$clang->gT("ARMSCII-8 Armenian") ,"ascii"=>$clang->gT("US ASCII") ,"auto"=>$clang->gT("Automatic") ,"big5"=>$clang->gT("Big5 Traditional Chinese") ,"binary"=>$clang->gT("Binary pseudo charset") ,"cp1250"=>$clang->gT("Windows Central European") ,"cp1251"=>$clang->gT("Windows Cyrillic") ,"cp1256"=>$clang->gT("Windows Arabic") ,"cp1257"=>$clang->gT("Windows Baltic") ,"cp850"=>$clang->gT("DOS West European") ,"cp852"=>$clang->gT("DOS Central European") ,"cp866"=>$clang->gT("DOS Russian") ,"cp932"=>$clang->gT("SJIS for Windows Japanese") ,"dec8"=>$clang->gT("DEC West European") ,"eucjpms"=>$clang->gT("UJIS for Windows Japanese") ,"euckr"=>$clang->gT("EUC-KR Korean") ,"gb2312"=>$clang->gT("GB2312 Simplified Chinese") ,"gbk"=>$clang->gT("GBK Simplified Chinese") ,"geostd8"=>$clang->gT("GEOSTD8 Georgian") ,"greek"=>$clang->gT("ISO 8859-7 Greek") ,"hebrew"=>$clang->gT("ISO 8859-8 Hebrew") ,"hp8"=>$clang->gT("HP West European") ,"keybcs2"=>$clang->gT("DOS Kamenicky Czech-Slovak") ,"koi8r"=>$clang->gT("KOI8-R Relcom Russian") ,"koi8u"=>$clang->gT("KOI8-U Ukrainian") ,"latin1"=>$clang->gT("cp1252 West European") ,"latin2"=>$clang->gT("ISO 8859-2 Central European") ,"latin5"=>$clang->gT("ISO 8859-9 Turkish") ,"latin7"=>$clang->gT("ISO 8859-13 Baltic") ,"macce"=>$clang->gT("Mac Central European") ,"macroman"=>$clang->gT("Mac West European") ,"sjis"=>$clang->gT("Shift-JIS Japanese") ,"swe7"=>$clang->gT("7bit Swedish") ,"tis620"=>$clang->gT("TIS620 Thai") ,"ucs2"=>$clang->gT("UCS-2 Unicode") ,"ujis"=>$clang->gT("EUC-JP Japanese") ,"utf8"=>$clang->gT("UTF-8 Unicode")); if (isset($_POST['csvcharset']) && $_POST['csvcharset']) //sanitize charset - if encoding is not found sanitize to 'auto' { $uploadcharset=$_POST['csvcharset']; if (!array_key_exists($uploadcharset,$encodingsarray)) {$uploadcharset='auto';} $filterduplicatetoken=(isset($_POST['filterduplicatetoken']) && $_POST['filterduplicatetoken']=='on'); $filterblankemail=(isset($_POST['filterblankemail']) && $_POST['filterblankemail']=='on'); } } if ($subaction == "importldap" || $subaction == "uploadldap" ) { $filterduplicatetoken=(isset($_POST['filterduplicatetoken']) && $_POST['filterduplicatetoken']=='on'); $filterblankemail=(isset($_POST['filterblankemail']) && $_POST['filterblankemail']=='on'); } $tokenoutput = ""; $sumquery5 = "SELECT b.* FROM {$dbprefix}surveys AS a INNER JOIN {$dbprefix}surveys_rights AS b ON a.sid = b.sid WHERE a.sid=$surveyid AND b.uid = ".$_SESSION['loginID']; //Getting rights for this survey and user $sumresult5 = db_execute_assoc($sumquery5); $sumrows5 = $sumresult5->FetchRow(); if ($subaction == "export" && ( $sumrows5['export'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) )//EXPORT FEATURE SUBMITTED BY PIETERJAN HEYSE { header("Content-Disposition: attachment; filename=tokens_".$surveyid.".csv"); header("Content-type: text/comma-separated-values; charset=UTF-8"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Pragma: cache"); $bquery = "SELECT * FROM ".db_table_name("tokens_$surveyid"); $bquery .= " ORDER BY tid"; $bresult = db_execute_assoc($bquery) or die ("$bquery
".htmlspecialchars($connect->ErrorMsg())); $bfieldcount=$bresult->FieldCount(); $tokenoutput .= "tid,firstname,lastname,email,emailstatus,token,languagecode,validfrom,validuntil"; $attrfieldnames=GetAttributeFieldnames($surveyid); foreach ($attrfieldnames as $attr_name) { $tokenoutput .=", $attr_name"; } $tokenoutput .="\n"; while ($brow = $bresult->FetchRow()) { if (trim($brow['validfrom']!='')) { $datetimeobj = new Date_Time_Converter($brow['validfrom'] , "Y-m-d H:i:s"); $brow['validfrom']=$datetimeobj->convert('Y-m-d H:i'); } if (trim($brow['validuntil']!='')) { $datetimeobj = new Date_Time_Converter($brow['validuntil'] , "Y-m-d H:i:s"); $brow['validuntil']=$datetimeobj->convert('Y-m-d H:i'); } $tokenoutput .= '"'.trim($brow['tid'])."\","; $tokenoutput .= '"'.trim($brow['firstname'])."\","; $tokenoutput .= '"'.trim($brow['lastname'])."\","; $tokenoutput .= '"'.trim($brow['email'])."\","; $tokenoutput .= '"'.trim($brow['emailstatus'])."\","; $tokenoutput .= '"'.trim($brow['token'])."\","; $tokenoutput .= '"'.trim($brow['language'])."\","; $tokenoutput .= '"'.trim($brow['validfrom'])."\","; $tokenoutput .= '"'.trim($brow['validuntil'])."\""; foreach ($attrfieldnames as $attr_name) { $tokenoutput .=',"'.trim($brow[$attr_name])."\""; } $tokenoutput .= "\n"; } echo $tokenoutput; exit; } if ($subaction == "delete" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $_SESSION['metaHeader']=""; } //Show Help $tokenoutput .= "\n"; $tokenoutput .= "\n" ."\t\n" ."\t\t\n" ."\t\n" ."
\n" ."\t\t
\n"; $tokenoutput .= "\n" ."\t\n" ."
\n"; // MAKE SURE THAT THERE IS A SID if (!isset($surveyid) || !$surveyid) { $tokenoutput .= "\t
" .$clang->gT("Token control").":

" .$clang->gT("Error")."
".$clang->gT("You have not selected a survey")."

" ."

\n" ."\n"; return; } // MAKE SURE THAT THE SURVEY EXISTS $thissurvey=getSurveyInfo($surveyid); if ($thissurvey===false) { $tokenoutput .= "\t
" .$clang->gT("Token control").":

" .$clang->gT("Error")."
".$clang->gT("The survey you selected does not exist") ."

\n\t

\n" ."\n"; return; } else // A survey DOES exist { $tokenoutput .= "\t
" ."
" ."".$clang->gT("Token control").": " .htmlspecialchars($thissurvey['surveyls_title'])."
\n"; $surveyprivate = $thissurvey['private']; } // CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY $tokenexists=tokenTableExists($surveyid); if (!$tokenexists) //If no tokens table exists { if (isset($_POST['createtable']) && $_POST['createtable']=="Y" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $createtokentable= "tid int I NOTNULL AUTO PRIMARY,\n " . "firstname C(40),\n " . "lastname C(40),\n "; //MSSQL needs special treatment because of some strangeness in ADODB if ($connect->databaseType == 'odbc_mssql' || $connect->databaseType == 'odbtp' || $connect->databaseType == 'mssql_n') { $createtokentable.= "email C(320),\n " ."emailstatus C(300) DEFAULT 'OK',\n "; } else { $createtokentable.= "email X(320),\n " ."emailstatus X(300) DEFAULT 'OK',\n "; } $createtokentable.= "token C(36) ,\n " . "language C(25) ,\n " . "sent C(17) DEFAULT 'N',\n " . "remindersent C(17) DEFAULT 'N',\n " . "remindercount int I DEFAULT 0,\n " . "completed C(17) DEFAULT 'N',\n " . "validfrom D ,\n " . "validuntil D ,\n " . "mpid I "; $tabname = "{$dbprefix}tokens_{$surveyid}"; # not using db_table_name as it quotes the table name (as does CreateTableSQL) $taboptarray = array('mysql' => 'TYPE='.$databasetabletype.' CHARACTER SET utf8 COLLATE utf8_unicode_ci', 'mysqli' => 'TYPE='.$databasetabletype.' CHARACTER SET utf8 COLLATE utf8_unicode_ci'); $dict = NewDataDictionary($connect); $sqlarray = $dict->CreateTableSQL($tabname, $createtokentable, $taboptarray); $execresult=$dict->ExecuteSQLArray($sqlarray, false); if ($execresult==0 || $execresult==1) { $tokenoutput .= "\t
\n" ."\t\t\n" . "
\n\n" . "\n" . "
".$clang->gT("Token table could not be created.")."
\n" . $clang->gT("Error").": \n" . $connect->ErrorMsg() . "\n" . "
".implode(" ",$sqlarray)."
\n" . "
" ."\t\t\t\n" ."\t\t\n" ."\t\n" ."\n" ."
\n" ."\n"; } else { $createtokentableindex = $dict->CreateIndexSQL("{$tabname}_idx", $tabname, array('token')); $dict->ExecuteSQLArray($createtokentableindex, false) or safe_die ("Failed to create token table index
$createtokentableindex

".$connect->ErrorMsg()); if ($connect->databaseType == 'mysql' || $connect->databaseType == 'mysqli') { $query = 'CREATE INDEX idx_'.$tabname.'_efl ON '.$tabname.' ( email(120), firstname, lastname )'; $result=$connect->Execute($query) or safe_die("Failed Rename!
".$query."
".$connect->ErrorMsg()); } $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\t

\n" ."\t\t\t".$clang->gT("A token table has been created for this survey.")." (\"".$dbprefix."tokens_$surveyid\")

\n" ."\t\t\t\n" ."\t\t\n" ."\t\n" ."\n" ."
\n" ."\n"; } return; } elseif (returnglobal('restoretable') == "Y" && returnglobal('oldtable') && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)) { $query = db_rename_table(returnglobal('oldtable') , db_table_name("tokens_$surveyid")); $result=$connect->Execute($query) or safe_die("Failed Rename!
".$query."
".$connect->ErrorMsg()); $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\t

\n" ."\t\t\t".$clang->gT("A token table has been created for this survey.")." (\"".$dbprefix."tokens_$surveyid\")

\n" ."\t\t\t\n" ."\t\t\n" ."\t\n" ."\n" ."
\n" ."\n"; return; } else { $query=db_select_tables_like("{$dbprefix}old_tokens_".$surveyid."_%"); $result=db_execute_num($query) or safe_die("Couldn't get old table list
".$query."
".$connect->ErrorMsg()); $tcount=$result->RecordCount(); if ($tcount > 0) { while($rows=$result->FetchRow()) { $oldlist[]=$rows[0]; } } $tokenoutput .= "\t\n" ."\t\t
\n" ."\t\t\t
".$clang->gT("Warning")."
\n" ."\t\t\t".$clang->gT("Tokens have not been initialised for this survey.")."

