function getFiles($labbarcode) { global $db; $files = array(); $query = 'select id, urid, name, size from ' . Config::dbSurveyData() . '_files where labbarcode="' . prepareDatabaseString($labbarcode) . '"'; $result = $db->selectQuery($query); if ($result != null && $db->getNumberOfRows($result) > 0) { while ($row = $db->getRow($result)) { $files[] = array(id => $row['id'], urid => $row['urid'], name => $row['name'], size => $row['size']); } } return $files; }
private function storeAnswer($primkey, $variable, $answer, $striptags = true) { global $engine; $localdb = null; if (Config::useTransactions() == true) { global $transdb; $localdb = $transdb; } else { global $db; $localdb = $db; } $dirty = $this->getDirty(); $prim = $primkey; $var = $variable; //$engine->prefixVariableName($variable); $ans = $answer; if ($ans == "" && $ans !== 0) { // preserve '0' as answer $ans = null; } $version = getSurveyVersion(); $language = getSurveyLanguage(); $mode = getSurveyMode(); $suid = getSurvey(); // set session language/mode here if changed through routing! if ($ans != null) { if (strtoupper($variable) == strtoupper(VARIABLE_LANGUAGE)) { $_SESSION['PARAMS'][SESSION_PARAM_LANGUAGE] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_MODE)) { $_SESSION['PARAMS'][SESSION_PARAM_MODE] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_VERSION)) { $_SESSION['PARAMS'][SESSION_PARAM_VERSION] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_TEMPLATE)) { $_SESSION['PARAMS'][SESSION_PARAM_TEMPLATE] = $ans; } } } } } /* set attributes for data record processing in export */ $this->suid = $suid; $this->primkey = $prim; $this->language = $language; $this->mode = $mode; $this->version = $version; $this->ts = date("Y-m-d h:i:s", time()); if (Config::prepareDataQueries() == false) { global $survey; $key = $survey->getDataEncryptionKey(); if ($ans == null && $ans !== 0) { $answer = 'null'; } else { $answer = '"' . prepareDatabaseString($ans, $striptags) . '"'; if ($key != "") { $answer = "aes_encrypt('" . prepareDatabaseString($ans, $striptags) . "', '" . $key . "')"; } } $queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode'; $queryvalues = prepareDatabaseString($suid); $queryvalues .= ",'" . prepareDatabaseString($prim) . "'"; $queryvalues .= ",'" . prepareDatabaseString($var) . "'"; $queryvalues .= "," . $answer; $queryvalues .= "," . prepareDatabaseString($dirty); $queryvalues .= "," . prepareDatabaseString($version); $queryvalues .= "," . prepareDatabaseString($language); $queryvalues .= "," . prepareDatabaseString($mode); $query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')'; //echo $query; if ($localdb->executeQuery($query)) { $this->variable["answer"] = $ans; // hook for extra storage if (function_exists("storeAnswerExtra")) { storeAnswerExtra($query); } return true; } return false; } else { $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, $suid); $bp->add(MYSQL_BINDING_STRING, $prim); $bp->add(MYSQL_BINDING_STRING, $var); $bp->add(MYSQL_BINDING_STRING, $ans); $bp->add(MYSQL_BINDING_INTEGER, $dirty); $bp->add(MYSQL_BINDING_INTEGER, $version); $bp->add(MYSQL_BINDING_INTEGER, $language); $bp->add(MYSQL_BINDING_INTEGER, $mode); global $survey; $key = $survey->getDataEncryptionKey(); $answer = "?"; if ($key != "") { $answer = "aes_encrypt(?, '" . $key . "')"; } $queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode'; $queryvalues = '?,?,?,' . $answer . ',?,?,?,?'; $query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')'; if ($localdb->executeBoundQuery($query, $bp->get())) { $this->variable["answer"] = $ans; // hook for extra storage if (function_exists("storeAnswerExtra")) { storeAnswerExtra($queryparams, $queryvalues, $bp); } return true; } return false; } }
