Talenttic_survey/CATI_Tool
2
0
Fork 0
mirror of https://github.com/ACSPRI/queXS synced 2024-04-02 12:12:16 +00:00
Code Issues Releases Activity

Added authentication includes to all files

Browse Source
This commit is contained in:
Adam Zammit
2015-08-14 16:15:20 +10:00
parent cfba7e27f4
commit ec8522e316
95 changed files with 738 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin/addshift.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/assignsample.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/assigntimeslots.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

67
admin/auth-admin.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
/**
* Session based authentication using the Limesurvey database (administrator)
*
*
* This file is part of queXS
*
* queXS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* queXS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with queXS; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*
* @author Adam Zammit <adam.zammit@acspri.org.au>
* @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2013
* @package queXS
* @subpackage user
* @link http://www.acspri.org.au/ queXS was writen for ACSPRI
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
*
*/
/**
* Configuration file
*/
include_once(dirname(__FILE__) . "/../config.inc.php");
/**
* Database file
*/
include_once(dirname(__FILE__) . "/../db.inc.php");
//get session name from DB
//
$sql = "SELECT stg_value
FROM " . LIME_PREFIX . "settings_global
WHERE stg_name = 'SessionName'";
session_name($db->GetOne($sql));
//check if the session exists or loginID not set
if (session_id() == "" || !isset($_SESSION['loginID']))
{
//need to log in
header('Location: ../include/limesurvey/admin/admin.php');
die();
}
if ($_SESSION['USER_RIGHT_SUPERADMIN'] != 1)
{
include_once(dirname(__FILE__) . "/../lang.inc.php");
include_once(dirname(__FILE__) . "/../functions/functions.xhtml.php");
xhtml_head();
print "<p>" . T_("You do not have permission to access this area") . "</p>";
print "<p><a href='../include/limesurvey/admin/admin.php?action=logout'>" . T_("Logout") . "</a></p>";
xhtml_foot();
}

6
admin/availability.php
View File

@@ -39,6 +39,12 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/availabilitygroup.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/bulkappointment.php
View File

@@ -44,6 +44,11 @@ include ("../functions/functions.xhtml.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Operator functions
*/

5
admin/callhistory.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/callrestrict.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/casesbyoutcome.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/casestatus.php
View File

@@ -12,6 +12,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/centreinfo.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/clientquestionnaire.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/clients.php
View File

@@ -42,6 +42,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

8
admin/dataoutput.php
View File

@@ -1,4 +1,5 @@
<?php /**
<?php
/**
* Output data as a fixed width ASCII file
*
*
@@ -43,6 +44,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/displayappointments.php
View File

@@ -12,6 +12,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/extensionstatus.php
View File

@@ -38,6 +38,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/import.php
View File

@@ -8,6 +8,11 @@
*/
include ("../config.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

23
admin/index.php
View File

@@ -1,6 +1,5 @@
<?php
/*
/**
* Display an index of Admin tools
*
*
@@ -37,9 +36,15 @@ include ("../lang.inc.php");
/**
* Config file
*/
include ("../config.inc.php");
include ("../config.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
include ("../functions/functions.xhtml.php");
$username = $_SERVER['PHP_AUTH_USER'];
$username = $_SESSION['loginID'];
$g = 0;
if (isset($_GET['g']))
$g = intval($_GET['g']);
@@ -75,11 +80,11 @@ include ("../lang.inc.php");
<i class="fa fa-user fa fa-fw "></i><?php print T_("Logged as:") . "&ensp;" . $username ;?>
</a>
<!--- User menu // not connected to pages so not working yet // could be hidden -->
<!--- <ul class="dropdown-menu" role="menu">
<li><a href="?page=settings.php"><i class="fa fa-cogs fa-fw "></i>&ensp;<?php print T_("Settings"); ?></a></li>
<li><a href="../screenloc.php"><i class="fa fa-lock fa-fw "></i>&ensp;<?php print T_("Lock Screen"); ?></a></li>
<li><a href="../logout.php"><i class="fa fa-sign-out fa-fw "></i>&ensp;<?php print T_("Logout"); ?> </a></li>
</ul> -->
<ul class="dropdown-menu" role="menu">
<li><a href="../include/limesurvey/admin/admin.php?action=editusers"><i class="fa fa-cogs fa-fw "></i>&ensp;<?php print T_("Settings"); ?></a></li>
<!--- <li><a href="../screenloc.php"><i class="fa fa-lock fa-fw "></i>&ensp;<?php print T_("Lock Screen"); ?></a></li> -->
<li><a href="../include/limesurvey/admin/admin.php?action=logout"><i class="fa fa-sign-out fa-fw "></i>&ensp;<?php print T_("Logout"); ?> </a></li>
</ul>
</li>
</ul>

