htmleditor-functions.php
@@ -1,286 +1,295 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: htmleditor-functions.php 4916 2008-05-25 17:25:33Z c_schmitz $
+* $Id: htmleditor-functions.php 7076 2009-06-11 20:38:09Z lemeur $
-*/
+*/
-
+
-//include_once("login_check.php");
+//include_once("login_check.php");
-//Security Checked: POST/GET/SESSION/DB/returnglobal   
+//Security Checked: POST/GET/SESSION/DB/returnglobal   
-
+
-function PrepareEditorPopupScript()
+function PrepareEditorPopupScript()
-{
+{
-	global $clang,$imagefiles,$homeurl;
+	global $clang,$imagefiles,$homeurl;
-
+
-	$script = "<script type='text/javascript'>\n"
+	$script = "<script type='text/javascript'>\n"
-	. "<!--\n"
+	. "<!--\n"
-	. "var editorwindowsHash = new Object();\n"
+	. "var editorwindowsHash = new Object();\n"
-	. "function find_popup_editor(fieldname)\n"
+	. "function find_popup_editor(fieldname)\n"
-	. "\t{\t\n"
+	. "\t{\t\n"
-	. "\t\tvar window = null;\n"
+	. "\t\tvar window = null;\n"
-	. "\t\tfor (var key in editorwindowsHash)\n"
+	. "\t\tfor (var key in editorwindowsHash)\n"
-	. "\t\t{\n"
+	. "\t\t{\n"
-	. "\t\t\tif (key==fieldname && !editorwindowsHash[key].closed)\n"
+	. "\t\t\tif (key==fieldname && !editorwindowsHash[key].closed)\n"
-	. "\t\t\t{\n"
+	. "\t\t\t{\n"
-	. "\t\t\t\twindow = editorwindowsHash[key];\n"
+	. "\t\t\t\twindow = editorwindowsHash[key];\n"
-	. "\t\t\t\treturn window;\n"
+	. "\t\t\t\treturn window;\n"
-	. "\t\t\t}\n"
+	. "\t\t\t}\n"
-	. "\t\t}\n"
+	. "\t\t}\n"
-	. "\treturn null;\n"
+	. "\treturn null;\n"
-	. "\t}\t\n"
+	. "\t}\t\n"
-	. "\n"
+	. "\n"
-	. "function start_popup_editor(fieldname, fieldtext, sid, gid, qid, fieldtype, action)\n"	
+	. "function start_popup_editor(fieldname, fieldtext, sid, gid, qid, fieldtype, action)\n"	
-	. "\t{\t\n"
+	. "\t{\t\n"
-//	. "\t\tcontrolid = fieldname + '_popupctrl';\n"
+//	. "\t\tcontrolid = fieldname + '_popupctrl';\n"
-	. "\t\tcontrolidena = fieldname + '_popupctrlena';\n"
+	. "\t\tcontrolidena = fieldname + '_popupctrlena';\n"
-	. "\t\tcontroliddis = fieldname + '_popupctrldis';\n"
+	. "\t\tcontroliddis = fieldname + '_popupctrldis';\n"
-	. "\t\tnumwindows = editorwindowsHash.length;\n"
+	. "\t\tnumwindows = editorwindowsHash.length;\n"
-	. "\t\tactivepopup = find_popup_editor(fieldname);\n"
+	. "\t\tactivepopup = find_popup_editor(fieldname);\n"
-	. "\t\tif (activepopup == null)\n"
+	. "\t\tif (activepopup == null)\n"
-	. "\t\t{\n"
+	. "\t\t{\n"
-	. "\t\t\tdocument.getElementsByName(fieldname)[0].readOnly=true;\n"
+	. "\t\t\tdocument.getElementsByName(fieldname)[0].readOnly=true;\n"
-	. "\t\t\tdocument.getElementsByName(fieldname)[0].className='readonly';\n"
+	. "\t\t\tdocument.getElementsByName(fieldname)[0].className='readonly';\n"
-//	. "\t\t\tdocument.getElementById(controlid).src='".$imagefiles."/edithtmlpopup_disabled.png';\n"
+//	. "\t\t\tdocument.getElementById(controlid).src='".$imagefiles."/edithtmlpopup_disabled.png';\n"
-	. "\t\t\tdocument.getElementById(controlidena).style.display='none';\n"
+	. "\t\t\tdocument.getElementById(controlidena).style.display='none';\n"
-	. "\t\t\tdocument.getElementById(controliddis).style.display='';\n"
+	. "\t\t\tdocument.getElementById(controliddis).style.display='';\n"
-	. "\t\t\tpopup = window.open('".$homeurl."/htmleditor-popup.php?fieldname='+fieldname+'&fieldtext='+fieldtext+'&fieldtype='+fieldtype+'&action='+action+'&sid='+sid+'&gid='+gid+'&qid='+qid+'&lang=".$clang->getlangcode()."','', 'location=no, status=yes, scrollbars=auto, menubar=no, resizable=yes, width=600, height=400');\n"
+	. "\t\t\tpopup = window.open('".$homeurl."/htmleditor-popup.php?fieldname='+fieldname+'&fieldtext='+fieldtext+'&fieldtype='+fieldtype+'&action='+action+'&sid='+sid+'&gid='+gid+'&qid='+qid+'&lang=".$clang->getlangcode()."','', 'location=no, status=yes, scrollbars=auto, menubar=no, resizable=yes, width=600, height=400');\n"
-	. "\t\t\teditorwindowsHash[fieldname] = popup;\n"
+	. "\t\t\teditorwindowsHash[fieldname] = popup;\n"
-	. "\t\t}\n"
+	. "\t\t}\n"
-	. "\t\telse\n"
+	. "\t\telse\n"
-	. "\t\t{\n"
+	. "\t\t{\n"
-	. "\t\t\tactivepopup.focus();\n"
+	. "\t\t\tactivepopup.focus();\n"
-	. "\t\t}\n"
+	. "\t\t}\n"
-	. "\t}\n"
+	. "\t}\n"
-	. "\n"
+	. "\n"
-	. "function updateFCKeditor(fieldname,value)\n" 
+	. "function updateFCKeditor(fieldname,value)\n" 
-	. "{\t\n"
+	. "{\t\n"
-	. "\tvar mypopup= editorwindowsHash[fieldname];\n"
+	. "\tvar mypopup= editorwindowsHash[fieldname];\n"
-	. "\tif (mypopup)\n"
+	. "\tif (mypopup)\n"
-	. "\t{\n"
+	. "\t{\n"
-	. "\t\tvar oMyEditor = mypopup.FCKeditorAPI.GetInstance('MyTextarea');\n"
+	. "\t\tvar oMyEditor = mypopup.FCKeditorAPI.GetInstance('MyTextarea');\n"
-	. "\t\tif (oMyEditor) {oMyEditor.SetHTML(value);}\n"
+	. "\t\tif (oMyEditor) {oMyEditor.SetHTML(value);}\n"
-	. "\t\tmypopup.focus();\n"
+	. "\t\tmypopup.focus();\n"
-	. "\t}\n"
+	. "\t}\n"
-	. "}\n"
+	. "}\n"
-	. "--></script>\n";
+	. "--></script>\n";
-
+
-	return $script;
+	return $script;
-}
+}
-
+
-function PrepareEditorInlineScript()
+function PrepareEditorInlineScript()
-{
+{
-	global $homeurl, $fckeditordir;
+	global $homeurl, $fckeditordir;
-	$script ="<script type=\"text/javascript\" src=\"".$fckeditordir."/fckeditor.js\"></script>\n"
+	$script ="<script type=\"text/javascript\" src=\"".$fckeditordir."/fckeditor.js\"></script>\n"
-	. "<script type=\"text/javascript\">\n"
+	. "<script type=\"text/javascript\">\n"
-	. "<!--\n"
+	. "<!--\n"
-	. "function updateFCKeditor(fieldname,value)\n"
+	. "function updateFCKeditor(fieldname,value)\n"
-	. "{\n"
+	. "{\n"
-	. "\tvar oMyEditor = FCKeditorAPI.GetInstance(fieldname);\n"
+	. "\tvar oMyEditor = FCKeditorAPI.GetInstance(fieldname);\n"
-	. "\toMyEditor.SetHTML(value);\n"
+	. "\toMyEditor.SetHTML(value);\n"
-	. "}\n"
+	. "}\n"
-	. "-->\n"
+	. "-->\n"
-	. "</script>\n";
+	. "</script>\n";
-/*** Commented because of inconsistencies
+/*** Commented because of inconsistencies
-	$script .= ""
+	$script .= ""
-	. "<script type='text/javascript'>\n"
+	. "<script type='text/javascript'>\n"
-	. "<!--\n"
+	. "<!--\n"
-	."function FCKeditor_OnComplete( editorInstance )\n"
+	."function FCKeditor_OnComplete( editorInstance )\n"
-	. "{\n"
+	. "{\n"
-	. "\teditorInstance.Events.AttachEvent( 'OnBlur'	, FCKeditor_OnBlur ) ;\n"
+	. "\teditorInstance.Events.AttachEvent( 'OnBlur'	, FCKeditor_OnBlur ) ;\n"
-	. "\teditorInstance.Events.AttachEvent( 'OnFocus', FCKeditor_OnFocus ) ;\n"
+	. "\teditorInstance.Events.AttachEvent( 'OnFocus', FCKeditor_OnFocus ) ;\n"
-	."}\n"
+	."}\n"
-	. "function FCKeditor_OnBlur( editorInstance )\n"
+	. "function FCKeditor_OnBlur( editorInstance )\n"
-	. "{\n"
+	. "{\n"
-	. "\teditorInstance.ToolbarSet.Collapse() ;\n"
+	. "\teditorInstance.ToolbarSet.Collapse() ;\n"
-	. "}\n"
+	. "}\n"
-	. "function FCKeditor_OnFocus( editorInstance )\n"
+	. "function FCKeditor_OnFocus( editorInstance )\n"
-	. "{\n"
+	. "{\n"
-	."\teditorInstance.ToolbarSet.Expand() ;\n"
+	."\teditorInstance.ToolbarSet.Expand() ;\n"
-	."}\n"
+	."}\n"
-	. "--></script>\n";
+	. "--></script>\n";
-***/
+***/
-	return $script;
+	return $script;
-}
+}
-
+
-function PrepareEditorScript($fieldtype=null)
+function PrepareEditorScript($fieldtype=null)
-{
+{
-	global $defaulthtmleditormode;
+	global $defaulthtmleditormode;
-
+
-	if (isset($_SESSION['htmleditormode']) &&
+	if (isset($_SESSION['htmleditormode']) &&
-		$_SESSION['htmleditormode'] == 'none')
+		$_SESSION['htmleditormode'] == 'none')
-	{
+	{
-		return "<script type=\"text/javascript\">\n"
+		return "<script type=\"text/javascript\">\n"
-		. "<!--\n"
+		. "<!--\n"
-		. "function updateFCKeditor(fieldname,value) { return true;}\n"
+		. "function updateFCKeditor(fieldname,value) { return true;}\n"
-		. "-->\n"
+		. "-->\n"
-		. "</script>\n";
+		. "</script>\n";
-	}
+	}
-
+
-	if (!isset($_SESSION['htmleditormode']) ||
+	if (!isset($_SESSION['htmleditormode']) ||
-		($_SESSION['htmleditormode'] != 'inline' &&
+		($_SESSION['htmleditormode'] != 'inline' &&
-		$_SESSION['htmleditormode'] != 'popup') )
+		$_SESSION['htmleditormode'] != 'popup') )
-	{
+	{
-		$htmleditormode = $defaulthtmleditormode;
+		$htmleditormode = $defaulthtmleditormode;
-	}
+	}
-	else
+	else
-	{
+	{
-		$htmleditormode = $_SESSION['htmleditormode'];
+		$htmleditormode = $_SESSION['htmleditormode'];
-	}
+	}
-
+
-	if ($htmleditormode == 'popup' ||
+	if ($htmleditormode == 'popup' ||
-		$fieldtype == 'editanswer' ||
+		$fieldtype == 'editanswer' ||
-		$fieldtype == 'addanswer' ||
+		$fieldtype == 'addanswer' ||
-		$fieldtype == 'editlabel' ||
+		$fieldtype == 'editlabel' ||
-		$fieldtype == 'addlabel')
+		$fieldtype == 'addlabel')
-	{
+	{
-		return PrepareEditorPopupScript();
+		return PrepareEditorPopupScript();
-	}
+	}
-	elseif ($htmleditormode == 'inline')
+	elseif ($htmleditormode == 'inline')
-	{
+	{
-		return PrepareEditorInlineScript();
+		return PrepareEditorInlineScript();
-	}
+	}
-	else
+	else
-	{
+	{
-		return '';
+		return '';
-	}
+	}
-}
+}
-
+
-function getEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
+function getEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
-{
+{
-	global $defaulthtmleditormode;
+	global $defaulthtmleditormode;
-
+
-	if (isset($_SESSION['htmleditormode']) &&
+	if (isset($_SESSION['htmleditormode']) &&
-		$_SESSION['htmleditormode'] == 'none')
+		$_SESSION['htmleditormode'] == 'none')
-	{
+	{
-		return '';
+		return '';
-	}
+	}
-
+
-
+
-	if (!isset($_SESSION['htmleditormode']) ||
+	if (!isset($_SESSION['htmleditormode']) ||
-		($_SESSION['htmleditormode'] != 'inline' &&
+		($_SESSION['htmleditormode'] != 'inline' &&
-		$_SESSION['htmleditormode'] != 'popup') )
+		$_SESSION['htmleditormode'] != 'popup') )
-	{
+	{
-		$htmleditormode = $defaulthtmleditormode;
+		$htmleditormode = $defaulthtmleditormode;
-	}
+	}
-	else
+	else
-	{
+	{
-		$htmleditormode = $_SESSION['htmleditormode'];
+		$htmleditormode = $_SESSION['htmleditormode'];
-	}
+	}
-
+
-	if ( ($fieldtype == 'email-inv' ||
+	if ( ($fieldtype == 'email-inv' ||
-		$fieldtype == 'email-reg' ||
+		$fieldtype == 'email-reg' ||
-		$fieldtype == 'email-conf' ||
+		$fieldtype == 'email-conf' ||
-		$fieldtype == 'email-rem' ) &&
+		$fieldtype == 'email-rem' ) &&
-	      getEmailFormat($surveyID) != 'html')
+	      getEmailFormat($surveyID) != 'html')
-	{
+	{
-		return '';
+		return '';
-	}
+	}
-
+
-	if ($htmleditormode == 'popup' ||
+	if ($htmleditormode == 'popup' ||
-		$fieldtype == 'editanswer' ||
+		$fieldtype == 'editanswer' ||
-		$fieldtype == 'addanswer' ||
+		$fieldtype == 'addanswer' ||
-		$fieldtype == 'editlabel' ||
+		$fieldtype == 'editlabel' ||
-		$fieldtype == 'addlabel')
+		$fieldtype == 'addlabel')
-	{
+	{
-		return getPopupEditor($fieldtype,$fieldname,$fieldtext, $surveyID,$gID,$qID,$action);
+		return getPopupEditor($fieldtype,$fieldname,$fieldtext, $surveyID,$gID,$qID,$action);
-	}
+	}
-	elseif ($htmleditormode == 'inline')
+	elseif ($htmleditormode == 'inline')
-	{
+	{
-		return getInlineEditor($fieldtype,$fieldname,$fieldtext, $surveyID,$gID,$qID,$action);
+		return getInlineEditor($fieldtype,$fieldname,$fieldtext, $surveyID,$gID,$qID,$action);
-	}
+	}
-	else
+	else
-	{
+	{
-		return '';
+		return '';
-	}
+	}
-}
+}
-
+
-function getPopupEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
+function getPopupEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
-{
+{
-	global $clang, $imagefiles, $homeurl;
+	global $clang, $imagefiles, $homeurl;
-
+
-	$htmlcode = '';
+	$htmlcode = '';
-	$imgopts = '';
+	$imgopts = '';
-	$toolbarname = 'Basic';
+	$toolbarname = 'Basic';
-
+
-	if ($fieldtype == 'editanswer' || 
+	if ($fieldtype == 'editanswer' || 
-		$fieldtype == 'addanswer' ||
+		$fieldtype == 'addanswer' ||
-		$fieldtype == 'editlabel' ||
+		$fieldtype == 'editlabel' ||
-		 $fieldtype == 'addlabel')
+		 $fieldtype == 'addlabel')
-	{
+	{
-		$imgopts = "width='14px' height='14px'";
+		$imgopts = "width='14' height='14'";
-	}
+	}
-
+
-	$htmlcode .= ""
+	$htmlcode .= ""
-	. "<a href=\"javascript:start_popup_editor('".$fieldname."','".$fieldtext."','".$surveyID."','".$gID."','".$qID."','".$fieldtype."','".$action."')\" id='".$fieldname."_ctrl' title=\"".$clang->gTview("Start HTML Editor in a Popup Window")."\"><img alt=\"".$clang->gT("Start HTML Editor in a Popup Window")."\" id='".$fieldname."_popupctrlena' name='".$fieldname."_popupctrlena' border='0' src='".$imagefiles."/edithtmlpopup.png'  $imgopts /><img alt=\"".$clang->gT("Give focus to the HTML Editor Popup Window")."\" id='".$fieldname."_popupctrldis' name='".$fieldname."_popupctrldis' border='0' src='".$imagefiles."/edithtmlpopup_disabled.png' style='display: none'  $imgopts align='top'/></a>";
+	. "<a href=\"javascript:start_popup_editor('".$fieldname."','".$fieldtext."','".$surveyID."','".$gID."','".$qID."','".$fieldtype."','".$action."')\" id='".$fieldname."_ctrl' title=\"".$clang->gTview("Start HTML Editor in a Popup Window")."\"><img alt=\"".$clang->gT("Start HTML Editor in a Popup Window")."\" id='".$fieldname."_popupctrlena' name='".$fieldname."_popupctrlena' border='0' src='".$imagefiles."/edithtmlpopup.png'  $imgopts /><img alt=\"".$clang->gT("Give focus to the HTML Editor Popup Window")."\" id='".$fieldname."_popupctrldis' name='".$fieldname."_popupctrldis' border='0' src='".$imagefiles."/edithtmlpopup_disabled.png' style='display: none'  $imgopts align='top'/></a>";
-
+
-	return $htmlcode;
+	return $htmlcode;
-}
+}
-
+
-function getInlineEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
+function getInlineEditor($fieldtype,$fieldname,$fieldtext, $surveyID=null,$gID=null,$qID=null,$action=null)
-{
+{
-	global $clang, $imagefiles, $homeurl, $rooturl, $fckeditordir;
+	global $clang, $imagefiles, $homeurl, $rooturl, $fckeditordir, $fckeditexpandtoolbar;
-
+
-	$htmlcode = '';
+	$htmlcode = '';
-	$imgopts = '';
+	$imgopts = '';
-	$toolbarname = 'Basic';
+	$toolbarname = 'Basic';
-	$toolbaroption="";
+	$toolbaroption="";
-	$htmlformatoption="";
+	$htmlformatoption="";
-
+	$oFCKeditorVarName = "oFCKeditor_".str_replace("-","_",$fieldname);
-	if ($fieldtype == 'editanswer' || 
+
-		$fieldtype == 'addanswer' ||
+	if ($fieldtype == 'editanswer' || 
-		$fieldtype == 'editlabel' ||
+		$fieldtype == 'addanswer' ||
-		 $fieldtype == 'addlabel')
+		$fieldtype == 'editlabel' ||
-	{
+		 $fieldtype == 'addlabel')
-		$toolbarname = 'LimeSurveyToolbarfull';
+	{
-		$toolbaroption="oFCKeditor_$fieldname.Config[\"ToolbarLocation\"]=\"Out:xToolbar\";\n"
+		$toolbarname = 'LimeSurveyToolbarfull';
-		. "oFCKeditor_$fieldname.Config[\"ToolbarStartExpanded\"]=true;\n"
+		$toolbaroption="$oFCKeditorVarName.Config[\"ToolbarLocation\"]=\"Out:xToolbar\";\n"
-		. "oFCKeditor_$fieldname.Config[\"ToolbarCanCollapse\"]=false;\n"
+		. "$oFCKeditorVarName.Config[\"ToolbarStartExpanded\"]=true;\n"
-		. "oFCKeditor_$fieldname.Height = \"50\"\n";
+		. "$oFCKeditorVarName.Config[\"ToolbarCanCollapse\"]=false;\n"
-	}
+		. "$oFCKeditorVarName.Height = \"50\"\n";
-
+	}
-	if ( $fieldtype == 'email-inv' ||
+	else
-		$fieldtype == 'email-reg' ||
+	{
-		$fieldtype == 'email-conf' ||
+		if (!isset($fckeditexpandtoolbar) || $fckeditexpandtoolbar == true)
-		$fieldtype == 'email-rem' ) 
+		{
-	{
+			$toolbaroption .= "$oFCKeditorVarName.Config[\"ToolbarStartExpanded\"]=true;\n";
-		$htmlformatoption = "oFCKeditor_$fieldname.Config[\"FullPage\"]=true;\n";
+		}
-	}
+	}
-
+
-	$htmlcode .= ""
+	if ( $fieldtype == 'email-inv' ||
-	. "<script type=\"text/javascript\">\n"
+		$fieldtype == 'email-reg' ||
-	. "var oFCKeditor_$fieldname = new FCKeditor('$fieldname');\n"
+		$fieldtype == 'email-conf' ||
-	. "oFCKeditor_$fieldname.BasePath     = '".$fckeditordir."/';\n"
+		$fieldtype == 'email-rem' ) 
-	. "oFCKeditor_$fieldname.Config[\"CustomConfigurationsPath\"] = \"".$fckeditordir."/limesurvey-config.js\";\n"
+	{
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";\n"
+		$htmlformatoption = "$oFCKeditorVarName.Config[\"FullPage\"]=true;\n";
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsSID\"] = \"".$surveyID."\";\n"
+	}
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsGID\"] = \"".$gID."\";\n"
+
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsQID\"] = \"".$qID."\";\n"
+
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";\n"
+	$htmlcode .= ""
-	. "oFCKeditor_$fieldname.Config[\"LimeReplacementFieldsAction\"] = \"".$action."\";\n"
+	. "<script type=\"text/javascript\">\n"
-	. "oFCKeditor_$fieldname.Config[\"SmileyPath\"] = \"".$rooturl."/upload/images/smiley/msn/\";\n"
+	. "var $oFCKeditorVarName = new FCKeditor('$fieldname');\n"
-	. $htmlformatoption
+	. "$oFCKeditorVarName.BasePath     = '".$fckeditordir."/';\n"
-	. $toolbaroption; 
+	. "$oFCKeditorVarName.Config[\"CustomConfigurationsPath\"] = \"".$fckeditordir."/limesurvey-config.js\";\n"
-
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";\n"
-	if ($fieldtype == 'answer' || $fieldtype == 'label')
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsSID\"] = \"".$surveyID."\";\n"
-	{
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsGID\"] = \"".$gID."\";\n"
-		 $htmlcode .= ""
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsQID\"] = \"".$qID."\";\n"
-		. "oFCKeditor_$fieldname.Config[ 'ToolbarLocation' ] = 'Out:xToolbar' ;\n";
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";\n"
-	}
+	. "$oFCKeditorVarName.Config[\"LimeReplacementFieldsAction\"] = \"".$action."\";\n"
-
+	. "$oFCKeditorVarName.Config[\"SmileyPath\"] = \"".$rooturl."/upload/images/smiley/msn/\";\n"
-	 $htmlcode .= ""
+	. $htmlformatoption
-	. "oFCKeditor_$fieldname.ToolbarSet = '".$toolbarname."';\n"
+	. $toolbaroption; 
-	. "oFCKeditor_$fieldname.ReplaceTextarea() ;\n"
+
-	. '</script>';
+	if ($fieldtype == 'answer' || $fieldtype == 'label')
-
+	{
-	return $htmlcode;
+		 $htmlcode .= ""
-}
+		. "$oFCKeditorVarName.Config[ 'ToolbarLocation' ] = 'Out:xToolbar' ;\n";
-
+	}
-?>
+
 	 $htmlcode .= ""
 	. "$oFCKeditorVarName.ToolbarSet = '".$toolbarname."';\n"
 	. "$oFCKeditorVarName.ReplaceTextarea() ;\n"
 	. '</script>';
 	return $htmlcode;
 }
 ?>
--- a/include/limesurvey/admin/htmleditor-popup.php
+++ b/include/limesurvey/admin/htmleditor-popup.php
@@ -1,197 +1,197 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: htmleditor-popup.php 5074 2008-06-15 11:56:13Z c_schmitz $
+* $Id: htmleditor-popup.php 6853 2009-05-15 12:51:09Z c_schmitz $
-*/
+*/
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-//include_once("login_check.php");
+//include_once("login_check.php");
-
+
-require_once(dirname(__FILE__).'/../config-defaults.php');
+require_once(dirname(__FILE__).'/../config-defaults.php');
-require_once(dirname(__FILE__).'/../common.php');
+require_once(dirname(__FILE__).'/../common.php');
-
+
-if (!isset($_GET['lang']))
+if (!isset($_GET['lang']))
-{
+{
-	$clang = new limesurvey_lang("en");
+	$clang = new limesurvey_lang("en");
-}
+}
-else
+else
-{
+{
-	$clang = new limesurvey_lang($_GET['lang']);
+	$clang = new limesurvey_lang($_GET['lang']);
-}
+}
-
+
-if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
+if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
-{
+{
-	$output = '
+	$output = '
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
-<html>
+<html>
-<head>
+<head>
-	<title>LimeSurvey '.$clang->gT("HTML Editor").'</title>
+	<title>LimeSurvey '.$clang->gT("HTML Editor").'</title>
-	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-	<meta name="robots" content="noindex, nofollow" />
+	<meta name="robots" content="noindex, nofollow" />
-</head>'
+</head>'
-
+
-	. '
+	. '
-	<body>
+	<body>
-		<div class="maintitle">
+		<div class="maintitle">
-			LimeSurvey '.$clang->gT("HTML Editor").'
+			LimeSurvey '.$clang->gT("HTML Editor").'
-		</div>
+		</div>
-		<hr />
+		<hr />
-		
+		
-		<tr><td align="center"><br /><font color="red"><strong>	
+		<tr><td align="center"><br /><span style="color:red;"><strong>	
-		</strong></font><br />
+		</strong></span><br />
-		</table>
+		</table>
-		<form  onsubmit="self.close()">
+		<form  onsubmit="self.close()">
-			<input type="submit" value="'.$clang->gT("Close Editor").'" />
+			<input type="submit" value="'.$clang->gT("Close Editor").'" />
-			<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" />
+			<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" />
-		</form>
+		</form>
-	</body>
+	</body>
-	</html>';
+	</html>';
-}
+}
-else {
+else {
-	$fieldname=$_GET['fieldname'];
+	$fieldname=$_GET['fieldname'];
-	$fieldtext=$_GET['fieldtext'];
+	$fieldtext=$_GET['fieldtext'];
-	$controlidena=$_GET['fieldname'].'_popupctrlena';
+	$controlidena=$_GET['fieldname'].'_popupctrlena';
-	$controliddis=$_GET['fieldname'].'_popupctrldis';
+	$controliddis=$_GET['fieldname'].'_popupctrldis';
-
+
-	$sid=sanitize_int($_GET['sid']);
+	$sid=sanitize_int($_GET['sid']);
-	$gid=sanitize_int($_GET['gid']);
+	$gid=sanitize_int($_GET['gid']);
-	$qid=sanitize_int($_GET['qid']);
+	$qid=sanitize_int($_GET['qid']);
-	$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']);
+	$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']);
-	$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']);
+	$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']);
-
+
-	$toolbarname='LimeSurveyToolbarfullPopup';
+	$toolbarname='LimeSurveyToolbarfullPopup';
-	$htmlformatoption='';
+	$htmlformatoption='';
-
+
-	if ( $fieldtype == 'email-inv' ||
+	if ( $fieldtype == 'email-inv' ||
-		$fieldtype == 'email-reg' ||
+		$fieldtype == 'email-reg' ||
-		$fieldtype == 'email-conf' ||
+		$fieldtype == 'email-conf' ||
-		$fieldtype == 'email-rem' ) 
+		$fieldtype == 'email-rem' ) 
-	{
+	{
-		$htmlformatoption = "oFCKeditor.Config[\"FullPage\"]=true;";
+		$htmlformatoption = "oFCKeditor.Config[\"FullPage\"]=true;";
-	}
+	}
-
+
-	$output = '
+	$output = '
-	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
+	<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
-	<html>
+	<html>
-	<head>
+	<head>
-		<title>'.$clang->gT("Editing").' '.$fieldtext.'</title>
+		<title>'.$clang->gT("Editing").' '.$fieldtext.'</title>
-		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-		<meta name="robots" content="noindex, nofollow" />
+		<meta name="robots" content="noindex, nofollow" />
-		<script type="text/javascript" src="'.$fckeditordir.'/fckeditor.js"></script>
+		<script type="text/javascript" src="'.$fckeditordir.'/fckeditor.js"></script>
-	</head>';
+	</head>';
-
+
-
+
-	$output .= "
+	$output .= "
-	<body>
+	<body>
-	<form method='post' onsubmit='saveChanges=true;'>
+	<form method='post' onsubmit='saveChanges=true;'>
-
+
-			<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' />
+			<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' />
-			<script type='text/javascript'>
+			<script type='text/javascript'>
-	<!--
+	<!--
-	function closeme()
+	function closeme()
-	{
+	{
-		window.onbeforeunload = new Function('return true;');
+		window.onbeforeunload = new Function('return true;');
-		self.close();
+		self.close();
-	}
+	}
-
+
-	window.onbeforeunload= function (evt) {
+	window.onbeforeunload= function (evt) {
-		close_editor();
+		close_editor();
-		closeme();
+		closeme();
-	}
+	}
-
+
-
+
-	var saveChanges = false;
+	var saveChanges = false;
-
+
-	var oFCKeditor = new FCKeditor( 'MyTextarea' );
+	var oFCKeditor = new FCKeditor( 'MyTextarea' );
-	oFCKeditor.BasePath	= '".$fckeditordir."/';
+	oFCKeditor.BasePath	= '".$fckeditordir."/';
-	oFCKeditor.Height	= '350';
+	oFCKeditor.Height	= '350';
-	oFCKeditor.Width	= '98%';
+	oFCKeditor.Width	= '98%';
-	oFCKeditor.Value      = window.opener.document.getElementsByName(\"".$fieldname."\")[0].value;
+	oFCKeditor.Value      = window.opener.document.getElementsByName(\"".$fieldname."\")[0].value;
-	oFCKeditor.Config[\"CustomConfigurationsPath\"] = \"".$fckeditordir."/limesurvey-config.js\";
+	oFCKeditor.Config[\"CustomConfigurationsPath\"] = \"".$fckeditordir."/limesurvey-config.js\";
-	oFCKeditor.Config[\"ToolbarStartExpanded\"] = true;
+	oFCKeditor.Config[\"ToolbarStartExpanded\"] = true;
-	oFCKeditor.Config[\"ToolbarCanCollapse\"] = false;
+	oFCKeditor.Config[\"ToolbarCanCollapse\"] = false;
-	oFCKeditor.ToolbarSet = '".$toolbarname."';
+	oFCKeditor.ToolbarSet = '".$toolbarname."';
-	oFCKeditor.Config[\"LimeReplacementFieldsSID\"] = \"".$sid."\";
+	oFCKeditor.Config[\"LimeReplacementFieldsSID\"] = \"".$sid."\";
-	oFCKeditor.Config[\"LimeReplacementFieldsGID\"] = \"".$gid."\";
+	oFCKeditor.Config[\"LimeReplacementFieldsGID\"] = \"".$gid."\";
-	oFCKeditor.Config[\"LimeReplacementFieldsQID\"] = \"".$qid."\";
+	oFCKeditor.Config[\"LimeReplacementFieldsQID\"] = \"".$qid."\";
-	oFCKeditor.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";
+	oFCKeditor.Config[\"LimeReplacementFieldsType\"] = \"".$fieldtype."\";
-	oFCKeditor.Config[\"LimeReplacementFieldsAction\"] = \"".$action."\";
+	oFCKeditor.Config[\"LimeReplacementFieldsAction\"] = \"".$action."\";
-	oFCKeditor.Config[\"SmileyPath\"] = \"".$rooturl."/upload/images/smiley/msn/\";
+	oFCKeditor.Config[\"SmileyPath\"] = \"".$rooturl."/upload/images/smiley/msn/\";
-	$htmlformatoption
+	$htmlformatoption
-	oFCKeditor.Create();
+	oFCKeditor.Create();
-
+
-	function FCKeditor_OnComplete( editorInstance )
+	function FCKeditor_OnComplete( editorInstance )
-	{
+	{
-		//editorInstance.Events.AttachEvent( 'OnSelectionChange', DoSomething ) ;
+		//editorInstance.Events.AttachEvent( 'OnSelectionChange', DoSomething ) ;
-		editorInstance.ToolbarSet.CurrentInstance.Commands.GetCommand('FitWindow').Execute();
+		editorInstance.ToolbarSet.CurrentInstance.Commands.GetCommand('FitWindow').Execute();
-		window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."';
+		window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."';
-	}
+	}
-
+
-	function html_transfert()
+	function html_transfert()
-	{
+	{
-		var oEditor = FCKeditorAPI.GetInstance('MyTextarea');\n";
+		var oEditor = FCKeditorAPI.GetInstance('MyTextarea');\n";
-
+
-if ($fieldtype == 'editanswer' ||
+if ($fieldtype == 'editanswer' ||
-	$fieldtype == 'addanswer' ||
+	$fieldtype == 'addanswer' ||
-	$fieldtype == 'editlabel' ||
+	$fieldtype == 'editlabel' ||
-	$fieldtype == 'addlabel')
+	$fieldtype == 'addlabel')
-{
+{
-	$output .= "\t\tvar editedtext = oEditor.GetXHTML().replace(new RegExp( \"\\n\", \"g\" ),'');\n";
+	$output .= "\t\tvar editedtext = oEditor.GetXHTML().replace(new RegExp( \"\\n\", \"g\" ),'');\n";
-	$output .= "\t\tvar editedtext = oEditor.GetXHTML().replace(new RegExp( \"\\r\", \"g\" ),'');\n";
+	$output .= "\t\tvar editedtext = oEditor.GetXHTML().replace(new RegExp( \"\\r\", \"g\" ),'');\n";
-}
+}
-else
+else
-{
+{
-	//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n";
+	//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n";
-	$output .= "\t\tvar editedtext = oEditor.GetXHTML('no strip new line');\n"; // adding a parameter avoids stripping \n
+	$output .= "\t\tvar editedtext = oEditor.GetXHTML('no strip new line');\n"; // adding a parameter avoids stripping \n
-}
+}
-
+
-
+
-
+
-	$output .=	"
+	$output .=	"
-		window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext;
+		window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext;
-	}
+	}
-
+
-	function close_editor()
+	function close_editor()
-	{
+	{
-		if (saveChanges == false)
+		if (saveChanges == false)
-		{
+		{
-			if (confirm('".$clang->gT("Do you want to save your changes ?", "js")."'))