function saveChanges() { global $db; $query = 'UPDATE ' . Config::dbSurveyData() . '_lab SET '; $query .= 'barcode = aes_encrypt("' . prepareDatabaseString($this->getBarcode()) . '", "' . Config::labKey() . '"), '; $query .= 'labbarcode = aes_encrypt("' . prepareDatabaseString($this->getLabBarcode()) . '", "' . Config::labKey() . '"), '; $query .= 'consent1 = "' . prepareDatabaseString($this->getConsent1()) . '",'; $query .= 'consent2 = "' . prepareDatabaseString($this->getConsent2()) . '", '; $query .= 'consent3 = "' . prepareDatabaseString($this->getConsent3()) . '", '; $query .= 'consent4 = "' . prepareDatabaseString($this->getConsent4()) . '", '; $query .= 'consent5 = "' . prepareDatabaseString($this->getConsent5()) . '", '; $query .= 'refusal = "' . prepareDatabaseString($this->getRefusal()) . '", '; $query .= 'refusalreason = "' . prepareDatabaseString($this->getRefusalReason()) . '", '; $query .= 'refusaldate = "' . prepareDatabaseString($this->getRefusalDate()) . '", '; $query .= 'cd4res = "' . prepareDatabaseString($this->getCD4res()) . '", '; $query .= 'cd4date = "' . prepareDatabaseString($this->getCD4date()) . '", '; $query .= 'survey = "' . prepareDatabaseString($this->getSurvey()) . '", '; $query .= 'measures = "' . prepareDatabaseString($this->getMeasures()) . '", '; $query .= 'vision = "' . prepareDatabaseString($this->getVision()) . '", '; $query .= 'anthropometrics = "' . prepareDatabaseString($this->getAnthropometrics()) . '", '; $query .= 'requestform = "' . prepareDatabaseString($this->getRequestForm()) . '", '; $query .= 'urid = "' . prepareDatabaseString($this->getUrid()) . '", '; $query .= 'labvisitts = "' . prepareDatabaseString($this->getLabVisitTs()) . '", '; $query .= 'fielddbsshipmentdate = "' . prepareDatabaseString($this->getFieldDBSShipmentDate()) . '", '; $query .= 'fielddbsreceiveddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDate()) . '", '; $query .= 'fielddbscollecteddate = "' . prepareDatabaseString($this->getFieldDBSCollectedDate()) . '", '; $query .= 'fielddbsshipmentreturneddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDateFromLab()) . '", '; $query .= 'fielddbsclinicresultsissueddate = "' . prepareDatabaseString($this->getFieldDBSClinicResultsIssued()) . '", '; $query .= 'fielddbsstatus = "' . prepareDatabaseString($this->getFieldDBSStatus()) . '", '; $query .= 'labdbslocation = "' . prepareDatabaseString($this->getLabDBSLocation()) . '", '; $query .= 'labdbsposition = "' . prepareDatabaseString($this->getLabDBSPosition()) . '", '; $query .= 'labbloodstatus = "' . prepareDatabaseString($this->getLabBloodStatus()) . '", '; $query .= 'labbloodshipmentdate = "' . prepareDatabaseString($this->getLabBloodShipmentDate()) . '", '; $query .= 'labbloodshipmentreturneddate = "' . prepareDatabaseString($this->getLabBloodReceivedDateFromLab()) . '", '; $query .= 'labbloodlocation = "' . prepareDatabaseString($this->getLabBloodLocation()) . '", '; $query .= 'labbloodposition = "' . prepareDatabaseString($this->getLabBloodPosition()) . '", '; $query .= 'labbloodsenttolab = "' . prepareDatabaseString($this->getLabBloodSentToLab()) . '", '; $query .= 'labbloodnotcollected = "' . prepareDatabaseString($this->getLabBloodNotCollected()) . '", '; $query .= 'consenturid = "' . prepareDatabaseString($this->getConsentUrid()) . '", '; $query .= 'consentts = "' . prepareDatabaseString($this->getConsentTs()) . '" '; $query .= 'WHERE primkey = "' . prepareDatabaseString($this->getPrimkey()) . '"'; //echo '<br/><br/><br/>' . $query; $db->executeQuery($query); }
function captureScreenshot() { global $db; $l = $this->getParam(POST_PARAM_LANGUAGE); $m = $this->getParam(POST_PARAM_MODE); $v = $this->getParam(POST_PARAM_VERSION); $result = urldecode(loadvar(POST_PARAM_SCREENSHOT)); $stateid = $this->getParam(POST_PARAM_STATEID); $primkey = $this->getParam(POST_PARAM_PRIMKEY); $suid = $this->getParam(POST_PARAM_SUID); $screen = gzcompress($result, 9); if ($stateid == "") { $stateid = 1; } $bp = new BindParam(); $scid = null; $bp->add(MYSQL_BINDING_INTEGER, $scid); $bp->add(MYSQL_BINDING_INTEGER, $suid); $bp->add(MYSQL_BINDING_STRING, $primkey); $bp->add(MYSQL_BINDING_INTEGER, $stateid); $bp->add(MYSQL_BINDING_STRING, $screen); $bp->add(MYSQL_BINDING_INTEGER, $m); $bp->add(MYSQL_BINDING_INTEGER, $l); $bp->add(MYSQL_BINDING_INTEGER, $v); $key = $this->survey->getDataEncryptionKeyDirectly($m, $l, $this->getParam(POST_PARAM_DEFAULT_MODE), $this->getParam(POST_PARAM_DEFAULT_LANGUAGE)); if ($key == "") { $query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)"; } else { $query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)"; } //echo $query; //print_r($bp->get()); $db->executeBoundQuery($query, $bp->get()); exit; }
