function createinsertquery()
{
global $thissurvey, $timeadjust, $move, $thisstep;
global $deletenonvalues, $thistpl;
global $surveyid, $connect, $clang, $postedfieldnames, $bFinalizeThisAnswer;
require_once "classes/inputfilter/class.inputfilter_clean.php";
$myFilter = new InputFilter('', '', 1, 1, 1);
$fieldmap = createFieldMap($surveyid);
//Creates a list of the legitimate questions for this survey
if (isset($_SESSION['insertarray']) && is_array($_SESSION['insertarray'])) {
$inserts = array_unique($_SESSION['insertarray']);
$colnames_hidden = array();
foreach ($inserts as $value) {
//Work out if the field actually exists in this survey
$fieldexists = '';
if (isset($fieldmap[$value])) {
$fieldexists = $fieldmap[$value];
}
//Iterate through possible responses
if (isset($_SESSION[$value]) && !empty($fieldexists)) {
//Only create column name and data entry if there is actually data!
$colnames[] = $value;
//If deletenonvalues is ON, delete any values that shouldn't exist
if ($deletenonvalues == 1 && !checkconfield($value)) {
$values[] = 'NULL';
$colnames_hidden[] = $value;
} elseif ($_SESSION[$value] == '' && $fieldexists['type'] == 'D' || $_SESSION[$value] == '' && $fieldexists['type'] == 'K' || $_SESSION[$value] == '' && $fieldexists['type'] == 'N') {
// most databases do not allow to insert an empty value into a datefield,
// therefore if no date was chosen in a date question the insert value has to be NULL
$values[] = 'NULL';
} else {
// Empty the 'Other' field if a value other than '-oth-' was set for the main field (prevent invalid other values being saved - for example if Javascript fails to hide the 'Other' input field)
if ($fieldexists['type'] == '!' && $fieldmap[$value]['aid'] == 'other' && isset($_POST[substr($value, 0, strlen($value) - 5)]) && $_POST[substr($value, 0, strlen($value) - 5)] != '-oth-') {
$_SESSION[$value] = '';
} elseif ($fieldexists['type'] == 'N') {
$_SESSION[$value] = sanitize_float($_SESSION[$value]);
} elseif ($fieldexists['type'] == 'D' && is_array($postedfieldnames) && in_array($value, $postedfieldnames)) {
// convert the date to the right DB Format but only if it was posted
$dateformatdatat = getDateFormatData($thissurvey['surveyls_dateformat']);
$datetimeobj = new Date_Time_Converter($_SESSION[$value], $dateformatdatat['phpdate']);
$_SESSION[$value] = $datetimeobj->convert("Y-m-d");
$_SESSION[$value] = $connect->BindDate($_SESSION[$value]);
}
$values[] = $connect->qstr($_SESSION[$value], get_magic_quotes_gpc());
}
}
}
if ($thissurvey['datestamp'] == "Y") {
$_SESSION['datestamp'] = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
}
// First compute the submitdate
if ($thissurvey['private'] == "Y" && $thissurvey['datestamp'] == "N") {
// In case of anonymous answers survey with no datestamp
// then the the answer submutdate gets a conventional timestamp
// 1st Jan 1980
$mysubmitdate = date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980));
} else {
$mysubmitdate = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
}
// CHECK TO SEE IF ROW ALREADY EXISTS
// srid (=Survey Record ID ) is set when the there were already answers saved for that survey
if (!isset($_SESSION['srid'])) {
//Prepare row insertion
if (!isset($colnames) || !is_array($colnames)) {
echo submitfailed();
exit;
}
// INSERT NEW ROW
$query = "INSERT INTO " . db_quote_id($thissurvey['tablename']) . "\n" . "(" . implode(', ', array_map('db_quote_id', $colnames));
$query .= "," . db_quote_id('lastpage');
if ($thissurvey['datestamp'] == "Y") {
$query .= "," . db_quote_id('datestamp');
$query .= "," . db_quote_id('startdate');
}
if ($thissurvey['ipaddr'] == "Y") {
$query .= "," . db_quote_id('ipaddr');
}
$query .= "," . db_quote_id('startlanguage');
if ($thissurvey['refurl'] == "Y") {
$query .= "," . db_quote_id('refurl');
}
if ($bFinalizeThisAnswer === true && $thissurvey['format'] != "A") {
$query .= "," . db_quote_id('submitdate');
}
$query .= ") ";
$query .= "VALUES (" . implode(", ", $values);
$query .= "," . ($thisstep + 1);
if ($thissurvey['datestamp'] == "Y") {
$query .= ", '" . $_SESSION['datestamp'] . "'";
$query .= ", '" . $_SESSION['datestamp'] . "'";
}
if ($thissurvey['ipaddr'] == "Y") {
$query .= ", '" . $_SERVER['REMOTE_ADDR'] . "'";
}
$query .= ", '" . $_SESSION['s_lang'] . "'";
if ($thissurvey['refurl'] == "Y") {
$query .= ", '" . $_SESSION['refurl'] . "'";
}
if ($bFinalizeThisAnswer === true && $thissurvey['format'] != "A") {
// is if a ALL-IN-ONE survey, we don't set the submit date before the data is validated
$query .= ", " . $connect->DBDate($mysubmitdate);
}
$query .= ")";
} else {
// UPDATE EXISTING ROW
// Updates only the MODIFIED fields posted on current page.
