/**
  * This function changes the modify column of the sortable table
  *
  * @param integer $survey_id the id of the survey
  * @return html code that are the actions that can be performed on any survey
  *
  * @author Patrick Cool <*****@*****.**>, Ghent University
  * @version January 2007
  */
 static function modify_filter($survey_id)
 {
     $survey_id = Security::remove_XSS($survey_id);
     $return = '';
     // Coach can see that only if the survey is in his session
     if (api_is_allowed_to_edit() || api_is_element_in_the_session(TOOL_SURVEY, $survey_id)) {
         $return .= '<a href="create_new_survey.php?' . api_get_cidreq() . '&amp;action=edit&amp;survey_id=' . $survey_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_SMALL) . '</a>';
         if (survey_manager::survey_generation_hash_available()) {
             $return .= Display::url(Display::return_icon('new_link.png', get_lang('GenerateSurveyAccessLink'), '', ICON_SIZE_SMALL), 'generate_link.php?survey_id=' . $survey_id . '&' . api_get_cidreq());
         }
         $return .= Display::url(Display::return_icon('copy.png', get_lang('DuplicateSurvey'), '', ICON_SIZE_SMALL), 'survey_list.php?action=copy_survey&survey_id=' . $survey_id . '&' . api_get_cidreq());
         $return .= ' <a href="survey_list.php?' . api_get_cidreq() . '&amp;action=empty&amp;survey_id=' . $survey_id . '" onclick="javascript: if(!confirm(\'' . addslashes(api_htmlentities(get_lang("EmptySurvey") . '?')) . '\')) return false;">' . Display::return_icon('clean.png', get_lang('EmptySurvey'), '', ICON_SIZE_SMALL) . '</a>&nbsp;';
     }
     $return .= '<a href="preview.php?' . api_get_cidreq() . '&amp;survey_id=' . $survey_id . '">' . Display::return_icon('preview_view.png', get_lang('Preview'), '', ICON_SIZE_SMALL) . '</a>&nbsp;';
     $return .= '<a href="survey_invite.php?' . api_get_cidreq() . '&amp;survey_id=' . $survey_id . '">' . Display::return_icon('mail_send.png', get_lang('Publish'), '', ICON_SIZE_SMALL) . '</a>&nbsp;';
     $return .= '<a href="reporting.php?' . api_get_cidreq() . '&amp;survey_id=' . $survey_id . '">' . Display::return_icon('stats.png', get_lang('Reporting'), '', ICON_SIZE_SMALL) . '</a>';
     if (api_is_allowed_to_edit() || api_is_element_in_the_session(TOOL_SURVEY, $survey_id)) {
         $return .= '<a href="survey_list.php?' . api_get_cidreq() . '&amp;action=delete&amp;survey_id=' . $survey_id . '" onclick="javascript: if(!confirm(\'' . addslashes(api_htmlentities(get_lang("DeleteSurvey") . '?', ENT_QUOTES)) . '\')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a>&nbsp;';
     }
     return $return;
 }
Beispiel #2
0
<?php

/* For licensing terms, see /license.txt */
//require_once '../inc/global.inc.php';
$survey_id = isset($_REQUEST['i']) ? intval($_REQUEST['i']) : null;
if (empty($survey_id)) {
    api_not_allowed(true);
}
if (!survey_manager::survey_generation_hash_available()) {
    api_not_allowed(true);
}
$course_info = api_get_course_info_by_id($_REQUEST['c']);
$hash_is_valid = survey_manager::validate_survey_hash($survey_id, $_REQUEST['c'], $_REQUEST['s'], $_REQUEST['g'], $_REQUEST['h']);
if ($hash_is_valid && $course_info) {
    $survey_data = survey_manager::get_survey($survey_id, null, $course_info['code']);
    $invitation_code = api_get_unique_id();
    $params = array('c_id' => $_REQUEST['c'], 'session_id' => $_REQUEST['s'], 'user' => $invitation_code, 'survey_code' => $survey_data['code'], 'invitation_code' => $invitation_code, 'invitation_date' => api_get_utc_datetime());
    $invitation_id = SurveyUtil::save_invitation($params);
    if ($invitation_id) {
        $link = api_get_path(WEB_CODE_PATH) . 'survey/fillsurvey.php?invitationcode=' . $invitation_code . '&course=' . $course_info['code'];
        header('Location: ' . $link);
        exit;
    }
} else {
    api_not_allowed(true);
}