<?php
require_once "include/auth.class.php";
require_once "include/validation.class.php";
require_once "include/database.inc.php";
require_once "include/sqlbuilder.class.php";
$auth = new Auth(true);
$user = Auth::getUser();
$_RULES = array("user_firstname" => Validation::$f->notEmpty_String, "user_lastname" => Validation::$f->notEmpty_String, "user_email" => Validation::$f->Email, "user_schoolname" => Validation::$f->notEmpty_String);
$v = new Validation($_POST, array("user_firstname", "user_lastname", "user_email", "user_schoolname", "user_password", "user_repassword"), $_RULES);
if ($v->fieldsExists()) {
$setrepassword = Validation::Query($_POST, array("user_password", "user_repassword"));
$repassword = $setrepassword ? $_POST["user_password"] == $_POST["user_repassword"] : false;
$email_available = Auth::user_exists($_POST["user_email"]) == 0 || $_POST["user_email"] == $user->user_email;
if ($v->testAll() && $email_available) {
$set = $v->export($_MYSQLI, array("user_firstname", "user_lastname", "user_email", "user_schoolname", "user_password"));
if (false) {
$set["user_photo_path"] = "";
}
if ($repassword) {
$set["user_password"] = Security::CryptPassword($_POST["user_password"]);
}
$statement = new SQLBuilder($_MYSQLI);
$q = $statement->update('user')->set($set)->where("user_id", "=", Auth::getUserId())->build();
$r = $_MYSQLI->query($q);
}
}
$user = Auth::getUser();
/*
$other_query_photo = 'SELECT user_photo_path
<?php
require_once "../include/database.inc.php";
require_once "../include/auth.class.php";
require_once "../include/ajax.class.php";
require_once "../include/validation.class.php";
$auth = new Auth(true);
$ajax = new Ajax();
if ($auth->isLogged()) {
if (Validation::Query($_POST, array("questionnaire_id", "questions_order"))) {
$questionnaire_id = $_POST["questionnaire_id"];
$raw_orders = $_POST["questions_order"];
$orders = explode("|", $raw_orders);
$set = array();
$break = false;
foreach ($orders as $val) {
$set[(int) $val] = 1;
if (!is_numeric($val)) {
$break = true;
}
}
if (!$break && is_numeric($questionnaire_id)) {
$questionnaire_result = $_MYSQLI->query('SELECT questionnaire_id, questionnaire_user_id FROM questionnaire WHERE questionnaire_id=' . $questionnaire_id . ' AND questionnaire_user_id=' . $auth->getUserId());
if ($questionnaire_result->num_rows != 0) {
$questions_result = $_MYSQLI->query('SELECT question_id FROM question WHERE question_questionnaire_id=' . $questionnaire_id);
$questions_list = array();
if ($questions_result->num_rows == count($orders)) {
$break = false;
while ($question = $questions_result->fetch_object()) {
if (!isset($set[(int) $question->question_id])) {
$break = true;
if ($correct[$k]) {
$one_correct = true;
}
}
}
if (count($insertions) > 0 && $one_correct) {
$_MYSQLI->query('DELETE FROM choice WHERE choice_question_id = ' . $_GET["id"]);
$_MYSQLI->query('INSERT INTO choice (choice_id, choice_question_id, choice_content, choice_status) VALUES ' . implode(", ", $insertions));
}
// echo $q;
$new = $new ? 1 : 0;
header("Location: frame_form_answer.php?new=" . $new . "&refresh=true&id=" . $_GET["id"]);
exit;
}
} else {
if (!$own && Validation::Query($_POST, array("post")) && $data["question"]->questionnaire_end_date > time()) {
foreach ($choice_ids as $cid) {
$data["choices"][$cid]->checked = 0;
}
$delquery = ' DELETE FROM answer
WHERE answer_student_user_id = ' . Auth::getUserId() . ' AND answer_choice_id IN (' . implode(', ', $choice_ids) . ')';
$_MYSQLI->query($delquery);
if (isset($_POST["choices"])) {
$insertion = array();
foreach ($_POST["choices"] as $cid) {
$insertion[] = '(NULL, ' . Auth::getUserId() . ', ' . $cid . ')';
$data["choices"][$cid]->checked = 1;
}
$addquery = 'INSERT INTO answer (answer_id, answer_student_user_id, answer_choice_id) VALUES ' . join(', ', $insertion);
$_MYSQLI->query($addquery);
}
<?php
require_once "include/database.inc.php";
require_once "include/auth.class.php";
require_once "include/validation.class.php";
$auth = new Auth();
$user = Auth::getUser();
$error = true;
$data = array();
if (Validation::Query($_GET, array("id")) && is_numeric($_GET["id"])) {
$questionnaire_result = $_MYSQLI->query('SELECT * FROM questionnaire INNER JOIN user ON user_id = questionnaire_user_id WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["id"]) . '" LIMIT 1');
if ($questionnaire_result->num_rows == 1) {
$error = false;
$questionnaire = $questionnaire_result->fetch_object();
$data["questionnaire"] = $questionnaire;
$own = $questionnaire->questionnaire_user_id == Auth::getUserId();
$data["questionnaire"]->own = $own;
if (!$own && !($questionnaire->questionnaire_start_date < time() && time() < $questionnaire->questionnaire_end_date)) {
$error = true;
}
}
}
if ($error) {
header("Location: 404.php");
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
require_once "include/auth.class.php";
require_once "include/validation.class.php";
$auth = new Auth();
if ($auth->isLogged()) {
header("Location: index.php");
exit;
}
$error = false;
if (Validation::Query($_POST, array("email", "password"))) {
if ($auth->login($_POST['email'], $_POST['password'])) {
header("Location: index.php");
exit;
} else {
$error = true;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>QCManager</title>
<link rel="stylesheet" type="text/css" href="css/auth.css">
</head>
<body>
<div class="login">
<div class="login-top"><span>QCManager</span></div>
<?php
require_once "../include/rules.inc.php";
require_once "../include/database.inc.php";
require_once "../include/auth.class.php";
require_once "../include/ajax.class.php";
require_once "../include/validation.class.php";
$auth = new Auth();
$ajax = new Ajax();
$correspondance = array("same" => 0, "middle" => 1, "zero" => 2, "all" => 3);
if ($auth->isLogged()) {
if (Validation::Query($_GET, array("questionnaire_id", "rule"))) {
$questionnaire_result = $_MYSQLI->query('SELECT * FROM questionnaire WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . '" LIMIT 1');
if ($questionnaire_result->num_rows == 1) {
$questionnaire = $questionnaire_result->fetch_object();
$ajax->data["questionnaire"] = $questionnaire;
$ajax->data["questionnaire"]->own = $questionnaire->questionnaire_user_id == Auth::getUserId();
if ($ajax->data["questionnaire"]->own && isset($correspondance[$_GET["rule"]])) {
$_MYSQLI->query('UPDATE questionnaire SET questionnaire_notation_rule = ' . $correspondance[$_GET["rule"]] . ' WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . '"');
}
$query = ' SELECT *
FROM question q
JOIN choice c ON c.choice_question_id = q.question_id
LEFT JOIN answer a ON a.answer_choice_id = c.choice_id
WHERE question_questionnaire_id = ' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . '
GROUP BY choice_id
ORDER BY question_num ASC, question_id ASC
';
$ajax->data["questions"] = array();
$questions_result = $_MYSQLI->query($query);
while ($question = $questions_result->fetch_object()) {
