function getFiles($labbarcode)
{
global $db;
$files = array();
$query = 'select id, urid, name, size from ' . Config::dbSurveyData() . '_files where labbarcode="' . prepareDatabaseString($labbarcode) . '"';
$result = $db->selectQuery($query);
if ($result != null && $db->getNumberOfRows($result) > 0) {
while ($row = $db->getRow($result)) {
$files[] = array(id => $row['id'], urid => $row['urid'], name => $row['name'], size => $row['size']);
}
}
return $files;
}
private function storeAnswer($primkey, $variable, $answer, $striptags = true)
{
global $engine;
$localdb = null;
if (Config::useTransactions() == true) {
global $transdb;
$localdb = $transdb;
} else {
global $db;
$localdb = $db;
}
$dirty = $this->getDirty();
$prim = $primkey;
$var = $variable;
//$engine->prefixVariableName($variable);
$ans = $answer;
if ($ans == "" && $ans !== 0) {
// preserve '0' as answer
$ans = null;
}
$version = getSurveyVersion();
$language = getSurveyLanguage();
$mode = getSurveyMode();
$suid = getSurvey();
// set session language/mode here if changed through routing!
if ($ans != null) {
if (strtoupper($variable) == strtoupper(VARIABLE_LANGUAGE)) {
$_SESSION['PARAMS'][SESSION_PARAM_LANGUAGE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_MODE)) {
$_SESSION['PARAMS'][SESSION_PARAM_MODE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_VERSION)) {
$_SESSION['PARAMS'][SESSION_PARAM_VERSION] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_TEMPLATE)) {
$_SESSION['PARAMS'][SESSION_PARAM_TEMPLATE] = $ans;
}
}
}
}
}
/* set attributes for data record processing in export */
$this->suid = $suid;
$this->primkey = $prim;
$this->language = $language;
$this->mode = $mode;
$this->version = $version;
$this->ts = date("Y-m-d h:i:s", time());
if (Config::prepareDataQueries() == false) {
global $survey;
$key = $survey->getDataEncryptionKey();
if ($ans == null && $ans !== 0) {
$answer = 'null';
} else {
$answer = '"' . prepareDatabaseString($ans, $striptags) . '"';
if ($key != "") {
$answer = "aes_encrypt('" . prepareDatabaseString($ans, $striptags) . "', '" . $key . "')";
}
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = prepareDatabaseString($suid);
$queryvalues .= ",'" . prepareDatabaseString($prim) . "'";
$queryvalues .= ",'" . prepareDatabaseString($var) . "'";
$queryvalues .= "," . $answer;
$queryvalues .= "," . prepareDatabaseString($dirty);
$queryvalues .= "," . prepareDatabaseString($version);
$queryvalues .= "," . prepareDatabaseString($language);
$queryvalues .= "," . prepareDatabaseString($mode);
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
//echo $query;
if ($localdb->executeQuery($query)) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($query);
}
return true;
}
return false;
} else {
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $suid);
$bp->add(MYSQL_BINDING_STRING, $prim);
$bp->add(MYSQL_BINDING_STRING, $var);
$bp->add(MYSQL_BINDING_STRING, $ans);
$bp->add(MYSQL_BINDING_INTEGER, $dirty);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
global $survey;
$key = $survey->getDataEncryptionKey();
$answer = "?";
if ($key != "") {
$answer = "aes_encrypt(?, '" . $key . "')";
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = '?,?,?,' . $answer . ',?,?,?,?';
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
if ($localdb->executeBoundQuery($query, $bp->get())) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($queryparams, $queryvalues, $bp);
}
return true;
}
return false;
}
}
function saveChanges()
{
global $db;
$query = 'UPDATE ' . Config::dbSurveyData() . '_lab SET ';
$query .= 'barcode = aes_encrypt("' . prepareDatabaseString($this->getBarcode()) . '", "' . Config::labKey() . '"), ';
