/**
* Sets the end element handler function for the XML parser parser.end_element_handler.
* @param $parser (resource) The first parameter, parser, is a reference to the XML parser calling the handler.
* @param $name (string) The second parameter, name, contains the name of the element for which this handler is called. If case-folding is in effect for this parser, the element name will be in uppercase letters.
* @private
*/
private function endElementHandler($parser, $name)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once 'tce_functions_user_select.php';
switch (strtolower($name)) {
case 'name':
case 'password':
case 'email':
case 'regdate':
case 'ip':
case 'firstname':
case 'lastname':
case 'birthdate':
case 'birthplace':
case 'regnumber':
case 'ssn':
case 'level':
case 'verifycode':
$this->current_data = F_escape_sql(F_xml_to_text($this->current_data));
$this->user_data[$this->current_element] = $this->current_data;
$this->current_element = '';
$this->current_data = '';
break;
case 'group':
$group_name = F_escape_sql(F_xml_to_text($this->current_data));
// check if group already exist
$sql = 'SELECT group_id
FROM ' . K_TABLE_GROUPS . '
WHERE group_name=\'' . $group_name . '\'
LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// the group has been already added
$this->group_data[] = $m['group_id'];
} else {
// add new group
$sqli = 'INSERT INTO ' . K_TABLE_GROUPS . ' (
group_name
) VALUES (
\'' . $group_name . '\'
)';
if (!($ri = F_db_query($sqli, $db))) {
F_display_db_error(false);
} else {
$this->group_data[] = F_db_insert_id($db, K_TABLE_GROUPS, 'group_id');
}
}
} else {
F_display_db_error();
}
break;
case 'user':
// insert users
if (!empty($this->user_data['user_name'])) {
if (empty($this->user_data['user_regdate'])) {
$this->user_data['user_regdate'] = date(K_TIMESTAMP_FORMAT);
}
if (empty($this->user_data['user_ip'])) {
$this->user_data['user_ip'] = getNormalizedIP($_SERVER['REMOTE_ADDR']);
}
if (!isset($this->user_data['user_level']) or strlen($this->user_data['user_level']) == 0) {
$this->user_data['user_level'] = 1;
}
if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
// you cannot edit a user with a level equal or higher than yours
$this->user_data['user_level'] = min(max(0, $_SESSION['session_user_level'] - 1), $this->user_data['user_level']);
// non-administrator can access only to his/her groups
if (empty($this->group_data)) {
break;
}
$common_groups = array_intersect(F_get_user_groups($_SESSION['session_user_id']), $this->group_data);
if (empty($common_groups)) {
break;
}
}
// check if user already exist
$sql = 'SELECT user_id,user_level
FROM ' . K_TABLE_USERS . '
WHERE user_name=\'' . $this->user_data['user_name'] . '\'
OR user_regnumber=\'' . $this->user_data['user_regnumber'] . '\'
OR user_ssn=\'' . $this->user_data['user_ssn'] . '\'
LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// the user has been already added
$user_id = $m['user_id'];
if ($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR or $_SESSION['session_user_level'] > $m['user_level']) {
//update user data
$sqlu = 'UPDATE ' . K_TABLE_USERS . ' SET
user_regdate=\'' . $this->user_data['user_regdate'] . '\',
user_ip=\'' . $this->user_data['user_ip'] . '\',
user_name=\'' . $this->user_data['user_name'] . '\',
user_email=' . F_empty_to_null($this->user_data['user_email']) . ',';
// update password only if it is specified
if (!empty($this->user_data['user_password'])) {
$sqlu .= ' user_password=\'' . md5($this->user_data['user_password']) . '\',';
}
$sqlu .= '
user_regnumber=' . F_empty_to_null($this->user_data['user_regnumber']) . ',
user_firstname=' . F_empty_to_null($this->user_data['user_firstname']) . ',
user_lastname=' . F_empty_to_null($this->user_data['user_lastname']) . ',
user_birthdate=' . F_empty_to_null($this->user_data['user_birthdate']) . ',
user_birthplace=' . F_empty_to_null($this->user_data['user_birthplace']) . ',
user_ssn=' . F_empty_to_null($this->user_data['user_ssn']) . ',
user_level=\'' . $this->user_data['user_level'] . '\',
user_verifycode=' . F_empty_to_null($this->user_data['user_verifycode']) . '
WHERE user_id=' . $user_id . '';
if (!($ru = F_db_query($sqlu, $db))) {
F_display_db_error(false);
return FALSE;
}
} else {
// no user is updated, so empty groups
$this->group_data = array();
}
} else {
// add new user
$sqlu = 'INSERT INTO ' . K_TABLE_USERS . ' (
user_regdate,
user_ip,
user_name,
user_email,
user_password,
user_regnumber,
user_firstname,
user_lastname,
user_birthdate,
user_birthplace,
user_ssn,
user_level,
user_verifycode
) VALUES (
' . F_empty_to_null($this->user_data['user_regdate']) . ',
\'' . $this->user_data['user_ip'] . '\',
\'' . $this->user_data['user_name'] . '\',
' . F_empty_to_null($this->user_data['user_email']) . ',
\'' . md5($this->user_data['user_password']) . '\',
' . F_empty_to_null($this->user_data['user_regnumber']) . ',
' . F_empty_to_null($this->user_data['user_firstname']) . ',
' . F_empty_to_null($this->user_data['user_lastname']) . ',
' . F_empty_to_null($this->user_data['user_birthdate']) . ',
' . F_empty_to_null($this->user_data['user_birthplace']) . ',
' . F_empty_to_null($this->user_data['user_ssn']) . ',
\'' . $this->user_data['user_level'] . '\',
' . F_empty_to_null($this->user_data['user_verifycode']) . '
)';
if (!($ru = F_db_query($sqlu, $db))) {
F_display_db_error(false);
return FALSE;
} else {
$user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
}
}
} else {
F_display_db_error(false);
return FALSE;
}
// user's groups
if (!empty($this->group_data)) {
while (list($key, $group_id) = each($this->group_data)) {
// check if user-group already exist
$sqls = 'SELECT *
FROM ' . K_TABLE_USERGROUP . '
WHERE usrgrp_group_id=\'' . $group_id . '\'
AND usrgrp_user_id=\'' . $user_id . '\'
LIMIT 1';
if ($rs = F_db_query($sqls, $db)) {
if (!($ms = F_db_fetch_array($rs))) {
// associate group to user
$sqlg = 'INSERT INTO ' . K_TABLE_USERGROUP . ' (
usrgrp_user_id,
usrgrp_group_id
) VALUES (
' . $user_id . ',
' . $group_id . '
)';
if (!($rg = F_db_query($sqlg, $db))) {
F_display_db_error(false);
return FALSE;
}
}
} else {
F_display_db_error(false);
return FALSE;
}
}
}
}
break;
default:
break;
}
}
/**
* Clone the specified object, including child objects
* @param $source_obj_id (int) Source parent object ID.
* @param $target_obj_id (int) Target parent object ID.
