function lang__insert_to_lang($item)
{
$pars = array(':content_type' => $item['content_type']);
$query = "SELECT max(lang_id) as lcount\n FROM " . table('lang') . "\n WHERE content_type= :content_type";
$line = orsee_query($query, $pars);
$maxid = $line['lcount'];
$reorganize = false;
$newmax = false;
$newmin = false;
// if there is no item under this content_type
if ($maxid == NULL) {
$newmax = true;
$reorganize = true;
$newmin = false;
} else {
$newid = $maxid + 1;
$pars = array(':newid' => $newid);
$query = "SELECT * FROM " . table('lang') . " WHERE lang_id= :newid";
$line = orsee_query($query, $pars);
if (isset($line['lang_id'])) {
$reorganize = true;
$newmax = true;
$newmin = true;
}
}
if ($newmax) {
$query = "SELECT max(lang_id) as maxid, min(lang_id) as minid FROM " . table('lang');
$line = orsee_query($query);
$newid = $line['maxid'] + 1;
$steps = $line['minid'];
if ($newmin) {
$steps = $steps * 10;
}
}
$done1 = orsee_db_save_array($item, "lang", $newid, "lang_id");
if ($reorganize) {
$done2 = lang__reorganize_lang_table($steps);
}
return $newid;
}
message(lang('session_time_changed'));
}
} else {
$time_changed = false;
}
if (!isset($_REQUEST['addit'])) {
if ($_REQUEST['registration_end_hours'] != $edit['registration_end_hours'] || $time_changed) {
$_REQUEST['reg_notice_sent'] = "n";
message(lang('reg_time_extended_but_notice_sent'));
}
if (($_REQUEST['session_reminder_hours'] != $edit['session_reminder_hours'] || $time_changed) && isset($edit['session_reminder_sent']) && $edit['session_reminder_sent'] == "y") {
message(lang('session_reminder_changed_but_notice_sent'));
}
}
$edit = $_REQUEST;
$done = orsee_db_save_array($edit, "sessions", $edit['session_id'], "session_id");
if ($done) {
log__admin("session_edit", "session:" . session__build_name($edit, $settings['admin_standard_language']) . "\nsession_id:" . $edit['session_id']);
message(lang('changes_saved'));
redirect('admin/session_edit.php?session_id=' . $edit['session_id']);
} else {
lang('database_error');
redirect('admin/session_edit.php?session_id=' . $edit['session_id']);
}
}
}
if ($proceed) {
// form
if (isset($_REQUEST['copy']) && $_REQUEST['copy']) {
$session_id = "";
}
$query = "SELECT max(budget_id)+1 as new_budget_id FROM " . table('budgets');
$line = orsee_query($query);
if (isset($line['new_budget_id'])) {
$budget_id = $line['new_budget_id'];
} else {
$budget_id = 1;
}
} else {
$new = false;
}
$budget = $_REQUEST;
$budget['budget_id'] = $budget_id;
if (!$budget['budget_limit']) {
$budget['budget_limit'] = NULL;
}
$done = orsee_db_save_array($budget, "budgets", $budget_id, "budget_id");
message(lang('changes_saved'));
log__admin("payments_budget_edit", "budget_id:" . $budget['budget_id']);
//redirect ("admin/payments_budget_edit.php?budget_id=".$budget_id);
} else {
$budget = $_REQUEST;
}
}
}
if ($proceed) {
// form
echo '<CENTER>';
show_message();
echo '
<FORM action="payments_budget_edit.php">';
if (isset($budget_id)) {
if ($value) {
$trights[] = $key;
}
}
$type['rights'] = implode(",", $trights);
} else {
$type['rights'] = "";
}
if ($continue) {
if (!$type_id) {
$pars = array(':type_name' => $type['type_name'], ':rights' => $type['rights']);
$query = "INSERT INTO " . table('admin_types') . " \n\t\t\t\t\tSET type_name= :type_name,\n\t\t\t\t\trights= :rights";
$done = or_query($query, $pars);
