/**
* Usergroups::delete()
* Function responsible to delete a user group.
* @return void
*/
public function add()
{
$clang = Yii::app()->lang;
$aData = array();
$aViewUrls = array();
if (Permission::model()->hasGlobalPermission('CMS', 'create')) {
//echo $test = getBasePath();
$controllername = $this->getId();
$newPath = "application.views.";
$newPath = YiiBase::getPathOfAlias($newPath);
//$filepath = $newPath . '\admin\cms\template\default.tpl.php';
$filepath = $newPath . '/admin/cms/template/default.tpl.php';
$page_content = $_POST['template_editor'];
// $page_content = html_entity_decode($page_content, ENT_QUOTES, "UTF-8");
// $page_content = fixCKeditorText($page_content);
if (file_put_contents($filepath, $page_content, LOCK_EX)) {
Yii::app()->setFlashMessage($clang->gT("Template updated successfully"));
$this->getController()->redirect(array("admin/template/index"));
}
} else {
Yii::app()->setFlashMessage($clang->gT("You do not have sufficient rights to access page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
$this->_renderWrappedTemplate('cms/cms', $aViewUrls, $aData);
}
public function project()
{
$clang = Yii::app()->lang;
if (!Permission::model()->hasGlobalPermission('Reports', 'read')) {
Yii::app()->setFlashMessage($clang->gT("You do not have sufficient rights to access this page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('styleurl') . "jquery.dataTables.css");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . 'jquery.dataTables.min.js');
$sql = "SELECT Company_name,AVG(IFNULL(cpc,0)) AS avg_ven_cpc, AVG(IFNULL(proj_CPC,0)) AS avg_comp_cpc\n , SUM(IFNULL(cpc*total_completed,0)) AS tot_cost, SUM(IFNULL(proj_CPC,0)) AS tot_revenues\n , SUM(IFNULL(proj_CPC*total_completed,0)-IFNULL(cpc*total_completed,0)) AS tot_profit, SUM(IFNULL(total_completed,0)) AS tot_completed\n FROM {{view_project_master_vendors}} WHERE ifnull(total_completed,0)>0 GROUP BY company_name";
$sqlsum = ' SELECT SUM(IFNULL(tot_completed,0)) AS total_completed, SUM(IFNULL(tot_profit,0)) AS total_profit
, SUM(IFNULL(tot_cost,0)) AS total_cost,SUM(IFNULL(tot_revenues,0)) AS total_revenues
FROM ( ' . $sql . ' ) AS totals';
$dr_det1 = Yii::app()->db->createCommand($sql . ' ORDER BY tot_profit ')->query()->readAll();
$dr_sum1 = Yii::app()->db->createCommand($sqlsum)->query()->readAll();
$sql = "SELECT sales_name,AVG(IFNULL(cpc,0)) AS avg_ven_cpc, AVG(IFNULL(proj_CPC,0)) AS avg_comp_cpc\n , SUM(IFNULL(cpc*total_completed,0)) AS tot_cost, SUM(IFNULL(proj_CPC,0)) AS tot_revenues\n , SUM(IFNULL(proj_CPC*total_completed,0)-IFNULL(cpc*total_completed,0)) AS tot_profit, SUM(IFNULL(total_completed,0)) AS tot_completed\n FROM {{view_project_master_vendors}} WHERE ifnull(total_completed,0)>0 GROUP BY sales_name";
$dr_det2 = Yii::app()->db->createCommand($sql . ' ORDER BY tot_profit ')->query()->readAll();
$aData['row'] = 0;
$aData['dr_det1'] = $dr_det1;
$aData['dr_det2'] = $dr_det2;
$aData['dr_sum1'] = $dr_sum1;
$aData['imageurl'] = Yii::app()->getConfig("adminimageurl");
if (strpos($_SERVER['REQUEST_URI'], '/print')) {
$aData['display']['header'] = false;
$aData['display']['menu_bars'] = false;
$aData['display']['footer'] = false;
} else {
$aData['display']['header'] = true;
$aData['display']['menu_bars'] = true;
$aData['display']['footer'] = true;
}
$this->_renderWrappedTemplate('reports', 'view_project', $aData);
}
/**
* Displays a particular model.
* @param integer $id the ID of the model to be displayed
*/
public function actionSetpermission()
{
// echo "set permission";
$user = $_REQUEST['user'];
$permission_id = $_REQUEST['per_id'];
$bool = $_REQUEST['bool'];
echo $bool;
if ($bool == "true") {
$bool = 1;
} else {
$bool = 0;
}
// $ = $_REQUEST['per_id'];
$model = Permission::model()->count("username = '******' and permission_id = '{$permission_id}' ");
if ($model == 0) {
$p = new Permission();
$p->username = $user;
$p->permission_id = $permission_id;
$p->status = 1;
if ($p->save()) {
echo "added";
} else {
print_r($p->getErrors());
}
} else {
$p = Permission::model()->find("username = '******' and permission_id = '{$permission_id}' ");
$p->status = $bool;
if ($p->save()) {
echo "updated";
} else {
print_r($p->getErrors());
}
}
}
public static function isAllowPermission($uid, $module, $controller, $action)
{
if ($action == 'login' || $action == 'logout') {
return true;
}
if (!isset(Yii::app()->user->isAdmin)) {
header('location:' . Yii::app()->homeUrl . 'adminuser/default/login');
exit;
}
if ($action == 'error') {
return true;
}
$criteria = new CDbCriteria();
$criteria->select = '*';
$criteria->join = 'INNER JOIN user_permissions ON `t`.id=user_permissions.permission_id';
$criteria->condition = 'userid = :uid';
$criteria->params = array(":uid" => $uid);
$permissions = Permission::model()->findAll($criteria);
foreach ($permissions as $item) {
if ($item->module == $module && $item->controller == $controller && $item->action == $action) {
return true;
}
}
return false;
}
public function run()
{
App()->loadHelper('surveytranslator');
$aData['issuperadmin'] = false;
if (Permission::model()->hasGlobalPermission('superadmin', 'read')) {
$aData['issuperadmin'] = true;
}
// We get the last survey visited by user
$setting_entry = 'last_survey_' . Yii::app()->user->getId();
$lastsurvey = getGlobalSetting($setting_entry);
$survey = Survey::model()->findByPk($lastsurvey);
if ($lastsurvey != null && $survey) {
$aData['showLastSurvey'] = true;
$iSurveyID = $lastsurvey;
$surveyinfo = $survey->surveyinfo;
$aData['surveyTitle'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")";
$aData['surveyUrl'] = $this->getController()->createUrl("admin/survey/sa/view/surveyid/{$iSurveyID}");
} else {
$aData['showLastSurvey'] = false;
}
// We get the last question visited by user
$setting_entry = 'last_question_' . Yii::app()->user->getId();
$lastquestion = getGlobalSetting($setting_entry);
// the question group of this question
$setting_entry = 'last_question_gid_' . Yii::app()->user->getId();
$lastquestiongroup = getGlobalSetting($setting_entry);
// the sid of this question : last_question_sid_1
$setting_entry = 'last_question_sid_' . Yii::app()->user->getId();
$lastquestionsid = getGlobalSetting($setting_entry);
$survey = Survey::model()->findByPk($lastquestionsid);
if ($lastquestion && $lastquestiongroup && $survey) {
$baselang = $survey->language;
$aData['showLastQuestion'] = true;
$qid = $lastquestion;
$gid = $lastquestiongroup;
$sid = $lastquestionsid;