*/
function F_clone_child_objects($source_obj_id, $target_obj_id)
{
global $l, $db;
require_once '../config/tce_config.php';
$sql = 'SELECT * FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . ' WHERE omp_child_obj_id=obj_id AND omp_parent_obj_id=' . $source_obj_id . '';
if ($r = F_db_query($sql, $db)) {
while ($m = F_db_fetch_array($r)) {
// create new object
$sqli = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
' . $m['obj_obt_id'] . ',
\'' . $m['obj_name'] . '\',
' . F_empty_to_null($m['obj_description']) . ',
' . F_empty_to_null($m['obj_label']) . ',
' . F_empty_to_null($m['obj_tag']) . ',
' . F_empty_to_null($m['obj_mnf_id']) . ',
' . F_empty_to_null($m['obj_owner_id']) . ',
' . F_empty_to_null($m['obj_tenant_id']) . '
)';
if (!($ri = F_db_query($sqli, $db))) {
F_display_db_error(false);
} else {
$child_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
// add new object as child
$sqli = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $target_obj_id . ',
' . $child_obj_id . '
)';
if (!($ri = F_db_query($sqli, $db))) {
F_display_db_error(false);
}
F_clone_child_objects($m['obj_id'], $child_obj_id);
}
}
} else {
F_display_db_error();
}
}
\'' . intval($_SESSION['session_user_id']) . '\',
\'' . $test_score_threshold . '\',
\'' . intval($test_random_questions_select) . '\',
\'' . intval($test_random_questions_order) . '\',
\'' . $test_questions_order_mode . '\',
\'' . intval($test_random_answers_select) . '\',
\'' . intval($test_random_answers_order) . '\',
\'' . $test_answers_order_mode . '\',
\'' . intval($test_comment_enabled) . '\',
\'' . intval($test_menu_enabled) . '\',
\'' . intval($test_noanswer_enabled) . '\',
\'' . intval($test_mcma_radio) . '\',
\'' . intval($test_repeatable) . '\',
\'' . intval($test_mcma_partial_score) . '\',
\'' . intval($test_logout_on_timeout) . '\',
' . F_empty_to_null($test_password) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$test_id = F_db_insert_id($db, K_TABLE_TESTS, 'test_id');
}
// add authorized user's groups
if (!empty($user_groups)) {
foreach ($user_groups as $group_id) {
$sql = 'INSERT INTO ' . K_TABLE_TEST_GROUPS . ' (
tstgrp_test_id,
tstgrp_group_id
) VALUES (
\'' . $test_id . '\',
\'' . intval($group_id) . '\'
user_otpkey
) VALUES (
\'' . F_escape_sql($db, $user_regdate) . '\',
\'' . F_escape_sql($db, $user_ip) . '\',
\'' . F_escape_sql($db, $user_name) . '\',
' . F_empty_to_null($user_email) . ',
\'' . F_escape_sql($db, $user_password) . '\',
' . F_empty_to_null($user_regnumber) . ',
' . F_empty_to_null($user_firstname) . ',
' . F_empty_to_null($user_lastname) . ',
' . F_empty_to_null($user_birthdate) . ',
' . F_empty_to_null($user_birthplace) . ',
' . F_empty_to_null($user_ssn) . ',
\'' . $usrlevel . '\',
\'' . $user_verifycode . '\',
' . F_empty_to_null($user_otpkey) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
}
// add user's groups
if (empty($user_groups)) {
$user_groups = array(K_USRREG_GROUP);
} elseif (!in_array(K_USRREG_GROUP, $user_groups)) {
$user_groups[] = K_USRREG_GROUP;
}
foreach ($user_groups as $group_id) {
$sql = 'INSERT INTO ' . K_TABLE_USERGROUP . ' (
usrgrp_user_id,
/**
* Import the specifed server object.
* @param $srv (array) array containing object data.
* @return true in case of success, false otherwise
*/
function F_importServerObj($srv)
{
global $l, $db;
require_once '../config/tce_config.php';
if (!isset($srv['serial']) or empty($srv['serial'])) {
F_print_error('ERROR', 'missing serial');
return false;
}
// get ID of the object with the same serial number
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ' WHERE obj_tag=\'' . F_escape_sql($srv['serial']) . '\' LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
$obj_id = $m['obj_id'];
} else {
// this object do not exist.
F_print_error('ERROR', $srv['serial']);
return false;
}
} else {
F_display_db_error(false);
return false;
}
// attribute map
$srvattrmap = array('hostname' => 66, 'os release' => 68, 'os type' => 67, 'kernel name' => 69, 'kernel release' => 70, 'kernel version' => 71, 'kernel architecture' => 72, 'product' => 17, 'uuid' => 26);
// for each attribute
foreach ($srvattrmap as $k => $v) {
if (isset($srv[$k]) and strlen($srv[$k]) > 0) {
$value = $srv[$k];
if ($k == 'product' and isset($srv['manufacturer']) and !empty($srv['manufacturer'])) {
$value = $srv['manufacturer'] . ' ' . $value;
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
// cpu attribute map
$cpuattrmap = array('Socket Designation' => 92, 'Family' => 94, 'ID' => 93, 'Architecture' => 56, 'CPU op-mode(s)' => 83, 'Byte Order' => 84, 'Thread(s) per core' => 85, 'Core(s) per socket' => 55, 'Vendor ID' => 86, 'CPU family' => 87, 'Model' => 88, 'Stepping' => 89, 'CPU MHz' => 25, 'Virtualization' => 90, 'L1d cache' => 81, 'L1i cache' => 82, 'L1 cache' => 57, 'L2 cache' => 58, 'L3 cache' => 59);
// cpu
if (isset($srv['dmi']['Processor Information']) and !empty($srv['dmi']['Processor Information'])) {
$cpucount = 0;
foreach ($srv['dmi']['Processor Information'] as $cpu) {
++$cpucount;
$cpuname = sprintf('CPU%02d', $cpucount);
// check if CPU exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $obj_id . ' AND obj_obt_id=58 AND obj_name=\'' . $cpuname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$cpu_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
58,
\'' . $cpuname . '\',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$cpu_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $obj_id . ',
' . $cpu_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($cpuattrmap as $k => $v) {
$value = '';
if (isset($cpu[$k])) {
$value = $cpu[$k];
} elseif (isset($srv['cpu'][$k])) {
$value = $srv['cpu'][$k];
}
if (preg_match('/([0-9\\.]+)[\\s]?([KMGT][B]?)/', $value, $vmtch) > 0) {
$value = $vmtch[1];
}
if (strlen($value) > 0) {
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $cpu_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
}
}
// memory attribute map
$memattrmap = array('Total Width' => 95, 'Data Width' => 96, 'Size' => 52, 'Form Factor' => 97, 'Locator' => 99, 'Type' => 98, 'Speed' => 61);
// memory
if (isset($srv['ram']) and !empty($srv['ram'])) {
// get total ram in gigabytes
$totalram = round(floatval($srv['ram']) / 1024 / 1024 / 1024);
// check if RAM object exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $obj_id . ' AND obj_obt_id=59
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$ram_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
59,
\'RAM\',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$ram_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $obj_id . ',
' . $ram_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $ram_obj_id . ',
60,
\'' . F_escape_sql($totalram) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
} else {
F_display_db_error(false);
return false;
}
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if (isset($srv['dmi']['Memory Device']) and !empty($srv['dmi']['Memory Device'])) {
$memcount = 0;
foreach ($srv['dmi']['Memory Device'] as $mem) {
++$memcount;
$memname = sprintf('SLOT%02d', $memcount);
// check if object exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $ram_obj_id . ' AND obj_obt_id=60 AND obj_name=\'' . $memname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing memory slot object
$mem_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
60,
\'' . $memname . '\',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$mem_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $ram_obj_id . ',
' . $mem_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each memory attribute
foreach ($memattrmap as $k => $v) {
$value = '';
if (isset($mem[$k])) {
$value = $mem[$k];