$query .= 'labbarcode = aes_encrypt("' . prepareDatabaseString($this->getLabBarcode()) . '", "' . Config::labKey() . '"), ';
$query .= 'consent1 = "' . prepareDatabaseString($this->getConsent1()) . '",';
$query .= 'consent2 = "' . prepareDatabaseString($this->getConsent2()) . '", ';
$query .= 'consent3 = "' . prepareDatabaseString($this->getConsent3()) . '", ';
$query .= 'consent4 = "' . prepareDatabaseString($this->getConsent4()) . '", ';
$query .= 'consent5 = "' . prepareDatabaseString($this->getConsent5()) . '", ';
$query .= 'refusal = "' . prepareDatabaseString($this->getRefusal()) . '", ';
$query .= 'refusalreason = "' . prepareDatabaseString($this->getRefusalReason()) . '", ';
$query .= 'refusaldate = "' . prepareDatabaseString($this->getRefusalDate()) . '", ';
$query .= 'cd4res = "' . prepareDatabaseString($this->getCD4res()) . '", ';
$query .= 'cd4date = "' . prepareDatabaseString($this->getCD4date()) . '", ';
$query .= 'survey = "' . prepareDatabaseString($this->getSurvey()) . '", ';
$query .= 'measures = "' . prepareDatabaseString($this->getMeasures()) . '", ';
$query .= 'vision = "' . prepareDatabaseString($this->getVision()) . '", ';
$query .= 'anthropometrics = "' . prepareDatabaseString($this->getAnthropometrics()) . '", ';
$query .= 'requestform = "' . prepareDatabaseString($this->getRequestForm()) . '", ';
$query .= 'urid = "' . prepareDatabaseString($this->getUrid()) . '", ';
$query .= 'labvisitts = "' . prepareDatabaseString($this->getLabVisitTs()) . '", ';
$query .= 'fielddbsshipmentdate = "' . prepareDatabaseString($this->getFieldDBSShipmentDate()) . '", ';
$query .= 'fielddbsreceiveddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDate()) . '", ';
$query .= 'fielddbscollecteddate = "' . prepareDatabaseString($this->getFieldDBSCollectedDate()) . '", ';
$query .= 'fielddbsshipmentreturneddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDateFromLab()) . '", ';
$query .= 'fielddbsclinicresultsissueddate = "' . prepareDatabaseString($this->getFieldDBSClinicResultsIssued()) . '", ';
$query .= 'fielddbsstatus = "' . prepareDatabaseString($this->getFieldDBSStatus()) . '", ';
$query .= 'labdbslocation = "' . prepareDatabaseString($this->getLabDBSLocation()) . '", ';
$query .= 'labdbsposition = "' . prepareDatabaseString($this->getLabDBSPosition()) . '", ';
$query .= 'labbloodstatus = "' . prepareDatabaseString($this->getLabBloodStatus()) . '", ';
$query .= 'labbloodshipmentdate = "' . prepareDatabaseString($this->getLabBloodShipmentDate()) . '", ';
$query .= 'labbloodshipmentreturneddate = "' . prepareDatabaseString($this->getLabBloodReceivedDateFromLab()) . '", ';
$query .= 'labbloodlocation = "' . prepareDatabaseString($this->getLabBloodLocation()) . '", ';
$query .= 'labbloodposition = "' . prepareDatabaseString($this->getLabBloodPosition()) . '", ';
$query .= 'labbloodsenttolab = "' . prepareDatabaseString($this->getLabBloodSentToLab()) . '", ';
$query .= 'labbloodnotcollected = "' . prepareDatabaseString($this->getLabBloodNotCollected()) . '", ';
$query .= 'consenturid = "' . prepareDatabaseString($this->getConsentUrid()) . '", ';
$query .= 'consentts = "' . prepareDatabaseString($this->getConsentTs()) . '" ';
$query .= 'WHERE primkey = "' . prepareDatabaseString($this->getPrimkey()) . '"';
//echo '<br/><br/><br/>' . $query;
$db->executeQuery($query);
}
function captureScreenshot()
{
global $db;
$l = $this->getParam(POST_PARAM_LANGUAGE);
$m = $this->getParam(POST_PARAM_MODE);
$v = $this->getParam(POST_PARAM_VERSION);
$result = urldecode(loadvar(POST_PARAM_SCREENSHOT));
$stateid = $this->getParam(POST_PARAM_STATEID);
$primkey = $this->getParam(POST_PARAM_PRIMKEY);
$suid = $this->getParam(POST_PARAM_SUID);
$screen = gzcompress($result, 9);
if ($stateid == "") {
