/**
* Creates an array with details on a particular response for display purposes
* Used in Print answers, Detailed response view and Detailed admin notification email
*
* @param mixed $iSurveyID
* @param mixed $iResponseID
* @param mixed $sLanguageCode
* @param boolean $bHonorConditions Apply conditions
*/
function getFullResponseTable($iSurveyID, $iResponseID, $sLanguageCode, $bHonorConditions = false)
{
$aFieldMap = createFieldMap($iSurveyID, 'full', false, false, $sLanguageCode);
$oLanguage = new Limesurvey_lang($sLanguageCode);
//Get response data
$idrow = Survey_dynamic::model($iSurveyID)->findByAttributes(array('id' => $iResponseID));
// Create array of non-null values - those are the relevant ones
$aRelevantFields = array();
foreach ($aFieldMap as $sKey => $fname) {
if (!is_null($idrow[$fname['fieldname']])) {
$aRelevantFields[$sKey] = $fname;
}
}
$aResultTable = array();
$oldgid = 0;
$oldqid = 0;
foreach ($aRelevantFields as $sKey => $fname) {
if (!empty($fname['qid'])) {
$attributes = getQuestionAttributeValues($fname['qid']);
if (getQuestionAttributeValue($attributes, 'hidden') == 1) {
continue;
}
}
$question = $fname['question'];
$subquestion = '';
if (isset($fname['gid']) && !empty($fname['gid'])) {
//Check to see if gid is the same as before. if not show group name
if ($oldgid !== $fname['gid']) {
$oldgid = $fname['gid'];
$aResultTable['gid_' . $fname['gid']] = array($fname['group_name']);
}
}
if (!empty($fname['qid'])) {
if ($oldqid !== $fname['qid']) {
$oldqid = $fname['qid'];
if (isset($fname['subquestion']) || isset($fname['subquestion1']) || isset($fname['subquestion2'])) {
$aResultTable['qid_' . $fname['sid'] . 'X' . $fname['gid'] . 'X' . $fname['qid']] = array($fname['question'], '', '');
} else {
$answer = getExtendedAnswer($iSurveyID, $fname['fieldname'], $idrow[$fname['fieldname']], $oLanguage);
$aResultTable[$fname['fieldname']] = array($question, '', $answer);
continue;
}
}
} else {
$answer = getExtendedAnswer($iSurveyID, $fname['fieldname'], $idrow[$fname['fieldname']], $oLanguage);
$aResultTable[$fname['fieldname']] = array($question, '', $answer);
continue;
}
if (isset($fname['subquestion'])) {
$subquestion = "{$fname['subquestion']}";
}
if (isset($fname['subquestion1'])) {
$subquestion = "{$fname['subquestion1']}";
}
if (isset($fname['subquestion2'])) {
$subquestion .= "[{$fname['subquestion2']}]";
}
$answer = getExtendedAnswer($iSurveyID, $fname['fieldname'], $idrow[$fname['fieldname']], $oLanguage);
$aResultTable[$fname['fieldname']] = array('', $subquestion, $answer);
}
return $aResultTable;
}
/**
* Returns surveys in json format
*
* @access public
* @return void
*/
public function getSurveys_json()
{
$this->getController()->loadHelper('surveytranslator');
$clang = $this->getController()->lang;
$dateformatdetails = getDateFormatData(Yii::app()->session['dateformat']);
$surveys = Survey::model();
//!!! Is this even possible to execute?