7
admin/new.php
View File

@@ -11,6 +11,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/
@@ -378,4 +383,4 @@ else { ?>
<?php
xhtml_foot($js_foot);//
?>
?>

5
admin/operatorlist.php
View File

@@ -39,6 +39,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include_once(dirname(__FILE__).'/../db.inc.php');
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/operatorperformance.php
View File

@@ -38,6 +38,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/operatorquestionnaire.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/operators.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/operatorskill.php
View File

@@ -34,6 +34,11 @@
*/
include ("../config.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Database file
*/

5
admin/outcomes.php
View File

@@ -12,6 +12,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include_once(dirname(__FILE__).'/../db.inc.php');
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/process.php
View File

@@ -39,6 +39,11 @@ include (dirname(__FILE__) . "/../config.inc.php");
*/
include (dirname(__FILE__) . "/../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Process
*/

5
admin/questionnairelist.php
View File

@@ -39,6 +39,11 @@ include("../config.inc.php");
*/
include("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/questionnaireprefill.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/quota.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/quotareport.php
View File

@@ -41,6 +41,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/quotarow.php
View File

@@ -41,6 +41,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

8
admin/samplecallattempts.php
View File

@@ -1,4 +1,5 @@
<?php /**
<?php
/**
* Display sample call attempt report (A listing of how many attempts made for cases within a sample)
*
*
@@ -38,6 +39,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/samplelist.php
View File

@@ -39,6 +39,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include_once(dirname(__FILE__).'/../db.inc.php');
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/samplesearch.php
View File

@@ -41,6 +41,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

8
admin/shiftreport.php
View File

@@ -1,4 +1,5 @@
<?php /**
<?php
/**
* List and edit reports on shifts
*
*
@@ -38,6 +39,11 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/shifttemplate.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/supervisor.php
View File

@@ -13,6 +13,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/supervisorchat.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/systemsort.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Process
*/

5
admin/systemsortprocess.php
View File

@@ -39,6 +39,11 @@ include (dirname(__FILE__) . "/../config.inc.php");
*/
include (dirname(__FILE__) . "/../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Process
*/

5
admin/timezonetemplate.php
View File

@@ -40,6 +40,11 @@ include("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* XHTML functions
*/

5
admin/voipmonitor.php
View File

@@ -39,6 +39,11 @@ include ("../config.inc.php");
*/
include ("../db.inc.php");
/**
* Authentication file
*/
include ("auth-admin.php");
/**
* Process
*/

5
appointment.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

5
appointmentlist.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

57
auth-interviewer.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* Session based authentication using the Limesurvey database (interviewer)
*
*
* This file is part of queXS
*
* queXS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* queXS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with queXS; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*
* @author Adam Zammit <adam.zammit@acspri.org.au>
* @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2013
* @package queXS
* @subpackage user
* @link http://www.acspri.org.au/ queXS was writen for ACSPRI
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
*
*/
/**
* Configuration file
*/
include_once("config.inc.php");
/**
* Database file
*/
include_once("db.inc.php");
//get session name from DB
//
$sql = "SELECT stg_value
FROM " . LIME_PREFIX . "settings_global
WHERE stg_name = 'SessionName'";
session_name($db->GetOne($sql));
//check if the session exists or loginID not set
if (session_id() == "" || !isset($_SESSION['loginID']))
{
//need to log in
header('Location: include/limesurvey/admin/admin.php');
die();
}

5
availability.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
call.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

