\n"; $actsurquery = "SELECT edit_survey_property FROM {$dbprefix}surveys_rights WHERE sid=$surveyid AND uid = ".$_SESSION['loginID']; //Getting rights for this survey $actsurresult = $connect->Execute($actsurquery) or safe_die($connect->ErrorMsg()); $actsurrows = $actsurresult->FetchRow(); $assessmentlangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselang = GetBaseLanguageFromSurveyID($surveyid); array_unshift($assessmentlangs,$baselang); // makes an array with ALL the languages supported by the survey -> $assessmentlangs if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $actsurrows['edit_survey_property']){ if ($action == "assessmentadd") { $inserttable=$dbprefix."assessments"; $first=true; foreach ($assessmentlangs as $assessmentlang) { if (!isset($_POST['gid'])) $_POST['gid']=0; $datarray=array( 'sid' => $surveyid, 'scope' => $_POST['scope'], 'gid' => $_POST['gid'], 'minimum' => $_POST['minimum'], 'maximum' => $_POST['maximum'], 'name' => $_POST['name_'.$assessmentlang], 'language' => $assessmentlang, 'message' => $_POST['assessmentmessage_'.$assessmentlang]); if ($first==false) { $datarray['id']=$aid; } $query = $connect->GetInsertSQL($inserttable, $datarray, get_magic_quotes_gpc()); $result=$connect->Execute($query) or safe_die("Error inserting
$query
".$connect->ErrorMsg()); if ($first==true) { $first=false; $aid=$connect->Insert_ID(db_table_name_nq('assessments'),"id"); } } } elseif ($action == "assessmentupdate") { if ($filterxsshtml) { require_once("../classes/inputfilter/class.inputfilter_clean.php"); $myFilter = new InputFilter('','',1,1,1); } foreach ($assessmentlangs as $assessmentlang) { if (!isset($_POST['gid'])) $_POST['gid']=0; if ($filterxsshtml) { $_POST['name_'.$assessmentlang]=$myFilter->process($_POST['name_'.$assessmentlang]); $_POST['assessmentmessage_'.$assessmentlang]=$myFilter->process($_POST['assessmentmessage_'.$assessmentlang]); } $query = "UPDATE {$dbprefix}assessments SET scope='".db_quote($_POST['scope'])."', gid=".sanitize_int($_POST['gid']).", minimum='".sanitize_signedint($_POST['minimum'])."', maximum='".sanitize_signedint($_POST['maximum'])."', name='".db_quote($_POST['name_'.$assessmentlang],true)."', message='".db_quote($_POST['assessmentmessage_'.$assessmentlang],true)."' WHERE language='$assessmentlang' and id=".sanitize_int($_POST['id']); $result = $connect->Execute($query) or safe_die("Error updating
$query
".$connect->ErrorMsg()); } } elseif ($action == "assessmentdelete") { $query = "DELETE FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id']); $result=$connect->Execute($query); } $assessmentsoutput=PrepareEditorScript(); $assessmentsoutput.=""; $assessmentsoutput.="\n" . "\t\n" . "\t\t

\n" . "

\n" . "\t

\n" . "\t\t".$clang->gT("Assessments")."\n"; $assessmentsoutput.= "\t

\n" . "\t

\n" . "\t\t

\n" . "\t\t\tgT("Return to Survey Administration", "js")."');return false\">" . "

\n" . "\t\t\t

\n" . "\t\t\t

\n"; if ($surveyinfo['assessments']!='Y') { $assessmentsoutput.=''.sprintf($clang->gT("Notice: Assessment mode for this survey is not activated. You can activate it in the %s survey settings %s (tab 'Notification & data management')."),'','').''; } $assessmentsoutput.= "\t\t

\n" . "\t

\n" . "

\n"; $assessmentsoutput .= "

"; //CSS Firefox 2 transition fix if ($surveyid == "") { $assessmentsoutput.= $clang->gT("No SID Provided"); exit; } $assessments=getAssessments($surveyid); //$assessmentsoutput.= "

";print_r($assessments);echo "