if (isset($postedfieldnames) && $postedfieldnames) {
$query = "UPDATE {$thissurvey['tablename']} SET ";
$query .= " lastpage = '" . $thisstep . "',";
if ($thissurvey['datestamp'] == "Y") {
$query .= " datestamp = '" . $_SESSION['datestamp'] . "',";
}
if ($thissurvey['ipaddr'] == "Y") {
$query .= " ipaddr = '" . $_SERVER['REMOTE_ADDR'] . "',";
}
// is if a ALL-IN-ONE survey, we don't set the submit date before the data is validated
if ($bFinalizeThisAnswer === true && $thissurvey['format'] != "A") {
$query .= " submitdate = " . $connect->DBDate($mysubmitdate) . ", ";
}
// Resets fields hidden due to conditions
if ($deletenonvalues == 1) {
$hiddenfields = array_unique(array_values($colnames_hidden));
foreach ($hiddenfields as $hiddenfield) {
//$fieldinfo = arraySearchByKey($hiddenfield, $fieldmap, "fieldname", 1);
//if ($fieldinfo['type']=='D' || $fieldinfo['type']=='N' || $fieldinfo['type']=='K')
//{
$query .= db_quote_id($hiddenfield) . " = NULL,";
//}
//else
//{
// $query .= db_quote_id($hiddenfield)." = '',";
//}
}
} else {
$hiddenfields = array();
}
$fields = $postedfieldnames;
$fields = array_unique($fields);
$fields = array_diff($fields, $hiddenfields);
// Do not take fields that are hidden
foreach ($fields as $field) {
if (!empty($field)) {
$fieldinfo = $fieldmap[$field];
if (!isset($_POST[$field])) {
$_POST[$field] = '';
}
//fixed numerical question fields. They have to be NULL instead of '' to avoid database errors
if ($_POST[$field] == '' && $fieldinfo['type'] == 'D' || $_POST[$field] == '' && $fieldinfo['type'] == 'N' || $_POST[$field] == '' && $fieldinfo['type'] == 'K') {
$query .= db_quote_id($field) . " = NULL,";
} else {
// Empty the 'Other' field if a value other than '-oth-' was set for the main field (prevent invalid other values being saved - for example if Javascript fails to hide the 'Other' input field)
if ($fieldinfo['type'] == '!' && $fieldmap[$field]['aid'] == 'other' && $_POST[substr($field, 0, strlen($field) - 5)] != '-oth-') {
$qfield = "''";
} elseif ($fieldinfo['type'] == 'N') {
$qfield = db_quoteall(sanitize_float($_POST[$field]));
} elseif ($fieldinfo['type'] == 'D') {
$dateformatdatat = getDateFormatData($thissurvey['surveyls_dateformat']);
$datetimeobj = new Date_Time_Converter($_POST[$field], $dateformatdatat['phpdate']);
$qfield = db_quoteall($connect->BindDate($datetimeobj->convert("Y-m-d")));
} else {
$qfield = db_quoteall($_POST[$field], true);
}
$query .= db_quote_id($field) . " = " . $qfield . ",";
}
}
}
$query .= "WHERE id=" . $_SESSION['srid'];
$query = str_replace(",WHERE", " WHERE", $query);
// remove comma before WHERE clause
} else {
$query = "";
if ($bFinalizeThisAnswer === true) {
$query = "UPDATE {$thissurvey['tablename']} SET ";
$query .= " submitdate = " . $connect->DBDate($mysubmitdate);
$query .= " WHERE id=" . $_SESSION['srid'];
}
}
}
//DEBUG START
//echo $query;
//DEBUG END
return $query;
} else {
sendcacheheaders();
doHeader();
foreach (file("{$thistpl}/startpage.pstpl") as $op) {
echo templatereplace($op);
}
echo "<br /><center><font face='verdana' size='2'><font color='red'><strong>" . $clang->gT("Error") . "</strong></font><br /><br />\n";
echo $clang->gT("Cannot submit results - there are none to submit.") . "<br /><br />\n";
echo "<font size='1'>" . $clang->gT("This error can occur if you have already submitted your responses and pressed 'refresh' on your browser. In this case, your responses have already been saved.") . "<br /><br />" . $clang->gT("If you receive this message in the middle of completing a survey, you should choose '<- BACK' on your browser and then refresh/reload the previous page. While you will lose answers from the last page all your others will still exist. This problem can occur if the webserver is suffering from overload or excessive use. We apologise for this problem.") . "<br />\n";
echo "</font></center><br /><br />";
exit;
}
}
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false, $setSubmitDate = false)
{
// Update these values in the database
global $connect;