\n"; if ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) { $tokenoutput .= "\t\t\t".$clang->gT("If you initialise tokens for this survey then this survey will only be accessible to users who provide a token either manually or by URL.") ."\t\t\t

\n"; $thissurvey=getSurveyInfo($surveyid); if ($thissurvey['private'] == 'Y') { $tokenoutput .= "\t\t\t".$clang->gT("Note: If you turn on the -Anonymous answers- option for this survey then LimeSurvey will mark your completed tokens only with a 'Y' instead of date/time to ensure the anonymity of your participants.") ."\t\t\t

\n"; } $tokenoutput .= "\t\t\t".$clang->gT("Do you want to create a token table for this survey?"); $tokenoutput .= "

\n"; $tokenoutput .= "\t\t\t
\n"; } $tokenoutput .= "\t\t\t

\n"; // Do not offer old postgres token tables for restore since these are having an issue with missing index if ($tcount>0 && $databasetype!='postgres' && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\n" ."\n" ."\n" ."\n" ."
".$clang->gT("Restore options").":\n" ."
\n" .$clang->gT("The following old token tables could be restored:")."
\n" ."
\n" ."\n" ."\n" ."\n" ."
\n"; } $tokenoutput .= "\t\t\n" ."\t\n" ."\n" ."
\n" ."\n"; return; } } #Lookup the names of the attributes /*$query = "SELECT attribute1, attribute2 FROM ".db_table_name('surveys')." WHERE sid=$surveyid"; $result = db_execute_assoc($query) or safe_die("Couldn't execute query:
$query
".$connect->ErrorMsg()); $row = $result->FetchRow(); if ($row["attribute1"]) {$attr1_name = $row["attribute1"];} else {$attr1_name=$clang->gT("Attribute 1");} if ($row["attribute2"]) {$attr2_name = $row["attribute2"];} else {$attr2_name=$clang->gT("Attribute 2");}*/ // IF WE MADE IT THIS FAR, THEN THERE IS A TOKENS TABLE, SO LETS DEVELOP THE MENU ITEMS $tokenoutput .= "\t
\n" ."\t\t
\n" ."\t\t\tgT("Return to survey administration", "js")."');return false\">" . "\n" ."\t\t\t\n" ."\t\t\t\n" ."\t\t\tgT("Show token summary", "js")."');return false\" >" ."\n" ."\t\t\t\n" ."\t\t\tgT("Display tokens", "js")."');return false\">" ."\n"; if ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) { $tokenoutput .= "\t\t\tgT("Add new token entry", "js")."');return false\">" . "\n" ."\t\t\t\n" ."\t\t\tgT("Manage additional attribute fields", "js")."');return false\">" . "\n" ."\t\t\t\n" ."\t\t\tgT("Import tokens from CSV file", "js")."');return false\"> " ."\t\t\tgT("Import tokens from LDAP query", "js")."');return false\"> "; } if ($sumrows5['export'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) { $tokenoutput .= "\t\t\tgT("Export tokens to CSV file", "js")."');return false\">". "\n"; } if ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) { $tokenoutput .= "\t\t\t\n" ."\t\t\tgT("Edit email templates", "js")."');return false\">" . "\n" ."\t\t\tgT("Send email invitation", "js")."');return false\">" . "\n" ."\t\t\tgT("Send email reminder", "js")."');return false\">" . "\n" ."\t\t\t\n" // ."\t\t\tgT("Generate Tokens", "js")."');return false\">" . ."\t\t\tgT("Generate tokens", "js")."');return false\">" . "\n" ."\t\t\t\n" // ."\t\t\tgT("Drop tokens table", "js")."');return false\">" . ."\t\t\tgT("Drop tokens table", "js")."');return false\">" . "\n"; } $tokenoutput .="\t\t\t
gT("Show help", "js")."');return false\">" . "\n"; $tokenoutput .= "\t
\n"; // SEE HOW MANY RECORDS ARE IN THE TOKEN TABLE $tksq = "SELECT count(tid) FROM ".db_table_name("tokens_$surveyid"); $tksr = db_execute_num($tksq); $tkr = $tksr->FetchRow(); $tkcount = $tkr[0]; $tokenoutput .= "\t\n" ."\t\t\n"; // GIVE SOME INFORMATION ABOUT THE TOKENS if ($subaction==''){ $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t
\n" ."\t\t\t\n" ."\t\t\t\t\n" ."\t\t\t\t\t\n"; $tksq = "SELECT count(*) FROM ".db_table_name("tokens_$surveyid")." WHERE token IS NULL OR token=''"; $tksr = db_execute_num($tksq); while ($tkr = $tksr->FetchRow()) {$tokenoutput .= "\n";} $tksq = "SELECT count(*) FROM ".db_table_name("tokens_$surveyid")." WHERE (sent!='N' and sent<>'')"; $tksr = db_execute_num($tksq); while ($tkr = $tksr->FetchRow()) {$tokenoutput .= "\n";} $tksq = "SELECT count(*) FROM ".db_table_name("tokens_$surveyid")." WHERE (completed!='N' and completed<>'')"; $tksr = db_execute_num($tksq) or safe_die ("Couldn't execute token selection query
$abquery
".$connect->ErrorMsg()); while ($tkr = $tksr->FetchRow()) {$tokenoutput .= "\n" ."\t\t\t\t\n" ."\t\t\t
\n" .$clang->gT("Total records in this token table")." $tkcount
".$clang->gT("Total with no unique Token")." $tkr[0] / $tkcount
".$clang->gT("Total invitations sent")." $tkr[0] / $tkcount
".$clang->gT("Total surveys completed")." $tkr[0] / $tkcount\n";} $tokenoutput .= "
\n" ."\t\t\t
\n" ."\t\t\n" ."\t\n" ."\n" ."
\n"; } $tokenoutput .= "\n"; ############################################################################################# // NOW FOR VARIOUS ACTIONS: if(isset($surveyid) && getEmailFormat($surveyid) == 'html') { $ishtml=true; } else { $ishtml=false; } if ($subaction == "emailsettings") { $grplangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselang = GetBaseLanguageFromSurveyID($surveyid); array_unshift($grplangs,$baselang); $tokenoutput .= PrepareEditorScript(); $tokenoutput .="
" . "
\n" . "\n\t
" . "\t\t".$clang->gT("Edit email settings")."
\n" . '
'; $surveyinfo=getSurveyInfo($surveyid); foreach ($grplangs as $grouplang) { // this one is created to get the right default texts fo each language $bplang = new limesurvey_lang($grouplang); $esquery = "SELECT * FROM ".db_table_name("surveys_languagesettings")." WHERE surveyls_survey_id=$surveyid and surveyls_language='$grouplang'"; $esresult = db_execute_assoc($esquery); $esrow = $esresult->FetchRow(); $tokenoutput .= '

'.getLanguageNameFromCode($esrow['surveyls_language'],false); if ($esrow['surveyls_language']==GetBaseLanguageFromSurveyID($surveyid)) {$tokenoutput .= '('.$clang->gT("Base language").')';} $tokenoutput .= '

'; $tokenoutput .= "\t
".$clang->gT("Invitation email subject:")."\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Invitation email:")."\n" . "\t\t\n" . getEditor("email-inv","email_invite_{$grouplang}", "[".$clang->gT("Invitation email:", "js")."](".$grouplang.")",$surveyid,'','',$action) . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Email reminder subject:")."\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Email reminder:")."\n" . "\t\t\n" . getEditor("email-rem","email_remind_{$grouplang}", "[".$clang->gT("Email reminder:", "js")."](".$grouplang.")",$surveyid,'','',$action) . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Confirmation email subject:")."\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Confirmation email:")."\n" . "\t\t\n" . getEditor("email-conf","email_confirm_{$grouplang}", "[".$clang->gT("Confirmation email", "js")."](".$grouplang.")",$surveyid,'','',$action) . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Public registration email subject:")."\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" . "\t
\n"; $tokenoutput .= "\t
".$clang->gT("Public registration email:")."\n" . "\t\t\n" . getEditor("email-reg","email_register_{$grouplang}", "[".$clang->gT("Public registration email:", "js")."](".$grouplang.")",$surveyid,'','',$action) . "\t\t\n" . "\t\t\n" . "\t











\n
"; } $tokenoutput .= '
'; $tokenoutput .= "\t

\n" . "\t\n" . "\t\n" . "\t\n" . "\t\n" . "\t

\n" . "
\n"; } // Save the updated email settings if ($subaction == "updateemailsettings" && ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $_POST = array_map('db_quote', $_POST); $languagelist = GetAdditionalLanguagesFromSurveyID($surveyid); $languagelist[]=GetBaseLanguageFromSurveyID($surveyid); foreach ($languagelist as $langname) { if ($langname) { $usquery = "UPDATE ".db_table_name('surveys_languagesettings')." \n" . "SET surveyls_email_invite_subj='".$_POST['email_invite_subj_'.$langname]."',\n" . "surveyls_email_invite='".$_POST['email_invite_'.$langname]."', surveyls_email_remind_subj='".$_POST['email_remind_subj_'.$langname]."',\n" . "surveyls_email_remind='".$_POST['email_remind_'.$langname]."', surveyls_email_register_subj='".$_POST['email_register_subj_'.$langname]."',\n" . "surveyls_email_register='".$_POST['email_register_'.$langname]."', surveyls_email_confirm_subj='".$_POST['email_confirm_subj_'.$langname]."',\n" . "surveyls_email_confirm='".$_POST['email_confirm_'.$langname]."'\n" . "WHERE surveyls_survey_id=".$surveyid." and surveyls_language='".$langname."'"; $usresult = $connect->Execute($usquery) or safe_die("Error updating
".$usquery."

