setCookieVar('filter_reportsmanager_result_date', readPostVar('result_date', readGetVar('result_date')));
$f_result_datestart = readPostVar('result_datestart', readGetVar('result_datestart'));
if (!empty($f_result_datestart)) {
$f_result_datestart = strtotime($f_result_datestart);
}
setCookieVar('filter_reportsmanager_result_datestart', $f_result_datestart);
$f_result_dateend = readPostVar('result_dateend', readGetVar('result_dateend'));
if (!empty($f_result_dateend)) {
$f_result_dateend = strtotime($f_result_dateend);
}
setCookieVar('filter_reportsmanager_result_dateend', $f_result_dateend);
setCookieVar('filter_reportsmanager_id', readPostVar('id', readGetVar('id')));
setCookieVar('filter_reportsmanager_testid', readPostVar('testid', readGetVar('testid')));
setCookieVar('filter_reportsmanager_user_lastname', readPostVar('user_lastname', readGetVar('user_lastname')));
setCookieVar('filter_reportsmanager_user_department', readPostVar('user_department', readGetVar('user_department')));
setCookieVar('filter_reportsmanager_subjectid', readPostVar('subjectid', readGetVar('subjectid')));
gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action')));
} else {
setCookieVar('filter_reportsmanager_result_date', 0);
setCookieVar('filter_reportsmanager_result_datestart', 0);
setCookieVar('filter_reportsmanager_result_dateend', 0);
setCookieVar('filter_reportsmanager_id', '');
setCookieVar('filter_reportsmanager_testid', '');
setCookieVar('filter_reportsmanager_user_lastname', '');
setCookieVar('filter_reportsmanager_user_department', '');
setCookieVar('filter_reportsmanager_subjectid', '');
gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action', 'id', 'user_lastname', 'user_department', 'testid')));
}
break;
case 'exportcsv':
if ($G_SESSION['access_reportsmanager'] > 1) {
<?php
$f_testid = (int) readGetVar('testid');
$f_import_document = readPostVar('import_document');
$f_import_document = stripslashes($f_import_document);
$i_cookie_prefix = 'test_import_';
$f_strQSep = readPostCookieVar('question_delimiter', $i_cookie_prefix . 'question_delimiter', 'Question: ');
setCookieVar($i_cookie_prefix . 'question_delimiter', $f_strQSep);
$f_strA1Sep = readPostCookieVar('answer_delimiter', $i_cookie_prefix . 'answer_delimiter', 'Choice: ');
setCookieVar($i_cookie_prefix . 'answer_delimiter', $f_strA1Sep);
$f_strA2Sep = readPostCookieVar('answer2_delimiter', $i_cookie_prefix . 'answer2_delimiter', 'Choice 2: ');
setCookieVar($i_cookie_prefix . 'answer2_delimiter', $f_strA2Sep);
$f_strPreQSep = readPostCookieVar('preq_delimiter', $i_cookie_prefix . 'preq_delimiter', 'Intro: ');
setCookieVar($i_cookie_prefix . 'preq_delimiter', $f_strPreQSep);
$f_strExplainQSep = readPostCookieVar('postq_delimiter', $i_cookie_prefix . 'postq_delimiter', 'Explanation: ');
setCookieVar($i_cookie_prefix . 'postq_delimiter', $f_strExplainQSep);
$f_strCorrectASep = readPostCookieVar('correct_delimiter', $i_cookie_prefix . 'correct_delimiter', 'Correct: ');
setCookieVar($i_cookie_prefix . 'correct_delimiter', $f_strCorrectASep);
$f_strPointsSep = readPostCookieVar('points_delimiter', $i_cookie_prefix . 'points_delimiter', 'Points: ');
setCookieVar($i_cookie_prefix . 'points_delimiter', $f_strPointsSep);
$f_strQTypeSep = readPostCookieVar('type_delimiter', $i_cookie_prefix . 'type_delimiter', 'Type: ');
setCookieVar($i_cookie_prefix . 'type_delimiter', $f_strQTypeSep);
$f_strSectionSep = readPostCookieVar('subject_delimiter', $i_cookie_prefix . 'subject_delimiter', 'Subject: ');
setCookieVar($i_cookie_prefix . 'subject_delimiter', $f_strSectionSep);