if ($k == 'Size' or $k == 'Speed') {
$value = intval($value);
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $mem_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
}
}
}
// end srv['ram']
// network attribute map
$netattrmap = array('device' => 74, 'mac' => 9, 'ipv4' => 10, 'bcast' => 75, 'mask' => 76, 'ipv6' => 73, 'encap' => 77, 'scope' => 78, 'mtu' => 79, 'metric' => 80);
// network
if (isset($srv['network']) and !empty($srv['network'])) {
$netcount = 0;
foreach ($srv['network'] as $net) {
if (preg_match('/^eth[0-9]+$/', $net['device']) > 0) {
++$netcount;
$netname = sprintf('ETH%02d', $netcount);
// check if device exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $obj_id . ' AND obj_obt_id=37 AND obj_name=\'' . $netname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$net_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
37,
\'' . $netname . '\',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null('') . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$net_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $obj_id . ',
' . $net_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($netattrmap as $k => $v) {
$value = '';
if (isset($net[$k])) {
$value = $net[$k];
} elseif (isset($srv['net'][$k])) {
$value = $srv['net'][$k];
}
if (strlen($value) > 0) {
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $net_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
}
}
}
// disk controller (8) attribute map
$ctrlattrmap = array('Bus Interface' => 100, 'Slot' => 101, 'Cache Serial Number' => 102, 'Hardware Revision' => 103, 'Firmware Version' => 104, 'Total Cache Size' => 105, 'Total Cache Memory Available' => 106);
// disk array (65) attribute map
$darrattrmap = array('Interface Type' => 122);
// logical drive (66) attribute map
$logdrvattrmap = array('Size' => 123, 'Fault Tolerance' => 107, 'Heads' => 108, 'Sectors Per Track' => 109, 'Cylinders' => 110, 'Strip Size' => 111, 'Full Stripe Size' => 112, 'Caching' => 113, 'Unique Identifier' => 114, 'Disk Name' => 115, 'Mount Points' => 116, 'Logical Drive Label' => 117, 'Drive Type' => 118);
// physical drive (66) attribute map
$phydrvattrmap = array('Port' => 119, 'Box' => 120, 'Bay' => 121, 'Drive Type' => 118, 'Interface Type' => 122, 'Size' => 123, 'Rotational Speed' => 124, 'Firmware Revision' => 104, 'Model' => 125, 'PHY Transfer Rate' => 126);
$disknum = 0;
$logdrvdisks = array();
// list physical disks that belongs to logical drives
// hp disk controller data
if (isset($srv['hpdisks']) and !empty($srv['hpdisks'])) {
$ctrlcount = 0;
foreach ($srv['hpdisks'] as $ctrl) {
++$ctrlcount;
$ctrlname = sprintf('DISKCTRL%02d', $ctrlcount);
// check if device exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $obj_id . ' AND obj_obt_id=8 AND obj_name=\'' . $ctrlname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$ctrl_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
8,
\'' . $ctrlname . '\',
' . F_empty_to_null($ctrl['item']) . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null($ctrl['Serial Number']) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$ctrl_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $obj_id . ',
' . $ctrl_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($ctrlattrmap as $k => $v) {
$value = '';
if (isset($ctrl[$k]) and strlen($ctrl[$k]) > 0) {
$value = $ctrl[$k];
if (preg_match('/([0-9\\.]+)[\\s]?([KMGT]B|Gbps)/', $value, $vmtch) > 0) {
$value = $vmtch[1];
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $ctrl_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
// - - - - - - - - - -
// disk arrays
foreach ($ctrl as $ck => $darr) {
if (is_array($darr) and $darr['item'] == 'Array') {
$diskarrayname = sprintf('ARRAY%02d', $ck + 1);
// check if device exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $ctrl_obj_id . ' AND obj_obt_id=65 AND obj_name=\'' . $diskarrayname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$darr_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
65,
\'' . $diskarrayname . '\',
' . F_empty_to_null($darr['item']) . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null($darr['value']) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$darr_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $ctrl_obj_id . ',
' . $darr_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($darrattrmap as $k => $v) {
$value = '';
if (isset($darr[$k]) and strlen($darr[$k]) > 0) {
$value = $darr[$k];
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $darr_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
// - - - - - - - - - -
// logical (66) and physical (61) disks
foreach ($darr as $dk => $dsk) {
if (is_array($dsk)) {
if ($dsk['item'] == 'Logical Drive') {
$ldiskname = sprintf('LOGICALDRIVE%02d', $dk + 1);
// check if device exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $darr_obj_id . ' AND obj_obt_id=66 AND obj_name=\'' . $ldiskname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$ldsk_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
66,
\'' . $ldiskname . '\',
' . F_empty_to_null($dsk['item']) . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null($dsk['value']) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$ldsk_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $darr_obj_id . ',
' . $ldsk_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($logdrvattrmap as $k => $v) {
$value = '';
if (isset($dsk[$k]) and strlen($dsk[$k]) > 0) {
$value = $dsk[$k];
if (preg_match('/([0-9\\.]+)[\\s]?([KMGT]B|Gbps)/', $value, $vmtch) > 0) {
$value = $vmtch[1];
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $ldsk_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
$logdrvdisks[$ldsk_obj_id] = array();
} elseif ($dsk['item'] == 'physicaldrive') {
++$disknum;
$diskname = sprintf('DISK%02d', $disknum);
$logdrvdisks[$ldsk_obj_id][] = $diskname;
// check if device exist
$sql = 'SELECT obj_id FROM ' . K_TABLE_OBJECTS . ', ' . K_TABLE_OBJECTS_MAP . '
WHERE obj_id=omp_child_obj_id AND omp_parent_obj_id=' . $ctrl_obj_id . ' AND obj_obt_id=61 AND obj_name=\'' . $diskname . '\'
ORDER BY obj_name';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_assoc($r)) {
// update existing object
$pdsk_obj_id = $m['obj_id'];
} else {
// create new object
$sqlo = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
61,
\'' . $diskname . '\',
' . F_empty_to_null($dsk['item']) . ',
' . F_empty_to_null('') . ',
' . F_empty_to_null($dsk['value']) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . ',
' . F_zero_to_null(0) . '
)';
if (!($ro = F_db_query($sqlo, $db))) {
F_display_db_error(false);
return false;
} else {
$pdsk_obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// set object map
$sqlm = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
) VALUES (
' . $ctrl_obj_id . ',
' . $pdsk_obj_id . '
)';
if (!($rm = F_db_query($sqlm, $db))) {
F_display_db_error(false);
return false;
}
}
// for each attribute
foreach ($phydrvattrmap as $k => $v) {
$value = '';
if (isset($dsk[$k]) and strlen($dsk[$k]) > 0) {
$value = $dsk[$k];
if (preg_match('/([0-9\\.]+)[\\s]?([KMGT]B|Gbps)/', $value, $vmtch) > 0) {
$value = $vmtch[1];
}
// add or update attribute value
$sqla = 'REPLACE INTO ' . K_TABLE_ATTRIBUTE_VALUES . ' (
atv_obj_id,
atv_atb_id,
atv_value
) VALUES (
' . $pdsk_obj_id . ',
' . $v . ',
\'' . F_escape_sql($value) . '\'
)';
if (!($ra = F_db_query($sqla, $db))) {
F_display_db_error(false);
return false;
}
}
}
} else {
F_display_db_error(false);
return false;
}
}
}
}
// end of disks
}
// is array
}
// end of disk array
}
// end for each controller
// add physical disks on the logical drives
if (isset($logdrvdisks) and !empty($logdrvdisks)) {