$type_id = pdo_insert_id();
} else {
$done = orsee_db_save_array($type, "admin_types", $type_id, "type_id");
}
if ($done) {
message(lang('changes_saved'));
redirect("admin/admin_type_edit.php?type_id=" . $type_id);
$proceed = false;
} else {
message(lang('database_error'));
}
}
}
}
if ($proceed) {
$rights = array();
if (isset($type['rights']) && $type['rights']) {
$trights = explode(",", $type['rights']);
if (!$id) {
$new = true;
} else {
$new = false;
}
if ($new && $new_id == "time") {
$sitem['content_name'] = time();
}
if ($new_id == "content_shortcut") {
$sitem['content_name'] = trim($_REQUEST['content_shortcut']);
}
if ($new) {
$id = lang__insert_to_lang($sitem);
$done = true;
} else {
$done = orsee_db_save_array($sitem, "lang", $id, "lang_id");
}
if (!$new && $new_id == "time") {
$sitem['content_name'] = trim($_REQUEST['content_shortcut']);
}
if ($done) {
log__admin($item . "_edit", "lang_id:" . $sitem['content_type'] . ',' . $sitem['content_name']);
message(lang('changes_saved'));
if ($new) {
redirect('admin/lang_item_main.php?&item=' . $item);
} else {
redirect('admin/lang_item_edit.php?id=' . $id . '&item=' . $item);
}
} else {
message(lang('database_error'));
redirect('admin/lang_item_edit.php?id=' . $id . '&item=' . $item);
}
$allow = check_allow('events_edit', 'calendar_main.php');
}
if ($proceed) {
if (isset($_REQUEST['edit']) && $_REQUEST['edit']) {
$_REQUEST['experimenter'] = id_array_to_db_string(multipicker_json_to_array($_REQUEST['experimenter']));
$_REQUEST['event_start'] = ortime__array_to_sesstime($_REQUEST, 'event_start_');
$_REQUEST['event_stop'] = ortime__array_to_sesstime($_REQUEST, 'event_stop_');
$edit = $_REQUEST;
$continue = true;
if ($edit['event_start'] >= $edit['event_stop']) {
message(lang('start_time_must_be_earlier_than_stop_time'));
$continue = false;
}
if ($continue) {
$done = orsee_db_save_array($edit, "events", $edit['event_id'], "event_id");
if ($done) {
log__admin("events_edit", "event_id:" . $event_id);
message(lang('changes_saved'));
redirect('admin/events_edit.php?event_id=' . $edit['event_id']);
} else {
lang('database_error');
redirect('admin/events_edit.php?event_id=' . $edit['event_id']);
}
}
}
}
if ($proceed) {
if ($event_id) {
$edit = orsee_db_load_array("events", $event_id, "event_id");
if (!isset($edit['event_id'])) {
} else {
$lang_id = "";
}
if ($lang_id) {
$allow = check_allow('lang_symbol_edit', 'lang_main.php');
} else {
$allow = check_allow('lang_symbol_add', 'lang_main.php');
}
}
if ($proceed) {
$languages = get_languages();
if (isset($_REQUEST['save']) && $_REQUEST['save']) {
$continue = true;
$_REQUEST['content_type'] = "lang";
if ($lang_id) {
$done = orsee_db_save_array($_REQUEST, "lang", $lang_id, "lang_id");
} else {
$lang_id = lang__insert_to_lang($_REQUEST);
}
message(lang('changes_saved'));
log__admin("language_symbol_edit", "lang_id:lang," . $_REQUEST['content_name']);
redirect("admin/lang_symbol_edit.php?lang_id=" . $lang_id);
}
}
if ($proceed) {
// if lang id given, load data
if ($lang_id) {
$content = orsee_db_load_array("lang", $lang_id, "lang_id");
} else {
$content = array('content_name' => '');
}
unset($_SESSION['captcha_string']);
$new_id = participant__create_participant_id($participant);
$participant['participant_id'] = $new_id['participant_id'];
$participant['participant_id_crypt'] = $new_id['participant_id_crypt'];
