private function storeAnswer($primkey, $variable, $answer, $striptags = true)
{
global $engine;
$localdb = null;
if (Config::useTransactions() == true) {
global $transdb;
$localdb = $transdb;
} else {
global $db;
$localdb = $db;
}
$dirty = $this->getDirty();
$prim = $primkey;
$var = $variable;
//$engine->prefixVariableName($variable);
$ans = $answer;
if ($ans == "" && $ans !== 0) {
// preserve '0' as answer
$ans = null;
}
$version = getSurveyVersion();
$language = getSurveyLanguage();
$mode = getSurveyMode();
$suid = getSurvey();
// set session language/mode here if changed through routing!
if ($ans != null) {
if (strtoupper($variable) == strtoupper(VARIABLE_LANGUAGE)) {
$_SESSION['PARAMS'][SESSION_PARAM_LANGUAGE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_MODE)) {
$_SESSION['PARAMS'][SESSION_PARAM_MODE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_VERSION)) {
$_SESSION['PARAMS'][SESSION_PARAM_VERSION] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_TEMPLATE)) {
$_SESSION['PARAMS'][SESSION_PARAM_TEMPLATE] = $ans;
}
}
}
}
}
/* set attributes for data record processing in export */
$this->suid = $suid;
$this->primkey = $prim;
$this->language = $language;
$this->mode = $mode;
$this->version = $version;
$this->ts = date("Y-m-d h:i:s", time());
if (Config::prepareDataQueries() == false) {
global $survey;
$key = $survey->getDataEncryptionKey();
if ($ans == null && $ans !== 0) {
$answer = 'null';
} else {
$answer = '"' . prepareDatabaseString($ans, $striptags) . '"';
if ($key != "") {
$answer = "aes_encrypt('" . prepareDatabaseString($ans, $striptags) . "', '" . $key . "')";
}
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = prepareDatabaseString($suid);
$queryvalues .= ",'" . prepareDatabaseString($prim) . "'";
$queryvalues .= ",'" . prepareDatabaseString($var) . "'";
$queryvalues .= "," . $answer;
$queryvalues .= "," . prepareDatabaseString($dirty);
$queryvalues .= "," . prepareDatabaseString($version);
$queryvalues .= "," . prepareDatabaseString($language);
$queryvalues .= "," . prepareDatabaseString($mode);
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
//echo $query;
if ($localdb->executeQuery($query)) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($query);
}
return true;
}
return false;
} else {
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $suid);
$bp->add(MYSQL_BINDING_STRING, $prim);
$bp->add(MYSQL_BINDING_STRING, $var);
$bp->add(MYSQL_BINDING_STRING, $ans);
$bp->add(MYSQL_BINDING_INTEGER, $dirty);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
global $survey;
$key = $survey->getDataEncryptionKey();
$answer = "?";
if ($key != "") {
$answer = "aes_encrypt(?, '" . $key . "')";
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = '?,?,?,' . $answer . ',?,?,?,?';
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
if ($localdb->executeBoundQuery($query, $bp->get())) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($queryparams, $queryvalues, $bp);
}
return true;
}
return false;
}
}
function showQuestion($variablename, $rgid, $template = "")
{
/* log entry (single entry for all variable(s)
* in case of a group statement)
*/
$this->logAction($rgid, ACTION_ENTRY);
/* update state */
$this->setDisplayed($variablename);
$this->setRgid($rgid);
$this->setTemplate($template);
/* update state for sub display info */
$this->setSubDisplays($this->getSubDisplays());
/* unlock */
$this->unlock();
/* show question(s) */
/* ini_set('output_buffering', 'off');
ini_set('zlib.output_compression', false);
while (@ob_end_flush());
ini_set('implicit_flush', true);
ob_implicit_flush(true);
header('Content-type: text/plain');
header('Cache-control: no-cache');
$multiplier = 8;
$size = 1024 * $multiplier;
for ($i = 1; $i <= $size; $i++) {
echo ".";
}
*/
/* DATA FLOODER, then no need to build the screen */
if ($this->getFlooding() == true) {
return;
}
//ob_flush();
//flush();
header("X-XSS-Protection: 0");
// for chrome xx protection feature
echo $this->display->showQuestion($variablename, $rgid, $template);
// using transactions, then commit now after we started outputting
if (Config::useTransactions() == true) {
doCommit();
}
}
}
echo "<html><body><font face=arial>NubiS could not locate its configuration file (conf.php).</font></body></html>";
doExit();
} else {
$contents = file_get_contents("errorsms.html");
if ($contents != "") {
echo str_replace('$Error$', 'NubiS could not access the database. <br/>Please verify your configuration settings in the conf.php file.', $contents);
doExit();
}
echo "<html><body><font face=arial>NubiS could not access the database. Please verify your configuration settings in the conf.php file.</font></body></html>";
doExit();
}
}
}
}
if ($_SESSION['SYSTEM_ENTRY'] != USCIC_SMS && Config::useTransactions() == true) {
$transdb = new Database();
$transdb->beginTransaction();
}
ini_set("error_reporting", "ALL");
/* startup */
require 'action.php';
require 'login.php';
/* SMS admin extensions */
if ($_SESSION['SYSTEM_ENTRY'] == USCIC_SMS) {
require 'sms.php';
require 'sysadmin.php';
require "compiler.php";
require "checker.php";
require "track.php";
require 'supervisor.php';