foreach ($logdrvdisks as $logdrvid => $disks) {
$sql = 'UPDATE ' . K_TABLE_OBJECTS . ' SET
obj_description=' . F_empty_to_null(implode(', ', $disks)) . '
WHERE obj_id=' . $logdrvid . '';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
}
}
}
}
return true;
}
// Add
if ($formstatus = F_check_form_fields()) {
// check submitted form fields
// check if name is unique
if (!F_check_unique(K_TABLE_CABLE_TYPES, 'cbt_name=\'' . F_escape_sql($cbt_name) . '\'')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_CABLE_TYPES . ' (
cbt_name,
cbt_description
) VALUES (
\'' . F_escape_sql($cbt_name) . '\',
' . F_empty_to_null($cbt_description) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$cbt_id = F_db_insert_id($db, K_TABLE_CABLE_TYPES, 'cbt_id');
}
}
break;
case 'clear':
// Clear form fields
$cbt_name = '';
$cbt_description = '';
break;
default:
break;
// check if name is unique
if (!F_check_unique(K_TABLE_SUBJECTS, 'subject_name=\'' . F_escape_sql($db, $subject_name) . '\' AND subject_module_id=' . $subject_module_id . '')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_SUBJECTS . ' (
subject_name,
subject_description,
subject_enabled,
subject_user_id,
subject_module_id
) VALUES (
\'' . F_escape_sql($db, $subject_name) . '\',
' . F_empty_to_null($subject_description) . ',
\'' . intval($subject_enabled) . '\',
\'' . intval($_SESSION['session_user_id']) . '\',
' . $subject_module_id . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$subject_id = F_db_insert_id($db, K_TABLE_SUBJECTS, 'subject_id');
}
}
break;
case 'clear':
// Clear form fields
$subject_name = '';
$subject_description = '';
user_birthdate,
user_birthplace,
user_ssn,
user_level
) VALUES (
\'' . F_escape_sql($user_regdate) . '\',
\'' . F_escape_sql($user_ip) . '\',
\'' . F_escape_sql($user_name) . '\',
' . F_empty_to_null($user_email) . ',
\'' . F_escape_sql($user_password) . '\',
' . F_empty_to_null($user_regnumber) . ',
' . F_empty_to_null($user_firstname) . ',
' . F_empty_to_null($user_lastname) . ',
' . F_empty_to_null($user_birthdate) . ',
' . F_empty_to_null($user_birthplace) . ',
' . F_empty_to_null($user_ssn) . ',
\'' . $user_level . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
}
// add user's groups
if (!empty($user_groups)) {
foreach ($user_groups as $group_id) {
if (F_isAuthorizedEditorForGroup($group_id)) {
$sql = 'INSERT INTO ' . K_TABLE_USERGROUP . ' (
usrgrp_user_id,
usrgrp_group_id
) VALUES (
$sql = 'INSERT INTO ' . K_TABLE_ANSWERS . ' (
answer_question_id,
answer_description,
answer_explanation,
answer_isright,
answer_enabled,
answer_position,
answer_keyboard_key
) VALUES (
' . $answer_question_id . ',
\'' . F_escape_sql($answer_description) . '\',
' . F_empty_to_null($answer_explanation) . ',
\'' . $answer_isright . '\',
\'' . $answer_enabled . '\',
' . F_zero_to_null($answer_position) . ',
' . F_empty_to_null($answer_keyboard_key) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
F_db_query('ROLLBACK', $db);
// rollback transaction
} else {
$answer_id = F_db_insert_id($db, K_TABLE_ANSWERS, 'answer_id');
}
$sql = 'COMMIT';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
break;
}
}
break;
if (!F_check_unique(K_TABLE_DATACENTERS, 'dcn_name=\'' . F_escape_sql($dcn_name) . '\'')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_DATACENTERS . ' (
dcn_name,
dcn_description,
dcn_website_url,
dcn_map_url
) VALUES (
\'' . F_escape_sql($dcn_name) . '\',
' . F_empty_to_null($dcn_description) . ',
' . F_empty_to_null($dcn_website_url) . ',
' . F_empty_to_null($dcn_map_url) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$dcn_id = F_db_insert_id($db, K_TABLE_DATACENTERS, 'dcn_id');
}
// add default permission for non administrators
if ($userlevel < K_AUTH_ADMINISTRATOR and empty($perms)) {
foreach ($user_groups as $grp) {
$perms[$grp] = 15;
// read + add + update + delete
}
}
// insert groups permissions
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_SUITES . ' (
sts_dcn_id,
sts_name,
sts_description,
sts_floor,
sts_width,
sts_height
) VALUES (
' . $dcn_id . ',
\'' . F_escape_sql($sts_name) . '\',
' . F_empty_to_null($sts_description) . ',
' . $sts_floor . ',
' . $sts_width . ',
' . $sts_height . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$sts_id = F_db_insert_id($db, K_TABLE_SUITES, 'sts_id');
}
// add default permission for non administrators
if ($userlevel < K_AUTH_ADMINISTRATOR and empty($perms)) {
foreach ($user_groups as $grp) {
$perms[$grp] = 15;
// read + add + update + delete
}
}
$sql = 'INSERT INTO ' . K_TABLE_RACKS . ' (
rck_sts_id,
rck_name,
rck_description,
rck_label,
rck_tag,
rck_height,
rck_position_x,
rck_position_y
) VALUES (
' . $sts_id . ',
\'' . F_escape_sql($rck_name) . '\',
' . F_empty_to_null($rck_description) . ',
' . F_empty_to_null($rck_label) . ',
' . F_empty_to_null($rck_tag) . ',
' . $rck_height . ',
' . $rck_position_x . ',
' . $rck_position_y . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$rck_id = F_db_insert_id($db, K_TABLE_RACKS, 'rck_id');
}
// add default permission for non administrators
if ($userlevel < K_AUTH_ADMINISTRATOR and empty($perms)) {
foreach ($user_groups as $grp) {
$perms[$grp] = 15;
// read + add + update + delete
}
// check submitted form fields
// check if name is unique
if (!F_check_unique(K_TABLE_MANUFACTURES, 'mnf_name=\'' . F_escape_sql($mnf_name) . '\'')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_MANUFACTURES . ' (
mnf_name,
mnf_url,
mnf_description
) VALUES (
\'' . F_escape_sql($mnf_name) . '\',
' . F_empty_to_null($mnf_url) . ',
' . F_empty_to_null($mnf_description) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$mnf_id = F_db_insert_id($db, K_TABLE_MANUFACTURES, 'mnf_id');
}
// add mac prefixes
foreach ($macs as $k => $v) {
$sql = 'INSERT INTO ' . K_TABLE_MANUFACTURES_MAC . ' (
mac_mnf_id,
mac_mac
) VALUES (
' . $mnf_id . ',
\'' . F_escape_sql($v) . '\'
)';
/**
* Import questions from TSV file (tab delimited text).
* The format of TSV is the same obtained by exporting data from TCExam interface.
* @param $tsvfile (string) TSV (tab delimited text) file name
* @return boolean TRUE in case of success, FALSE otherwise
*/
function F_TSVQuestionImporter($tsvfile)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_auth_sql.php';
$qtype = array('S' => 1, 'M' => 2, 'T' => 3, 'O' => 4);
// get file content as array
$tsvrows = file($tsvfile, FILE_IGNORE_NEW_LINES);
// array of TSV lines
if ($tsvrows === FALSE) {
return FALSE;
}
$current_module_id = 0;
$current_subject_id = 0;
$current_question_id = 0;
$current_answer_id = 0;
$questionhash = array();
// for each row
while (list($item, $rowdata) = each($tsvrows)) {
// get user data into array
$qdata = explode("\t", $rowdata);
switch ($qdata[0]) {
case 'M':
// MODULE
$current_module_id = 0;
if (!isset($qdata[2]) or empty($qdata[2])) {
break;
}
$module_enabled = intval($qdata[1]);
$module_name = F_escape_sql($db, F_tsv_to_text($qdata[2]), false);
// check if this module already exist
$sql = 'SELECT module_id
FROM ' . K_TABLE_MODULES . '
WHERE module_name=\'' . $module_name . '\'
LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get existing module ID
if (!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $m['module_id'], 'module_user_id')) {
// unauthorized user
$current_module_id = 0;
} else {
$current_module_id = $m['module_id'];
}
} else {
// insert new module
$sql = 'INSERT INTO ' . K_TABLE_MODULES . ' (
module_name,
module_enabled,
module_user_id
) VALUES (
\'' . $module_name . '\',
\'' . $module_enabled . '\',
\'' . $_SESSION['session_user_id'] . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
} else {
// get new module ID
$current_module_id = F_db_insert_id($db, K_TABLE_MODULES, 'module_id');