if ($settings['subject_authentication'] != 'token') {
$participant['password_crypted'] = unix_crypt($participant['password']);
}
$participant['confirmation_token'] = create_random_token(get_entropy($participant));
$participant['creation_time'] = time();
$participant['last_profile_update'] = $participant['creation_time'];
$participant['status_id'] = 0;
$participant['subpool_id'] = $_SESSION['subpool_id'];
if (!isset($participant['language']) || !$participant['language']) {
$participant['language'] = $settings['public_standard_language'];
}
$done = orsee_db_save_array($participant, "participants", $participant['participant_id'], "participant_id");
if ($done) {
log__participant("subscribe", $participant['lname'] . ', ' . $participant['fname']);
$proceed = false;
$done = experimentmail__confirmation_mail($participant);
message(lang('successfully_registered'));
redirect("public/");
} else {
message(lang('database_error'));
}
}
}
}
if ($proceed) {
echo '<CENTER>
<TABLE class="or_formtable" style="width: auto;"><TR><TD>';
$done = orsee_db_save_array($status_error_lang, "lang", $status_error_lang['lang_id'], "lang_id");
}
}
if ($not_unconfirmed) {
$status = $_REQUEST;
$status['status_id'] = $status_id;
$pars = array(':status_id' => $status_id);
if ($status['is_default_active'] == "y") {
$query = "UPDATE " . table('participant_statuses') . "\n\t\t\t\t\t\t\tSET is_default_active='n'\n\t\t\t\t\t\t\tWHERE status_id!= :status_id";
$done = or_query($query, $pars);
}
if ($status['is_default_inactive'] == "y") {
$query = "UPDATE " . table('participant_statuses') . "\n\t\t\t\t\t\t\tSET is_default_inactive='n'\n\t\t\t\t\t\t\tWHERE status_id!= :status_id";
$done = or_query($query, $pars);
}
$done = orsee_db_save_array($status, "participant_statuses", $status_id, "status_id");
}
message(lang('changes_saved'));
log__admin("participant_status_edit", "status_id:" . $status['status_id']);
redirect("admin/participant_status_edit.php?status_id=" . $status_id);
} else {
$status = $_REQUEST;
}
}
}
if ($proceed) {
// form
echo ' <CENTER>';
show_message();
echo '
<FORM action="participant_status_edit.php">';
$_REQUEST[$k][$tk] = trim($tv);
} else {
unset($_REQUEST[$k][$tk]);
}
}
$prop_array[$k] = implode(',', $_REQUEST[$k]);
} else {
$prop_array[$k] = trim($_REQUEST[$k]);
}
} else {
$prop_array[$k] = $field[$k];
}
}
}
$pform_field['properties'] = property_array_to_db_string($prop_array);
$done = orsee_db_save_array($pform_field, "profile_fields", $field_name, "mysql_column_name");
message(lang('changes_saved'));
redirect('admin/' . thisdoc() . '?mysql_column_name=' . $field_name);
}
}
if ($proceed) {
echo '<center>';
javascript__tooltip_prepare();
echo '<FORM action="' . thisdoc() . '" method="POST">';
echo '<INPUT type="hidden" name="mysql_column_name" value="' . $field_name . '">';
echo '<TABLE class="or_formtable">
<TR><TD colspan="2">
<TABLE width="100%" border=0 class="or_panel_title"><TR>
<TD style="background: ' . $color['panel_title_background'] . '; color: ' . $color['panel_title_textcolor'] . '" align="center">
' . lang('configure_participant_profile_field') . ' ' . $field_name . '
</TD>
$continue = false;
message(lang('error_username_exists'));
}
}
if ($continue) {
if ($_REQUEST['password']) {
// no password strength checks when account created by super-admin?