$qrrow = Question::model()->findByAttributes(array('qid' => $qid, 'gid' => $gid, 'sid' => $sid, 'language' => $baselang));
if ($qrrow) {
$aData['last_question_name'] = $qrrow['title'];
if ($qrrow['question']) {
$aData['last_question_name'] .= ' : ' . $qrrow['question'];
}
$aData['last_question_link'] = $this->getController()->createUrl("admin/questions/sa/view/surveyid/{$sid}/gid/{$gid}/qid/{$qid}");
} else {
$aData['showLastQuestion'] = false;
}
} else {
$aData['showLastQuestion'] = false;
}
$aData['countSurveyList'] = count(getSurveyList(true));
// We get the home page display setting
$aData['bShowSurveyList'] = getGlobalSetting('show_survey_list') == "show";
$aData['bShowSurveyListSearch'] = getGlobalSetting('show_survey_list_search') == "show";
$aData['bShowLogo'] = getGlobalSetting('show_logo') == "show";
$aData['oSurveySearch'] = new Survey('search');
$aData['bShowLastSurveyAndQuestion'] = getGlobalSetting('show_last_survey_and_question') == "show";
$aData['iBoxesByRow'] = (int) getGlobalSetting('boxes_by_row');
$aData['sBoxesOffSet'] = (string) getGlobalSetting('boxes_offset');
$this->_renderWrappedTemplate('super', 'welcome', $aData);
}
function index()
{
$aData = array();
$needpermission = false;
$aData['surveyid'] = $surveyid = sanitize_int(Yii::app()->request->getQuery('sid'));
$aData['sa'] = $sa = sanitize_paranoid_string(Yii::app()->request->getQuery('sa', 'index'));
if (($aData['sa'] == 'survey_logic_file' || $aData['sa'] == 'navigation_test') && $surveyid) {
$needpermission = true;
}
if ($needpermission && !Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'read')) {
App()->getClientScript()->registerPackage('jquery-superfish');
$message['title'] = gT('Access denied!');
$message['message'] = gT('You do not have sufficient rights to access this page.');
$message['class'] = "error";
$this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
} else {
App()->getClientScript()->registerPackage('jqueryui');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "survey_runtime.js");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "expressions/em_javascript.js");
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl') . "adminstyle.css");
$this->_printOnLoad(Yii::app()->request->getQuery('sa', 'index'));
$aData['pagetitle'] = "ExpressionManager: {$aData['sa']}";
//header("Content-type: text/html; charset=UTF-8"); // needed for correct UTF-8 encoding
if (isset($_GET['sa'])) {
$this->test($aData['sa'], $aData);
} else {
$this->_renderWrappedTemplate('expressions', 'test_view', $aData);
}
}
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($operation == 'administrator') {
return Permission::model()->hasGlobalPermission('superadmin', 'read');
} else {
return parent::checkAccess($operation, $params, $allowCaching);
}
}
public function __construct()
{
if (Yii::app()->getConfig('DBVersion') < 172) {
// Permission::model exist only after 172 DB version
return $this->xssfilter = $this->xssfilter && Yii::app()->getConfig('filterxsshtml');
}
$this->xssfilter = $this->xssfilter && Yii::app()->getConfig('filterxsshtml') && !Permission::model()->hasGlobalPermission('superadmin', 'read');
}
function __construct($controller, $id)
{
parent::__construct($controller, $id);
if (!Permission::model()->hasGlobalPermission('superadmin', 'read')) {
die;
}
if (!in_array(Yii::app()->db->getDriverName(), array('mysql', 'mysqli')) || Yii::app()->getConfig('demoMode') == true) {
die($this->getController()->lang->gT('This feature is only available for MySQL databases.'));
}
}
function mod()
{
$clang = Yii::app()->lang;
if (!Permission::model()->hasGlobalPermission('panellist', 'update')) {
Yii::app()->setFlashMessage($clang->gT("You do not have sufficient rights to access this page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
$clang = Yii::app()->lang;
$action = isset($_POST['action']) ? $_POST['action'] : '';
$aData = array();
$aViewUrls = array();
if (Permission::model()->hasGlobalPermission('', 'create')) {
if ($action == "editcategory") {
// Project details
$category_id = (int) Yii::app()->request->getPost("category_id");
$category_title = flattenText($_POST['category_title'], false, true, 'UTF-8', true);
$sort_order = flattenText($_POST['sort_order'], false, true, 'UTF-8', true);
$IsActive = flattenText(Yii::app()->request->getPost("IsActive"));
$is_Active = 0;
if ($IsActive) {
$is_Active = 1;
}
if ($category_title == '') {
$aViewUrls['message'] = array('title' => $clang->gT("Failed to add Category"), 'message' => $clang->gT("Category Name is invalid."), 'class' => 'warningheader');
} else {
$oUser = category::model()->findByPk($category_id);
$oUser->title = $category_title;
$oUser->sorder = $sort_order;
$oUser->IsActive = $is_Active;
$oUser->modified_date = Date('y-m-d h:i:s');
$NewCategory = $oUser->save();
if ($NewCategory) {
Yii::app()->setFlashMessage($clang->gT("Profile Category Updated successfully"));
$this->getController()->redirect(array("admin/profilecategory/index"));
}
}
} else {
if (isset($_POST['category_id'])) {
$aData['row'] = 0;
$aData['usr_arr'] = array();
// Project detail
$category_id = (int) Yii::app()->request->getPost("category_id");
$action = Yii::app()->request->getPost("action");
$sresult = profilecategoryview($category_id);
// only use in view_editcompany
$aData['category_id'] = $category_id;
$aData['mur'] = $sresult;
$this->_renderWrappedTemplate('panellist/category', 'editcategory_view', $aData);
return;
}
}
}
Yii::app()->setFlashMessage(Yii::app()->lang->gT("You do not have sufficient rights to access this page."), 'error');
$this->getController()->redirect(array("admin/profilecategory/index"));
}
public function selectPermissionsByName($name = 'Guest')
{
// пошук прав за назвою ролі
$permissionList = Role::model()->findByAttributes(array('name' => $name));
$data = array(array());
if ($permissionList->permission_list[0] != ',' && $permissionList->permission_list != '') {
$data = Permission::model()->selectByRole($permissionList->permission_list);
} elseif ($permissionList->permission_list != '') {
$list = substr($permissionList->permission_list, 1);
$data = Permission::model()->selectByRole($list);
}
/*error_log(print_r($data,1));*/
return $data;
}
/**
* Show users table
*/
public function index()
{
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('styleurl') . "jquery.dataTables.css");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . 'jquery.dataTables.min.js');
