gTview("This survey is currently active")."\""
. "onmouseover=\"showTooltip(event,'".$clang->gT("This survey is currently active", "js")."');return false\" />
" ;
}
if ($action == "checksettings" || $action == "changelang" || $action=="changehtmleditormode")
{
//GET NUMBER OF SURVEYS
$query = "SELECT sid FROM ".db_table_name('surveys');
$result = $connect->Execute($query); //Checked
$surveycount=$result->RecordCount();
$query = "SELECT sid FROM ".db_table_name('surveys')." WHERE active='Y'";
$result = $connect->Execute($query); //Checked
$activesurveycount=$result->RecordCount();
$query = "SELECT users_name FROM ".db_table_name('users');
$result = $connect->Execute($query); //Checked
$usercount = $result->RecordCount();
// prepare data for the htmleditormode preference
$edmod1='';
$edmod2='';
$edmod3='';
$edmod4='';
switch ($_SESSION['htmleditormode'])
{
case 'none':
$edmod2="selected='selected'";
break;
case 'inline':
$edmod3="selected='selected'";
break;
case 'popup':
$edmod4="selected='selected'";
break;
default:
$edmod1="selected='selected'";
break;
}
$tablelist = $connect->MetaTables();
foreach ($tablelist as $table)
{
$stlength=strlen($dbprefix).strlen("old");
if (substr($table, 0, $stlength+strlen("_tokens")) == $dbprefix."old_tokens")
{
$oldtokenlist[]=$table;
}
elseif (substr($table, 0, strlen($dbprefix) + strlen("tokens")) == $dbprefix."tokens")
{
$tokenlist[]=$table;
}
elseif (substr($table, 0, $stlength) == $dbprefix."old")
{
$oldresultslist[]=$table;
}
}
if(isset($oldresultslist) && is_array($oldresultslist))
{$deactivatedsurveys=count($oldresultslist);} else {$deactivatedsurveys=0;}
if(isset($oldtokenlist) && is_array($oldtokenlist))
{$deactivatedtokens=count($oldtokenlist);} else {$deactivatedtokens=0;}
if(isset($tokenlist) && is_array($tokenlist))
{$activetokens=count($tokenlist);} else {$activetokens=0;}
$cssummary = "
\n"
. "\n"
. "
\n";
if ($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
{
$cssummary .= "
";
}
}
if ($surveyid)
{
$query = "SELECT * FROM ".db_table_name('surveys_rights')." WHERE sid = {$surveyid} AND uid = ".$_SESSION['loginID'];
$result = $connect->SelectLimit($query, 1);
if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $result->RecordCount() > 0)
{
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$sumquery5 = "SELECT b.* FROM {$dbprefix}surveys AS a INNER JOIN {$dbprefix}surveys_rights AS b ON a.sid = b.sid WHERE a.sid=$surveyid AND b.uid = ".$_SESSION['loginID']; //Getting rights for this survey and user
$sumresult5 = db_execute_assoc($sumquery5); //Checked
$sumrows5 = $sumresult5->FetchRow();
$sumquery3 = "SELECT * FROM ".db_table_name('questions')." WHERE sid=$surveyid AND language='".$baselang."'"; //Getting a count of questions for this survey
$sumresult3 = $connect->Execute($sumquery3); //Checked
$sumcount3 = $sumresult3->RecordCount();
$sumquery6 = "SELECT * FROM ".db_table_name('conditions')." as c, ".db_table_name('questions')."as q WHERE c.qid = q.qid AND q.sid=$surveyid"; //Getting a count of conditions for this survey
$sumresult6 = $connect->Execute($sumquery6) or die("Can't coun't conditions"); //Checked
$sumcount6 = $sumresult6->RecordCount();
$sumquery2 = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND language='".$baselang."'"; //Getting a count of groups for this survey
$sumresult2 = $connect->Execute($sumquery2); //Checked
$sumcount2 = $sumresult2->RecordCount();
$sumquery1 = "SELECT * FROM ".db_table_name('surveys')." inner join ".db_table_name('surveys_languagesettings')." on (surveyls_survey_id=sid and surveyls_language=language) WHERE sid=$surveyid"; //Getting data for this survey
$sumresult1 = db_select_limit_assoc($sumquery1, 1); //Checked
// Output starts here...