function captureScreenshot($result) { global $engine, $survey, $db; $l = getSurveyLanguage(); $m = getSurveyMode(); $v = getSurveyVersion(); $key = $survey->getDataEncryptionKey(); $stateid = $engine->getStateId(); if ($engine->getForward() == true) { $stateid++; } //$screen = gzcompress(preg_replace($i, $ii, $result), 9); $screen = gzcompress($result, 9); if ($stateid == "") { $stateid = 1; } $primkey = $engine->getPrimaryKey(); $bp = new BindParam(); $suid = $engine->getSuid(); $scid = null; $bp->add(MYSQL_BINDING_INTEGER, $scid); $bp->add(MYSQL_BINDING_INTEGER, $suid); $bp->add(MYSQL_BINDING_STRING, $primkey); $bp->add(MYSQL_BINDING_INTEGER, $stateid); $bp->add(MYSQL_BINDING_STRING, $screen); $bp->add(MYSQL_BINDING_INTEGER, $m); $bp->add(MYSQL_BINDING_INTEGER, $l); $bp->add(MYSQL_BINDING_INTEGER, $v); if ($key == "") { $query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)"; } else { $query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)"; } //echo $query; //print_r($bp->get()); $db->executeBoundQuery($query, $bp->get()); return ""; }
function getFieldNotNull($survey, $fieldname) { global $db; $dataStr = ''; $actions = array(); //99900174 $query = 'select DATE(ts) as dateobs, count(*) as cntobs, primkey from ' . Config::dbSurveyData() . '_data where suid = ' . $survey . ' and variablename="' . $fieldname . '" and length(primkey) > ' . Config::getMinimumPrimaryKeyLength() . ' and length(primkey) < ' . Config::getMaximumPrimaryKeyLength() . ' and answer is not null group by DATE(ts) order by ts asc'; $total = 0; $dataStr .= "[Date.UTC(2014, 6, 20), 0 ],"; $result = $db->selectQuery($query); while ($row = $db->getRow($result)) { $key = $row['dateobs']; $total += $row['cntobs']; $dataStr .= "[Date.UTC(" . substr($key, 0, 4) . ", " . (substr($key, 5, 2) - 1) . ", " . substr($key, 8, 2) . "), " . $total . "],"; } $returnStr = rtrim($dataStr, ','); return $returnStr; }
function processParaData($name = "") { $_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_SURVEY_RETRIEVAL; $query = "select max(pid) as pid from " . Config::dbSurveyData() . "_processed_paradata where suid=" . $this->survey->getSuid(); //} //echo $query; $pid = 0; $res = $this->db->selectQuery($query); if ($res) { $row = $this->db->getRow($res); $pid = $row["pid"]; if ($pid == "") { $pid = 0; } } $arr = array(); $decrypt = "paradata as data_dec"; $key = ""; if ($this->survey->getDataEncryptionKey() != "") { $key = $this->survey->getDataEncryptionKey(); $decrypt = "aes_decrypt(paradata, '" . $this->survey->getDataEncryptionKey() . "') as data_dec"; } if ($name == "") { $query = "select *, {$decrypt} from " . Config::dbSurveyData() . "_paradata where pid > {$pid} and suid=" . $this->survey->getSuid() . ' order by primkey, pid asc'; } else { $query = "select *, {$decrypt} from " . Config::dbSurveyData() . "_paradata where pid > {$pid} and suid=" . $this->survey->getSuid() . ' and (displayed = "' . $name . '" OR displayed like "%' . $name . '~%") order by primkey, pid asc'; } //} //echo $query; $res = $this->db->selectQuery($query); $codes = array_values(Common::errorCodes()); if ($res) { $oldprimkey = ""; $arr = array(); if ($this->db->getNumberOfRows($res) > 0) { $num = $db->getNumberOfRows($res); $cnt = 0; while ($row = $this->db->getRow($res)) { // end of primkey, so store if ($oldprimkey != "" && $row["primkey"] != $oldprimkey) { // k: varname // a: array of error codes with number of times foreach ($arr as $k => $a) { foreach ($a as $error => $times) { $query = "replace into " . Config::dbSurveyData() . "_processed_paradata (`pid`, `suid`, `primkey`, `rgid`, `variablename`, `answer`, `language`, `mode`, `version`, `ts`) values ("; if ($key != "") { $query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "',aes_encrypt('" . $times . "','" . $key . "')," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'"; } else { $query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "','" . $times . "'," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'"; } $query .