// TODO - now that using $this->updatedValues, may be able to remove local copies of it (unless needed by other sub-systems)
$updatedValues = $this->updatedValues;
if (!$this->surveyOptions['deletenonvalues']) {
$nonNullValues = array();
foreach ($updatedValues as $key => $value) {
if (!is_null($value)) {
if (isset($value['value']) && !is_null($value['value'])) {
$nonNullValues[$key] = $value;
}
}
}
$updatedValues = $nonNullValues;
}
$message = '';
if ($this->surveyOptions['datestamp'] == true && $this->surveyOptions['anonymized'] == true) {
// On anonymous datestamped surveys, set the datestamp to 1-1-1980
$datestamp = date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980));
} else {
// Otherwise, use the real date/time, it will only be saved when the table holds a
// datestamp field
$datestamp = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
}
$_SESSION['datestamp'] = $datestamp;
if ($this->surveyOptions['active'] && !isset($_SESSION['srid'])) {
// Create initial insert row for this record
$sdata = array("datestamp" => $datestamp, "ipaddr" => $this->surveyOptions['ipaddr'] ? getIPAddress() : '', "startlanguage" => $this->surveyOptions['startlanguage'], "token" => $this->surveyOptions['token'], "refurl" => $this->surveyOptions['refurl'] ? getenv("HTTP_REFERER") : NULL, "startdate" => $datestamp);
//One of the strengths of ADOdb's AutoExecute() is that only valid field names for $table are updated
if ($connect->AutoExecute($this->surveyOptions['tablename'], $sdata, 'INSERT')) {
$srid = $connect->Insert_ID($this->surveyOptions['tablename'], "id");
$_SESSION['srid'] = $srid;
} else {
$message .= $this->gT("Unable to insert record into survey table: ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
$tdata = array('id' => $srid, 'interviewtime' => 0);
if ($connect->AutoExecute($this->surveyOptions['tablename_timings'], $tdata, 'INSERT')) {
$trid = $connect->Insert_ID($this->surveyOptions['tablename_timings'], "sid");
} else {
$message .= $this->gT("Unable to insert record into timings table ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = db_quote_id('lastpage') . "=" . db_quoteall($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION['datestamp'])) {
$setter[] = db_quote_id('datestamp') . "=" . db_quoteall($_SESSION['datestamp']);
}
if ($this->surveyOptions['ipaddr']) {
$setter[] = db_quote_id('ipaddr') . "=" . db_quoteall(getIPAddress());
}
foreach ($updatedValues as $key => $value) {
if (!empty($key)) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case '|':
//File upload
// This block can be removed once we require 5.3 or later
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$val = addslashes($val);
}
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = db_quote_id($key) . "=NULL";
} else {
$setter[] = db_quote_id($key) . "=" . db_quoteall($val, true);
}
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION['srid'];
if (!db_execute_assoc($query)) {
echo submitfailed($connect->ErrorMsg());
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= 'Error in SQL update: ' . $connect->ErrorMsg() . '<br/>';
}
}
// Save Timings if needed
if ($this->surveyOptions['savetimings']) {
set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM " . db_table_name("saved_control") . " where srid=" . $_SESSION['srid'] . ' and sid=' . $this->sid;
$connect->Execute($query);
// Checked
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br/>' . $query;
}
} elseif ($this->surveyOptions['allowsave'] && isset($_SESSION['scid'])) {
$connect->Execute("UPDATE " . db_table_name("saved_control") . " SET saved_thisstep=" . db_quoteall($thisstep) . " where scid=" . $_SESSION['scid']);
// Checked
}
// Check quotas whenever results are saved
$bQuotaMatched = false;
$aQuotas = check_quota('return', $this->sid);
if ($aQuotas !== false) {
if ($aQuotas != false) {
foreach ($aQuotas as $aQuota) {
if (isset($aQuota['status']) && $aQuota['status'] == 'matched') {
$bQuotaMatched = true;
}
}
}
}
if ($bQuotaMatched) {
check_quota('enforce', $this->sid);
// will create a page and quit.