$surveysummary = "
\n";
$surveysummary2 = "";
if ($s1row['private'] != "N") {$surveysummary2 .= $clang->gT("Answers to this survey are anonymized.")." \n";}
else {$surveysummary2 .= $clang->gT("This survey is NOT anonymous.")." \n";}
if ($s1row['format'] == "S") {$surveysummary2 .= $clang->gT("It is presented question by question.")." \n";}
elseif ($s1row['format'] == "G") {$surveysummary2 .= $clang->gT("It is presented group by group.")." \n";}
else {$surveysummary2 .= $clang->gT("It is presented on one single page.")." \n";}
if ($s1row['datestamp'] == "Y") {$surveysummary2 .= $clang->gT("Responses will be date stamped")." \n";}
if ($s1row['ipaddr'] == "Y") {$surveysummary2 .= $clang->gT("IP Addresses will be logged")." \n";}
if ($s1row['refurl'] == "Y") {$surveysummary2 .= $clang->gT("Referer-URL will be saved")." \n";}
if ($s1row['usecookie'] == "Y") {$surveysummary2 .= $clang->gT("It uses cookies for access control.")." \n";}
if ($s1row['allowregister'] == "Y") {$surveysummary2 .= $clang->gT("If tokens are used, the public may register for this survey")." \n";}
if ($s1row['allowsave'] == "Y") {$surveysummary2 .= $clang->gT("Participants can save partially finished surveys")." \n";}
switch ($s1row['notification'])
{
case 0:
$surveysummary2 .= $clang->gT("No email notification")." \n";
break;
case 1:
$surveysummary2 .= $clang->gT("Basic email notification")." \n";
break;
case 2:
$surveysummary2 .= $clang->gT("Detailed email notification with result codes")." \n";
break;
}
if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['edit_survey_property'])
{
$surveysummary2 .= $clang->gT("Regenerate Question Codes:")
// . " [gT("Are you sure you want regenerate the question codes?","js")."')) {".get2post("$scriptname?action=renumberquestions&sid=$surveyid&style=straight")."}\" "
. ">".$clang->gT("Straight")."] "
// . "[gT("Are you sure you want regenerate the question codes?","js")."')) {".get2post("$scriptname?action=renumberquestions&sid=$surveyid&style=bygroup")."}\" "
. ">".$clang->gT("By Group")."]";
$surveysummary2 .= "\n";
}
$surveysummary .= "\t
\n";
if (!$s1row['language']) {$language=getLanguageNameFromCode($currentadminlang);} else {$language=getLanguageNameFromCode($s1row['language']);}
$surveysummary .= "\t
$language
\n";
// get the rowspan of the Additionnal languages row
// is at least 1 even if no additionnal language is present
$additionnalLanguagesCount = count($additionnalLanguagesArray);
if ($additionnalLanguagesCount == 0) $additionnalLanguagesCount = 1;
$surveysummary .= "\t
"
. $clang->gT("Additional Languages").":
\n";
$first=true;
foreach ($additionnalLanguagesArray as $langname)
{
if ($langname)
{
if (!$first) {$surveysummary .= "\t\t\t
";}
$first=false;
$surveysummary .= "
".getLanguageNameFromCode($langname)."