+			if (confirm('".$clang->gT("Do you want to save your changes ?", "js")."'))
-			{
+			{
-				html_transfert();
+				html_transfert();
-			}	
+			}	
-		}
+		}
-
+
-		if (saveChanges == true)
+		if (saveChanges == true)
-		{
+		{
-			html_transfert();
+			html_transfert();
-		}
+		}
-
+
-		window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false;
+		window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false;
-		window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput';
+		window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput';
-		window.opener.document.getElementById('".$controlidena."').style.display='';
+		window.opener.document.getElementById('".$controlidena."').style.display='';
-		window.opener.document.getElementById('".$controliddis."').style.display='none';
+		window.opener.document.getElementById('".$controliddis."').style.display='none';
-		window.opener.focus();
+		window.opener.focus();
-		return true;
+		return true;
-	}
+	}
-
+
-	//-->
+	//-->
-			</script>
+			</script>
-	</form>";
+	</form>";
-
+
-	//$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>";
+	//$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>";
-	$output .= "	
+	$output .= "	
-	</body>
+	</body>
-	</html>";
+	</html>";
-}
+}
-
+
-echo $output;
+echo $output;
-?>
+?>
--- a/include/limesurvey/admin/http_importsurvey.php
+++ b/include/limesurvey/admin/http_importsurvey.php
@@ -1,47 +1,47 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: http_importsurvey.php 4037 2008-01-20 15:23:53Z c_schmitz $
+* $Id: http_importsurvey.php 6853 2009-05-15 12:51:09Z c_schmitz $
-*/
+*/
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-
+
-// A FILE TO IMPORT A DUMPED SURVEY FILE, AND CREATE A NEW SURVEY
+// A FILE TO IMPORT A DUMPED SURVEY FILE, AND CREATE A NEW SURVEY
-
+
-$importsurvey = "<br /><table width='100%' align='center'><tr><td>\n";
+$importsurvey = "<br /><table width='100%' align='center'><tr><td>\n";
-$importsurvey .= "<table class='alertbox'>\n";
+$importsurvey .= "<table class='alertbox'>\n";
-$importsurvey .= "\t<tr ><td colspan='2' height='4'><font size='1' ><strong>"
+$importsurvey .= "\t<tr ><td colspan='2' height='4'><font size='1' ><strong>"
-.$clang->gT("Import Survey")."</strong></font></td></tr>\n";
+.$clang->gT("Import Survey")."</strong></font></td></tr>\n";
-$importsurvey .= "\t<tr ><td align='center'>\n";
+$importsurvey .= "\t<tr ><td align='center'>\n";
-
+
-$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
+$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
-
+
-if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $the_full_file_path))
+if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $the_full_file_path))
-{
+{
-	$importsurvey .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
+	$importsurvey .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
-	$importsurvey .= sprintf ($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."),$tempdir)."<br /><br />\n";
+	$importsurvey .= sprintf ($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."),$tempdir)."<br /><br />\n";
-	$importsurvey .= "</font></td></tr></table>\n";
+	$importsurvey .= "</font></td></tr></table>\n";
-	return;
+	return;
-}
+}
-
+
-// IF WE GOT THIS FAR, THEN THE FILE HAS BEEN UPLOADED SUCCESFULLY
+// IF WE GOT THIS FAR, THEN THE FILE HAS BEEN UPLOADED SUCCESFULLY
-
+
-$importsurvey .= "<strong><font class='successtitle'>".$clang->gT("Success")."!</font></strong><br />\n";
+$importsurvey .= "<strong><font class='successtitle'>".$clang->gT("Success")."!</font></strong><br />\n";
-$importsurvey .= $clang->gT("File upload succeeded.")."<br /><br />\n";
+$importsurvey .= $clang->gT("File upload succeeded.")."<br /><br />\n";
-$importsurvey .= $clang->gT("Reading file..")."<br />\n";
+$importsurvey .= $clang->gT("Reading file..")."<br />\n";
-
+
-$importingfrom = "http";	// "http" for the web version and "cmdline" for the command line version
+$importingfrom = "http";	// "http" for the web version and "cmdline" for the command line version
-include("importsurvey.php");
+include("importsurvey.php");
-
+
-?>
+?>
--- a/include/limesurvey/admin/import_resources_zip.php
+++ b/include/limesurvey/admin/import_resources_zip.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 * 
-* $Id: import_resources_zip.php 3685 2007-11-22 04:53:18Z jcleeland $
+* $Id: import_resources_zip.php 6864 2009-05-17 22:33:37Z c_schmitz $
 */
@@ -26,7 +26,16 @@ if (!isset($lid))
 	returnglobal('lid');
 }
 if ($action == "importsurvresources" && $surveyid) {
 	if ($demoModeOnly === true)
 	{
 		$importsurvresourcesoutput = "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
 	    $importsurvresourcesoutput .= $clang->gT("Demo Mode Only: Uploading file is disabled in this system.")."<br /><br />\n";
 		$importsurvresourcesoutput .= "<input type='submit' value='".$clang->gT("Back")."' onclick=\"window.open('$scriptname?action=editsurvey&amp;sid=$surveyid', '_self')\" />&nbsp;<br />&nbsp;<br />\n";
 		return;
 	}
 	require("classes/phpzip/phpzip.inc.php");
 	$zipfile=$_FILES['the_file']['tmp_name'];
 	$z = new PHPZip();
@@ -197,6 +206,15 @@ if ($action == "importsurvresources" && $surveyid) {
 if ($action == "importlabelresources" && $lid)
 {
 	if ($demoModeOnly === true)
 	{
 		$importlabelresourcesoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
 		$importlabelresourcesoutput .= sprintf ($clang->gT("Demo Mode Only: Uploading file is disabled in this system."),$basedestdir)."<br /><br />\n";
 		$importlabelresourcesoutput .= "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname?action=labels&lid=$lid', '_self')\">\n";
 		$importlabelresourcesoutput .= "</td></tr></table><br />&nbsp;\n";
 		return;
 	}
 	require("classes/phpzip/phpzip.inc.php");
 	//$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
 	$zipfile=$_FILES['the_file']['tmp_name'];
@@ -363,6 +381,187 @@ if ($action == "importlabelresources" && $lid)
 if ($action == "templateupload")
 {
    if ($demoModeOnly === true)
    {
        $importtemplateresourcesoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
        $importtemplateoutput .= sprintf ($clang->gT("Demo mode: Uploading templates is disabled."),$basedestdir)."<br /><br />\n";
        $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
        return;
    }
    require("classes/phpzip/phpzip.inc.php");
    //$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
    $zipfile=$_FILES['the_file']['tmp_name'];
    $z = new PHPZip();
    // Create temporary directory
    // If dangerous content is unzipped
    // then no one will know the path
    $extractdir=tempdir($tempdir);
    $basedestdir = $templaterootdir;
    $newdir=str_replace('.','',strip_ext(sanitize_paranoid_string($_FILES['the_file']['name'])));
    $destdir=$basedestdir.'/'.$newdir.'/';
    $importtemplateoutput = "<br />\n";
    $importtemplateoutput .= "<table class='alertbox'>\n";
    $importtemplateoutput .= "\t<tr><td colspan='2' height='4'><strong>".$clang->gT("Import Label Set")."</strong></td></tr>\n";
    $importtemplateoutput .= "\t<tr><td align='center'>\n";
    if (!is_writeable($basedestdir))
    {
        $importtemplateoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
        $importtemplateoutput .= sprintf ($clang->gT("Incorrect permissions in your %s folder."),$basedestdir)."<br /><br />\n";
        $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
        return;
    }
    if (!is_dir($destdir))
    {
        mkdir($destdir);
    }
    else
    {
        $importtemplateoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
        $importtemplateoutput .= sprintf ($clang->gT("Template '%s' does already exist."),$newdir)."<br /><br />\n";
        $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
        return;
    }
    $aImportedFilesInfo=array();
    $aErrorFilesInfo=array();
    if (is_file($zipfile))
    {
        $importtemplateoutput .= "<strong><font class='successtitle'>".$clang->gT("Success")."</font></strong><br />\n";
        $importtemplateoutput .= $clang->gT("File upload succeeded.")."<br /><br />\n";
        $importtemplateoutput .= $clang->gT("Reading file..")."<br />\n";
        if ($z->extract($extractdir,$zipfile) != 'OK')
        {
            $importtemplateoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
            $importtemplateoutput .= $clang->gT("This file is not a valid ZIP file archive. Import failed.")."<br /><br />\n";
            $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
            return;
        }
         $ErrorListHeader = "";
        $ImportListHeader = "";
        // now read tempdir and copy authorized files only
        $dh = opendir($extractdir);
        while($direntry = readdir($dh))
        {
            if (($direntry!=".")&&($direntry!=".."))
            {
                if (is_file($extractdir."/".$direntry))
                { // is  a file
                    $extfile = substr(strrchr($direntry, '.'),1);
                    if  (!(stripos(','.$allowedresourcesuploads.',',','.$extfile.',') === false))
                    { //Extension allowed
                        if (!copy($extractdir."/".$direntry, $destdir.$direntry))
                        {
                            $aErrorFilesInfo[]=Array(
                                "filename" => $direntry,
                                "status" => $clang->gT("Copy failed")
                            );
                            unlink($extractdir."/".$direntry);
                        }
                        else
                        {    
                            $aImportedFilesInfo[]=Array(
                                "filename" => $direntry,
                                "status" => $clang->gT("OK")
                            );
                            unlink($extractdir."/".$direntry);
                        }
                    }
                    else
                    { // Extension forbidden
                        $aErrorFilesInfo[]=Array(
                            "filename" => $direntry,
                            "status" => $clang->gT("Error")." (".$clang->gT("Forbidden Extension").")"
                        );
                        unlink($extractdir."/".$direntry);
                    }
                } // end if is_file
            } // end if ! . or ..
        } // end while read dir
        //Delete the temporary file
        unlink($zipfile);
        closedir($dh);
        //Delete temporary folder
        rmdir($extractdir);
        // display summary
        $okfiles = 0;
        $errfiles= 0;
        if (count($aErrorFilesInfo)==0 && count($aImportedFilesInfo)>0)
        {
            $status=$clang->gT("Success");
            $color='green';
            $okfiles = count($aImportedFilesInfo);
            $ImportListHeader .= "<br /><strong><u>".$clang->gT("Imported Files List").":</u></strong><br />\n";
        }
        elseif (count($aErrorFilesInfo)==0 && count($aImportedFilesInfo)==0)
        {
            $importtemplateoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
            $importtemplateoutput .= $clang->gT("This ZIP archive contains no valid template files. Import failed.")."<br /><br />\n";
            $importtemplateoutput .= $clang->gT("Remember that we do not support subdirectories in ZIP archives.")."<br /><br />\n";
            $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
            return;
        }
        elseif (count($aErrorFilesInfo)>0 && count($aImportedFilesInfo)>0)
        {
            $status=$clang->gT("Partial");
            $color='orange';
            $okfiles = count($aImportedFilesInfo);
            $errfiles = count($aErrorFilesInfo);
            $ErrorListHeader .= "<br /><strong><u>".$clang->gT("Error Files List").":</u></strong><br />\n";
            $ImportListHeader .= "<br /><strong><u>".$clang->gT("Imported Files List").":</u></strong><br />\n";
        }
        else
        {
            $status=$clang->gT("Error");
            $color='red';
            $errfiles = count($aErrorFilesInfo);
                $ErrorListHeader .= "<br /><strong><u>".$clang->gT("Error Files List").":</u></strong><br />\n";
        }
        $importtemplateoutput .= "<strong>".$clang->gT("Imported template files for")."</strong> $lid<br />\n";
        $importtemplateoutput .= "<br />\n<strong><font color='$color'>".$status."</font></strong><br />\n";
        $importtemplateoutput .= "<strong><u>".$clang->gT("Resources Import Summary")."</u></strong><br />\n";
        $importtemplateoutput .= "".$clang->gT("Total Imported files").": $okfiles<br />\n";
        $importtemplateoutput .= "".$clang->gT("Total Errors").": $errfiles<br />\n";
        $importtemplateoutput .= $ImportListHeader;
        foreach ($aImportedFilesInfo as $entry)
        {
            $importtemplateoutput .= "\t<li>".$clang->gT("File").": ".$entry["filename"]."</li>\n";
        }
        $importtemplateoutput .= "\t</ul><br /><br />\n";
        $importtemplateoutput .= $ErrorListHeader;
        foreach ($aErrorFilesInfo as $entry)
        {
            $importtemplateoutput .= "\t<li>".$clang->gT("File").": ".$entry['filename']." (".$entry['status'].")</li>\n";
        }
    }
    else
    {
        $importtemplateoutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
        $importtemplateoutput .= sprintf ($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."),$basedestdir)."<br /><br />\n";
        $importtemplateoutput .= "</td></tr></table><br />&nbsp;\n";
        return;
    }
    $importtemplateoutput .= "<input type='submit' value='".$clang->gT("Open imported template")."' onclick=\"window.open('$scriptname?action=templates&templatename=$newdir', '_self')\">\n";
 }
 //---------------------
 	// Comes from http://fr2.php.net/tempnam
 function tempdir($dir, $prefix='', $mode=0700)
@@ -377,4 +576,20 @@ if ($action == "importlabelresources" && $lid)
    return $path;
  }
    /**
    * Strips file extension
    * 
    * @param string $name
    * @return string
    */
    function strip_ext($name)
    {
         $ext = strrchr($name, '.');
         if($ext !== false)
         {
             $name = substr($name, 0, -strlen($ext));
         }
         return $name;
    }   
 ?>
--- a/include/limesurvey/admin/importgroup.php
+++ b/include/limesurvey/admin/importgroup.php
--- a/include/limesurvey/admin/importlabel.php
+++ b/include/limesurvey/admin/importlabel.php
@@ -1,219 +1,223 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: importlabel.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: importlabel.php 7382 2009-08-01 19:48:15Z c_schmitz $
-*/
+*/
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-// A FILE TO IMPORT A DUMPED SURVEY FILE, AND CREATE A NEW SURVEY
+// A FILE TO IMPORT A DUMPED SURVEY FILE, AND CREATE A NEW SURVEY
-
+
-$importlabeloutput = "<br />\n";
+$importlabeloutput = "<br />\n";
-$importlabeloutput .= "<table class='alertbox'>\n";
+$importlabeloutput .= "<table class='alertbox'>\n";
-$importlabeloutput .= "\t<tr><td colspan='2' height='4'><strong>".$clang->gT("Import Label Set")."</strong></td></tr>\n";
+$importlabeloutput .= "\t<tr><td colspan='2' height='4'><strong>".$clang->gT("Import Label Set")."</strong></td></tr>\n";
-$importlabeloutput .= "\t<tr><td align='center'>\n";
+$importlabeloutput .= "\t<tr><td align='center'>\n";
-
+
-$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
+$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
-
+
-if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $the_full_file_path))
+if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $the_full_file_path))
-{
+{
-	$importlabeloutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
+	$importlabeloutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
-    $importlabeloutput .= sprintf ($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."),$tempdir)."<br /><br />\n";
+    $importlabeloutput .= sprintf ($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."),$tempdir)."<br /><br />\n";
-	$importlabeloutput .= "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+	$importlabeloutput .= "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
-	$importlabeloutput .= "</td></tr></table><br />&nbsp;\n";
+	$importlabeloutput .= "</td></tr></table><br />&nbsp;\n";
-	return;
+	return;
-}
+}
-
+
-// IF WE GOT THIS FAR, THEN THE FILE HAS BEEN UPLOADED SUCCESFULLY
+// IF WE GOT THIS FAR, THEN THE FILE HAS BEEN UPLOADED SUCCESFULLY
-
+
-$csarray=buildLabelSetCheckSumArray();
+$csarray=buildLabelSetCheckSumArray();
-//$csarray is now a keyed array with the Checksum of each of the label sets, and the lid as the key
+//$csarray is now a keyed array with the Checksum of each of the label sets, and the lid as the key
-
+
-$importlabeloutput .= "<strong><font class='successtitle'>".$clang->gT("Success")."</font></strong><br />\n";
+$importlabeloutput .= "<strong><font class='successtitle'>".$clang->gT("Success")."</font></strong><br />\n";
-$importlabeloutput .= $clang->gT("File upload succeeded.")."<br /><br />\n";
+$importlabeloutput .= $clang->gT("File upload succeeded.")."<br /><br />\n";
-$importlabeloutput .= $clang->gT("Reading file..")."<br />\n";
+$importlabeloutput .= $clang->gT("Reading file..")."<br />\n";
-$handle = fopen($the_full_file_path, "r");
+$handle = fopen($the_full_file_path, "r");
-while (!feof($handle))
+while (!feof($handle))
-{
+{
-	$buffer = fgets($handle, 10240); //To allow for very long survey welcomes (up to 10k)
+	$buffer = fgets($handle, 10240); //To allow for very long survey welcomes (up to 10k)
-	$bigarray[] = $buffer;
+	$bigarray[] = $buffer;
-}
+}
-fclose($handle);
+fclose($handle);
-if (substr($bigarray[0], 0, 27) != "# LimeSurvey Label Set Dump" && substr($bigarray[0], 0, 28) != "# PHPSurveyor Label Set Dump")
+if (substr($bigarray[0], 0, 27) != "# LimeSurvey Label Set Dump" && substr($bigarray[0], 0, 28) != "# PHPSurveyor Label Set Dump")
-{
+{
-	$importlabeloutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
+	$importlabeloutput .= "<strong><font color='red'>".$clang->gT("Error")."</font></strong><br />\n";
-	$importlabeloutput .= $clang->gT("This file is not a LimeSurvey label set file. Import failed.")."<br /><br />\n";
+	$importlabeloutput .= $clang->gT("This file is not a LimeSurvey label set file. Import failed.")."<br /><br />\n";
-	$importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to Labels Admin")."' onclick=\"window.open('$scriptname?action=labels', '_self')\">\n";
+	$importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to Labels Admin")."' onclick=\"window.open('$scriptname?action=labels', '_self')\">\n";
-	$importlabeloutput .= "</td></tr></table>\n";
+	$importlabeloutput .= "</td></tr></table>\n";
-	$importlabeloutput .= "</body>\n</html>\n";
+	$importlabeloutput .= "</body>\n</html>\n";
-    unlink($the_full_file_path);
+    unlink($the_full_file_path);
-	return;
+	return;
-}
+}
-
+
-for ($i=0; $i<9; $i++) //skipping the first lines that are not needed
+for ($i=0; $i<9; $i++) //skipping the first lines that are not needed
-{
+{
-	unset($bigarray[$i]);
+	unset($bigarray[$i]);
-}
+}
-$bigarray = array_values($bigarray);
+$bigarray = array_values($bigarray);
-
+
-//LABEL SETS
+//LABEL SETS
-if (array_search("# LABELS TABLE\n", $bigarray))
+if (array_search("# LABELS TABLE\n", $bigarray))
-{
+{
-	$stoppoint = array_search("# LABELS TABLE\n", $bigarray);
+	$stoppoint = array_search("# LABELS TABLE\n", $bigarray);
-}
+}
-elseif (array_search("# LABELS TABLE\r\n", $bigarray))
+elseif (array_search("# LABELS TABLE\r\n", $bigarray))
-{
+{
-	$stoppoint = array_search("# LABELS TABLE\r\n", $bigarray);
+	$stoppoint = array_search("# LABELS TABLE\r\n", $bigarray);
-}
+}
-else
+else
-{
+{
-	$stoppoint = count($bigarray)-1;
+	$stoppoint = count($bigarray)-1;
-}
+}
-for ($i=0; $i<=$stoppoint+1; $i++)
+for ($i=0; $i<=$stoppoint+1; $i++)
-{
+{
-	if ($i<$stoppoint-2) {$labelsetsarray[] = $bigarray[$i];}
+	if ($i<$stoppoint-2) {$labelsetsarray[] = $bigarray[$i];}
-	unset($bigarray[$i]);
+	unset($bigarray[$i]);
-}
+}
-$bigarray = array_values($bigarray);
+$bigarray = array_values($bigarray);
-
+
-
+
-//LABELS
+//LABELS
-$stoppoint = count($bigarray)-1;
+$stoppoint = count($bigarray)-1;
-
+
-for ($i=0; $i<$stoppoint; $i++)
+for ($i=0; $i<$stoppoint; $i++)
-{
+{
-    // do not import empty lines
+    // do not import empty lines
-	if (trim($bigarray[$i])!='') 
+	if (trim($bigarray[$i])!='') 
-    {
+    {
-        $labelsarray[] = $bigarray[$i];
+        $labelsarray[] = $bigarray[$i];
-    }
+    }
-	unset($bigarray[$i]);
+	unset($bigarray[$i]);
-}
+}
-
+
-
+
-
+
-$countlabelsets = count($labelsetsarray)-1;
+$countlabelsets = count($labelsetsarray)-1;
-$countlabels = count($labelsarray)-1;
+$countlabels = count($labelsarray)-1;
-
+
-
+
-if (isset($labelsetsarray) && $labelsetsarray) {
+if (isset($labelsetsarray) && $labelsetsarray) {
-	$csarray=buildLabelSetCheckSumArray();   // build checksums over all existing labelsets
+	$csarray=buildLabelSetCheckSumArray();   // build checksums over all existing labelsets
-	$count=0;
+	$count=0;
-	foreach ($labelsetsarray as $lsa) {
+	foreach ($labelsetsarray as $lsa) {
-        $fieldorders  =convertCSVRowToArray($labelsetsarray[0],',','"');
+        $fieldorders  =convertCSVRowToArray($labelsetsarray[0],',','"');
-        $fieldcontents=convertCSVRowToArray($lsa,',','"');
+        $fieldcontents=convertCSVRowToArray($lsa,',','"');
-        if ($count==0) {$count++; continue;}
+        if ($count==0) {$count++; continue;}
-	
+	
-		$labelsetrowdata=array_combine($fieldorders,$fieldcontents);
+		$labelsetrowdata=array_combine($fieldorders,$fieldcontents);
-		
+		
-		// Save old labelid
+		// Save old labelid
-		$oldlid=$labelsetrowdata['lid'];
+		$oldlid=$labelsetrowdata['lid'];
-		// set the new language
+		// set the new language
-
+
-        unset($labelsetrowdata['lid']);
+        unset($labelsetrowdata['lid']);
-        
+        
-        $countlang=count(explode(' ',trim($labelsetrowdata['languages'])));
+        $countlang=count(explode(' ',trim($labelsetrowdata['languages'])));
-        $newvalues=array_values($labelsetrowdata);
+        $newvalues=array_values($labelsetrowdata);
-        $newvalues=array_map(array(&$connect, "qstr"),$newvalues); // quote everything accordingly
+        $newvalues=array_map(array(&$connect, "qstr"),$newvalues); // quote everything accordingly
-        $lsainsert = "insert INTO {$dbprefix}labelsets (".implode(',',array_keys($labelsetrowdata)).") VALUES (".implode(',',$newvalues).")"; //handle db prefix
+        $lsainsert = "insert INTO {$dbprefix}labelsets (".implode(',',array_keys($labelsetrowdata)).") VALUES (".implode(',',$newvalues).")"; //handle db prefix
-		$lsiresult=$connect->Execute($lsainsert);
+		$lsiresult=$connect->Execute($lsainsert);
-		
+		
-		// Get the new insert id for the labels inside this labelset
+		// Get the new insert id for the labels inside this labelset
-		$newlid=$connect->Insert_ID("{$dbprefix}labelsets",'lid');
+		$newlid=$connect->Insert_ID("{$dbprefix}labelsets",'lid');
-
+
-		if ($labelsarray) {
+		if ($labelsarray) {
-		    $count=0;
+		    $count=0;
-            $lfieldorders  =convertCSVRowToArray($labelsarray[0],',','"');
+            $lfieldorders  =convertCSVRowToArray($labelsarray[0],',','"');
-            unset($labelsarray[0]);
+            unset($labelsarray[0]);
-			foreach ($labelsarray as $la) {
+			foreach ($labelsarray as $la) {
-
+
-                $lfieldcontents=convertCSVRowToArray($la,',','"');
+                $lfieldcontents=convertCSVRowToArray($la,',','"');
-        		// Combine into one array with keys and values since its easier to handle
+        		// Combine into one array with keys and values since its easier to handle
-         		$labelrowdata=array_combine($lfieldorders,$lfieldcontents);
+         		$labelrowdata=array_combine($lfieldorders,$lfieldcontents);
-				$labellid=$labelrowdata['lid'];
+				$labellid=$labelrowdata['lid'];
-			
+			
-				if ($labellid == $oldlid) {
+				if ($labellid == $oldlid) {
-					$labelrowdata['lid']=$newlid;
+					$labelrowdata['lid']=$newlid;
-
+                    
-			// translate internal links
+			        // translate internal links
-			$labelrowdata['title']=translink('label', $oldlid, $newlid, $labelrowdata['title']);
+			        $labelrowdata['title']=translink('label', $oldlid, $newlid, $labelrowdata['title']);
-
+                    if (!isset($labelrowdata["assessment_value"]))
-                    $newvalues=array_values($labelrowdata);
+                    {
-                    $newvalues=array_map(array(&$connect, "qstr"),$newvalues); // quote everything accordingly
+                       $labelrowdata["assessment_value"]=(int)$labelrowdata["code"];
-                    $lainsert = "insert INTO {$dbprefix}labels (".implode(',',array_keys($labelrowdata)).") VALUES (".implode(',',$newvalues).")"; //handle db prefix
+                    }
-					$liresult=$connect->Execute($lainsert);
+
-				}
+                    $newvalues=array_values($labelrowdata);
-			}
+                    $newvalues=array_map(array(&$connect, "qstr"),$newvalues); // quote everything accordingly
-		}
+                    $lainsert = "insert INTO {$dbprefix}labels (".implode(',',array_keys($labelrowdata)).") VALUES (".implode(',',$newvalues).")"; //handle db prefix
-
+					$liresult=$connect->Execute($lainsert);
-		//CHECK FOR DUPLICATE LABELSETS
+				}
-		$thisset="";
+			}
-		$query2 = "SELECT code, title, sortorder, language 
+		}
-                   FROM ".db_table_name('labels')."
+
-                   WHERE lid=".$newlid."
+		//CHECK FOR DUPLICATE LABELSETS
-                   ORDER BY sortorder, code";
+		$thisset="";
-		$result2 = db_execute_num($query2) or safe_die("Died querying labelset $lid<br />$query2<br />".$connect->ErrorMsg());
+		$query2 = "SELECT code, title, sortorder, language, assessment_value 
-		while($row2=$result2->FetchRow())
+                   FROM ".db_table_name('labels')."
-		{
+                   WHERE lid=".$newlid."
-			$thisset .= implode('.', $row2);
+                   ORDER BY sortorder, code";
-		} // while
+		$result2 = db_execute_num($query2) or safe_die("Died querying labelset $lid<br />$query2<br />".$connect->ErrorMsg());
-		$newcs=dechex(crc32($thisset)*1);
+		while($row2=$result2->FetchRow())
-        unset($lsmatch);
+		{
-        
+			$thisset .= implode('.', $row2);
-		if (isset($csarray))
+		} // while
-		{
+		$newcs=dechex(crc32($thisset)*1);
-			foreach($csarray as $key=>$val)
+        unset($lsmatch);
-			{
+        
-//			echo $val."-".$newcs."<br/>";  For debug purposes
+		if (isset($csarray))
-            	if ($val == $newcs)
+		{
-				{
+			foreach($csarray as $key=>$val)
-					$lsmatch=$key;
+			{
-				}
+//			echo $val."-".$newcs."<br/>";  For debug purposes
-			}
+            	if ($val == $newcs)
-		}
+				{
-		if (isset($lsmatch))
+					$lsmatch=$key;
-		{
+				}
-			//There is a matching labelset. So, we will delete this one and refer
+			}
-			//to the matched one.
+		}
-			$query = "DELETE FROM {$dbprefix}labels WHERE lid=$newlid";
+		if (isset($lsmatch))
-			$result=$connect->Execute($query) or safe_die("Couldn't delete labels<br />$query<br />".$connect->ErrorMsg());
+		{
-			$query = "DELETE FROM {$dbprefix}labelsets WHERE lid=$newlid";
+			//There is a matching labelset. So, we will delete this one and refer
-			$result=$connect->Execute($query) or safe_die("Couldn't delete labelset<br />$query<br />".$connect->ErrorMsg());
+			//to the matched one.