}
}
} else {
F_display_db_error();
}
break;
case 'S':
// SUBJECT
$current_subject_id = 0;
if ($current_module_id == 0) {
return;
}
if (!isset($qdata[2]) or empty($qdata[2])) {
break;
}
$subject_enabled = intval($qdata[1]);
$subject_name = F_escape_sql($db, F_tsv_to_text($qdata[2]), false);
$subject_description = '';
if (isset($qdata[3])) {
$subject_description = F_empty_to_null(F_tsv_to_text($qdata[3]));
}
// check if this subject already exist
$sql = 'SELECT subject_id
FROM ' . K_TABLE_SUBJECTS . '
WHERE subject_name=\'' . $subject_name . '\'
AND subject_module_id=' . $current_module_id . '
LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get existing subject ID
$current_subject_id = $m['subject_id'];
} else {
// insert new subject
$sql = 'INSERT INTO ' . K_TABLE_SUBJECTS . ' (
subject_name,
subject_description,
subject_enabled,
subject_user_id,
subject_module_id
) VALUES (
\'' . $subject_name . '\',
' . $subject_description . ',
\'' . $subject_enabled . '\',
\'' . $_SESSION['session_user_id'] . '\',
' . $current_module_id . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
} else {
// get new subject ID
$current_subject_id = F_db_insert_id($db, K_TABLE_SUBJECTS, 'subject_id');
}
}
} else {
F_display_db_error();
}
break;
case 'Q':
// QUESTION
$current_question_id = 0;
if ($current_module_id == 0 or $current_subject_id == 0) {
return;
}
if (!isset($qdata[5])) {
break;
}
$question_enabled = intval($qdata[1]);
$question_description = F_escape_sql($db, F_tsv_to_text($qdata[2]), false);
$question_explanation = F_empty_to_null(F_tsv_to_text($qdata[3]));
$question_type = $qtype[$qdata[4]];
$question_difficulty = intval($qdata[5]);
if (isset($qdata[6])) {
$question_position = F_zero_to_null($qdata[6]);
} else {
$question_position = F_zero_to_null(0);
}
if (isset($qdata[7])) {
$question_timer = intval($qdata[7]);
} else {
$question_timer = 0;
}
if (isset($qdata[8])) {
$question_fullscreen = intval($qdata[8]);
} else {
$question_fullscreen = 0;
}
if (isset($qdata[9])) {
$question_inline_answers = intval($qdata[9]);
} else {
$question_inline_answers = 0;
}
if (isset($qdata[10])) {
$question_auto_next = intval($qdata[10]);
} else {
$question_auto_next = 0;
}
// check if this question already exist
$sql = 'SELECT question_id
FROM ' . K_TABLE_QUESTIONS . '
WHERE ';
if (K_DATABASE_TYPE == 'ORACLE') {
$sql .= 'dbms_lob.instr(question_description,\'' . $question_description . '\',1,1)>0';
} elseif (K_DATABASE_TYPE == 'MYSQL' and K_MYSQL_QA_BIN_UNIQUITY) {
$sql .= 'question_description=\'' . $question_description . '\' COLLATE utf8_bin';
} else {
$sql .= 'question_description=\'' . $question_description . '\'';
}
$sql .= ' AND question_subject_id=' . $current_subject_id . ' LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get existing question ID
$current_question_id = $m['question_id'];
return;
}
} else {
F_display_db_error();
}
if (K_DATABASE_TYPE == 'MYSQL') {
// this section is to avoid the problems on MySQL string comparison
$maxkey = 240;
$strkeylimit = min($maxkey, strlen($question_description));
$stop = $maxkey / 3;
while (in_array(md5(strtolower(substr($current_subject_id . $question_description, 0, $strkeylimit))), $questionhash) and $stop > 0) {
// a similar question was already imported, so we change it a little bit to avoid duplicate keys
$question_description = '_' . $question_description;
$strkeylimit = min($maxkey, $strkeylimit + 1);
$stop--;
// variable used to avoid infinite loop
}
if ($stop == 0) {
F_print_error('ERROR', 'Unable to get unique question ID');
return;
}
}
$sql = 'START TRANSACTION';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
// insert question
$sql = 'INSERT INTO ' . K_TABLE_QUESTIONS . ' (
question_subject_id,
question_description,
question_explanation,
question_type,
question_difficulty,
question_enabled,
question_position,
question_timer,
question_fullscreen,
question_inline_answers,
question_auto_next
) VALUES (
' . $current_subject_id . ',
\'' . $question_description . '\',
' . $question_explanation . ',
\'' . $question_type . '\',
\'' . $question_difficulty . '\',
\'' . $question_enabled . '\',
' . $question_position . ',
\'' . $question_timer . '\',
\'' . $question_fullscreen . '\',
\'' . $question_inline_answers . '\',
\'' . $question_auto_next . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
// get new question ID
$current_question_id = F_db_insert_id($db, K_TABLE_QUESTIONS, 'question_id');
if (K_DATABASE_TYPE == 'MYSQL') {
$questionhash[] = md5(strtolower(substr($current_subject_id . $question_description, 0, $strkeylimit)));
}
}
$sql = 'COMMIT';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
break;
case 'A':
// ANSWER
$current_answer_id = 0;
if ($current_module_id == 0 or $current_subject_id == 0 or $current_question_id == 0) {
return;
}
if (!isset($qdata[4])) {
break;
}
$answer_enabled = intval($qdata[1]);
$answer_description = F_escape_sql($db, F_tsv_to_text($qdata[2]), false);
$answer_explanation = F_empty_to_null(F_tsv_to_text($qdata[3]));
$answer_isright = intval($qdata[4]);
if (isset($qdata[5])) {
$answer_position = F_zero_to_null($qdata[5]);
} else {
$answer_position = F_zero_to_null(0);
}
if (isset($qdata[6])) {
$answer_keyboard_key = F_empty_to_null(F_tsv_to_text($qdata[6]));
} else {
$answer_keyboard_key = F_empty_to_null('');
}
// check if this answer already exist
$sql = 'SELECT answer_id
FROM ' . K_TABLE_ANSWERS . '
WHERE ';
if (K_DATABASE_TYPE == 'ORACLE') {
$sql .= 'dbms_lob.instr(answer_description, \'' . $answer_description . '\',1,1)>0';
} elseif (K_DATABASE_TYPE == 'MYSQL' and K_MYSQL_QA_BIN_UNIQUITY) {
$sql .= 'answer_description=\'' . $answer_description . '\' COLLATE utf8_bin';
} else {
$sql .= 'answer_description=\'' . $answer_description . '\'';
}
$sql .= ' AND answer_question_id=' . $current_question_id . ' LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get existing subject ID
$current_answer_id = $m['answer_id'];
} else {
$sql = 'START TRANSACTION';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
$sql = 'INSERT INTO ' . K_TABLE_ANSWERS . ' (
answer_question_id,
answer_description,
answer_explanation,
answer_isright,
answer_enabled,
answer_position,
answer_keyboard_key
) VALUES (
' . $current_question_id . ',
\'' . $answer_description . '\',
' . $answer_explanation . ',
\'' . $answer_isright . '\',
\'' . $answer_enabled . '\',
' . $answer_position . ',
' . $answer_keyboard_key . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
F_db_query('ROLLBACK', $db);
} else {
// get new answer ID
$current_answer_id = F_db_insert_id($db, K_TABLE_ANSWERS, 'answer_id');
}
$sql = 'COMMIT';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
}
} else {
F_display_db_error();
}
break;
}
// end of switch
}
// end of while
return TRUE;
}
/**
* Updates question log data (register user's answers and calculate scores).
* @param $test_id (int) test ID
* @param $testlog_id (int) test log ID
* @param $answer_id (array) answer_id form field value
* @param $answer_text (string) answer text
* @param $reaction_time (int) reaction time in milliseconds
* @return boolean TRUE in case of success, FALSE otherwise
*/
function F_updateQuestionLog($test_id, $testlog_id, $answer_id = 0, $answer_text = '', $reaction_time = 0)
{
require_once '../config/tce_config.php';
global $db, $l;
$question_id = 0;
// question ID
$question_type = 3;
// question type
$question_difficulty = 1;
// question difficulty
$oldtext = '';
// old text answer
$answer_changed = false;
// true when answer change
$answer_score = 0;
// answer total score
$num_answers = 0;
// counts alternative answers
$test_id = intval($test_id);