} else {
if ($finished) {
$sQuery = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET " . db_quote_id('submitdate') . "=" . db_quoteall($datestamp) . " WHERE ID=" . $_SESSION['srid'];
$connect->Execute($sQuery);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false)
{
// TODO - now that using $this->updatedValues, may be able to remove local copies of it (unless needed by other sub-systems)
$updatedValues = $this->updatedValues;
$message = '';
if (!$this->surveyOptions['active'] || $this->sPreviewMode) {
return $message;
}
if (!isset($_SESSION[$this->sessid]['srid'])) {
$_SESSION[$this->sessid]['datestamp'] = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
// Create initial insert row for this record
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
$sdata = array("startlanguage" => $this->surveyOptions['startlanguage']);
if ($this->surveyOptions['anonymized'] == false) {
$sdata['token'] = $this->surveyOptions['token'];
}
if ($this->surveyOptions['datestamp'] == true) {
$sdata['datestamp'] = $_SESSION[$this->sessid]['datestamp'];
$sdata['startdate'] = $_SESSION[$this->sessid]['datestamp'];
}
if ($this->surveyOptions['ipaddr'] == true) {
$sdata['ipaddr'] = getIPAddress();
}
if ($this->surveyOptions['refurl'] == true) {
if (isset($_SESSION[$this->sessid]['refurl'])) {
$sdata['refurl'] = $_SESSION[$this->sessid]['refurl'];
} else {
$sdata['refurl'] = getenv("HTTP_REFERER");
}
}
$sdata = array_filter($sdata);
SurveyDynamic::sid($this->sid);
$oSurvey = new SurveyDynamic();
$iNewID = $oSurvey->insertRecords($sdata);
if ($iNewID) {
$srid = $iNewID;
$_SESSION[$this->sessid]['srid'] = $iNewID;
} else {
$message .= $this->gT("Unable to insert record into survey table");
// TODO - add SQL error?
echo submitfailed('');
// TODO - report SQL error?
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
SurveyTimingDynamic::sid($this->sid);
$oSurveyTimings = new SurveyTimingDynamic();
$tdata = array('id' => $srid, 'interviewtime' => 0);
switchMSSQLIdentityInsert("survey_{$this->sid}_timings", true);
$iNewID = $oSurveyTimings->insertRecords($tdata);
switchMSSQLIdentityInsert("survey_{$this->sid}_timings", false);
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . ' SET ';
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = dbQuoteID('lastpage') . "=" . dbQuoteAll($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION[$this->sessid]['datestamp'])) {
$_SESSION[$this->sessid]['datestamp'] = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
$setter[] = dbQuoteID('datestamp') . "=" . dbQuoteAll(dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']));
}
if ($this->surveyOptions['ipaddr']) {
$setter[] = dbQuoteID('ipaddr') . "=" . dbQuoteAll(getIPAddress());
}
foreach ($updatedValues as $key => $value) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '' || $val == "INVALID") {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case '|':
//File upload
// This block can be removed once we require 5.3 or later
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$val = addslashes($val);
}
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = dbQuoteID($key) . "=NULL";
} else {
$setter[] = dbQuoteID($key) . "=" . dbQuoteAll($val);
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION[$this->sessid]['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION[$this->sessid]['srid'];
if (!dbExecuteAssoc($query)) {
echo submitfailed('');
// TODO - report SQL error?
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $this->gT('Error in SQL update');
// TODO - add SQL error?