$stateid = 1;
}
$bp = new BindParam();
$scid = null;
$bp->add(MYSQL_BINDING_INTEGER, $scid);
$bp->add(MYSQL_BINDING_INTEGER, $suid);
$bp->add(MYSQL_BINDING_STRING, $primkey);
$bp->add(MYSQL_BINDING_INTEGER, $stateid);
$bp->add(MYSQL_BINDING_STRING, $screen);
$bp->add(MYSQL_BINDING_INTEGER, $m);
$bp->add(MYSQL_BINDING_INTEGER, $l);
$bp->add(MYSQL_BINDING_INTEGER, $v);
$key = $this->survey->getDataEncryptionKeyDirectly($m, $l, $this->getParam(POST_PARAM_DEFAULT_MODE), $this->getParam(POST_PARAM_DEFAULT_LANGUAGE));
if ($key == "") {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)";
} else {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)";
}
//echo $query;
//print_r($bp->get());
$db->executeBoundQuery($query, $bp->get());
exit;
}
function captureScreenshot($result)
{
global $engine, $survey, $db;
$l = getSurveyLanguage();
$m = getSurveyMode();
$v = getSurveyVersion();
$key = $survey->getDataEncryptionKey();
$stateid = $engine->getStateId();
if ($engine->getForward() == true) {
$stateid++;
}
//$screen = gzcompress(preg_replace($i, $ii, $result), 9);
$screen = gzcompress($result, 9);
if ($stateid == "") {
$stateid = 1;
}
$primkey = $engine->getPrimaryKey();
$bp = new BindParam();
$suid = $engine->getSuid();
$scid = null;
$bp->add(MYSQL_BINDING_INTEGER, $scid);
$bp->add(MYSQL_BINDING_INTEGER, $suid);
$bp->add(MYSQL_BINDING_STRING, $primkey);
$bp->add(MYSQL_BINDING_INTEGER, $stateid);
$bp->add(MYSQL_BINDING_STRING, $screen);
$bp->add(MYSQL_BINDING_INTEGER, $m);
$bp->add(MYSQL_BINDING_INTEGER, $l);
$bp->add(MYSQL_BINDING_INTEGER, $v);
if ($key == "") {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)";
} else {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)";
}
//echo $query;
//print_r($bp->get());
$db->executeBoundQuery($query, $bp->get());
return "";
}
function getFieldNotNull($survey, $fieldname)
{
global $db;
$dataStr = '';
$actions = array();
//99900174
$query = 'select DATE(ts) as dateobs, count(*) as cntobs, primkey from ' . Config::dbSurveyData() . '_data where suid = ' . $survey . ' and variablename="' . $fieldname . '" and length(primkey) > ' . Config::getMinimumPrimaryKeyLength() . ' and length(primkey) < ' . Config::getMaximumPrimaryKeyLength() . ' and answer is not null group by DATE(ts) order by ts asc';
$total = 0;
$dataStr .= "[Date.UTC(2014, 6, 20), 0 ],";
$result = $db->selectQuery($query);
while ($row = $db->getRow($result)) {
$key = $row['dateobs'];
$total += $row['cntobs'];
$dataStr .= "[Date.UTC(" . substr($key, 0, 4) . ", " . (substr($key, 5, 2) - 1) . ", " . substr($key, 8, 2) . "), " . $total . "],";
}
$returnStr = rtrim($dataStr, ',');
return $returnStr;
}
function processParaData($name = "")
{
$_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_SURVEY_RETRIEVAL;
$query = "select max(pid) as pid from " . Config::dbSurveyData() . "_processed_paradata where suid=" . $this->survey->getSuid();
//}
//echo $query;
$pid = 0;
$res = $this->db->selectQuery($query);
if ($res) {
$row = $this->db->getRow($res);
$pid = $row["pid"];
if ($pid == "") {
$pid = 0;
}
}
$arr = array();
$decrypt = "paradata as data_dec";
$key = "";
if ($this->survey->getDataEncryptionKey() != "") {
$key = $this->survey->getDataEncryptionKey();
$decrypt = "aes_decrypt(paradata, '" . $this->survey->getDataEncryptionKey() . "') as data_dec";
}
if ($name == "") {
$query = "select *, {$decrypt} from " . Config::dbSurveyData() . "_paradata where pid > {$pid} and suid=" . $this->survey->getSuid() . ' order by primkey, pid asc';
} else {
$query = "select *, {$decrypt} from " . Config::dbSurveyData() . "_paradata where pid > {$pid} and suid=" . $this->survey->getSuid() . ' and (displayed = "' . $name . '" OR displayed like "%' . $name . '~%") order by primkey, pid asc';