$testlog_id = intval($testlog_id);
$unanswered = true;
// get test data
$testdata = F_getTestData($test_id);
// get question information
$sql = 'SELECT *
FROM ' . K_TABLE_TESTS_LOGS . ', ' . K_TABLE_QUESTIONS . '
WHERE testlog_question_id=question_id
AND testlog_id=' . $testlog_id . '
LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get previous answer text
$oldtext = $m['testlog_answer_text'];
$question_id = $m['question_id'];
$question_type = $m['question_type'];
$question_difficulty = $m['question_difficulty'];
}
} else {
F_display_db_error();
return false;
}
// calculate question score
$question_right_score = $testdata['test_score_right'] * $question_difficulty;
$question_wrong_score = $testdata['test_score_wrong'] * $question_difficulty;
$question_unanswered_score = $testdata['test_score_unanswered'] * $question_difficulty;
if ($question_type != 3) {
$sql = 'SELECT *
FROM ' . K_TABLE_LOG_ANSWER . ', ' . K_TABLE_ANSWERS . '
WHERE logansw_answer_id=answer_id
AND logansw_testlog_id=' . $testlog_id . '
ORDER BY logansw_order';
if ($r = F_db_query($sql, $db)) {
while ($m = F_db_fetch_array($r)) {
$num_answers++;
// update each answer
$sqlu = 'UPDATE ' . K_TABLE_LOG_ANSWER . ' SET';
switch ($question_type) {
case 1:
// MCSA - Multiple Choice Single Answer
if ($answer_id == 0) {
// unanswered
$answer_score = $question_unanswered_score;
if ($m['logansw_selected'] != -1) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=-1';
} elseif ($answer_id == $m['logansw_answer_id']) {
$unanswered = false;
// selected
if (F_getBoolean($m['answer_isright'])) {
$answer_score = $question_right_score;
} else {
$answer_score = $question_wrong_score;
}
if ($m['logansw_selected'] != 1) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=1';
} else {
$unanswered = false;
// unselected
if ($m['logansw_selected'] == 1) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=0';
}
break;
case 2:
// MCMA - Multiple Choice Multiple Answer
if (isset($answer_id[$m['logansw_answer_id']])) {
// radiobutton or selected checkbox
$answer_id[$m['logansw_answer_id']] = intval($answer_id[$m['logansw_answer_id']]);
if ($answer_id[$m['logansw_answer_id']] == -1) {
// unanswered
$answer_score += $question_unanswered_score;
} elseif (F_getBoolean($m['answer_isright']) and $answer_id[$m['logansw_answer_id']] == 1) {
// right (selected)
$unanswered = false;
$answer_score += $question_right_score;
} elseif (!F_getBoolean($m['answer_isright']) and $answer_id[$m['logansw_answer_id']] == 0) {
// right (unselected)
$unanswered = false;
$answer_score += $question_right_score;
} else {
// wrong
$unanswered = false;
$answer_score += $question_wrong_score;
}
if ($m['logansw_selected'] != $answer_id[$m['logansw_answer_id']]) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=' . $answer_id[$m['logansw_answer_id']] . '';
} else {
// unselected checkbox
$unanswered = false;
if (F_getBoolean($m['answer_isright'])) {
$answer_score += $question_wrong_score;
} else {
$answer_score += $question_right_score;
}
if ($m['logansw_selected'] != 0) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=0';
}
break;
case 4:
// ORDER
if (isset($answer_id[$m['logansw_answer_id']]) and $answer_id[$m['logansw_answer_id']] > 0) {
// selected
$unanswered = false;
$answer_id[$m['logansw_answer_id']] = intval($answer_id[$m['logansw_answer_id']]);
if ($answer_id[$m['logansw_answer_id']] == $m['answer_position']) {
$answer_score += $question_right_score;
} else {
$answer_score += $question_wrong_score;
}
if ($answer_id[$m['logansw_answer_id']] != $m['logansw_position']) {
$answer_changed = true;
}
$sqlu .= ' logansw_position=' . $answer_id[$m['logansw_answer_id']] . ', logansw_selected=1';
} else {
// unanswered
$answer_score += $question_unanswered_score;
if ($m['logansw_position'] > 0) {
$answer_changed = true;
}
$sqlu .= ' logansw_selected=-1, logansw_position=0';
}
break;
}
// end of switch
$sqlu .= ' WHERE logansw_testlog_id=' . $testlog_id . ' AND logansw_answer_id=' . $m['logansw_answer_id'] . '';
if (!($ru = F_db_query($sqlu, $db))) {
F_display_db_error();
return false;
}
}
if ($question_type > 1) {
// normalize score
if (F_getBoolean($testdata['test_mcma_partial_score'])) {
// use partial scoring for MCMA and ORDER questions
$answer_score = round($answer_score / $num_answers, 3);
} else {
// all-or-nothing points
if ($answer_score >= $question_right_score * $num_answers) {
// right
$answer_score = $question_right_score;
} elseif ($answer_score == $question_unanswered_score * $num_answers) {
// unanswered
$answer_score = $question_unanswered_score;
} else {
// wrong
$answer_score = $question_wrong_score;
}
}
}
} else {
F_display_db_error();
return false;
}
}
// update log if answer is changed
if ($answer_changed or $oldtext != $answer_text) {
if (strlen($answer_text) > 0) {
$unanswered = false;
$answer_score = 'NULL';
// check exact answers score
$sql = 'SELECT *
FROM ' . K_TABLE_ANSWERS . '
WHERE answer_question_id=' . $question_id . '
AND answer_enabled=\'1\'
AND answer_isright=\'1\'';
if ($r = F_db_query($sql, $db)) {
while ($m = F_db_fetch_array($r)) {
if (strcasecmp(trim($answer_text), $m['answer_description']) == 0) {
$answer_score += $question_right_score;
break;
}
}
} else {
F_display_db_error();
return false;
}
}
if ($unanswered) {
$change_time = '';
} else {
$change_time = date(K_TIMESTAMP_FORMAT);
}
$sqlu = 'UPDATE ' . K_TABLE_TESTS_LOGS . ' SET';
$sqlu .= ' testlog_answer_text=' . F_empty_to_null($answer_text) . ',';
$sqlu .= ' testlog_score=' . $answer_score . ',';
$sqlu .= ' testlog_change_time=' . F_empty_to_null($change_time) . ',';
$sqlu .= ' testlog_reaction_time=' . intval($reaction_time) . ',';
$sqlu .= ' testlog_user_ip=\'' . getNormalizedIP($_SERVER['REMOTE_ADDR']) . '\'';
$sqlu .= ' WHERE testlog_id=' . $testlog_id . '';
if (!($ru = F_db_query($sqlu, $db))) {
F_display_db_error();
return false;
}
}
return true;
}
// check submitted form fields
// check if name is unique
if (!F_check_unique(K_TABLE_ATTRIBUTE_TYPES, 'atb_name=\'' . F_escape_sql($atb_name) . '\'')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_ATTRIBUTE_TYPES . ' (
atb_name,
atb_description,
atb_type,
atb_default
) VALUES (
\'' . F_escape_sql($atb_name) . '\',
' . F_empty_to_null($atb_description) . ',
\'' . F_escape_sql($atb_type) . '\',
\'' . F_escape_sql($atb_default) . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$atb_id = F_db_insert_id($db, K_TABLE_ATTRIBUTE_TYPES, 'atb_id');
}
}
break;
case 'clear':
// Clear form fields
$atb_name = '';
$atb_description = '';
$atb_type = '';
$sql = 'INSERT INTO ' . K_TABLE_QUESTIONS . ' (
question_subject_id,
question_description,
question_explanation,
question_type,
question_difficulty,
question_enabled,
question_position,
question_timer,
question_fullscreen,
question_inline_answers,
question_auto_next
) VALUES (
' . $question_subject_id . ',
\'' . F_escape_sql($question_description) . '\',
' . F_empty_to_null($question_explanation) . ',
\'' . $question_type . '\',
\'' . $question_difficulty . '\',
\'' . $question_enabled . '\',
' . F_zero_to_null($question_position) . ',
\'' . $question_timer . '\',
\'' . $question_fullscreen . '\',
\'' . $question_inline_answers . '\',
\'' . $question_auto_next . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$question_id = F_db_insert_id($db, K_TABLE_QUESTIONS, 'question_id');
}
$sql = 'COMMIT';
/**
* Import user's test data from OMR.
* @param $user_id (int) user ID.
* @param $date (string) date-time field.
* @param $omr_testdata (array) Array containing test data.
* @param $omr_answers (array) Array containing test answers (from OMR).
* @return boolean TRUE in case of success, FALSE otherwise.