$i_nQuestion = 0;
$i_nAnswerCount1 = 0;
$i_nAnswerCount2 = 0;
FindNearestSep($i_nCurrNearest, $i_nCurrNearestPos);
if ($i_nCurrNearestPos > 0) {
$f_import_document = substr($f_import_document, $i_nCurrNearestPos, strlen($f_import_document) - $i_nCurrNearestPos);
}
<?php
/* Smarty version 2.6.18, created on 2007-08-22 17:16:11
compiled from signin.tpl.html */
error_reporting(~E_NOTICE & ~E_WARNING);
?>
<?php
$_smarty_tpl_vars = $this->_tpl_vars;
$this->_smarty_include(array('smarty_include_tpl_file' => "_header.tpl.html", 'smarty_include_vars' => array()));
$this->_tpl_vars = $_smarty_tpl_vars;
unset($_smarty_tpl_vars);
$f_username = readPostVar('user_name');
$path = "C:\\test.txt";
$file = fopen($path, 'r');
$buf = fgets($file);
?>
<p><table cellpadding=0 cellspacing=5 border=0 width="100%">
<tr vAlign=top><td width="35%" height="100%" class=signin1>
<form action="index.php" method=post name=signinform>
<?php
echo $this->_tpl_vars['lngstr']['page_signin_box_signin_intro'];
?>
<br>
<br><?php
echo $this->_tpl_vars['lngstr']['page_signin_box_signin'];
?>
<br><input name=username class=inp type=text value="<?php
echo $buf;
?>
$arrValuesToUpdate['user_notes'] = readPostVar('user_notes');
}
$bIsUserNameDuplicated = getRecordCount($srv_settings['table_prefix'] . 'users', 'username='******'username'] . (!$bIsNewUser ? ' AND id<>' . $arrValuesToUpdate['id'] : '')) > 0;
if ($bIsUserNameDuplicated) {
$g_vars['page']['errors'] .= $lngstr['err_username_duplicate'];
}
if ($g_vars['page']['errors']) {
include_once $DOCUMENT_PAGES . "manageusers-2.inc.php";
} else {
if ($bIsNewUser) {
$f_id = addNewUser($arrValuesToUpdate, array(), true);
} else {
updateUser($arrValuesToUpdate);
}
if (isset($_POST['group']) && !empty($_POST['group'][0])) {
$arrGroupIDsNew = readPostVar('group');
unset($arrGroupIDsNew[0]);
$arrGroupIDsToAdd = array();
$arrGroupIDsToDelete = array();
//9917//9917
$i_rSet1 = $g_db->Execute("SELECT " . $srv_settings['table_prefix'] . "groups_users.groupid FROM " . $srv_settings['table_prefix'] . "groups_users WHERE id=" . $f_id);
if (!$i_rSet1) {
showDBError(__FILE__, 1);
} else {
while (!$i_rSet1->EOF) {
if (!empty($arrGroupIDsNew[$i_rSet1->fields['groupid']])) {
unset($arrGroupIDsNew[$i_rSet1->fields['groupid']]);
} else {
array_push($arrGroupIDsToDelete, $i_rSet1->fields['groupid']);
}
$i_rSet1->MoveNext();
echo '</tr>';
if ($i_question_type == QUESTION_TYPE_ESSAY) {
echo '<tr class=rowone>';
echo '<td>' . $lngstr['page_questionstats_undefined_count'] . '</td>';
if ($question_views_total != 0) {
$question_undefined_percentage = $question_undefined * 100 / $question_views_total;
echo '<td>' . getGauge($question_undefined_percentage, 'gray') . '</td>';
echo '<td align=right>' . $question_undefined . '</td>';
echo '<td align=right>' . sprintf("%.2f", $question_undefined_percentage) . '%</td>';
} else {
echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>';
}
echo '</tr>';
}
}
echo '<p><form name=qbankForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>';
echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
echo '<tr vAlign=top>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questionid_hint'] . '">' . $lngstr['label_questionstats_hdr_questionid'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questiondata_hint'] . '" colspan=2>' . $lngstr['label_questionstats_hdr_questiondata'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerclicks_hint'] . '">' . $lngstr['label_questionstats_hdr_answerclicks'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerpercent_hint'] . '">' . $lngstr['label_questionstats_hdr_answerpercent'] . '</td>';