-			$newlid=$lsmatch;
+			$query = "DELETE FROM {$dbprefix}labels WHERE lid=$newlid";
-	        $importlabeloutput.="<p><i><font color='red'>".$clang->gT("There was a duplicate labelset, so this set was not imported. The duplicate will be used instead.")."</font></i>\n";
+			$result=$connect->Execute($query) or safe_die("Couldn't delete labels<br />$query<br />".$connect->ErrorMsg());
-            $importlabeloutput .= "<strong>Existing LID:</strong> $newlid</p><br />\n";
+			$query = "DELETE FROM {$dbprefix}labelsets WHERE lid=$newlid";
-			
+			$result=$connect->Execute($query) or safe_die("Couldn't delete labelset<br />$query<br />".$connect->ErrorMsg());
-		}
+			$newlid=$lsmatch;
-		else
+	        $importlabeloutput.="<p><i><font color='red'>".$clang->gT("There was a duplicate labelset, so this set was not imported. The duplicate will be used instead.")."</font></i>\n";
-		{
+            $importlabeloutput .= "<strong>Existing LID:</strong> $newlid</p><br />\n";
-        $importlabeloutput .= "<strong>LID:</strong> $newlid<br />\n";
+			
-        $importlabeloutput .= "<br />\n<strong><font class='successtitle'>".$clang->gT("Success")."</font></strong><br />\n";
+		}
-        $importlabeloutput .= "<strong><u>".$clang->gT("Label Set Import Summary")."</u></strong><br />\n";
+		else
-        $importlabeloutput .= "\t<li>".$clang->gT("Label Sets").": $countlabelsets</li>\n";
+		{
-        $importlabeloutput .= "\t<li>".$clang->gT("Labels").": $countlabels</li>\n";
+        $importlabeloutput .= "<strong>LID:</strong> $newlid<br />\n";
-        $importlabeloutput .= "\t<li>".$clang->gT("Languages").": $countlang</li></ul><br />\n";
+        $importlabeloutput .= "<br />\n<strong><font class='successtitle'>".$clang->gT("Success")."</font></strong><br />\n";
-		}
+        $importlabeloutput .= "<strong><u>".$clang->gT("Label Set Import Summary")."</u></strong><br />\n";
-		//END CHECK FOR DUPLICATES
+        $importlabeloutput .= "\t<li>".$clang->gT("Label Sets").": $countlabelsets</li>\n";
-	}
+        $importlabeloutput .= "\t<li>".$clang->gT("Labels").": $countlabels</li>\n";
-}
+        $importlabeloutput .= "\t<li>".$clang->gT("Languages").": $countlang</li></ul><br />\n";
-
+		}
-
+		//END CHECK FOR DUPLICATES
-$importlabeloutput .= "<strong>".$clang->gT("Import of Label Set is completed.")."</strong><br />\n";
+	}
-$importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to Labels Admin")."' onclick=\"window.open('$scriptname?action=labels&amp;lid=$newlid', '_self')\">\n";
+}
-
+
-$importlabeloutput .= "</td></tr></table>\n";
+
-unlink($the_full_file_path);
+$importlabeloutput .= "<strong>".$clang->gT("Import of Label Set is completed.")."</strong><br />\n";
-
+$importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to Labels Admin")."' onclick=\"window.open('$scriptname?action=labels&amp;lid=$newlid', '_self')\">\n";
-
+
-
+$importlabeloutput .= "</td></tr></table>\n";
-?>
+unlink($the_full_file_path);
 ?>
--- a/include/limesurvey/admin/importoldresponses.php
+++ b/include/limesurvey/admin/importoldresponses.php
@@ -1,138 +1,269 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: importoldresponses.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: importoldresponses.php 7058 2009-06-10 14:42:27Z c_schmitz $
-*/
+*/
-
+
-//import responses from an old_ survey table into an active survey
+
-include_once("login_check.php");        
+//import responses from an old_ survey table into an active survey
-
+include_once("login_check.php");        
-if (!isset($oldtable)) {$oldtable=returnglobal('oldtable');}
+
-if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
+if (!isset($oldtable)) {$oldtable=returnglobal('oldtable');}
-
+if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-
+
-if (!$subaction == "import")
+
-{
+if (!$subaction == "import")
-	// show UI for choosing old table
+{
-
+	// show UI for choosing old table
-	$query = db_select_tables_like("{$dbprefix}old\_survey_{$surveyid}\_%");
+
-	$result = db_execute_num($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
+	$query = db_select_tables_like("{$dbprefix}old\_survey\_%");
-	$optionElements = '';
+	$result = db_execute_num($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
-	while ($row = $result->FetchRow())
+	$optionElements = '';
-	{
+	$queryCheckColumnsActive = "SELECT * FROM {$dbprefix}survey_{$surveyid} ";
-		$optionElements .= "\t\t\t<option>{$row[0]}</option>\n";
+	$resultActive = db_execute_num($queryCheckColumnsActive) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
-	}
+	$countActive = $resultActive->FieldCount(); 
-
+	
-	$importoldresponsesoutput = "";
+	while ($row = $result->FetchRow())
-    $importoldresponsesoutput .= "<table width='99%' align='center' class='menubar' cellpadding='1' cellspacing='0'>\n"
+	{
-    ."\t<tr><td colspan='2' height='4'><strong>".$clang->gT("Quick Statistics")."</strong></td></tr>\n";
+		$queryCheckColumnsOld = "SELECT * FROM {$row[0]} ";
-    //Get the menubar
+		
-    $importoldresponsesoutput .= browsemenubar();
+		$resultOld = db_execute_num($queryCheckColumnsOld) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
-    $importoldresponsesoutput .= "</table>\n";
+		
-	$importoldresponsesoutput .= "<br /><table align='center' class='outlinetable'>
+		if($countActive== $resultOld->FieldCount())
-		<tr>
+		{
-			<th colspan='2'>".$clang->gT("Import responses from an old (deactivated) survey table into an active survey")."</th>
+			$optionElements .= "\t\t\t<option value='{$row[0]}'>{$row[0]}</option>\n";
-		</tr>
+		}
-		<form method='post'>
+	}
-		<tr>
+
-		 <td align='right'>".$clang->gT("Target Survey ID")."</td>
+    //Get the menubar
-		 <td> $surveyid<input type='hidden' value='$surveyid' name='sid'></td>
+    $importoldresponsesoutput = browsemenubar($clang->gT("Quick Statistics"));
-		</tr>
+	$importoldresponsesoutput .= "<br />
-		<tr>
+		<div class='header'>
-		 <td align='right'>
+			".$clang->gT("Import responses from an deactivated survey table")."
-		  ".$clang->gT("Source table").":
+		</div>
-		 </td>
+        <form id='personalsettings' method='post'>        
-		 <td>
+		<ul>
-		  <select name='oldtable' >
+		 <li><label for='spansurveyid'>".$clang->gT("Target survey ID:")."</label>
-{$optionElements}
+		 <span id='spansurveyid'> $surveyid<input type='hidden' value='$surveyid' name='sid'></span>
-		  </select>
+		</li>
-		 </td>
+        <li>
-		</tr>
+		 <label for='oldtable'>
-		<tr>
+		  ".$clang->gT("Source table:")."
-		 <td colspan='2' align='center'>
+		 </label>
-		  <input type='submit' value='".$clang->gT("Import Responses")."' onclick='return confirm(\"".$clang->gT("Are you sure?","js").")'>&nbsp;
+		  <select name='oldtable' >
- 	 	  <input type='hidden' name='subaction' value='import'>
+          {$optionElements}
-		 </td>
+		  </select>
-		</tr>
+		</li>
-		</form>
+        </ul>
-		</table><br />&nbsp;";
+		  <input type='submit' value='".$clang->gT("Import Responses")."' onclick='return confirm(\"".$clang->gT("Are you sure?","js").")'>&nbsp;
-}
+ 	 	  <input type='hidden' name='subaction' value='import'><br /><br />
-elseif (isset($surveyid) && $surveyid && isset($oldtable))
+			<div class='warningtitle'>".$clang->gT("Warning: You can import all old responses with the same amount of columns as in your active survey. YOU have to make sure, that this responses corresponds to the questions in your active survey.")."</div>
-{
+		</form>
-
+        </div>
-	// options (UI not implemented)
+		<br />";
-
+}
-	$dontimportfields = array(
+elseif (isset($surveyid) && $surveyid && isset($oldtable))
-	'id' //,'otherfield'
+{
-	);
+	/*
-	$presetfields = array( // quote all strings so we can allow NULL
+	 * TODO:
-	//'4X13X951'=>"'Y'"
+	 * - mysql fit machen
-	//'id' => "NULL"
+	 * -- quotes für mysql beachten --> ` 
-	);
+	 * - warnmeldung mehrsprachig
-	$importidrange = false; //array('first'=>3,'last'=>10);
+	 * - testen
-
+	 */
-	$activetable = "{$dbprefix}survey_$surveyid";
+//	if($databasetype=="postgres")
-
+//	{
-	// fields we can import
+		$activetable = "{$dbprefix}survey_$surveyid";
-	$importablefields = array();
+		
-	$query = "SHOW COLUMNS FROM {$activetable}";
+		//Fields we don't want to import
-	$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
+		$dontimportfields = array(
-	while ($row = $result->FetchRow())
+		'id' //,'otherfield'
-	{
+		);
-		if (!in_array($row['Field'],$dontimportfields))
+		
-		{
+		// fields we can import
-			$importablefields[] = $row['Field'];
+		$importablefields = array();
-		}
+		if($databasetype=="postgres")
-	}
+		{
-
+			$query = "SELECT column_name as field FROM information_schema.columns WHERE table_name = '{$activetable}' ";
-	// fields we can supply
+		}
-	$availablefields = array();
+		else
-	$query = "SHOW COLUMNS FROM {$oldtable}";
+		{
-	$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
+			$query = "SHOW COLUMNS FROM {$activetable}";
-	while ($row = $result->FetchRow())
+		}
-	{
+		
-		$availablefields[] = $row['Field'];
+		$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
-	}
+
-	foreach ($presetfields as $field => $value)
+		while ($row = $result->FetchRow())
-	{
+		{
-		if (!in_array($field,$availablefields))
+			if($databasetype=="postgres")
-		{
+			{
-			$availablefields[] = $field;
+				if (!in_array($row['field'],$dontimportfields))
-		}
+				{
-	}
+					$importablefields[] = $row['field'];
-
+				}
-	$fieldstoimport = array_intersect($importablefields,$availablefields);
+			}
-
+			else
-	// data sources for each field (field of oldtable or preset value)
+			{
-	$sourcefields = array();
+			if (!in_array($row['Field'],$dontimportfields))
-	foreach ($fieldstoimport as $field)
+				{
-	{
+					$importablefields[] = $row['Field'];
-		$sourcefields[] = array_key_exists($field,$presetfields)?
+				}
-		$presetfields[$field]
+			}
-		: ($oldtable.'.'.$field);
+		}
-	}
+		foreach ($importablefields as $field => $value)
-
+		{
-	$query = "INSERT INTO {$activetable} (\n\t".join("\t, ",$fieldstoimport)."\n) "
+            $fields2insert[]=($databasetype=="postgres") ? "\"".$value."\"" : "`".$value."`";
-	."SELECT\n\t".join("\t,",$sourcefields)."\n"
+//		    if($databasetype=="postgres") { $fields2insert[] = "\"".$value."\""; }
-	."FROM {$oldtable}";
+		}
-	if (is_array($importidrange))
+		
-	{
+		//fields we can supply //fields in the old database
-		$query .= " WHERE {$oldtable}.id >= {$importidrange['first']} "
+		$availablefields = array();
-		." AND {$oldtable}.id <= {$importidrange['last']}";
+
-	}
+		if($databasetype=="postgres")
-
+		{
-	$result = $connect->Execute($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
+			$query = "SELECT column_name as field FROM information_schema.columns WHERE table_name = '{$oldtable}' ";
-
+		}
-	header("Location: $scriptname?action=browse&sid=$surveyid");
+		else
-}
+		{
-
+			$query = "SHOW COLUMNS FROM {$oldtable}";
-?>
+		}
 		$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
 		while ($row = $result->FetchRow())
 		{
 			if($databasetype=="postgres")
 			{
 				if (!in_array($row['field'],$dontimportfields))
 				{
 					$availablefields[] = $row['field'];
 				}
 			}
 			else
 			{
 				if (!in_array($row['Field'],$dontimportfields))
 				{
 					$availablefields[] = $row['Field'];
 				}
 			}
 		}
 		foreach ($availablefields as $field => $value)
 		{
 			if($databasetype=="postgres")
 			{
 				$fields2import[] = "\"".$value."\"";
 			}
 			else
 			{
 				$fields2import[] = '`'.$value.'`'; 
 			}
 		}
 		$queryOldValues = "SELECT ".implode(", ",$fields2import)." "
 						. "FROM {$oldtable} ";
 		$resultOldValues = db_execute_assoc($queryOldValues) or safe_die("Error:<br />$queryOldValues<br />".$connect->ErrorMsg());
 		while ($row = $resultOldValues->FetchRow())
 		{
 			$values2import = array();
 			foreach($row as $fieldName => $fieldValue)
 			{
 				if( $fieldValue=="")
 				{
 					$values2import[] = "NULL";
 				}
 				else
 				{
 					if(!is_numeric($fieldValue))
 						$values2import[] = "'".db_quote($fieldValue)."'";
 					else
 						$values2import[] = "".$fieldValue."";
 				}
 			}	
 			$insertOldValues = "INSERT INTO {$activetable} ( ".implode(", ",$fields2insert).") "
 							 . "VALUES( ".implode(", ",$values2import)."); ";		 
 			$result = $connect->Execute($insertOldValues) or safe_die("Error:<br />$insertOldValues<br />".$connect->ErrorMsg());
 		}
 //	}
 //	else
 //	{
 //		// options (UI not implemented)
 //	
 //		$dontimportfields = array(
 //		'id' //,'otherfield'
 //		);
 //		$presetfields = array( // quote all strings so we can allow NULL
 //		//'4X13X951'=>"'Y'"
 //		//'id' => "NULL"
 //		);
 //		$importidrange = false; //array('first'=>3,'last'=>10);
 //	
 //		$activetable = "{$dbprefix}survey_$surveyid";
 //	
 //		// fields we can import
 //		$importablefields = array();
 //		$query = "SHOW COLUMNS FROM {$activetable}";
 //		$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
 //		while ($row = $result->FetchRow())
 //		{
 //			if (!in_array($row['Field'],$dontimportfields))
 //			{
 //				$importablefields[] = $row['Field'];
 //			}
 //		}
 //	
 //		// fields we can supply
 //		$availablefields = array();
 //		$query = "SHOW COLUMNS FROM {$oldtable}";
 //		$result = db_execute_assoc($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
 //		while ($row = $result->FetchRow())
 //		{
 //			$availablefields[] = $row['Field'];
 //		}
 //		foreach ($presetfields as $field => $value)
 //		{
 //			if (!in_array($field,$availablefields))
 //			{
 //				$availablefields[] = $field;
 //			}
 //		}
 //	
 //		$fieldstoimport = array_intersect($importablefields,$availablefields);
 //	
 //		// data sources for each field (field of oldtable or preset value)
 //		$sourcefields = array();
 //		foreach ($fieldstoimport as $field)
 //		{
 //			$sourcefields[] = array_key_exists($field,$presetfields)?
 //			$presetfields[$field]
 //			: ($oldtable.'.`'.$field.'`');
 //			$fieldstoimport2[] = '`'.$field.'`'; 
 //		}
 //	
 //		$query = "INSERT INTO {$activetable} (\n\t".join("\t, ",$fieldstoimport2)."\n) "
 //		."SELECT\n\t".join("\t,",$sourcefields)."\n"
 //		."FROM {$oldtable}";
 //		if (is_array($importidrange))
 //		{
 //			$query .= " WHERE {$oldtable}.id >= {$importidrange['first']} "
 //			." AND {$oldtable}.id <= {$importidrange['last']}";
 //		}
 //	
 //		$result = $connect->Execute($query) or safe_die("Error:<br />$query<br />".$connect->ErrorMsg());
 //	}
 	header("Location: $scriptname?action=browse&sid=$surveyid");
 }
 ?>
--- a/include/limesurvey/admin/importquestion.php
+++ b/include/limesurvey/admin/importquestion.php
--- a/include/limesurvey/admin/importsurvey.php
+++ b/include/limesurvey/admin/importsurvey.php
--- a/include/limesurvey/admin/index.html
+++ b/include/limesurvey/admin/index.html
@@ -1,7 +1,7 @@
-<html>
+<html>
-<head>
+<head>
-<meta http-equiv="refresh" content="0; URL=admin.php">
+<meta http-equiv="refresh" content="0; URL=admin.php">
-</head>
+</head>
-<body>
+<body>
-</body>
+</body>
-</html>
+</html>
--- a/include/limesurvey/admin/install/cmd_install.php
+++ b/include/limesurvey/admin/install/cmd_install.php
@@ -0,0 +1,185 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Nicolas Barcet
 * All rights reserved.
 * License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: index.php 4729 2008-05-31 21:32:02Z nijaba $
 */
 $cmd_install=true;
 if (isset($argv[1]) && ($argv[1]=='install'|| $argv[1]=='upgrade') && isset($argv[2]) && isset($argv[3]))    
 {
    require_once($argv[2]);
    require_once($argv[3]);
 }
 else
 {
    require_once(dirname(__FILE__).'/../../config-defaults.php');
    require_once(dirname(__FILE__).'/../../common.php');
 }
 // SET THE LANGUAGE???? -> DEFAULT SET TO EN FOR NOW
 require_once($rootdir.'/classes/core/language.php');
 $clang = new limesurvey_lang("en");
 ob_implicit_flush(true);
 if (isset($argv[1]) && $argv[1]=='install')
 {
 	print("trying to create and populate $databasename on $databaselocation:$databaseport ($databasetype) \n");
 	if (!$database_exists) //Database named in config.php does not exist
 	{
 		if($connect->Execute("CREATE DATABASE $databasename;"))
 		{
 			print("\nDatabase $databasename on $databasetype CREATED \n");
 		}
 		else
 		{
 			print("\nDatabase $databasename on $databasetype COULD NOT BE CREATED \n");
 			print("\n".$connect->ErrorMsg());
 			return 1;
 		}
 	}
 	else
 	{
 		if ($databasetype=='mysql' || $databasetype=='mysqli') {$connect->Execute("ALTER DATABASE `$databasename` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;");} //Set the collation also for manually created DBs
 		print("\nDatabase $databasename on $databasetype EXISTS, not created \n");
 	}
 	// Connect to the database we created a sec ago or to the existing db. 
 	if(!$connect->Connect($databaselocation,$databaseuser,$databasepass,$databasename))
 	{
 		print("\n".$connect->ErrorMsg());
 		return 1;
 	}
 	require_once($homedir."/classes/core/sha256.php");
 	$success = 0;  // Let's be optimistic
    $createdbtype=$databasetype;
    if ($createdbtype=='mssql_n' || $createdbtype=='odbc_mssql' || $createdbtype=='odbtp') $createdbtype='mssql';         	
 	$sqlfile = dirname(__FILE__).'/create-'.$createdbtype.'.sql' ;
 	if (!empty($sqlfile)) {
 		if (!is_readable($sqlfile)) {
 			$success = false;
 			print "\nTried to populate database, but '". $sqlfile ."' doesn't exist!\n";
 			return $success;
 		} else {
 			$lines = file($sqlfile);
 		}
 	} else {
 		$sqlstring = trim($sqlstring);
 		if ($sqlstring{strlen($sqlstring)-1} != ";") {
 			$sqlstring .= ";"; // add it in if it's not there.
 		}
 		$lines[] = $sqlstring;
 	}
 	$command = '';
 	$connect->SetFetchMode(ADODB_FETCH_NUM);
 	foreach ($lines as $line) {
 		$line = rtrim($line);
 		$length = strlen($line);
 		if ($length and $line[0] <> '#' and substr($line,0,2) <> '--') {
 			if (substr($line, $length-1, 1) == ';') {
  				$line = substr($line, 0, $length-1);   // strip ;
 				$command .= $line;
 				$command = str_replace('prefix_', $dbprefix, $command); // Table prefixes
 				$command = str_replace('$defaultuser', $defaultuser, $command); // variables By Moses
 				$command = str_replace('$defaultpass', SHA256::hashing($defaultpass), $command); // variables By Moses
 				$command = str_replace('$siteadminname', $siteadminname, $command);
 				$command = str_replace('$siteadminemail', $siteadminemail, $command); // variables By Moses
 				$command = str_replace('$defaultlang', $defaultlang, $command); // variables By Moses
 				$command = str_replace('$sessionname', 'ls'.getRandomID().getRandomID().getRandomID().getRandomID(), $command); // variables By Moses
 				$command = str_replace('$databasetabletype', $databasetabletype, $command);
 					if(!$connect->Execute($command,false))
 					{
 						print ("\n".$clang->gT("Executing").".....".$command."...".$clang->gT('Failed! Reason:')."\n".$connect->ErrorMsg()."\n\n");
 						$success=1;
 					}
 				$command = '';
 			} else {
 				$command .= $line;
 			}
 		}
 	}
 	$connect->SetFetchMode(ADODB_FETCH_ASSOC);
 	if($success == 0)
 	{
 		print("Database $databasename on $databasetype POPULATED");
 		print("\n\neverything went fine");
 		return $success;
 	}
 	else
 	{
 		print("\n\nSomething is strange");
 		print("\nplease check you Database and Settings");
 		return $success;
 	}
    // if (modify_database(dirname(__FILE__).'\create-'.$databasetype.'.sql'))
    // {
    	// print("\nDatabase $databasename on $databasetype POPULATED \n");
    	// return 0;
    // } else {
    	// print("Could not populate $databasename on $databasetype\n");
    	// return 1;
    // }
 }
 elseif (isset($argv[1]) && $argv[1]=='upgrade')
 {
    $upgradedbtype=$databasetype;
    if ($upgradedbtype=='mssql_n' || $upgradedbtype=='odbc_mssql' || $upgradedbtype=='odbtp') $upgradedbtype='mssql';     
    include ('upgrade-'.$upgradedbtype.'.php');
    $tables = $connect->MetaTables();
    $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='DBVersion'";
    $usresult = db_execute_assoc($usquery);
    $usrow = $usresult->FetchRow();
    if (intval($usrow['stg_value'])<$dbversionnumber)
    {
    	print("Upgrading db to $dbversionnumber\n");
            db_upgrade(intval($usrow['stg_value']));
    } else {
            print("Already at db version $dbversionnumber\n");
    }
    return 0;    
 }
 else 
 {
    print("LimeSurvey Commandline Install\n");     
    print("Usage: cmd_install <option> < <<path1>> <<path2>> >\n");     
    print("<option> - 'install' or 'upgrade' \n");     
    print("<<path1>> - Full path including filename to a custom config-defaults.php\n");     
    print("<<path2>> - Full path including filename to a custom common.php\n");     
    print("Paths are optional. If used both paths must be set.\n");     
    return 2;
 }
 ?>
--- a/include/limesurvey/admin/install/create-odbc_mssql.sql
+++ b/include/limesurvey/admin/install/create-odbc_mssql.sql
@@ -1,4 +1,4 @@
-- phpSurveyor MS SQL Server 2000 database schema
+-- LimeSurvey MS SQL Server 2000 database schema
 -- --------------------------------------------------------
@@ -9,11 +9,21 @@ CREATE TABLE [prefix_quota] (
  [qlimit] int ,
  [action] int ,
  [active] int NOT NULL default '1',
  [autoload_url] int NOT NULL default '0',
  PRIMARY KEY  ([id])
 );
-
+CREATE TABLE [prefix_quota_languagesettings] (
  [quotals_id] int NOT NULL IDENTITY (1,1),
  [quotals_quota_id] int,
  [quotals_language] varchar(45) NOT NULL default 'en',
  [quotals_name] varchar(255),
  [quotals_message] text,
  [quotals_url] varchar(255),
  [quotals_urldescrip] varchar(255),
  PRIMARY KEY ([quotals_id])
 );
 CREATE TABLE [prefix_quota_members] (
@@ -21,7 +31,7 @@ CREATE TABLE [prefix_quota_members] (
  [sid] int ,
  [qid] int ,
  [quota_id] int ,
-  [code] varchar(5) ,
+  [code] varchar(11) ,
  PRIMARY KEY  ([id])
 );
@@ -35,9 +45,10 @@ CREATE TABLE [prefix_quota_members] (
 CREATE TABLE [prefix_answers] (
  [qid] INT NOT NULL default '0',
  [code] VARCHAR(5) NOT NULL default '',
-  [answer] varchar(255) NOT NULL,
+  [answer] varchar(8000) NOT NULL,
  [default_value] char(1) NOT NULL default 'N',
  [sortorder] INT NOT NULL,
  [assessment_value] INT NOT NULL default '0',
  [language] VARCHAR(20) default 'en',
  PRIMARY KEY  ([qid],[code],[language])
 ) 
@@ -58,8 +69,8 @@ CREATE TABLE [prefix_assessments] (
  [minimum] VARCHAR(50) NOT NULL default '',
  [maximum] VARCHAR(50) NOT NULL default '',
  [message] text NOT NULL,
-  [link] text NOT NULL,
+  [language] VARCHAR(20) NOT NULL default 'en',
-  PRIMARY KEY  ([id])
+  PRIMARY KEY  ([id],[language])
 ) 
 ;
@@ -72,6 +83,7 @@ CREATE TABLE [prefix_assessments] (
 CREATE TABLE [prefix_conditions] (
  [cid] INT NOT NULL IDENTITY (1,1),
  [qid] INT NOT NULL default '0',
  [scenario] INT NOT NULL default '1',
  [cqid] INT NOT NULL default '0',
  [cfieldname] VARCHAR(50) NOT NULL default '',
  [method] char(2) NOT NULL default '',
@@ -107,6 +119,7 @@ CREATE TABLE [prefix_labels] (
  [title] VARCHAR(4000),
  [sortorder] INT NOT NULL,
  [language] VARCHAR(20) default 'en',
  [assessment_value] INT NOT NULL default '0',
  PRIMARY KEY  ([lid],[sortorder],[language]),
 ) 
 ;
@@ -139,7 +152,7 @@ CREATE TABLE [prefix_question_attributes] (
  [qaid] INT NOT NULL IDENTITY (1,1),
  [qid] INT NOT NULL default '0',
  [attribute] VARCHAR(50) default NULL,
-  [value] VARCHAR(20) default NULL,
+  [value] TEXT default NULL,
  PRIMARY KEY  ([qaid])
 ) 
 ;
@@ -203,35 +216,38 @@ CREATE TABLE [prefix_surveys] (
  [owner_id] INT NOT NULL,
  [admin] VARCHAR(50) default NULL,
  [active] char(1) NOT NULL default 'N',
  [startdate] DATETIME default NULL,
  [expires] DATETIME default NULL,
  [adminemail] VARCHAR(320) default NULL,
  [private] char(1) default NULL,
  [faxto] VARCHAR(20) default NULL,
  [format] char(1) default NULL,
  [template] VARCHAR(100) default 'default',
  [url] VARCHAR(255) default NULL,
  [language] VARCHAR(50) default NULL,
  [additional_languages] VARCHAR(255) default NULL,
  [datestamp] char(1) default 'N',
  [usecookie] char(1) default 'N',
  [notification] char(1) default '0',
  [allowregister] char(1) default 'N',
  [attribute1] VARCHAR(255) default NULL,
  [attribute2] VARCHAR(255) default NULL,
  [allowsave] char(1) default 'Y',
  [autonumber_start] bigINT default '0',
  [autoredirect] char(1) default 'N',
  [allowprev] char(1) default 'Y',
  [printanswers] char(1) default 'N',
  [ipaddr] char(1) default 'N',
  [useexpiry] char(1) NOT NULL default 'N',
  [refurl] char(1) default 'N',
  [datecreated] DATETIME default NULL,
  [listpublic] char(1) default 'N',
  [publicstatistics] char(1) default 'N',
  [publicgraphs] char(1) default 'N',