if (empty(Yii::app()->session['USER_RIGHT_SUPERADMIN'])) {
$surveys->permission(Yii::app()->user->getId());
}
$surveys = $surveys->with(array('languagesettings' => array('condition' => 'surveyls_language=language'), 'owner'))->findAll();
$aSurveyEntries = new stdClass();
$aSurveyEntries->page = 1;
foreach ($surveys as $rows) {
if (!isset($rows->owner->attributes)) {
$aOwner = array('users_name' => $clang->gT('(None)'));
} else {
$aOwner = $rows->owner->attributes;
}
$rows = array_merge($rows->attributes, $rows->languagesettings[0]->attributes, $aOwner);
$aSurveyEntry = array();
// Set status
if ($rows['active'] == "Y" && $rows['expires'] != '' && $rows['expires'] < dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust'))) {
$aSurveyEntry[] = '<!--a--><img src="' . Yii::app()->getConfig('adminimageurl') . 'expired.png" alt="' . $clang->gT("This survey is active but expired.") . '" />';
} elseif ($rows['active'] == "Y" && $rows['startdate'] != '' && $rows['startdate'] > dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust'))) {
$aSurveyEntry[] = '<!--b--><img src="' . Yii::app()->getConfig('adminimageurl') . 'notyetstarted.png" alt="' . $clang->gT("This survey is active but has a start date.") . '" />';
} elseif ($rows['active'] == "Y") {
if (hasSurveyPermission($rows['sid'], 'surveyactivation', 'update')) {
$aSurveyEntry[] = '<!--c--><a href="' . $this->getController()->createUrl('admin/survey/sa/deactivate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . 'active.png" alt="' . $clang->gT("This survey is active - click here to stop this survey.") . '"/></a>';
} else {
$aSurveyEntry[] = '<!--d--><img src="' . Yii::app()->getConfig('adminimageurl') . 'active.png" alt="' . $clang->gT("This survey is currently active.") . '" />';
}
} else {
$condition = "sid={$rows['sid']} AND language='" . $rows['language'] . "'";
$questionsCountResult = Questions::model()->count($condition);
if ($questionsCountResult > 0 && hasSurveyPermission($rows['sid'], 'surveyactivation', 'update')) {
$aSurveyEntry[] = '<!--e--><a href="' . $this->getController()->createUrl('admin/survey/sa/activate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . 'inactive.png" title="" alt="' . $clang->gT("This survey is currently not active - click here to activate this survey.") . '" /></a>';
} else {
$aSurveyEntry[] = '<!--f--><img src="' . Yii::app()->getConfig('adminimageurl') . 'inactive.png" title="' . $clang->gT("This survey is currently not active.") . '" alt="' . $clang->gT("This survey is currently not active.") . '" />';
}
}
//Set SID
$aSurveyEntry[] = $rows['sid'];
'<a href="' . $this->getController()->createUrl("/admin/survey/sa/view/surveyid/" . $rows['sid']) . '">' . $rows['sid'] . '</a>';
//Set Title
$aSurveyEntry[] = '<!--' . $rows['surveyls_title'] . '--><a href="' . $this->getController()->createUrl("/admin/survey/sa/view/surveyid/" . $rows['sid']) . '" title="' . $rows['surveyls_title'] . '">' . $rows['surveyls_title'] . '</a>';
//Set Date
Yii::import('application.libraries.Date_Time_Converter', true);
$datetimeobj = new Date_Time_Converter($rows['datecreated'], "Y-m-d H:i:s");
$aSurveyEntry[] = '<!--' . $rows['datecreated'] . '-->' . $datetimeobj->convert($dateformatdetails['phpdate']);
//Set Owner
if (Yii::app()->session['USER_RIGHT_SUPERADMIN'] || Yii::app()->session['loginID'] == $rows['owner_id']) {
$aSurveyEntry[] = $rows['users_name'] . ' (<a class="ownername_edit" translate_to="' . $clang->gT('Edit') . '" id="ownername_edit_' . $rows['sid'] . '">' . $clang->gT('Edit') . '</a>)';
} else {
$aSurveyEntry[] = $rows['users_name'];
}
//Set Access
if (tableExists('tokens_' . $rows['sid'])) {
$aSurveyEntry[] = $clang->gT("Closed");
} else {
$aSurveyEntry[] = $clang->gT("Open");
}
//Set Anonymous
if ($rows['anonymized'] == "Y") {
$aSurveyEntry[] = $clang->gT("Yes");
} else {
$aSurveyEntry[] = $clang->gT("No");
}
//Set Responses