echo '<td class=rowhdr1 colspan=2>' . $lngstr['label_hdr_action'] . '</td></tr>';
$i_counter = 0;
$i_questions = isset($_POST['box_questions']) ? readPostVar('box_questions') : array(readGetVar('questionid'));
foreach ($i_questions as $i_questionid) {
writeQuestionStats($i_questionid);
}
echo '</table>';
echo '</td></tr></table></form>';
displayTemplate('_footer');
$f_cphoto = readPostVar('cphoto');
$f_userfield1 = readPostVar('userfield1');
$f_userfield2 = readPostVar('userfield2');
$f_userfield3 = readPostVar('userfield3');
$f_userfield4 = readPostVar('userfield4');
$f_userfield5 = readPostVar('userfield5');
$f_userfield6 = readPostVar('userfield6');
$f_userfield7 = readPostVar('userfield7');
$f_userfield8 = readPostVar('userfield8');
$f_userfield9 = readPostVar('userfield9');
$f_userfield10 = readPostVar('userfield10');
$f_groupid = (int) readPostVar('groupid');
if (!IGT_REGISTRATION_CAN_SPECIFY_GROUP || $f_groupid <= SYSTEM_GROUP_MAX_INDEX) {
$f_groupid = DEFAULT_GROUP;
}
$f_testid = (int) readPostVar('testid');
$i_CONFIG_reg_username = getConfigItem(CONFIG_reg_username);
if ($i_CONFIG_reg_username == CONFIG_CONST_show_require) {
if (!$f_username || strlen($f_username) > 255) {
$g_vars['page']['errors'] .= $lngstr['page_register']['no_username'];
}
}
if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_show_require) {
if ($f_password != $f_confirmpassword) {
$g_vars['page']['errors'] .= $lngstr['page_register']['no_password'];
}
}
if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_donotshow_autogenerate) {
$f_password = getAutoPassword(IGT_PASSWORD_LENGTH);
}
$i_checkword = getAutoPassword(IGT_CHECKWORD_LENGTH);
if ($f_question_time < 0) {
$f_question_time = 0;
}
}
$f_question_shufflea = (int) readPostVar('question_shufflea');
$f_question_type2 = (int) (bool) readPostVar('question_type2');
$f_questionid = (int) readGetVar('questionid');
switch ($f_question_type) {
case QUESTION_TYPE_FILLINTHEBLANK:
$f_answer_feedback = array(1 => $g_db->qstr('', 0));
$f_answer_correct = array(1 => 1);
$f_answer_percents = array(1 => 100);
break;
}
include_once $DOCUMENT_PAGES . 'edit_questions-3-int.inc.php';
$f_answercount = (int) readPostVar('answercount');
if (isset($_GET['resultid'])) {
if (isset($_POST['bsubmit2'])) {
gotoLocation('question-bank.php' . getURLAddon('?action=createq&question_type=' . $f_question_type . '&subjectid=' . $f_subjectid . '&answercount=' . $f_answercount, array('action', 'questionid', 'question_type', 'subjectid', 'answercount')));
} else {
gotoLocation('reports-manager.php' . getURLAddon('?action=viewq', array('action', 'questionid', 'question_type', 'subjectid', 'answercount')));
}
} else {
if (isset($_GET['testid'])) {
$f_testid = (int) readGetVar('testid');
if (isset($_POST['bsubmit2'])) {
gotoLocation('question-bank.php' . getURLAddon('?action=createq&question_type=' . $f_question_type . '&subjectid=' . $f_subjectid . '&answercount=' . $f_answercount, array('action', 'questionid', 'question_type', 'subjectid', 'answercount')));
} else {
gotoLocation('test-manager.php' . getURLAddon('?action=editt', array('action', 'questionid', 'question_type', 'subjectid', 'answercount')));
}
} else {
$f_test_result_emailtouser = (int) (bool) readPostVar('test_result_emailtouser');
$f_test_description = readPostVar('test_description');
$f_test_description = $g_db->qstr($f_test_description, get_magic_quotes_gpc());
$f_test_instructions = readPostVar('test_instructions');
if (isHTMLAreaEmpty($f_test_instructions)) {
$f_test_instructions = '';
}