if (Permission::model()->hasGlobalPermission('superadmin', 'read')) {
$msglist = Supoort_center::model()->findAll(array('condition' => 'parent = 0'));
} else {
$msglist = Supoort_center::model()->findAll(array('condition' => 'email_to = ' . Yii::app()->session['loginID'] . ' AND parent = 0'));
}
//$msglist = getCountry();
$aData['row'] = 0;
$aData['msglist'] = $msglist;
$aData['imageurl'] = Yii::app()->getConfig("adminimageurl");
$this->_renderWrappedTemplate('message', 'view_addmessage', $aData);
}
public function index()
{
$clang = Yii::app()->lang;
if (!Permission::model()->hasGlobalPermission('superadmin', 'read') && !Permission::model()->hasGlobalPermission('panellist', 'read')) {
Yii::app()->setFlashMessage($clang->gT("You do not have sufficient rights to access page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('styleurl') . "jquery.dataTables.css");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . 'jquery.dataTables.min.js');
//$userlist = profilecategoryview();
$aData['row'] = 0;
//$aData['usr_arr'] = $userlist;
$aData['imageurl'] = Yii::app()->getConfig("adminimageurl");
$this->_renderWrappedTemplate('panellist', 'view_panellist', $aData);
}
public function newUserSession()
{
// Do nothing if this user is not Authwebserver type
$identity = $this->getEvent()->get('identity');
if ($identity->plugin != 'Authwebserver') {
return;
}
/* @var $identity LSUserIdentity */
$sUser = $this->getUserName();
$oUser = $this->api->getUserByName($sUser);
if (is_null($oUser)) {
if (function_exists("hook_get_auth_webserver_profile")) {
// If defined this function returns an array
// describing the default profile for this user
$aUserProfile = hook_get_auth_webserver_profile($sUser);
} elseif ($this->api->getConfigKey('auth_webserver_autocreate_user')) {
$aUserProfile = $this->api->getConfigKey('auth_webserver_autocreate_profile');
}
} else {
if (Permission::model()->hasGlobalPermission('auth_webserver', 'read', $oUser->uid)) {
$this->setAuthSuccess($oUser);
return;
} else {
$this->setAuthFailure(self::ERROR_AUTH_METHOD_INVALID, gT('Web server authentication method is not allowed for this user'));
return;
}
}
if ($this->api->getConfigKey('auth_webserver_autocreate_user') && isset($aUserProfile) && is_null($oUser)) {
// user doesn't exist but auto-create user is set
$oUser = new User();
$oUser->users_name = $sUser;
$oUser->password = hash('sha256', createPassword());
$oUser->full_name = $aUserProfile['full_name'];
$oUser->parent_id = 1;
$oUser->lang = $aUserProfile['lang'];
$oUser->email = $aUserProfile['email'];
if ($oUser->save()) {
$permission = new Permission();
$permission->setPermissions($oUser->uid, 0, 'global', $this->api->getConfigKey('auth_webserver_autocreate_permissions'), true);
Permission::model()->setGlobalPermission($oUser->uid, 'auth_webserver');
// read again user from newly created entry
$this->setAuthSuccess($oUser);
return;
} else {
$this->setAuthFailure(self::ERROR_USERNAME_INVALID);
}
}
}
public function run()
{
App()->loadHelper('surveytranslator');
App()->getClientScript()->registerPackage('panel-clickable');
App()->getClientScript()->registerPackage('panels-animation');
$aData['issuperadmin'] = false;
if (Permission::model()->hasGlobalPermission('superadmin', 'read')) {
$aData['issuperadmin'] = true;
}
// We get the last survey visited by user
$setting_entry = 'last_survey_' . Yii::app()->user->getId();
$lastsurvey = getGlobalSetting($setting_entry);
if ($lastsurvey != null) {
$aData['showLastSurvey'] = true;
$iSurveyID = $lastsurvey;
$surveyinfo = Survey::model()->findByPk($iSurveyID)->surveyinfo;
$aData['surveyTitle'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")";
$aData['surveyUrl'] = $this->getController()->createUrl("admin/survey/sa/view/surveyid/{$iSurveyID}");
} else {
$aData['showLastSurvey'] = false;
}
// We get the last question visited by user
$setting_entry = 'last_question_' . Yii::app()->user->getId();
$lastquestion = getGlobalSetting($setting_entry);
// the question group of this question
$setting_entry = 'last_question_gid_' . Yii::app()->user->getId();
$lastquestiongroup = getGlobalSetting($setting_entry);
// the sid of this question : last_question_sid_1
$setting_entry = 'last_question_sid_' . Yii::app()->user->getId();
$lastquestionsid = getGlobalSetting($setting_entry);
if ($lastquestion != null && $lastquestiongroup != null) {
$baselang = Survey::model()->findByPk($iSurveyID)->language;
$aData['showLastQuestion'] = true;
$qid = $lastquestion;
$gid = $lastquestiongroup;
$sid = $lastquestionsid;
$qrrow = Question::model()->findByAttributes(array('qid' => $qid, 'gid' => $gid, 'sid' => $sid, 'language' => $baselang));
$aData['last_question_name'] = $qrrow['title'];
if ($qrrow['question']) {
$aData['last_question_name'] .= ' : ' . $qrrow['question'];
}
$aData['last_question_link'] = $this->getController()->createUrl("admin/questions/sa/view/surveyid/{$iSurveyID}/gid/{$gid}/qid/{$qid}");
} else {
$aData['showLastQuestion'] = false;
}
$aData['countSurveyList'] = count(getSurveyList(true));
$this->_renderWrappedTemplate('super', 'welcome', $aData);
}
function initKcfinder()
{
Yii::app()->session['KCFINDER'] = array();
$sAllowedExtensions = implode(' ', array_map('trim', explode(',', Yii::app()->getConfig('allowedresourcesuploads'))));
$_SESSION['KCFINDER']['types'] = array('files' => $sAllowedExtensions, 'flash' => $sAllowedExtensions, 'images' => $sAllowedExtensions);
if (Yii::app()->getRequest()->enableCsrfValidation && !empty(Yii::app()->getRequest()->csrfCookie)) {
$_SESSION['KCFINDER']['cookieDomain'] = Yii::app()->getRequest()->csrfCookie->domain;
}
if (Yii::app()->getConfig('demoMode') === false && isset(Yii::app()->session['loginID']) && isset(Yii::app()->session['FileManagerContext'])) {
// disable upload at survey creation time
// because we don't know the sid yet
if (preg_match('/^(create|edit):(question|group|answer)/', Yii::app()->session['FileManagerContext']) != 0 || preg_match('/^edit:survey/', Yii::app()->session['FileManagerContext']) != 0 || preg_match('/^edit:assessments/', Yii::app()->session['FileManagerContext']) != 0 || preg_match('/^edit:emailsettings/', Yii::app()->session['FileManagerContext']) != 0) {
$contextarray = explode(':', Yii::app()->session['FileManagerContext'], 3);
$surveyid = $contextarray[2];
if (Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'update')) {
$_SESSION['KCFINDER']['disabled'] = false;
if (preg_match('/^edit:emailsettings/', $_SESSION['FileManagerContext']) != 0) {