= ")"; $this->db->executeQuery($query); //echo $query . "<hr>"; } } // reset $arr = array(); } $oldprimkey = $row["primkey"]; $line = strtoupper($row["displayed"]); // if displayed == variable OR displayed contains ~varname~ or displayed starts with varname~, process; otherwise skip if ($name == "" || $line == strtoupper($name) || contains($line, "~" . $name . "~") || startsWith($line, $name . "~")) { $line = $row["data_dec"]; $line = str_replace("FO=", "FO:", $line); $line = str_replace("FI=", "FI:", $line); $a = explode("||", $line); $displayed = explode("~", $row["displayed"]); $variables = array(); foreach ($displayed as $d) { if (startsWith($d, ROUTING_IDENTIFY_SUBGROUP) == false && startsWith($d, ROUTING_IDENTIFY_ENDSUBGROUP) == false) { $variables[] = $d; } } foreach ($a as $k) { $t = explode(":", $k); $code = $t[0]; // error code if (inArray($code, $codes)) { $s = explode("=", $t[1]); $varname = $s[0]; $number = str_replace("answer", "", str_replace("_name[]", "", $varname)); // find varname if (isset($variables[$number - 1])) { $variable = $variables[$number - 1]; if (isset($arr[strtoupper($variable)])) { $vararray = $arr[strtoupper($variable)]; } else { $vararray = array(); } if (isset($vararray[strtoupper($code)])) { //echo $k . '------adding for: ' . $oldprimkey . '----' . $variable . "<hr>"; $vararray[strtoupper($code)] = $vararray[strtoupper($code)] + 1; } else { $vararray[strtoupper($code)] = 1; } $arr[strtoupper($variable)] = $vararray; } } else { if (inArray($code, array("FO", "FI"))) { foreach ($variables as $variable) { if (isset($arr[strtoupper($variable)])) { $vararray = $arr[strtoupper($variable)]; } else { $vararray = array(); } if (isset($vararray[strtoupper($code)])) { //echo $k . '------adding for: ' . $oldprimkey . '----' . $variable . "<hr>"; $vararray[strtoupper($code)] = $vararray[strtoupper($code)] + 1; } else { $vararray[strtoupper($code)] = 1; } $arr[strtoupper($variable)] = $vararray; } } } } } $cnt++; // this was last one, so store if ($cnt == $num) { // k: varname // a: array of error codes with number of times //print_r($arr); foreach ($arr as $k => $a) { foreach ($a as $error => $times) { $query = "replace into " . Config::dbSurveyData() . "_processed_paradata (`pid`, `suid`, `primkey`, `rgid`, `variablename`, `answer`, `language`, `mode`, `version`, `ts`) values ("; if ($key != "") { $query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "',aes_encrypt('" . $times . "','" . $key . "')," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'"; } else { $query .= $row["pid"] . "," . $row["suid"] . ",'" . $row["primkey"] . "'," . $row["rgid"] . ",'" . strtolower($k . "_" . $error) . "','" . $times . "'," . $row["language"] . "," . $row["mode"] . "," . $row["version"] . ",'" . $row["ts"] . "'"; } $query .= ")"; $db->executeQuery($query); //echo $query . "<hr>"; } } // reset $arr = array(); } } } } $_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_ADMIN_RETRIEVAL; }
function getLastSurveyAction($sessionid, $primkey) { global $db; $query = 'select asid from ' . Config::dbSurveyData() . '_actions where sessionid = \'' . prepareDatabaseString($sessionid) . '\' and primkey = \'' . prepareDatabaseString($primkey) . '\' and systemtype = ' . USCIC_SURVEY . " and actiontype != " . ACTION_WINDOW_IN . " and actiontype != " . ACTION_WINDOW_OUT . " order by asid desc limit 0,1"; if ($result = $db->selectQuery($query)) { if ($db->getNumberOfRows($result) == 0) { return 0; } $row = $db->getRow($result); return $row["asid"]; } return -1; }