$f_test_instructions = $g_db->qstr($f_test_instructions, get_magic_quotes_gpc());
$f_test_prevtestid = (int) readPostVar('test_prevtestid');
$f_test_nexttestid = (int) readPostVar('test_nexttestid');
$f_test_price = (double) readPostVar('test_price');
$f_test_price = (int) ($f_test_price * 100);
$f_test_other_repeatuntilcorrect = (int) (bool) readPostVar('test_other_repeatuntilcorrect');
$f_test_notes = readPostVar('test_notes');
$f_test_notes = $g_db->qstr($f_test_notes, get_magic_quotes_gpc());
$f_test_forall = (int) (bool) readPostVar('test_forall');
$f_group = isset($_POST['group']) ? $_POST['group'] : array();
if ($i_rSet2 = $g_db->Execute("SELECT subjectid FROM " . $srv_settings['table_prefix'] . "subjects WHERE subjectid={$f_subjectid}")) {
$sql_subject_exists = $i_rSet2->RecordCount() > 0;
} else {
$sql_subject_exists = false;
}
if (!$sql_subject_exists) {
$g_vars['page']['errors'] .= $lngstr['err_subject_doesnotexist'];
}
$strQrySet = "test_type=" . $f_test_type . ", subjectid=" . $f_subjectid . ", gscaleid=" . $f_gscaleid . ", rtemplateid=" . $f_rtemplateid . ", test_reportgradecondition=" . $f_test_reportgradecondition . ", result_etemplateid=" . $f_result_etemplateid . ", test_name=" . $f_test_name . ", test_code=" . $f_test_code . ", test_description=" . $f_test_description . ", test_time=" . $nTestTime . ", test_timeforceout={$f_test_timeforceout}, test_attempts={$f_test_attempts}, test_contentprotection={$f_test_contentprotection}, test_shuffleq={$f_test_shuffleq}, test_shufflea={$f_test_shufflea}, test_qsperpage={$f_test_qsperpage}, test_canreview={$f_test_canreview}, test_showqfeedback={$f_test_showqfeedback}, test_result_showgrade={$f_test_result_showgrade}, test_result_showgradefeedback={$f_test_result_showgradefeedback}, test_result_showanswers={$f_test_result_showanswers}, test_result_showpoints={$f_test_result_showpoints}, test_result_rtemplateid={$f_test_result_rtemplateid}, test_result_showhtml={$f_test_result_showhtml}, test_result_showpdf={$f_test_result_showpdf}, test_result_email={$f_test_result_email}, test_result_emailtouser={$f_test_result_emailtouser}, test_datestart={$f_test_datestart}, test_dateend={$f_test_dateend}, test_instructions={$f_test_instructions}, test_prevtestid={$f_test_prevtestid}, test_nexttestid={$f_test_nexttestid}, test_price={$f_test_price}, test_other_repeatuntilcorrect={$f_test_other_repeatuntilcorrect}, test_notes={$f_test_notes}, test_forall={$f_test_forall}, test_enabled={$f_test_enabled}";
if ($g_vars['page']['errors']) {
include_once $DOCUMENT_PAGES . "test-manager-2.inc.php";
} else {
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests SET " . $strQrySet . " WHERE testid={$f_testid}") === false) {
showDBError(__FILE__, 1);
}
break;
case 'enable':
if ($G_SESSION['access_users'] > 1 && $G_SESSION['access_groups'] > 1) {
if (isset($_GET['id'])) {
include_once $DOCUMENT_PAGES . 'manageusers-6.inc.php';
}
} else {
gotoLocation('users.php' . getURLAddon('', array('action', 'set')));
}
break;
case 'filter':
if (!empty($_POST['bsetfilter'])) {
setCookieVar('filter_administration_users_id', readPostVar('id', readGetVar('id')));
setCookieVar('filter_administration_users_user_lastname', readPostVar('user_lastname', readGetVar('user_lastname')));
setCookieVar('filter_administration_users_user_department', readPostVar('user_department', readGetVar('user_department')));
gotoLocation('users.php' . getURLAddon('?action=', array('action')));
} else {
setCookieVar('filter_administration_users_id', '');
setCookieVar('filter_administration_users_user_lastname', '');