if ($rows['active'] == "Y") {
$cntResult = Survey_dynamic::countAllAndPartial($rows['sid']);
$all = $cntResult['cntall'];
$partial = $cntResult['cntpartial'];
$aSurveyEntry[] = $all - $partial;
$aSurveyEntry[] = $partial;
$aSurveyEntry[] = $all;
$aSurveyEntry['viewurl'] = $this->getController()->createUrl("/admin/survey/sa/view/surveyid/" . $rows['sid']);
if (tableExists('tokens_' . $rows['sid'])) {
$cntResult = Tokens_dynamic::countAllAndCompleted($rows['sid']);
$tokens = $cntResult['cntall'];
$tokenscompleted = $cntResult['cntcompleted'];
$aSurveyEntry[] = $tokens;
$aSurveyEntry[] = $tokens == 0 ? 0 : round($tokenscompleted / $tokens * 100, 1);
} else {
$aSurveyEntry[] = $aSurveyEntry[] = '';
}
} else {
$aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = '';
}
$aSurveyEntries->rows[] = array('id' => $rows['sid'], 'cell' => $aSurveyEntry);
}
echo ls_json_encode($aSurveyEntries);
}
function action()
{
global $surveyid;
global $thissurvey, $thisstep;
global $clienttoken, $tokensexist, $token;
global $clang;
$clang = Yii::app()->lang;
@ini_set('session.gc_maxlifetime', Yii::app()->getConfig('iSessionExpirationTime'));
$this->_loadRequiredHelpersAndLibraries();
$param = $this->_getParameters(func_get_args(), $_POST);
$surveyid = $param['sid'];
Yii::app()->setConfig('surveyID', $surveyid);
$thisstep = $param['thisstep'];
$move = $param['move'];
$clienttoken = $param['token'];
$standardtemplaterootdir = Yii::app()->getConfig('standardtemplaterootdir');
// unused vars in this method (used in methods using compacted method vars)
@($loadname = $param['loadname']);
@($loadpass = $param['loadpass']);
$sitename = Yii::app()->getConfig('sitename');
if (isset($param['newtest']) && $param['newtest'] == "Y") {
killSurveySession($surveyid);
}
list($surveyExists, $isSurveyActive) = $this->_surveyExistsAndIsActive($surveyid);
// collect all data in this method to pass on later
$redata = compact(array_keys(get_defined_vars()));
$clang = $this->_loadLimesurveyLang($surveyid);
if ($this->_isClientTokenDifferentFromSessionToken($clienttoken, $surveyid)) {
$asMessage = array($clang->gT('Token mismatch'), $clang->gT('The token you provided doesn\'t match the one in your session.'), $clang->gT('Please wait to begin with a new session.'));
$this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage);
}
if ($this->_isSurveyFinished($surveyid)) {
$asMessage = array($clang->gT('Previous session is set to be finished.'), $clang->gT('Your browser reports that it was used previously to answer this survey. We are resetting the session so that you can start from the beginning.'), $clang->gT('Please wait to begin with a new session.'));
$this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage);
}
if ($this->_isPreviewAction($param) && !$this->_canUserPreviewSurvey($surveyid)) {
$asMessage = array($clang->gT('Error'), $clang->gT('We are sorry but you don\'t have permissions to do this.'));
$this->_niceExit($redata, __LINE__, null, $asMessage);
}
if ($this->_surveyCantBeViewedWithCurrentPreviewAccess($surveyid, $isSurveyActive, $surveyExists)) {
$bPreviewRight = $this->_userHasPreviewAccessSession($surveyid);
if ($bPreviewRight === false) {
$asMessage = array($clang->gT("Error"), $clang->gT("We are sorry but you don't have permissions to do this."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail']));
$this->_niceExit($redata, __LINE__, null, $asMessage);
}
}
// TODO can this be moved to the top?
// (Used to be global, used in ExpressionManager, merged into amVars. If not filled in === '')
// can this be added in the first computation of $redata?
if (isset($_SESSION['survey_' . $surveyid]['srid'])) {
$saved_id = $_SESSION['survey_' . $surveyid]['srid'];
}
// recompute $redata since $saved_id used to be a global
$redata = compact(array_keys(get_defined_vars()));
/*if ( $this->_didSessionTimeOut() )
{
// @TODO is this still required ?