  [htmlemail] char(1) default 'N',
  [tokenanswerspersistence] char(1) default 'N',
  [assessments] char(1) default 'N',
  [usecaptcha] char(1) default 'N',
  [usetokens] char(1) default 'N',
  [bounce_email] VARCHAR(320) default NULL,
  [attributedescriptions] text,
  PRIMARY KEY  ([sid])
 ) 
 ;
@@ -249,6 +265,8 @@ CREATE TABLE [prefix_surveys_languagesettings] (
  [surveyls_title] VARCHAR(200) NOT NULL,
  [surveyls_description] TEXT NULL,
  [surveyls_welcometext] TEXT NULL,
  [surveyls_endtext] TEXT NULL,
  [surveyls_url] VARCHAR(255) NULL,
  [surveyls_urldescription] VARCHAR(255) NULL,
  [surveyls_email_invite_subj] VARCHAR(255) NULL,
  [surveyls_email_invite] TEXT NULL,
@@ -258,6 +276,7 @@ CREATE TABLE [prefix_surveys_languagesettings] (
  [surveyls_email_register] TEXT NULL,
  [surveyls_email_confirm_subj] VARCHAR(255) NULL,
  [surveyls_email_confirm] TEXT NULL,
  [surveyls_dateformat] INT NOT NULL DEFAULT 1, 
  PRIMARY KEY ([surveyls_survey_id],[surveyls_language])
 )
 ;
@@ -269,7 +288,7 @@ CREATE TABLE [prefix_surveys_languagesettings] (
 CREATE TABLE [prefix_users] (
  [uid] INT NOT NULL IDENTITY (1,1) PRIMARY KEY,
  [users_name] VARCHAR(64) NOT NULL UNIQUE default '',
-  [password] TEXT NOT NULL default '', 
+  [password] varchar(8000) NOT NULL default '', 
  [full_name] VARCHAR(50) NOT NULL,
  [parent_id] INT NOT NULL, 
  [lang] VARCHAR(20),
@@ -281,9 +300,11 @@ CREATE TABLE [prefix_users] (
  [configurator] TINYINT NOT NULL default '0',
  [manage_template] TINYINT NOT NULL default '0',
  [manage_label] TINYINT NOT NULL default '0',
-  [htmleditormode] char(7) default 'default'
+  [htmleditormode] char(7) default 'default',
-) 
+  [one_time_pw] TEXT,
-;
+  [dateformat] INT NOT NULL DEFAULT 1
 );
 -- 
 -- Table structure for table [surveys_rights]
@@ -352,12 +373,30 @@ CREATE TABLE [prefix_templates] (
 -- Table [settings_global]
 --
-INSERT INTO [prefix_settings_global] VALUES ('DBVersion', '126');
+INSERT INTO [prefix_settings_global] VALUES ('DBVersion', '138');
 INSERT INTO [prefix_settings_global] VALUES ('SessionName', '$sessionname');
 --
-- Table [users]
+-- indexes 
 --
 create index [answers_idx2] on [prefix_answers] ([sortorder]);
 create index [assessments_idx2] on [prefix_assessments] ([sid]);
 create index [assessments_idx3] on [prefix_assessments] ([gid]);
 create index [conditions_idx2] on [prefix_conditions] ([qid]);
 create index [conditions_idx3] on [prefix_conditions] ([cqid]);
 create index [groups_idx2] on [prefix_groups] ([sid]);
 create index [questions_idx2] on [prefix_questions] ([sid]);
 create index [questions_idx3] on [prefix_questions] ([gid]);
 create index [questions_idx4] on [prefix_questions] ([type]);
 create index [question_attributes_idx2] on [prefix_question_attributes] ([qid]);
 create index [quota_idx2] on [prefix_quota] ([sid]);
 create index [saved_control_idx2] on [prefix_saved_control] ([sid]);
 create index [user_in_groups_idx1] on [prefix_user_in_groups] ([ugid], [uid]);
 --
 -- Create the admin user
 --
-INSERT INTO [prefix_users] VALUES ('$defaultuser', '$defaultpass', '$siteadminname', 0, '$defaultlang', '$siteadminemail', 1,1,1,1,1,1,1,'default');
+INSERT INTO [prefix_users] ([users_name], [password], [full_name], [parent_id], [lang] ,[email], [create_survey], [create_user] ,[delete_user] ,[superadmin] ,[configurator] ,[manage_template] , [manage_label]) VALUES ('$defaultuser', '$defaultpass', '$siteadminname', 0, '$defaultlang', '$siteadminemail', 1,1,1,1,1,1,1);
--- a/include/limesurvey/admin/install/create-mysql.sql
+++ b/include/limesurvey/admin/install/create-mysql.sql
@@ -1,17 +1,3 @@
 -- phpMyAdmin SQL Dump
 -- version 2.8.0.2
 -- http://www.phpmyadmin.net
 -- 
 -- Host: localhost
 -- Generation Time: Jul 23, 2006 at 07:56 PM
 -- Server version: 5.0.20
 -- PHP Version: 5.1.4
 -- 
 -- Database: `limesurvey-development`
 -- 
 -- 
 -- Table structure for table `answers`
 -- 
@@ -21,10 +7,11 @@ CREATE TABLE `prefix_answers` (
  `code` varchar(5) NOT NULL default '',
  `answer` text NOT NULL,
  `default_value` char(1) NOT NULL default 'N',
  `assessment_value` int(11) NOT NULL default '0',
  `sortorder` int(11) NOT NULL,
  `language` varchar(20) default 'en',
  PRIMARY KEY  (`qid`,`code`,`language`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -41,9 +28,9 @@ CREATE TABLE `prefix_assessments` (
  `minimum` varchar(50) NOT NULL default '',
  `maximum` varchar(50) NOT NULL default '',
  `message` text NOT NULL,
-  `link` text NOT NULL,
+  `language` varchar(20) NOT NULL default 'en',
-  PRIMARY KEY  (`id`)
+  PRIMARY KEY  (`id`,`language`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -54,12 +41,13 @@ CREATE TABLE `prefix_assessments` (
 CREATE TABLE `prefix_conditions` (
  `cid` int(11) NOT NULL auto_increment,
  `qid` int(11) NOT NULL default '0',
  `scenario` int(11) NOT NULL default '1',
  `cqid` int(11) NOT NULL default '0',
  `cfieldname` varchar(50) NOT NULL default '',
  `method` char(2) NOT NULL default '',
  `value` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`cid`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- 
@@ -74,7 +62,7 @@ CREATE TABLE `prefix_groups` (
  `description` text,
  `language` varchar(20) default 'en',
  PRIMARY KEY  (`gid`,`language`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -87,10 +75,11 @@ CREATE TABLE `prefix_labels` (
  `code` varchar(5) NOT NULL default '',
  `title` text,
  `sortorder` int(11) NOT NULL,
  `assessment_value` int(11) NOT NULL default '0',
  `language` varchar(20) default 'en',
  PRIMARY KEY  (`lid`,`sortorder`,`language`),
  KEY `ixcode` (`code`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -103,7 +92,7 @@ CREATE TABLE `prefix_labelsets` (
  `label_name` varchar(100) NOT NULL default '',
  `languages` varchar(200) default 'en',
  PRIMARY KEY  (`lid`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -115,9 +104,9 @@ CREATE TABLE `prefix_question_attributes` (
  `qaid` int(11) NOT NULL auto_increment,
  `qid` int(11) NOT NULL default '0',
  `attribute` varchar(50) default NULL,
-  `value` varchar(20) default NULL,
+  `value` text default NULL,
  PRIMARY KEY  (`qaid`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -129,10 +118,25 @@ CREATE TABLE `prefix_quota` (
  `qlimit` int(8) default NULL,
  `action` int(2) default NULL,
  `active` int(1) NOT NULL default '1',
  `autoload_url` int(1) NOT NULL default '0',
  PRIMARY KEY  (`id`)
-)  TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+)  ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 --
 -- Table Structure for table quota_languagesettings
 --
 CREATE TABLE `prefix_quota_languagesettings` (
  `quotals_id` int(11) NOT NULL auto_increment,
  `quotals_quota_id` int(11) NOT NULL default '0',
  `quotals_language` varchar(45) NOT NULL default 'en',
  `quotals_name` varchar(255) collate utf8_unicode_ci default NULL,
  `quotals_message` text NOT NULL,
  `quotals_url` varchar(255),
  `quotals_urldescrip` varchar(255),
  PRIMARY KEY (`quotals_id`)
 )  ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
@@ -141,10 +145,10 @@ CREATE TABLE `prefix_quota_members` (
  `sid` int(11) default NULL,
  `qid` int(11) default NULL,
  `quota_id` int(11) default NULL,
-  `code` varchar(5) collate utf8_unicode_ci default NULL,
+  `code` varchar(11) collate utf8_unicode_ci default NULL,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `sid` (`sid`,`qid`,`quota_id`,`code`)
-)   TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+)   ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- 
@@ -167,7 +171,7 @@ CREATE TABLE `prefix_questions` (
  `question_order` int(11) NOT NULL,
  `language` varchar(20) default 'en',
  PRIMARY KEY  (`qid`,`language`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -189,7 +193,7 @@ CREATE TABLE `prefix_saved_control` (
  `saved_date` datetime NOT NULL,
  `refurl` text,
  PRIMARY KEY  (`scid`)
-) TYPE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype AUTO_INCREMENT=1 CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- --------------------------------------------------------
@@ -201,7 +205,7 @@ CREATE TABLE `prefix_settings_global` (
  `stg_name` varchar(50) NOT NULL default '',
  `stg_value` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`stg_name`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- 
@@ -214,36 +218,38 @@ CREATE TABLE `prefix_surveys` (
  `admin` varchar(50) default NULL,
  `active` char(1) NOT NULL default 'N',
  `expires` date default NULL,
  `startdate` date default NULL,
  `adminemail` varchar(320) default NULL,
  `private` char(1) default NULL,
  `faxto` varchar(20) default NULL,
  `format` char(1) default NULL,
  `template` varchar(100) default 'default',
  `url` varchar(255) default NULL,
  `language` varchar(50) default NULL,
  `additional_languages` varchar(255) default NULL,
  `datestamp` char(1) default 'N',
  `usecookie` char(1) default 'N',
  `notification` char(1) default '0',
  `allowregister` char(1) default 'N',
  `attribute1` varchar(255) default NULL,
  `attribute2` varchar(255) default NULL,
  `allowsave` char(1) default 'Y',
  `autonumber_start` bigint(11) default '0',
  `autoredirect` char(1) default 'N',
  `allowprev` char(1) default 'Y',
  `printanswers` char(1) default 'N',
  `ipaddr` char(1) default 'N',
  `useexpiry` char(1) NOT NULL default 'N',
  `refurl` char(1) default 'N',
  `datecreated` date default NULL,
  `publicstatistics` char(1) default 'N',
  `publicgraphs` char(1) default 'N',
  `listpublic` char(1) default 'N',
  `htmlemail` char(1) default 'N',
  `tokenanswerspersistence` char(1) default 'N',
  `assessments` char(1) default 'N', 
  `usecaptcha` char(1) default 'N',
  `usetokens` char(1) default 'N',
  `bounce_email` varchar(320) default NULL,
  `attributedescriptions` text,
  PRIMARY KEY  (`sid`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- 
@@ -258,6 +264,8 @@ CREATE TABLE `prefix_surveys_languagesettings` (
  `surveyls_title` VARCHAR(200) NOT NULL,
  `surveyls_description` TEXT NULL,
  `surveyls_welcometext` TEXT NULL,
  `surveyls_endtext` TEXT NULL,
  `surveyls_url` VARCHAR(255) NULL,
  `surveyls_urldescription` VARCHAR(255) NULL,
  `surveyls_email_invite_subj` VARCHAR(255) NULL,
  `surveyls_email_invite` TEXT NULL,
@@ -267,6 +275,8 @@ CREATE TABLE `prefix_surveys_languagesettings` (
  `surveyls_email_register` TEXT NULL,
  `surveyls_email_confirm_subj` VARCHAR(255) NULL,
  `surveyls_email_confirm` TEXT NULL,
  `surveyls_dateformat` INT UNSIGNED NOT NULL DEFAULT 1, 
  PRIMARY KEY (`surveyls_survey_id`, `surveyls_language`)
 )
 TYPE = $databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
@@ -286,7 +296,7 @@ CREATE TABLE `prefix_surveys_rights` (
 	`delete_survey` tinyint(1) NOT NULL default '0',
 	`activate_survey` tinyint(1) NOT NULL default '0',
 	PRIMARY KEY (sid, uid)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
@@ -295,14 +305,14 @@ CREATE TABLE `prefix_user_groups` (
 	`name` varchar(20) NOT NULL UNIQUE,
 	`description` TEXT NOT NULL,
 	`owner_id` int(10) unsigned NOT NULL
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 CREATE TABLE `prefix_user_in_groups` (
 	`ugid` int(10) unsigned NOT NULL,
 	`uid` int(10) unsigned NOT NULL
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 -- 
 -- Table structure for table `users`
@@ -323,8 +333,11 @@ CREATE TABLE `prefix_users` (
  `configurator` tinyint(1) NOT NULL default '0',
  `manage_template` tinyint(1) NOT NULL default '0',
  `manage_label` tinyint(1) NOT NULL default '0',
-  `htmleditormode` varchar(7) default 'default'
+  `htmleditormode` varchar(7) default 'default',
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+  `one_time_pw` BLOB,
  `dateformat` INT UNSIGNED NOT NULL DEFAULT 1 
 ) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
@@ -334,25 +347,44 @@ CREATE TABLE `prefix_templates_rights` (
  `folder` varchar(255) NOT NULL,
  `use` int(1) NOT NULL,
  PRIMARY KEY  (`uid`,`folder`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 CREATE TABLE `prefix_templates` (
  `folder` varchar(255) NOT NULL,
  `creator` int(11) NOT NULL,
  PRIMARY KEY  (`folder`)
-) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;
 --
 -- Table `settings_global`
 --
-INSERT INTO `prefix_settings_global` VALUES ('DBVersion', '126');
+INSERT INTO `prefix_settings_global` VALUES ('DBVersion', '138');
 INSERT INTO `prefix_settings_global` VALUES ('SessionName', '$sessionname');
 --
 -- Table `users`
 --
-INSERT INTO `prefix_users` VALUES (NULL, '$defaultuser', '$defaultpass', '$siteadminname', 0, '$defaultlang', '$siteadminemail', 1,1,1,1,1,1,1,'default');
+INSERT INTO `prefix_users` (`users_name`, `password`, `full_name`, `parent_id`, `lang` ,`email`, `create_survey`,`create_user` ,`delete_user` ,`superadmin` ,`configurator` ,`manage_template` , `manage_label`) VALUES ('$defaultuser', '$defaultpass', '$siteadminname', 0, '$defaultlang', '$siteadminemail', 1,1,1,1,1,1,1);
 --
 -- indexes 
 --
 create index `answers_idx2` on `prefix_answers` (`sortorder`);
 create index `assessments_idx2` on `prefix_assessments` (`sid`);
 create index `assessments_idx3` on `prefix_assessments` (`gid`);
 create index `conditions_idx2` on `prefix_conditions` (`qid`);
 create index `conditions_idx3` on `prefix_conditions` (`cqid`);
 create index `groups_idx2` on `prefix_groups` (`sid`);
 create index `question_attributes_idx2` on `prefix_question_attributes` (`qid`);
 create index `questions_idx2` on `prefix_questions` (`sid`);
 create index `questions_idx3` on `prefix_questions` (`gid`);
 create index `questions_idx4` on `prefix_questions` (`type`);
 create index `quota_idx2` on `prefix_quota` (`sid`);
 create index `saved_control_idx2` on `prefix_saved_control` (`sid`);
 create index `user_in_groups_idx1` on `prefix_user_in_groups` (`ugid`, `uid`);
--- a/include/limesurvey/admin/install/create-postgres.sql
+++ b/include/limesurvey/admin/install/create-postgres.sql
@@ -22,6 +22,7 @@ CREATE TABLE prefix_answers (
    answer text NOT NULL,
    default_value character(1) DEFAULT 'N'::bpchar NOT NULL,
    sortorder integer NOT NULL,
    assessment_value integer DEFAULT 0 NOT NULL,
    "language" character varying(20) DEFAULT 'en'::character varying NOT NULL
 );
@@ -41,7 +42,7 @@ CREATE TABLE prefix_assessments (
    minimum character varying(50) DEFAULT ''::character varying NOT NULL,
    maximum character varying(50) DEFAULT ''::character varying NOT NULL,
    message text NOT NULL,
-    link text NOT NULL
+    language character(20) DEFAULT 'en'::bpchar NOT NULL
 );
@@ -54,6 +55,7 @@ CREATE TABLE prefix_assessments (
 CREATE TABLE prefix_conditions (
    cid serial,
    qid integer DEFAULT 0 NOT NULL,
    scenario integer DEFAULT 1 NOT NULL,
    cqid integer DEFAULT 0 NOT NULL,
    cfieldname character varying(50) DEFAULT ''::character varying NOT NULL,
    method character(2) DEFAULT ''::bpchar NOT NULL,
@@ -87,6 +89,7 @@ CREATE TABLE prefix_labels (
    code character varying(5) DEFAULT ''::character varying NOT NULL,
    title text,
    sortorder integer NOT NULL,
    assessment_value integer DEFAULT 0 NOT NULL,
    "language" character varying(20) DEFAULT 'en'::character varying NOT NULL
 );
@@ -115,7 +118,7 @@ CREATE TABLE prefix_question_attributes (
    qaid serial NOT NULL,
    qid integer DEFAULT 0 NOT NULL,
    attribute character varying(50),
-    value character varying(20)
+    value text NULL
 );
 -- 
@@ -128,20 +131,33 @@ CREATE TABLE prefix_quota (
  name character varying(255),
  qlimit integer,
  "action" integer,
-  "active" integer NOT NULL default '1'
+  "active" integer NOT NULL default '1',
  autoload_url integer NOT NULL DEFAULT 0
 );
 ALTER TABLE ONLY prefix_quota
    ADD CONSTRAINT prefix_quota_pkey PRIMARY KEY (id);
 CREATE TABLE prefix_quota_languagesettings
 (
  quotals_id serial NOT NULL,
  quotals_quota_id integer NOT NULL DEFAULT 0,
  quotals_language character varying(45) NOT NULL DEFAULT 'en'::character varying,
  quotals_name character varying(200),
  quotals_message text NOT NULL,
  quotals_url character varying(255),
  quotals_urldescrip character varying(255)
 );
 ALTER TABLE ONLY prefix_quota_languagesettings
  ADD CONSTRAINT prefix_quota_languagesettings_pkey PRIMARY KEY (quotals_id);
 CREATE TABLE prefix_quota_members (
  id serial,
  sid integer,
  qid integer,
  quota_id integer,
-  code character varying(5)
+  code character varying(11)
 );
 ALTER TABLE ONLY prefix_quota_members
@@ -213,36 +229,37 @@ CREATE TABLE prefix_surveys (
    owner_id integer NOT NULL,
    "admin" character varying(50),
    active character(1) DEFAULT 'N'::bpchar NOT NULL,
    startdate date,
    expires date,
    adminemail character varying(320) NOT NULL,
    private character(1),
    faxto character varying(20),
    format character(1),
    "template" character varying(100) DEFAULT 'default'::character varying,
    url character varying(255),
    "language" character varying(50),
    additional_languages character varying(255),
    datestamp character(1) DEFAULT 'N'::bpchar,
    usecookie character(1) DEFAULT 'N'::bpchar,
    notification character(1) DEFAULT '0'::bpchar,
    allowregister character(1) DEFAULT 'N'::bpchar,
    attribute1 character varying(255),
    attribute2 character varying(255),
    allowsave character(1) DEFAULT 'Y'::bpchar,
    printanswers character(1) DEFAULT 'N'::bpchar,
    autonumber_start integer DEFAULT 0,
    autoredirect character(1) DEFAULT 'N'::bpchar,
    allowprev character(1) DEFAULT 'Y'::bpchar,
    ipaddr character(1) DEFAULT 'N'::bpchar,
    useexpiry character(1) DEFAULT 'N'::bpchar NOT NULL,
    refurl character(1) DEFAULT 'N'::bpchar,
    datecreated date,
    listpublic character(1) DEFAULT 'N'::bpchar,
    publicstatistics character(1) DEFAULT 'N'::bpchar,
    publicgraphs character(1) DEFAULT 'N'::bpchar,
    htmlemail character(1) DEFAULT 'N'::bpchar,
    tokenanswerspersistence character(1) DEFAULT 'N'::bpchar,
    assessments character(1) DEFAULT 'N'::bpchar,
    usecaptcha character(1) DEFAULT 'N'::bpchar,
-    "bounce_email" character varying(320) NOT NULL
+    usetokens character(1) DEFAULT 'N'::bpchar,
-    
+    "bounce_email" character varying(320) NOT NULL,
    attributedescriptions text
 );
@@ -258,7 +275,9 @@ CREATE TABLE prefix_surveys_languagesettings (
    surveyls_title character varying(200) NOT NULL,
    surveyls_description text,
    surveyls_welcometext text,
    surveyls_url character varying(255),
    surveyls_urldescription character varying(255),
    surveyls_endtext text,
    surveyls_email_invite_subj character varying(255),
    surveyls_email_invite text,
    surveyls_email_remind_subj character varying(255),
@@ -266,7 +285,8 @@ CREATE TABLE prefix_surveys_languagesettings (
    surveyls_email_register_subj character varying(255),
    surveyls_email_register text,
    surveyls_email_confirm_subj character varying(255),
-    surveyls_email_confirm text
+    surveyls_email_confirm text,
    surveyls_dateformat integer DEFAULT 1 NOT NULL
 );
@@ -310,8 +330,8 @@ CREATE TABLE prefix_user_in_groups (
 --
 CREATE TABLE prefix_users (
-    uid serial NOT NULL,
+    uid serial PRIMARY KEY NOT NULL,
-    users_name character varying(64) DEFAULT ''::character varying NOT NULL,
+    users_name character varying(64) DEFAULT ''::character varying UNIQUE NOT NULL,
    "password" bytea NOT NULL,
    full_name character varying(50) NOT NULL,
    parent_id integer NOT NULL,
@@ -324,10 +344,11 @@ CREATE TABLE prefix_users (
    configurator integer DEFAULT 0 NOT NULL,
    manage_template integer DEFAULT 0 NOT NULL,
    manage_label integer DEFAULT 0 NOT NULL,
-    htmleditormode character(7) DEFAULT 'default'::bpchar
+    htmleditormode character(7) DEFAULT 'default'::bpchar,
 	one_time_pw bytea,
    "dateformat" integer DEFAULT 1 NOT NULL
 );
 CREATE TABLE prefix_templates_rights (
  "uid" integer NOT NULL,
  "folder" character varying(255) NOT NULL,
@@ -364,7 +385,7 @@ ALTER TABLE ONLY prefix_answers
 --
 ALTER TABLE ONLY prefix_assessments
-    ADD CONSTRAINT prefix_assessments_pkey PRIMARY KEY (id);
+    ADD CONSTRAINT prefix_assessments_pkey PRIMARY KEY (id,language);
 --
@@ -489,11 +510,29 @@ CREATE INDEX prefix_labels_ixcode_idx ON prefix_labels USING btree (code);
 -- Table `settings_global`
 --
-INSERT INTO prefix_settings_global VALUES ('DBVersion', '126');
+INSERT INTO prefix_settings_global VALUES ('DBVersion', '138');
 INSERT INTO prefix_settings_global VALUES ('SessionName', '$sessionname');
 --
-- Table `users`
+-- indexes 
 --
 create index assessments_idx2 on prefix_assessments (sid);
 create index assessments_idx3 on prefix_assessments (gid);
 create index conditions_idx2 on prefix_conditions (qid);
 create index groups_idx2 on prefix_groups (sid);
 create index question_attributes_idx2 on prefix_question_attributes (qid);
 create index questions_idx2 on prefix_questions (sid);
 create index questions_idx3 on prefix_questions (gid);
 create index quota_idx2 on prefix_quota (sid);
 create index saved_control_idx2 on prefix_saved_control (sid);
 create index user_in_groups_idx1 on prefix_user_in_groups  (ugid, uid);
 --
 -- Create admin user
 --
 INSERT INTO prefix_users(
@@ -502,3 +541,7 @@ INSERT INTO prefix_users(
            manage_template, manage_label,htmleditormode)
            VALUES ('$defaultuser', '$defaultpass', '$siteadminname', 0, '$defaultlang', '$siteadminemail',1,1,1,1,1,1,1,'default');
--- a/include/limesurvey/admin/install/createdb.php
+++ b/include/limesurvey/admin/install/createdb.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
-* $Id: createdb.php 4333 2008-02-25 13:19:12Z c_schmitz $
+* $Id: createdb.php 7053 2009-06-10 10:43:43Z c_schmitz $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -32,8 +32,13 @@ echo "\t<tr bgcolor='#CCCCCC'><td align='center'>$setfont\n";
 // In Step2 fill the database with data
 if (returnglobal('createdbstep2')==$clang->gT("Populate Database"))
 {
-   if ($databasetype=='mysql') {@$connect->Execute("ALTER DATABASE `$dbname` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;");} //Set the collation also for manually created DBs
+   $createdbtype=$databasetype;
-   if (modify_database(dirname(__FILE__).'/create-'.$databasetype.'.sql'))
+   if ($databasetype=='mysql' || $databasetype=='mysqli') {
       @$connect->Execute("ALTER DATABASE `$dbname` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;");
       $createdbtype='mysql';
   }
   if ($createdbtype=='mssql_n' || $createdbtype=='odbc_mssql' || $createdbtype=='odbtp') $createdbtype='mssql';
   if (modify_database(dirname(__FILE__).'/create-'.$createdbtype.'.sql'))
   {
   echo sprintf($clang->gT("Database `%s` has been successfully populated."),$dbname)."</font></strong></font><br /><br />\n";
   echo "<input type='submit' value='".$clang->gT("Main Admin Screen")."' onclick='location.href=\"../$scriptname\"'>";
@@ -62,10 +67,12 @@ if (!$database_exists) //Database named in config-defaults.php does not exist
 	// TODO SQL: Portable to other databases??
 	switch ($databasetype)
 	{
        case 'mysqli':
 		case 'mysql': $createDb=$connect->Execute("CREATE DATABASE `$dbname` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci");
 		break;
 		case 'mssql_n':
 		case 'odbc_mssql':
-		case 'mssql': $createDb=$connect->Execute("CREATE DATABASE [$dbname];");
+		case 'odbtp': $createDb=$connect->Execute("CREATE DATABASE [$dbname];");
 		break;
 		default: $createDb=$connect->Execute("CREATE DATABASE $dbname");
 	}
--- a/include/limesurvey/admin/install/do_db_create.php
+++ b/include/limesurvey/admin/install/do_db_create.php
@@ -1,34 +0,0 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Nicolas Barcet
 * All rights reserved.
 * License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: index.php 4729 2008-05-31 21:32:02Z nijaba $
 */
 require_once(dirname(__FILE__).'/../../config-defaults.php');
 require_once(dirname(__FILE__).'/../../common.php');
 // SET THE LANGUAGE???? -> DEFAULT SET TO EN FOR NOW
 require_once($rootdir.'/classes/core/language.php');
 $clang = new limesurvey_lang("en");
 ob_implicit_flush(true);
 if ($databasetype=='mysql') {@$connect->Execute("ALTER DATABASE `$dbname` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;");} //Set the collation also for manually created DBs
 if (modify_database(dirname(__FILE__).'/create-'.$databasetype.'.sql'))
 {
 	print("Creating $dbname on $databasetype\n");
 	return 0;
 } else {
 	print("Could not create $dbname on $databasetype\n");
 	return 1;
 }
 ?>
--- a/include/limesurvey/admin/install/do_db_upgrade.php
+++ b/include/limesurvey/admin/install/do_db_upgrade.php
@@ -1,41 +0,0 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Nicolas Barcet
 * All rights reserved.