}
//}
//echo $query;
$res = $this->db->selectQuery($query);
$codes = array_values(Common::errorCodes());
if ($res) {
$oldprimkey = "";
$arr = array();
if ($this->db->getNumberOfRows($res) > 0) {
$num = $db->getNumberOfRows($res);
$cnt = 0;
while ($row = $this->db->getRow($res)) {
// end of primkey, so store
if ($oldprimkey != "" && $row["primkey"] != $oldprimkey) {
// k: varname
// a: array of error codes with number of times
foreach ($arr as $k => $a) {
foreach ($a as $error => $times) {
$query = "replace into " . Config::dbSurveyData() . "_processed_paradata (`pid`, `suid`, `primkey`, `rgid`, `variablename`, `answer`, `language`, `mode`, `version`, `ts`) values (";
if ($key != "") {
$query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "',aes_encrypt('" . $times . "','" . $key . "')," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'";
} else {
$query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "','" . $times . "'," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'";
}
$query .= ")";
$this->db->executeQuery($query);
//echo $query . "<hr>";
}
}
// reset
$arr = array();
}
$oldprimkey = $row["primkey"];
$line = strtoupper($row["displayed"]);
// if displayed == variable OR displayed contains ~varname~ or displayed starts with varname~, process; otherwise skip
if ($name == "" || $line == strtoupper($name) || contains($line, "~" . $name . "~") || startsWith($line, $name . "~")) {
$line = $row["data_dec"];
$line = str_replace("FO=", "FO:", $line);
$line = str_replace("FI=", "FI:", $line);
$a = explode("||", $line);
$displayed = explode("~", $row["displayed"]);
$variables = array();
foreach ($displayed as $d) {
if (startsWith($d, ROUTING_IDENTIFY_SUBGROUP) == false && startsWith($d, ROUTING_IDENTIFY_ENDSUBGROUP) == false) {
$variables[] = $d;
}
}
foreach ($a as $k) {
$t = explode(":", $k);
$code = $t[0];
// error code
if (inArray($code, $codes)) {
$s = explode("=", $t[1]);
$varname = $s[0];
$number = str_replace("answer", "", str_replace("_name[]", "", $varname));
// find varname
if (isset($variables[$number - 1])) {
$variable = $variables[$number - 1];
if (isset($arr[strtoupper($variable)])) {
$vararray = $arr[strtoupper($variable)];
} else {
$vararray = array();
}
if (isset($vararray[strtoupper($code)])) {
//echo $k . '------adding for: ' . $oldprimkey . '----' . $variable . "<hr>";
$vararray[strtoupper($code)] = $vararray[strtoupper($code)] + 1;
} else {
$vararray[strtoupper($code)] = 1;
}
$arr[strtoupper($variable)] = $vararray;
}
} else {
if (inArray($code, array("FO", "FI"))) {
foreach ($variables as $variable) {
if (isset($arr[strtoupper($variable)])) {
$vararray = $arr[strtoupper($variable)];
} else {
$vararray = array();
}
if (isset($vararray[strtoupper($code)])) {
//echo $k . '------adding for: ' . $oldprimkey . '----' . $variable . "<hr>";
$vararray[strtoupper($code)] = $vararray[strtoupper($code)] + 1;
} else {
$vararray[strtoupper($code)] = 1;
}
$arr[strtoupper($variable)] = $vararray;
}
}
}
}
}
$cnt++;
// this was last one, so store
if ($cnt == $num) {
// k: varname
// a: array of error codes with number of times
//print_r($arr);
foreach ($arr as $k => $a) {
foreach ($a as $error => $times) {
$query = "replace into " . Config::dbSurveyData() . "_processed_paradata (`pid`, `suid`, `primkey`, `rgid`, `variablename`, `answer`, `language`, `mode`, `version`, `ts`) values (";
if ($key != "") {
$query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "',aes_encrypt('" . $times . "','" . $key . "')," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'";
} else {
$query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "','" . $times . "'," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'";