".$connect->ErrorMsg()); } } $tokenoutput .= "
".$clang->gT("Token email settings have been saved.")."
 \n"; } if ($subaction == "deleteall" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $query="DELETE FROM ".db_table_name("tokens_$surveyid"); $result=$connect->Execute($query) or safe_die ("Couldn't update sent field
$query
".$connect->ErrorMsg()); $tokenoutput .= "".$clang->gT("All token entries have been deleted.")."\n"; $subaction=""; } if ($subaction == "clearinvites" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $query="UPDATE ".db_table_name("tokens_$surveyid")." SET sent='N', remindersent='N', remindercount=0"; $result=$connect->Execute($query) or safe_die ("Couldn't update sent field
$query
".$connect->ErrorMsg()); $tokenoutput .= "".$clang->gT("All invite entries have been set to 'Not invited'.")."\n"; $subaction=""; } if ($subaction == "cleartokens" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $query="UPDATE ".db_table_name("tokens_$surveyid")." SET token=''"; $result=$connect->Execute($query) or safe_die("Couldn't reset the tokens field
$query
".$connect->ErrorMsg()); $tokenoutput .= "".$clang->gT("All unique token numbers have been removed.")."\n"; $subaction=""; } if (!$subaction && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\t" .$clang->gT("Token database administration options").":\n" ."\t\n" ."\t\t\n" ."\t\t\t
\n" ."\t\t\t
\n" ."\t\t\t\n" ."\t\t\t
\n" ."\t\t\n" ."\t\n" ."\n"; } if ($subaction == "settings" && ($sumrows5['export'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)) //ToDO: Which right? { } if ($subaction == "browse" || $subaction == "search") { if (!isset($limit)) {$limit = 100;} if (!isset($start)) {$start = 0;} if ($limit > $tkcount) {$limit=$tkcount;} $next=$start+$limit; $last=$start-$limit; $end=$tkcount-$limit; if ($end < 0) {$end=0;} if ($last <0) {$last=0;} if ($next >= $tkcount) {$next=$tkcount-$limit;} if ($end < 0) {$end=0;} $baselanguage = GetBaseLanguageFromSurveyID($surveyid); //ALLOW SELECTION OF NUMBER OF RECORDS SHOWN $tokenoutput .= "\t" .$clang->gT("Data view control").":\n" ."\t\n" ."\t\t\t\n" ."\t\t\t\n" ."\t\t\tgT("Show start..", "js")."');return false\">". "\n" ."\t\t\tgT("Show previous...", "js")."');return false\">" . "\n" ."\t\t\t\n" ."\t\t\tgT("Show next...", "js")."');return false\">" . "\n" ."\t\t\tgT("Show last...", "js")."');return false\">". "\n" ."\t\t\t\n" ."\t\t\t\n" ."\t\t\t\t
\n" ."\t\t\t\t\t\n" ."\t\t\t\t\t\n" ."\t\t\t\t\n" ."\t\t\t\t\n" ."\t\t\t\t\n" ."\t\t\t\t
\n" ."\t\t\n" ."\t\t
\n" ."\t\t" ." ".$clang->gT("Records displayed:")."" ." ".$clang->gT("Starting from:")."" ." \n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t
\n" ."\t\n"; $bquery = "SELECT * FROM ".db_table_name("tokens_$surveyid"); if ($searchstring) { $bquery .= " WHERE firstname LIKE '%$searchstring%' " . "OR lastname LIKE '%$searchstring%' " . "OR email LIKE '%$searchstring%' " . "OR emailstatus LIKE '%$searchstring%' " . "OR token LIKE '%$searchstring%'"; } if (!isset($order) || !$order) {$bquery .= " ORDER BY tid";} else {$bquery .= " ORDER BY $order"; } $bresult = db_select_limit_assoc($bquery, $limit, $start) or safe_die ($clang->gT("Error").": $bquery
".$connect->ErrorMsg()); $bgc=""; $tokenoutput .= "\n" ."\n"; //COLUMN HEADINGS $tokenoutput .= "\t\n" ."\t\t\n" // ID ."\t\t\n" //Actions ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n"; $attrfieldnames=GetTokenFieldsAndNames($surveyid,true); foreach ($attrfieldnames as $attr_name=>$attr_translation) { $tokenoutput .= "\t\t\n"; } $tokenoutput .="\t\n"; $tokenfieldorder=array('tid', 'firstname', 'lastname', 'email', 'emailstatus', 'token', 'language', 'sent', 'remindersent', 'remindercount', 'completed', 'validfrom', 'validuntil'); foreach ($attrfieldnames as $attr_name=>$attr_translation) { $tokenfieldorder[]=$attr_name; } while ($brow = $bresult->FetchRow()) { $brow['token'] = trim($brow['token']); if (trim($brow['validfrom'])!=''){ $datetimeobj = new Date_Time_Converter($brow['validfrom'] , "Y-m-d H:i:s"); $brow['validfrom']=$datetimeobj->convert($dateformatdetails['phpdate'].' H:i'); }; if (trim($brow['validuntil'])!=''){ $datetimeobj = new Date_Time_Converter($brow['validuntil'] , "Y-m-d H:i:s"); $brow['validuntil']=$datetimeobj->convert($dateformatdetails['phpdate'].' H:i'); }; if ($bgc == "evenrow") {$bgc = "oddrow";} else {$bgc = "evenrow";} $tokenoutput .= "\t\n"; foreach ($tokenfieldorder as $tokenfieldname) { if ($tokenfieldname =='email' && $brow['emailstatus'] != 'OK') { $tokenoutput .= "\t\t\n"; } elseif ($tokenfieldname != 'emailstatus') { if ($tokenfieldname=='tid') {$tokenoutput.="";} else { $tokenoutput .= "\t\t\n"; } } if ($tokenfieldname=='tid') { $tokenoutput .= "\t\t\n"; } } $tokenoutput .= "\t\n"; } $tokenoutput .= "
" ."" .""."ID".$clang->gT("Actions")."" ."" ."".$clang->gT("First name")."" ."" ."".$clang->gT("Last name")."" ."" ."".$clang->gT("Email address")."" ."" ."".$clang->gT("Token")."" ."" ."".$clang->gT("Language")."" ."" ."".$clang->gT("Invite sent?")."" ."" ."".$clang->gT("Reminder sent?")."" ."" ."".$clang->gT("Reminder count")."" ."" ."".$clang->gT("Completed?")."" ."" ."".$clang->gT("Valid from")."" ."" ."".$clang->gT("Valid until")."" ."" ."".$attr_translation."
" ."gT('Invalid email address:','js').javascript_escape($brow['emailstatus'])."');return false;\" " ."onmouseout=\"hideTooltip()\">$brow[$tokenfieldname]".$brow[$tokenfieldname]."$brow[$tokenfieldname]\n"; if ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) { if (($brow['completed'] == "N" || $brow['completed'] == "") &&$brow['token']) { $toklang = ($brow['language'] == '') ? $baselanguage : $brow['language']; $tokenoutput .= "\n"; } else { $tokenoutput .= ""; } $tokenoutput .="\t\t\t" .""; } if ($brow['completed'] != "N" && $brow['completed']!="" && $surveyprivate == "N") { // Get response Id $query="SELECT id FROM ".db_table_name("survey_$surveyid")." WHERE token='".$brow['token']."' ORDER BY id desc"; $result=db_execute_num($query) or safe_die ("
Could not find token!
\n" .$connect->ErrorMsg()); list($id) = $result->FetchRow(); // UPDATE button to the tokens display in the MPID Actions column if ($id) { $tokenoutput .= "\t\t\n"; } } elseif ($brow['completed'] == "N" && $brow['token'] && $brow['sent'] == "N") { $tokenoutput .= "\t\t\t"; } elseif ($brow['completed'] == "N" && $brow['token'] && $brow['sent'] != "N") // reminder button { $tokenoutput .= "\t\t\t"; } $tokenoutput .= "\n\t\t
\n" ."
\n"; } if ($subaction == "kill" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $date = date('YmdHis'); $tokenoutput .= "\t
" ."
".$clang->gT("Delete Tokens Table")."
"; // ToDo: Just delete it if there is no token in the table if (!isset($_POST['ok']) || !$_POST['ok']) { $tokenoutput .= "
".$clang->gT("Warning")."

\n" .$clang->gT("If you delete this table tokens will no longer be required to access this survey.")."
".$clang->gT("A backup of this table will be made if you proceed. Your system administrator will be able to access this table.")."
\n" ."( \"old_tokens_{$surveyid}_$date\" )

\n" ."
\n" ."\n"; } elseif (isset($_POST['ok']) && $_POST['ok'] == "surething") { $oldtable = "tokens_$surveyid"; $newtable = "old_tokens_{$surveyid}_$date"; $deactivatequery = db_rename_table( db_table_name_nq($oldtable), db_table_name_nq($newtable)); if ($databasetype=='postgres') { // If you deactivate a postgres table you have to rename the according sequence too and alter the id field to point to the changed sequence $oldTableJur = db_table_name_nq($oldtable); $deactivatequery = db_rename_table(db_table_name_nq($oldtable),db_table_name_nq($newtable).'_tid_seq'); $deactivateresult = $connect->Execute($deactivatequery) or die ("oldtable : ".$oldtable. " / oldtableJur : ". $oldTableJur . " / ".htmlspecialchars($deactivatequery)." / Could not rename the old sequence for this token table. The database reported the following error:
".htmlspecialchars($connect->ErrorMsg())."

".$clang->gT("Main Admin Screen").""); $setsequence="ALTER TABLE ".db_table_name_nq($newtable)."_tid_seq ALTER COLUMN tid SET DEFAULT nextval('".db_table_name_nq($newtable)."_tid_seq'::regclass);"; $deactivateresult = $connect->Execute($setsequence) or die (htmlspecialchars($setsequence)." Could not alter the field tid to point to the new sequence name for this token table. The database reported the following error:
".htmlspecialchars($connect->ErrorMsg())."

Survey was not deactivated either.

".$clang->gT("Main Admin Screen").""); $setidx="ALTER INDEX ".db_table_name_nq($oldtable)."_idx RENAME TO ".db_table_name_nq($newtable)."_idx;"; $deactivateresult = $connect->Execute($setidx) or die (htmlspecialchars($setidx)." Could not alter the index for this token table. The database reported the following error:
".htmlspecialchars($connect->ErrorMsg())."

Survey was not deactivated either.

".$clang->gT("Main Admin Screen").""); } else { $deactivateresult = $connect->Execute($deactivatequery) or die ("Couldn't deactivate because:
\n".htmlspecialchars($connect->ErrorMsg())." - Query: ".htmlspecialchars($deactivatequery)."

\nAdmin\n"); } $tokenoutput .= "\n" .$clang->gT("The tokens table has now been removed and tokens are no longer required to access this survey.")."
".$clang->gT("A backup of this table has been made and can be accessed by your system administrator.")."
\n" ."(\"{$dbprefix}old_tokens_{$surveyid}_$date\")"."