\n";
}
}
if ($first) $surveysummary .= "\t";
if ($s1row['surveyls_urldescription']==""){$s1row['surveyls_urldescription']=$s1row['url'];}
$surveysummary .= "\t
\n";
if ($activated == "Y")
{
$surveysummary .= "\t
"
. $clang->gT("Survey table name").":
".$dbprefix."survey_$surveyid
\n";
}
$surveysummary .= "\t
"
. $clang->gT("Hints").":
\n";
if ($activated == "N" && $sumcount3 == 0)
{
$surveysummary .= $clang->gT("Survey cannot be activated yet.")." \n";
if ($sumcount2 == 0 && ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['define_questions']))
{
$surveysummary .= "\t[".$clang->gT("You need to add groups")."] ";
}
if ($sumcount3 == 0 && ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 ||$sumrows5['define_questions']))
{
$surveysummary .= "\t[".$clang->gT("You need to add questions")."] ";
}
}
$surveysummary .= $surveysummary2
. "
\n";
}
else
{
include("access_denied.php");
}
}
if ($surveyid && $gid ) // Show the group toolbar
{
// TODO: check that surveyid and thus baselang are always set here
$sumquery4 = "SELECT * FROM ".db_table_name('questions')." WHERE sid=$surveyid AND
gid=$gid AND language='".$baselang."'"; //Getting a count of questions for this survey
$sumresult4 = $connect->Execute($sumquery4); //Checked
$sumcount4 = $sumresult4->RecordCount();
$grpquery ="SELECT * FROM ".db_table_name('groups')." WHERE gid=$gid AND
language='".$baselang."' ORDER BY ".db_table_name('groups').".group_order";
$grpresult = db_execute_assoc($grpquery); //Checked
// Check if other questions/groups are dependent upon this group
$condarray=GetGroupDepsForConditions($surveyid,"all",$gid,"by-targgid");
$groupsummary = "
\n";
}
if ($surveyid && $gid && $qid) // Show the question toolbar
{
// TODO: check that surveyid is set and that so is $baselang
//Show Question Details
$qrq = "SELECT * FROM ".db_table_name('answers')." WHERE qid=$qid AND language='".$baselang."' ORDER BY sortorder, answer";
$qrr = $connect->Execute($qrq); //Checked
$qct = $qrr->RecordCount();
$qrquery = "SELECT * FROM ".db_table_name('questions')." WHERE gid=$gid AND sid=$surveyid AND qid=$qid AND language='".$baselang."'";
$qrresult = db_execute_assoc($qrquery) or safe_die($qrquery." ".$connect->ErrorMsg()); //Checked
$questionsummary = "
\n";
// Check if other questions in the Survey are dependent upon this question
$condarray=GetQuestDepsForConditions($surveyid,"all","all",$qid,"by-targqid","outsidegroup");
while ($qrrow = $qrresult->FetchRow())
{
$qrrow = array_map('strip_tags', $qrrow);
//$qrrow = array_map('htmlspecialchars', $qrrow);
$questionsummary .= "\t
"
. ""
. $clang->gT("Warning").": ". $clang->gT("You need to add answers to this question")." "
. "
\n";
}
// For Labelset Questions show the label set and warn if there is no label set configured
if (($qrrow['type'] == "1" || $qrrow['type'] == "F" || $qrrow['type'] == "H" || $qrrow['type'] == "W" || $qrrow['type'] == "Z"))
{
$questionsummary .= "\t\t
". $clang->gT("Label Set").":
";
if (!$qrrow['lid'])
{
$questionsummary .= "
"
. $clang->gT("Warning")." - ".$clang->gT("You need to choose a label set for this question!")."\n";
}
else
// If label set ID is configured show the labelset name and ID
{
$labelsetname=$connect->GetOne("SELECT label_name FROM ".db_table_name('labelsets')." WHERE lid = ".$qrrow['lid']);
$questionsummary .= "
".$labelsetname." (LID: {$qrrow['lid']}) ";
}
// If the user has the right to edit the label sets show the icon for the label set administration
if ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['define_questions'])
{
$questionsummary .= "\n";
}
$questionsummary .= "
";
if ($qrrow['type'] == "1") // Second labelset for "multi scale"
{
$questionsummary .= "
". $clang->gT("Second Label Set").":
";
if (!$qrrow['lid1'])
{
$questionsummary .= "
"
. $clang->gT("Warning")." - ".$clang->gT("You need to choose a second label set for this question!")."\n";
}
else
// If label set ID is configured show the labelset name and ID
{
$labelsetname=$connect->GetOne("SELECT label_name FROM ".db_table_name('labelsets')." WHERE lid = ".$qrrow['lid1']);
$questionsummary .= "
".$labelsetname." (LID: {$qrrow['lid1']}) ";
}
// If the user has the right to edit the second label sets show the icon for the label set administration
if ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['define_questions'])
{
$questionsummary .= "\n";
}
$questionsummary .= "
";
}
}
if ($qrrow['type'] == "M" or $qrrow['type'] == "P")
{
$questionsummary .= "\t
";
}
if (returnglobal('viewanswer'))
{
$_SESSION['FileManagerContext']="edit:answer:$surveyid";
// Get languages select on survey.