$asMessage = array(
$clang->gT("Error"),
$clang->gT("We are sorry but your session has expired."),
$clang->gT("Either you have been inactive for too long, you have cookies disabled for your browser, or there were problems with your connection."),
sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail'])
);
$this->_niceExit($redata, __LINE__, null, $asMessage);
};*/
// Set the language of the survey, either from POST, GET parameter of session var
if (!empty($_REQUEST['lang'])) {
$sTempLanguage = sanitize_languagecode($_REQUEST['lang']);
} elseif (!empty($param['lang'])) {
$sTempLanguage = sanitize_languagecode($param['lang']);
} elseif (isset($_SESSION['survey_' . $surveyid]['s_lang'])) {
$sTempLanguage = $_SESSION['survey_' . $surveyid]['s_lang'];
} else {
$sTempLanguage = '';
}
//CHECK FOR REQUIRED INFORMATION (sid)
if ($surveyid && $surveyExists) {
LimeExpressionManager::SetSurveyId($surveyid);
// must be called early - it clears internal cache if a new survey is being used
$clang = SetSurveyLanguage($surveyid, $sTempLanguage);
UpdateSessionGroupList($surveyid, $sTempLanguage);
// to refresh the language strings in the group list session variable
UpdateFieldArray();
// to refresh question titles and question text
} else {
if (!is_null($param['lang'])) {
$sDisplayLanguage = $param['lang'];
} else {
$sDisplayLanguage = Yii::app()->getConfig('defaultlang');
}
$clang = $this->_loadLimesurveyLang($sDisplayLanguage);
$languagechanger = makeLanguageChanger($sDisplayLanguage);
//Find out if there are any publicly available surveys
$query = "SELECT sid, surveyls_title, publicstatistics, language\n FROM {{surveys}}\n INNER JOIN {{surveys_languagesettings}}\n ON ( surveyls_survey_id = sid )\n AND (surveyls_language=language)\n WHERE\n active='Y'\n AND listpublic='Y'\n AND ((expires >= '" . date("Y-m-d H:i") . "') OR (expires is null))\n AND ((startdate <= '" . date("Y-m-d H:i") . "') OR (startdate is null))\n ORDER BY surveyls_title";
$result = dbExecuteAssoc($query, false, true) or safeDie("Could not connect to database. If you try to install LimeSurvey please refer to the <a href='http://docs.limesurvey.org'>installation docs</a> and/or contact the system administrator of this webpage.");
//Checked
$list = array();
foreach ($result->readAll() as $rows) {
$querylang = "SELECT surveyls_title\n FROM {{surveys_languagesettings}}\n WHERE surveyls_survey_id={$rows['sid']}\n AND surveyls_language='{$sDisplayLanguage}'";
$resultlang = Yii::app()->db->createCommand($querylang)->queryRow();
if ($resultlang['surveyls_title']) {
$rows['surveyls_title'] = $resultlang['surveyls_title'];
$langtag = "";
} else {
$langtag = "lang=\"{$rows['language']}\"";
}
$link = "<li><a href='" . $this->getController()->createUrl('/survey/index/sid/' . $rows['sid']);
if (isset($param['lang']) && $langtag == "") {
$link .= "/lang-" . sanitize_languagecode($param['lang']);
}
$link .= "' {$langtag} class='surveytitle'>" . $rows['surveyls_title'] . "</a>\n";
if ($rows['publicstatistics'] == 'Y') {
$link .= "<a href='" . $this->getController()->createUrl("/statistics_user/action/surveyid/" . $rows['sid']) . "/language/" . $sDisplayLanguage . "'>(" . $clang->gT('View statistics') . ")</a>";
}
$link .= "</li>\n";
$list[] = $link;
}
//Check for inactive surveys which allow public registration.
// TODO add a new template replace {SURVEYREGISTERLIST} ?
$squery = "SELECT sid, surveyls_title, publicstatistics, language\n FROM {{surveys}}\n INNER JOIN {{surveys_languagesettings}}\n ON (surveyls_survey_id = sid)\n AND (surveyls_language=language)\n WHERE allowregister='Y'\n AND active='Y'\n AND listpublic='Y'\n AND ((expires >= '" . date("Y-m-d H:i") . "') OR (expires is null))\n AND (startdate >= '" . date("Y-m-d H:i") . "')\n ORDER BY surveyls_title";
$sresult = dbExecuteAssoc($squery) or safeDie("Couldn't execute {$squery}");
$aRows = $sresult->readAll();
if (count($aRows) > 0) {
$list[] = "</ul>" . " <div class=\"survey-list-heading\">" . $clang->gT("Following survey(s) are not yet active but you can register for them.") . "</div>" . " <ul>";
// TODO give it to template
foreach ($aRows as $rows) {
$querylang = "SELECT surveyls_title\n FROM {{surveys_languagesettings}}\n WHERE surveyls_survey_id={$rows['sid']}\n AND surveyls_language='{$sDisplayLanguage}'";
$resultlang = Yii::app()->db->createCommand($querylang)->queryRow();
if ($resultlang['surveyls_title']) {
$rows['surveyls_title'] = $resultlang['surveyls_title'];
$langtag = "";
} else {
$langtag = "lang=\"{$rows['language']}\"";
}
$link = "<li><a href=\"#\" id='inactivesurvey' onclick = 'sendreq(" . $rows['sid'] . ");' ";