 * License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: index.php 4729 2008-05-31 21:32:02Z nijaba $
 */
 require_once(dirname(__FILE__).'/../../config-defaults.php');
 require_once(dirname(__FILE__).'/../../common.php');
 // SET THE LANGUAGE???? -> DEFAULT SET TO EN FOR NOW
 require_once($rootdir.'/classes/core/language.php');
 $clang = new limesurvey_lang("en");
 ob_implicit_flush(true);
 global $connect, $databasetype, $dbprefix, $dbversionnumber, $clang;
 include ('upgrade-'.$databasetype.'.php');
 $tables = $connect->MetaTables();
 $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='DBVersion'";
 $usresult = db_execute_assoc($usquery);
 $usrow = $usresult->FetchRow();
 if (intval($usrow['stg_value'])<$dbversionnumber)
 {
 	print("Upgrading db to $dbversionnumber\n");
        db_upgrade(intval($usrow['stg_value']));
 } else {
        print("Already at db version $dbversionnumber\n");
 }
 return 0;
 ?>
--- a/include/limesurvey/admin/install/index.php
+++ b/include/limesurvey/admin/install/index.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
-* $Id: index.php 4346 2008-02-25 21:32:02Z c_schmitz $
+* $Id: index.php 6952 2009-05-27 09:40:07Z c_schmitz $
 */
@@ -60,7 +60,7 @@ else
    $connect->database = $databasename;
    $connect->Execute("USE DATABASE `$databasename`");
 	$output=checkforupgrades();
-    if (!isset($ouput)) {$adminoutput.='<br />LimeSurvey Database is up to date. No action needed';}
+    if ($output== '') {$adminoutput.='<br />LimeSurvey Database is up to date. No action needed';}
      else {$adminoutput.=$output;}
    $adminoutput.="<br />Please <a href='$homeurl/$scriptname'>log in.</a>";
@@ -73,7 +73,10 @@ function checkforupgrades()
 {
    global $connect, $databasetype, $dbprefix, $dbversionnumber, $clang;
    $adminoutput='';
-    include ('upgrade-'.$databasetype.'.php');
+    $upgradedbtype=$databasetype;
    if ($upgradedbtype=='mssql_n' || $upgradedbtype=='odbc_mssql' || $upgradedbtype=='odbtp') $upgradedbtype='mssql';         
    if ($upgradedbtype=='mysqli') $upgradedbtype='mysql';         
    include ('upgrade-'.$upgradedbtype.'.php');
    $tables = $connect->MetaTables();
    $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='DBVersion'";
--- a/include/limesurvey/admin/install/resetadminpw.php
+++ b/include/limesurvey/admin/install/resetadminpw.php
@@ -22,14 +22,17 @@ sendcacheheaders();
 switch ($databasetype) 
 {
-case 'mysql': modify_database("",'UPDATE `prefix_users` set password=\'$defaultpass\' where uid=1;'); 
+    case 'mysqli':
-		 echo $modifyoutput; flush();
+    case 'mysql' : modify_database("",'UPDATE `prefix_users` set password=\'$defaultpass\' where uid=1;'); 
-		 break;
+                echo $modifyoutput; flush();
-case 'odbc_mssql':modify_database("",'UPDATE [prefix_users] set password=\'$defaultpass\' where uid=1;'); 
+                break;
-		 echo $modifyoutput; flush();
+    case 'odbtp':
-		 break;
+    case 'mssql_n':         
-case 'postgres':modify_database("",'UPDATE prefix_users set \"password\"=\'$defaultpass\' where uid=1;'); 
+    case 'odbc_mssql':modify_database("",'UPDATE [prefix_users] set password=\'$defaultpass\' where uid=1;'); 
-		 echo $modifyoutput; flush();
+		     echo $modifyoutput; flush();
-		 break;
+		     break;
    case 'postgres':modify_database("",'UPDATE prefix_users set \"password\"=\'$defaultpass\' where uid=1;'); 
 		     echo $modifyoutput; flush();
 		     break;
 }
 ?>
--- a/include/limesurvey/admin/install/upgrade-mssql.php
+++ b/include/limesurvey/admin/install/upgrade-mssql.php
@@ -0,0 +1,445 @@
 <?PHP
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: upgrade-mssql.php 7122 2009-06-16 13:42:29Z c_schmitz $
 */
 // There will be a file for each database (accordingly named to the dbADO scheme)
 // where based on the current database version the database is upgraded
 // For this there will be a settings table which holds the last time the database was upgraded
 function db_upgrade($oldversion) {
 /// This function does anything necessary to upgrade 
 /// older versions to match current functionality
 global $modifyoutput, $dbprefix;
 echo str_pad('Loading... ',4096)."<br />\n";
    if ($oldversion < 111) {
      // Language upgrades from version 110 to 111 since the language names did change
       $oldnewlanguages=array('german_informal'=>'german-informal',
                              'cns'=>'cn-Hans',
                              'cnt'=>'cn-Hant',
                              'pt_br'=>'pt-BR',
                              'gr'=>'el',
                              'jp'=>'ja',
                              'si'=>'sl',
                              'se'=>'sv',
                              'vn'=>'vi');
        foreach  ($oldnewlanguages as $oldlang=>$newlang)
        {
            modify_database("","update [prefix_answers] set [language`='$newlang' where language='$oldlang'");  echo $modifyoutput;      flush();
            modify_database("","update [prefix_questions] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_groups] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_labels] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys_languagesettings] set [surveyls_language`='$newlang' where surveyls_language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_users] set [lang`='$newlang' where lang='$oldlang'");echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("labelsets"));
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['languages'];
           $toreplace=str_replace('german_informal','german-informal',$toreplace);
           $toreplace=str_replace('cns','cn-Hans',$toreplace);
           $toreplace=str_replace('cnt','cn-Hant',$toreplace);
           $toreplace=str_replace('pt_br','pt-BR',$toreplace);
           $toreplace=str_replace('gr','el',$toreplace);
           $toreplace=str_replace('jp','ja',$toreplace);
           $toreplace=str_replace('si','sl',$toreplace);
           $toreplace=str_replace('se','sv',$toreplace);
           $toreplace=str_replace('vn','vi',$toreplace);
           modify_database("","update [prefix_labelsets] set [languages`='$toreplace' where lid=".$datarow['lid']);echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("surveys"));                 
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['additional_languages'];
           $toreplace=str_replace('german_informal','german-informal',$toreplace);
           $toreplace=str_replace('cns','cn-Hans',$toreplace);
           $toreplace=str_replace('cnt','cn-Hant',$toreplace);
           $toreplace=str_replace('pt_br','pt-BR',$toreplace);
           $toreplace=str_replace('gr','el',$toreplace);
           $toreplace=str_replace('jp','ja',$toreplace);
           $toreplace=str_replace('si','sl',$toreplace);
           $toreplace=str_replace('se','sv',$toreplace);
           $toreplace=str_replace('vn','vi',$toreplace);
           modify_database("","update [prefix_surveys] set [additional_languages`='$toreplace' where sid=".$datarow['sid']);echo $modifyoutput;flush();
        }
        modify_database("","update [prefix_settings_global] set [stg_value]='111' where stg_name='DBVersion'"); echo $modifyoutput;
    }
    if ($oldversion < 112) {
        //The size of the users_name field is now 64 char (20 char before version 112)
        modify_database("","ALTER TABLE [prefix_users] ALTER COLUMN [users_name] VARCHAR( 64 ) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='112' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 113) {
 	//No action needed
        modify_database("","update [prefix_settings_global] set [stg_value]='113' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 114) {
        modify_database("","ALTER TABLE [prefix_saved_control] ALTER COLUMN [email] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ALTER COLUMN [adminemail] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_users] ALTER COLUMN [email] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("",'INSERT INTO [prefix_settings_global] VALUES (\'SessionName\', \'$sessionname\');');echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='114' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 126) {
        modify_database("","ALTER TABLE [prefix_surveys] ADD  [printanswers] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD  [listpublic] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        upgrade_survey_tables117();
        upgrade_survey_tables118();
        //119
        modify_database("","CREATE TABLE [prefix_quota] (
 						  [id] int NOT NULL IDENTITY (1,1),
 						  [sid] int,
 						  [name] varchar(255) ,
 						  [qlimit] int ,
 						  [action] int ,
 						  [active] int NOT NULL default '1',
 						  PRIMARY KEY  ([id])
 						);");echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_quota_members] (
 						  [id] int NOT NULL IDENTITY (1,1),
 						  [sid] int ,
 						  [qid] int ,
 						  [quota_id] int ,
 						  [code] varchar(5) ,
 						  PRIMARY KEY  ([id])
 						);");echo $modifyoutput; flush();
       // Rename Norwegian language code from NO to NB
       $oldnewlanguages=array('no'=>'nb');
        foreach  ($oldnewlanguages as $oldlang=>$newlang)
        {
            modify_database("","update [prefix_answers] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_questions] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_groups] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_labels] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys_languagesettings] set [surveyls_language]='$newlang' where surveyls_language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_users] set [lang]='$newlang' where lang='$oldlang'");echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("labelsets"));
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['languages'];
           $toreplace2=str_replace('no','nb',$toreplace);
           if ($toreplace2!=$toreplace) {modify_database("","update  [prefix_labelsets] set [languages]='$toreplace' where lid=".$datarow['lid']);echo $modifyoutput;flush();}
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("surveys"));                 
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['additional_languages'];
           $toreplace2=str_replace('no','nb',$toreplace);
           if ($toreplace2!=$toreplace) {modify_database("","update [prefix_surveys] set [additional_languages]='$toreplace' where sid=".$datarow['sid']);echo $modifyoutput;flush();}
        }	
        modify_database("","ALTER TABLE [prefix_surveys] ADD [htmlemail] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD [usecaptcha] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD [tokenanswerspersistence] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_users] ADD [htmleditormode] CHAR(7) DEFAULT 'default'"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_templates_rights] (
 						  [uid] int NOT NULL,
 						  [folder] varchar(255) NOT NULL,
 						  [use] int NOT NULL,
 						  PRIMARY KEY  ([uid],[folder])
 						  );");echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_templates] (
 						  [folder] varchar(255) NOT NULL,
 						  [creator] int NOT NULL,
 						  PRIMARY KEY  ([folder])
 						  );");echo $modifyoutput; flush();        
 	    //123
        modify_database("","ALTER TABLE [prefix_conditions] ALTER COLUMN [value] VARCHAR(255)"); echo $modifyoutput; flush();
        // There is no other way to remove the previous default value
        /*modify_database("","DECLARE @STR VARCHAR(100)
 									SET @STR = (
 									SELECT NAME
 									FROM SYSOBJECTS SO
 									JOIN SYSCONSTRAINTS SC ON SO.ID = SC.CONSTID
 									WHERE OBJECT_NAME(SO.PARENT_OBJ) = 'lime_labels'
 									AND SO.XTYPE = 'D' AND SC.COLID =
 									(SELECT COLID FROM SYSCOLUMNS WHERE ID = OBJECT_ID('lime_labels') AND NAME = 'title'))
 									SET @STR = 'ALTER TABLE lime_labels DROP CONSTRAINT ' + @STR 
 	 								exec (@STR);"); echo $modifyoutput; flush();     */
        modify_database("","ALTER TABLE [prefix_labels] ALTER COLUMN [title] varchar(4000)"); echo $modifyoutput; flush();
        //124
        modify_database("","ALTER TABLE [prefix_surveys] ADD [bounce_email] text"); echo $modifyoutput; flush();
        //125
        upgrade_token_tables125();
        modify_database("","EXEC sp_rename 'prefix_users.move_user','superadmin'"); echo $modifyoutput; flush();
        modify_database("","UPDATE [prefix_users] SET [superadmin]=1 where ([create_survey]=1 AND [create_user]=1 AND [delete_user]=1 AND [configurator]=1)"); echo $modifyoutput; flush();
        //126
        modify_database("","ALTER TABLE [prefix_questions] ADD [lid1] int NOT NULL DEFAULT '0'"); echo $modifyoutput; flush();
 	    modify_database("","UPDATE [prefix_conditions] SET [method]='==' where ( [method] is null) or [method]='' or [method]='0'"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='126' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
 	if ($oldversion < 127) {
        modify_database("","create index [answers_idx2] on [prefix_answers] ([sortorder])"); echo $modifyoutput; 
        modify_database("","create index [assessments_idx2] on [prefix_assessments] ([sid])"); echo $modifyoutput; 
        modify_database("","create index [assessments_idx3] on [prefix_assessments] ([gid])"); echo $modifyoutput; 
        modify_database("","create index [conditions_idx2] on [prefix_conditions] ([qid])"); echo $modifyoutput; 
        modify_database("","create index [conditions_idx3] on [prefix_conditions] ([cqid])"); echo $modifyoutput; 
        modify_database("","create index [groups_idx2] on [prefix_groups] ([sid])"); echo $modifyoutput; 
        modify_database("","create index [question_attributes_idx2] on [prefix_question_attributes] ([qid])"); echo $modifyoutput; 
        modify_database("","create index [questions_idx2] on [prefix_questions] ([sid])"); echo $modifyoutput; 
        modify_database("","create index [questions_idx3] on [prefix_questions] ([gid])"); echo $modifyoutput; 
        modify_database("","create index [questions_idx4] on [prefix_questions] ([type])"); echo $modifyoutput; 
        modify_database("","create index [quota_idx2] on [prefix_quota] ([sid])"); echo $modifyoutput; 
        modify_database("","create index [saved_control_idx2] on [prefix_saved_control] ([sid])"); echo $modifyoutput; 
        modify_database("","create index [user_in_groups_idx1] on [prefix_user_in_groups] ([ugid], [uid])"); echo $modifyoutput; 
        modify_database("","update [prefix_settings_global] set [stg_value]='127' where stg_name='DBVersion'"); echo $modifyoutput; flush();
 }
 	if ($oldversion < 128) {
 		upgrade_token_tables128();
        modify_database("","update [prefix_settings_global] set [stg_value]='128' where stg_name='DBVersion'"); echo $modifyoutput; flush();
 	}
 	if ($oldversion < 129) {
 		//128
        modify_database("","ALTER TABLE [prefix_surveys] ADD [startdate] DATETIME"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD [usestartdate] char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='129' where stg_name='DBVersion'"); echo $modifyoutput; flush();
 	}
 	if ($oldversion < 130)
 	{
 		modify_database("","ALTER TABLE [prefix_conditions] ADD [scenario] int NOT NULL DEFAULT '1'"); echo $modifyoutput; flush();
 		modify_database("","UPDATE [prefix_conditions] SET [scenario]=1 where ( [scenario] is null) or [scenario]='' or [scenario]=0"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='130' where stg_name='DBVersion'"); echo $modifyoutput; flush();
 	}
    if ($oldversion < 131)
    {
        modify_database("","ALTER TABLE [prefix_surveys] ADD [publicstatistics] char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='131' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }    
    if ($oldversion < 132)
    {
        modify_database("","ALTER TABLE [prefix_surveys] ADD [publicgraphs] char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='132' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }    
    if ($oldversion < 133)
 	{
        modify_database("","ALTER TABLE [prefix_users] ADD [one_time_pw] text"); echo $modifyoutput; flush();
        // Add new assessment setting
        modify_database("","ALTER TABLE [prefix_surveys] ADD [assessments] char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        // add new assessment value fields to answers & labels
        modify_database("","ALTER TABLE [prefix_answers] ADD [assessment_value] int NOT NULL default '0'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_labels] ADD [assessment_value] int NOT NULL default '0'"); echo $modifyoutput; flush();
        // copy any valid codes from code field to assessment field
        modify_database("","update [prefix_answers] set [assessment_value]=CAST([code] as int)");// no output here is intended
        modify_database("","update [prefix_labels] set [assessment_value]=CAST([code] as int)");// no output here is intended
        // activate assessment where assesment rules exist
        modify_database("","update [prefix_surveys] set [assessments]='Y' where [sid] in (SELECT [sid] FROM [prefix_assessments] group by [sid])"); echo $modifyoutput; flush();
        // add language field to assessment table
        modify_database("","ALTER TABLE [prefix_assessments] ADD [language] varchar(20) NOT NULL default 'en'"); echo $modifyoutput; flush();
        // update language field with default language of that particular survey
        modify_database("","update [prefix_assessments] set [language]=(select [language] from [prefix_surveys] where [sid]=[prefix_assessments].[sid])"); echo $modifyoutput; flush();
        // copy assessment link to message since from now on we will have HTML assignment messages
        modify_database("","update [prefix_assessments] set [message]=cast([message] as varchar) +'<br /><a href=\"'+[link]+'\">'+[link]+'</a>'"); echo $modifyoutput; flush();
        // drop the old link field
         modify_database("","ALTER TABLE [prefix_assessments] DROP COLUMN [link]"); echo $modifyoutput; flush();
        // change the primary index to include language
        // and fix missing translations for assessments
        upgrade_survey_tables133a();
        // Add new fields to survey language settings
        modify_database("","ALTER TABLE [prefix_surveys_languagesettings] ADD [surveyls_url] varchar(255)"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys_languagesettings] ADD [surveyls_endtext] text"); echo $modifyoutput; flush();
        // copy old URL fields ot language specific entries
        modify_database("","update [prefix_surveys_languagesettings] set [surveyls_url]=(select [url] from [prefix_surveys] where [sid]=[prefix_surveys_languagesettings].[surveyls_survey_id])"); echo $modifyoutput; flush();
        // drop old URL field 
        mssql_drop_constraint('url','surveys');
        modify_database("","ALTER TABLE [prefix_surveys] DROP COLUMN [url]"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='133' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }   
    if ($oldversion < 134)
    {
        // Add new assessment setting
        modify_database("","ALTER TABLE [prefix_surveys] ADD [usetokens] char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        mssql_drop_constraint('attribute1','surveys');        
        mssql_drop_constraint('attribute2','surveys');        
        modify_database("", "ALTER TABLE [prefix_surveys] ADD [attributedescriptions] TEXT;"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] DROP COLUMN [attribute1]"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] DROP COLUMN [attribute2]"); echo $modifyoutput; flush();
        upgrade_token_tables134();
        modify_database("","update [prefix_settings_global] set [stg_value]='134' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }   
     if ($oldversion < 135)
    {
        mssql_drop_constraint('value','question_attributes');        
        modify_database("","ALTER TABLE [prefix_question_attributes] ALTER COLUMN [value] text"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_answers] ALTER COLUMN [answer] varchar(8000)"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='135' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
    if ($oldversion < 136) //New quota functions
    {
 	    modify_database("", "ALTER TABLE[prefix_quota] ADD [autoload_url] int NOT NULL default '0'"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_quota_languagesettings] (
  							[quotals_id] int NOT NULL IDENTITY (1,1),
 							[quotals_quota_id] int,
  							[quotals_language] varchar(45) NOT NULL default 'en',
  							[quotals_name] varchar(255),
  							[quotals_message] text,
  							[quotals_url] varchar(255),
  							[quotals_urldescrip] varchar(255),
  							PRIMARY KEY ([quotals_id])
 							);");echo $modifyoutput; flush(); 
        modify_database("","update [prefix_settings_global] set [stg_value]='136' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    if ($oldversion < 137) //New date format specs
    {
 	    modify_database("", "ALTER TABLE [prefix_surveys_languagesettings] ADD [surveyls_dateformat] int NOT NULL default '1'"); echo $modifyoutput; flush();
        modify_database("", "ALTER TABLE [prefix_users] ADD [dateformat] int NOT NULL default '1'"); echo $modifyoutput; flush();
        modify_database("", "update [prefix_surveys] set startdate=null where usestartdate='N'"); echo $modifyoutput; flush();
        modify_database("", "update [prefix_surveys] set expires=null where useexpiry='N'"); echo $modifyoutput; flush();
        mssql_drop_constraint('usestartdate','surveys');        
        mssql_drop_constraint('useexpiry','surveys');        
        modify_database("", "ALTER TABLE [prefix_surveys] DROP COLUMN usestartdate"); echo $modifyoutput; flush();
        modify_database("", "ALTER TABLE [prefix_surveys] DROP COLUMN useexpiry"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='137' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 138) //Modify quota field
 	{
 	    modify_database("", "ALTER TABLE [prefix_quota_members] ALTER COLUMN [code] VARCHAR(11) NULL"); echo $modifyoutput; flush();
        modify_database("", "UPDATE [prefix_settings_global] SET [stg_value]='138' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    return true;
 }
 function upgrade_survey_tables117()
 {
    global $modifyoutput;
    $surveyidquery = "SELECT sid FROM ".db_table_name('surveys')." WHERE active='Y' and datestamp='Y'";
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
        {
        while ( $sv = $surveyidresult->FetchRow() )
            {
            modify_database("","ALTER TABLE ".db_table_name('survey_'.$sv[0])." ADD [startdate] datetime"); echo $modifyoutput; flush();
            }
        }
 }
 function upgrade_survey_tables118()
 {
  	global $connect,$modifyoutput,$dbprefix;
  	$tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ALTER COLUMN [token] VARCHAR(36)"); echo $modifyoutput; flush();
            }
 }
 function upgrade_token_tables125()
 {
  	global $connect,$modifyoutput,$dbprefix;
  	$tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ADD [emailstatus] VARCHAR(300) DEFAULT 'OK'"); echo $modifyoutput; flush();
            }
 }
 function upgrade_token_tables128()
 {
  	global $connect,$modifyoutput,$dbprefix;
  	$tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ADD [remindersent] VARCHAR(17) DEFAULT 'OK'"); echo $modifyoutput; flush();
            modify_database("","ALTER TABLE ".$sv." ADD [remindercount] int DEFAULT '0'"); echo $modifyoutput; flush();
            }
 }
 function upgrade_survey_tables133a()
 {
    global $dbprefix, $connect, $modifyoutput;
    // find out the constraint name of the old primary key
    $pkquery = " SELECT CONSTRAINT_NAME "
              ."FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS "
              ."WHERE     (TABLE_NAME = '{$dbprefix}assessments') AND (CONSTRAINT_TYPE = 'PRIMARY KEY')";
    $primarykey=$connect->GetRow($pkquery);
    if ($primarykey!=false) 
    {
        modify_database("","ALTER TABLE [prefix_assessments] DROP CONSTRAINT {$primarykey[0]}"); echo $modifyoutput; flush();    
    }
    // add the new primary key
    modify_database("","ALTER TABLE [prefix_assessments] ADD CONSTRAINT pk_assessments_id_lang PRIMARY KEY ([id],[language])"); echo $modifyoutput; flush();    
    $surveyidquery = "SELECT sid,additional_languages FROM ".db_table_name('surveys');
    $surveyidresult = db_execute_num($surveyidquery);
    while ( $sv = $surveyidresult->FetchRow() )
    {
        FixLanguageConsistency($sv[0],$sv[1]);   
    }
 }
 function upgrade_token_tables134()
 {
      global $connect,$modifyoutput,$dbprefix;
      $tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ADD [validfrom] DATETIME"); echo $modifyoutput; flush();
            modify_database("","ALTER TABLE ".$sv." ADD [validuntil] DATETIME"); echo $modifyoutput; flush();
            }
 }
 function mssql_drop_constraint($fieldname, $tablename)
 {
    global $dbprefix, $connect, $modifyoutput;
    // find out the name of the default constraint
    // Did I already mention that this is the most suckiest thing I have ever seen in MSSQL database?
    // It proves how badly designer some Microsoft software is!
    $dfquery ="SELECT c_obj.name AS constraint_name 
                FROM  sys.sysobjects AS c_obj INNER JOIN
                      sys.sysobjects AS t_obj ON c_obj.parent_obj = t_obj.id INNER JOIN
                      sys.sysconstraints AS con ON c_obj.id = con.constid INNER JOIN
                      sys.syscolumns AS col ON t_obj.id = col.id AND con.colid = col.colid
                WHERE (c_obj.xtype = 'D') AND (col.name = '$fieldname') AND (t_obj.name='$dbprefix$tablename')";
    $defaultname=$connect->GetRow($dfquery);
    if ($defaultname!=false) 
    {
        modify_database("","ALTER TABLE [prefix_$tablename] DROP CONSTRAINT {$defaultname[0]}"); echo $modifyoutput; flush();    
    }
 }
 ?>
--- a/include/limesurvey/admin/install/upgrade-mysql.php
+++ b/include/limesurvey/admin/install/upgrade-mysql.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
-* $Id: upgrade-mysql.php 4467 2008-03-16 21:19:53Z c_schmitz $
+* $Id: upgrade-mysql.php 7108 2009-06-15 05:43:21Z jcleeland $
 */
 // There will be a file for each database (accordingly named to the dbADO scheme)
@@ -115,12 +115,12 @@ echo str_pad('Loading... ',4096)."<br />\n";
        modify_database("","CREATE TABLE `prefix_quota` (
 				            `id` int(11) NOT NULL auto_increment,
  							`sid` int(11) default NULL,
  							`name` varchar(255) collate utf8_unicode_ci default NULL,
  							`qlimit` int(8) default NULL,
  							`name` varchar(255) collate utf8_unicode_ci default NULL,
  							`action` int(2) default NULL,
  							`active` int(1) NOT NULL default '1',
  							PRIMARY KEY  (`id`)
-							)  TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
+							)  ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE `prefix_quota_members` (
   		 				   `id` int(11) NOT NULL auto_increment,
 						   `sid` int(11) default NULL,
@@ -129,7 +129,7 @@ echo str_pad('Loading... ',4096)."<br />\n";
  						   `code` varchar(5) collate utf8_unicode_ci default NULL,
  						   PRIMARY KEY  (`id`),
  						   UNIQUE KEY `sid` (`sid`,`qid`,`quota_id`,`code`)
-						   )   TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
+						   )   ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
       // Rename Norwegian language code from NO to NB
       $oldnewlanguages=array('no'=>'nb');
@@ -169,12 +169,12 @@ echo str_pad('Loading... ',4096)."<br />\n";
 						   `folder` varchar(255) NOT NULL,
 						   `use` int(1) NOT NULL,
 						   PRIMARY KEY  (`uid`,`folder`)
-						   ) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
+						   ) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE `prefix_templates` (
 						   `folder` varchar(255) NOT NULL,
 						   `creator` int(11) NOT NULL,
 						   PRIMARY KEY  (`folder`)
-						   ) TYPE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
+						   ) ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
        //123
        modify_database("","ALTER TABLE `prefix_conditions` CHANGE `value` `value` VARCHAR(255) NOT NULL default ''"); echo $modifyoutput; flush();
@@ -188,16 +188,140 @@ echo str_pad('Loading... ',4096)."<br />\n";
        modify_database("","ALTER TABLE `prefix_users` DROP COLUMN `move_user`"); echo $modifyoutput; flush();
 		//126
        modify_database("","ALTER TABLE `prefix_questions` ADD `lid1` integer NOT NULL default '0'"); echo $modifyoutput; flush();
-        modify_database("","UPDATE `prefix_conditions` SET `method`='==' where (`method` is null) or `method`=''"); echo $modifyoutput; flush();
+        modify_database("","UPDATE `prefix_conditions` SET `method`='==' where (`method` is null) or `method`='' or `method`='0'"); echo $modifyoutput; flush();
 		modify_database("","update `prefix_settings_global` set `stg_value`='126' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
 	if ($oldversion < 127) {
        modify_database("","create index `assessments_idx2` on `prefix_assessments` (`sid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `assessments_idx3` on `prefix_assessments` (`gid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `conditions_idx2` on `prefix_conditions` (`qid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `groups_idx2` on `prefix_groups` (`sid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `questions_idx2` on `prefix_questions` (`sid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `questions_idx3` on `prefix_questions` (`gid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `question_attributes_idx2` on `prefix_question_attributes` (`qid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `quota_idx2` on `prefix_quota` (`sid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `saved_control_idx2` on `prefix_saved_control` (`sid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `user_in_groups_idx1` on `prefix_user_in_groups`  (`ugid`, `uid`)"); echo $modifyoutput;  flush();
        modify_database("","create index `answers_idx2` on `prefix_answers` (`sortorder`)"); echo $modifyoutput; flush();
        modify_database("","create index `conditions_idx3` on `prefix_conditions` (`cqid`)"); echo $modifyoutput; flush();
        modify_database("","create index `questions_idx4` on `prefix_questions` (`type`)"); echo $modifyoutput; flush();
        modify_database("","update `prefix_settings_global` set `stg_value`='127' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 128) {
 		//128
 		upgrade_token_tables128();
 	    modify_database("","update `prefix_settings_global` set `stg_value`='128' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 129) {
 		//129
        modify_database("","ALTER TABLE `prefix_surveys` ADD `startdate` DATETIME"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_surveys` ADD `usestartdate` varchar(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
 	    modify_database("","update `prefix_settings_global` set `stg_value`='129' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 130)
 	{
 		modify_database("","ALTER TABLE `prefix_conditions` ADD `scenario` integer NOT NULL default '1' AFTER `qid`"); echo $modifyoutput; flush();
 		modify_database("","UPDATE `prefix_conditions` SET `scenario`=1 where (`scenario` is null) or `scenario`='' or `scenario`=0"); echo $modifyoutput; flush();
 	    	modify_database("","update `prefix_settings_global` set `stg_value`='130' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 131)
 	{
        modify_database("","ALTER TABLE `prefix_surveys` ADD `publicstatistics` varchar(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
    	modify_database("","update `prefix_settings_global` set `stg_value`='131' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 132)
 	{
        modify_database("","ALTER TABLE `prefix_surveys` ADD `publicgraphs` varchar(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
    	modify_database("","update `prefix_settings_global` set `stg_value`='132' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 133)
 	{
        modify_database("","ALTER TABLE `prefix_users` ADD `one_time_pw` blob"); echo $modifyoutput; flush();
        // Add new assessment setting
        modify_database("","ALTER TABLE `prefix_surveys` ADD `assessments` varchar(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        // add new assessment value fields to answers & labels
        modify_database("","ALTER TABLE `prefix_answers` ADD `assessment_value` int(11) NOT NULL default '0'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_labels` ADD `assessment_value` int(11) NOT NULL default '0'"); echo $modifyoutput; flush();
        // copy any valid codes from code field to assessment field
        modify_database("","update `prefix_answers` set `assessment_value`=CAST(`code` as SIGNED) where `code` REGEXP '^-?[0-9]+$'");echo $modifyoutput; flush();
        modify_database("","update `prefix_labels` set `assessment_value`=CAST(`code` as SIGNED) where `code` REGEXP '^-?[0-9]+$'");echo $modifyoutput; flush();
        // activate assessment where assesment rules exist
        modify_database("","update `prefix_surveys` set `assessments`='Y' where `sid` in (SELECT `sid` FROM `prefix_assessments` group by `sid`)"); echo $modifyoutput; flush();
        // add language field to assessment table
        modify_database("","ALTER TABLE `prefix_assessments` ADD `language` varchar(20) NOT NULL default 'en'"); echo $modifyoutput; flush();
        // update language field with default language of that particular survey
        modify_database("","update `prefix_assessments` set `language`=(select `language` from `prefix_surveys` where `sid`=`prefix_assessments`.`sid`)"); echo $modifyoutput; flush();
        // copy assessment link to message since from now on we will have HTML assignment messages
        modify_database("","update `prefix_assessments` set `message`=concat(replace(`message`,'/''',''''),'<br /><a href=\"',`link`,'\">',`link`,'</a>')"); echo $modifyoutput; flush();
        // drop the old link field
        modify_database("","ALTER TABLE `prefix_assessments` DROP COLUMN `link`"); echo $modifyoutput; flush();
        // change the primary index to include language
        modify_database("","ALTER TABLE `prefix_assessments` DROP PRIMARY KEY, ADD PRIMARY KEY  USING BTREE(`id`, `language`)"); echo $modifyoutput; flush();
        //finally fix missing translations for assessments
        upgrade_survey_tables133();
        // Add new fields to survey language settings
        modify_database("","ALTER TABLE `prefix_surveys_languagesettings` ADD `surveyls_url` varchar(255)"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_surveys_languagesettings` ADD `surveyls_endtext` text"); echo $modifyoutput; flush();
        // copy old URL fields ot language specific entries
        modify_database("","update `prefix_surveys_languagesettings` set `surveyls_url`=(select `url` from `prefix_surveys` where `sid`=`prefix_surveys_languagesettings`.`surveyls_survey_id`)"); echo $modifyoutput; flush();
        // drop old URL field 
        modify_database("","ALTER TABLE `prefix_surveys` DROP COLUMN `url`"); echo $modifyoutput; flush();
    	modify_database("","update `prefix_settings_global` set `stg_value`='133' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}    
    if ($oldversion < 134)
    {
        // Add new tokens setting
        modify_database("","ALTER TABLE `prefix_surveys` ADD `usetokens` varchar(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_surveys` ADD `attributedescriptions` TEXT;"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_surveys` DROP COLUMN `attribute1`"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE `prefix_surveys` DROP COLUMN `attribute2`"); echo $modifyoutput; flush();
        upgrade_token_tables134();
        modify_database("","update `prefix_settings_global` set `stg_value`='134' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }     
     if ($oldversion < 135)
    {
        modify_database("","ALTER TABLE `prefix_question_attributes` MODIFY `value` text"); echo $modifyoutput; flush();
        modify_database("","UPDATE `prefix_settings_global` SET `stg_value`='135' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
    if ($oldversion < 136) //New Quota Functions
    {