}
$query .= ")";
$db->executeQuery($query);
//echo $query . "<hr>";
}
}
// reset
$arr = array();
}
}
}
}
$_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_ADMIN_RETRIEVAL;
}
function getLastSurveyAction($sessionid, $primkey)
{
global $db;
$query = 'select asid from ' . Config::dbSurveyData() . '_actions where sessionid = \'' . prepareDatabaseString($sessionid) . '\' and primkey = \'' . prepareDatabaseString($primkey) . '\' and systemtype = ' . USCIC_SURVEY . " and actiontype != " . ACTION_WINDOW_IN . " and actiontype != " . ACTION_WINDOW_OUT . " order by asid desc limit 0,1";
if ($result = $db->selectQuery($query)) {
if ($db->getNumberOfRows($result) == 0) {
return 0;
}
$row = $db->getRow($result);
return $row["asid"];
}
return -1;
}
$result = $db->selectQuery($query);
if ($result != null && $db->getNumberOfRows($result) > 0) {
$row = $db->getRow($result);
ob_clean();
header('Content-type: image/jpg');
if ($row['picture'] != null) {
print $row['picture1'];
} else {
//display 'empty' image
ob_clean();
header('Content-type: image/jpg');
echo file_get_contents('../../images/nopicture.png');
}
exit;
} else {
//display 'empty' image
ob_clean();
header('Content-type: image/jpg');
echo file_get_contents('../../images/nopicture.png');
exit;
}
} else {
//store
$query = 'replace into ' . Config::dbSurveyData() . '_pictures (primkey, variablename, picture) VALUES (';
$query .= '"' . addslashes($id) . '", ';
$query .= '"' . addslashes($fieldname) . '", ';
//$query .= '"' . addslashes(base64_decode(implode("", $_POST))) . '") ';
$query .= 'AES_ENCRYPT("' . addslashes(base64_decode(implode("", $_POST))) . '", "' . Config::filePictureKey() . '")) ';
$db->executeQuery($query);
}
}
function showOutputParaDataRes()
{
$de = new DataExport(loadvar('survey'));
if (loadvar(DATA_OUTPUT_FILENAME) != "") {
$de->setProperty(DATA_OUTPUT_FILENAME, loadvar(DATA_OUTPUT_FILENAME));
} else {
$de->setProperty(DATA_OUTPUT_FILENAME, Config::dbSurveyData() . "_paradata");
}
$cookievars = "";
if (isset($_COOKIE['uscicvariablecookie'])) {
if (loadvar(DATA_OUTPUT_SUBDATA) == SUBDATA_YES) {
$vars = explode("-", $_COOKIE['uscicvariablecookie']);
$arr = array();
foreach ($vars as $var) {
$varsplit = explode("~", $var);
if (loadvar('survey') == $varsplit[0]) {
// only consider variables from survey we are downloading for
$survey = new Survey($varsplit[0]);
$v = $survey->getVariableDescriptive($varsplit[1]);
if ($v->getName() != "") {
$arr[] = strtoupper($v->getName());
}
}
}
if (sizeof($arr) > 0) {
$cookievars = implode("~", $arr);
}
}
}
$de->setProperty(DATA_OUTPUT_VARLIST, $cookievars);
$de->setProperty(DATA_OUTPUT_FILETYPE, loadvar(DATA_OUTPUT_FILETYPE));
$this->determineModeLanguage($de);
$de->setProperty(DATA_OUTPUT_TYPE, DATA_OUTPUT_TYPE_DATA_TABLE);
$de->setProperty(DATA_OUTPUT_PRIMARY_KEY_ENCRYPTION, loadvar(DATA_OUTPUT_PRIMARY_KEY_ENCRYPTION));
$de->setProperty(DATA_OUTPUT_PRIMARY_KEY_IN_DATA, loadvar(DATA_OUTPUT_PRIMARY_KEY_IN_DATA));
$de->setProperty(DATA_OUTPUT_SURVEY, loadvar(DATA_OUTPUT_SURVEY));
$de->setProperty(DATA_OUTPUT_TYPEDATA, loadvar(DATA_OUTPUT_TYPEDATA));
$de->setProperty(DATA_OUTPUT_FROM, loadvar(DATA_OUTPUT_FROM));
$de->setProperty(DATA_OUTPUT_TO, loadvar(DATA_OUTPUT_TO));
if (loadvar(DATA_OUTPUT_TYPEPARADATA) == PARADATA_RAW) {
$de->setProperty(DATA_OUTPUT_FILETYPE, FILETYPE_CSV);
$de->generateParadata();
} else {
$de->setProperty(DATA_OUTPUT_FILETYPE, loadvar(DATA_OUTPUT_FILETYPE));
$de->generateProcessedParadata();
}
$de->download();
}
<?php
require_once "../../../../dbConfig.php";
require_once "../../../../config.php";
$options = array('delete_type' => 'POST', 'db_host' => Config::dbServer(), 'db_user' => Config::dbUser(), 'db_pass' => Config::dbPassword(), 'db_name' => Config::dbName(), 'db_table' => Config::dbSurveyData() . '_files');