//$link = "<li><a href=\"#\" id='inactivesurvey' onclick = 'convertGETtoPOST(".$this->getController()->createUrl('survey/send/')."?sid={$rows['sid']}&)sendreq(".$rows['sid'].",".$rows['startdate'].",".$rows['expires'].");' ";
$link .= " {$langtag} class='surveytitle'>" . $rows['surveyls_title'] . "</a>\n";
$link .= "</li><div id='regform'></div>\n";
$list[] = $link;
}
}
if (count($list) < 1) {
$list[] = "<li class='surveytitle'>" . $clang->gT("No available surveys") . "</li>";
}
if (!$surveyid) {
$thissurvey['name'] = Yii::app()->getConfig("sitename");
$nosid = $clang->gT("You have not provided a survey identification number");
} else {
$thissurvey['name'] = $clang->gT("The survey identification number is invalid");
$nosid = $clang->gT("The survey identification number is invalid");
}
$surveylist = array("nosid" => $nosid, "contact" => sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), Yii::app()->getConfig("siteadminname"), encodeEmail(Yii::app()->getConfig("siteadminemail"))), "listheading" => $clang->gT("The following surveys are available:"), "list" => implode("\n", $list));
$data['thissurvey'] = $thissurvey;
//$data['privacy'] = $privacy;
$data['surveylist'] = $surveylist;
$data['surveyid'] = $surveyid;
$data['templatedir'] = getTemplatePath(Yii::app()->getConfig("defaulttemplate"));
$data['templateurl'] = getTemplateURL(Yii::app()->getConfig("defaulttemplate")) . "/";
$data['templatename'] = Yii::app()->getConfig("defaulttemplate");
$data['sitename'] = Yii::app()->getConfig("sitename");
$data['languagechanger'] = $languagechanger;
//A nice exit
sendCacheHeaders();
doHeader();
$this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/startpage.pstpl", $data, __LINE__);
$this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/surveylist.pstpl", $data, __LINE__);
echo '<script type="text/javascript" >
function sendreq(surveyid)
{
$.ajax({
type: "GET",
url: "' . $this->getController()->createUrl("/register/ajaxregisterform/surveyid") . '/" + surveyid,
}).done(function(msg) {
document.getElementById("regform").innerHTML = msg;
});
}
</script>';
$this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/endpage.pstpl", $data, __LINE__);
doFooter();
exit;
}
// Get token
if (!isset($token)) {
$token = $clienttoken;
}
//GET BASIC INFORMATION ABOUT THIS SURVEY
$thissurvey = getSurveyInfo($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']);
//SEE IF SURVEY USES TOKENS
if ($surveyExists == 1 && tableExists('{{tokens_' . $thissurvey['sid'] . '}}')) {
$tokensexist = 1;
} else {
$tokensexist = 0;
unset($_POST['token']);
unset($param['token']);
unset($token);
unset($clienttoken);
}
//SET THE TEMPLATE DIRECTORY
$thistpl = getTemplatePath($thissurvey['templatedir']);
$timeadjust = Yii::app()->getConfig("timeadjust");
//MAKE SURE SURVEY HASN'T EXPIRED
if ($thissurvey['expiry'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) > $thissurvey['expiry'] && $thissurvey['active'] != 'N') {
$redata = compact(array_keys(get_defined_vars()));
$asMessage = array($clang->gT("Error"), $clang->gT("This survey is no longer available."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail']));
$this->_niceExit($redata, __LINE__, $thistpl, $asMessage);
}
//MAKE SURE SURVEY IS ALREADY VALID
if ($thissurvey['startdate'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) < $thissurvey['startdate'] && $thissurvey['active'] != 'N') {
$redata = compact(array_keys(get_defined_vars()));
$asMessage = array($clang->gT("Error"), $clang->gT("This survey is not yet started."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail']));
$this->_niceExit($redata, __LINE__, $thistpl, $asMessage);
}
//CHECK FOR PREVIOUSLY COMPLETED COOKIE
//If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE"
$sCookieName = "LS_" . $surveyid . "_STATUS";
if (isset($_COOKIE[$sCookieName]) && $_COOKIE[$sCookieName] == "COMPLETE" && $thissurvey['usecookie'] == "Y" && $tokensexist != 1 && (!isset($param['newtest']) || $param['newtest'] != "Y")) {
$redata = compact(array_keys(get_defined_vars()));
$asMessage = array($clang->gT("Error"), $clang->gT("You have already completed this survey."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail']));
$this->_niceExit($redata, __LINE__, $thistpl, $asMessage);
}
if (isset($_GET['loadall']) && $_GET['loadall'] == "reload") {
if (returnGlobal('loadname') && returnGlobal('loadpass')) {
$_POST['loadall'] = "reload";
}
}
//LOAD SAVED SURVEY
if (isset($_POST['loadall']) && $_POST['loadall'] == "reload") {
$errormsg = "";
if (!isset($param['loadname']) || $param['loadname'] == null) {