*/
function F_importOMRTestData($user_id, $date, $omr_testdata, $omr_answers)
{
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_test.php';
global $db, $l;
// check arrays
if (count($omr_testdata) > count($omr_answers) + 1) {
// arrays must contain the same amount of questions
return false;
}
$test_id = intval($omr_testdata[0]);
$user_id = intval($user_id);
$time = strtotime($date);
$date = date(K_TIMESTAMP_FORMAT, $time);
$dateanswers = date(K_TIMESTAMP_FORMAT, $time + 1);
// check user's group
if (F_count_rows(K_TABLE_USERGROUP . ', ' . K_TABLE_TEST_GROUPS . ' WHERE usrgrp_group_id=tstgrp_group_id AND tstgrp_test_id=' . $test_id . ' AND usrgrp_user_id=' . $user_id . ' LIMIT 1') == 0) {
return false;
}
// get test data
$testdata = F_getTestData($test_id);
// 1. delete previous test data
$sqld = 'DELETE FROM ' . K_TABLE_TEST_USER . ' WHERE testuser_test_id=' . $test_id . ' AND testuser_user_id=' . $user_id . '';
if (!($rd = F_db_query($sqld, $db))) {
F_display_db_error();
}
// 2. create new user's test entry
// ------------------------------
$sql = 'INSERT INTO ' . K_TABLE_TEST_USER . ' (
testuser_test_id,
testuser_user_id,
testuser_status,
testuser_creation_time,
testuser_comment
) VALUES (
' . $test_id . ',
' . $user_id . ',
4,
\'' . $date . '\',
\'OMR\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
return false;
} else {
// get inserted ID
$testuser_id = F_db_insert_id($db, K_TABLE_TEST_USER, 'testuser_id');
}
// 3. create test log entries
$num_questions = count($omr_testdata) - 1;
// for each question on array
for ($q = 1; $q <= $num_questions; ++$q) {
$question_id = intval($omr_testdata[$q][0]);
$num_answers = count($omr_testdata[$q][1]);
// get question data
$sqlq = 'SELECT question_type, question_difficulty FROM ' . K_TABLE_QUESTIONS . ' WHERE question_id=' . $question_id . ' LIMIT 1';
if ($rq = F_db_query($sqlq, $db)) {
if ($mq = F_db_fetch_array($rq)) {
// question scores
$question_right_score = $testdata['test_score_right'] * $mq['question_difficulty'];
$question_wrong_score = $testdata['test_score_wrong'] * $mq['question_difficulty'];
$question_unanswered_score = $testdata['test_score_unanswered'] * $mq['question_difficulty'];
// add question
$sqll = 'INSERT INTO ' . K_TABLE_TESTS_LOGS . ' (
testlog_testuser_id,
testlog_question_id,
testlog_score,
testlog_creation_time,
testlog_display_time,
testlog_reaction_time,
testlog_order,
testlog_num_answers
) VALUES (
' . $testuser_id . ',
' . $question_id . ',
' . $question_unanswered_score . ',
\'' . $date . '\',
\'' . $date . '\',
1,
' . $q . ',
' . $num_answers . '
)';
if (!($rl = F_db_query($sqll, $db))) {
F_display_db_error(false);
return false;
}
$testlog_id = F_db_insert_id($db, K_TABLE_TESTS_LOGS, 'testlog_id');
// set initial question score
if ($mq['question_type'] == 1) {
// MCSA
$qscore = $question_unanswered_score;
} else {
// MCMA
$qscore = 0;
}
$unanswered = true;
// for each question on array
for ($a = 1; $a <= $num_answers; ++$a) {
$answer_id = intval($omr_testdata[$q][1][$a]);
if (isset($omr_answers[$q][$a])) {
$answer_selected = $omr_answers[$q][$a];
//-1, 0, 1
} else {
$answer_selected = -1;
}
// add answer
$sqli = 'INSERT INTO ' . K_TABLE_LOG_ANSWER . ' (
logansw_testlog_id,
logansw_answer_id,
logansw_selected,
logansw_order
) VALUES (
' . $testlog_id . ',
' . $answer_id . ',
' . $answer_selected . ',
' . $a . '
)';
if (!($ri = F_db_query($sqli, $db))) {
F_display_db_error(false);
return false;
}
// calculate question score
if ($mq['question_type'] < 3) {
// MCSA or MCMA
// check if the answer is right
$answer_isright = false;
$sqla = 'SELECT answer_isright FROM ' . K_TABLE_ANSWERS . ' WHERE answer_id=' . $answer_id . ' LIMIT 1';
if ($ra = F_db_query($sqla, $db)) {
if ($ma = F_db_fetch_array($ra)) {
$answer_isright = F_getBoolean($ma['answer_isright']);
switch ($mq['question_type']) {
case 1:
// MCSA - Multiple Choice Single Answer
if ($answer_selected == 1) {
$unanswered = false;
if ($answer_isright) {
$qscore = $question_right_score;
} else {
$qscore = $question_wrong_score;
}
}
break;
case 2:
// MCMA - Multiple Choice Multiple Answer
if ($answer_selected == -1) {
$qscore += $question_unanswered_score;
} elseif ($answer_selected == 0) {
$unanswered = false;
if ($answer_isright) {
$qscore += $question_wrong_score;
} else {
$qscore += $question_right_score;
}
} elseif ($answer_selected == 1) {
$unanswered = false;
if ($answer_isright) {
$qscore += $question_right_score;
} else {
$qscore += $question_wrong_score;
}
}
break;
}
}
} else {
F_display_db_error(false);
return false;
}
}
}
// end for each answer
if ($mq['question_type'] == 2) {
// MCMA
// normalize score
if (F_getBoolean($testdata['test_mcma_partial_score'])) {
// use partial scoring for MCMA and ORDER questions
$qscore = round($qscore / $num_answers, 3);
} else {
// all-or-nothing points
if ($qscore >= $question_right_score * $num_answers) {
// right
$qscore = $question_right_score;
} elseif ($qscore == $question_unanswered_score * $num_answers) {
// unanswered
$qscore = $question_unanswered_score;
} else {
// wrong
$qscore = $question_wrong_score;
}
}
}
if ($unanswered) {
$change_time = '';
} else {
$change_time = $dateanswers;
}
// update question score
$sqll = 'UPDATE ' . K_TABLE_TESTS_LOGS . ' SET
testlog_score=' . $qscore . ',
testlog_change_time=' . F_empty_to_null($change_time) . ',
testlog_reaction_time=1000
WHERE testlog_id=' . $testlog_id . '';
if (!($rl = F_db_query($sqll, $db))) {
F_display_db_error();
return false;
}
}
} else {
F_display_db_error(false);
return false;
}
}
// end for each question
return true;
}
user_birthdate,
user_birthplace,
user_ssn,
user_level
) VALUES (
\'' . F_escape_sql($db, date(K_TIMESTAMP_FORMAT)) . '\',
\'' . F_escape_sql($db, getNormalizedIP($_SERVER['REMOTE_ADDR'])) . '\',
\'' . F_escape_sql($db, $_POST['xuser_name']) . '\',
' . F_empty_to_null($altusr['user_email']) . ',
\'' . getPasswordHash($_POST['xuser_password']) . '\',
' . F_empty_to_null($altusr['user_regnumber']) . ',
' . F_empty_to_null($altusr['user_firstname']) . ',
' . F_empty_to_null($altusr['user_lastname']) . ',
' . F_empty_to_null($altusr['user_birthdate']) . ',
' . F_empty_to_null($altusr['user_birthplace']) . ',
' . F_empty_to_null($altusr['user_ssn']) . ',
\'' . intval($altusr['user_level']) . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
} else {
$user_id = F_db_insert_id($db, K_TABLE_USERS, 'user_id');
// sets some user's session data
$_SESSION['session_user_id'] = $user_id;
$_SESSION['session_user_name'] = F_escape_sql($db, $_POST['xuser_name']);
$_SESSION['session_user_ip'] = getNormalizedIP($_SERVER['REMOTE_ADDR']);
$_SESSION['session_user_level'] = intval($altusr['user_level']);
$_SESSION['session_user_firstname'] = urlencode($altusr['user_firstname']);
$_SESSION['session_user_lastname'] = urlencode($altusr['user_lastname']);
$_SESSION['session_last_visit'] = 0;
$_SESSION['session_test_login'] = '';
test_random_questions_select, test_random_questions_order, test_random_answers_select, test_random_answers_order, test_comment_enabled, test_menu_enabled, test_noanswer_enabled, test_mcma_radio, test_repeatable, test_mcma_partial_score, test_logout_on_timeout ) VALUES ( \'' . F_escape_sql($test_name) . '\', \'' . F_escape_sql($test_description) . '\', ' . F_empty_to_null($test_begin_time) . ', ' . F_empty_to_null($test_end_time) . ', \'' . $test_duration_time . '\', \'' . F_escape_sql($test_ip_range) . '\', \'' . $test_results_to_users . '\', \'' . $test_report_to_users . '\', \'' . $test_score_right . '\', \'' . $test_score_wrong . '\', \'' . $test_score_unanswered . '\', \'' . $test_max_score . '\', \'' . intval($_SESSION['session_user_id']) . '\', \'' . $test_score_threshold . '\', \'' . $test_random_questions_select . '\', \'' . $test_random_questions_order . '\', \'' . $test_random_answers_select . '\', \'' . $test_random_answers_order . '\', \'' . $test_comment_enabled . '\',