error_reporting(E_ALL | E_STRICT);
require 'UploadHandler.php';
class CustomUploadHandler extends UploadHandler
{
protected function initialize()
{
$this->db = new mysqli($this->options['db_host'], $this->options['db_user'], $this->options['db_pass'], $this->options['db_name']);
parent::initialize();
$this->db->close();
}
protected function handle_form_data($file, $index)
{
$file->title = @$_REQUEST['title'][$index];
$file->description = @$_REQUEST['description'][$index];
}
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null)
{
// $file = parent::handle_file_upload($uploaded_file, $name, $size, $type, $error, $index, $content_range);
$file = new \stdClass();
$file->name = $name;
$file->size = $size;
// $file->content = json_encode($uploaded_file);
$file->content = str_replace(array('"', '\\'), "", $uploaded_file);
if (file_exists($file->content)) {
$test = file_get_contents($file->content);
$file->description = strlen($test);
function hasPicture($fieldname)
{
global $db;
$query = 'select *, AES_DECRYPT(picture, \'' . Config::filePictureKey() . '\') as picture1 from ' . Config::dbSurveyData() . '_pictures where primkey=\'' . $this->getPrimkey() . '\' and variablename = \'' . $fieldname . '\'';
$result = $db->selectQuery($query);
if ($result != null) {
$row = $db->getRow($result);
if ($row['picture'] != null) {
return true;
}
}
return false;
}
function showFieldDBS()
{
$returnStr = $this->showNurseHeader(Language::messageSMSTitle());
$returnStr .= '<div id="wrap">';
$returnStr .= $this->showNavBar();
$returnStr .= '<div class="container"><p>';
//begin content
$returnStr .= '<ol class="breadcrumb">';
$returnStr .= '<li>' . setSessionParamsHref(array('page' => 'nurse.search'), Language::labelSearch()) . '</li>';
$returnStr .= '<li class="active">' . Language::labelNurseDBSTToLab() . '</li>';
$returnStr .= '</ol>';
global $db;
$query = 'select * from ' . Config::dbSurveyData() . '_lab where fielddbsstatus = 1';
$result = $db->selectQuery($query);
if ($result != null) {
$returnStr .= '<table>';
while ($row = $db->getRow($result)) {
$lab = new Lab($row['primkey']);
$returnStr .= '<tr><td>' . $lab->getBarCode() . '</td><td>' . $lab->getFieldDBSCollectedDate() . '</td></tr>';
}
$returnStr .= '</table>';
}
//end content
$returnStr .= '</p></div> </div>';
//container and wrap
$returnStr .= $this->showBottomBar();
$returnStr .= $this->showFooter(false);
return $returnStr;
}
function showSendReceiveUploadData()
{
$displayNurse = new DisplayNurse();
$communication = new Communication();
if ($this->user->getLastData() != '' && $this->user->getLastData() != '0000-00-00 00:00:00') {
$tables = array('data', 'datarecords', 'states', 'times', 'remarks', 'contacts', 'observations');
} else {
$tables = array('data', 'datarecords', 'times', 'remarks', 'contacts', 'observations');
}
$data = $communication->exportTables($tables, $this->user->getLastData(), 'primkey not like "999%"');
//no test data
// $data = $communication->exportTables(array('data'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data
// $data = $communication->exportTables(array('remarks'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data
//update lab!
$respondents = new Respondents();
$respondents = $respondents->getRespondentsByUrid($_SESSION['URID']);
foreach ($respondents as $respondent) {
$data = 'UPDATE ' . Config::dbSurveyData() . '_lab set status = ' . $respondent->getStatus() . ' where primkey = \'' . prepareDatabaseString($respondent->getPrimkey()) . '\'' . ";\n";
}
if ($communication->sendToServerAsFile($data, $this->user->getUrid())) {
//success sending data to server
//update lastdate!