$result = $db->selectQuery($query); if ($result != null && $db->getNumberOfRows($result) > 0) { $row = $db->getRow($result); ob_clean(); header('Content-type: image/jpg'); if ($row['picture'] != null) { print $row['picture1']; } else { //display 'empty' image ob_clean(); header('Content-type: image/jpg'); echo file_get_contents('../../images/nopicture.png'); } exit; } else { //display 'empty' image ob_clean(); header('Content-type: image/jpg'); echo file_get_contents('../../images/nopicture.png'); exit; } } else { //store $query = 'replace into ' . Config::dbSurveyData() . '_pictures (primkey, variablename, picture) VALUES ('; $query .= '"' . addslashes($id) . '", '; $query .= '"' . addslashes($fieldname) . '", '; //$query .= '"' . addslashes(base64_decode(implode("", $_POST))) . '") '; $query .= 'AES_ENCRYPT("' . addslashes(base64_decode(implode("", $_POST))) . '", "' . Config::filePictureKey() . '")) '; $db->executeQuery($query); } }
function showOutputParaDataRes() { $de = new DataExport(loadvar('survey')); if (loadvar(DATA_OUTPUT_FILENAME) != "") { $de->setProperty(DATA_OUTPUT_FILENAME, loadvar(DATA_OUTPUT_FILENAME)); } else { $de->setProperty(DATA_OUTPUT_FILENAME, Config::dbSurveyData() . "_paradata"); } $cookievars = ""; if (isset($_COOKIE['uscicvariablecookie'])) { if (loadvar(DATA_OUTPUT_SUBDATA) == SUBDATA_YES) { $vars = explode("-", $_COOKIE['uscicvariablecookie']); $arr = array(); foreach ($vars as $var) { $varsplit = explode("~", $var); if (loadvar('survey') == $varsplit[0]) { // only consider variables from survey we are downloading for $survey = new Survey($varsplit[0]); $v = $survey->getVariableDescriptive($varsplit[1]); if ($v->getName() != "") { $arr[] = strtoupper($v->getName()); } } } if (sizeof($arr) > 0) { $cookievars = implode("~", $arr); } } } $de->setProperty(DATA_OUTPUT_VARLIST, $cookievars); $de->setProperty(DATA_OUTPUT_FILETYPE, loadvar(DATA_OUTPUT_FILETYPE)); $this->determineModeLanguage($de); $de->setProperty(DATA_OUTPUT_TYPE, DATA_OUTPUT_TYPE_DATA_TABLE); $de->setProperty(DATA_OUTPUT_PRIMARY_KEY_ENCRYPTION, loadvar(DATA_OUTPUT_PRIMARY_KEY_ENCRYPTION)); $de->setProperty(DATA_OUTPUT_PRIMARY_KEY_IN_DATA, loadvar(DATA_OUTPUT_PRIMARY_KEY_IN_DATA)); $de->setProperty(DATA_OUTPUT_SURVEY, loadvar(DATA_OUTPUT_SURVEY)); $de->setProperty(DATA_OUTPUT_TYPEDATA, loadvar(DATA_OUTPUT_TYPEDATA)); $de->setProperty(DATA_OUTPUT_FROM, loadvar(DATA_OUTPUT_FROM)); $de->setProperty(DATA_OUTPUT_TO, loadvar(DATA_OUTPUT_TO)); if (loadvar(DATA_OUTPUT_TYPEPARADATA) == PARADATA_RAW) { $de->setProperty(DATA_OUTPUT_FILETYPE, FILETYPE_CSV); $de->generateParadata(); } else { $de->setProperty(DATA_OUTPUT_FILETYPE, loadvar(DATA_OUTPUT_FILETYPE)); $de->generateProcessedParadata(); } $de->download(); }
<?php require_once "../../../../dbConfig.php"; require_once "../../../../config.php"; $options = array('delete_type' => 'POST', 'db_host' => Config::dbServer(), 'db_user' => Config::dbUser(), 'db_pass' => Config::dbPassword(), 'db_name' => Config::dbName(), 'db_table' => Config::dbSurveyData() . '_files'); error_reporting(E_ALL | E_STRICT); require 'UploadHandler.php'; class CustomUploadHandler extends UploadHandler { protected function initialize() { $this->db = new mysqli($this->options['db_host'], $this->options['db_user'], $this->options['db_pass'], $this->options['db_name']); parent::initialize(); $this->db->close(); } protected function handle_form_data($file, $index) { $file->title = @$_REQUEST['title'][$index]; $file->description = @$_REQUEST['description'][$index]; } protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null) { // $file = parent::handle_file_upload($uploaded_file, $name, $size, $type, $error, $index, $content_range); $file = new \stdClass(); $file->name = $name; $file->size = $size; // $file->content = json_encode($uploaded_file); $file->content = str_replace(array('"', '\\'), "", $uploaded_file); if (file_exists($file->content)) { $test = file_get_contents($file->content); $file->description = strlen($test);
function hasPicture($fieldname) { global $db; $query = 'select *, AES_DECRYPT(picture, \'' . Config::filePictureKey() . '\') as picture1 from ' . Config::dbSurveyData() . '_pictures where primkey=\'' . $this->getPrimkey() . '\' and variablename = \'' . $fieldname . '\''; $result = $db->selectQuery($query); if ($result != null) { $row = $db->getRow($result); if ($row['picture'] != null) { return true; } } return false; }