\n" ."\n" ."\n"; } $tokenoutput .= "
\n" ."
\n"; } if ($subaction == "email" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)) { if (getEmailFormat($surveyid) == 'html') { $ishtml=true; } else { $ishtml=false; } $tokenoutput .= PrepareEditorScript(); $tokenoutput .= "\t
" .$clang->gT("Send email invitations")."
\n" ."\t

\n"; if (!isset($_POST['ok']) || !$_POST['ok']) { $tokenoutput .= "
"; $surveylangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselang = GetBaseLanguageFromSurveyID($surveyid); array_unshift($surveylangs,$baselang); $tokenoutput .= "
"; foreach ($surveylangs as $language) { //GET SURVEY DETAILS $thissurvey=getSurveyInfo($surveyid,$language); if (!$thissurvey['email_invite']) { if ($ishtml===true) { $thissurvey['email_invite']=html_escape(str_replace("\n", "
", $clang->gT("Dear {FIRSTNAME},\n\nYou have been invited to participate in a survey.\n\nThe survey is titled:\n\"{SURVEYNAME}\"\n\n\"{SURVEYDESCRIPTION}\"\n\nTo participate, please click on the link below.\n\nSincerely,\n\n{ADMINNAME} ({ADMINEMAIL})\n\n----------------------------------------------\nClick here to do the survey:\n{SURVEYURL}",'unescaped'))); } else { $thissurvey['email_invite']=str_replace("\n", "\r\n", $clang->gT("Dear {FIRSTNAME},\n\nYou have been invited to participate in a survey.\n\nThe survey is titled:\n\"{SURVEYNAME}\"\n\n\"{SURVEYDESCRIPTION}\"\n\nTo participate, please click on the link below.\n\nSincerely,\n\n{ADMINNAME} ({ADMINEMAIL})\n\n----------------------------------------------\nClick here to do the survey:\n{SURVEYURL}")); } } if (!$thissurvey['email_invite_subj']) { $thissurvey['email_invite_subj']=$clang->gT("Invitation to participate in survey"); } $fieldsarray["{ADMINNAME}"]= $thissurvey['adminname']; $fieldsarray["{ADMINEMAIL}"]=$thissurvey['adminemail']; $fieldsarray["{SURVEYNAME}"]=$thissurvey['name']; $fieldsarray["{SURVEYDESCRIPTION}"]=$thissurvey['description']; $fieldsarray["{EXPIRY}"]=$thissurvey["expiry"]; $fieldsarray["{EXPIRY-DMY}"]=date("d-m-Y",strtotime($thissurvey["expiry"])); $fieldsarray["{EXPIRY-MDY}"]=date("m-d-Y",strtotime($thissurvey["expiry"])); $subject=Replacefields($thissurvey['email_invite_subj'], $fieldsarray); $textarea=Replacefields($thissurvey['email_invite'], $fieldsarray); if ($ishtml!==true){$textarea=str_replace(array('',''),array(''),$textarea);} $tokenoutput .= '

'.getLanguageNameFromCode($language,false); if ($language==$baselang) { $tokenoutput .= "(".$clang->gT("Base Language").")"; } $tokenoutput .= "

\n" ."\n"; $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\n" ."\t\n" ."\t\n" ."\t\t\n" ."\t\t\n" ."\t\n" ."\t\n" ."\t\t\n" ."\t\t\n" ."\t
".$clang->gT("From").":\" />
".$clang->gT("Subject").":
".$clang->gT("Message").":\n" ."\t\t\t\n" . getEditor("email-inv","message_$language","[".$clang->gT("Invitation Email:", "js")."](".$language.")",$surveyid,'','',$action) ."\t\t
\n"; } $tokenoutput .= "
"; if (isset($tokenid)) { $tokenoutput .= ""; } $tokenoutput .="\t\n" ."\t\n"; if (isset($tokenid)) {$tokenoutput .= "\t";} $tokenoutput .= "\n" ."
" .$clang->gT("Sending to Token ID").": ".$tokenid ."
 ".$clang->gT("Bypass token with failing email addresses").": 
\n" . "\t\n" ."\t\n" ."\t\n" ."\t
\n"; } else { $tokenoutput .= $clang->gT("Sending Invitations"); if (isset($tokenid)) {$tokenoutput .= " (".$clang->gT("Sending to Token ID").": {$tokenid})";} $tokenoutput .= "
\n"; if (isset($_POST['bypassbademails']) && $_POST['bypassbademails'] == 'Y') { $SQLemailstatuscondition = " AND emailstatus = 'OK'"; } else { $SQLemailstatuscondition = ""; } $ctquery = "SELECT * FROM ".db_table_name("tokens_{$surveyid}")." WHERE ((completed ='N') or (completed='')) AND ((sent ='N') or (sent='')) AND token !='' AND email != '' $SQLemailstatuscondition"; if (isset($tokenid)) {$ctquery .= " AND tid='{$tokenid}'";} $tokenoutput .= "\n"; $ctresult = $connect->Execute($ctquery) or safe_die("Database error!
\n" . $connect->ErrorMsg()); $ctcount = $ctresult->RecordCount(); $ctfieldcount = $ctresult->FieldCount(); $emquery = "SELECT * FROM ".db_table_name("tokens_{$surveyid}")." WHERE ((completed ='N') or (completed='')) AND ((sent ='N') or (sent='')) AND token !='' AND email != '' $SQLemailstatuscondition"; if (isset($tokenid)) {$emquery .= " and tid='{$tokenid}'";} $tokenoutput .= "\n\n\n\n"; $emresult = db_select_limit_assoc($emquery,$maxemails) or safe_die ("Couldn't do query.
\n$emquery
\n".$connect->ErrorMsg()); $emcount = $emresult->RecordCount(); $tokenoutput .= "\n" ."\t\n" ."\t\t\n" ."\t\n" ."\t\n" ."\t\t\n"; } $tokenoutput .= "\n"; } if ($subaction == "remind" && //XXX ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)) { $tokenoutput .= PrepareEditorScript(); $tokenoutput .= "\t
\n"; $surveylangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselanguage = GetBaseLanguageFromSurveyID($surveyid); array_unshift($surveylangs,$baselanguage); foreach ($surveylangs as $language) { $_POST['message_'.$language]=auto_unescape($_POST['message_'.$language]); $_POST['subject_'.$language]=auto_unescape($_POST['subject_'.$language]); if ($ishtml) $_POST['message_'.$language] = html_entity_decode($_POST['message_'.$language], ENT_QUOTES, $emailcharset); } $attributes=GetTokenFieldsAndNames($surveyid); if ($emcount > 0) { while ($emrow = $emresult->FetchRow()) { unset($fieldsarray); $to = $emrow['email']; $fieldsarray["{EMAIL}"]=$emrow['email']; $fieldsarray["{FIRSTNAME}"]=$emrow['firstname']; $fieldsarray["{LASTNAME}"]=$emrow['lastname']; $fieldsarray["{TOKEN}"]=$emrow['token']; $fieldsarray["{LANGUAGE}"]=$emrow['language']; foreach ($attributes as $attributefield=>$attributedescription) { $fieldsarray['{'.strtoupper($attributefield).'}']=$emrow[$attributefield]; } $emrow['language']=trim($emrow['language']); if ($emrow['language']=='') {$emrow['language']=$baselanguage;} //if language is not given use default $found = array_search($emrow['language'], $surveylangs); if ($found==false) {$emrow['language']=$baselanguage;} $from = $_POST['from_'.$emrow['language']]; if ($ishtml === false) { if ( $modrewrite ) { $fieldsarray["{SURVEYURL}"]="$publicurl/$surveyid/lang-".trim($emrow['language'])."/tk-{$emrow['token']}"; } else { $fieldsarray["{SURVEYURL}"]="$publicurl/index.php?lang=".trim($emrow['language'])."&sid=$surveyid&token={$emrow['token']}"; } } else { if ( $modrewrite ) { $fieldsarray["{SURVEYURL}"]="".htmlspecialchars("$publicurl/$surveyid/lang-".trim($emrow['language'])."/tk-{$emrow['token']}").""; } else { $fieldsarray["{SURVEYURL}"]="".htmlspecialchars("$publicurl/index.php?lang=".trim($emrow['language'])."&sid=$surveyid&token={$emrow['token']}").""; } } $modsubject=Replacefields($_POST['subject_'.$emrow['language']], $fieldsarray); $modmessage=Replacefields($_POST['message_'.$emrow['language']], $fieldsarray); if (MailTextMessage($modmessage, $modsubject, $to , $from, $sitename, $ishtml, getBounceEmail($surveyid))) { // Put date into sent $today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i", $timeadjust); $udequery = "UPDATE ".db_table_name("tokens_{$surveyid}")."\n" ."SET sent='$today' WHERE tid={$emrow['tid']}"; // $uderesult = $connect->Execute($udequery) or safe_die ("Could not update tokens
$udequery
".$connect->ErrorMsg()); $tokenoutput .= "[".$clang->gT("Invitation sent to:")." {$emrow['firstname']} {$emrow['lastname']} ($to)]
\n"; } else { $tokenoutput .= ReplaceFields($clang->gT("Email to {FIRSTNAME} {LASTNAME} ({EMAIL}) failed. Error Message:")." ".$maildebug."
", $fieldsarray); if ($debug>0) { $tokenoutput .= "
Subject : $modsubject

".htmlspecialchars($maildebugbody)."
"; } } } if ($ctcount > $emcount) { $lefttosend = $ctcount-$maxemails; $tokenoutput .= "\t\t
".$clang->gT("Warning")."
\n" ."\t\t\t
" .$clang->gT("There are more emails pending than can be sent in one batch. Continue sending emails by clicking below.")."

\n"; $tokenoutput .= str_replace("{EMAILCOUNT}", "$lefttosend", $clang->gT("There are {EMAILCOUNT} emails still to be sent.")); $tokenoutput .= "

\n"; $tokenoutput .= "\t\t\t\n" ."\t\t\t\n" ."\t\t\t\n" ."\t\t\t\n" ."\t\t\t\n"; foreach ($surveylangs as $language) { $message = html_escape($_POST['message_'.$language]); $subject = html_escape($_POST['subject_'.$language]); $tokenoutput .="\t\t\t\n" ."\t\t\t\n" ."\t\t\t\n"; } $tokenoutput .="\t\t\t
\n"; } } else { $tokenoutput .= "
".$clang->gT("Warning")."
\n".$clang->gT("There were no eligible emails to send. This will be because none satisfied the criteria of - having an email address, not having been sent an invitation already, having already completed the survey and having a token.")."
\n"; } $tokenoutput .= "\t\t
" .$clang->gT("Email Reminder")."