$anslangs = GetAdditionalLanguagesFromSurveyID($surveyid);
$baselang = GetBaseLanguageFromSurveyID($surveyid);
// check that there are answers for every language supported by the survey
foreach ($anslangs as $language)
{
$qquery = "SELECT count(*) as num_ans FROM ".db_table_name('answers')." WHERE qid=$qid AND language='".$language."'";
$qresult = db_execute_assoc($qquery); //Checked
$qrow = $qresult->FetchRow();
if ($qrow["num_ans"] == 0) // means that no record for the language exists in the answers table
{
$qquery = "INSERT INTO ".db_table_name('answers')." (SELECT `qid`,`code`,`answer`,`default_value`,`sortorder`, '".$language."' FROM ".db_table_name('answers')." WHERE qid=$qid AND language='".$baselang."')";
$connect->Execute($qquery); //Checked
}
}
array_unshift($anslangs,$baselang); // makes an array with ALL the languages supported by the survey -> $anslangs
//delete the answers in languages not supported by the survey
$qquery = "SELECT DISTINCT language FROM ".db_table_name('answers')." WHERE (qid = $qid) AND (language NOT IN ('".implode("','",$anslangs)."'))";
$qresult = db_execute_assoc($qquery); //Checked
while ($qrow = $qresult->FetchRow())
{
$qquery = "DELETE FROM ".db_table_name('answers')." WHERE (qid = $qid) AND (language = '".$qrow["language"]."')";
$connect->Execute($qquery); //Checked
}
// Check sort order for answers
$qquery = "SELECT type FROM ".db_table_name('questions')." WHERE qid=$qid AND language='".$baselang."'";
$qresult = db_execute_assoc($qquery); //Checked
while ($qrow=$qresult->FetchRow()) {$qtype=$qrow['type'];}
if (!isset($_POST['ansaction']))
{
//check if any nulls exist. If they do, redo the sortorders
$caquery="SELECT * FROM ".db_table_name('answers')." WHERE qid=$qid AND sortorder is null AND language='".$baselang."'";
$caresult=$connect->Execute($caquery); //Checked
$cacount=$caresult->RecordCount();
if ($cacount)
{
fixsortorderAnswers($qid); // !!Adjust this!!
}
}
// Print Key Control JavaScript
$vasummary = PrepareEditorScript("editanswer");
$query = "SELECT sortorder FROM ".db_table_name('answers')." WHERE qid='{$qid}' AND language='".GetBaseLanguageFromSurveyID($surveyid)."' ORDER BY sortorder desc";
$result = db_execute_assoc($query) or safe_die($connect->ErrorMsg()); //Checked
$anscount = $result->RecordCount();
$row=$result->FetchRow();
$maxsortorder=$row['sortorder']+1;
$vasummary .= "\t
\n"
."
\n"
."\t
\n"
.$clang->gT("Edit Answers")
."\t
\n"
."
\n"
."\t
";
}
// *************************************************
// Survey Rights Start ****************************
// *************************************************
if($action == "addsurveysecurity")
{
$addsummary = " ".$clang->gT("Add User")." \n";
$query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID']." AND owner_id != ".$postuserid;
$result = db_execute_assoc($query); //Checked
if( ($result->RecordCount() > 0 && in_array($postuserid,getuserlist('onlyuidarray'))) ||
$_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
{
if($postuserid > 0){
$isrquery = "INSERT INTO {$dbprefix}surveys_rights VALUES($surveyid,". $postuserid.",0,0,0,0,0,0)";
$isrresult = $connect->Execute($isrquery); //Checked
if($isrresult)
{
$addsummary .= " ".$clang->gT("User added.")." \n";
$addsummary .= " \n";
}
else
{
// Username already exists.