5
call_interface2.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

5
callhistory.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

5
calllist.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
casenote.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

57
client/auth-client.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* Session based authentication using the Limesurvey database (client)
*
*
* This file is part of queXS
*
* queXS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* queXS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with queXS; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*
* @author Adam Zammit <adam.zammit@acspri.org.au>
* @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2013
* @package queXS
* @subpackage user
* @link http://www.acspri.org.au/ queXS was writen for ACSPRI
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
*
*/
/**
* Configuration file
*/
include_once(dirname(__FILE__)."/../config.inc.php");
/**
* Database file
*/
include_once(dirname(__FILE__)."/../db.inc.php");
//get session name from DB
//
$sql = "SELECT stg_value
FROM " . LIME_PREFIX . "settings_global
WHERE stg_name = 'SessionName'";
session_name($db->GetOne($sql));
//check if the session exists or loginID not set
if (session_id() == "" || !isset($_SESSION['loginID']))
{
//need to log in
header('Location: ../include/limesurvey/admin/admin.php');
die();
}

6
client/index.php
View File

@@ -38,6 +38,12 @@ include_once(dirname(__FILE__).'/../config.inc.php');
*/
include_once(dirname(__FILE__).'/../db.inc.php');
/**
* Authentication
*/
include ("auth-client.php");
/**
* XHTML functions
*/

6
contactdetails.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

149
display/index.php
View File

@@ -1,149 +0,0 @@
<?php
/**
* Display a "full screen" view of outcomes for display on a large
* communal screen - will change views periodically
*
*
* This file is part of queXS
*
* queXS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* queXS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with queXS; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*
* @author Adam Zammit <adam.zammit@deakin.edu.au>
* @copyright Deakin University 2007,2008
* @package queXS
* @subpackage user
* @link http://www.deakin.edu.au/dcarf/ queXS was writen for DCARF - Deakin Computer Assisted Research Facility
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
*
*
*/
/**
* Configuration file
*/
include ("../config.inc.php");
/**
* Database file
*/
include('../db.inc.php');
/**
* XHTML functions
*/
include ("../functions/functions.xhtml.php");
/**
* Display functions
*/
include ("../functions/functions.performance.php");
/**
* Input functions
*/
include("../functions/functions.input.php");
$shift_id = 0;
$questionnaire_id = 0;
$display_type = 0;
if (isset($_GET['shift_id'])) $shift_id = bigintval($_GET['shift_id']);
if (isset($_GET['questionnaire_id'])) $questionnaire_id = bigintval($_GET['questionnaire_id']);
if (isset($_GET['display_type'])) $display_type= bigintval($_GET['display_type']);
if ($display_type >= 6)
{
$sql = "SELECT shift_id,questionnaire_id
FROM shift
WHERE start <= CONVERT_TZ(NOW(),'System','UTC')
AND end >= CONVERT_TZ(NOW(),'System','UTC')
AND shift_id > '$shift_id'
ORDER BY shift_id ASC
LIMIT 1";
$s = $db->GetRow($sql);
$display_type = 0;
$shift_id = 0;
$questionnaire_id = 0;
if (!empty($s))
{
$shift_id = $s['shift_id'];
$questionnaire_id = $s['questionnaire_id'];
}
}
if ($shift_id == 0)
{
$sql = "SELECT shift_id,questionnaire_id
FROM shift
WHERE start <= CONVERT_TZ(NOW(),'System','UTC')
AND end >= CONVERT_TZ(NOW(),'System','UTC')
ORDER BY shift_id ASC
LIMIT 1";
$s = $db->GetRow($sql);
$display_type = 0;
if (!empty($s))
{
$shift_id = $s['shift_id'];
$questionnaire_id = $s['questionnaire_id'];
}
}
$dt1 = $display_type + 1;
xhtml_head(T_("Display"),true,array("../css/display.css"),false,false,"6;url=?shift_id=$shift_id&amp;questionnaire_id=$questionnaire_id&amp;display_type=$dt1");
if ($shift_id == 0 || $questionnaire_id == 0)
display_none();
else
{
$sql = "SELECT description
FROM questionnaire
WHERE questionnaire_id = '$questionnaire_id'";
$n = $db->GetRow($sql);
print "<h1>{$n['description']}</h1>\n";
switch($display_type)
{
case 0:
display_total_completions($questionnaire_id);
break;
case 1:
display_completions_this_shift($questionnaire_id,$shift_id);
break;
case 2:
display_completions_same_time_last_shift($questionnaire_id,$shift_id);
break;
case 3:
display_completions_last_shift($questionnaire_id,$shift_id);
break;
case 4:
display_top_cph_this_shift($questionnaire_id,$shift_id);
break;
case 5:
display_top_cph($questionnaire_id);
break;
}
}
xhtml_foot();
?>