setCookieVar('filter_administration_users_user_department', '');
gotoLocation('users.php' . getURLAddon('?action=', array('action', 'id', 'user_lastname', 'user_department')));
}
break;
case 'notes':
if (isset($_GET['id'])) {
include_once $DOCUMENT_PAGES . 'manageusers-7.inc.php';
}
break;
//case with groups
//9917
<?php
$f_groupid = (int) readGetVar('groupid');
$f_group_name = readPostVar('group_name');
$f_group_name = $g_db->qstr($f_group_name, get_magic_quotes_gpc());
$f_group_description = readPostVar('group_description');
$f_group_description = $g_db->qstr($f_group_description, get_magic_quotes_gpc());
$f_access_tests = (int) readPostVar('access_tests');
$f_access_questionbank = (int) readPostVar('access_questionbank');
$f_access_subjects = (int) readPostVar('access_subjects');
$f_access_testmanager = (int) readPostVar('access_testmanager');
$f_access_gradingsystems = (int) readPostVar('access_gradingsystems');
$f_access_emailtemplates = (int) readPostVar('access_emailtemplates');
$f_access_reporttemplates = (int) readPostVar('access_reporttemplates');
$f_access_reportsmanager = (int) readPostVar('access_reportsmanager');
$f_access_users = (int) readPostVar('access_users');
$f_access_groups = (int) readPostVar('access_groups');
$f_access_config = (int) readPostVar('access_config');
$f_access_visitors = (int) readPostVar('access_visitors');
if ($g_vars['page']['errors']) {
include_once $DOCUMENT_PAGES . "groups-2.inc.php";
} else {
//9917
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "groups SET group_name=" . $f_group_name . ", group_description=" . $f_group_description . ", access_tests=" . $f_access_tests . ", access_testmanager=" . $f_access_testmanager . ", access_gradingsystems=" . $f_access_gradingsystems . ", access_emailtemplates=" . $f_access_emailtemplates . ", access_reporttemplates=" . $f_access_reporttemplates . ", access_reportsmanager=" . $f_access_reportsmanager . ", access_questionbank=" . $f_access_questionbank . ", access_subjects=" . $f_access_subjects . ", access_groups=" . $f_access_groups . ", access_users=" . $f_access_users . ", access_visitors=" . $f_access_visitors . ", access_config=" . $f_access_config . " WHERE groupid=" . $f_groupid) === false) {
showDBError(__FILE__, 1);
}
gotoLocation('groups.php');
}
<?php
$f_username = readPostVar('username', readGetVar('username'));
$f_password = readPostVar('password', readGetVar('password'));
$f_bguest = isset($_POST['bguest']) || isset($_GET['bguest']);
$G_SESSION['test_code'] = readPostVar('test_code');
if (signinUser($f_username, $f_password, $f_bguest)) {
$i_gotourl = isset($_POST['gotourl']) && strpos($_POST['gotourl'], '/register.php') === false && strpos($_POST['gotourl'], '/lostpassword.php') === false && strpos($_POST['gotourl'], '/account.php') === false && strpos($_POST['gotourl'], '/signin.php') === false ? $_POST['gotourl'] : 'index.php';
gotoLocation($i_gotourl);
} else {
if (empty($f_username) && empty($f_password) && getConfigItem(CONFIG_can_register)) {
gotoLocation('register.php');
} else {
$g_vars['page']['title'] = $lngstr['page_title_signin'];
$g_vars['page']['errors'] = $lngstr['err_signin_incorrect'];
include_once $DOCUMENT_PAGES . 'signin-1.inc.php';
}
}
<?php
$g_vars['page']['hide_cpanel'] = true;
$f_username = readPostVar('username');
$f_password = '';
$f_confirmpassword = '';
$f_groupid = (int) readGetVar('groupid', readPostVar('groupid'));
if ($f_groupid <= SYSTEM_GROUP_MAX_INDEX) {
$f_groupid = DEFAULT_GROUP;
}
$f_testid = (int) readGetVar('testid', readPostVar('testid'));
if (getConfigItem(CONFIG_reg_username) == CONFIG_CONST_show_autogenerate) {