$this->user->setLastData(date('Y-m-d H:i:s'));
$this->user->saveChanges();
$message = $displayNurse->displaySuccess(Language::labelDataUploaded());
} else {
$message = $displayNurse->displayError(Language::labelDataNotUploaded());
}
return $this->mainPage($message);
}
function jumpRes()
{
global $db;
$suid = getFromSessionParams('jumpsuid');
$prim = getFromSessionParams('jumpprimkey');
$jumpto = loadvar("jumpto");
//echo $suid . '----' . $prim . '----' . $jumpto;
$query = "delete from " . Config::dbSurveyData() . "_states where suid=" . $suid . " and primkey='" . $prim . "' and stateid > " . $jumpto;
$db->executeQuery($query);
$returnStr = "<html><head></head><body>";
$returnStr .= "<script type='text/javascript'>\n window.opener.location.reload();\n window.close();\n</script>";
$returnStr .= '</body></html';
//container and wrap
echo $returnStr;
}
function saveRecord()
{
if (Config::useDataRecords() == false) {
return;
}
global $db, $survey;
$key = $survey->getDataEncryptionKey();
$data = "?";
if ($key != "") {
$data = "aes_encrypt(?, '" . $key . "')";
}
$datanames = $this->getDataNames();
$names = '';
if (is_array($datanames)) {
sort($datanames);
$names = implode("~", $datanames);
}
//echo implode("~", $datanames) . '----';
if ($this->newrecord == true) {
$query = "insert into " . Config::dbSurveyData() . "_datarecords (suid, primkey, datanames, data) values (?,?,?,{$data})";
$bp = new BindParam();
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_STRING, $this->primkey);
$bp->add(MYSQL_BINDING_STRING, gzcompress($names, 9));
$data = gzcompress(serialize($this->data), 9);
$bp->add(MYSQL_BINDING_STRING, $data);
$db->executeBoundQuery($query, $bp->get());
//echo 'new<br/>';
} else {
$query = "update " . Config::dbSurveyData() . "_datarecords set datanames=?, data={$data} where suid=? and primkey=?";
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, gzcompress(implode("~", $datanames), 9));
$data = gzcompress(serialize($this->data), 9);
$bp->add(MYSQL_BINDING_STRING, $data);
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_STRING, $this->primkey);
$db->executeBoundQuery($query, $bp->get());
//echo 'update<br/>';
}
}
} */
function getScreenNumber($seid, $seidrgid, $rgid, $loopstring)
{
//echo '<hr>INDEX:' .$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring . "<br/>";
if (isset($this->entries[$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring])) {
$entry = $this->entries[$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring];
//echo '<br/>found: ' . $entry["number"];
return $entry["number"];
}
return 0;
// something went wrong
}
function getCounter()
{
return $this->counter;
}
function getNumberOfScreens()
{
return sizeof(array_keys($this->entries));
// $this->maxscreens;
}
function delete()
{
global $db;
$del = "delete from " . Config::dbSurvey() . "_progressbars where suid=" . $this->suid . " and mainseid=" . $this->seid;
$db->executeQuery($del);
}
function load()
{
}
function save()
{
$this->delete();
global $db;
for ($j = 0; $j < sizeof($this->storeentries); $j++) {
$entry = $this->storeentries[$j];
$i = "replace into " . Config::dbSurvey() . "_progressbars (suid, mainseid, seid, seidrgid, rgid, number, loopstring) values(" . $this->suid . "," . $this->seid . "," . $entry["seid"] . "," . $entry["seidrgid"] . "," . $entry["rgid"] . "," . $entry["number"] . ",'" . $entry["loopstring"] . "')";
//echo $i ."<br/>";
$db->executeQuery($i);
$number++;
}
}
/* section based progress */
function getSectionProgress($suid, $mainseid, $seid, $rgid, $loopstring, $looprgid)
{
global $engine;
//$suid = $engine->getSuid();
//$seid = $engine->getSeid();
//$rgid = $engine->getRgid();
//$loopstring = $engine->getLoopstring();
if ($loopstring == "") {
$loopstring = 1;
}
//echo $loopstring;
//echo $rgid . '----';
global $db;
$query = "select number, looptimes, outerlooprgids from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid=' . $rgid;
$res = $db->selectQuery($query);
if ($res) {
if ($db->getNumberOfRows($res) > 0) {
$row = $db->getRow($res);
if ($row["looptimes"] == 1 && ($looprgid == 0 || $looprgid == "")) {
return $row["number"];
} else {
//echo 'ohno';
// get loop rgid
//$looprgid = $engine->getLoopRgid();
// get number of first action in loop
$query = "select number from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid > ' . $looprgid . ' limit 0,1';
$res = $db->selectQuery($query);
if ($res) {
if ($db->getNumberOfRows($res) > 0) {
$row2 = $db->getRow($res);
$startloop = $row2["number"];
// get number right after the loop
$query = "select number from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid > ' . $rgid . ' and outerlooprgids != "' . $row["outerlooprgids"] . '" limit 0,1';
$res = $db->selectQuery($query);
if ($res) {