6
email.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

7
endwork.php
View File

@@ -36,6 +36,12 @@
*/
include_once("lang.inc.php");
/**
* Authentication
*/
include_once("auth-interviewer.php");
/**
* XHTML functions
@@ -73,6 +79,7 @@ if (ALLOW_OPERATOR_EXTENSION_SELECT && VOIP_ENABLED)
}
print "<p><a href='index.php'>" . T_("Go back to work") . "</a></p>";
print "<p><a href='include/limesurvey/admin/admin.php?action=logout'>" . T_("Logout") . "</a></p>";
xhtml_foot();

9
functions/functions.client.php
View File

@@ -41,7 +41,7 @@ include_once(dirname(__FILE__).'/../config.inc.php');
include_once(dirname(__FILE__).'/../db.inc.php');
/**
* Return the current client id based on PHP_AUTH_USER
* Return the current client id based on the SESSION loginID
*
* @return bool|int False if none otherwise the client id
*
@@ -50,9 +50,12 @@ function get_client_id()
{
global $db;
if (!isset($_SESSION['loginID']))
return false;
$sql = "SELECT client_id
FROM client
WHERE username = '{$_SERVER['PHP_AUTH_USER']}'";
WHERE username = '{$_SESSION['loginID']}'";
$o = $db->GetRow($sql);
@@ -87,4 +90,4 @@ function get_client_questionnaire($client_id)
}
?>
?>

10
functions/functions.operator.php
View File

@@ -893,24 +893,24 @@ function get_extension($operator_id)
/**
* Return the current operator id based on PHP_AUTH_USER
* Return the current operator id based on SESSION loginID
*
* @return bool|int False if none otherwise the operator id
*
*/
function get_operator_id()
{
if (!isset($_SERVER['PHP_AUTH_USER']))
if (!isset($_SESSION['loginID']))
{
print "<p>" . T_("ERROR: You do not have server side authentication enabled therefore queXS cannot determine which user is accessing the system.") . "</p>";
return false;
print "<p>" . T_("ERROR: You are not logged in.") . "</p>";
die();
}
global $db;
$sql = "SELECT operator_id
FROM operator
WHERE username = " . $db->qstr($_SERVER['PHP_AUTH_USER']) . "
WHERE username = " . $db->qstr($_SESSION['loginID']) . "
AND enabled = 1";
$o = $db->GetRow($sql);

5
include/limesurvey/admin/admin.php
View File

@@ -794,9 +794,10 @@ else
sendcacheheaders();
if (!isset($_SESSION['metaHeader'])) {$_SESSION['metaHeader']='';}
$adminoutput = getAdminHeader($_SESSION['metaHeader']).$adminoutput.$loginsummary; // All future output is written into this and then outputted at the end of file
//$adminoutput = getAdminHeader($_SESSION['metaHeader']).$adminoutput.$loginsummary; // All future output is written into this and then outputted at the end of file
$adminoutput =$loginsummary;
unset($_SESSION['metaHeader']);
$adminoutput.= "</div>\n".getAdminFooter("http://docs.limesurvey.org", $clang->gT("LimeSurvey online manual"));
$adminoutput.= "</div>\n";//.getAdminFooter("http://docs.limesurvey.org", $clang->gT("LimeSurvey online manual"));
}
if (($action=='showphpinfo') && ($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1))
{