// Uploadurl use public url or getBaseUrl(true);
// Maybe need external function
$sBaseAbsoluteUrl = Yii::app()->getBaseUrl(true);
$sPublicUrl = Yii::app()->getConfig("publicurl");
$aPublicUrl = parse_url($sPublicUrl);
if (isset($aPublicUrl['scheme']) && isset($aPublicUrl['host'])) {
$sBaseAbsoluteUrl = $sPublicUrl;
}
$sBaseUrl = Yii::app()->getBaseUrl();
$sUploadUrl = Yii::app()->getConfig('uploadurl');
if (substr($sUploadUrl, 0, strlen($sBaseUrl)) == $sBaseUrl) {
$sUploadUrl = substr($sUploadUrl, strlen($sBaseUrl));
}
$_SESSION['KCFINDER']['uploadURL'] = trim($sBaseAbsoluteUrl, "/") . $sUploadUrl . "/surveys/{$surveyid}/";
} else {
$_SESSION['KCFINDER']['uploadURL'] = Yii::app()->getConfig('uploadurl') . "/surveys/{$surveyid}/";
}
$_SESSION['KCFINDER']['uploadDir'] = realpath(Yii::app()->getConfig('uploaddir')) . DIRECTORY_SEPARATOR . 'surveys' . DIRECTORY_SEPARATOR . $surveyid . DIRECTORY_SEPARATOR;
}
} elseif (preg_match('/^edit:label/', Yii::app()->session['FileManagerContext']) != 0) {
$contextarray = explode(':', Yii::app()->session['FileManagerContext'], 3);
$labelid = $contextarray[2];
// check if the user has label management right and labelid defined
if (Permission::model()->hasGlobalPermission('labelsets', 'update') && isset($labelid) && $labelid != '') {
$_SESSION['KCFINDER']['disabled'] = false;
$_SESSION['KCFINDER']['uploadURL'] = Yii::app()->getConfig('uploadurl') . "/labels/{$labelid}/";
$_SESSION['KCFINDER']['uploadDir'] = realpath(Yii::app()->getConfig('uploaddir')) . DIRECTORY_SEPARATOR . 'labels' . DIRECTORY_SEPARATOR . $labelid . DIRECTORY_SEPARATOR;
}
}
}
}
public function allowOnlyOwner()
{
$c = Yii::app()->controller->id;
$a = Yii::app()->controller->action->id;
$id = Yii::app()->user->id;
$p_id = MasterPermission::model()->find("controllerID = '{$c}' and actionID='{$a}' ")->id;
$cek = Permission::model()->count("username = '******' and permission_id = '{$p_id}' ");
if ($cek > 0) {
return true;
} else {
return false;
}
// $action = $this->action->Id;
// if(Yii::app()->user->level()==1)
// return true;
}
public function view($iSurveyId)
{
$iSurveyId = sanitize_int($iSurveyId);
$aViewUrls = array();
if (!Permission::model()->hasSurveyPermission($iSurveyId, 'responses', 'read')) {
die;
}
App()->getClientScript()->registerPackage('jquery-tablesorter');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . 'saved.js');
$aThisSurvey = getSurveyInfo($iSurveyId);
$aData['sSurveyName'] = $aThisSurvey['name'];
$aData['iSurveyId'] = $iSurveyId;
$aViewUrls[] = 'savedbar_view';
$aViewUrls['savedlist_view'][] = $this->_showSavedList($iSurveyId);
$this->_renderWrappedTemplate('saved', $aViewUrls, $aData);
}
/**
* Function responsible to process any change in email template.
* @return
*/
function update($iSurveyId)
{
$uploadUrl = Yii::app()->getBaseUrl(true) . substr(Yii::app()->getConfig('uploadurl'), strlen(Yii::app()->getConfig('publicurl')) - 1);
// We need the real path since we check that the resolved file name starts with this path.
$uploadDir = realpath(Yii::app()->getConfig('uploaddir'));
$sSaveMethod = Yii::app()->request->getPost('save', '');
$clang = $this->getController()->lang;
if (Permission::model()->hasSurveyPermission($iSurveyId, 'surveylocale', 'update') && $sSaveMethod != '') {
$languagelist = Survey::model()->findByPk($iSurveyId)->additionalLanguages;
$languagelist[] = Survey::model()->findByPk($iSurveyId)->language;
array_filter($languagelist);
foreach ($languagelist as $langname) {
if (isset($_POST['attachments'][$langname])) {
foreach ($_POST['attachments'][$langname] as $template => &$attachments) {
foreach ($attachments as $index => &$attachment) {
// We again take the real path.
$localName = realpath(urldecode(str_replace($uploadUrl, $uploadDir, $attachment['url'])));
if ($localName !== false) {
if (strpos($localName, $uploadDir) === 0) {
$attachment['url'] = $localName;
$attachment['size'] = filesize($localName);
} else {
unset($attachments[$index]);
}
} else {
unset($attachments[$index]);
}
}
unset($attachments);
}
} else {
$_POST['attachments'][$langname] = array();
}
$attributes = array('surveyls_email_invite_subj' => $_POST['email_invitation_subj_' . $langname], 'surveyls_email_invite' => $_POST['email_invitation_' . $langname], 'surveyls_email_remind_subj' => $_POST['email_reminder_subj_' . $langname], 'surveyls_email_remind' => $_POST['email_reminder_' . $langname], 'surveyls_email_register_subj' => $_POST['email_registration_subj_' . $langname], 'surveyls_email_register' => $_POST['email_registration_' . $langname], 'surveyls_email_confirm_subj' => $_POST['email_confirmation_subj_' . $langname], 'surveyls_email_confirm' => $_POST['email_confirmation_' . $langname], 'email_admin_notification_subj' => $_POST['email_admin_notification_subj_' . $langname], 'email_admin_notification' => $_POST['email_admin_notification_' . $langname], 'email_admin_responses_subj' => $_POST['email_admin_detailed_notification_subj_' . $langname], 'email_admin_responses' => $_POST['email_admin_detailed_notification_' . $langname], 'attachments' => serialize($_POST['attachments'][$langname]));
$usquery = SurveyLanguageSetting::model()->updateAll($attributes, 'surveyls_survey_id = :ssid AND surveyls_language = :sl', array(':ssid' => $iSurveyId, ':sl' => $langname));
}
Yii::app()->session['flashmessage'] = $clang->gT("Email templates successfully saved.");
$this->getController()->redirect(array('admin/emailtemplates/sa/index/surveyid/' . $iSurveyId));
}
if ($sSaveMethod == 'saveclose') {
$this->getController()->redirect(array('admin/survey/sa/view/surveyid/' . $iSurveyId));
} else {
self::index($iSurveyId);
}
}
function index()
{
$aData = array();
$needpermission = false;
$aData['surveyid'] = $surveyid = $iSurveyID = sanitize_int(Yii::app()->request->getQuery('sid'));
$aData['sa'] = $sa = sanitize_paranoid_string(Yii::app()->request->getQuery('sa', 'index'));
$aData['fullpagebar']['closebutton']['url'] = 'admin/';
if (($aData['sa'] == 'survey_logic_file' || $aData['sa'] == 'navigation_test') && $surveyid) {
$needpermission = true;
}
if ($needpermission && !Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'read')) {
$message['title'] = gT('Access denied!');
$message['message'] = gT('You do not have sufficient rights to access this page.');
$message['class'] = "error";
$this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
} else {