if ($db->getNumberOfRows($res) > 0) {
$row1 = $db->getRow($res);
//echo 'end at: ' . $row1["number"];
$numberofquestions = $row1["number"] - $startloop;
// number of question screens
//echo $difference/($row1["number"] - $startloop);
//$factor = $difference/($row["looptimes"]*$difference); // moving from one question to another the increment must be this
//$loopmax = $engine->loopmax;
//$loopmin = $engine->loopmin;
//$loopcounters = $engine->loopcounter;
// get loop data
global $db;
$query = "select loopmin, loopmax, loopcounter from " . Config::dbSurveyData() . "_loopdata where suid=" . $suid . " and primkey='" . $engine->getPrimaryKey() . "' and mainseid=" . $mainseid . " and seid=" . $seid . " and looprgid=" . $looprgid;
$res = $db->selectQuery($query);
function getArrayData($survey, $fieldname)
{
global $db;
$array = array();
$query = 'select distinct variablename from ' . Config::dbSurveyData() . '_data where suid = ' . $survey . ' and variablename like "' . $fieldname . '[%" and length(primkey) > ' . Config::getMinimumPrimaryKeyLength() . ' and length(primkey) < ' . Config::getMaximumPrimaryKeyLength();
$result = $db->selectQuery($query);
if ($db->getNumberOfRows($result) > 0) {
while ($row = $db->getRow($result)) {
$array[] = $row["variablename"];
}
}
return $array;
}
function getRespondentsByBarcode($user, $searchterm)
{
global $db;
$respondents = array();
$query = 'select primkey from ' . Config::dbSurveyData() . '_lab where
aes_decrypt(barcode, \'' . Config::filePictureKey() . '\') = \'' . prepareDatabaseString($searchterm) . '\' or
aes_decrypt(labbarcode, \'' . Config::filePictureKey() . '\') = \'' . prepareDatabaseString($searchterm) . '\'';
//echo $query;
$result = $db->selectQuery($query);
while ($row = $db->getRow($result)) {
if ($row['primkey'] != '') {
$respondents[] = new Respondent($row['primkey']);
}
}
if (sizeof($respondents) == 0) {
//nothing found yet
global $survey;
$query = 'select primkey from ' . Config::dbSurveyData() . '_data where variablename="bs021" and cast(aes_decrypt(answer, \'' . $survey->getDataEncryptionKey() . '\') as char) = \'' . prepareDatabaseString($searchterm) . '\'';
$result = $db->selectQuery($query);
if ($result != null && $db->getNumberOfRows($result) > 0) {
$row = $db->getRow($result);
$respondents[] = new Respondent($row['primkey']);
}
}
return $respondents;
}
function getVersion()
{
return $this->version;
}
function setVersion($l)
function addLogs($variable, $answer, $di)
{
if (Config::logSurveyActions() == false) {
return;
}
$localdb = null;
if (Config::useTransactions() == true) {
global $transdb;
$localdb = $transdb;
} else {
global $db;
$localdb = $db;
}
$ans = $answer;
if ($ans == "") {
$ans = null;
}
$prim = $this->getPrimaryKey();
$var = $variable;
$dirty = $di;
$action = $this->currentaction;
$suid = $this->getSuid();
$version = getSurveyVersion();
$language = getSurveyLanguage();
$mode = getSurveyMode();
if (Config::prepareDataQueries() == false) {
global $survey;
$key = $survey->getDataEncryptionKey();
$answer = '"' . prepareDatabaseString($ans) . '"';
if ($key != "") {
$answer = "aes_encrypt('" . prepareDatabaseString($ans) . "', '" . $key . "')";
}
$localdb->executeQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')');
//echo 'INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')<br/>';
} else {
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $suid);
$bp->add(MYSQL_BINDING_STRING, $prim);
$bp->add(MYSQL_BINDING_STRING, $var);
$bp->add(MYSQL_BINDING_STRING, $ans);
$bp->add(MYSQL_BINDING_INTEGER, $dirty);
$bp->add(MYSQL_BINDING_INTEGER, $action);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
$answer = "?";
global $survey;
$key = $survey->getDataEncryptionKey();
if ($key != "") {
$answer = "aes_encrypt(?, '" . $key . "')";
}
$localdb->executeBoundQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (?,?,?,' . $answer . ',?,?,?,?,?)', $bp->get());
}
}
function getDataFromSurvey($d, $variablename, $default = '')
{
// using data records
if (Config::useDataRecords()) {
$var = $d->getData($variablename);
if (isset($var)) {
return $var->getAnswer();
} else {
return $default;
}
}
// fall back on _data table
global $db;
$surv = new Survey($d->getSuid());
$decrypt = "answer as answer_dec";
if ($surv->getDataEncryptionKey() != "") {
$decrypt = "aes_decrypt(answer, '" . $surv->getDataEncryptionKey() . "') as answer_dec";
}
$query = "select " . $decrypt . " from " . Config::dbSurveyData() . "_data where suid=" . $d->getSuid() . " and primkey='" . $d->getPrimaryKey() . "' and variablename='" . $variablename . "'";
$res = $db->selectQuery($query);
if ($res) {
if ($db->getNumberOfRows($res) > 0) {
$row = $db->getRow($res);
return $row["answer_dec"];
}
}
// not found or something went wrong
return $default;
}