\n"; if (!isset($_POST['ok']) || !$_POST['ok']) { //GET SURVEY DETAILS $tokenoutput .= "
"; $surveylangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselang = GetBaseLanguageFromSurveyID($surveyid); array_unshift($surveylangs,$baselang); $tokenoutput .= "
"; foreach ($surveylangs as $language) { //GET SURVEY DETAILS $thissurvey=getSurveyInfo($surveyid,$language); if (!$thissurvey['email_remind']) {$thissurvey['email_remind']=str_replace("\n", "\r\n", $clang->gT("Dear {FIRSTNAME},\n\nRecently we invited you to participate in a survey.\n\nWe note that you have not yet completed the survey, and wish to remind you that the survey is still available should you wish to take part.\n\nThe survey is titled:\n\"{SURVEYNAME}\"\n\n\"{SURVEYDESCRIPTION}\"\n\nTo participate, please click on the link below.\n\nSincerely,\n\n{ADMINNAME} ({ADMINEMAIL})\n\n----------------------------------------------\nClick here to do the survey:\n{SURVEYURL}"));} $tokenoutput .= '

'.getLanguageNameFromCode($language,false); if ($language==$baselang) { $tokenoutput .= "(".$clang->gT("Base Language").")"; } $tokenoutput .= "

\n" ."\t\n" ."\t\t\n" ."\t\t\n" ."\t\n" ."\t\n" ."\t\t\n"; $fieldsarray["{ADMINNAME}"]= $thissurvey['adminname']; $fieldsarray["{ADMINEMAIL}"]=$thissurvey['adminemail']; $fieldsarray["{SURVEYNAME}"]=$thissurvey['name']; $fieldsarray["{SURVEYDESCRIPTION}"]=$thissurvey['description']; $fieldsarray["{EXPIRY}"]=$thissurvey["expiry"]; $fieldsarray["{EXPIRY-DMY}"]=date("d-m-Y",strtotime($thissurvey["expiry"])); $fieldsarray["{EXPIRY-MDY}"]=date("m-d-Y",strtotime($thissurvey["expiry"])); $subject=Replacefields($thissurvey['email_remind_subj'], $fieldsarray); $textarea=Replacefields($thissurvey['email_remind'], $fieldsarray); if ($ishtml!==true){$textarea=str_replace(array('',''),array(''),$textarea);} $tokenoutput .= "\t\t\n" ."\t\n"; $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\n" ."\t\n" ."
".$clang->gT("From").":\" />
".$clang->gT("Subject").":
" .$clang->gT("Message").":\n" ."\t\t\t\n" . getEditor("email-rem","message_$language","[".$clang->gT("Reminder Email:", "js")."](".$language.")",$surveyid,'','',$action) ."\t\t
"; } $tokenoutput .= "
\n"; if (!isset($tokenid)) { $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\n" ."\t\n"; } else { $tokenoutput .= "\t\n" ."\t\t\n" ."\t\t\n" ."\t\n"; } $tokenoutput .="\t\t\n" ."\t\t\t\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" . "\t\t\n" ."\t\n"; if (isset($tokenid)) {$tokenoutput .= "\t\n";} $tokenoutput .= "\t
" .$clang->gT("Start at Token ID:")."
" .$clang->gT("Stop at Token ID:").": {$tokenid}
\n" .$clang->gT("Bypass token with failing email addresses").": 
\n" . $clang->gT("Min days between reminders").": \n" ."\t\t\t
\n" . $clang->gT("Max reminders").": \n" . "\t\t\t
 \n" ."\t\t\t\n" ."\t\n" ."\t\n" ."\t\n" ."\t\t
\n" ."
\n"; } else { $tokenoutput .= $clang->gT("Sending Reminders")."
\n"; $surveylangs = GetAdditionalLanguagesFromSurveyID($surveyid); $baselanguage = GetBaseLanguageFromSurveyID($surveyid); array_unshift($surveylangs,$baselanguage); foreach ($surveylangs as $language) { $_POST['message_'.$language]=auto_unescape($_POST['message_'.$language]); $_POST['subject_'.$language]=auto_unescape($_POST['subject_'.$language]); } if (isset($starttokenid)) {$tokenoutput .= " (".$clang->gT("From Token ID").": {$starttokenid})";} if (isset($tokenid)) {$tokenoutput .= " (".$clang->gT("Sending to Token ID").": {$tokenid})";} if (isset($_POST['bypassbademails']) && $_POST['bypassbademails'] == 'Y') { $SQLemailstatuscondition = " AND emailstatus = 'OK'"; } else { $SQLemailstatuscondition = ""; } if (isset($_POST['maxremindercount']) && $_POST['maxremindercount'] != '' && intval($_POST['maxremindercount']) != 0) { $SQLremindercountcondition = " AND remindercount < ".intval($_POST['maxremindercount']); } else { $SQLremindercountcondition = ""; } if (isset($_POST['minreminderdelay']) && $_POST['minreminderdelay'] != '' && intval($_POST['minreminderdelay']) != 0) { // $_POST['minreminderdelay'] in days (86400 seconds per day) $compareddate = date_shift( date("Y-m-d H:i:s",time() - 86400 * intval($_POST['minreminderdelay'])), "Y-m-d H:i", $timeadjust); $SQLreminderdelaycondition = " AND ( " . " (remindersent = 'N' AND sent < '".$compareddate."') " . " OR " . " (remindersent < '".$compareddate."'))"; } else { $SQLreminderdelaycondition = ""; } $ctquery = "SELECT * FROM ".db_table_name("tokens_{$surveyid}")." WHERE (completed ='N' or completed ='') AND sent<>'' AND sent<>'N' AND token <>'' AND email <> '' $SQLemailstatuscondition $SQLremindercountcondition $SQLreminderdelaycondition"; if (isset($starttokenid)) {$ctquery .= " AND tid > '{$starttokenid}'";} if (isset($tokenid) && $tokenid) {$ctquery .= " AND tid = '{$tokenid}'";} $tokenoutput .= "\n"; $ctresult = $connect->Execute($ctquery) or safe_die ("Database error!
\n" . $connect->ErrorMsg()); $ctcount = $ctresult->RecordCount(); $ctfieldcount = $ctresult->FieldCount(); $emquery = "SELECT * FROM ".db_table_name("tokens_{$surveyid}")." WHERE (completed = 'N' or completed = '') AND sent <> 'N' and sent <>'' AND token <>'' AND EMAIL <>'' $SQLemailstatuscondition $SQLremindercountcondition $SQLreminderdelaycondition"; if (isset($starttokenid)) {$emquery .= " AND tid > '{$starttokenid}'";} if (isset($tokenid) && $tokenid) {$emquery .= " AND tid = '{$tokenid}'";} $emquery .= " ORDER BY tid "; $emresult = db_select_limit_assoc($emquery, $maxemails) or safe_die ("Couldn't do query.
$emquery
".$connect->ErrorMsg()); $emcount = $emresult->RecordCount(); $tokenoutput .= "\n" ."\t\n" ."\t\t\n" ."\t\n" ."\t" ."\t\t\n" ."\t\n" ."\t\n" ."\t\n" ."\t\n" ."\t\n"; //Include values for constraints minreminderdelay and maxremindercount if they exist if (isset($_POST['minreminderdelay']) && $_POST['minreminderdelay'] != '' && intval($_POST['minreminderdelay']) != 0) { $tokenoutput .= "\t\n"; } if (isset($_POST['maxremindercount']) && $_POST['maxremindercount'] != '' && intval($_POST['maxremindercount']) != 0) { $tokenoutput .= "\t\n"; } // foreach ($surveylangs as $language) { $message = html_escape($_POST['message_'.$language]); $tokenoutput .="\t\t\t\n" ."\t\t\t\n" ."\t\t\t\n"; } $tokenoutput.="\t\n" ."\t\n"; } } else { $tokenoutput .= "
".$clang->gT("Warning")."
\n" .$clang->gT("There were no eligible emails to send. This will be because none satisfied the criteria of - having an email address, having been sent an invitation, but not having yet completed the survey.")."\n" ."

\n" ."\t\t\n"; } $tokenoutput .= "\t
\n" ."
\n"; $attributes=GetTokenFieldsAndNames($surveyid); if ($emcount > 0) { while ($emrow = $emresult->FetchRow()) { unset($fieldsarray); $to = $emrow['email']; $fieldsarray["{EMAIL}"]=$emrow['email']; $fieldsarray["{FIRSTNAME}"]=$emrow['firstname']; $fieldsarray["{LASTNAME}"]=$emrow['lastname']; $fieldsarray["{TOKEN}"]=$emrow['token']; $fieldsarray["{LANGUAGE}"]=$emrow['language']; foreach ($attributes as $attributefield=>$attributedescription) { $fieldsarray['{'.strtoupper($attributefield).'}']=$emrow[$attributefield]; } $emrow['language']=trim($emrow['language']); if ($emrow['language']=='') {$emrow['language']=$baselanguage;} //if language is not give use default $found = array_search($emrow['language'], $surveylangs); if ($found==false) {$emrow['language']=$baselanguage;} $from = $_POST['from_'.$emrow['language']]; if (getEmailFormat($surveyid) == 'html') { $ishtml=true; } else { $ishtml=false; } if ($ishtml == false) { if ( $modrewrite ) { $fieldsarray["{SURVEYURL}"]="$publicurl/$surveyid/lang-".trim($emrow['language'])."/tk-{$emrow['token']}"; } else { $fieldsarray["{SURVEYURL}"]="$publicurl/index.php?lang=".trim($emrow['language'])."&sid=$surveyid&token={$emrow['token']}"; } } else { if ( $modrewrite ) { $fieldsarray["{SURVEYURL}"]="".htmlspecialchars("$publicurl/$surveyid/lang-".trim($emrow['language'])."/tk-{$emrow['token']}").""; } else { $fieldsarray["{SURVEYURL}"]="".htmlspecialchars("$publicurl/index.php?lang=".trim($emrow['language'])."&sid=$surveyid&token={$emrow['token']}").""; $_POST['message_'.$emrow['language']] = html_entity_decode($_POST['message_'.$emrow['language']], ENT_QUOTES, $emailcharset); } } $msgsubject=Replacefields($_POST['subject_'.$emrow['language']], $fieldsarray); $sendmessage=Replacefields($_POST['message_'.$emrow['language']], $fieldsarray); if (MailTextMessage($sendmessage, $msgsubject, $to, $from, $sitename,$ishtml,getBounceEmail($surveyid))) { // Put date into remindersent $today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i", $timeadjust); $udequery = "UPDATE ".db_table_name("tokens_{$surveyid}")."\n" ."SET remindersent='$today',remindercount = remindercount+1 WHERE tid={$emrow['tid']}"; // $uderesult = $connect->Execute($udequery) or safe_die ("Could not update tokens
$udequery
".$connect->ErrorMsg()); //orig: $tokenoutput .= "\t\t\t({$emrow['tid']})[".$clang->gT("Reminder sent to:")." {$emrow['firstname']} {$emrow['lastname']}]
\n"; $tokenoutput .= "\t\t\t({$emrow['tid']}) [".$clang->gT("Reminder sent to:")." {$emrow['firstname']} {$emrow['lastname']} ($to)]
\n"; } else { $tokenoutput .= $emrow['tid'] ." ".ReplaceFields($clang->gT("Email to {FIRSTNAME} {LASTNAME} ({EMAIL}) failed. Error Message:")." ".$maildebug."
", $fieldsarray); if ($debug>0) { $tokenoutput .= "
Subject : $msgsubject

".htmlspecialchars($maildebugbody)."
"; } } $lasttid = $emrow['tid']; } if ($ctcount > $emcount) { $lefttosend = $ctcount-$maxemails; $tokenoutput .= "\t\t
\n" ."\t\t\t".$clang->gT("Warning")."