// check if name is unique
if (!F_check_unique(K_TABLE_OBJECT_TYPES, 'obt_name=\'' . F_escape_sql($obt_name) . '\'')) {
F_print_error('WARNING', $l['m_duplicate_name']);
$formstatus = FALSE;
F_stripslashes_formfields();
break;
}
$sql = 'INSERT INTO ' . K_TABLE_OBJECT_TYPES . ' (
obt_name,
obt_description,
obt_color,
obt_virtual
) VALUES (
\'' . F_escape_sql($obt_name) . '\',
' . F_empty_to_null($obt_description) . ',
' . F_empty_to_null($obt_color) . ',
\'' . $obt_virtual . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$obt_id = F_db_insert_id($db, K_TABLE_OBJECT_TYPES, 'obt_id');
}
// add attribute
if (!empty($object_attributes)) {
foreach ($object_attributes as $atb_id) {
$sql = 'INSERT INTO ' . K_TABLE_OBJECT_ATTRIBUTES_MAP . ' (
oam_obt_id,
oam_atb_id
) VALUES (
\'' . $obt_id . '\',
/**
* Copy selected question to another topic
* @author Nicola Asuni
* @since 2008-11-26
* @param $question_id (int) question ID
* @param $new_subject_id (int) new subject ID
*/
function F_question_copy($question_id, $new_subject_id)
{
global $l, $db;
require_once '../config/tce_config.php';
$question_id = intval($question_id);
$new_subject_id = intval($new_subject_id);
// check authorization
$sql = 'SELECT subject_module_id FROM ' . K_TABLE_SUBJECTS . ' WHERE subject_id=' . $new_subject_id . ' LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
$subject_module_id = $m['subject_module_id'];
// check user's authorization for parent module
if (!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $subject_module_id, 'module_user_id')) {
return;
}
}
} else {
F_display_db_error();
return;
}
$q = F_question_get_data($question_id);
if ($q !== false) {
if (K_DATABASE_TYPE == 'ORACLE') {
$chksql = 'dbms_lob.instr(question_description,\'' . F_escape_sql($db, $q['question_description']) . '\',1,1)>0';
} elseif (K_DATABASE_TYPE == 'MYSQL' and defined('K_MYSQL_QA_BIN_UNIQUITY') and K_MYSQL_QA_BIN_UNIQUITY) {
$chksql = 'question_description=\'' . F_escape_sql($db, $q['question_description']) . '\' COLLATE utf8_bin';
} else {
$chksql = 'question_description=\'' . F_escape_sql($db, $q['question_description']) . '\'';
}
if (F_check_unique(K_TABLE_QUESTIONS, $chksql . ' AND question_subject_id=' . $new_subject_id . '')) {
$sql = 'START TRANSACTION';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
break;
}
// adjust questions ordering
if ($q['question_position'] > 0) {
$sql = 'UPDATE ' . K_TABLE_QUESTIONS . ' SET
question_position=question_position+1
WHERE question_subject_id=' . $new_subject_id . '
AND question_position>=' . $q['question_position'] . '';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
F_db_query('ROLLBACK', $db);
// rollback transaction
}
}
$sql = 'INSERT INTO ' . K_TABLE_QUESTIONS . ' (
question_subject_id,
question_description,
question_explanation,
question_type,
question_difficulty,
question_enabled,
question_position,
question_timer,
question_fullscreen,
question_inline_answers,
question_auto_next
) VALUES (
' . $new_subject_id . ',
\'' . F_escape_sql($db, $q['question_description']) . '\',
\'' . F_escape_sql($db, $q['question_explanation']) . '\',
\'' . $q['question_type'] . '\',
\'' . $q['question_difficulty'] . '\',
\'' . $q['question_enabled'] . '\',
' . F_zero_to_null($q['question_position']) . ',
\'' . $q['question_timer'] . '\',
\'' . $q['question_fullscreen'] . '\',
\'' . $q['question_inline_answers'] . '\',
\'' . $q['question_auto_next'] . '\'
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$new_question_id = F_db_insert_id($db, K_TABLE_QUESTIONS, 'question_id');
}
// copy associated answers
$sql = 'SELECT *
FROM ' . K_TABLE_ANSWERS . '
WHERE answer_question_id=' . $question_id . '';
if ($r = F_db_query($sql, $db)) {
while ($m = F_db_fetch_array($r)) {
$sqli = 'INSERT INTO ' . K_TABLE_ANSWERS . ' (
answer_question_id,
answer_description,
answer_explanation,
answer_isright,
answer_enabled,
answer_position,
answer_keyboard_key
) VALUES (
' . $new_question_id . ',
\'' . F_escape_sql($db, $m['answer_description']) . '\',
\'' . F_escape_sql($db, $m['answer_explanation']) . '\',
\'' . $m['answer_isright'] . '\',
\'' . $m['answer_enabled'] . '\',
' . F_zero_to_null($m['answer_position']) . ',
' . F_empty_to_null($m['answer_keyboard_key']) . '
)';
if (!($ri = F_db_query($sqli, $db))) {
F_display_db_error(false);
F_db_query('ROLLBACK', $db);
// rollback transaction
}
}
} else {
F_display_db_error();
}
$sql = 'COMMIT';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
break;
}
}
}
}
/**
* Add a new answer if not exist.
* @private
*/
private function addAnswer()
{
global $l, $db;
require_once '../config/tce_config.php';
if ($this->level_data['module']['module_id'] === false) {
return;
}
if ($this->level_data['subject']['subject_id'] === false) {
return;
}
if (isset($this->level_data['answer']['answer_id']) and $this->level_data['answer']['answer_id'] > 0) {
return;
}
// check if this answer already exist
$sql = 'SELECT answer_id
FROM ' . K_TABLE_ANSWERS . '
WHERE ';
if (K_DATABASE_TYPE == 'ORACLE') {
$sql .= 'dbms_lob.instr(answer_description, \'' . $this->level_data['answer']['answer_description'] . '\',1,1)>0';
} else {
$sql .= 'answer_description=\'' . $this->level_data['answer']['answer_description'] . '\'';
}
$sql .= ' AND answer_question_id=' . $this->level_data['question']['question_id'] . ' LIMIT 1';
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// get existing subject ID
$this->level_data['answer']['answer_id'] = $m['answer_id'];
} else {
$sql = 'START TRANSACTION';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
$sql = 'INSERT INTO ' . K_TABLE_ANSWERS . ' (
answer_question_id,
answer_description,
answer_explanation,
answer_isright,
answer_enabled,
answer_position,
answer_keyboard_key
) VALUES (
' . $this->level_data['question']['question_id'] . ',
\'' . $this->level_data['answer']['answer_description'] . '\',
' . F_empty_to_null($this->level_data['answer']['answer_explanation']) . ',
\'' . $this->boolval[$this->level_data['answer']['answer_isright']] . '\',
\'' . $this->boolval[$this->level_data['answer']['answer_enabled']] . '\',
' . F_zero_to_null($this->level_data['answer']['answer_position']) . ',
' . F_empty_to_null($this->level_data['answer']['answer_keyboard_key']) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
F_db_query('ROLLBACK', $db);
} else {
// get new answer ID
$this->level_data['answer']['answer_id'] = F_db_insert_id($db, K_TABLE_ANSWERS, 'answer_id');
}
$sql = 'COMMIT';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error();
}
}
} else {
F_display_db_error();
}
}
*/
$sql = 'INSERT INTO ' . K_TABLE_OBJECTS . ' (
obj_obt_id,
obj_name,
obj_description,
obj_label,
obj_tag,
obj_mnf_id,
obj_owner_id,
obj_tenant_id
) VALUES (
' . $obj_obt_id . ',
\'' . F_escape_sql($obj_name) . '\',
' . F_empty_to_null($obj_description) . ',
' . F_empty_to_null($obj_label) . ',
' . F_empty_to_null($obj_tag) . ',
' . F_zero_to_null($obj_mnf_id) . ',
' . F_zero_to_null($obj_owner_id) . ',
' . F_zero_to_null($obj_tenant_id) . '
)';
if (!($r = F_db_query($sql, $db))) {
F_display_db_error(false);
} else {
$obj_id = F_db_insert_id($db, K_TABLE_OBJECTS, 'obj_id');
}
// update parent-child map
if (!empty($omp_parent_obj_ids)) {
foreach ($omp_parent_obj_ids as $parent_obj_id) {
$sql = 'INSERT INTO ' . K_TABLE_OBJECTS_MAP . ' (
omp_parent_obj_id,
omp_child_obj_id