 	    modify_database("","ALTER TABLE `prefix_quota` ADD `autoload_url` int(1) NOT NULL default '0'"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE `prefix_quota_languagesettings` (
 								         `quotals_id` int(11) NOT NULL auto_increment,
 										 `quotals_quota_id` int(11) NOT NULL default '0',
 										 `quotals_language` varchar(45) NOT NULL default 'en',
 										 `quotals_name` varchar(255) collate utf8_unicode_ci default NULL,
 										 `quotals_message` text NOT NULL,
 										 `quotals_url` varchar(255),
 										 `quotals_urldescrip` varchar(255),
 										 PRIMARY KEY (`quotals_id`)
 										 )  ENGINE=$databasetabletype CHARACTER SET utf8 COLLATE utf8_unicode_ci;"); echo $modifyoutput; flush();
        modify_database("","UPDATE `prefix_settings_global` SET `stg_value`='136' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    if ($oldversion < 137) //New Quota Functions
    {
        modify_database("", "ALTER TABLE `prefix_surveys_languagesettings` ADD `surveyls_dateformat` int(1) NOT NULL default '1'"); echo $modifyoutput; flush();
        modify_database("", "ALTER TABLE `prefix_users` ADD `dateformat` int(1) NOT NULL default '1'"); echo $modifyoutput; flush();
        modify_database("", "UPDATE `prefix_surveys` set `startdate`=null where `usestartdate`='N'"); echo $modifyoutput; flush();
        modify_database("", "UPDATE `prefix_surveys` set `expires`=null where `useexpiry`='N'"); echo $modifyoutput; flush();
        modify_database("", "ALTER TABLE `prefix_surveys` DROP COLUMN `useexpiry`"); echo $modifyoutput; flush();
        modify_database("", "ALTER TABLE `prefix_surveys` DROP COLUMN `usestartdate`"); echo $modifyoutput; flush();
        modify_database("", "UPDATE `prefix_settings_global` SET `stg_value`='137' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
 	if ($oldversion < 138) //Modify quota field
 	{
 	    modify_database("", "ALTER TABLE `prefix_quota_members` CHANGE `code` `code` VARCHAR(11) collate utf8_unicode_ci default NULL"); echo $modifyoutput; flush();
        modify_database("", "UPDATE `prefix_settings_global` SET `stg_value`='138' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    return true;
 }
 function upgrade_survey_tables117()
 {
    global $modifyoutput;
@@ -205,12 +329,12 @@ function upgrade_survey_tables117()
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
-        {
+    {
        while ( $sv = $surveyidresult->FetchRow() )
-            {
+        {
            modify_database("","ALTER TABLE ".db_table_name('survey_'.$sv[0])." ADD `startdate` datetime AFTER `datestamp`"); echo $modifyoutput; flush();
            }
        }
    }
 }
 function upgrade_survey_tables118()
@@ -238,61 +362,105 @@ function upgrade_token_tables125()
        {
        while ( $sv = $surveyidresult->FetchRow() )
            {
-            modify_database("","ALTER TABLE ".$sv[0]." ADD `emailstatus` varchar(255) NOT NULL DEFAULT 'OK'"); echo $modifyoutput; flush();
+            modify_database("","ALTER TABLE ".$sv[0]." ADD `emailstatus` varchar(300) NOT NULL DEFAULT 'OK'"); echo $modifyoutput; flush();
            }
        }
 }
 // Add the reminders tracking fields
 function upgrade_token_tables128()
 {
    global $modifyoutput,$dbprefix;
    $surveyidquery = "SHOW TABLES LIKE '".$dbprefix."tokens%'";
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
        {
        while ( $sv = $surveyidresult->FetchRow() )
            {
            modify_database("","ALTER TABLE ".$sv[0]." ADD `remindersent` VARCHAR(17) DEFAULT 'N'"); echo $modifyoutput; flush();
            modify_database("","ALTER TABLE ".$sv[0]." ADD `remindercount` INT(11)  DEFAULT 0"); echo $modifyoutput; flush();
            }
        }
 }
 function upgrade_survey_tables133()
 {
    $surveyidquery = "SELECT sid,additional_languages FROM ".db_table_name('surveys');
    $surveyidresult = db_execute_num($surveyidquery);
    while ( $sv = $surveyidresult->FetchRow() )
    {
        FixLanguageConsistency($sv[0],$sv[1]);   
    }
 }
 // Add the reminders tracking fields
 function upgrade_token_tables134()
 {
    global $modifyoutput,$dbprefix;
    $surveyidquery = "SHOW TABLES LIKE '".$dbprefix."tokens%'";
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
        {
        while ( $sv = $surveyidresult->FetchRow() )
            {
            modify_database("","ALTER TABLE ".$sv[0]." ADD `validfrom` Datetime"); echo $modifyoutput; flush();
            modify_database("","ALTER TABLE ".$sv[0]." ADD `validuntil` Datetime"); echo $modifyoutput; flush();
            }
        }
 }
 function fix_mysql_collation()
 {
-global $connect, $modifyoutput, $dbprefix;
+    global $connect, $modifyoutput, $dbprefix;
-$sql = 'SHOW TABLE STATUS';
+    $sql = 'SHOW TABLE STATUS';
-$result = db_execute_assoc($sql);
+    $result = db_execute_assoc($sql);
-if (!$result) {
+    if (!$result) {
-       $modifyoutput .= 'SHOW TABLE - SQL Error';
+           $modifyoutput .= 'SHOW TABLE - SQL Error';
        }
    while ( $tables = $result->FetchRow() ) {
    // Loop through all tables in this database
       $table = $tables['Name'];
       $tablecollation=$tables['Collation'];
       if (strpos($table,'old_')===false  && ($dbprefix==''  || ($dbprefix!='' && strpos($table,$dbprefix)!==false)))
       {
 	       if ($tablecollation!='utf8_unicode_ci')
 	       {
 	       modify_database("","ALTER TABLE $table COLLATE utf8_unicode_ci");
 	       echo $modifyoutput; flush();
 	       }            
 	       # Now loop through all the fields within this table
 	       $result2 = db_execute_assoc("SHOW FULL COLUMNS FROM ".$table);
 	       while ( $column = $result2->FetchRow())
 	       {
 	       if ($column['Collation']!= 'utf8_unicode_ci' )
 		       {
 		          $field_name = $column['Field'];
 		          $field_type = $column['Type'];
 		          $field_default = $column['Default'];
 		          if ($field_default!='NULL') {$field_default="'".$field_default."'";}
 		          # Change text based fields
 		          $skipped_field_types = array('char', 'text', 'enum', 'set');
 		          foreach ( $skipped_field_types as $type )
 		          {        
 		             if ( strpos($field_type, $type) !== false )
 		             {
 					    $modstatement="ALTER TABLE $table CHANGE `$field_name` `$field_name` $field_type CHARACTER SET utf8 COLLATE utf8_unicode_ci";
 					    if ($type!='text') {$modstatement.=" DEFAULT $field_default";}
 					    modify_database("",$modstatement);
 		                echo $modifyoutput; flush();            
 		             }
 		          }
 	          }
 	       }
       }
    }
 while ( $tables = $result->FetchRow() ) {
 // Loop through all tables in this database
   $table = $tables['Name'];
   $tablecollation=$tables['Collation'];
   if (strpos($table,'old_')===false  && ($dbprefix==''  || ($dbprefix!='' && strpos($table,$dbprefix)!==false)))
   {
 	   if ($tablecollation!='utf8_unicode_ci')
 	   {
 	   modify_database("","ALTER TABLE $table COLLATE utf8_unicode_ci");
 	   echo $modifyoutput; flush();
 	   }            
 	   # Now loop through all the fields within this table
 	   $result2 = db_execute_assoc("SHOW FULL COLUMNS FROM ".$table);
 	   while ( $column = $result2->FetchRow())
 	   {
 	   if ($column['Collation']!= 'utf8_unicode_ci' )
 		   {
 		      $field_name = $column['Field'];
 		      $field_type = $column['Type'];
 		      $field_default = $column['Default'];
 		      if ($field_default!='NULL') {$field_default="'".$field_default."'";}
 		      # Change text based fields
 		      $skipped_field_types = array('char', 'text', 'enum', 'set');
 		      foreach ( $skipped_field_types as $type )
 		      {        
 		         if ( strpos($field_type, $type) !== false )
 		         {
 					$modstatement="ALTER TABLE $table CHANGE `$field_name` `$field_name` $field_type CHARACTER SET utf8 COLLATE utf8_unicode_ci";
 					if ($type!='text') {$modstatement.=" DEFAULT $field_default";}
 					modify_database("",$modstatement);
 		            echo $modifyoutput; flush();            
 		         }
 		      }
 	      }
 	   }
   }
 }
 }
 ?>
--- a/include/limesurvey/admin/install/upgrade-odbc_mssql.php
+++ b/include/limesurvey/admin/install/upgrade-odbc_mssql.php
@@ -1,240 +0,0 @@
 <?PHP
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: upgrade-odbc_mssql.php 4453 2008-03-13 22:41:44Z c_schmitz $
 */
 // There will be a file for each database (accordingly named to the dbADO scheme)
 // where based on the current database version the database is upgraded
 // For this there will be a settings table which holds the last time the database was upgraded
 function db_upgrade($oldversion) {
 /// This function does anything necessary to upgrade 
 /// older versions to match current functionality
 global $modifyoutput;
 echo str_pad('Loading... ',4096)."<br />\n";
    if ($oldversion < 111) {
      // Language upgrades from version 110 to 111 since the language names did change
       $oldnewlanguages=array('german_informal'=>'german-informal',
                              'cns'=>'cn-Hans',
                              'cnt'=>'cn-Hant',
                              'pt_br'=>'pt-BR',
                              'gr'=>'el',
                              'jp'=>'ja',
                              'si'=>'sl',
                              'se'=>'sv',
                              'vn'=>'vi');
        foreach  ($oldnewlanguages as $oldlang=>$newlang)
        {
            modify_database("","update [prefix_answers] set [language`='$newlang' where language='$oldlang'");  echo $modifyoutput;      flush();
            modify_database("","update [prefix_questions] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_groups] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_labels] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys] set [language`='$newlang' where language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys_languagesettings] set [surveyls_language`='$newlang' where surveyls_language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_users] set [lang`='$newlang' where lang='$oldlang'");echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("labelsets"));
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['languages'];
           $toreplace=str_replace('german_informal','german-informal',$toreplace);
           $toreplace=str_replace('cns','cn-Hans',$toreplace);
           $toreplace=str_replace('cnt','cn-Hant',$toreplace);
           $toreplace=str_replace('pt_br','pt-BR',$toreplace);
           $toreplace=str_replace('gr','el',$toreplace);
           $toreplace=str_replace('jp','ja',$toreplace);
           $toreplace=str_replace('si','sl',$toreplace);
           $toreplace=str_replace('se','sv',$toreplace);
           $toreplace=str_replace('vn','vi',$toreplace);
           modify_database("","update [prefix_labelsets] set [languages`='$toreplace' where lid=".$datarow['lid']);echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("surveys"));                 
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['additional_languages'];
           $toreplace=str_replace('german_informal','german-informal',$toreplace);
           $toreplace=str_replace('cns','cn-Hans',$toreplace);
           $toreplace=str_replace('cnt','cn-Hant',$toreplace);
           $toreplace=str_replace('pt_br','pt-BR',$toreplace);
           $toreplace=str_replace('gr','el',$toreplace);
           $toreplace=str_replace('jp','ja',$toreplace);
           $toreplace=str_replace('si','sl',$toreplace);
           $toreplace=str_replace('se','sv',$toreplace);
           $toreplace=str_replace('vn','vi',$toreplace);
           modify_database("","update [prefix_surveys] set [additional_languages`='$toreplace' where sid=".$datarow['sid']);echo $modifyoutput;flush();
        }
        modify_database("","update [prefix_settings_global] set [stg_value`='111' where stg_name='DBVersion'"); echo $modifyoutput;
    }
    if ($oldversion < 112) {
        //The size of the users_name field is now 64 char (20 char before version 112)
        modify_database("","ALTER TABLE [prefix_users] ALTER COLUMN [users_name] VARCHAR( 64 ) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value`='112' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 113) {
 	//No action needed
        modify_database("","update [prefix_settings_global] set [stg_value]='113' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 114) {
        modify_database("","ALTER TABLE [prefix_saved_control] ALTER COLUMN [email] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ALTER COLUMN [adminemail] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_users] ALTER COLUMN [email] VARCHAR(320) NOT NULL"); echo $modifyoutput; flush();
        modify_database("",'INSERT INTO [prefix_settings_global] VALUES (\'SessionName\', \'$sessionname\');');echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='114' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    if ($oldversion < 126) {
        modify_database("","ALTER TABLE [prefix_surveys] ADD  [printanswers] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD  [listpublic] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        upgrade_survey_tables117();
        upgrade_survey_tables118();
        //119
        modify_database("","CREATE TABLE [prefix_quota] (
 						  [id] int NOT NULL IDENTITY (1,1),
 						  [sid] int,
 						  [name] varchar(255) ,
 						  [qlimit] int ,
 						  [action] int ,
 						  [active] int NOT NULL default '1',
 						  PRIMARY KEY  ([id])
 						);");echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_quota_members] (
 						  [id] int NOT NULL IDENTITY (1,1),
 						  [sid] int ,
 						  [qid] int ,
 						  [quota_id] int ,
 						  [code] varchar(5) ,
 						  PRIMARY KEY  ([id])
 						);");echo $modifyoutput; flush();
       // Rename Norwegian language code from NO to NB
       $oldnewlanguages=array('no'=>'nb');
        foreach  ($oldnewlanguages as $oldlang=>$newlang)
        {
            modify_database("","update [prefix_answers] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_questions] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_groups] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_labels] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys] set [language]='$newlang' where [language]='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_surveys_languagesettings] set [surveyls_language]='$newlang' where surveyls_language='$oldlang'");echo $modifyoutput;flush();
            modify_database("","update [prefix_users] set [lang]='$newlang' where lang='$oldlang'");echo $modifyoutput;flush();
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("labelsets"));
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['languages'];
           $toreplace2=str_replace('no','nb',$toreplace);
           if ($toreplace2!=$toreplace) {modify_database("","update  [prefix_labelsets] set [languages]='$toreplace' where lid=".$datarow['lid']);echo $modifyoutput;flush();}
        }
        $resultdata=db_execute_assoc("select * from ".db_table_name("surveys"));                 
        while ($datarow = $resultdata->FetchRow()){
           $toreplace=$datarow['additional_languages'];
           $toreplace2=str_replace('no','nb',$toreplace);
           if ($toreplace2!=$toreplace) {modify_database("","update [prefix_surveys] set [additional_languages]='$toreplace' where sid=".$datarow['sid']);echo $modifyoutput;flush();}
        }	
        modify_database("","ALTER TABLE [prefix_surveys] ADD [htmlemail] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD [usecaptcha] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_surveys] ADD [tokenanswerspersistence] CHAR(1) DEFAULT 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE [prefix_users] ADD [htmleditormode] CHAR(7) DEFAULT 'default'"); echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_templates_rights] (
 						  [uid] int NOT NULL,
 						  [folder] varchar(255) NOT NULL,
 						  [use] int NOT NULL,
 						  PRIMARY KEY  ([uid],[folder])
 						  );");echo $modifyoutput; flush();
        modify_database("","CREATE TABLE [prefix_templates] (
 						  [folder] varchar(255) NOT NULL,
 						  [creator] int NOT NULL,
 						  PRIMARY KEY  ([folder])
 						  );");echo $modifyoutput; flush();        
 	    //123
        modify_database("","ALTER TABLE [prefix_conditions] ALTER COLUMN [value] VARCHAR(255)"); echo $modifyoutput; flush();
        // There is no other way to remove the previous default value
        /*modify_database("","DECLARE @STR VARCHAR(100)
 									SET @STR = (
 									SELECT NAME
 									FROM SYSOBJECTS SO
 									JOIN SYSCONSTRAINTS SC ON SO.ID = SC.CONSTID
 									WHERE OBJECT_NAME(SO.PARENT_OBJ) = 'lime_labels'
 									AND SO.XTYPE = 'D' AND SC.COLID =
 									(SELECT COLID FROM SYSCOLUMNS WHERE ID = OBJECT_ID('lime_labels') AND NAME = 'title'))
 									SET @STR = 'ALTER TABLE lime_labels DROP CONSTRAINT ' + @STR 
 	 								exec (@STR);"); echo $modifyoutput; flush();     */
        modify_database("","ALTER TABLE [prefix_labels] ALTER COLUMN [title] varchar(4000)"); echo $modifyoutput; flush();
        //124
        modify_database("","ALTER TABLE [prefix_surveys] ADD [bounce_email] text"); echo $modifyoutput; flush();
        //125
        upgrade_token_tables125();
        modify_database("","EXEC sp_rename 'prefix_users.move_user','superadmin'"); echo $modifyoutput; flush();
        modify_database("","UPDATE [prefix_users] SET [superadmin]=1 where ([create_survey]=1 AND [create_user]=1 AND [delete_user]=1 AND [configurator]=1)"); echo $modifyoutput; flush();
        //126
        modify_database("","ALTER TABLE [prefix_questions] ADD [lid1] int NOT NULL DEFAULT '0'"); echo $modifyoutput; flush();
        modify_database("","UPDATE [prefix_conditions] SET [method]='==' where ( [method] is null) or [method]=''"); echo $modifyoutput; flush();
        modify_database("","update [prefix_settings_global] set [stg_value]='126' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
    return true;
 }
 function upgrade_survey_tables117()
 {
    global $modifyoutput;
    $surveyidquery = "SELECT sid FROM ".db_table_name('surveys')." WHERE active='Y' and datestamp='Y'";
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
        {
        while ( $sv = $surveyidresult->FetchRow() )
            {
            modify_database("","ALTER TABLE ".db_table_name('survey_'.$sv[0])." ADD [startdate] datetime"); echo $modifyoutput; flush();
            }
        }
 }
 function upgrade_survey_tables118()
 {
  	global $connect,$modifyoutput,$dbprefix;
  	$tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ALTER COLUMN [token] VARCHAR(36)"); echo $modifyoutput; flush();
            }
 }
 function upgrade_token_tables125()
 {
  	global $connect,$modifyoutput,$dbprefix;
  	$tokentables=$connect->MetaTables('TABLES',false,$dbprefix."tokens%");
    foreach ($tokentables as $sv)
            {
            modify_database("","ALTER TABLE ".$sv." ADD COLUMN [emailstatus ] VARCHAR(300) DEFAULT 'OK'"); echo $modifyoutput; flush();
            }
 }
 ?>
--- a/include/limesurvey/admin/install/upgrade-postgres.php
+++ b/include/limesurvey/admin/install/upgrade-postgres.php
@@ -18,14 +18,190 @@
 // For this there will be a settings table which holds the last time the database was upgraded
 function db_upgrade($oldversion) {
 global $modifyoutput;
-    if ($oldversion < 125) {
+	if ($oldversion < 127) {
        modify_database("","create index answers_idx2 on prefix_answers (sortorder)"); echo $modifyoutput;  flush();
        modify_database("","create index assessments_idx2 on prefix_assessments (sid)"); echo $modifyoutput;  flush();
        modify_database("","create index assessments_idx on prefix_assessments (gid)"); echo $modifyoutput;  flush();
        modify_database("","create index conditions_idx2 on prefix_conditions (qid)"); echo $modifyoutput;  flush();
        modify_database("","create index conditions_idx3 on prefix_conditions (cqid)"); echo $modifyoutput;  flush();
        modify_database("","create index groups_idx2 on prefix_groups (sid)"); echo $modifyoutput;  flush();
        modify_database("","create index question_attributes_idx2 on prefix_question_attributes (qid)"); echo $modifyoutput;  flush();
        modify_database("","create index questions_idx2 on prefix_questions (sid)"); echo $modifyoutput;  flush();
        modify_database("","create index questions_idx3 on prefix_questions (gid)"); echo $modifyoutput;  flush();
        modify_database("","create index questions_idx4 on prefix_questions (type)"); echo $modifyoutput;  flush();
        modify_database("","create index quota_idx2 on prefix_quota (sid)"); echo $modifyoutput;  flush();
        modify_database("","create index saved_control_idx2 on prefix_saved_control (sid)"); echo $modifyoutput;  flush();
        modify_database("","create index user_in_groups_idx1 on prefix_user_in_groups (ugid, uid)"); echo $modifyoutput;  flush();
        modify_database("","update prefix_settings_global set stg_value='127' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 128) {
 		//128
 		upgrade_token_tables128();
 	    modify_database("","update prefix_settings_global set stg_value='128' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 129) {
 		//129
        modify_database("","ALTER TABLE prefix_surveys ADD startdate date"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_surveys ADD usestartdate char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
 	    modify_database("","update prefix_settings_global set stg_value='129' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
 	if ($oldversion < 130)
 	{
 		modify_database("","ALTER TABLE prefix_conditions ADD scenario integer NOT NULL default '1'"); echo $modifyoutput; flush();
 		modify_database("","UPDATE prefix_conditions SET scenario=1 where (scenario is null) or scenario=0"); echo $modifyoutput; flush();
 	    modify_database("","update prefix_settings_global set stg_value='130' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    if ($oldversion < 131)
    {
        modify_database("","ALTER TABLE prefix_surveys ADD publicstatistics char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","update prefix_settings_global set stg_value='131' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
    if ($oldversion < 132)
    {
        modify_database("","ALTER TABLE prefix_surveys ADD publicgraphs char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","update prefix_settings_global set stg_value='132' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
 	if ($oldversion < 133)
    {
        modify_database("","ALTER TABLE prefix_users ADD one_time_pw bytea"); echo $modifyoutput; flush();
        // Add new assessment setting
        modify_database("","ALTER TABLE prefix_surveys ADD assessments char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        // add new assessment value fields to answers & labels
        modify_database("","ALTER TABLE prefix_answers ADD assessment_value integer NOT NULL default '0'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_labels ADD assessment_value integer NOT NULL default '0'"); echo $modifyoutput; flush();
        // copy any valid codes from code field to assessment field
        modify_database("","update [prefix_answers set assessment_value=CAST(code as integer)");// no output here is intended
        modify_database("","update prefix_labels set assessment_value=CAST(code as integer)");// no output here is intended
        // activate assessment where assesment rules exist
        modify_database("","update prefix_surveys set assessments='Y' where sid in (SELECT sid FROM prefix_assessments group by sid)"); echo $modifyoutput; flush();
        // add language field to assessment table
        modify_database("","ALTER TABLE prefix_assessments ADD language character varying(20) NOT NULL default 'en'"); echo $modifyoutput; flush();
        // update language field with default language of that particular survey
        modify_database("","update prefix_assessments set language=(select language from prefix_surveys where sid=prefix_assessments.sid)"); echo $modifyoutput; flush();
        // copy assessment link to message since from now on we will have HTML assignment messages
        modify_database("","update prefix_assessments set message=cast(message as character) ||'<br /><a href=\"'||link||'\">'||link||'</a>'"); echo $modifyoutput; flush();
        // drop the old link field
         modify_database("","ALTER TABLE prefix_assessments DROP COLUMN link"); echo $modifyoutput; flush();
        // change the primary index to include language
        modify_database("","ALTER TABLE prefix_assessments DROP CONSTRAINT prefix_assessments_pkey"); echo $modifyoutput; flush();    
        modify_database("","ALTER TABLE prefix_assessments ADD CONSTRAINT prefix_assessments_pkey PRIMARY KEY (id,language)"); echo $modifyoutput; flush();    
        // and fix missing translations for assessments
        upgrade_survey_tables133();
        // Add new fields to survey language settings
        modify_database("","ALTER TABLE prefix_surveys_languagesettings ADD surveyls_url character varying(255)"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_surveys_languagesettings ADD surveyls_endtext text"); echo $modifyoutput; flush();
        // copy old URL fields ot language specific entries
        modify_database("","update prefix_surveys_languagesettings set surveyls_url=(select url from prefix_surveys where sid=prefix_surveys_languagesettings.surveyls_survey_id)"); echo $modifyoutput; flush();
        // drop old URL field 
        modify_database("","ALTER TABLE prefix_surveys DROP COLUMN url"); echo $modifyoutput; flush();
        modify_database("","update prefix_settings_global set stg_value='133' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }   
    if ($oldversion < 134)
    {
        modify_database("","ALTER TABLE prefix_surveys ADD usetokens char(1) NOT NULL default 'N'"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_surveys ADD attributedescriptions TEXT;"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_surveys DROP COLUMN attribute1"); echo $modifyoutput; flush();
        modify_database("","ALTER TABLE prefix_surveys DROP COLUMN attribute2"); echo $modifyoutput; flush();
        upgrade_token_tables134();
        modify_database("","update prefix_settings_global set stg_value='134' where stg_name='DBVersion'"); echo $modifyoutput; flush();  
    } 
     if ($oldversion < 135)
    {
        modify_database("","ALTER TABLE prefix_question_attributes ALTER COLUMN value TYPE text"); echo $modifyoutput; flush();
        modify_database("","update prefix_settings_global set stg_value='135' where stg_name='DBVersion'"); echo $modifyoutput; flush();        
    }
    if ($oldversion < 136)
    {
 	   modify_database("", "ALTER TABLE prefix_quota ADD autoload_url integer NOT NULL DEFAULT 0"); echo $modifyoutput; flush();
 	   modify_database("", "CREATE TABLE prefix_quota_languagesettings (
 						   quotals_id serial NOT NULL,
  						   quotals_quota_id integer NOT NULL DEFAULT 0,
 						   quotals_language character varying(45) NOT NULL DEFAULT 'en'::character varying,
 						   quotals_name character varying(200),
  						   quotals_message text NOT NULL,
  						   quotals_url character varying(255),
  						   quotals_urldescrip character varying(255));"); echo $modifyoutput; flush();
 	   modify_database("", "ALTER TABLE ONLY prefix_quota_languagesettings
  	   					    ADD CONSTRAINT prefix_quota_languagesettings_pkey PRIMARY KEY (quotals_id);"); echo $modifyoutput; flush();
       modify_database("", "ALTER TABLE ONLY prefix_users ADD CONSTRAINT prefix_users_pkey PRIMARY KEY (uid)"); echo $modifyoutput; flush();
       modify_database("", "ALTER TABLE ONLY prefix_users ADD CONSTRAINT prefix_user_name_key UNIQUE (users_name)"); echo $modifyoutput; flush();
       modify_database("", "update prefix_settings_global set stg_value='136' where stg_name='DBVersion'"); echo $modifyoutput; flush();
 	}
    if ($oldversion < 137) //New date format specs
    {
       modify_database("", "ALTER TABLE prefix_surveys_languagesettings ADD surveyls_dateformat integer NOT NULL default 1"); echo $modifyoutput; flush();
       modify_database("", "ALTER TABLE prefix_users ADD \"dateformat\" integer NOT NULL default 1"); echo $modifyoutput; flush();
       modify_database("", "update prefix_surveys set startdate=null where usestartdate='N'"); echo $modifyoutput; flush();
       modify_database("", "update prefix_surveys set expires=null where useexpiry='N'"); echo $modifyoutput; flush();
       modify_database("", "ALTER TABLE prefix_surveys DROP COLUMN usestartdate"); echo $modifyoutput; flush();
       modify_database("", "ALTER TABLE prefix_surveys DROP COLUMN useexpiry"); echo $modifyoutput; flush();
       modify_database("", "update prefix_settings_global set stg_value='137' where stg_name='DBVersion'"); echo $modifyoutput; flush();
    }
 	if ($oldversion < 138) //Modify quota field
 	{
 	    modify_database("", "ALTER TABLE prefix_quota_members ALTER COLUMN code TYPE character varying(11)"); echo $modifyoutput; flush();
        modify_database("", "UPDATE prefix_settings_global SET stg_value='138' WHERE stg_name='DBVersion'"); echo $modifyoutput; flush();        
 	}
    return true;
 }
 function upgrade_token_tables128()
 {
    global $modifyoutput,$dbprefix;
    $surveyidquery = db_select_tables_like($dbprefix."tokens%");
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
    {
 		while ( $sv = $surveyidresult->FetchRow() )
 		{
 			modify_database("","ALTER TABLE ".$sv0." ADD remindersent character varying(17) DEFAULT 'N'"); echo $modifyoutput; flush();
 			modify_database("","ALTER TABLE ".$sv0." ADD remindercount INTEGER DEFAULT 0"); echo $modifyoutput; flush();
 		}
 	}
 }
 function upgrade_survey_tables133()
 {
    global $modifyoutput;
    $surveyidquery = "SELECT sid, additional_languages FROM ".db_table_name('surveys');
    $surveyidresult = db_execute_num($surveyidquery);
    while ( $sv = $surveyidresult->FetchRow() )
    {
        FixLanguageConsistency($sv['0'],$sv['1']);   
    }
 }
 function upgrade_token_tables134()
 {
    global $modifyoutput,$dbprefix;
    $surveyidquery = db_select_tables_like($dbprefix."tokens%");
    $surveyidresult = db_execute_num($surveyidquery);
    if (!$surveyidresult) {return "Database Error";}
    else
    {
        while ( $sv = $surveyidresult->FetchRow() )
        {
            modify_database("","ALTER TABLE ".$sv[0]." ADD validfrom timestamp"); echo $modifyoutput; flush();
            modify_database("","ALTER TABLE ".$sv[0]." ADD validuntil timestamp"); echo $modifyoutput; flush();
        }
    }
 }
 ?>
--- a/include/limesurvey/admin/integritycheck.php
+++ b/include/limesurvey/admin/integritycheck.php
@@ -1,402 +1,394 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: integritycheck.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: integritycheck.php 6976 2009-05-30 00:53:41Z c_schmitz $
-*/
+*/
-
+
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
+if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
-    {
+    {
-    // THIS FILE CHECKS THE CONSISTENCY OF THE DATABASE, IT LOOKS FOR
+    // THIS FILE CHECKS THE CONSISTENCY OF THE DATABASE, IT LOOKS FOR
-    // STRAY QUESTIONS, ANSWERS, CONDITIONS OR GROUPS AND DELETES THEM
+    // STRAY QUESTIONS, ANSWERS, CONDITIONS OR GROUPS AND DELETES THEM
-    $ok=returnglobal('ok');
+    $ok=returnglobal('ok');
-    
+    
-    $integritycheck=''; 
+    $integritycheck=''; 
-    if (!isset($ok) || $ok != "Y") // do the check, but don't delete anything
+    if (!isset($ok) || $ok != "Y") // do the check, but don't delete anything
-    {
+    {
-        $integritycheck .= "<table><tr><td height='1'></td></tr></table>\n"
+        $integritycheck .= "<div class='messagebox'>"
-        . "<table align='center' class='menu2columns' style='border: 1px solid #555555' "
+        . "<div class='header'>".$clang->gT("Data Consistency Check")."<br /><span style='font-size:7pt;'>".$clang->gT("If errors are showing up you might have to execute this script repeatedly.")."</span></div>\n"
-        . "cellpadding='1' cellspacing='0' width='450'>\n"
+        . "<ul>\n";
-        . "\t<tr>\n"
+        // Check conditions
-        . "\t\t<td colspan='2' align='center'>\n"
+        //  $query = "SELECT {$dbprefix}questions.sid, {$dbprefix}conditions.* "
-        . "\t\t\t<strong>".$clang->gT("Data Consistency Check")."<br /><font size='1'>".$clang->gT("If errors are showing up you might have to execute this script repeatedly.")."</font></strong>\n"
+        //          ."FROM {$dbprefix}conditions, {$dbprefix}questions "
-        . "\t\t</td>\n"
+        //          ."WHERE {$dbprefix}conditions.qid={$dbprefix}questions.qid "
-        . "\t</tr>\n"
+        //          ."ORDER BY qid, scenario, cqid, cfieldname, value";
-        . "\t<tr><td align='center'>"
+        $query = "SELECT * FROM {$dbprefix}conditions ORDER BY cid";
-        . "<br />\n";
+        $result = db_execute_assoc($query) or safe_die("Couldn't get list of conditions from database<br />$query<br />".$connect->ErrorMsg());
-        // Check conditions
+        while ($row=$result->FetchRow())
-        //  $query = "SELECT {$dbprefix}questions.sid, {$dbprefix}conditions.* "
+        {
-        //          ."FROM {$dbprefix}conditions, {$dbprefix}questions "
+            $qquery="SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['qid']}'";
-        //          ."WHERE {$dbprefix}conditions.qid={$dbprefix}questions.qid "
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids<br />$qquery<br />".$connect->ErrorMsg());
-        //          ."ORDER BY qid, cqid, cfieldname, value";
+            $qcount=$qresult->RecordCount();
-        $query = "SELECT * FROM {$dbprefix}conditions ORDER BY cid";
+            if (!$qcount) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>"No matching qid");}
-        $result = db_execute_assoc($query) or safe_die("Couldn't get list of conditions from database<br />$query<br />".$connect->ErrorMsg());
+            $qquery = "SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['cqid']}'";
-        while ($row=$result->FetchRow())
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids<br />$qquery<br />".$connect->ErrorMsg());
-        {
+            $qcount=$qresult->RecordCount();
-            $qquery="SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['qid']}'";
+            if (!$qcount) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No matching Cqid"));}
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids<br />$qquery<br />".$connect->ErrorMsg());
+            if ($row['cfieldname']) //Only do this if there actually is a "cfieldname"
-            $qcount=$qresult->RecordCount();
+            {
-            if (!$qcount) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>"No matching qid");}
+                list ($surveyid, $gid, $rest) = explode("X", $row['cfieldname']);
-            $qquery = "SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['cqid']}'";
+                $qquery = "SELECT gid FROM {$dbprefix}groups WHERE gid=$gid";
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids<br />$qquery<br />".$connect->ErrorMsg());
+                $qresult = $connect->Execute($qquery) or safe_die ("Couldn't check conditional group matches<br />$qquery<br />".$connect->ErrorMsg());
-            $qcount=$qresult->RecordCount();
+                $qcount=$qresult->RecordCount();
-            if (!$qcount) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No matching Cqid"));}
+                if ($qcount < 1) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No matching CFIELDNAME Group!")." ($gid) ({$row['cfieldname']})");}
-            if ($row['cfieldname']) //Only do this if there actually is a "cfieldname"
+            }
-            {
+            elseif (!$row['cfieldname'])
-                list ($surveyid, $gid, $rest) = explode("X", $row['cfieldname']);
+            {
-                $qquery = "SELECT gid FROM {$dbprefix}groups WHERE gid=$gid";
+                $cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No \"CFIELDNAME\" field set!")." ({$row['cfieldname']})");
-                $qresult = $connect->Execute($qquery) or safe_die ("Couldn't check conditional group matches<br />$qquery<br />".$connect->ErrorMsg());