$_REQUEST['password_crypt'] = unix_crypt($_REQUEST['password']);
message(lang('password_changed'));
} else {
unset($_REQUEST['password']);
}
if (!$admin_id) {
$admin_id = time();
}
$done = orsee_db_save_array($_REQUEST, "admin", $admin_id, "admin_id");
message(lang('changes_saved'));
log__admin("admin_edit", $_REQUEST['adminname']);
if ($admin_id == $expadmindata['admin_id']) {
$nl = "&new_language=" . $_REQUEST['language'];
} else {
$nl = "";
}
redirect("admin/admin_edit.php?admin_id=" . $admin_id . $nl);
$proceed = false;
}
if ($proceed) {
foreach ($admin as $k => $v) {
if (isset($_REQUEST[$k])) {
$admin[$k] = $_REQUEST[$k];
}
$_REQUEST['experiment_finished'] = "n";
}
if (!isset($_REQUEST['hide_in_stats']) || !$_REQUEST['hide_in_stats']) {
$_REQUEST['hide_in_stats'] = "n";
}
if (!isset($_REQUEST['hide_in_cal']) || !$_REQUEST['hide_in_cal']) {
$_REQUEST['hide_in_cal'] = "n";
}
if (!isset($_REQUEST['access_restricted']) || !$_REQUEST['access_restricted']) {
$_REQUEST['access_restricted'] = "n";
}
$exptypes = explode(",", $_REQUEST['experiment_show_type']);
$_REQUEST['experiment_type'] = trim($exptypes[0]);
$_REQUEST['experiment_ext_type'] = trim($exptypes[1]);
$edit = $_REQUEST;
$done = orsee_db_save_array($edit, "experiments", $edit['experiment_id'], "experiment_id");
if ($done) {
message(lang('changes_saved'));
redirect("admin/experiment_edit.php?experiment_id=" . $edit['experiment_id']);
} else {
message(lang('database_error'));
redirect("admin/experiment_edit.php?experiment_id=" . $edit['experiment_id']);
}
}
$edit = $_REQUEST;
}
}
if ($proceed) {
// form
// initialize if empty
if (!isset($edit)) {
}
foreach ($languages as $language) {
$pstatus_internal_name_lang[$language] = $pstatus_internal_name[$language];
$pstatus_display_name_lang[$language] = $pstatus_display_name[$language];
}
if ($new) {
$pstatus_internal_name['lang_id'] = lang__insert_to_lang($pstatus_internal_name_lang);
$pstatus_display_name['lang_id'] = lang__insert_to_lang($pstatus_display_name_lang);
} else {
$done = orsee_db_save_array($pstatus_internal_name_lang, "lang", $pstatus_internal_name_lang['lang_id'], "lang_id");
$done = orsee_db_save_array($pstatus_display_name_lang, "lang", $pstatus_display_name_lang['lang_id'], "lang_id");
}
if ($not_assigned) {
$pstatus = $_REQUEST;
$pstatus['pstatus_id'] = $pstatus_id;
$done = orsee_db_save_array($pstatus, "participation_statuses", $pstatus_id, "pstatus_id");
}
message(lang('changes_saved'));
log__admin("participation_status_edit", "pstatus_id:" . $pstatus['pstatus_id']);
redirect("admin/participation_status_edit.php?pstatus_id=" . $pstatus_id);
} else {
$pstatus = $_REQUEST;
}
}
}
if ($proceed) {
// form
echo ' <CENTER>';
show_message();
echo '
<FORM action="participation_status_edit.php">';
function copy_table($table, $idvar, $cond = "", $delete = true)
{
global $do_delete, $do_insert, $new_db_name, $old_db_name;
$dquery = "DELETE FROM " . $new_db_name . "." . table($table) . "";
if ($do_delete && $delete) {
$done = or_query($dquery);
}
$squery = "SELECT * FROM " . $old_db_name . "." . table($table);
if ($cond) {
$squery .= ' ' . $cond;
}
$result = or_query($squery);
while ($line = pdo_fetch_assoc($result)) {
$line = convert_array_to_UTF8($line);
if ($do_insert) {
$done = orsee_db_save_array($line, $table, $line[$idvar], $idvar);
}
}
}
} else {
$new = false;
$pars = array(':subpool_id' => $subpool_id);
$query = "SELECT * from " . table('lang') . " \n\t\t\t\t\t\tWHERE content_type='subjectpool' \n\t\t\t\t\t\tAND content_name= :subpool_id";
$lsub = orsee_query($query, $pars);
}
$subpool = $_REQUEST;
$subpool['experiment_types'] = id_array_to_db_string($exptype_ids);
foreach ($languages as $language) {
$lsub[$language] = $selfdesc[$language];
}