App()->getClientScript()->registerPackage('jqueryui');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "survey_runtime.js");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "expressions/em_javascript.js");
//App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl') . "adminstyle.css" );
$this->_printOnLoad(Yii::app()->request->getQuery('sa', 'index'));
$aData['pagetitle'] = "ExpressionManager: {$aData['sa']}";
if (isset($iSurveyID)) {
$aData['sidebar']['state'] = "close";
$surveyinfo = Survey::model()->findByPk($iSurveyID)->surveyinfo;
$aData['title_bar']['title'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")";
if (Yii::app()->request->getQuery('gid') != '') {
$aData['questiongroupbar']['closebutton']['url'] = 'admin/questiongroups/sa/view/surveyid/' . $aData['surveyid'] . '/gid/' . sanitize_int(Yii::app()->request->getQuery('gid'));
} else {
$aData['surveybar']['closebutton']['url'] = 'admin/survey/sa/view/surveyid/' . $aData['surveyid'];
}
if (Yii::app()->request->getQuery('qid') != '') {
$aData['questiongroupbar']['closebutton']['url'] = 'admin/questions/sa/view/surveyid/' . $aData['surveyid'] . '/gid/' . sanitize_int(Yii::app()->request->getQuery('gid')) . '/qid/' . sanitize_int(Yii::app()->request->getQuery('qid'));
$aData['gid'] = sanitize_int(Yii::app()->request->getQuery('gid'));
}
}
//header("Content-type: text/html; charset=UTF-8"); // needed for correct UTF-8 encoding
if (isset($_GET['sa'])) {
$this->test($aData['sa'], $aData);
} else {
$this->_renderWrappedTemplate('expressions', 'test_view', $aData);
}
}
}
public function selectPremissionByRole($id)
{
$result = Role::model()->findByPk($id);
$premissionsByRole = explode(',', $result->permission_list);
$result = Permission::model()->findAll();
$data = array();
foreach ($result as $key => $value) {
$data[$key]['id'] = $id;
$data[$key]['premId'] = $value->id;
if (in_array($value->id, $premissionsByRole)) {
$data[$key]['check'] = true;
} else {
$data[$key]['check'] = false;
}
$data[$key]['alias'] = $value->alias;
}
//error_log(print_r($data,true));
return $data;
}
public function view($iSurveyId)
{
$iSurveyId = sanitize_int($iSurveyId);
$aViewUrls = array();
if (!Permission::model()->hasSurveyPermission($iSurveyId, 'responses', 'read')) {
die;
}
$aThisSurvey = getSurveyInfo($iSurveyId);
$aData['sSurveyName'] = $aThisSurvey['name'];
$aData['iSurveyId'] = $iSurveyId;
$aViewUrls[] = 'savedbar_view';
$aViewUrls['savedlist_view'][] = $this->_showSavedList($iSurveyId);
// saved.js bugs if table is empty
if (count($aViewUrls['savedlist_view'][0]['aResults'])) {
App()->getClientScript()->registerPackage('jquery-tablesorter');
$this->registerScriptFile('ADMIN_SCRIPT_PATH', 'saved.js');
}
$this->_renderWrappedTemplate('saved', $aViewUrls, $aData);
}
function delcron()
{
$clang = Yii::app()->lang;
if (!Permission::model()->hasGlobalPermission('superadmin', 'read') && !Permission::model()->hasGlobalPermission('cron', 'delete')) {
Yii::app()->setFlashMessage($clang->gT("You do not have sufficient rights to access page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
$action = $_GET["action"];
if ($action == "Clear_Previous_Data") {
$sql = "DELETE FROM {{CronLog}} WHERE Start_DateTime < DATE_SUB(NOW(), INTERVAL 2 DAY) ";
$result = Yii::app()->db->createCommand($sql)->execute();
if ($result > 0) {
Yii::app()->setFlashMessage($clang->gT("Cron delete successfully"));
} else {
Yii::app()->setFlashMessage($clang->gT("Cron does not deleted"), 'error');
}
$this->getController()->redirect(array("admin/cron/view_cron"));
return true;
}
}
/**
* dataentry::view()
* view a dataentry
* @param mixed $surveyid
* @param mixed $lang
* @return
*/
public function view($surveyid, $lang = NULL)
{
$surveyid = sanitize_int($surveyid);
$lang = isset($_GET['lang']) ? $_GET['lang'] : NULL;
if (isset($lang)) {
$lang = sanitize_languagecode($lang);
}
$aViewUrls = array();
if (Permission::model()->hasSurveyPermission($surveyid, 'responses', 'create')) {
$sDataEntryLanguage = Survey::model()->findByPk($surveyid)->language;
$surveyinfo = getSurveyInfo($surveyid);
$slangs = Survey::model()->findByPk($surveyid)->additionalLanguages;
$baselang = Survey::model()->findByPk($surveyid)->language;
array_unshift($slangs, $baselang);
if (is_null($lang) || !in_array($lang, $slangs)) {
$sDataEntryLanguage = $baselang;
} else {
$sDataEntryLanguage = $lang;
}
$langlistbox = languageDropdown($surveyid, $sDataEntryLanguage);
$thissurvey = getSurveyInfo($surveyid);
//This is the default, presenting a blank dataentry form
LimeExpressionManager::StartSurvey($surveyid, 'survey', NULL, false, LEM_PRETTY_PRINT_ALL_SYNTAX);
$moveResult = LimeExpressionManager::NavigateForwards();
$aData['thissurvey'] = $thissurvey;
$aData['langlistbox'] = $langlistbox;
$aData['surveyid'] = $surveyid;
$aData['sDataEntryLanguage'] = $sDataEntryLanguage;
$aData['site_url'] = Yii::app()->homeUrl;
LimeExpressionManager::StartProcessingPage(true, Yii::app()->baseUrl);
// means that all variables are on the same page
$aViewUrls[] = 'caption_view';
Yii::app()->loadHelper('database');
// SURVEY NAME AND DESCRIPTION TO GO HERE
$degquery = "SELECT * FROM {{groups}} WHERE sid={$surveyid} AND language='{$sDataEntryLanguage}' ORDER BY {{groups}}.group_order";
$degresult = dbExecuteAssoc($degquery);
// GROUP NAME
$aDataentryoutput = '';
foreach ($degresult->readAll() as $degrow) {
LimeExpressionManager::StartProcessingGroup($degrow['gid'], $thissurvey['anonymized'] != "N", $surveyid);
$deqquery = "SELECT * FROM {{questions}} WHERE sid={$surveyid} AND parent_qid=0 AND gid={$degrow['gid']} AND language='{$sDataEntryLanguage}'";
$deqrows = (array) dbExecuteAssoc($deqquery)->readAll();
$aDataentryoutput .= "\t<tr class='info'>\n" . "<!-- Inside controller dataentry.php -->" . "<td colspan='3'><h4>" . flattenText($degrow['group_name'], true) . "</h4></td>\n" . "\t</tr>\n";
$gid = $degrow['gid'];
$aDataentryoutput .= "\t<tr class='data-entry-separator'><td colspan='3'></td></tr>\n";
// Perform a case insensitive natural sort on group name then question title of a multidimensional array
usort($deqrows, 'groupOrderThenQuestionOrder');
$bgc = 'odd';
foreach ($deqrows as $deqrow) {
$cdata = array();
$qidattributes = getQuestionAttributeValues($deqrow['qid']);
$cdata['qidattributes'] = $qidattributes;
$hidden = isset($qidattributes['hidden']) ? $qidattributes['hidden'] : 0;
// TODO - can questions be hidden? Are JavaScript variables names used? Consistently with everywhere else?