function showFieldDBS() { $returnStr = $this->showNurseHeader(Language::messageSMSTitle()); $returnStr .= '<div id="wrap">'; $returnStr .= $this->showNavBar(); $returnStr .= '<div class="container"><p>'; //begin content $returnStr .= '<ol class="breadcrumb">'; $returnStr .= '<li>' . setSessionParamsHref(array('page' => 'nurse.search'), Language::labelSearch()) . '</li>'; $returnStr .= '<li class="active">' . Language::labelNurseDBSTToLab() . '</li>'; $returnStr .= '</ol>'; global $db; $query = 'select * from ' . Config::dbSurveyData() . '_lab where fielddbsstatus = 1'; $result = $db->selectQuery($query); if ($result != null) { $returnStr .= '<table>'; while ($row = $db->getRow($result)) { $lab = new Lab($row['primkey']); $returnStr .= '<tr><td>' . $lab->getBarCode() . '</td><td>' . $lab->getFieldDBSCollectedDate() . '</td></tr>'; } $returnStr .= '</table>'; } //end content $returnStr .= '</p></div> </div>'; //container and wrap $returnStr .= $this->showBottomBar(); $returnStr .= $this->showFooter(false); return $returnStr; }
function showSendReceiveUploadData() { $displayNurse = new DisplayNurse(); $communication = new Communication(); if ($this->user->getLastData() != '' && $this->user->getLastData() != '0000-00-00 00:00:00') { $tables = array('data', 'datarecords', 'states', 'times', 'remarks', 'contacts', 'observations'); } else { $tables = array('data', 'datarecords', 'times', 'remarks', 'contacts', 'observations'); } $data = $communication->exportTables($tables, $this->user->getLastData(), 'primkey not like "999%"'); //no test data // $data = $communication->exportTables(array('data'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data // $data = $communication->exportTables(array('remarks'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data //update lab! $respondents = new Respondents(); $respondents = $respondents->getRespondentsByUrid($_SESSION['URID']); foreach ($respondents as $respondent) { $data = 'UPDATE ' . Config::dbSurveyData() . '_lab set status = ' . $respondent->getStatus() . ' where primkey = \'' . prepareDatabaseString($respondent->getPrimkey()) . '\'' . ";\n"; } if ($communication->sendToServerAsFile($data, $this->user->getUrid())) { //success sending data to server //update lastdate! $this->user->setLastData(date('Y-m-d H:i:s')); $this->user->saveChanges(); $message = $displayNurse->displaySuccess(Language::labelDataUploaded()); } else { $message = $displayNurse->displayError(Language::labelDataNotUploaded()); } return $this->mainPage($message); }
function jumpRes() { global $db; $suid = getFromSessionParams('jumpsuid'); $prim = getFromSessionParams('jumpprimkey'); $jumpto = loadvar("jumpto"); //echo $suid . '----' . $prim . '----' . $jumpto; $query = "delete from " . Config::dbSurveyData() . "_states where suid=" . $suid . " and primkey='" . $prim . "' and stateid > " . $jumpto; $db->executeQuery($query); $returnStr = "<html><head></head><body>"; $returnStr .= "<script type='text/javascript'>\n window.opener.location.reload();\n window.close();\n</script>"; $returnStr .= '</body></html'; //container and wrap echo $returnStr; }
function saveRecord() { if (Config::useDataRecords() == false) { return; } global $db, $survey; $key = $survey->getDataEncryptionKey(); $data = "?"; if ($key != "") { $data = "aes_encrypt(?, '" . $key . "')"; } $datanames = $this->getDataNames(); $names = ''; if (is_array($datanames)) { sort($datanames); $names = implode("~", $datanames); } //echo implode("~", $datanames) . '----'; if ($this->newrecord == true) { $query = "insert into " . Config::dbSurveyData() . "_datarecords (suid, primkey, datanames, data) values (?,?,?,{$data})"; $bp = new BindParam(); $bp->add(MYSQL_BINDING_INTEGER, $this->suid); $bp->add(MYSQL_BINDING_STRING, $this->primkey); $bp->add(MYSQL_BINDING_STRING, gzcompress($names, 9)); $data = gzcompress(serialize($this->data), 9); $bp->add(MYSQL_BINDING_STRING, $data); $db->executeBoundQuery($query, $bp->get()); //echo 'new<br/>'; } else { $query = "update " . Config::dbSurveyData() . "_datarecords set datanames=?, data={$data} where suid=? and primkey=?"; $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, gzcompress(implode("~", $datanames), 9)); $data = gzcompress(serialize($this->data), 9); $bp->add(MYSQL_BINDING_STRING, $data); $bp->add(MYSQL_BINDING_INTEGER, $this->suid); $bp->add(MYSQL_BINDING_STRING, $this->primkey); $db->executeBoundQuery($query, $bp->get()); //echo 'update<br/>'; } }
} */ function getScreenNumber($seid, $seidrgid, $rgid, $loopstring) { //echo '<hr>INDEX:' .$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring . "<br/>"; if (isset($this->entries[$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring])) { $entry = $this->entries[$this->seid . '-' . $seid . '-' . $seidrgid . '-' . $rgid . '-' . $loopstring]; //echo '<br/>found: ' . $entry["number"]; return $entry["number"]; } return 0; // something went wrong } function getCounter() { return $this->counter; } function getNumberOfScreens() { return sizeof(array_keys($this->entries)); // $this->maxscreens; } function delete() { global $db; $del = "delete from " . Config::dbSurvey() . "_progressbars where suid=" . $this->suid . " and mainseid=" . $this->seid; $db->executeQuery($del); } function load() { } function save() { $this->delete(); global $db; for ($j = 0; $j < sizeof($this->storeentries); $j++) { $entry = $this->storeentries[$j]; $i = "replace into " . Config::dbSurvey() . "_progressbars (suid, mainseid, seid, seidrgid, rgid, number, loopstring) values(" . $this->suid . "," . $this->seid . "," . $entry["seid"] . "," . $entry["seidrgid"] . "," . $entry["rgid"] . "," . $entry["number"] . ",'" . $entry["loopstring"] . "')"; //echo $i ."<br/>"; $db->executeQuery($i); $number++; } } /* section based progress */ function getSectionProgress($suid, $mainseid, $seid, $rgid, $loopstring, $looprgid) { global $engine; //$suid = $engine->getSuid(); //$seid = $engine->getSeid(); //$rgid = $engine->getRgid(); //$loopstring = $engine->getLoopstring(); if ($loopstring == "") { $loopstring = 1; } //echo $loopstring; //echo $rgid . '----'; global $db; $query = "select number, looptimes, outerlooprgids from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid=' . $rgid; $res = $db->selectQuery($query); if ($res) { if ($db->getNumberOfRows($res) > 0) { $row = $db->getRow($res); if ($row["looptimes"] == 1 && ($looprgid == 0 || $looprgid == "")) { return $row["number"]; } else { //echo 'ohno'; // get loop rgid //$looprgid = $engine->getLoopRgid(); // get number of first action in loop $query = "select number from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid > ' . $looprgid . ' limit 0,1'; $res = $db->selectQuery($query); if ($res) { if ($db->getNumberOfRows($res) > 0) { $row2 = $db->getRow($res); $startloop = $row2["number"]; // get number right after the loop $query = "select number from " . Config::dbSurvey() . "_screens where suid=" . $suid . " and seid=" . $seid . ' and rgid > ' . $rgid . ' and outerlooprgids != "' . $row["outerlooprgids"] . '" limit 0,1'; $res = $db->selectQuery($query); if ($res) { if ($db->getNumberOfRows($res) > 0) { $row1 = $db->getRow($res); //echo 'end at: ' . $row1["number"]; $numberofquestions = $row1["number"] - $startloop; // number of question screens //echo $difference/($row1["number"] - $startloop); //$factor = $difference/($row["looptimes"]*$difference); // moving from one question to another the increment must be this //$loopmax = $engine->loopmax; //$loopmin = $engine->loopmin; //$loopcounters = $engine->loopcounter; // get loop data global $db; $query = "select loopmin, loopmax, loopcounter from " . Config::dbSurveyData() . "_loopdata where suid=" . $suid . " and primkey='" . $engine->getPrimaryKey() . "' and mainseid=" . $mainseid . " and seid=" . $seid . " and looprgid=" . $looprgid; $res = $db->selectQuery($query);