$done = orsee_db_save_array($subpool, "subpools", $subpool_id, "subpool_id");
if ($new) {
$lsub['lang_id'] = lang__insert_to_lang($lsub);
} else {
$done = orsee_db_save_array($lsub, "lang", $lsub['lang_id'], "lang_id");
}
message(lang('changes_saved'));
log__admin("subjectpool_edit", "subjectpool:" . $subpool['subpool_name'] . "\nsubpool_id:" . $subpool['subpool_id']);
redirect("admin/subpool_edit.php?subpool_id=" . $subpool_id);
} else {
$subpool = $_REQUEST;
$subpool['exptypes'] = array();
foreach ($exptype_ids as $exptype_id) {
$subpool['exptypes'][$exptype_id] = $exptype_id;
}
}
}
}
if ($proceed) {
// form
if ($proceed) {
// load languages
$languages = get_languages();
if ($job_name) {
$job = orsee_db_load_array("cron_jobs", $job_name, "job_name");
} else {
$job = array('job_name' => '', 'enabled' => 'n', 'job_last_exec' => 0, 'job_time' => '');
}
$continue = true;
if (isset($_REQUEST['edit']) && $_REQUEST['edit']) {
if (!$_REQUEST['job_name']) {
message(lang('name_for_cronjob_required'));
$continue = false;
}
if ($continue) {
$done = orsee_db_save_array($_REQUEST, "cron_jobs", $job_name, "job_name");
log__admin("cronjob_edit", $_REQUEST['job_name']);
message(lang('changes_saved'));
redirect("admin/cronjob_edit.php?job_name=" . $job_name);
$proceed = false;
} else {
$job = $_REQUEST;
}
}
}
if ($proceed) {
// form
echo '<CENTER>';
show_message();
echo '
<FORM action="cronjob_edit.php">
function email__add_internal_note($email)
{
global $settings, $settings__server_url, $expadmindata;
// checks
$continue = true;
if (isset($_REQUEST['note_body'])) {
$body = $_REQUEST['note_body'];
} else {
$body = "";
}
if (!$body) {
$continue = false;
message(lang('error_email__message_body_is_empty'));
}
if ($continue) {
$s['message_id'] = '<' . sha1(microtime()) . '@' . $settings__server_url . '>';
$s['message_type'] = 'note';
$s['admin_id'] = $expadmindata['admin_id'];
$s['timestamp'] = time();
$s['from_address'] = '';
$s['to_address'] = '';
$s['cc_address'] = '';
$s['subject'] = '';
$s['body'] = $body;
$s['mailbox'] = $email['mailbox'];
$s['experiment_id'] = $email['experiment_id'];
$s['session_id'] = $email['session_id'];
$s['participant_id'] = $email['participant_id'];
$s['assigned_to'] = $email['assigned_to'];
$s['thread_id'] = $email['thread_id'];
$s['thread_time'] = time();
$s['flag_read'] = $email['flag_read'];
$s['flag_assigned_to_read'] = $email['flag_assigned_to_read'];
$s['flag_processed'] = $email['flag_processed'];
$s['flag_deleted'] = $email['flag_deleted'];
// save to database
$done = orsee_db_save_array($s, "emails", $s['message_id'], "message_id");
// update thread time
$done = email__update_thread_time($s['thread_id'], $s['thread_time']);
$redir = 'admin/emails_view.php?message_id=' . urlencode($email['message_id']);
if (isset($_REQUEST['hide_header']) && $_REQUEST['hide_header']) {
$redir .= '&hide_header=true';
}
return $redir;
} else {
return false;
}
}
if ($continue) {
if (!$faq_id) {
$new_faq_id = time();
$faq['faq_id'] = $new_faq_id;
$faq['evaluation'] = 0;
$done = orsee_db_save_array($faq, "faqs", $faq['faq_id'], "faq_id");
$question['content_name'] = $new_faq_id;
$question['content_type'] = "faq_question";
$done = lang__insert_to_lang($question);
$answer['content_name'] = $new_faq_id;
$answer['content_type'] = "faq_answer";
$done = lang__insert_to_lang($answer);
log__admin("faq_create", "faq_id:" . $new_faq_id);
} else {
$done = orsee_db_save_array($question, "lang", $question['lang_id'], "lang_id");
$done = orsee_db_save_array($answer, "lang", $answer['lang_id'], "lang_id");
log__admin("faq_edit", "faq_id:" . $faq_id);
}
message(lang('changes_saved'));
redirect('admin/faq_edit.php?faq_id=' . $question['content_name']);
}
}
}
if ($proceed) {
show_message();
// form
echo '<center>';