// LimeExpressionManager::ProcessRelevance($qidattributes['relevance'],$deqrow['qid'],NULL,$deqrow['type'],$hidden);
// TMSW Condition->Relevance: Show relevance equation instead of conditions here - better yet, have data entry use survey-at-a-time but with different view
$qinfo = LimeExpressionManager::GetQuestionStatus($deqrow['qid']);
$relevance = trim($qinfo['info']['relevance']);
$explanation = trim($qinfo['relEqn']);
$validation = trim($qinfo['prettyValidTip']);
$qidattributes = getQuestionAttributeValues($deqrow['qid']);
$array_filter_help = flattenText($this->_array_filter_help($qidattributes, $sDataEntryLanguage, $surveyid));
if ($relevance != '' && $relevance != '1' || $validation != '' || $array_filter_help != '') {
$showme = '<div class="alert alert-warning col-sm-8 col-sm-offset-2" role="alert">';
if ($bgc == "even") {
$bgc = "odd";
} else {
$bgc = "even";
}
//Do no alternate on explanation row
if ($relevance != '' && $relevance != '1') {
$showme = '<strong>' . gT("Only answer this if the following conditions are met:", 'html', $sDataEntryLanguage) . "</strong><br />{$explanation}\n";
}
if ($validation != '') {
$showme .= '<strong>' . gT("The answer(s) must meet these validation criteria:", 'html', $sDataEntryLanguage) . "</strong><br />{$validation}\n";
}
if ($showme != '' && $array_filter_help != '') {
$showme .= '<br/>';
}
if ($array_filter_help != '') {
$showme .= '<strong>' . gT("The answer(s) must meet these array_filter criteria:", 'html', $sDataEntryLanguage) . "</strong><br />{$array_filter_help}\n";
}
$showme .= '</div>';
$cdata['explanation'] = "<tr class ='data-entry-explanation'><td class='data-entry-small-text' colspan='3' align='left'>{$showme}</td></tr>\n";
}
//END OF GETTING CONDITIONS
//Alternate bgcolor for different groups
if (!isset($bgc)) {
$bgc = "even";
}
if ($bgc == "even") {
$bgc = "odd";
} else {
$bgc = "even";
}
$qid = $deqrow['qid'];
$fieldname = "{$surveyid}" . "X" . "{$gid}" . "X" . "{$qid}";
$cdata['bgc'] = $bgc;
$cdata['fieldname'] = $fieldname;
$cdata['deqrow'] = $deqrow;
$cdata['thissurvey'] = $thissurvey;
if ($deqrow['help']) {
$hh = addcslashes($deqrow['help'], ".. '\"");
//Escape ASCII decimal 0-32 plus single and double quotes to make JavaScript happy.
$hh = htmlspecialchars($hh, ENT_QUOTES);
//Change & " ' < > to HTML entities to make HTML happy.
$cdata['hh'] = $hh;
}
switch ($deqrow['type']) {
case "Q":
//MULTIPLE SHORT TEXT
//MULTIPLE SHORT TEXT
case "K":
$deaquery = "SELECT question,title FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$dearesult = dbExecuteAssoc($deaquery);
$cdata['dearesult'] = $dearesult->readAll();
break;
case "1":
// multi scale^
$deaquery = "SELECT * FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$baselang}' ORDER BY question_order";
$dearesult = dbExecuteAssoc($deaquery);
$cdata['dearesult'] = $dearesult->readAll();
$oquery = "SELECT other FROM {{questions}} WHERE qid={$deqrow['qid']} AND language='{$baselang}'";
$oresult = dbExecuteAssoc($oquery) or safeDie("Couldn't get other for list question<br />" . $oquery);
foreach ($oresult->readAll() as $orow) {
$cdata['fother'] = $orow['other'];
}
break;
case "L":
//LIST drop-down/radio-button list
//LIST drop-down/radio-button list
case "!":
// $qidattributes=getQuestionAttributeValues($deqrow['qid']);
if ($deqrow['type'] == '!' && trim($qidattributes['category_separator']) != '') {
$optCategorySeparator = $qidattributes['category_separator'];
} else {
unset($optCategorySeparator);
}
$defexists = "";
$deaquery = "SELECT * FROM {{answers}} WHERE qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY sortorder, answer";
$dearesult = dbExecuteAssoc($deaquery);
//$aDataentryoutput .= "\t<select name='$fieldname' class='form-control' >\n";
$aDatatemp = '';
if (!isset($optCategorySeparator)) {
foreach ($dearesult->readAll() as $dearow) {
$aDatatemp .= "<option value='{$dearow['code']}'";
//if ($dearow['default_value'] == "Y") {$aDatatemp .= " selected='selected'"; $defexists = "Y";}
$aDatatemp .= ">{$dearow['answer']}</option>\n";
}
} else {
$defaultopts = array();
$optgroups = array();
foreach ($dearesult->readAll() as $dearow) {
list($categorytext, $answertext) = explode($optCategorySeparator, $dearow['answer']);
if ($categorytext == '') {
$defaultopts[] = array('code' => $dearow['code'], 'answer' => $answertext, 'default_value' => $dearow['assessment_value']);
} else {
$optgroups[$categorytext][] = array('code' => $dearow['code'], 'answer' => $answertext, 'default_value' => $dearow['assessment_value']);
}
}
foreach ($optgroups as $categoryname => $optionlistarray) {
$aDatatemp .= "<optgroup class=\"dropdowncategory\" label=\"" . $categoryname . "\">\n";
foreach ($optionlistarray as $optionarray) {
$aDatatemp .= "\t<option value='{$optionarray['code']}'";
//if ($optionarray['default_value'] == "Y") {$aDatatemp .= " selected='selected'"; $defexists = "Y";}
$aDatatemp .= ">{$optionarray['answer']}</option>\n";
}
$aDatatemp .= "</optgroup>\n";
}
foreach ($defaultopts as $optionarray) {
$aDatatemp .= "\t<option value='{$optionarray['code']}'";
//if ($optionarray['default_value'] == "Y") {$aDatatemp .= " selected='selected'"; $defexists = "Y";}
$aDatatemp .= ">{$optionarray['answer']}</option>\n";
}
}
$oquery = "SELECT other FROM {{questions}} WHERE qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}'";
$oresult = dbExecuteAssoc($oquery) or safeDie("Couldn't get other for list question<br />");
foreach ($oresult->readAll() as $orow) {
$fother = $orow['other'];
}
$cdata['fother'] = $fother;
$cdata['defexists'] = $defexists;
$cdata['datatemp'] = $aDatatemp;
break;
case "O":
//LIST WITH COMMENT drop-down/radio-button list + textarea
$defexists = "";
$deaquery = "SELECT * FROM {{answers}} WHERE qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY sortorder, answer";
$dearesult = dbExecuteAssoc($deaquery);
//$aDataentryoutput .= "\t<select name='$fieldname'>\n";
$aDatatemp = '';
foreach ($dearesult->readAll() as $dearow) {
$aDatatemp .= "<option value='{$dearow['code']}'";
//if ($dearow['default_value'] == "Y") {$aDatatemp .= " selected='selected'"; $defexists = "Y";}
$aDatatemp .= ">{$dearow['answer']}</option>\n";
}
$cdata['datatemp'] = $aDatatemp;
$cdata['defexists'] = $defexists;
break;
case "R":
//RANKING TYPE QUESTION
$thisqid = $deqrow['qid'];
$ansquery = "SELECT * FROM {{answers}} WHERE qid={$thisqid} AND language='{$sDataEntryLanguage}' ORDER BY sortorder, answer";
$ansresult = dbExecuteAssoc($ansquery);
$ansresult = $ansresult->readAll();
$anscount = count($ansresult);
$cdata['thisqid'] = $thisqid;
$cdata['anscount'] = $anscount;
$ansresult = Yii::app()->db->createCommand($ansquery)->query()->readAll();
//Checked
$anscount = count($ansresult);
$answers = array();
foreach ($ansresult as $ansrow) {
$answers[] = $ansrow;
}
$cdata['answers'] = $answers;
App()->getClientScript()->registerPackage('jquery-actual');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . 'ranking.js');
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('publicstyleurl') . 'ranking.css');
unset($answers);
break;
case "M":
//Multiple choice checkbox (Quite tricky really!)