$errormsg .= $clang->gT("You did not provide a name") . "<br />\n";
}
if (!isset($param['loadpass']) || $param['loadpass'] == null) {
$errormsg .= $clang->gT("You did not provide a password") . "<br />\n";
}
// if security question answer is incorrect
// Not called if scid is set in GET params (when using email save/reload reminder URL)
if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) {
if ((!isset($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || $_POST['loadsecurity'] != $_SESSION['survey_' . $surveyid]['secanswer']) && !isset($_GET['scid'])) {
$errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n";
}
}
// Load session before loading the values from the saved data
if (isset($_GET['loadall'])) {
buildsurveysession($surveyid);
}
$_SESSION['survey_' . $surveyid]['holdname'] = $param['loadname'];
//Session variable used to load answers every page.
$_SESSION['survey_' . $surveyid]['holdpass'] = $param['loadpass'];
//Session variable used to load answers every page.
if ($errormsg == "") {
loadanswers();
}
$move = "movenext";
if ($errormsg) {
$_POST['loadall'] = $clang->gT("Load unfinished survey");
}
}
//Allow loading of saved survey
if (isset($_POST['loadall']) && $_POST['loadall'] == $clang->gT("Load unfinished survey")) {
$redata = compact(array_keys(get_defined_vars()));
Yii::import("application.libraries.Load_answers");
$tmp = new Load_answers();
$tmp->run($redata);
}
//Check if TOKEN is used for EVERY PAGE
//This function fixes a bug where users able to submit two surveys/votes
//by checking that the token has not been used at each page displayed.
// bypass only this check at first page (Step=0) because
// this check is done in buildsurveysession and error message
// could be more interresting there (takes into accound captcha if used)
if ($tokensexist == 1 && isset($token) && $token && isset($_SESSION['survey_' . $surveyid]['step']) && $_SESSION['survey_' . $surveyid]['step'] > 0 && tableExists("tokens_{$surveyid}}}")) {
//check if tokens actually haven't been already used
$areTokensUsed = usedTokens(trim(strip_tags(returnGlobal('token'))), $surveyid);
// check if token actually does exist
// check also if it is allowed to change survey after completion
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$sQuery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "'";
} else {
$sQuery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "' AND (completed = 'N' or completed='')";
}
$aRow = Yii::app()->db->createCommand($sQuery)->queryRow();
$tokendata = $aRow;
if (!$aRow || $areTokensUsed && $thissurvey['alloweditaftercompletion'] != 'Y') {
sendCacheHeaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
$redata = compact(array_keys(get_defined_vars()));
$this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__);
$this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__);
$asMessage = array(null, $clang->gT("This is a controlled survey. You need a valid token to participate."), sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)"));
$this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true);
}
}
if ($tokensexist == 1 && isset($token) && $token && tableExists("{{tokens_" . $surveyid . "}}")) {
// check also if it is allowed to change survey after completion
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$tkquery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "'";
} else {
$tkquery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "' AND (completed = 'N' or completed='')";
}
$tkresult = dbExecuteAssoc($tkquery);
//Checked
$tokendata = $tkresult->read();
if (isset($tokendata['validfrom']) && (trim($tokendata['validfrom']) != '' && $tokendata['validfrom'] > dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust)) || isset($tokendata['validuntil']) && (trim($tokendata['validuntil']) != '' && $tokendata['validuntil'] < dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust))) {
sendCacheHeaders();
doHeader();
//TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT
$redata = compact(array_keys(get_defined_vars()));
$this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__);
$this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__);
$asMessage = array(null, $clang->gT("We are sorry but you are not allowed to enter this survey."), $clang->gT("Your token seems to be valid but can be used only during a certain time period."), sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)"));
$this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true);
}
}
//Clear session and remove the incomplete response if requested.