+            }
-                $qcount=$qresult->RecordCount();
+        }
-                if ($qcount < 1) {$cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No matching CFIELDNAME Group!")." ($gid) ({$row['cfieldname']})");}
+        if (isset($cdelete) && $cdelete)
-            }
+        {
-            elseif (!$row['cfieldname'])
+            $integritycheck .= "<li>".$clang->gT("The following conditions should be deleted").":</li><br /><span style='font-size:7pt;'>\n";
-            {
+            foreach ($cdelete as $cd) {
-                $cdelete[]=array("cid"=>$row['cid'], "reason"=>$clang->gT("No \"CFIELDNAME\" field set!")." ({$row['cfieldname']})");
+                $integritycheck .= "CID: {$cd['cid']} ".$clang->gT("because")." {$cd['reason']}<br />\n";
-            }
+            }
-        }
+            $integritycheck .= "<br />\n";
-        if (isset($cdelete) && $cdelete)
+        }
-        {
+        else
-            $integritycheck .= "<strong>".$clang->gT("The following conditions should be deleted").":</strong><br /><font size='1'>\n";
+        {
-            foreach ($cdelete as $cd) {
+            $integritycheck .= "<li>".$clang->gT("All conditions meet consistency standards")."</li>\n";
-                $integritycheck .= "CID: {$cd['cid']} ".$clang->gT("because")." {$cd['reason']}<br />\n";
+        }
-            }
+    
-            $integritycheck .= "</font><br />\n";
+        // Check question_attributes to delete
-        }
+        $query = "SELECT * FROM {$dbprefix}question_attributes ORDER BY qid";
-        else
+        $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
-        {
+        while($row = $result->FetchRow())
-            $integritycheck .= "<strong>".$clang->gT("All conditions meet consistency standards")."</strong><br />\n";
+        {
-        }
+            $aquery = "SELECT * FROM {$dbprefix}questions WHERE qid = {$row['qid']}";
-    
+            $aresult = $connect->Execute($aquery) or safe_die($connect->ErrorMsg());
-        // Check question_attributes to delete
+            $qacount = $aresult->RecordCount();
-        $query = "SELECT * FROM {$dbprefix}question_attributes ORDER BY qid";
+            if (!$qacount) {
-        $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
+                $qadelete[]=array("qaid"=>$row['qaid'], "attribute"=>$row['attribute'], "reason"=>$clang->gT("No matching qid"));
-        while($row = $result->FetchRow())
+            }
-        {
+        } // while
-            $aquery = "SELECT * FROM {$dbprefix}questions WHERE qid = {$row['qid']}";
+        if (isset($qadelete) && $qadelete) {
-            $aresult = $connect->Execute($aquery) or safe_die($connect->ErrorMsg());
+            $integritycheck .= "<li>".$clang->gT("The following question attributes should be deleted").":</li><br /><span style='font-size:7pt;'>\n";
-            $qacount = $aresult->RecordCount();
+            foreach ($qadelete as $qad) {$integritycheck .= "QAID `{$qad['qaid']}` ATTRIBUTE `{$qad['attribute']}` ".$clang->gT("because")." `{$qad['reason']}`<br />\n";}
-            if (!$qacount) {
+            $integritycheck .= "</span><br />\n";
-                $qadelete[]=array("qaid"=>$row['qaid'], "attribute"=>$row['attribute'], "reason"=>$clang->gT("No matching qid"));
+        }
-            }
+        else
-        } // while
+        {
-        if (isset($qadelete) && $qadelete) {
+            $integritycheck .= "<li>".$clang->gT("All question attributes meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following question attributes should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($qadelete as $qad) {$integritycheck .= "QAID `{$qad['qaid']}` ATTRIBUTE `{$qad['attribute']}` ".$clang->gT("because")." `{$qad['reason']}`<br />\n";}
+    
-            $integritycheck .= "</font><br />\n";
+        // Check assessments
-        }
+        $query = "SELECT * FROM {$dbprefix}assessments WHERE scope='T' ORDER BY sid";
-        else
+        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of assessments<br />$query<br />".$connect->ErrorMsg());
-        {
+        while($row = $result->FetchRow())
-            $integritycheck .= "<strong>".$clang->gT("All question_attributes meet consistency standards")."</strong><br />\n";
+        {
-        }
+            $aquery = "SELECT * FROM {$dbprefix}surveys WHERE sid = {$row['sid']}";
-    
+            $aresult = db_execute_assoc($aquery) or safe_die("Oh dear - died in assessments surveys:".$aquery ."<br />".$connect->ErrorMsg());
-        // Check assessments
+            $acount = $aresult->RecordCount();
-        $query = "SELECT * FROM {$dbprefix}assessments WHERE scope='T' ORDER BY sid";
+            if (!$acount) {
-        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of assessments<br />$query<br />".$connect->ErrorMsg());
+                $assdelete[]=array("id"=>$row['id'], "assessment"=>$row['name'], "reason"=>$clang->gT("No matching survey"));
-        while($row = $result->FetchRow())
+            }
-        {
+        } // while
-            $aquery = "SELECT * FROM {$dbprefix}surveys WHERE sid = {$row['sid']}";
+    
-            $aresult = db_execute_assoc($aquery) or safe_die("Oh dear - died in assessments surveys:".$aquery ."<br />".$connect->ErrorMsg());
+        $query = "SELECT * FROM {$dbprefix}assessments WHERE scope='G' ORDER BY gid";
-            $acount = $aresult->RecordCount();
+        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of assessments<br />$query<br />".$connect->ErrorMsg());
-            if (!$acount) {
+        while($row = $result->FetchRow())
-                $assdelete[]=array("id"=>$row['id'], "assessment"=>$row['name'], "reason"=>$clang->gT("No matching survey"));
+        {
-            }
+            $aquery = "SELECT * FROM {$dbprefix}groups WHERE gid = {$row['gid']}";
-        } // while
+            $aresult = $connect->Execute($aquery) or safe_die("Oh dear - died:".$aquery ."<br />".$connect->ErrorMsg());
-    
+            $acount = $aresult->RecordCount();
-        $query = "SELECT * FROM {$dbprefix}assessments WHERE scope='G' ORDER BY gid";
+            if (!$acount) {
-        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of assessments<br />$query<br />".$connect->ErrorMsg());
+                $asgdelete[]=array("id"=>$row['id'], "assessment"=>$row['name'], "reason"=>$clang->gT("No matching group"));
-        while($row = $result->FetchRow())
+            }
-        {
+        }
-            $aquery = "SELECT * FROM {$dbprefix}groups WHERE gid = {$row['gid']}";
+    
-            $aresult = $connect->Execute($aquery) or safe_die("Oh dear - died:".$aquery ."<br />".$connect->ErrorMsg());
+        if (isset($assdelete) && $assdelete)
-            $acount = $aresult->RecordCount();
+        {
-            if (!$acount) {
+            $integritycheck .= "<li>".$clang->gT("The following assessments should be deleted").":</li><span style='font-size:7pt;'>\n";
-                $asgdelete[]=array("id"=>$row['id'], "assessment"=>$row['name'], "reason"=>$clang->gT("No matching group"));
+            foreach ($assdelete as $ass) {$integritycheck .= "ID `{$ass['id']}` ASSESSMENT `{$ass['assessment']}` ".$clang->gT("because")." `{$ass['reason']}`<br />\n";}
-            }
+            $integritycheck .= "</span><br />\n";
-        }
+        }
-    
+        else
-        if (isset($assdelete) && $assdelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All Survey (Total) assessments meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following assessments should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($assdelete as $ass) {$integritycheck .= "ID `{$ass['id']}` ASSESSMENT `{$ass['assessment']}` ".$clang->gT("because")." `{$ass['reason']}`<br />\n";}
+        if (isset($asgdelete) && $asgdelete)
-            $integritycheck .= "</font><br />\n";
+        {
-        }
+            $integritycheck .= "<strong>".$clang->gT("The following assessments should be deleted").":</strong><br /><span style='font-size:7pt;'>\n";
-        else
+            foreach ($asgdelete as $asg) {$integritycheck .= "ID `{$asg['id']}` ASSESSMENT `{$asg['assessment']}` ".$clang->gT("because")." `{$asg['reason']}`<br />\n";}
-        {
+            $integritycheck .= "</span><br />\n";
-            $integritycheck .= "<strong>".$clang->gT("All Survey (Total) assessments meet consistency standards")."</strong><br />\n";
+        }
-        }
+        else
-        if (isset($asgdelete) && $asgdelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All Group assessments meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following assessments should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($asgdelete as $asg) {$integritycheck .= "ID `{$asg['id']}` ASSESSMENT `{$asg['assessment']}` ".$clang->gT("because")." `{$asg['reason']}`<br />\n";}
+    
-            $integritycheck .= "</font><br />\n";
+        // Check answers
-        }
+        $query = "SELECT * FROM {$dbprefix}answers ORDER BY qid";
-        else
+        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of answers from database<br />$query<br />".$connect->ErrorMsg());
-        {
+        while ($row=$result->FetchRow())
-            $integritycheck .= "<strong>".$clang->gT("All Group assessments meet consistency standards")."</strong><br />\n";
+        {
-        }
+            //$integritycheck .= "Checking answer {$row['code']} to qid {$row['qid']}<br />\n";
-    
+            $qquery="SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['qid']}'";
-        // Check answers
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids from answers<br />$qquery<br />".$connect->ErrorMsg());
-        $query = "SELECT * FROM {$dbprefix}answers ORDER BY qid";
+            $qcount=$qresult->RecordCount();
-        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of answers from database<br />$query<br />".$connect->ErrorMsg());
+            if (!$qcount) {
-        while ($row=$result->FetchRow())
+                $adelete[]=array("qid"=>$row['qid'], "code"=>$row['code'], "reason"=>$clang->gT("No matching question"));
-        {
+            }
-            //$integritycheck .= "Checking answer {$row['code']} to qid {$row['qid']}<br />\n";
+            //$integritycheck .= "<br />\n";
-            $qquery="SELECT qid FROM {$dbprefix}questions WHERE qid='{$row['qid']}'";
+        }
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids from answers<br />$qquery<br />".$connect->ErrorMsg());
+        if (isset($adelete) && $adelete)
-            $qcount=$qresult->RecordCount();
+        {
-            if (!$qcount) {
+            $integritycheck .= "<strong>".$clang->gT("The following answers should be deleted").":</strong><br /><span style='font-size:7pt;'>\n";
-                $adelete[]=array("qid"=>$row['qid'], "code"=>$row['code'], "reason"=>$clang->gT("No matching question"));
+            foreach ($adelete as $ad) {$integritycheck .= "QID `{$ad['qid']}` CODE `{$ad['code']}` ".$clang->gT("because")." `{$ad['reason']}`<br />\n";}
-            }
+            $integritycheck .= "</span><br />\n";
-            //$integritycheck .= "<br />\n";
+        }
-        }
+        else
-        if (isset($adelete) && $adelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All answers meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following answers should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($adelete as $ad) {$integritycheck .= "QID `{$ad['qid']}` CODE `{$ad['code']}` ".$clang->gT("because")." `{$ad['reason']}`<br />\n";}
+    
-            $integritycheck .= "</font><br />\n";
+        // Check surveys
-        }
+        $query = "SELECT * FROM {$dbprefix}surveys ORDER BY sid";
-        else
+        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of answers from database<br />$query<br />".$connect->ErrorMsg());
-        {
+        while ($row=$result->FetchRow())
-            $integritycheck .= "<strong>".$clang->gT("All answers meet consistency standards")."</strong><br />\n";
+        {
-        }
+            $qquery="SELECT surveyls_survey_id FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id='{$row['sid']}'";
-    
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check languagesettings table for sids from surveys<br />$qquery<br />".$connect->ErrorMsg());
-        // Check surveys
+            $qcount=$qresult->RecordCount();
-        $query = "SELECT * FROM {$dbprefix}surveys ORDER BY sid";
+            if (!$qcount) {
-        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of answers from database<br />$query<br />".$connect->ErrorMsg());
+                $sdelete[]=array("sid"=>$row['sid'], "reason"=>$clang->gT("Language specific settings missing"));
-        while ($row=$result->FetchRow())
+            }
-        {
+        }
-            $qquery="SELECT surveyls_survey_id FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id='{$row['sid']}'";
+        if (isset($sdelete) && $sdelete)
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check languagesettings table for sids from surveys<br />$qquery<br />".$connect->ErrorMsg());
+        {
-            $qcount=$qresult->RecordCount();
+            $integritycheck .= "<strong>".$clang->gT("The following surveys should be deleted").":</strong><br /><span style='font-size:7pt;'>\n";
-            if (!$qcount) {
+            foreach ($sdelete as $sd) {$integritycheck .= "SID `{$sd['sid']}` ".$clang->gT("because")." `{$sd['reason']}`<br />\n";}
-                $sdelete[]=array("sid"=>$row['sid'], "reason"=>$clang->gT("Language specific settings missing"));
+            $integritycheck .= "</span><br />\n";
-            }
+        }
-        }
+        else
-        if (isset($sdelete) && $sdelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All survey settings meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following surveys should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($sdelete as $sd) {$integritycheck .= "SID `{$sd['sid']}` ".$clang->gT("because")." `{$sd['reason']}`<br />\n";}
+    
-            $integritycheck .= "</font><br />\n";
+        //check questions
-        }
+        $query = "SELECT * FROM {$dbprefix}questions ORDER BY sid, gid, qid";
-        else
+        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of questions from database<br />$query<br />".$connect->ErrorMsg());
-        {
+        while ($row=$result->FetchRow())
-            $integritycheck .= "<strong>".$clang->gT("All survey settings meet consistency standards")."</strong><br />\n";
+        {
-        }
+            //Make sure group exists
-    
+            $qquery="SELECT * FROM {$dbprefix}groups WHERE gid={$row['gid']}";
-        //check questions
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check groups table for gids from questions<br />$qquery<br />".$connect->ErrorMsg());
-        $query = "SELECT * FROM {$dbprefix}questions ORDER BY sid, gid, qid";
+            $qcount=$qresult->RecordCount();
-        $result = db_execute_assoc($query) or safe_die ("Couldn't get list of questions from database<br />$query<br />".$connect->ErrorMsg());
+            if (!$qcount) {$qdelete[]=array("qid"=>$row['qid'], "reason"=>$clang->gT("No matching group")." ({$row['gid']})");}
-        while ($row=$result->FetchRow())
+            //Make sure survey exists
-        {
+            $qquery="SELECT * FROM {$dbprefix}surveys WHERE sid={$row['sid']}";
-            //Make sure group exists
+            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check surveys table for sids from questions<br />$qquery<br />".$connect->ErrorMsg());
-            $qquery="SELECT * FROM {$dbprefix}groups WHERE gid={$row['gid']}";
+            $qcount=$qresult->RecordCount();
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check groups table for gids from questions<br />$qquery<br />".$connect->ErrorMsg());
+            if (!$qcount) {
-            $qcount=$qresult->RecordCount();
+                if (!isset($qdelete) || !in_array($row['qid'], $qdelete)) {$qdelete[]=array("qid"=>$row['qid'], "reason"=>$clang->gT("No matching survey")." ({$row['sid']})");}
-            if (!$qcount) {$qdelete[]=array("qid"=>$row['qid'], "reason"=>$clang->gT("No matching Group")." ({$row['gid']})");}
+            }
-            //Make sure survey exists
+        }
-            $qquery="SELECT * FROM {$dbprefix}surveys WHERE sid={$row['sid']}";
+        if (isset($qdelete) && $qdelete)
-            $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check surveys table for sids from questions<br />$qquery<br />".$connect->ErrorMsg());
+        {
-            $qcount=$qresult->RecordCount();
+            $integritycheck .= "<strong>".$clang->gT("The following questions should be deleted").":</strong><br /><span style='font-size:7pt;'>\n";
-            if (!$qcount) {
+            foreach ($qdelete as $qd) {$integritycheck .= "QID `{$qd['qid']}` ".$clang->gT("because")." `{$qd['reason']}`<br />\n";}
-                if (!isset($qdelete) || !in_array($row['qid'], $qdelete)) {$qdelete[]=array("qid"=>$row['qid'], "reason"=>$clang->gT("No matching Survey!")." ({$row['sid']})");}
+            $integritycheck .= "</span><br />\n";
-            }
+        }
-        }
+        else
-        if (isset($qdelete) && $qdelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All questions meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following questions should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            foreach ($qdelete as $qd) {$integritycheck .= "QID `{$qd['qid']}` ".$clang->gT("because")." `{$qd['reason']}`<br />\n";}
+        //check groups
-            $integritycheck .= "</font><br />\n";
+        $query = "SELECT * FROM {$dbprefix}groups ORDER BY sid, gid";
-        }
+        $result=db_execute_assoc($query) or safe_die ("Couldn't get list of groups for checking<br />$query<br />".$connect->ErrorMsg());
-        else
+        while ($row=$result->FetchRow())
-        {
+        {
-            $integritycheck .= "<strong>".$clang->gT("All questions meet consistency standards")."</strong><br />\n";
+            //make sure survey exists
-        }
+            $qquery = "SELECT * FROM {$dbprefix}groups WHERE sid={$row['sid']}";
-        //check groups
+            $qresult=$connect->Execute($qquery) or safe_die("Couldn't check surveys table for gids from groups<br />$qquery<br />".$connect->ErrorMsg());
-        $query = "SELECT * FROM {$dbprefix}groups ORDER BY sid, gid";
+            $qcount=$qresult->RecordCount();
-        $result=db_execute_assoc($query) or safe_die ("Couldn't get list of groups for checking<br />$query<br />".$connect->ErrorMsg());
+            if (!$qcount) {$gdelete[]=array($row['gid']);}
-        while ($row=$result->FetchRow())
+        }
-        {
+        if (isset($gdelete) && $gdelete)
-            //make sure survey exists
+        {
-            $qquery = "SELECT * FROM {$dbprefix}groups WHERE sid={$row['sid']}";
+            $integritycheck .= "<li>".$clang->gT("The following groups should be deleted").":</li><span style='font-size:7pt;'>\n";
-            $qresult=$connect->Execute($qquery) or safe_die("Couldn't check surveys table for gids from groups<br />$qquery<br />".$connect->ErrorMsg());
+            $integritycheck .= implode(", ", $gdelete);
-            $qcount=$qresult->RecordCount();
+            $integritycheck .= "</span><br />\n";
-            if (!$qcount) {$gdelete[]=array($row['gid']);}
+        }
-        }
+        else
-        if (isset($gdelete) && $gdelete)
+        {
-        {
+            $integritycheck .= "<li>".$clang->gT("All groups meet consistency standards")."</li>\n";
-            $integritycheck .= "<strong>".$clang->gT("The following groups should be deleted").":</strong><br /><font size='1'>\n";
+        }
-            $integritycheck .= implode(", ", $gdelete);
+        $integritycheck .='</ul>' ;
-            $integritycheck .= "</font><br />\n";
+        //NOW CHECK FOR STRAY SURVEY RESPONSE TABLES AND TOKENS TABLES
-        }
+        if (!isset($cdelete) && !isset($adelete) && !isset($qdelete) && !isset($gdelete) && !isset($asgdelete) && !isset($sdelete) && !isset($assdelete) && !isset($qadelete)) {
-        else
+            $integritycheck .= "<br />".$clang->gT("No database action required");
-        {
+        } else {
-            $integritycheck .= "<strong>".$clang->gT("All groups meet consistency standards")."</strong><br />\n";
+            $integritycheck .= "<br />".$clang->gT("Should we proceed with the delete?")."<br />\n";
-        }
+            $integritycheck .= "<form action='{$_SERVER['PHP_SELF']}?action=checkintegrity' method='post'>\n";
-        //NOW CHECK FOR STRAY SURVEY RESPONSE TABLES AND TOKENS TABLES
+            if (isset($cdelete)) {
-        if (!isset($cdelete) && !isset($adelete) && !isset($qdelete) && !isset($gdelete) && !isset($asgdelete) && !isset($sdelete) && !isset($assdelete) && !isset($qadelete)) {
+                foreach ($cdelete as $cd) {
-            $integritycheck .= "<br />".$clang->gT("No database action required");
+                    $integritycheck .= "<input type='hidden' name='cdelete[]' value='{$cd['cid']}' />\n";
-        } else {
+                }
-            $integritycheck .= "<br />".$clang->gT("Should we proceed with the delete?")."<br />\n";
+            }
-            $integritycheck .= "<form action='{$_SERVER['PHP_SELF']}?action=checkintegrity' method='post'>\n";
+            if (isset($adelete)) {
-            if (isset($cdelete)) {
+                foreach ($adelete as $ad) {
-                foreach ($cdelete as $cd) {
+                    $integritycheck .= "<input type='hidden' name='adelete[]' value='{$ad['qid']}|{$ad['code']}' />\n";
-                    $integritycheck .= "<input type='hidden' name='cdelete[]' value='{$cd['cid']}' />\n";
+                }
-                }
+            }
-            }
+            if (isset($qdelete)) {
-            if (isset($adelete)) {
+                foreach($qdelete as $qd) {
-                foreach ($adelete as $ad) {
+                    $integritycheck .= "<input type='hidden' name='qdelete[]' value='{$qd['qid']}' />\n";
-                    $integritycheck .= "<input type='hidden' name='adelete[]' value='{$ad['qid']}|{$ad['code']}' />\n";
+                }
-                }
+            }
-            }
+            if (isset($gdelete)) {
-            if (isset($qdelete)) {
+                foreach ($gdelete as $gd) {
-                foreach($qdelete as $qd) {
+                    $integritycheck .= "<input type='hidden' name='gdelete[]' value='{$gd['gid']}' />\n";
-                    $integritycheck .= "<input type='hidden' name='qdelete[]' value='{$qd['qid']}' />\n";
+                }
-                }
+            }
-            }
+            if (isset($qadelete)) {
-            if (isset($gdelete)) {
+                foreach ($qadelete as $qad) {
-                foreach ($gdelete as $gd) {
+                    $integritycheck .= "<input type='hidden' name='qadelete[]' value='{$qad['qaid']}'/>\n";
-                    $integritycheck .= "<input type='hidden' name='gdelete[]' value='{$gd['gid']}' />\n";
+                }
-                }
+            }
-            }
+            if (isset($assdelete)) {
-            if (isset($qadelete)) {
+                foreach ($assdelete as $ass) {
-                foreach ($qadelete as $qad) {
+                    $integritycheck .= "<input type='hidden' name='assdelete[]' value='{$ass['id']}'/>\n";
-                    $integritycheck .= "<input type='hidden' name='qadelete[]' value='{$qad['qaid']}'/>\n";
+                }
-                }
+            }
-            }
+            if (isset($asgdelete)) {
-            if (isset($assdelete)) {
+                foreach ($asgdelete as $asg) {
-                foreach ($assdelete as $ass) {
+                    $integritycheck .= "<input type='hidden' name='asgdelete[]' value='{$asg['id']}'/>\n";
-                    $integritycheck .= "<input type='hidden' name='assdelete[]' value='{$ass['id']}'/>\n";
+                }
-                }
+            }
-            }
+            if (isset($sdelete)) {
-            if (isset($asgdelete)) {
+                foreach ($sdelete as $asg) {
-                foreach ($asgdelete as $asg) {
+                    $integritycheck .= "<input type='hidden' name='sdelete[]' value='{$asg['sid']}'/>\n";
-                    $integritycheck .= "<input type='hidden' name='asgdelete[]' value='{$asg['id']}'/>\n";
+                }
-                }
+            }
-            }
+            $integritycheck .= "<input type='hidden' name='ok' value='Y'>\n"
-            if (isset($sdelete)) {
+                              ."<input type='submit' value='".$clang->gT("Yes - Delete Them!")."'>\n"
-                foreach ($sdelete as $asg) {
+                              ."</form>\n";
-                    $integritycheck .= "<input type='hidden' name='sdelete[]' value='{$asg['sid']}'/>\n";
+        }
-                }
+        $integritycheck .= "</div><br />\n";
-            }
+    }
-            $integritycheck .= "<input type='hidden' name='ok' value='Y'>\n"
+    elseif ($ok == "Y")
-                              ."<input type='submit' value='".$clang->gT("Yes - Delete Them!")."'>\n"
+    {
-                              ."</form>\n";
+        $integritycheck .= "<table><tr><td height='1'></td></tr></table>\n"
-        }
+        . "<table align='center' style='border: 1px solid #555555' "
-        $integritycheck .= "<br /><br />\n"
+        . "cellpadding='1' cellspacing='0' width='450'>\n"
-        ."</td></tr></table>\n"
+        . "\t<tr>\n"
-        ."<table><tr><td height='1'></td></tr></table>\n";
+        . "\t\t<td colspan='2' align='center'>\n"
-    }
+        . "\t\t\t<strong>".$clang->gT("Data Consistency Check")."<br /><span style='font-size:7pt;'>".$clang->gT("If errors are showing up you might have to execute this script repeatedly.")."</strong>\n"
-    elseif ($ok == "Y")
+        . "\t\t</td>\n"
-    {
+        . "\t</tr>\n"
-        $integritycheck .= "<table><tr><td height='1'></td></tr></table>\n"
+        . "\t<tr><td align='center'>";
-        . "<table align='center' style='border: 1px solid #555555' "
+        $cdelete=returnglobal('cdelete');
-        . "cellpadding='1' cellspacing='0' width='450'>\n"
+        $adelete=returnglobal('adelete');
-        . "\t<tr>\n"
+        $qdelete=returnglobal('qdelete');
-        . "\t\t<td colspan='2' align='center'>\n"
+        $gdelete=returnglobal('gdelete');
-        . "\t\t\t<strong>".$clang->gT("Data Consistency Check")."<br /><font size='1'>".$clang->gT("If errors are showing up you might have to execute this script repeatedly.")."</strong>\n"
+        $assdelete=returnglobal('assdelete');
-        . "\t\t</td>\n"
+        $asgdelete=returnglobal('asgdelete');
-        . "\t</tr>\n"
+        $qadelete=returnglobal('qadelete');
-        . "\t<tr><td align='center'>";
+        $sdelete=returnglobal('sdelete');
-        $cdelete=returnglobal('cdelete');
+    
-        $adelete=returnglobal('adelete');
+        if (isset($sdelete)) {
-        $qdelete=returnglobal('qdelete');
+            $integritycheck .= $clang->gT("Deleting Surveys").":<br /><spanstyle='font-size:7pt;'>\n";
-        $gdelete=returnglobal('gdelete');
+            foreach ($sdelete as $ass) {
-        $assdelete=returnglobal('assdelete');
+                $integritycheck .= $clang->gT("Deleting Survey ID").":".$ass."<br />\n";
-        $asgdelete=returnglobal('asgdelete');
+                $sql = "DELETE FROM {$dbprefix}surveys WHERE sid=$ass";
-        $qadelete=returnglobal('qadelete');
+                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
-        $sdelete=returnglobal('sdelete');
+            }
-    
+        }    
-        if (isset($sdelete)) {
+    
-            $integritycheck .= $clang->gT("Deleting Surveys").":<br /><fontsize='1'>\n";
+        if (isset($assdelete)) {
-            foreach ($sdelete as $ass) {
+            $integritycheck .= $clang->gT( "Deleting Assessments").":<br /><spanstyle='font-size:7pt;'>\n";
-                $integritycheck .= $clang->gT("Deleting Survey ID").":".$ass."<br />\n";
+            foreach ($assdelete as $ass) {
-                $sql = "DELETE FROM {$dbprefix}surveys WHERE sid=$ass";
+                $integritycheck .= $clang->gT("Deleting ID").":".$ass."<br />\n";
-                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
+                $sql = "DELETE FROM {$dbprefix}assessments WHERE id=$ass";
-            }
+                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
-        }    
+            }
-    
+        }
-        if (isset($assdelete)) {
+        if (isset($asgdelete)) {
-            $integritycheck .= $clang->gT( "Deleting Assessments").":<br /><fontsize='1'>\n";
+            $integritycheck .= $clang->gT("Deleting Assessments").":<br /><spanstyle='font-size:7pt;'>\n";
-            foreach ($assdelete as $ass) {
+            foreach ($asgdelete as $asg) {
-                $integritycheck .= $clang->gT("Deleting ID").":".$ass."<br />\n";
+                $integritycheck .= $clang->gT("Deleting ID").":".$asg."<br />\n";
-                $sql = "DELETE FROM {$dbprefix}assessments WHERE id=$ass";
+                $sql = "DELETE FROM {$dbprefix}assessments WHERE id=$asg";
-                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
+                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
-            }
+            }
-        }
+        }
-        if (isset($asgdelete)) {
+        if (isset($qadelete)) {
-            $integritycheck .= $clang->gT("Deleting Assessments").":<br /><fontsize='1'>\n";
+            $integritycheck .= $clang->gT("Deleting Question_Attributes").":<br /><spanstyle='font-size:7pt;'>\n";
-            foreach ($asgdelete as $asg) {
+            foreach ($qadelete as $qad) {
-                $integritycheck .= $clang->gT("Deleting ID").":".$asg."<br />\n";
+                $integritycheck .= "Deleting QAID:".$qad."<br />\n";
-                $sql = "DELETE FROM {$dbprefix}assessments WHERE id=$asg";
+                $sql = "DELETE FROM {$dbprefix}question_attributes WHERE qaid=$qad";
-                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
+                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
-            }
+            }
-        }
+        }
-        if (isset($qadelete)) {
+        if (isset($cdelete)) {
-            $integritycheck .= $clang->gT("Deleting Question_Attributes").":<br /><fontsize='1'>\n";
+            $integritycheck .= $clang->gT("Deleting Conditions").":<br /><span style='font-size:7pt;'>\n";
-            foreach ($qadelete as $qad) {
+            foreach ($cdelete as $cd) {
-                $integritycheck .= "Deleting QAID:".$qad."<br />\n";
+                $integritycheck .= $clang->gT("Deleting cid").":".$cd."<br />\n";
-                $sql = "DELETE FROM {$dbprefix}question_attributes WHERE qaid=$qad";
+                $sql = "DELETE FROM {$dbprefix}conditions WHERE cid=$cd";
-                $result = $connect->Execute($sql) or safe_die ("Couldn't delete ($sql)<br />".$connect->ErrorMsg());
+                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
-            }
+            }
-        }
+            $integritycheck .= "</span><br />\n";
-        if (isset($cdelete)) {
+        }
-            $integritycheck .= $clang->gT("Deleting Conditions").":<br /><font size='1'>\n";
+        if (isset($adelete)) {
-            foreach ($cdelete as $cd) {
+            $integritycheck .= $clang->gT("Deleting Answers").":<br /><span style='font-size:7pt;'>\n";
-                $integritycheck .= $clang->gT("Deleting cid").":".$cd."<br />\n";
+            foreach ($adelete as $ad) {
-                $sql = "DELETE FROM {$dbprefix}conditions WHERE cid=$cd";
+                list($ad1, $ad2)=explode("|", $ad);
-                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
+                $integritycheck .= $clang->gT("Deleting answer with qid").":".$ad1." and code: ".$ad2."<br />\n";
-            }
+                $sql = "DELETE FROM {$dbprefix}answers WHERE qid=$ad1 AND code='$ad2'";
-            $integritycheck .= "</font><br />\n";
+                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
-        }
+            }
-        if (isset($adelete)) {
+            $integritycheck .= "</span><br />\n";
-            $integritycheck .= $clang->gT("Deleting Answers").":<br /><font size='1'>\n";
+        }
-            foreach ($adelete as $ad) {
+        if (isset($qdelete)) {
-                list($ad1, $ad2)=explode("|", $ad);
+            $integritycheck .= $clang->gT("Deleting Questions").":<br /><span style='font-size:7pt;'>\n";
-                $integritycheck .= $clang->gT("Deleting answer with qid").":".$ad1." and code: ".$ad2."<br />\n";
+            foreach ($qdelete as $qd) {
-                $sql = "DELETE FROM {$dbprefix}answers WHERE qid=$ad1 AND code='$ad2'";
+                $integritycheck .= $clang->gT("Deleting qid").":".$qd."<br />\n";
-                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
+                $sql = "DELETE FROM {$dbprefix}questions WHERE qid=$qd";
-            }
+                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
-            $integritycheck .= "</font><br />\n";
+            }
-        }
+            $integritycheck .= "</span><br />\n";
-        if (isset($qdelete)) {
+        }
-            $integritycheck .= $clang->gT("Deleting Questions").":<br /><font size='1'>\n";
+        if (isset($gdelete)) {
-            foreach ($qdelete as $qd) {
+            $integritycheck .= $clang->gT("Deleting Groups").":<br /><span style='font-size:7pt;'>\n";
-                $integritycheck .= $clang->gT("Deleting qid").":".$qd."<br />\n";
+            foreach ($gdelete as $gd) {
-                $sql = "DELETE FROM {$dbprefix}questions WHERE qid=$qd";
+                $integritycheck .= $clang->gT("Deleting group id").":".$gd."<br />\n";
-                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
+                $sql = "DELETE FROM {$dbprefix}groups WHERE gid=$gd";
-            }
+                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
-            $integritycheck .= "</font><br />\n";
+            }
-        }
+            $integritycheck .= "</span><br />\n";
-        if (isset($gdelete)) {
+        }
-            $integritycheck .= $clang->gT("Deleting Groups").":<br /><font size='1'>\n";
+        $integritycheck .= $clang->gT("Check database again?")."<br />\n"
-            foreach ($gdelete as $gd) {
+                          ."<a href='{$_SERVER['PHP_SELF']}?action=checkintegrity'>".$clang->gT("Check Again")."</a><br />\n"
-                $integritycheck .= $clang->gT("Deleting group id").":".$gd."<br />\n";
+                          ."</td></tr></table><br />\n";
-                $sql = "DELETE FROM {$dbprefix}groups WHERE gid=$gd";
+    }
-                $result=$connect->Execute($sql) or safe_die ("Couldn't Delete ($sql)<br />".$connect->ErrorMsg());
+
-            }
+    $surveyid=false;    
-            $integritycheck .= "</font><br />\n";
+    }
-        }
+else
-        $integritycheck .= $clang->gT("Check database again?")."<br />\n"
+    {
-                          ."<a href='{$_SERVER['PHP_SELF']}?action=checkintegrity'>".$clang->gT("Check Again")."</a><br />\n"
+    $action = "dbchecker";
-                          ."</td></tr></table><br />\n";
+    include("access_denied.php");
-    }
+    include("admin.php");   
-
+    }
-    $surveyid=false;    
+?>
    }
 else
    {
    $action = "dbchecker";
    include("access_denied.php");
    include("admin.php");   
    }
 ?>
--- a/include/limesurvey/admin/iterate_survey.php
+++ b/include/limesurvey/admin/iterate_survey.php
@@ -0,0 +1,69 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: iterate_survey.php 6380 2009-02-16 13:30:17Z c_schmitz $
 */
 /*
 * Set completed answers to the incomplete state and reset the tokens to 'not used' so that
 * the survey can be published again to the same set of participants.
 * Partipants will see their previous answers and may change them.