if (trim($qidattributes['display_columns']) != '') {
$dcols = $qidattributes['display_columns'];
} else {
$dcols = 0;
}
$meaquery = "SELECT title, question FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery);
$cdata['mearesult'] = $mearesult->readAll();
$meacount = count($cdata['mearesult']);
$cdata['meacount'] = $meacount;
$cdata['dcols'] = $dcols;
break;
case "I":
//Language Switch
$slangs = Survey::model()->findByPk($surveyid)->additionalLanguages;
$sbaselang = Survey::model()->findByPk($surveyid)->language;
array_unshift($slangs, $sbaselang);
$cdata['slangs'] = $slangs;
break;
case "P":
//Multiple choice with comments checkbox + text
//$aDataentryoutput .= "<table border='0'>\n";
$meaquery = "SELECT * FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order, question";
$mearesult = dbExecuteAssoc($meaquery);
$cdata['mearesult'] = $mearesult->readAll();
break;
case "|":
// $qidattributes = getQuestionAttributeValues($deqrow['qid']);
$cdata['qidattributes'] = $qidattributes;
$maxfiles = $qidattributes['max_num_of_files'];
$cdata['maxfiles'] = $maxfiles;
break;
case "A":
//ARRAY (5 POINT CHOICE) radio-buttons
$meaquery = "SELECT title, question FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery);
$cdata['mearesult'] = $mearesult->readAll();
break;
case "B":
//ARRAY (10 POINT CHOICE) radio-buttons
$meaquery = "SELECT title, question FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery);
$cdata['mearesult'] = $mearesult->readAll();
case "C":
//ARRAY (YES/UNCERTAIN/NO) radio-buttons
$meaquery = "SELECT title, question FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery);
$cdata['mearesult'] = $mearesult->readAll();
break;
case "E":
//ARRAY (YES/UNCERTAIN/NO) radio-buttons
$meaquery = "SELECT title, question FROM {{questions}} WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery) or safeDie("Couldn't get answers, Type \"E\"<br />{$meaquery}<br />");
$cdata['mearesult'] = $mearesult->readAll();
break;
case ":":
//ARRAY (Multi Flexi)
// $qidattributes=getQuestionAttributeValues($deqrow['qid']);
$minvalue = 1;
$maxvalue = 10;
if (trim($qidattributes['multiflexible_max']) != '' && trim($qidattributes['multiflexible_min']) == '') {
$maxvalue = $qidattributes['multiflexible_max'];
$minvalue = 1;
}
if (trim($qidattributes['multiflexible_min']) != '' && trim($qidattributes['multiflexible_max']) == '') {
$minvalue = $qidattributes['multiflexible_min'];
$maxvalue = $qidattributes['multiflexible_min'] + 10;
}
if (trim($qidattributes['multiflexible_min']) != '' && trim($qidattributes['multiflexible_max']) != '') {
if ($qidattributes['multiflexible_min'] < $qidattributes['multiflexible_max']) {
$minvalue = $qidattributes['multiflexible_min'];
$maxvalue = $qidattributes['multiflexible_max'];
}
}
if (trim($qidattributes['multiflexible_step']) != '') {
$stepvalue = $qidattributes['multiflexible_step'];
} else {
$stepvalue = 1;
}
if ($qidattributes['multiflexible_checkbox'] != 0) {
$minvalue = 0;
$maxvalue = 1;
$stepvalue = 1;
}
$cdata['minvalue'] = $minvalue;
$cdata['maxvalue'] = $maxvalue;
$cdata['stepvalue'] = $stepvalue;
$lquery = "SELECT question, title FROM {{questions}} WHERE parent_qid={$deqrow['qid']} and scale_id=1 and language='{$sDataEntryLanguage}' ORDER BY question_order";
$lresult = dbExecuteAssoc($lquery) or die("Couldn't get labels, Type \":\"<br />{$lquery}<br />");
$cdata['lresult'] = $lresult->readAll();
$meaquery = "SELECT question, title FROM {{questions}} WHERE parent_qid={$deqrow['qid']} and scale_id=0 and language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery) or die("Couldn't get answers, Type \":\"<br />{$meaquery}<br />");
$cdata['mearesult'] = $mearesult->readAll();
break;
case ";":
//ARRAY (Multi Flexi)
$lquery = "SELECT * FROM {{questions}} WHERE scale_id=1 and parent_qid={$deqrow['qid']} and language='{$sDataEntryLanguage}' ORDER BY question_order";
$lresult = dbExecuteAssoc($lquery) or die("Couldn't get labels, Type \":\"<br />{$lquery}<br />");
$cdata['lresult'] = $lresult->readAll();
$meaquery = "SELECT * FROM {{questions}} WHERE scale_id=0 and parent_qid={$deqrow['qid']} and language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery) or die("Couldn't get answers, Type \":\"<br />{$meaquery}<br />");
$cdata['mearesult'] = $mearesult->readAll();
break;
case "F":
//ARRAY (Flexible Labels)
//ARRAY (Flexible Labels)
case "H":
$meaquery = "SELECT * FROM {{questions}} WHERE parent_qid={$deqrow['qid']} and language='{$sDataEntryLanguage}' ORDER BY question_order";
$mearesult = dbExecuteAssoc($meaquery) or safeDie("Couldn't get answers, Type \"E\"<br />{$meaquery}<br />");
$cdata['mearesult'] = $mearesult->readAll();
$fquery = "SELECT * FROM {{answers}} WHERE qid={$deqrow['qid']} and language='{$sDataEntryLanguage}' ORDER BY sortorder, code";
$fresult = dbExecuteAssoc($fquery);
$cdata['fresult'] = $fresult->readAll();
break;
}
$cdata['sDataEntryLanguage'] = $sDataEntryLanguage;
$viewdata = $this->getController()->renderPartial("/admin/dataentry/content_view", $cdata, TRUE);
$viewdata_em = LimeExpressionManager::ProcessString($viewdata, $deqrow['qid'], NULL, false, 1, 1);
$aDataentryoutput .= $viewdata_em;
}
LimeExpressionManager::FinishProcessingGroup();
}
LimeExpressionManager::FinishProcessingPage();
$aDataentryoutput .= LimeExpressionManager::GetRelevanceAndTailoringJavaScript();
$aViewUrls['output'] = $aDataentryoutput;
$aData['thissurvey'] = $thissurvey;
$aData['surveyid'] = $surveyid;
$aData['sDataEntryLanguage'] = $sDataEntryLanguage;
if ($thissurvey['active'] == "Y" && $thissurvey['allowsave'] == "Y") {
$slangs = Survey::model()->findByPk($surveyid)->additionalLanguages;
$sbaselang = Survey::model()->findByPk($surveyid)->language;
array_unshift($slangs, $sbaselang);
$aData['slangs'] = $slangs;
$aData['baselang'] = $baselang;
}
$aViewUrls[] = 'active_html_view';
$aData['sidemenu']['state'] = false;
$aData['menu']['edition'] = true;
$aData['menu']['save'] = true;
$aData['menu']['close'] = true;
$this->_renderWrappedTemplate('dataentry', $aViewUrls, $aData);
}
}
/**
* Modify User POST
*/
function modcountry()
{
$clang = Yii::app()->lang;
$countries_id = (int) Yii::app()->request->getPost("country_id");
$countries_name = flattenText(Yii::app()->request->getPost("country_name"));
$continent_name = flattenText(Yii::app()->request->getPost("continent_name"));
$IsActive = flattenText(Yii::app()->request->getPost("IsActive"));
$c_name = flattenText(Yii::app()->request->getPost("c_name"));
$addsummary = '';
$aViewUrls = array();
$is_Active = 0;
if ($IsActive) {
$is_Active = 1;
}
$sresult = Country::model()->findAllByAttributes(array('country_id' => $countries_id));
$sresultcount = count($sresult);
if (Permission::model()->hasGlobalPermission('superadmin', 'read') || $sresultcount > 0 && Permission::model()->hasGlobalPermission('Regions', 'update')) {
if ($c_name == '') {
$aViewUrls['mboxwithredirect'][] = $this->_messageBoxWithRedirect($clang->gT("Editing country"), $clang->gT("Could not modify country."), "warningheader", $clang->gT("Country name not be empty."), $this->getController()->createUrl('admin/country/modifycountry'), $clang->gT("Back"), array('country_id' => $countries_id));
} elseif (Country::model()->findByAttributes(array('country_name' => $c_name, 'continent' => $continent_name, 'IsActive' => $is_Active))) {
$aViewUrls['message'] = array('title' => $clang->gT("Failed to add Contry"), 'message' => $clang->gT("The Country already exists."), 'class' => 'warningheader');
} else {
$oRecord = Country::model()->findByPk($countries_id);
$oRecord->country_name = $this->escape($c_name);
$oRecord->continent = $this->escape($continent_name);
$oRecord->IsActive = $this->escape($is_Active);
$uresult = $oRecord->save();
// store result of save in uresult
if ($uresult) {
// When saved successfully
Yii::app()->setFlashMessage($clang->gT("Country updated successfully"));
$this->getController()->redirect(array("admin/country/index"));
} else {
//Saving the user failed for some reason, message about email is not helpful here
// Username and/or email adress already exists.