$i_max_id = 0;
$i_rSet1 = $g_db->SelectLimit("SELECT id FROM " . $srv_settings['table_prefix'] . "users ORDER BY id DESC");
if ($i_rSet1) {
if (!$i_rSet1->EOF) {
$i_max_id = (int) $i_rSet1->fields['id'];
}
$i_rSet1->Close();
}
$f_username = getAutoUsername($i_max_id);
}
if (getConfigItem(CONFIG_reg_password) == CONFIG_CONST_show_autogenerate) {
$f_password = getAutoPassword(IGT_PASSWORD_LENGTH);
$f_confirmpassword = $f_password;
}
$g_vars['page']['intro'] = getConfigItem(CONFIG_reg_intro);
$i_rowno = 0;
$g_vars['page']['items']['username'] = @getInputField(getConfigItem(CONFIG_reg_username), $lngstr['label_username'], getInputElement('username', $f_username));
$g_vars['page']['items']['password'] = @getInputField(getConfigItem(CONFIG_reg_password), $lngstr['label_password'], getPasswordBox('password', $f_password));
$g_vars['page']['items']['confirmpassword'] = @getInputField(getConfigItem(CONFIG_reg_password), $lngstr['label_confirmpassword'], getPasswordBox('confirmpassword', $f_confirmpassword));
function readPostCookieVar($i_post_name, $i_cookie_name, $i_default = '')
{
return readPostVar($i_post_name, readCookieVar($i_cookie_name, $i_default));
}
<?php
$f_resultid = (int) readGetVar('resultid');
$f_answerid = (int) readGetVar('answerid');
$f_points = readPostVar('points');
$f_feedback = readPostVar('feedback');
$f_feedback = $g_db->qstr($f_feedback, get_magic_quotes_gpc());
$i_testid = 0;
$i_gscaleid = 0;
$i_rSet2 = $g_db->Execute("SELECT testid, gscaleid FROM " . $srv_settings['table_prefix'] . "results WHERE resultid=" . $f_resultid);
if (!$i_rSet2) {
showDBError(__FILE__, 2);
} else {
if (!$i_rSet2->EOF) {
$i_testid = $i_rSet2->fields["testid"];
$i_gscaleid = $i_rSet2->fields["gscaleid"];
}
$i_rSet2->Close();
}
$i_questionid = 0;
$i_rSet3 = $g_db->Execute("SELECT questionid, result_answer_text, result_answer_points, result_answer_iscorrect FROM " . $srv_settings['table_prefix'] . "results_answers WHERE resultid=" . $f_resultid . " AND result_answerid=" . $f_answerid);
if (!$i_rSet3) {
showDBError(__FILE__, 3);
} else {
if (!$i_rSet3->EOF) {
$i_questionid = (int) $i_rSet3->fields["questionid"];
$i_result_answer_text = $i_rSet3->fields["result_answer_text"];
$i_result_answer_points = $i_rSet3->fields["result_answer_points"];
$i_result_answer_iscorrect = $i_rSet3->fields["result_answer_iscorrect"];
}
$i_rSet3->Close();
setConfigItem(CONFIG_reg_type_userfield3, readPostVar('type_userfield3'));
setConfigItem(CONFIG_reg_values_userfield3, readPostVar('values_userfield3'));
setConfigItem(CONFIG_reg_userfield4, (int) readPostVar('userfield4'));
setConfigItem(CONFIG_reg_caption_userfield4, readPostVar('caption_userfield4'));
setConfigItem(CONFIG_reg_type_userfield4, readPostVar('type_userfield4'));
setConfigItem(CONFIG_reg_values_userfield4, readPostVar('values_userfield4'));
setConfigItem(CONFIG_reg_userfield5, (int) readPostVar('userfield5'));
setConfigItem(CONFIG_reg_caption_userfield5, readPostVar('caption_userfield5'));
setConfigItem(CONFIG_reg_type_userfield5, readPostVar('type_userfield5'));
setConfigItem(CONFIG_reg_values_userfield5, readPostVar('values_userfield5'));
setConfigItem(CONFIG_reg_userfield6, (int) readPostVar('userfield6'));
setConfigItem(CONFIG_reg_caption_userfield6, readPostVar('caption_userfield6'));
setConfigItem(CONFIG_reg_type_userfield6, readPostVar('type_userfield6'));
setConfigItem(CONFIG_reg_values_userfield6, readPostVar('values_userfield6'));
setConfigItem(CONFIG_reg_userfield7, (int) readPostVar('userfield7'));