$addsummary .= " ".$clang->gT("Failed to add User.")." \n" . " " . $clang->gT("Username already exists.")." \n";
}
$addsummary .= " ".$clang->gT("Continue")." \n";
}
else
{
$addsummary .= " ".$clang->gT("Failed to add User.")." \n" . " " . $clang->gT("No Username selected.")." \n";
$addsummary .= " ".$clang->gT("Continue")." \n";
}
}
else
{
include("access_denied.php");
}
}
if($action == "addusergroupsurveysecurity")
{
$addsummary = " ".$clang->gT("Add User Group")." \n";
$query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID'];
$result = db_execute_assoc($query); //Checked
if( ($result->RecordCount() > 0 && in_array($postusergroupid,getsurveyusergrouplist('simpleugidarray')) ) ||
$_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
{
if($postusergroupid > 0){
$query2 = "SELECT b.uid FROM (SELECT uid FROM ".db_table_name('surveys_rights')." WHERE sid = {$surveyid}) AS c RIGHT JOIN ".db_table_name('user_in_groups')." AS b ON b.uid = c.uid WHERE c.uid IS NULL AND b.ugid = {$postusergroupid}";
$result2 = db_execute_assoc($query2); //Checked
if($result2->RecordCount() > 0)
{
while ($row2 = $result2->FetchRow())
{
$uid_arr[] = $row2['uid'];
$values[] = "($surveyid, {$row2['uid']},0,0,0,0,0,0)";
}
$values_implode = implode(",", $values);
$isrquery = "INSERT INTO {$dbprefix}surveys_rights VALUES ".$values_implode;
$isrresult = $connect->Execute($isrquery); //Checked
if($isrresult)
{
$addsummary .= " ".$clang->gT("User Group added.")." \n";
$_SESSION['uids'] = $uid_arr;
$addsummary .= " \n";
}
}
else
{
// no user to add
$addsummary .= " ".$clang->gT("Failed to add User Group.")." \n";
}
$addsummary .= " ".$clang->gT("Continue")." \n";
}
else
{
$addsummary .= " ".$clang->gT("Failed to add User.")." \n" . " " . $clang->gT("No Username selected.")." \n";
$addsummary .= " ".$clang->gT("Continue")." \n";
}
}
else
{
include("access_denied.php");
}
}
if($action == "delsurveysecurity"){
{
$addsummary = " ".$clang->gT("Deleting User")." \n";
$query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID']." AND owner_id != ".$postuserid;
$result = db_execute_assoc($query); //Checked
if($result->RecordCount() > 0 || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
{
if (isset($postuserid))
{
$dquery="DELETE FROM {$dbprefix}surveys_rights WHERE uid={$postuserid} AND sid={$surveyid}"; // added by Dennis
$dresult=$connect->Execute($dquery); //Checked
$addsummary .= " ".$clang->gT("Username").": ".sanitize_xss_string($_POST['user'])." \n";
}
else
{
$addsummary .= " ".$clang->gT("Could not delete user. User was not supplied.")." \n";
}
}
else
{
include("access_denied.php");
}
$addsummary .= "
\n";
}
else
{
include("access_denied.php");
}
}
// This is the action to export the structure of a complete survey
if($action == "exportstructure")
{
if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $sumrows5['export'])
{
$xml_module_available=function_exists("domxml_new_doc");
$exportstructure = "
gT("This survey is active but expired", "js")."');return false\" />\n";
}
else
{
if ($_SESSION['USER_RIGHT_SUPERADMIN'] ==1 || $sidsecurity['activate_survey'])
{
$listsurveys .= "
gT("Survey cannot be activated. Either you have no permission or there are no questions.", "js")."');return false\" name='ActivateDisabledSurvey' title='' alt='".$clang->gT("Survey cannot be activated. Either you have no permission or there are no questions.")."' align='left' />\n" ;
}
}
elseif ($activated == "Y")
{
if (($s1row['useexpiry']=='Y') && ($s1row['expires'] < date_shift(date("Y-m-d H:i:s"), "Y-m-d", $timeadjust)))
{
$surveysummary .= "\t\t\t\t\t
\n";
}
}
$surveysummary .= "\t\t\t\t\t
\n";
// survey rights
if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $s1row['owner_id'] == $_SESSION['loginID'])
{
$surveysummary .= "\t\t\t\t\t
"
."