$aViewUrls['mboxwithredirect'][] = $this->_messageBoxWithRedirect($clang->gT("Editing country"), $clang->gT("Could not modify country."), 'warningheader');
}
}
} else {
Yii::app()->setFlashMessage(Yii::app()->lang->gT("You do not have sufficient rights to access this page."), 'error');
$this->getController()->redirect(array("admin/index"));
}
$this->_renderWrappedTemplate('region/country', $aViewUrls);
}
<tr class="evenrow">
<td> </td>
<td><strong><?php
eT("Questions");
?>
</strong></td>
<td><strong><?php
eT("Answers");
?>
</strong></td>
<td> </td>
<td> </td>
<td style="padding: 3px;">
<?php
if (Permission::model()->hasSurveyPermission($iSurveyId, 'quotas', 'update')) {
?>
<?php
echo CHtml::form(array("admin/quotas/sa/new_answer/surveyid/{$iSurveyId}"), 'post');
?>
<input name="submit" type="submit" class="quota_new btn btn-default" value="<?php
eT("Add answer");
?>
" />
<input type="hidden" name="sid" value="<?php
echo $iSurveyId;
?>
" />
<input type="hidden" name="action" value="quotas" />
<input type="hidden" name="quota_id" value="<?php
echo $quotalisting['id'];
/**
* Forgot Password screen
*/
public function forgotpassword()
{
$this->_redirectIfLoggedIn();
if (!Yii::app()->request->getPost('action')) {
$this->_renderWrappedTemplate('authentication', 'forgotpassword');
} else {
$sUserName = Yii::app()->request->getPost('user');
$sEmailAddr = Yii::app()->request->getPost('email');
$aFields = User::model()->findAllByAttributes(array('users_name' => $sUserName, 'email' => $sEmailAddr));
// Preventing attacker from easily knowing whether the user and email address are valid or not (and slowing down brute force attacks)
usleep(rand(Yii::app()->getConfig("minforgottenpasswordemaildelay"), Yii::app()->getConfig("maxforgottenpasswordemaildelay")));
if (count($aFields) < 1 || $aFields[0]['uid'] != 1 && !Permission::model()->hasGlobalPermission('auth_db', 'read', $aFields[0]['uid'])) {
// Wrong or unknown username and/or email. For security reasons, we don't show a fail message
$aData['message'] = '<br>' . gT($this->sent_email_message) . '<br>';
} else {
$aData['message'] = '<br>' . $this->_sendPasswordEmail($sEmailAddr, $aFields) . '</br>';
}
$this->_renderWrappedTemplate('authentication', 'message', $aData);
}
}
function getUserGroupList($ugid = NULL, $outputformat = 'optionlist')
{
//$squery = "SELECT ugid, name FROM ".db_table_name('user_groups') ." WHERE owner_id = {Yii::app()->session['loginID']} ORDER BY name";
$sQuery = "SELECT distinct a.ugid, a.name, a.owner_id FROM {{user_groups}} AS a LEFT JOIN {{user_in_groups}} AS b ON a.ugid = b.ugid WHERE 1=1 ";
if (!Permission::model()->hasGlobalPermission('superadmin', 'read')) {
$sQuery .= "AND uid = " . Yii::app()->session['loginID'];
}
$sQuery .= " ORDER BY name";
$sresult = Yii::app()->db->createCommand($sQuery)->query();
//Checked
if (!$sresult) {
return "Database Error";
}
$selecter = "";
foreach ($sresult->readAll() as $row) {
$groupnames[] = $row;
}
//$groupnames = $sresult->GetRows();
$simplegidarray = array();
if (isset($groupnames)) {
foreach ($groupnames as $gn) {
$selecter .= "<option ";
if (Yii::app()->session['loginID'] == $gn['owner_id']) {
$selecter .= " style=\"font-weight: bold;\"";
}
//if (isset($_GET['ugid']) && $gn['ugid'] == $_GET['ugid']) {$selecter .= " selected='selected'"; $svexist = 1;}
if ($gn['ugid'] == $ugid) {
$selecter .= " selected='selected'";
$svexist = 1;
}
$link = Yii::app()->getController()->createUrl("/admin/usergroups/sa/view/ugid/" . $gn['ugid']);
$selecter .= " value='{$link}'>{$gn['name']}</option>\n";
$simplegidarray[] = $gn['ugid'];
}
}
if (!isset($svexist)) {
$selecter = "<option value='-1' selected='selected'>" . gT("Please choose...") . "</option>\n" . $selecter;
}
//else {$selecter = "<option value='-1'>".gT("None")."</option>\n".$selecter;}
if ($outputformat == 'simplegidarray') {
return $simplegidarray;
} else {
return $selecter;
}
}
<a style="" href="<?php
echo $this->createUrl("admin/survey/sa/listsurveys");
?>
">
<?php
eT("Surveys");
?>
</a>
</li>
<li class="dropdown dropdown-split-right">
<a style="padding-left: 5px;padding-right: 5px;" href="#" class="dropdown-toggle" data-toggle="dropdown">
<span style="margin-left: 0px;" class="caret"></span>
</a>
<ul class="dropdown-menu" role="menu">
<?php
if (Permission::model()->hasGlobalPermission('surveys', 'create')) {
?>
<!-- Create a new survey -->
<li>
<a href="<?php
echo $this->createUrl("admin/survey/sa/newsurvey");
?>
">
<?php
eT("Create a new survey");
?>
</a>
</li>
<!-- Import a survey -->
<li>
public function __construct()
{
$this->xssfilter = $this->xssfilter && Yii::app()->getConfig('filterxsshtml') && !Permission::model()->hasGlobalPermission('superadmin', 'read');
}