\n" .$clang->gT("There are more emails pending than can be sent in one batch. Continue sending emails by clicking below.")."

\n" .str_replace("{EMAILCOUNT}", $lefttosend, $clang->gT("There are {EMAILCOUNT} emails still to be sent.")) ."
\n" ."\t\t\t\n" ."\t\t
\n"; } $tokenoutput .= "\n"; } if ($subaction == "tokenify" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\t".$clang->gT("Create Tokens").":\n"; $tokenoutput .= "\t
\n"; if (!isset($_POST['ok']) || !$_POST['ok']) { $tokenoutput .= "
".$clang->gT("Clicking yes will generate tokens for all those in this token list that have not been issued one. Is this OK?")."

\n" ."\n" .$clang->gT("Yes")."' onclick=\"".get2post("$scriptname?action=tokens&sid=$surveyid&subaction=tokenify&ok=Y")."\" />\n" ."\n" ."

\n"; } else { // select all existing tokens $ntquery = "SELECT token FROM ".db_table_name("tokens_$surveyid")." group by token"; $ntresult = db_execute_assoc($ntquery); while ($tkrow = $ntresult->FetchRow()) { $existingtokens[$tkrow['token']]=null; } $newtokencount = 0; $tkquery = "SELECT tid FROM ".db_table_name("tokens_$surveyid")." WHERE token IS NULL OR token=''"; $tkresult = db_execute_assoc($tkquery) or safe_die ("Mucked up!
$tkquery
".$connect->ErrorMsg()); while ($tkrow = $tkresult->FetchRow()) { $isvalidtoken = false; while ($isvalidtoken == false) { $newtoken = randomkey(15); if (!isset($existingtokens[$newtoken])) { $isvalidtoken = true; $existingtokens[$newtoken]=null; } } $itquery = "UPDATE ".db_table_name("tokens_$surveyid")." SET token='$newtoken' WHERE tid={$tkrow['tid']}"; $itresult = $connect->Execute($itquery); $newtokencount++; } $message=str_replace("{TOKENCOUNT}", $newtokencount, $clang->gT("{TOKENCOUNT} tokens have been created")); $tokenoutput .= "
$message

\n"; } $tokenoutput .= "\t\n"; } if ($subaction == "delete" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $dlquery = "DELETE FROM ".db_table_name("tokens_$surveyid")." WHERE tid={$tokenid}"; $dlresult = $connect->Execute($dlquery) or safe_die ("Couldn't delete record {$tokenid}
".$connect->ErrorMsg()); $tokenoutput .= "\t" .$clang->gT("Delete")."\n" ."\t
\n" ."
".$clang->gT("Token has been deleted.")."
\n" ."".$clang->gT("Reloading Screen. Please wait.")."

\n" ."\t\n"; } if ($subaction == "managetokenattributes" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\n\t
" . "\t\t".$clang->gT("Manage token attribute fields")."
\n"; $tokenfields=GetTokenFieldsAndNames($surveyid,true); $nrofattributes=0; $tokenoutput.='
' .""; $exampledataquery = "SELECT * FROM ".db_table_name("tokens_$surveyid"); $exampledata = db_select_limit_assoc($exampledataquery,1) or safe_die ("Could not get example data!
$exampledataquery
".$connect->ErrorMsg()); $examplerow = $exampledata->FetchRow(); foreach ($tokenfields as $tokenfield=>$tokendescription) { $nrofattributes++; $tokenoutput.=""; } $tokenoutput.="
Attribute fieldField descriptionExample Data
$tokenfield"; if ($examplerow!==false) { $tokenoutput.=htmlspecialchars($examplerow[$tokenfield]); } else { $tokenoutput.=$clang->gT(''); } $tokenoutput.="

" .'' ."\n" ."\n" ."\n" .'


'; $tokenoutput .= "\n\t
" . "\t\t".$clang->gT("Add token attributes")."
\n"; $tokenoutput .=sprintf($clang->gT('There are %s user attribute fields in this token table'),$nrofattributes).'
' .'
' .'' .'

' .'' ."\n" ."\n" ."\n" .'
'; } if ($subaction == "updatetokenattributedescriptions" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { // find out the existing token attribute fieldnames $tokenattributefieldnames=GetAttributeFieldNames($surveyid); $fieldcontents=''; foreach ($tokenattributefieldnames as $fieldname) { $fieldcontents.=$fieldname.'='.strip_tags($_POST['description_'.$fieldname])."\n"; } $updatequery = "update ".db_table_name('surveys').' set attributedescriptions='.db_quoteall($fieldcontents,true)." where sid=$surveyid"; $execresult=db_execute_assoc($updatequery); if ($execresult===false) { $tokenoutput.='Updating token descriptions failed:'.htmlspecialchars($connect->ErrorMsg()); } else { $tokenoutput.=$clang->gT('Token descriptions were successfully updated.'); } } if ($subaction == "updatetokenattributes" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $number2add=sanitize_int($_POST['addnumber'],1,100); // find out the existing token attribute fieldnames $tokenfieldnames = array_values($connect->MetaColumnNames("{$dbprefix}tokens_$surveyid", true)); $tokenattributefieldnames=array_filter($tokenfieldnames,'filterforattributes'); $i=1; for ($b=0;$b<$number2add;$b++) { while (in_array('attribute_'.$i,$tokenattributefieldnames)!==false) { $i++; } $tokenattributefieldnames[]='attribute_'.$i; $fields[]=array('attribute_'.$i,'C','255'); } $dict = NewDataDictionary($connect); $sqlarray = $dict->ChangeTableSQL("{$dbprefix}tokens_$surveyid", $fields); $execresult=$dict->ExecuteSQLArray($sqlarray, false); if ($execresult==0) { $tokenoutput.='Adding fields failed:'.htmlspecialchars($connect->ErrorMsg()); } else { $tokenoutput.='
'.sprintf($clang->gT('%s field(s) were successfully added.'),$number2add).'

'; $tokenoutput.="".$clang->gT('Back to attribute field management.').'

 '; } } if (($subaction == "edit" || $subaction == "addnew") && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { if ($subaction == "edit") { $edquery = "SELECT * FROM ".db_table_name("tokens_$surveyid")." WHERE tid={$tokenid}"; $edresult = db_execute_assoc($edquery); $edfieldcount = $edresult->FieldCount(); while($edrow = $edresult->FetchRow()) { //Create variables with the same names as the database column names and fill in the value foreach ($edrow as $Key=>$Value) {$$Key = $Value;} } } if ($subaction != "edit") { $edquery = "SELECT * FROM ".db_table_name("tokens_$surveyid"); $edresult = db_select_limit_assoc($edquery, 1); $edfieldcount = $edresult->FieldCount(); } $tokenoutput .= "\t\n" ."
\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t\n" ."\n" ."\n" ."\t\n" ."\t' ."\n" ."\n"; // now the attribute fieds $attrfieldnames=GetTokenFieldsAndNames($surveyid,true); foreach ($attrfieldnames as $attr_name=>$attr_description) { $tokenoutput .= "\t\t" ."\n" ."\t\n" ."\n\n" ."
\n" .$clang->gT("Add or Edit Token Entry")."
ID:"; if ($subaction == "edit") {$tokenoutput .=$tokenid;} else {$tokenoutput .=$clang->gT("Auto");} $tokenoutput .= "
".$clang->gT("First Name").":
".$clang->gT("Last Name").":
".$clang->gT("Email").":
".$clang->gT("Email Status").":
".$clang->gT("Token").":\n"; if ($subaction == "addnew") { $tokenoutput .= "\t\t".$clang->gT("You can leave this blank, and automatically generate tokens using 'Create Tokens'")."\n"; } $tokenoutput .= "\t
".$clang->gT("Language").":"; if (isset($language)) {$tokenoutput .= languageDropdownClean($surveyid,$language);} else { $tokenoutput .= languageDropdownClean($surveyid,GetBaseLanguageFromSurveyID($surveyid)); } $tokenoutput .= "
".$clang->gT("Invite sent?").":
".$clang->gT("Completed?").":
".$clang->gT("Valid from").":convert($dateformatdetails['phpdate'].' H:i'); } $tokenoutput .= "\" />\n".$clang->gT('until') ."\tconvert($dateformatdetails['phpdate'].' H:i'); } $tokenoutput .= "\" /> ".sprintf($clang->gT('Format: %s'),$dateformatdetails['dateformat'].' '.$clang->gT('hh:mm')).'
".$attr_description.":"; } $tokenoutput .="\t"; switch($subaction) { case "edit": $tokenoutput .= "\t\t\n" ."\t\t\n" ."\t\t\n" ."\t\t\n"; break; case "addnew": $tokenoutput .= "\t\t\n" ."\t\t\n"; break; } $tokenoutput .= "\t\t\n" ."\t
\n"; } if ($subaction == "updatetoken" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\t" .$clang->gT("Add or Edit Token Entry")."\n" ."\t\n"; if (trim($_POST['validfrom'])=='') { $_POST['validfrom']=null; } else { $datetimeobj = new Date_Time_Converter(trim($_POST['validfrom']), $dateformatdetails['phpdate'].' H:i'); $_POST['validfrom'] =$datetimeobj->convert('Y-m-d H:i:s'); } if (trim($_POST['validuntil'])=='') {$_POST['validuntil']=null;} else { $datetimeobj = new Date_Time_Converter(trim($_POST['validuntil']), $dateformatdetails['phpdate'].' H:i'); $_POST['validuntil'] =$datetimeobj->convert('Y-m-d H:i:s'); } $data = array(); $data[] = $_POST['firstname']; $data[] = $_POST['lastname']; $data[] = sanitize_email($_POST['email']); $data[] = $_POST['emailstatus']; $santitizedtoken=sanitize_xss_string(strip_tags($_POST['token'])); $data[] = $santitizedtoken; $data[] = sanitize_languagecode($_POST['language']); $data[] = $_POST['sent']; $data[] = $_POST['completed']; // $db->DBTimeStamp("$year-$month-$day $hr:$min:$secs"); $data[] = $_POST['validfrom']; $data[] = $_POST['validuntil']; $udresult = $connect->Execute("Select * from ".db_table_name("tokens_$surveyid")." where tid<>{$tokenid} and token<>'' and token='{$santitizedtoken}'") or safe_die ("Update record {$tokenid} failed:
\n$udquery
\n".$connect->ErrorMsg()); if ($udresult->RecordCount()==0) { $udresult = $connect->Execute("Select * from ".db_table_name("tokens_$surveyid")." where tid={$tokenid} and email='".sanitize_email($_POST['email'])."'") or safe_die ("Update record {$tokenid} failed:
\n$udquery
\n".$connect->ErrorMsg()); // Using adodb Execute with blinding method so auto-dbquote is done $udquery = "UPDATE ".db_table_name("tokens_$surveyid")." SET firstname=?, " . "lastname=?, email=?, emailstatus=?, " . "token=?, language=?, sent=?, completed=?, validfrom=?, validuntil=?"; $attrfieldnames=GetAttributeFieldnames($surveyid); foreach ($attrfieldnames as $attr_name) { $udquery.= ", $attr_name=?"; $data[].=$_POST[$attr_name]; } $udquery .= " WHERE tid={$tokenid}"; $udresult = $connect->Execute($udquery, $data) or safe_die ("Update record {$tokenid} failed:
\n$udquery
\n".$connect->ErrorMsg()); $tokenoutput .= "
".$clang->gT("Success")."
\n" ."
".$clang->gT("The token entry was successfully updated.")."