function getArrayData($survey, $fieldname) { global $db; $array = array(); $query = 'select distinct variablename from ' . Config::dbSurveyData() . '_data where suid = ' . $survey . ' and variablename like "' . $fieldname . '[%" and length(primkey) > ' . Config::getMinimumPrimaryKeyLength() . ' and length(primkey) < ' . Config::getMaximumPrimaryKeyLength(); $result = $db->selectQuery($query); if ($db->getNumberOfRows($result) > 0) { while ($row = $db->getRow($result)) { $array[] = $row["variablename"]; } } return $array; }
function getRespondentsByBarcode($user, $searchterm) { global $db; $respondents = array(); $query = 'select primkey from ' . Config::dbSurveyData() . '_lab where aes_decrypt(barcode, \'' . Config::filePictureKey() . '\') = \'' . prepareDatabaseString($searchterm) . '\' or aes_decrypt(labbarcode, \'' . Config::filePictureKey() . '\') = \'' . prepareDatabaseString($searchterm) . '\''; //echo $query; $result = $db->selectQuery($query); while ($row = $db->getRow($result)) { if ($row['primkey'] != '') { $respondents[] = new Respondent($row['primkey']); } } if (sizeof($respondents) == 0) { //nothing found yet global $survey; $query = 'select primkey from ' . Config::dbSurveyData() . '_data where variablename="bs021" and cast(aes_decrypt(answer, \'' . $survey->getDataEncryptionKey() . '\') as char) = \'' . prepareDatabaseString($searchterm) . '\''; $result = $db->selectQuery($query); if ($result != null && $db->getNumberOfRows($result) > 0) { $row = $db->getRow($result); $respondents[] = new Respondent($row['primkey']); } } return $respondents; }
function getVersion() { return $this->version; } function setVersion($l)
function addLogs($variable, $answer, $di) { if (Config::logSurveyActions() == false) { return; } $localdb = null; if (Config::useTransactions() == true) { global $transdb; $localdb = $transdb; } else { global $db; $localdb = $db; } $ans = $answer; if ($ans == "") { $ans = null; } $prim = $this->getPrimaryKey(); $var = $variable; $dirty = $di; $action = $this->currentaction; $suid = $this->getSuid(); $version = getSurveyVersion(); $language = getSurveyLanguage(); $mode = getSurveyMode(); if (Config::prepareDataQueries() == false) { global $survey; $key = $survey->getDataEncryptionKey(); $answer = '"' . prepareDatabaseString($ans) . '"'; if ($key != "") { $answer = "aes_encrypt('" . prepareDatabaseString($ans) . "', '" . $key . "')"; } $localdb->executeQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')'); //echo 'INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')<br/>'; } else { $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, $suid); $bp->add(MYSQL_BINDING_STRING, $prim); $bp->add(MYSQL_BINDING_STRING, $var); $bp->add(MYSQL_BINDING_STRING, $ans); $bp->add(MYSQL_BINDING_INTEGER, $dirty); $bp->add(MYSQL_BINDING_INTEGER, $action); $bp->add(MYSQL_BINDING_INTEGER, $version); $bp->add(MYSQL_BINDING_INTEGER, $language); $bp->add(MYSQL_BINDING_INTEGER, $mode); $answer = "?"; global $survey; $key = $survey->getDataEncryptionKey(); if ($key != "") { $answer = "aes_encrypt(?, '" . $key . "')"; } $localdb->executeBoundQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (?,?,?,' . $answer . ',?,?,?,?,?)', $bp->get()); } }
function getDataFromSurvey($d, $variablename, $default = '') { // using data records if (Config::useDataRecords()) { $var = $d->getData($variablename); if (isset($var)) { return $var->getAnswer(); } else { return $default; } } // fall back on _data table global $db; $surv = new Survey($d->getSuid()); $decrypt = "answer as answer_dec"; if ($surv->getDataEncryptionKey() != "") { $decrypt = "aes_decrypt(answer, '" . $surv->getDataEncryptionKey() . "') as answer_dec"; } $query = "select " . $decrypt . " from " . Config::dbSurveyData() . "_data where suid=" . $d->getSuid() . " and primkey='" . $d->getPrimaryKey() . "' and variablename='" . $variablename . "'"; $res = $db->selectQuery($query); if ($res) { if ($db->getNumberOfRows($res) > 0) { $row = $db->getRow($res); return $row["answer_dec"]; } } // not found or something went wrong return $default; }