"; $groups=getGroups($surveyid); $groupselect="\n"; $headings=array($clang->gT("Scope"), $clang->gT("Question group"), $clang->gT("Minimum"), $clang->gT("Maximum")); $inputs=array("".$clang->gT("Total")."".$clang->gT("Group")."", $groupselect, "", ""); $actiontitle=$clang->gT("Add"); $actionvalue="assessmentadd"; $thisid=""; if ($action == "assessmentedit") { $query = "SELECT * FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id'])." and language='$baselang'"; $results = db_execute_assoc($query); while($row=$results->FetchRow()) { $editdata=$row; } $scopeselect = "gT("Total").""; $scopeselect .= "gT("Question group").""; $groupselect=str_replace("'".$editdata['gid']."'", "'".$editdata['gid']."' selected", $groupselect); $inputs=array($scopeselect, $groupselect, "", "", "", ""); $actiontitle=$clang->gT("Edit"); $actionvalue="assessmentupdate"; $thisid=$editdata['id']; } //$assessmentsoutput.= "

"; print_r($edits); $assessmentsoutput.= "

"; //PRESENT THE PAGE $assessmentsoutput.= "
" ."\n"; foreach ($headings as $head) { $assessmentsoutput.= "\n"; } $assessmentsoutput.= ""; $assessmentsoutput.= "\n"; $flipflop=true; foreach($assessments as $assess) { $flipflop=!$flipflop; if ($flipflop==true){$assessmentsoutput.= "\n";} else {$assessmentsoutput.= "\n";} $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; if ($assess['scope'] == "T") { $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; } else { $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; } $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; $assessmentsoutput.= "\n"; } $assessmentsoutput.= "

".$clang->gT("Assessment rules")."

".$clang->gT("ID")."

".$clang->gT("SID")."

$head

".$clang->gT("Title")."

".$clang->gT("Message")."

".$clang->gT("Actions")."

".$assess['id']."

".$assess['sid']."

".$clang->gT("Total")."

-

".$clang->gT("Question group")."

".$groups[$assess['gid']]['group_name']." (".$assess['gid'].")

".$assess['minimum']."

".$assess['maximum']."

".stripslashes($assess['name'])."

".strip_tags(strip_javascript($assess['message']))."

"; //now present edit/insert form $assessmentsoutput.= "

\n"; $assessmentsoutput.= "\n"; $i=0; foreach ($headings as $head) { $assessmentsoutput.= "\n"; $i++; } // start tabs $assessmentsoutput.= "\n"; $assessmentsoutput.='

$actiontitle
$head	".$inputs[$i]."

' .'

'.getLanguageNameFromCode($assessmentlang, false); if ($assessmentlang==$baselang) {$assessmentsoutput .= ' ('.$clang->gT("Base Language").')';} $assessmentsoutput .='

'; foreach ($assessmentlangs as $assessmentlang) { $heading=''; $message=''; if ($action == "assessmentedit") { $query = "SELECT * FROM {$dbprefix}assessments WHERE id=".sanitize_int($_POST['id'])." and language='$assessmentlang'"; $results = db_execute_assoc($query); while($row=$results->FetchRow()) { $editdata=$row; } $heading=$editdata['name']; $message=$editdata['message']; } $assessmentsoutput .= '

'; $assessmentsoutput .= $clang->gT("Heading")."
" ."

" .$clang->gT("Message") .""; $assessmentsoutput .='

'; } $assessmentsoutput .='

'; $assessmentsoutput.= "

\n"; if ($action == "assessmentedit") $assessmentsoutput.= " \n"; $assessmentsoutput.= "\n" ."\n" ."\n" ."

\n" ."\n"; foreach ($assessmentlangs as $assessmentlang) { $assessmentsoutput.=getEditor("assessment-text","assessmentmessage_$assessmentlang", "[".$clang->gT("Message:", "js")."]",$surveyid,$gid,$qid,$action); } } else { $action = "assessment"; include("access_denied.php"); include("admin.php"); } function getAssessments($surveyid) { global $dbprefix, $connect, $baselang; $query = "SELECT id, sid, scope, gid, minimum, maximum, name, message FROM ".db_table_name('assessments')." WHERE sid='$surveyid' and language='$baselang' ORDER BY scope, gid"; $result=db_execute_assoc($query) or safe_die("Error getting assessments
$query
".$connect->ErrorMsg()); $output=array(); while($row=$result->FetchRow()) { $output[]=$row; } return $output; } function getGroups($surveyid) { global $dbprefix, $connect; $baselang = GetBaseLanguageFromSurveyID($surveyid); $query = "SELECT gid, group_name FROM ".db_table_name('groups')." WHERE sid='$surveyid' and language='$baselang' ORDER BY group_order"; $result = db_execute_assoc($query) or safe_die("Error getting groups
$query
".$connect->ErrorMsg()); $output=array(); while($row=$result->FetchRow()) { $output[$row['gid']]=$row; } return $output; } ?>