 */
 include_once('login_check.php');
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 if  (!isset($subaction))
 { // subaction is not set, then display instructions
    $iteratesurveyoutput = browsemenubar($clang->gT('Iterate survey'));
    $iteratesurveyoutput .= "<br />\n";
    $iteratesurveyoutput .= "<div class='header'>".$clang->gT("Iterate survey")."</div>\n";
    $iteratesurveyoutput .=  "<h3>".$clang->gT("Important instructions")."</h3>"
 			. "<p style='width:80%;'>\n"
 			. "<div align='center'>".$clang->gT("Click on the following button if you want to").":<br /></div>\n"
 			. "<ol style='width:500px;margin:0 auto; font-size:8pt;'>"
 			. "<li>".$clang->gT("Delete all incomplete answers that correspond to a token for which a completed answers is already recorded")."</li>"
 			. "<li>".$clang->gT("Reset the completed answers to the incomplete state")."</li>"
 			. "<li>".$clang->gT("Reset all your tokens to the 'not used' state")."</li>"
 			. "</ol><br />\n"
 			. "<input type='button' onclick=\"if( confirm('".$clang->gT("Are you really sure you want to *delete* some incomplete answers and reset the completed state of both answers and tokens?","js")."')){".get2post("$scriptname?action=iteratesurvey&amp;sid=$surveyid&amp;subaction=unfinalizeanswers")."}\" value='".$clang->gT("Reset answers and token completed state")."'>"
 			. "<table><tr><td>";
 }
 if  ($subaction=='unfinalizeanswers') 
 {
 	$iteratesurveyoutput = browsemenubar($clang->gT('Iterate survey'));
 	$baselang = GetBaseLanguageFromSurveyID($surveyid);
 	$surveytable = db_table_name("survey_$surveyid");
 	// First delete incomplete answers that correspond to a token for which a completed answers is already recorded
 	// subquery in delete or update are tricky things when using the same table for delete and Select
 	// see http://www.developpez.net/forums/d494961/bases-donnees/mysql/requetes/cant-specify-target-in-from-clause/
 	$updateqr = "DELETE from $surveytable WHERE submitdate IS NULL AND token in (SELECT * FROM ( SELECT answ2.token from $surveytable AS answ2 WHERE answ2.submitdate IS NOT NULL) tmp );\n";
 //	$updateqr = "DELETE from $surveytable WHERE submitdate IS NULL AND token in (SELECT b.token from $surveytable AS b WHERE b.submitdate IS NOT NULL);\n";
 	//error_log("TIBO query = $updateqr");
 	$updateres = $connect->Execute($updateqr) or safe_die("Delete incomplete answers with duplicate tokens failed:<br />\n" . $connect->ErrorMsg() . "<br />$updateqr");
 	// Then set all remaining answers to incomplete state
 	$updateqr = "UPDATE $surveytable SET submitdate=NULL;\n";
 	$updateres = $connect->Execute($updateqr) or safe_die("UnFinilize answers failed:<br />\n" . $connect->ErrorMsg() . "<br />$updateqr");
 	// Finally, reset the token completed and sent status
 	$updateqr="UPDATE ".db_table_name("tokens_$surveyid")." SET sent='N', remindersent='N', remindercount=0, completed='N'";
 	$updateres=$connect->Execute($updateqr) or safe_die ("Couldn't reset token completed state<br />$updateqr<br />".$connect->ErrorMsg());
 	$iteratesurveyoutput .= "<br />\n";
 	$iteratesurveyoutput .= "<div class='header'>".$clang->gT("Iterate survey")."</div>\n";
 	$iteratesurveyoutput .=  "<p style='width:100%;'>\n"
 		. "<font class='successtitle'>".$clang->gT("Success")."</font><br />\n"
 		. $clang->gT("Answers and tokens have been re-opened.")."<br />\n"
 		. "</p>\n"
 		. "<table><tr><td>";
 }
 ?>       
--- a/include/limesurvey/admin/labels.php
+++ b/include/limesurvey/admin/labels.php
--- a/include/limesurvey/admin/listcolumn.php
+++ b/include/limesurvey/admin/listcolumn.php
@@ -1,71 +1,80 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: listcolumn.php 4973 2008-06-01 14:07:01Z c_schmitz $
+* $Id: listcolumn.php 7212 2009-07-03 07:32:05Z c_schmitz $
-*/
+*/
-
+
-include_once("login_check.php");
+include_once("login_check.php");
-
+
-sendcacheheaders();
+sendcacheheaders();
-
+
-
+
-if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
+if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-if (!isset($column)) {$column=returnglobal('column');}
+if (!isset($column)) {$column=returnglobal('column');}
-if (!isset($order)) {$order=returnglobal('order');}
+if (!isset($order)) {$order=returnglobal('order');}
-if (!isset($sql)) {$sql=returnglobal('sql');}
+if (!isset($sql)) {$sql=returnglobal('sql');}
-
+
-if (!$surveyid)
+if (!$surveyid)
-{
+{
-	//NOSID
+	//NOSID
-	exit;
+	exit;
-}
+}
-if (!$column)
+if (!$column)
-{
+{
-	//NOCOLUMN
+	//NOCOLUMN
-	exit;
+	exit;
-}
+}
-
+
-if ($connect->databaseType == 'odbc_mssql')
+if ($connect->databaseType == 'odbc_mssql' || $connect->databaseType == 'odbtp' || $connect->databaseType == 'mssql_n')
-	{ $query = "SELECT id, ".db_quote_id($column)." FROM {$dbprefix}survey_$surveyid WHERE (".db_quote_id($column)." NOT LIKE '')"; }
+	{ $query = "SELECT id, ".db_quote_id($column)." FROM {$dbprefix}survey_$surveyid WHERE (".db_quote_id($column)." NOT LIKE '')"; }
-else
+else
-	{ $query = "SELECT id, ".db_quote_id($column)." FROM {$dbprefix}survey_$surveyid WHERE (".db_quote_id($column)." != '')"; }
+	{ $query = "SELECT id, ".db_quote_id($column)." FROM {$dbprefix}survey_$surveyid WHERE (".db_quote_id($column)." != '')"; }
-
+
-if ($sql && $sql != "NULL")
+if ($sql && $sql != "NULL")
-{
+{
-	$query .= " AND ".auto_unescape(urldecode($sql));
+	$query .= " AND ".auto_unescape(urldecode($sql));
-}
+}
-
+
-if (incompleteAnsFilterstate() === true) {$query .= " AND submitdate is not null";}
+switch (incompleteAnsFilterstate()) {
-
+		case 'inc':
-if ($order == "alpha")
+			//Inclomplete answers only
-{
+			$query .= ' AND submitdate is null ';
-	$query .= " ORDER BY ".db_quote_id($column);
+			break;
-}
+		case 'filter':
-
+			//Inclomplete answers only
-$result=db_execute_assoc($query) or safe_die("Error with query: ".$query."<br />".$connect->ErrorMsg());
+			$query .= ' AND submitdate is not null ';
-$listcolumnoutput= "<table width='98%' class='statisticstable' border='1' cellpadding='2' cellspacing='0'>\n";
+			break;
-$listcolumnoutput.= "<tr><td><input type='image' src='$imagefiles/downarrow.png' align='middle' onclick=\"window.open('admin.php?action=listcolumn&amp;sid=$surveyid&amp;column=$column&amp;order=id', '_self')\" /></td>\n";
+	}
-$listcolumnoutput.= "<td valign='top'><input type='image' align='right' src='$imagefiles/close.gif' onclick='window.close()' />";
+
-if ($connect->databaseType != 'odbc_mssql')
+if ($order == "alpha")
-	{ $listcolumnoutput.= "<input type='image' src='$imagefiles/downarrow.png' align='left' onclick=\"window.open('admin.php?action=listcolumn&amp;sid=$surveyid&amp;column=$column&amp;order=alpha', '_self')\" />"; }
+{
-$listcolumnoutput.= "</td></tr>\n";
+	$query .= " ORDER BY ".db_quote_id($column);
-while ($row=$result->FetchRow())
+}
-{
+
-	$listcolumnoutput.=  "<tr><td valign='top' align='center' >"
+$result=db_execute_assoc($query) or safe_die("Error with query: ".$query."<br />".$connect->ErrorMsg());
-	. "<a href='$scriptname?action=browse&amp;sid=$surveyid&amp;subaction=id&amp;id=".$row['id']."' target='home'>"
+$listcolumnoutput= "<table width='98%' class='statisticstable' border='1' cellpadding='2' cellspacing='0'>\n";
-	. $row['id']."</a></td>"
+$listcolumnoutput.= "<thead><tr><th><input type='image' src='$imagefiles/downarrow.png' align='middle' onclick=\"window.open('admin.php?action=listcolumn&amp;sid=$surveyid&amp;column=$column&amp;order=id', '_self')\" /></th>\n";
-	. "<td valign='top'>".$row[$column]."</td></tr>\n";
+$listcolumnoutput.= "<th valign='top'><input type='image' align='right' src='$imagefiles/close.gif' onclick='window.close()' />";
-}
+if ($connect->databaseType != 'odbc_mssql' && $connect->databaseType != 'odbtp' && $connect->databaseType != 'mssql_n')
-$listcolumnoutput.= "</table>\n";
+	{ $listcolumnoutput.= "<input type='image' src='$imagefiles/downarrow.png' align='left' onclick=\"window.open('admin.php?action=listcolumn&amp;sid=$surveyid&amp;column=$column&amp;order=alpha', '_self')\" />"; }
-
+$listcolumnoutput.= "</th></tr>\n";
-	
+while ($row=$result->FetchRow())
-?>
+{
 	$listcolumnoutput.=  "<tr><td valign='top' align='center' >"
 	. "<a href='$scriptname?action=browse&amp;sid=$surveyid&amp;subaction=id&amp;id=".$row['id']."' target='home'>"
 	. $row['id']."</a></td>"
 	. "<td valign='top'>".htmlspecialchars($row[$column])."</td></tr>\n";
 }
 $listcolumnoutput.= "</table>\n";
 ?>
--- a/include/limesurvey/admin/login_check.php
+++ b/include/limesurvey/admin/login_check.php
@@ -1,146 +1,248 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: login_check.php 5039 2008-06-10 19:12:04Z c_schmitz $
+* $Id: login_check.php 6871 2009-05-18 14:53:08Z c_schmitz $
-*/
+*/
-
+
-
+
-if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
-if (!isset($action)) {$action=returnglobal('action');}
+if (!isset($action)) {$action=returnglobal('action');}
-
+
-// check data for login
+
-if( isset($_POST['user']) && isset($_POST['password']) || 
+
-	($action == "forgotpass") || ($action == "login") || 
+
-	($action == "logout") || 
+/*
-	($useWebserverAuth === true && !isset($_SESSION['loginID'])) )	// added by Dennis
+ * New feature since version 1.81: One time passwords
-{
+ * The user can call the limesurvey login at /limesurvey/admin and pass username and
-	include("usercontrol.php");
+ * a one time password which was previously written into the users table (column one_time_pw) by
-}
+ * an external application.
-
+ * Furthermore there is a setting in config-defaults which has to be turned on (default = off)
-
+ * to enable the usage of one time passwords.
-// login form
+ */
-if(!isset($_SESSION['loginID']) && $action != "forgotpass" && ($action != "logout" || ($action == "logout" && !isset($_SESSION['loginID'])))) // && $action != "login")	// added by Dennis
+
-{
+//check if data was passed by URL
-	if($action == "forgotpassword")
+if(isset($_GET['user']) && isset($_GET['onepass']))
-	{
+{	
-		$loginsummary = "<form name='forgot' id='forgot' method='post' action='$rooturl/admin/admin.php' ><br /><strong>".$clang->gT("You have to enter user name and email.")."</strong><br />	<br />
+	//take care of passed data
-							<table>
+	$user = sanitize_user($_GET['user']);
-								<tr>
+	$pw = sanitize_paranoid_string(md5($_GET['onepass']));
-									<td><p>".$clang->gT("Username")."</p></td>
+	
-									<td><input name='user' type='text' id='user' size='40' maxlength='40' value='' /></td>
+	//check if setting $use_one_time_passwords exists in config file
-								</tr>
+	if(isset($use_one_time_passwords))
-								<tr>
+	{	
-									<td><p>".$clang->gT("Email")."</p></td>
+		//$use_one_time_passwords switched OFF but data was passed by URL: Show error message
-									<td><input name='email' id='email' type='text' size='40' maxlength='40' value='' /></td>
+		if($use_one_time_passwords === false)
-								</tr>
+		{
-								<tr>
+			//create an error message
-									<td>&nbsp;</td>
+			$loginsummary = "<br />".$clang->gT("Data for username and one time password was received but the usage of one time passwords is disabled at your configuration settings. Please add the following line to config.php to enable one time passwords: ")."<br />";
-									<td><input type='hidden' name='action' value='forgotpass' />
+			$loginsummary .= '<br /><em>$use_one_time_passwords = true;</em><br />';
-									<input class='action' type='submit' value='".$clang->gT("Check Data")."' /><br />&nbsp;\n</td>
+			$loginsummary .= "<br /><br /><a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";		
-								</tr>
+		}
-								<tr>
+		//Data was passed, using one time passwords is enabled
-									<td>&nbsp;</td>
+		else
-									<td><a href='$scriptname'>".$clang->gT("Main Admin Screen")."</a></td>
+		{			
-								</tr>
+			//check if user exists in DB
-							</table>						
+			$query = "SELECT uid, users_name, password, one_time_pw FROM ".db_table_name('users')." WHERE users_name=".$connect->qstr($user);
-						</form>";	
+			$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC; //Checked
-	}
+			$result = $connect->SelectLimit($query, 1) or safe_die ($query."<br />".$connect->ErrorMsg());
-	elseif (!isset($loginsummary))
+			if(!$result)
-	{ // could be at login or after logout 
+			{
-		$refererargs=''; // If this is a direct access to admin.php, no args are given
+				echo "<br />".$connect->ErrorMsg();
-		// If we are called from a link with action and other args set, get them
+			}
-		if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'])
+			if ($result->RecordCount() < 1)
-		{
+			{
-			$refererargs = html_escape($_SERVER['QUERY_STRING']);
+				// wrong or unknown username 
-		}
+				$loginsummary = sprintf($clang->gT("No one-time password found for user %s"),htmlspecialchars($user))."<br />";
-
+				session_regenerate_id();			
-		$hidden_loginlang = '';
+			}
-		if (isset($_POST['lang']) && $_POST['lang'])
+			else
-		{
+			{
-			$hidden_loginlang = "<input type='hidden' name='loginlang' value='".sanitize_languagecode($_POST['lang'])."' />";
+				//get one time pw from db
-		}
+				$srow = $result->FetchRow();
-        
+				$otpw = $srow['one_time_pw'];
-		if (!isset($logoutsummary))
+				
-		{
+				//check if passed password and one time password from database DON'T match
-			$loginsummary = "<form name='login' id='login' method='post' action='$rooturl/admin/admin.php' ><br /><strong>".$clang->gT("You have to login first.")."</strong><br />	<br />";
+				if($pw != $otpw)
-		}
+				{
-		else
+					//no match -> warning
-		{
+					$loginsummary = "<br />".sprintf($clang->gT("Passed one time password doesn't match one time password for user %s")," <em>".htmlspecialchars($user)."</em>")."<br />";
-			$loginsummary = "<form name='login' id='login' method='post' action='$rooturl/admin/admin.php' ><br /><strong>".$logoutsummary."</strong><br />	<br />";
+					$loginsummary .= "<br /><br /><a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n";		
-		}
+				}
-
+				//both passwords match
-		$loginsummary .= "
+				else
-							<table>
+				{
-								<tr>
+					
-									<td>".$clang->gT("Username")."</td>
+					//delete one time password in database
-									<td><input name='user' type='text' id='user' size='40' maxlength='40' value='' /></td>
+					$uquery = "UPDATE ".db_table_name('users')." 
-								</tr>
+					SET one_time_pw=''
-								<tr>
+					WHERE users_name='".db_quote($user)."'";	
-									<td>".$clang->gT("Password")."</td>
+	
-									<td><input name='password' id='password' type='password' size='40' maxlength='40' /></td>
+					$uresult = $connect->Execute($uquery);
-								</tr>
+					
-								<tr>
+					//data necessary for following functions
-									<td>&nbsp;</td>
+					$_SESSION['user'] = $srow['users_name'];
-									<td align='center'><input type='hidden' name='action' value='login' />
+					$_SESSION['checksessionpost'] = randomkey(10);
-									<input type='hidden' name='refererargs' value='".$refererargs."' />
+					$_SESSION['loginID'] = $srow['uid'];
-									$hidden_loginlang
+					GetSessionUserRights($_SESSION['loginID']);
-									<input class='action' type='submit' value='".$clang->gT("Login")."' /><br />&nbsp;\n</td>
+					
-								</tr>
+					// Check if the user has changed his default password
-								<tr>
+					if (strtolower($srow['password'])=='password')
-									<td>&nbsp;</td>
+					{
-									<td><a href='$scriptname?action=forgotpassword'>".$clang->gT("Forgot Your Password?")."</a><br />&nbsp;\n</td>
+						$_SESSION['pw_notify']=true;
-								</tr>
+					}
-							</table>
+					else
-						</form>";
+					{
-
+						$_SESSION['pw_notify']=false;
-		// Language selection
+					} 
-		$loginsummary .=  "\t<form name='language' id='language' method='post' action='$rooturl/admin/admin.php' >"
+					
-		. "\t<table><tr>\n"
+					//delete passed information
-		. "\t\t<td align='center' >\n"
+					unset($_GET['user']);
-		. "\t\t\t".$clang->gT("Current Language").":\n"
+					unset($_GET['onepass']);
-		. "\t\t</td><td>\n"
+										
-		. "\t\t\t<select name='lang' onchange='form.submit()'>\n";
+				}	//else -> passwords match			
-		foreach (getlanguagedata() as $langkey=>$languagekind)
+				
-		{
+			}	//else -> password found
-			$loginsummary .= "\t\t\t\t<option value='$langkey'";
+			
-			if (isset($_SESSION['adminlang']) && $langkey == $_SESSION['adminlang']) {$loginsummary .= " selected='selected'";}
+		}	//else -> one time passwords enabled
-			// in case it is a logout, session has already been killed
+		
-			if (!isset($_SESSION['adminlang']) && $langkey == $clang->getlangcode() ){$loginsummary .= " selected='selected'";}
+	}	//else -> one time passwords set
-			$loginsummary .= ">".$languagekind['description']." - ".$languagekind['nativedescription']."</option>\n";
+	
-		}
+}	//else -> data was passed by URL
-		$loginsummary .= "\t\t\t</select>\n"
+
-		. "\t\t\t<input type='hidden' name='action' value='changelang' />\n"
+
-		. "\t\t</td>\n"
+
-		. "\t</tr>\n"
+
-		. "</table>"
+
-		. "</form><br />";
+// check data for login
-	}
+if( isset($_POST['user']) && isset($_POST['password']) || 
-}
+	($action == "forgotpass") || ($action == "login") || 
-
+	($action == "logout") || 
-if (isset($loginsummary)) {
+	($useWebserverAuth === true && !isset($_SESSION['loginID'])) )	// added by Dennis
-
+{
-	$adminoutput.= "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n"
+	include("usercontrol.php");
-	."\t<tr>\n"
+}
-    ."\t\t<td valign='top' align='center' bgcolor='#F8F8FF'>\n";
+
-	
+
-	if(isset($_SESSION['loginID']))
+
-	{
+
-		$adminoutput.= showadminmenu();
+// login form
-	}
+if(!isset($_SESSION['loginID']) && $action != "forgotpass" && ($action != "logout" || ($action == "logout" && !isset($_SESSION['loginID'])))) // && $action != "login")	// added by Dennis
-	$adminoutput.= $loginsummary;
+{
-	
+	if($action == "forgotpassword")
-	$adminoutput.= "\t\t</td>\n";
+	{
-	$adminoutput.= "\t</tr>\n";
+		$loginsummary = '
-	$adminoutput.= "</table>\n";
+			<form name="forgot" id="forgot" method="post" action="'.$rooturl.'/admin/admin.php" >
-}
+				<p><strong>'.$clang->gT('You have to enter user name and email.').'</strong></p>
-
+
-?>
+				<table>
 					<tbody>
 					<tr>
 						<td><label for="user">'.$clang->gT('Username').'</label></td>
 						<td><input name="user" id="user" type="text" size="40" maxlength="40" value="" /></td>
 					</tr>
 					<tr>
 						<td><label for="email">'.$clang->gT('Email').'</label></td>
 						<td><input name="email" id="email" type="text" size="40" maxlength="40" value="" /></td>
 					</tr>
 					<tr>
 						<td>&nbsp;</td>
 						<td><input type="hidden" name="action" value="forgotpass" />
 						<input class="action" type="submit" value="'.$clang->gT('Check Data').'" /></td>
 					</tr>
 					<tr>
 						<td>&nbsp;</td>
 						<td><a href="'.$scriptname.'">'.$clang->gT('Main Admin Screen').'</a></td>
 					</tr>
 				</table>
 			</form>
 ';
 	}
 	elseif (!isset($loginsummary))
 	{ // could be at login or after logout 
 		$refererargs=''; // If this is a direct access to admin.php, no args are given
 		// If we are called from a link with action and other args set, get them
 		if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'])
 		{
 			$refererargs = html_escape($_SERVER['QUERY_STRING']);
 		}
     	$hidden_loginlang = "<input type='hidden' name='loginlang' id='loginlang' value='".$defaultlang."' />";
 		if (!isset($logoutsummary))
 		{
 			$loginsummary = "<form name='login' id='login' method='post' action='$rooturl/admin/admin.php' ><br /><strong>".$clang->gT("You have to login first.")."</strong><br />	<br />";
 		}
 		else
 		{
 			$loginsummary = "<form name='login' id='login' method='post' action='$rooturl/admin/admin.php' ><br /><strong>".$logoutsummary."</strong><br />	<br />";
 		}
 		$loginsummary .= "
 							<table>
 								<tr>
 									<td>".$clang->gT("Username")."</td>
 									<td><input name='user' id='user' type='text' size='40' maxlength='40' value='' /></td>
 								</tr>
 								<tr>
 									<td>".$clang->gT("Password")."</td>
 									<td><input name='password' id='password' type='password' size='40' maxlength='40' /></td>
 								</tr>
                                <tr>
                                    <td>".$clang->gT("Language")."</td>
                                    <td>
                                    <select name='lang' style='width:216px;' onchange='loginlang.value=this.value;'>\n";
                                    $loginsummary .='<option value="default">'.$clang->gT('Default').'</option>';
                                    foreach (getlanguagedata() as $langkey=>$languagekind)
                                    {
                                        $loginsummary .= "\t\t\t\t<option value='$langkey'>".$languagekind['description']." - ".$languagekind['nativedescription']."</option>\n";
                                    }
                                    $loginsummary .= "\t\t\t</select>\n"
                                    . "</td>
                                </tr>
 								<tr>
 									<td>&nbsp;</td>
 									<td align='center'><input type='hidden' name='action' value='login' />
 									<input type='hidden' name='refererargs' value='".$refererargs."' />
 									$hidden_loginlang
 									<input class='action' type='submit' value='".$clang->gT("Login")."' /><br />&nbsp;\n</td>
 								</tr>
 								<tr>
 									<td>&nbsp;</td>
 									<td align='center'><a href='$scriptname?action=forgotpassword'>".$clang->gT("Forgot Your Password?")."</a><br />&nbsp;\n</td>
 								</tr>
 							</table>
 						</form><br />";
 					$loginsummary .= "                                                <script type='text/javascript'>\n";
 					$loginsummary .= "                                                  document.getElementById('user').focus();\n";
 					$loginsummary .= "                                                </script>\n";
 	}
 }
 if (isset($loginsummary)) 
 {	
 	$adminoutput.= "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n"
 	."\t<tr>\n"
    ."\t\t<td valign='top' align='center' bgcolor='#F8F8FF'>\n";
 	if(isset($_SESSION['loginID']))
 	{
 		$adminoutput.= showadminmenu();
 	}
 	$adminoutput.= $loginsummary;
 	$adminoutput.= "\t\t</td>\n";
 	$adminoutput.= "\t</tr>\n";
 	$adminoutput.= "</table>\n";
 }
 ?>
--- a/include/limesurvey/admin/login_check_cas.php
+++ b/include/limesurvey/admin/login_check_cas.php
@@ -0,0 +1,88 @@
 <?php
 /*
 * LimeSurvey
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 * 
 * $Id: $
 */
 if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
 if (!isset($action)) {$action=returnglobal('action');}
 //
 // phpCAS simple client
 //
 if(!isset($_SESSION['CASauthenticated']) || (isset($_SESSION['CASauthenticated']) && $_SESSION['CASauthenticated']==FALSE) || isset($_REQUEST['action']))
 {
 	// import phpCAS lib
 	include_once('classes/phpCAS/CAS.php');
 	phpCAS::setDebug();
 	// initialize phpCAS
 	phpCAS::client(CAS_VERSION_2_0, $casAuthServer, $casAuthPort, $casAuthUri, false);
 	// no SSL validation for the CAS server
 	phpCAS::setNoCasServerValidation();
 	//if($action=='logout')
 	if (isset($_REQUEST['action']) && $_REQUEST['action']=='logout')
 	{
 		session_destroy();
 		session_write_close();
 	  	phpCAS::logout();
 	  //phpCAS::forceAuthentication();
 	}
 	//if ($action=='login')
 	if (isset($_REQUEST['action']) && $_REQUEST['action']=='login')
 	{
 	  phpCAS::forceAuthentication();
 	}
 	// check CAS authentication
 	$auth = phpCAS::checkAuthentication();
 	$_SESSION['CASauthenticated'] = $auth;
 	if($auth)
 	{
 		/**
 		 * User is authenticated from CAS, with this, he gets full Superadmin rights, when successful authenticates with CAS.
 		 * This is very basic though, you should try to use what your CAS server provides you with (ROLES, rights, extra attibutes, etc.)
 		 * 
 		 */
 		$_SESSION['user'] = phpCAS::getUser();
 		$_SESSION['loginID'] = 1;
 		/**
 		 * @var unknown_type
 		 */
 		$_SESSION['USER_RIGHT_CREATE_SURVEY'] = 1;
        $_SESSION['USER_RIGHT_CONFIGURATOR'] = 1;
        $_SESSION['USER_RIGHT_CREATE_USER'] = 1;
        $_SESSION['USER_RIGHT_DELETE_USER'] = 1;
        $_SESSION['USER_RIGHT_SUPERADMIN'] = 1;
        $_SESSION['USER_RIGHT_MANAGE_TEMPLATE'] = 1;
        $_SESSION['USER_RIGHT_MANAGE_LABEL'] = 1;
        // Passwort notify for not changed Passwort have to be false when authing over CAS (or Warnings appear, because it is not set)
        $_SESSION['pw_notify'] = false;
 	}
 	else
 	{
 		phpCAS::forceAuthentication();
 	}
 //	echo $auth;
 //	echo phpCAS::getUser();
 //	echo phpCAS::getVersion();
 }
 ?>
--- a/include/limesurvey/admin/preview.php
+++ b/include/limesurvey/admin/preview.php
@@ -1,66 +1,91 @@
-<?php
+<?php
-/*
+/*
-* LimeSurvey
+* LimeSurvey
-* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
-* All rights reserved.
+* All rights reserved.
-* License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
-* LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
-* to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
-* is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
-* other free or open source software licenses.
+* other free or open source software licenses.
-* See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
-* 
+* 
-* $Id: preview.php 4907 2008-05-24 10:21:08Z c_schmitz $
+* $Id: preview.php 7389 2009-08-02 20:22:15Z c_schmitz $
-*/
+*/
-
+
-
+
-//Ensure script is not run directly, avoid path disclosure
+//Ensure script is not run directly, avoid path disclosure
-include_once("login_check.php");
+include_once("login_check.php");
-require_once(dirname(__FILE__).'/sessioncontrol.php');
+require_once(dirname(__FILE__).'/sessioncontrol.php');
-require_once(dirname(__FILE__).'/../qanda.php');
+require_once(dirname(__FILE__).'/../qanda.php');
-
+
-if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
+if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-if (!isset($qid)) {$qid=returnglobal('qid');}
+if (!isset($qid)) {$qid=returnglobal('qid');}
-if (empty($surveyid)) {die("No SID provided.");}
+if (empty($surveyid)) {die("No SID provided.");}
-if (empty($qid)) {die("No QID provided.");}
+if (empty($qid)) {die("No QID provided.");}
-
+
-if (!isset($_GET['lang']) || $_GET['lang'] == "")
+if (!isset($_GET['lang']) || $_GET['lang'] == "")
-{
+{
-	$language = GetBaseLanguageFromSurveyID($surveyid);
+	$language = GetBaseLanguageFromSurveyID($surveyid);
-} else {
+} else {
-	$language = $_GET['lang'];
+	$language = $_GET['lang'];
-}
+}
-
+
-$_SESSION['s_lang'] = $language;
+$_SESSION['s_lang'] = $language;
-$clang = new limesurvey_lang($language);
+$clang = new limesurvey_lang($language);
-
+
-$qquery = 'SELECT * FROM '.db_table_name('questions')." WHERE sid='$surveyid' AND qid='$qid' AND language='{$language}'";
+$thissurvey=getSurveyInfo($surveyid);
-$qresult = db_execute_assoc($qquery);
+
-$qrows = $qresult->FetchRow();
+$qquery = 'SELECT * FROM '.db_table_name('questions')." WHERE sid='$surveyid' AND qid='$qid' AND language='{$language}'";
-
+$qresult = db_execute_assoc($qquery);
-$ia = array(0 => $qid, 1 => "FIELDNAME", 2 => $qrows['title'], 3 => $qrows['question'], 4 => $qrows['type'], 5 => $qrows['gid'],
+$qrows = $qresult->FetchRow();
-6 => $qrows['mandatory'], 7 => $qrows['other']);
+$ia = array(0 => $qid, 
-$answers = retrieveAnswers($ia);
+            1 => "FIELDNAME", 
-$thistpl="$publicdir/templates";
+            2 => $qrows['title'], 
-doHeader();
+            3 => $qrows['question'], 
-//echo "\t\t\t\t<div id='question'";
+            4 => $qrows['type'], 
-echo "<!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->
+            5 => $qrows['gid'],
-	<script type='text/javascript'>
+            6 => $qrows['mandatory'], 
-	<!--
+            7 => $qrows['other']);
-		function checkconditions(value, name, type)
+            
-			{
+$answers = retrieveAnswers($ia);
-			}
+$thistpl="$templaterootdir/".$thissurvey['template'];
-	//-->
+doHeader();
-	</script>";
+$dummy_js = '
-echo "<form method='post' action='index.php' id='limesurvey' name='limesurvey'>\n";
+		            <!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->
-$question="<label for='$answers[0][7]'>" . $answers[0][0] . "</label>";
+		            <script type="text/javascript">
-$answer=$answers[0][1];
+            <!--
-$help=$answers[0][2];
+            function checkconditions(value, name, type)
-$questioncode=$answers[0][5];
+            {
-echo templatereplace(file_get_contents("$thistpl/preview.pstpl"));
+            }
-echo "</form>\n";
+            //-->
-echo "</html>\n";
+		            </script>
-
+		            <form method="post" action="index.php" id="limesurvey" name="limesurvey">
-
+            ';
-exit;
+
-?>
+
 $question="<label for='$answers[0][7]'>" . $answers[0][0] . "</label>";
 $answer=$answers[0][1];
 $help=$answers[0][2];
 $questioncode=$answers[0][5];
 $content = templatereplace(file_get_contents("$thistpl/startpage.pstpl"));     
 $content .= templatereplace(file_get_contents("$thistpl/startgroup.pstpl"));     
 $content .= templatereplace(file_get_contents("$thistpl/question.pstpl"));
 $content .= templatereplace(file_get_contents("$thistpl/endgroup.pstpl")).$dummy_js;     
 $content .= templatereplace(file_get_contents("$thistpl/endpage.pstpl"));     
 if($qrows['mandatory'] == 'Y')
 {
 	$mandatory = ' mandatory';
 }
 else
 {
 	$mandatory = '';
 }
 $content = str_replace('{QUESTION_CLASS}' , question_class($qrows['type']) . $mandatory , $content);
 echo $content;
 echo "</html>\n";
 exit;
 ?>
--- a/Show More
+++ b/Show More