\n" ."".$clang->gT("Display Tokens")."

\n" ."\t\n"; } else { $tokenoutput .= "
".$clang->gT("Failed")."
\n" ."
".$clang->gT("There is already an entry with that exact token in the table. The same token cannot be used in multiple entries.")."

\n" ."".$clang->gT("Show this token entry")."

\n" ."\t\n"; } } if ($subaction == "inserttoken" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { //Fix up dates and match to database format if (trim($_POST['validfrom'])=='') { $_POST['validfrom']=null; } else { $datetimeobj = new Date_Time_Converter(trim($_POST['validfrom']), $dateformatdetails['phpdate'].' H:i'); $_POST['validfrom'] =$datetimeobj->convert('Y-m-d H:i:s'); } if (trim($_POST['validuntil'])=='') {$_POST['validuntil']=null;} else { $datetimeobj = new Date_Time_Converter(trim($_POST['validuntil']), $dateformatdetails['phpdate'].' H:i'); $_POST['validuntil'] =$datetimeobj->convert('Y-m-d H:i:s'); } $santitizedtoken=trim(sanitize_xss_string(strip_tags($_POST['token']))); $tokenoutput .= "\t" .$clang->gT("Add or Edit Token Entry")."\n" ."\t\n"; $data = array('firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'email' => sanitize_email($_POST['email']), 'emailstatus' => $_POST['emailstatus'], 'token' => $santitizedtoken, 'language' => sanitize_languagecode($_POST['language']), 'sent' => $_POST['sent'], 'completed' => $_POST['completed'], 'validfrom' => $_POST['validfrom'], 'validuntil' => $_POST['validuntil']); // add attributes $attrfieldnames=GetAttributeFieldnames($surveyid); foreach ($attrfieldnames as $attr_name) { $data[$attr_name]=$_POST[$attr_name]; } $tblInsert=db_table_name('tokens_'.$surveyid); $udresult = $connect->Execute("Select * from ".db_table_name("tokens_$surveyid")." where token<>'' and token='{$santitizedtoken}'"); if ($udresult->RecordCount()==0) { // AutoExecute $inresult = $connect->AutoExecute($tblInsert, $data, 'INSERT') or safe_die ("Add new record failed:
\n$inquery
\n".$connect->ErrorMsg()); $tokenoutput .= "
".$clang->gT("Success")."
\n" ."
".$clang->gT("Added New Token")."

\n" ."".$clang->gT("Display Tokens")."
\n" ."".$clang->gT("Add new token entry")."

\n" ."\t\n"; } else { $tokenoutput .= "
".$clang->gT("Failed")."
\n" ."
".$clang->gT("There is already an entry with that exact token in the table. The same token cannot be used in multiple entries.")."

\n" ."".$clang->gT("Display Tokens")."
\n" ."".$clang->gT("Add new token entry")."

\n" ."\t\n"; } } if ($subaction == "import" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\t" ."".$clang->gT("Upload CSV File")."\n" ."\t
\n"; form_csv_upload(); $tokenoutput .= "
\n" ."\t\n" ."\t\t\n" ."\t\n" ."
\n" ."\t\t\t".$clang->gT("Note:")."

\n" ."\t\t\t".$clang->gT("File should be a standard CSV (comma delimited) file with double quotes around values (default for openoffice and excel). The first line must contain the field names. The fields can be in any order.").'

'.$clang->gT("Mandatory fields:")." firstname,lastname,email
" .''.$clang->gT('Optional fields:')." emailstatus, token, languagecode, validfrom, validuntil, attribute_1, attribute_2, attribute_3, ... ." ."\t\t

\n" ."\n"; } if ($subaction == "importldap" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $tokenoutput .= "\t" ."" .$clang->gT("Upload LDAP entries")."\n" ."\t\n"; formldap(); $tokenoutput .= "\n" ."\t\n" ."\t\t\n" ."\t\n" ."
\n" ."\t\t\t".$clang->gT("Note:")."
\n" ."\t\t\t".$clang->gT("LDAP queries are defined by the administrator in the config-ldap.php file")."\n" ."\t\t

\n" ."\n" ."\n"; } if ($subaction == "upload" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $attrfieldnames=GetAttributeFieldnames($surveyid); $duplicatelist=array(); $invalidemaillist=array(); $tokenoutput .= "\t" .$clang->gT("Upload CSV File")."\n" ."\t\n"; if (!isset($tempdir)) { $the_path = $homedir; } else { $the_path = $tempdir; } $the_file_name = $_FILES['the_file']['name']; $the_file = $_FILES['the_file']['tmp_name']; $the_full_file_path = $the_path."/".$the_file_name; if (!@move_uploaded_file($the_file, $the_full_file_path)) { $errormessage="".$clang->gT("Error").": ".$clang->gT("Upload file not found. Check your permissions and path for the upload directory")."\n"; form_csv_upload($errormessage); } else { $tokenoutput .= "
".$clang->gT("Importing CSV File")."
\n".$clang->gT("Success")."

\n" .$clang->gT("Creating Token Entries")."
\n"; $xz = 0; $recordcount = 0; $duplicatecount = 0; $xv = 0; $invalidemailcount = 0; // This allows to read file with MAC line endings too @ini_set('auto_detect_line_endings', true); // open it and trim the ednings $tokenlistarray = file($the_full_file_path); $baselanguage=GetBaseLanguageFromSurveyID($surveyid); if (!isset($tokenlistarray)) {$tokenoutput .= "Failed to open the uploaded file!\n";} foreach ($tokenlistarray as $buffer) { $buffer=@mb_convert_encoding($buffer,"UTF-8",$uploadcharset); $firstname = ""; $lastname = ""; $email = ""; $emailstatus="OK"; $token = ""; $language=""; $attribute1=""; $attribute2=""; //Clear out values from the last path, in case the next line is missing a value if ($recordcount==0) { // Pick apart the first line $buffer=removeBOM($buffer); $allowedfieldnames=array('firstname','lastname','email','emailstatus','token','languagecode', 'validfrom', 'validuntil'); $allowedfieldnames=array_merge($attrfieldnames,$allowedfieldnames); $firstline = convertCSVRowToArray($buffer,',','"'); $firstline=array_map('trim',$firstline); $ignoredcolumns=array(); //now check the first line for invalid fields foreach ($firstline as $index=>$fieldname) { if (!in_array($fieldname,$allowedfieldnames)) { $ignoredcolumns[]=$fieldname; } } if (!in_array('firstname',$firstline) || !in_array('lastname',$firstline) || !in_array('email',$firstline)) { $tokenoutput .= '

'.$clang->gT("Error: Your uploaded file is missing one or more of the mandatory columns: 'firstname', 'lastname' or 'email'").'

'; $recordcount=count($tokenlistarray); break; } } else { $line = convertCSVRowToArray($buffer,',','"'); // sanitize it before writing into table $line = array_map('db_quote',$line); $writearray=array_combine($firstline,$line); //kick out ignored columns foreach ($ignoredcolumns as $column) { unset($writearray[$column]); } $dupfound=false; $invalidemail=false; if ($filterduplicatetoken!=false) { $dupquery = "SELECT firstname, lastname from ".db_table_name("tokens_$surveyid")." where email=".db_quoteall($writearray['email'])." and firstname = ".db_quoteall($writearray['firstname'])." and lastname= ".db_quoteall($writearray['lastname']).""; $dupresult = $connect->Execute($dupquery); if ( $dupresult->RecordCount() > 0) { $dupfound = true; $duplicatelist[]=$writearray['firstname']." ".$writearray['lastname']." (".$writearray['email'].")"; } } $writearray['email'] = trim($writearray['email']); //treat blank emails if ($filterblankemail && $writearray['email']=='') { $invalidemail=true; $invalidemaillist[]=$line[0]." ".$line[1]." ( )"; } if ($writearray['email']!='' && !validate_email($writearray['email'])) { $invalidemail=true; $invalidemaillist[]=$line[0]." ".$line[1]." (".$line[2].")"; } if ($invalidemail) { ++$invalidemailcount; } elseif ($dupfound) { ++$duplicatecount; } else { if (!isset($writearray['emailstatus']) || $writearray['emailstatus']=='') $writearray['emailstatus'] = "OK"; if (!isset($writearray['token'])) $line[4] = ""; if (!isset($writearray['languagecode']) || $writearray['languagecode'] == "") $writearray['language'] = $baselanguage; else $writearray['language']=$writearray['languagecode']; if (isset($writearray['validfrom']) && trim($writearray['validfrom']=='')){ unset($writearray['validfrom']);} if (isset($writearray['validuntil']) && trim($writearray['validuntil']=='')){ unset($writearray['validuntil']);} unset($writearray['languagecode']); $iq = "INSERT INTO ".db_table_name("tokens_$surveyid")." \n" . "(".implode(',',array_keys($writearray)).") \n" . "VALUES ('".implode("','",array_values($writearray))."')"; $ir = $connect->Execute($iq); if (!$ir) $duplicatecount++; $xz++; } $xv++; } $recordcount++; } $recordcount = $recordcount-1; if ($xz != 0) { $tokenoutput .= "".$clang->gT("Success")."