echo ' <FORM action="faq_edit.php" METHOD=POST>
<INPUT type=hidden name="faq_id" value="' . $faq_id . '">
<TABLE class="or_formtable">
} else {
$allow = check_allow('file_edit_general', 'download_main.php');
}
}
if ($proceed) {
if (isset($_REQUEST['edit']) && $_REQUEST['edit']) {
$continue = true;
if (!$_REQUEST['upload_name']) {
$continue = false;
message(lang('error_no_upload_file_name'));
}
if ($continue) {
$upload['session_id'] = $_REQUEST['session_id'];
$upload['upload_type'] = $_REQUEST['upload_type'];
$upload['upload_name'] = $_REQUEST['upload_name'];
$done = orsee_db_save_array($upload, "uploads", $upload['upload_id'], "upload_id");
if ($done) {
message(lang('changes_saved'));
$target = "file: " . $upload_id;
$target .= $experiment_id ? ", experiment:" . $experiment['experiment_name'] : ", general";
log__admin("file_upload", $target);
if ($experiment_id) {
redirect('admin/download_main.php?experiment_id=' . urlencode($experiment_id));
} else {
redirect('admin/download_main.php');
}
$proceed = false;
}
}
}
}
if (!$subpool['subpool_id']) {
$subpool = orsee_db_load_array("subpools", 1, "subpool_id");
}
}
if ($proceed) {
if (isset($_REQUEST['edit']) && $_REQUEST['edit']) {
$t['item_details']['current_draft'] = $_REQUEST['current_draft'];
$t['item_details'] = property_array_to_db_string($t['item_details']);
$done = orsee_db_save_array($t, "objects", $t['item_id'], "item_id");
log__admin("pform_templates_edit", "item_name:" . $t['item_name']);
message(lang('changes_saved'));
redirect('admin/options_profile_template_edit.php?item_name=' . $item_name . '&subpool_id=' . $subpool_id);
} elseif (isset($_REQUEST['activate']) && $_REQUEST['activate']) {
$t['item_details']['current_template'] = $t['item_details']['current_draft'];
$t['item_details'] = property_array_to_db_string($t['item_details']);
$done = orsee_db_save_array($t, "objects", $t['item_id'], "item_id");
log__admin("pform_templates_activate", "item_name:" . $t['item_name']);
message(lang('template_draft_activated'));
redirect('admin/options_profile_template_edit.php?item_name=' . $item_name . '&subpool_id=' . $subpool_id);
}
}
if ($proceed) {
if (!isset($t['item_details']['current_template'])) {
$t['item_details']['current_template'] = '';
}
if (!isset($t['item_details']['current_draft'])) {
$t['item_details']['current_draft'] = $t['item_details']['current_template'];
}
echo '<center>
<TABLE class="or_page_subtitle" style="background: ' . $color['page_subtitle_background'] . '; color: ' . $color['page_subtitle_textcolor'] . '; width: 98%">
<TR><TD align="center">' . lang('edit_participant_profile_form_template') . ' ' . $t['item_name'] . '</TD></TR></TABLE>
$upload['upload_type'] = $_REQUEST['upload_type'];
$upload['upload_name'] = $_REQUEST['upload_name'];
$upload['upload_filesize'] = $file['size'];
$done = preg_match("/.*\\.([^\\.]*)\$/", $file['name'], $matches);
$upload['upload_suffix'] = $matches[1];
if ($file['type']) {
$upload['upload_mimetype'] = $file['type'];
} else {
$upload['upload_mimetype'] = downloads__mime_type($upload['upload_suffix']);
}
$handle = fopen($file['tmp_name'], "r");
$upload_contents = fread($handle, filesize($file['tmp_name']));
fclose($handle);
$upload['upload_data'] = base64_encode($upload_contents);
$done = orsee_db_save_array($upload, "uploads", $upload['upload_id'], "upload_id");
$done2 = orsee_db_save_array($upload, "uploads_data", $upload['upload_id'], "upload_id");
if ($done && $done2) {
message(lang('file_uploaded'));
$target = $experiment_id ? "experiment:" . $experiment['experiment_name'] : "general";
log__admin("file_upload", $target);
if ($experiment_id > 0) {
redirect('admin/experiment_show.php?experiment_id=' . $experiment_id);
} else {
redirect('admin/download_main.php');
}
$proceed = false;
}
}
}
}
}