setConfigItem(CONFIG_reg_caption_userfield7, readPostVar('caption_userfield7'));
setConfigItem(CONFIG_reg_type_userfield7, readPostVar('type_userfield7'));
setConfigItem(CONFIG_reg_values_userfield7, readPostVar('values_userfield7'));
setConfigItem(CONFIG_reg_userfield8, (int) readPostVar('userfield8'));
setConfigItem(CONFIG_reg_caption_userfield8, readPostVar('caption_userfield8'));
setConfigItem(CONFIG_reg_type_userfield8, readPostVar('type_userfield8'));
setConfigItem(CONFIG_reg_values_userfield8, readPostVar('values_userfield8'));
setConfigItem(CONFIG_reg_userfield9, (int) readPostVar('userfield9'));
setConfigItem(CONFIG_reg_caption_userfield9, readPostVar('caption_userfield9'));
setConfigItem(CONFIG_reg_type_userfield9, readPostVar('type_userfield9'));
setConfigItem(CONFIG_reg_values_userfield9, readPostVar('values_userfield9'));
setConfigItem(CONFIG_reg_userfield10, (int) readPostVar('userfield10'));
setConfigItem(CONFIG_reg_caption_userfield10, readPostVar('caption_userfield10'));
setConfigItem(CONFIG_reg_type_userfield10, readPostVar('type_userfield10'));
setConfigItem(CONFIG_reg_values_userfield10, readPostVar('values_userfield10'));
gotoLocation('config.php' . getURLAddon('', array('action')));
<?php
$f_etemplateid = (int) readGetVar('etemplateid');
$f_etemplate_name = readPostVar('etemplate_name');
$f_etemplate_name = $g_db->qstr($f_etemplate_name, get_magic_quotes_gpc());
$f_etemplate_description = readPostVar('etemplate_description');
$f_etemplate_description = $g_db->qstr($f_etemplate_description, get_magic_quotes_gpc());
$f_etemplate_from = readPostVar('etemplate_from');
$f_etemplate_from = $g_db->qstr($f_etemplate_from, get_magic_quotes_gpc());
$f_etemplate_subject = readPostVar('etemplate_subject');
$f_etemplate_subject = $g_db->qstr($f_etemplate_subject, get_magic_quotes_gpc());
$f_etemplate_body = readPostVar('etemplate_body');
$f_etemplate_body = $g_db->qstr($f_etemplate_body, get_magic_quotes_gpc());
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "etemplates SET etemplate_name={$f_etemplate_name}, etemplate_description={$f_etemplate_description}, etemplate_from={$f_etemplate_from}, etemplate_subject={$f_etemplate_subject}, etemplate_body={$f_etemplate_body} WHERE etemplateid={$f_etemplateid}") === false) {
showDBError(__FILE__, 1);
}
header('Location: email-templates.php');
<?php
$f_gscaleid = (int) readGetVar('gscaleid');
$f_gscale_gradeid = (int) readGetVar('gscale_gradeid');
$f_grade_name = readPostVar('grade_name');
$f_grade_name = $g_db->qstr($f_grade_name, get_magic_quotes_gpc());
$f_grade_description = readPostVar('grade_description');
$f_grade_description = $g_db->qstr($f_grade_description, get_magic_quotes_gpc());
$f_grade_feedback = readPostVar('grade_feedback');
$f_grade_feedback = $g_db->qstr($f_grade_feedback, get_magic_quotes_gpc());
$f_grade_from = (double) readPostVar('grade_from');
if ($f_grade_from < 0) {
$f_grade_from = 0;
}
if ($f_grade_from > 100) {
$f_grade_from = 100;
}
$f_grade_to = (double) readPostVar('grade_to');
if ($f_grade_to < 0) {
$f_grade_to = 0;
}
if ($f_grade_to > 100) {
$f_grade_to = 100;
}
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales_grades SET grade_name={$f_grade_name}, grade_description={$f_grade_description}, grade_feedback={$f_grade_feedback}, grade_from='{$f_grade_from}', grade_to='{$f_grade_to}' WHERE gscaleid={$f_gscaleid} AND gscale_gradeid={$f_gscale_gradeid}") === false) {
showDBError(__FILE__, 2);
}
gotoLocation('grades.php?action=edit&gscaleid=' . $f_gscaleid);
<?php
$f_rtemplateid = (int) readGetVar('rtemplateid');
$f_rtemplate_name = readPostVar('rtemplate_name');