\n"; } else { $tokenoutput .= "".$clang->gT("Failed")."

\n"; } $message = sprintf($clang->gT("%s records in CSV"),$recordcount).".
\n"; $message .= sprintf($clang->gT("%s records met minumum requirements"),$xv).".
\n"; $message .= sprintf($clang->gT("%s records imported"),$xz).".
\n"; $message .= "\n"; $message .= sprintf($clang->gT("%s duplicate records removed"),$duplicatecount); if ($duplicatecount>0) { $message .= " [".$clang->gT("List")."]"; $message .= ""; } $message .= "
\n"; $message .= "$invalidemailcount ".$clang->gT("Records with invalid email address removed"); $message .= " [".$clang->gT("List")."]"; $message .= ""; $message .= "
\n"; $tokenoutput .= "$message
\n"; unlink($the_full_file_path); } $tokenoutput .= "\t\t\t\n"; } if ($subaction == "uploadldap" && ($sumrows5['edit_survey_property'] || $sumrows5['activate_survey'] || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1) ) { $duplicatelist=array(); $invalidemaillist=array(); $tokenoutput .= "\t" .$clang->gT("Uploading LDAP Query")."\n" ."\t\n"; $ldapq=$_POST['ldapQueries']; // the ldap query id $ldap_server_id=$ldap_queries[$ldapq]['ldapServerId']; $ldapserver=$ldap_server[$ldap_server_id]['server']; $ldapport=$ldap_server[$ldap_server_id]['port']; if (isset($ldap_server[$ldap_server_id]['encoding']) && $ldap_server[$ldap_server_id]['encoding'] != 'utf-8' && $ldap_server[$ldap_server_id]['encoding'] != 'UTF-8') { $ldapencoding=$ldap_server[$ldap_server_id]['encoding']; } else { $ldapencoding=''; } // define $attrlist: list of attributes to read from users' entries $attrparams = array('firstname_attr','lastname_attr', 'email_attr','token_attr', 'language'); $aTokenAttr=GetAttributeFieldNames($surveyid); foreach ($aTokenAttr as $thisattrfieldname) { $attridx=substr($thisattrfieldname,10); // the 'attribute_' prefix is 10 chars long $attrparams[] = "attr".$attridx; } foreach ($attrparams as $id => $attr) { if (array_key_exists($attr,$ldap_queries[$ldapq]) && $ldap_queries[$ldapq][$attr] != '') { $attrlist[]=$ldap_queries[$ldapq][$attr]; } } // Open connection to server $ds = ldap_getCnx($ldap_server_id); if ($ds) { // bind to server $resbind=ldap_bindCnx($ds, $ldap_server_id); if ($resbind) { $ResArray=array(); $resultnum=ldap_doTokenSearch($ds, $ldapq, $ResArray); $xz = 0; // imported token count $xv = 0; // meet minim requirement count $xy = 0; // check for duplicates $duplicatecount = 0; // duplicate tokens skipped count $invalidemailcount = 0; if ($resultnum >= 1) { foreach ($ResArray as $responseGroupId => $responseGroup) { for($j = 0;$j < $responseGroup['count']; $j++) { // first let's initialize everything to '' $myfirstname=''; $mylastname=''; $myemail=''; $mylanguage=''; $mytoken=''; $myattrArray=array(); // The first 3 attrs MUST exist in the ldap answer // ==> send PHP notice msg to apache logs otherwise $meetminirequirements=true; if (isset($responseGroup[$j][$ldap_queries[$ldapq]['firstname_attr']]) && isset($responseGroup[$j][$ldap_queries[$ldapq]['lastname_attr']]) ) { // minimum requirement for ldap // * at least a firstanme // * at least a lastname // * if filterblankemail is set (default): at least an email address $myfirstname = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['firstname_attr']]); $mylastname = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['lastname_attr']]); if (isset($responseGroup[$j][$ldap_queries[$ldapq]['email_attr']])) { $myemail = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['email_attr']]); $myemail= sanitize_email($myemail); ++$xv; } elseif ($filterblankemail !==true) { $myemail = ''; ++$xv; } else { $meetminirequirements=false; } } else { $meetminirequirements=false; } // The following attrs are optionnal if ( isset($responseGroup[$j][$ldap_queries[$ldapq]['token_attr']]) ) $mytoken = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['token_attr']]); foreach ($aTokenAttr as $thisattrfieldname) { $attridx=substr($thisattrfieldname,10); // the 'attribute_' prefix is 10 chars long if ( isset($ldap_queries[$ldapq]['attr'.$attridx]) && isset($responseGroup[$j][$ldap_queries[$ldapq]['attr'.$attridx]]) ) $myattrArray[$attridx] = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['attr'.$attridx]]); } if ( isset($responseGroup[$j][$ldap_queries[$ldapq]['language']]) ) $mylanguage = ldap_readattr($responseGroup[$j][$ldap_queries[$ldapq]['language']]); // In case Ldap Server encoding isn't UTF-8, let's translate // the strings to UTF-8 if ($ldapencoding != '') { $myfirstname = @mb_convert_encoding($myfirstname,"UTF-8",$ldapencoding); $mylastname = @mb_convert_encoding($mylastname,"UTF-8",$ldapencoding); foreach ($aTokenAttr as $thisattrfieldname) { $attridx=substr($thisattrfieldname,10); // the 'attribute_' prefix is 10 chars long @mb_convert_encoding($myattrArray[$attridx],"UTF-8",$ldapencoding); } } // Now check for duplicates or bad formatted email addresses $dupfound=false; $invalidemail=false; if ($filterduplicatetoken) { $dupquery = "SELECT firstname, lastname from ".db_table_name("tokens_$surveyid")." where email='$myemail' and firstname='$myfirstname' and lastname='$mylastname'"; $dupresult = $connect->Execute($dupquery); if ( $dupresult->RecordCount() > 0) { $dupfound = true; $duplicatelist[]=$myfirstname." ".$mylastname." (".$myemail.")"; $xy++; } } if ($filterblankemail && $myemail=='') { $invalidemail=true; $invalidemaillist[]=$myfirstname." ".$mylastname." ( )"; } elseif ($myemail!='' && !validate_email($myemail)) { $invalidemail=true; $invalidemaillist[]=$myfirstname." ".$mylastname." (".$myemail.")"; } if ($invalidemail) { ++$invalidemailcount; } elseif ($dupfound) { ++$duplicatecount; } elseif ($meetminirequirements===true) { // No issue, let's import $iq = "INSERT INTO ".db_table_name("tokens_$surveyid")." \n" . "(firstname, lastname, email, emailstatus, token, language"; foreach ($aTokenAttr as $thisattrfieldname) { $attridx=substr($thisattrfieldname,10); // the 'attribute_' prefix is 10 chars long if (!empty($myattrArray[$attridx])) {$iq .= ", $thisattrfieldname";} } $iq .=") \n" . "VALUES (".db_quoteall($myfirstname).", ".db_quoteall($mylastname).", ".db_quoteall($myemail).", 'OK', ".db_quoteall($mytoken).", ".db_quoteall($mylanguage).""; foreach ($aTokenAttr as $thisattrfieldname) { $attridx=substr($thisattrfieldname,10); // the 'attribute_' prefix is 10 chars long if (!empty($myattrArray[$attridx])) {$iq .= ", ".db_quoteall($myattrArray[$attridx]).""; }// dbquote_all encloses str with quotes } $iq .= ")"; $ir = $connect->Execute($iq); if (!$ir) $duplicatecount++; $xz++; // or safe_die ("Couldn't insert line
\n$buffer
\n".htmlspecialchars($connect->ErrorMsg())."
$iq
\n"); } } // End for each entry } // End foreach responseGroup } // End of if resnum >= 1 if ($xz != 0) { $tokenoutput .= "".$clang->gT("Success")."

\n"; } else { $tokenoutput .= "".$clang->gT("Failed")."

\n"; } $message = "$resultnum ".$clang->gT("Results from LDAP Query").".
\n"; $message .= "$xv ".$clang->gT("Records met minumum requirements").".
\n"; $message .= "$xz ".$clang->gT("Records imported").".
\n"; $message .= "\n"; $message .= "$xy ".$clang->gT("Duplicate records removed"); $message .= " [".$clang->gT("List")."]"; $message .= ""; $message .= "
\n"; $message .= "$invalidemailcount ".$clang->gT("Records with invalid email address removed"); $message .= " [".$clang->gT("List")."]"; $message .= ""; $message .= "
\n"; $tokenoutput .= "$message
\n"; } else { $errormessage="".$clang->gT("Error").": ".$clang->gT("Can't bind to the LDAP directory")."\n"; formldap($errormessage); } @ldap_close($ds); } else { $errormessage="".$clang->gT("Error").": ".$clang->gT("Can't connect to the LDAP directory")."\n"; formldap($errormessage); } } $tokenoutput .= "\t\t\n" ."\n"; function form_csv_upload($error=false) { global $surveyid, $tokenoutput,$scriptname, $clang, $encodingsarray; if ($error) {$tokenoutput .= $error . "

\n";} asort($encodingsarray); $charsetsout=''; foreach ($encodingsarray as $charset=>$title) { $charsetsout.="'; } } function getLine($file) { $buffer=""; // iterate over each character in line. while (!feof($file)) { // append the character to the buffer. $character = fgetc($file); $buffer .= $character; // check for end of line. if (($character == "\n") or ($character == "\r")) { // checks if the next character is part of the line ending, as in // the case of windows '\r\n' files, or not as in the case of // mac classic '\r', and unix/os x '\n' files. $character = fgetc($file); if ($character == "\n") { // part of line ending, append to buffer. $buffer .= $character; } else { // not part of line ending, roll back file pointer. fseek($file, -1, SEEK_CUR); } // end of line, so stop reading. break; } } // return the line buffer. return $buffer; } ?>