function elementFunction() { // get global user object global $user; // set connection var global $db; // get current time $time_now = date("Y-m-d H:i:s"); // protect from unauthorized access if (!isset($user) or !isset($_POST['formElementFunction'])) { logout(); die; } // set empty survey $session_question = new Question(); $session_question = get_session_question(); $question_id = $_POST['formElementFunction']; if ($question_id != "") { $session_question->get_from_db($question_id); } // get the function $function = ''; foreach ($_POST as $key => $post) { if ($post != $question_id) { $function = substr($key, 11); } } if ($function == 'Edit') { // set security $survey = new Survey(); $survey->get_from_db($session_question->getSurvey()); if ($survey->getCreatedBy() != $user->getId()) { if ($user->getAdmin() != 1) { logout(); die; } } $_SESSION['session_question'] = serialize($session_question); // get session answers $session_answers = array(); $session_answer_ids = get_survey_answers($session_question->getId()); foreach ($session_answer_ids as $answer_id) { $answer = new Answer(); $answer->get_from_db($answer_id); array_push($session_answers, $answer); } $_SESSION['session_answers'] = serialize($session_answers); $cookie_key = 'msg'; $cookie_value = 'Вие избрахте елемент от анкетата за редакция!<br />Отидете на раздел "Добавете или редактирайте елемент към анкетата"'; setcookie($cookie_key, $cookie_value, time() + 1); header('Location: ' . ROOT_DIR . '?page=survey_edit'); die; } elseif ($function == 'PrintExcel') { // get global user object global $user; // get survey id $question_id = $_POST['formElementFunction']; // check if the user is the surveyCreator or systemAdmin $question = new Question(); $question->get_from_db($question_id); $survey = new Survey(); $survey->get_from_db($question->getSurvey()); if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) { $error = new Error("Question PrintExcel: unathorised access"); $error->writeLog(); logout(); die; } header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReport.php?question_id=' . $question_id); die; } elseif ($function == 'PrintExcelGroups') { // get global user object global $user; // get survey id $question_id = $_POST['formElementFunction']; // check if the user is the surveyCreator or systemAdmin $question = new Question(); $question->get_from_db($question_id); $survey = new Survey(); $survey->get_from_db($question->getSurvey()); if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) { $error = new Error("Question PrintExcelGroups: unathorised access"); $error->writeLog(); logout(); die; } header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportGroups.php?question_id=' . $question_id); die; } elseif ($function == 'PrintExcelGender') { // get global user object global $user; // get survey id $question_id = $_POST['formElementFunction']; // check if the user is the surveyCreator or systemAdmin $question = new Question(); $question->get_from_db($question_id); $survey = new Survey(); $survey->get_from_db($question->getSurvey()); if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) { $error = new Error("Question PrintExcelGender: unathorised access"); $error->writeLog(); logout(); die; } header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportGender.php?question_id=' . $question_id); die; } elseif ($function == 'PrintExcelAge') { // get global user object global $user; // get survey id $question_id = $_POST['formElementFunction']; // check if the user is the surveyCreator or systemAdmin $question = new Question(); $question->get_from_db($question_id); $survey = new Survey(); $survey->get_from_db($question->getSurvey()); if (intval($survey->getCreatedBy()) != $user->getId() && $user->getAdmin() != 1) { $error = new Error("Question PrintExcelAge: unathorised access"); $error->writeLog(); logout(); die; } header('Location: ' . ROOT_DIR . 'functions/print/excel/questionReportAge.php?question_id=' . $question_id); die; } die; }
<?php // get session vars global $user; $session_survey = new Survey(); $session_question = new Question(); $session_groups = array(); $session_answers = array(); $session_survey = get_session_survey(); $session_question = get_session_question(); $session_groups = get_session_groups(); $session_answers = get_session_answers(); ?> <script type="text/javascript" src="<?php echo ROOT_DIR; ?> js/jquery-1.9.1.js"></script> <script type="text/javascript" src="<?php echo ROOT_DIR; ?> js/jquery-ui.js"></script> <div class="ac"> <div class="accordion"> <h3 class="no-float ac" id="survey_data"><?php echo SURVEY_QUESTION_PAGE_SURVEY_DATA; ?> </h3> <div class="ac"> <form id="formSurvey" class="form ac" action="<?php echo ROOT_DIR . '?page=survey_edit&funct=survey_funct';