}
} elseif ($this->surveyOptions['savetimings']) {
Yii::import("application.libraries.Save");
$cSave = new Save();
$cSave->set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM {{saved_control}} where srid=" . $_SESSION[$this->sessid]['srid'] . ' and sid=' . $this->sid;
Yii::app()->db->createCommand($query)->execute();
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br />' . $query;
}
} else {
if ($this->surveyOptions['allowsave'] && isset($_SESSION[$this->sessid]['scid'])) {
SavedControl::model()->updateByPk($_SESSION[$this->sessid]['scid'], array('saved_thisstep' => $thisstep));
}
}
// Check Quotas
$aQuotas = checkCompletedQuota($this->sid, 'return');
if ($aQuotas && !empty($aQuotas)) {
checkCompletedQuota($this->sid);
// will create a page and quit: why not use it directly ?
} else {
if ($finished) {
$sQuery = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
if ($this->surveyOptions['datestamp']) {
// Replace with date("Y-m-d H:i:s") ? See timeadjust
$sQuery .= dbQuoteID('submitdate') . "=" . dbQuoteAll(dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']));
} else {
$sQuery .= dbQuoteID('submitdate') . "=" . dbQuoteAll(date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980)));
}
$sQuery .= " WHERE ID=" . $_SESSION[$this->sessid]['srid'];
dbExecuteAssoc($sQuery);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false)
{
// Update these values in the database
global $connect;
$message = '';
$_SESSION['datestamp'] = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
if ($this->surveyOptions['active'] && !isset($_SESSION['srid'])) {
// Create initial insert row for this record
$today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
$sdata = array("datestamp" => $today, "ipaddr" => $this->surveyOptions['ipaddr'] && isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', "startlanguage" => $this->surveyOptions['startlanguage'], "token" => $this->surveyOptions['token'], "datestamp" => $this->surveyOptions['datestamp'] ? $_SESSION['datestamp'] : NULL, "refurl" => $this->surveyOptions['refurl'] ? getenv("HTTP_REFERER") : NULL, "startdate" => $this->surveyOptions['datestamp'] ? $_SESSION['datestamp'] : date("Y-m-d H:i:s", 0));
//One of the strengths of ADOdb's AutoExecute() is that only valid field names for $table are updated
if ($connect->AutoExecute($this->surveyOptions['tablename'], $sdata, 'INSERT')) {
$srid = $connect->Insert_ID($this->surveyOptions['tablename'], "id");
$_SESSION['srid'] = $srid;
} else {
$message .= $this->gT("Unable to insert record into survey table: ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
$tdata = array('id' => $srid, 'interviewtime' => 0);
if ($connect->AutoExecute($this->surveyOptions['tablename_timings'], $tdata, 'INSERT')) {
$trid = $connect->Insert_ID($this->surveyOptions['tablename_timings'], "sid");
} else {
$message .= $this->gT("Unable to insert record into timings table ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = db_quote_id('lastpage') . "=" . db_quoteall($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION['datestamp'])) {
$setter[] = db_quote_id('datestamp') . "=" . db_quoteall($_SESSION['datestamp']);
}
if ($this->surveyOptions['ipaddr'] && isset($_SERVER['REMOTE_ADDR'])) {
$setter[] = db_quote_id('ipaddr') . "=" . db_quoteall($_SERVER['REMOTE_ADDR']);
}
if ($finished) {
$setter[] = db_quote_id('submitdate') . "=" . db_quoteall($_SESSION['datestamp']);
}
foreach ($updatedValues as $key => $value) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = db_quote_id($key) . "=NULL";
} else {
$setter[] = db_quote_id($key) . "=" . db_quoteall($val);
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION['srid'];
if (!db_execute_assoc($query)) {
echo submitfailed($connect->ErrorMsg());
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= 'Error in SQL update: ' . $connect->ErrorMsg() . '<br/>';
}
}
// Save Timings if needed
if ($this->surveyOptions['savetimings']) {
set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM " . db_table_name("saved_control") . " where srid=" . $_SESSION['srid'] . ' and sid=' . $this->sid;
$connect->Execute($query);
// Checked
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br/>' . $query;
}
// Check Quotas
$bQuotaMatched = false;
$aQuotas = check_quota('return', $this->sid);
if ($aQuotas !== false) {
if ($aQuotas != false) {
foreach ($aQuotas as $aQuota) {
if (isset($aQuota['status']) && $aQuota['status'] == 'matched') {
$bQuotaMatched = true;
}
}
}
}
if ($bQuotaMatched) {
check_quota('enforce', $this->sid);
// will create a page and quit.
}
} else {
if ($this->surveyOptions['allowsave'] && isset($_SESSION['scid'])) {
$connect->Execute("UPDATE " . db_table_name("saved_control") . " SET saved_thisstep=" . db_quoteall($thisstep) . " where scid=" . $_SESSION['scid']);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