if (isset($move) && $move == "clearall") {
// delete the response but only if not already completed
$s_lang = $_SESSION['survey_' . $surveyid]['s_lang'];
if (isset($_SESSION['survey_' . $surveyid]['srid']) && !Survey_dynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $surveyid]['srid'])) {
// delete the response but only if not already completed
$result = dbExecuteAssoc('DELETE FROM {{survey_' . $surveyid . '}} WHERE id=' . $_SESSION['survey_' . $surveyid]['srid'] . " AND submitdate IS NULL");
if ($result->count() > 0) {
// Using count() here *should* be okay for MSSQL because it is a delete statement
// find out if there are any fuqt questions - checked
$fieldmap = createFieldMap($surveyid, 'short', false, false, $s_lang);
foreach ($fieldmap as $field) {
if ($field['type'] == "|" && !strpos($field['fieldname'], "_filecount")) {
if (!isset($qid)) {
$qid = array();
}
$qid[] = $field['fieldname'];
}
}
// if yes, extract the response json to those questions
if (isset($qid)) {
$query = "SELECT * FROM {{survey_" . $surveyid . "}} WHERE id=" . $_SESSION['survey_' . $surveyid]['srid'];
$result = dbExecuteAssoc($query);
foreach ($result->readAll() as $row) {
foreach ($qid as $question) {
$json = $row[$question];
if ($json == "" || $json == NULL) {
continue;
}
// decode them
$phparray = json_decode($json);
foreach ($phparray as $metadata) {
$target = Yii::app()->getConfig("uploaddir") . "/surveys/" . $surveyid . "/files/";
// delete those files
unlink($target . $metadata->filename);
}
}
}
}
// done deleting uploaded files
}
// also delete a record from saved_control when there is one
dbExecuteAssoc('DELETE FROM {{saved_control}} WHERE srid=' . $_SESSION['survey_' . $surveyid]['srid'] . ' AND sid=' . $surveyid);
}
killSurveySession($surveyid);
sendCacheHeaders();
doHeader();
$redata = compact(array_keys(get_defined_vars()));
$this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__);
echo "\n\n<!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->\n" . "\t<script type='text/javascript'>\n" . "\t<!--\n" . "function checkconditions(value, name, type, evt_type)\n" . "\t{\n" . "\t}\n" . "\t//-->\n" . "\t</script>\n\n";
//Present the clear all page using clearall.pstpl template
$this->_printTemplateContent($thistpl . '/clearall.pstpl', $redata, __LINE__);
$this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__);
doFooter();
exit;
}
//Check to see if a refering URL has been captured.
if (!isset($_SESSION['survey_' . $surveyid]['refurl'])) {
$_SESSION['survey_' . $surveyid]['refurl'] = GetReferringUrl();
// do not overwrite refurl
}
// Let's do this only if
// - a saved answer record hasn't been loaded through the saved feature
// - the survey is not anonymous
// - the survey is active
// - a token information has been provided
// - the survey is setup to allow token-response-persistence
if (!isset($_SESSION['survey_' . $surveyid]['srid']) && $thissurvey['anonymized'] == "N" && $thissurvey['active'] == "Y" && isset($token) && $token != '') {
// load previous answers if any (dataentry with nosubmit)
$sQuery = "SELECT id,submitdate,lastpage FROM {$thissurvey['tablename']} WHERE {$thissurvey['tablename']}.token='{$token}' order by id desc";
$aRow = Yii::app()->db->createCommand($sQuery)->queryRow();
if ($aRow) {
if ($aRow['submitdate'] == '' && $thissurvey['tokenanswerspersistence'] == 'Y' || $aRow['submitdate'] != '' && $thissurvey['alloweditaftercompletion'] == 'Y') {
$_SESSION['survey_' . $surveyid]['srid'] = $aRow['id'];
if (!is_null($aRow['lastpage']) && $aRow['submitdate'] == '') {
$_SESSION['survey_' . $surveyid]['LEMtokenResume'] = true;
$_SESSION['survey_' . $surveyid]['step'] = $aRow['lastpage'];
}
}
buildsurveysession($surveyid);
loadanswers();
}
}
// // SAVE POSTED ANSWERS TO DATABASE IF MOVE (NEXT,PREV,LAST, or SUBMIT) or RETURNING FROM SAVE FORM
