Ejemplo n.º 1
0
function elementFunction()
{
    // get global user object
    global $user;
    // set connection var
    global $db;
    // get current time
    $time_now = date("Y-m-d H:i:s");
    // protect from unauthorized access
    if (!isset($user) or !isset($_POST['formElementFunction'])) {
        logout();
        die;
    }
    // set empty survey
    $session_question = new Question();
    $session_question = get_session_question();
    $question_id = $_POST['formElementFunction'];
    if ($question_id != "") {
        $session_question->get_from_db($question_id);
    }
    // get the function
    $function = '';
    foreach ($_POST as $key => $post) {
        if ($post != $question_id) {
            $function = substr($key, 11);
        }
    }
    if ($function == 'Edit') {
        // set security
        $survey = new Survey();
        $survey->get_from_db($session_question->getSurvey());
        if ($survey->getCreatedBy() != $user->getId()) {
            if ($user->getAdmin() != 1) {
                logout();
                die;
            }
        }
        $_SESSION['session_question'] = serialize($session_question);
        // get session answers
        $session_answers = array();
        $session_answer_ids = get_survey_answers($session_question->getId());
        foreach ($session_answer_ids as $answer_id) {
            $answer = new Answer();
            $answer->get_from_db($answer_id);
            array_push($session_answers, $answer);
        }
        $_SESSION['session_answers'] = serialize($session_answers);
        $cookie_key = 'msg';
        $cookie_value = 'Вие избрахте елемент от анкетата за редакция!<br />Отидете на раздел "Добавете или редактирайте елемент към анкетата"';
        setcookie($cookie_key, $cookie_value, time() + 1);
        header('Location: ' . ROOT_DIR . '?page=survey_edit');
        die;
    } elseif ($function == 'PrintExcel') {
        // get global user object
        global $user;
        // get survey id
        $question_id = $_POST['formElementFunction'];
        // check if the user is the surveyCreator or systemAdmin
        $question = new Question();
        $question->get_from_db($question_id);
        $survey = new Survey();
        $survey->get_from_db($question->getSurvey());
        if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) {
            $error = new Error("Question PrintExcel: unathorised access");
            $error->writeLog();
            logout();
            die;
        }
        header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReport.php?question_id=' . $question_id);
        die;
    } elseif ($function == 'PrintExcelGroups') {
        // get global user object
        global $user;
        // get survey id
        $question_id = $_POST['formElementFunction'];
        // check if the user is the surveyCreator or systemAdmin
        $question = new Question();
        $question->get_from_db($question_id);
        $survey = new Survey();
        $survey->get_from_db($question->getSurvey());
        if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) {
            $error = new Error("Question PrintExcelGroups: unathorised access");
            $error->writeLog();
            logout();
            die;
        }
        header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportGroups.php?question_id=' . $question_id);
        die;
    } elseif ($function == 'PrintExcelGender') {
        // get global user object
        global $user;
        // get survey id
        $question_id = $_POST['formElementFunction'];
        // check if the user is the surveyCreator or systemAdmin
        $question = new Question();
        $question->get_from_db($question_id);
        $survey = new Survey();
        $survey->get_from_db($question->getSurvey());
        if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) {
            $error = new Error("Question PrintExcelGender: unathorised access");
            $error->writeLog();
            logout();
            die;
        }
        header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportGender.php?question_id=' . $question_id);
        die;
    } elseif ($function == 'PrintExcelAge') {
        // get global user object
        global $user;
        // get survey id
        $question_id = $_POST['formElementFunction'];
        // check if the user is the surveyCreator or systemAdmin
        $question = new Question();
        $question->get_from_db($question_id);
        $survey = new Survey();
        $survey->get_from_db($question->getSurvey());
        if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) {
            $error = new Error("Question PrintExcelAge: unathorised access");
            $error->writeLog();
            logout();
            die;
        }
        header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportAge.php?question_id=' . $question_id);
        die;
    }
    die;
}
Ejemplo n.º 2
0
<?php

// get session vars
global $user;
$session_survey = new Survey();
$session_question = new Question();
$session_groups = array();
$session_answers = array();
$session_survey = get_session_survey();
$session_question = get_session_question();
$session_groups = get_session_groups();
$session_answers = get_session_answers();
?>
<script type="text/javascript" src="<?php 
echo ROOT_DIR;
?>
js/jquery-1.9.1.js"></script>
<script type="text/javascript" src="<?php 
echo ROOT_DIR;
?>
js/jquery-ui.js"></script>

<div class="ac">
    <div class="accordion">
        <h3 class="no-float ac" id="survey_data"><?php 
echo SURVEY_QUESTION_PAGE_SURVEY_DATA;
?>
</h3>
        <div class="ac">
            <form id="formSurvey" class="form ac" action="<?php 
echo ROOT_DIR . '?page=survey_edit&amp;funct=survey_funct';