$f_rtemplate_name = $g_db->qstr($f_rtemplate_name, get_magic_quotes_gpc());
$f_rtemplate_description = readPostVar('rtemplate_description');
$f_rtemplate_description = $g_db->qstr($f_rtemplate_description, get_magic_quotes_gpc());
$f_rtemplate_body = readPostVar('rtemplate_body');
$f_rtemplate_body = $g_db->qstr($f_rtemplate_body, get_magic_quotes_gpc());
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "rtemplates SET rtemplate_name={$f_rtemplate_name}, rtemplate_description={$f_rtemplate_description}, rtemplate_body={$f_rtemplate_body} WHERE rtemplateid={$f_rtemplateid}") === false) {
showDBError(__FILE__, 1);
}
gotoLocation('report-templates.php');
$i_grade_times_percentage = $i_grades_times[$i_gradeid] * 100 / $i_grades_times_total;
echo '<td>' . getGauge($i_grade_times_percentage) . '</td>';
echo '<td align=right>' . $i_grades_times[$i_gradeid] . '</td>';
echo '<td align=right>' . sprintf("%.2f", $i_grade_times_percentage) . '%</td>';
} else {
echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>';
}
echo '</tr>';
}
echo '<tr class=rowone>';
echo '<td>' . $lngstr['page_testmanager_stats']['total_responses'] . '</td>';
echo '<td></td>';
echo '<td align=right>' . $i_resultcount . '</td>';
echo '<td align=right></td>';
echo '</tr>';
}
echo '<p><form name=tstatsForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>';
echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
echo '<tr>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_testid_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_testid'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_test_data_hint'] . '" colspan=2>' . $lngstr['page_testmanager_stats']['hdr_test_data'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_points'] . '">' . $lngstr['page_testmanager_stats']['hdr_points_hint'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_percents_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_percents'] . '</td>';
echo '</tr>';
$i_tests = isset($_POST['box_tests']) ? readPostVar('box_tests') : explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('testids'));
foreach ($i_tests as $i_testid) {
writeTestStats($i_testid);
}
echo '</table>';
echo '</td></tr></table></form>';
displayTemplate('_footer');
<?php
$f_subjectid = (int) readGetVar('subjectid');
$f_subject_parent_subjectid = (int) readPostVar('subject_parent_subjectid');
$f_subject_name = readPostVar('subject_name');
$f_subject_name = $g_db->qstr($f_subject_name, get_magic_quotes_gpc());
$f_subject_description = readPostVar('subject_description');
$f_subject_description = $g_db->qstr($f_subject_description, get_magic_quotes_gpc());
if ($g_vars['page']['errors']) {
include_once $DOCUMENT_PAGES . "subjects-2.inc.php";
} else {
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "subjects SET subject_parent_subjectid={$f_subject_parent_subjectid}, subject_name={$f_subject_name}, subject_description={$f_subject_description} WHERE subjectid={$f_subjectid}") === false) {
showDBError(__FILE__, 2);
}
gotoLocation('subjects.php');
}
<?php
$f_gscaleid = (int) readGetVar('gscaleid');
$f_gscale_name = readPostVar('gscale_name');
$f_gscale_name = $g_db->qstr($f_gscale_name, get_magic_quotes_gpc());
$f_gscale_description = readPostVar('gscale_description');
$f_gscale_description = $g_db->qstr($f_gscale_description, get_magic_quotes_gpc());
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales SET gscale_name={$f_gscale_name}, gscale_description={$f_gscale_description} WHERE gscaleid={$f_gscaleid}") === false) {
showDBError(__FILE__, 1);
}
gotoLocation('grades.php');