2
include/limesurvey/admin/sessioncontrol.php
View File

@@ -31,7 +31,7 @@ else {session_name("LimeSurveyAdmin");}
if (session_id() == "")
{
session_set_cookie_params(0,$relativeurl.'/');
session_set_cookie_params(0,QUEXS_PATH);
if ($debug==0) {@session_start();}
else {session_start();}
}

7
include/limesurvey/admin/usercontrol.php
View File

@@ -236,6 +236,13 @@ if (!isset($_SESSION['loginID']))
}
$loginsummary .= "<br /><br />\n";
GetSessionUserRights($_SESSION['loginID']);
//go to queXS
$loc = "";
if ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
$loc = "/admin";
header('Location: ' . QUEXS_URL . $loc);
die();
}
else
{

5
index.php
View File

@@ -35,6 +35,11 @@
*/
include ("config.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
index_interface2.php
View File

@@ -45,6 +45,12 @@ include ("functions/functions.xhtml.php");
*/
include("functions/functions.operator.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
$popupcall = false;

6
info.php
View File

@@ -49,6 +49,12 @@ include ("lang.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
$js = false;
if (AUTO_LOGOUT_MINUTES !== false)
$js = array("include/jquery/jquery-1.4.2.min.js","js/childnap.js");

5
nocallavailable.php
View File

@@ -39,6 +39,11 @@ include ("config.inc.php");
*/
include ("functions/functions.xhtml.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* Language functions
*/

6
nocaseavailable.php
View File

@@ -41,6 +41,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
performance.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
project_info.php
View File

@@ -49,6 +49,12 @@ include ("lang.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* Operator
*/

6
record.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("functions/functions.xhtml.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* Operator functions
*/

6
referral.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
respondent.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_answeringmachine.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML
*/

6
rs_answeringmachine_interface2.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML
*/

6
rs_business.php
View File

@@ -34,6 +34,12 @@
*/
include ("config.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML
*/

6
rs_business_interface2.php
View File

@@ -34,6 +34,12 @@
*/
include ("config.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML
*/

6
rs_callback.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_callback_interface2.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_intro.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_intro_interface2.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_project_end.php
View File

@@ -40,6 +40,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_project_end_interface2.php
View File

@@ -39,6 +39,12 @@ include_once ("config.inc.php");
*/
include_once ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_project_intro.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_project_intro_interface2.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
rs_quota_end.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
selectextension.php
View File

@@ -35,6 +35,12 @@
*/
include_once("config.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
shifts.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
status.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
status_interface2.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
supervisor.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

6
supervisorchat.php
View File

@@ -39,6 +39,12 @@ include ("config.inc.php");
*/
include ("db.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/

57
voip/auth-interviewer.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* Session based authentication using the Limesurvey database (client)
*
*
* This file is part of queXS
*
* queXS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* queXS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with queXS; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*
* @author Adam Zammit <adam.zammit@acspri.org.au>
* @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2013
* @package queXS
* @subpackage user
* @link http://www.acspri.org.au/ queXS was writen for ACSPRI
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2
*
*/
/**
* Configuration file
*/
include_once(dirname(__FILE__)."/../config.inc.php");
/**
* Database file
*/
include_once(dirname(__FILE__)."/../db.inc.php");
//get session name from DB
//
$sql = "SELECT stg_value
FROM " . LIME_PREFIX . "settings_global
WHERE stg_name = 'SessionName'";
session_name($db->GetOne($sql));
//check if the session exists or loginID not set
if (session_id() == "" || !isset($_SESSION['loginID']))
{
//need to log in
header('Location: ../include/limesurvey/admin/admin.php');
die();
}

6
voip/downloadvoipclient.php
View File

@@ -32,6 +32,12 @@
include_once("../config.inc.php");
include_once("../db.inc.php");
/**
* Authentication
*/
include ("../auth-interviewer.php");
include_once("../functions/functions.operator.php");
//---------------------

6
waitnextcase_interface2.php
View File

@@ -35,6 +35,12 @@
*/
include_once("lang.inc.php");
/**
* Authentication
*/
include ("auth-interviewer.php");
/**
* XHTML functions
*/