// if (isset($move) || isset($_POST['saveprompt']))
// {
// $redata = compact(array_keys(get_defined_vars()));
// //save.php
// Yii::import("application.libraries.Save");
// $tmp = new Save();
// $tmp->run($redata);
//
// // RELOAD THE ANSWERS INCASE SOMEONE ELSE CHANGED THEM
// if ($thissurvey['active'] == "Y" &&
// ( $thissurvey['allowsave'] == "Y" || $thissurvey['tokenanswerspersistence'] == "Y") )
// {
// loadanswers();
// }
// }
if (isset($param['action']) && $param['action'] == 'previewgroup') {
$thissurvey['format'] = 'G';
buildsurveysession($surveyid, true);
}
if (isset($param['action']) && $param['action'] == 'previewquestion') {
$thissurvey['format'] = 'S';
buildsurveysession($surveyid, true);
}
sendCacheHeaders();
//Send local variables to the appropriate survey type
unset($redata);
$redata = compact(array_keys(get_defined_vars()));
Yii::import('application.helpers.SurveyRuntimeHelper');
$tmp = new SurveyRuntimeHelper();
$tmp->run($surveyid, $redata);
if (isset($_POST['saveall']) || isset($flashmessage)) {
echo "<script type='text/javascript'> \$(document).ready( function() { alert('" . $clang->gT("Your responses were successfully saved.", "js") . "');}) </script>";
}
}
function listcolumn($surveyid, $column, $sortby = "", $sortmethod = "", $sorttype = "")
{
$search['condition'] = $column . " != ''";
if ($sql != "") {
$search['condition'] .= " AND ({$sql})";
}
if ($sorttype == 'N') {
$sortby = "({$sortby} * 1)";
}
//Converts text sorting into numerical sorting
if ($sortby != "") {
$search['order'] = $sortby . ' ' . $sortmethod;
}
$results = Survey_dynamic::model($surveyid)->findAll($search);
foreach ($results as $row) {
$output[] = array("id" => $row['id'], "value" => $row[$column]);
}
$aData['surveyid'] = $surveyid;
$aData['data'] = $output;
$aData['column'] = $column;
$aData['sortby'] = $sortby;
$aData['sortmethod'] = $sortmethod;
$aData['sorttype'] = $sorttype;
$this->getController()->render('export/statistics_browse_view', $aData);
}
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false)
{
// TODO - now that using $this->updatedValues, may be able to remove local copies of it (unless needed by other sub-systems)
$updatedValues = $this->updatedValues;
$message = '';
$_SESSION[$this->sessid]['datestamp'] = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
if ($this->surveyOptions['active'] && !isset($_SESSION[$this->sessid]['srid'])) {
// Create initial insert row for this record
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
$sdata = array("startlanguage" => $this->surveyOptions['startlanguage']);
if ($this->surveyOptions['anonymized'] == false) {
$sdata = array_merge($sdata, array("token" => $this->surveyOptions['token']));
}
if ($this->surveyOptions['datestamp'] == true) {
$sdata = array_merge($sdata, array("datestamp" => $this->surveyOptions['datestamp'] ? $_SESSION[$this->sessid]['datestamp'] : NULL, "startdate" => $this->surveyOptions['datestamp'] ? $_SESSION[$this->sessid]['datestamp'] : date("Y-m-d H:i:s", 0)));
}
if ($this->surveyOptions['ipaddr'] == true) {
$sdata = array_merge($sdata, array("ipaddr" => getIPAddress()));
}
if ($this->surveyOptions['refurl'] == true) {
$sdata = array_merge($sdata, array("refurl" => $this->surveyOptions['refurl'] ? getenv("HTTP_REFERER") : NULL));
}
$sdata = array_filter($sdata);
Survey_dynamic::sid($this->sid);
$oSurvey = new Survey_dynamic();
$iNewID = $oSurvey->insertRecords($sdata);
if ($iNewID) {
$srid = $iNewID;
$_SESSION[$this->sessid]['srid'] = $iNewID;
} else {
$message .= $this->gT("Unable to insert record into survey table");
// TODO - add SQL error?
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
Survey_timings::sid($this->sid);
$oSurveyTimings = new Survey_timings();
$tdata = array('id' => $srid, 'interviewtime' => 0);
switchMSSQLIdentityInsert("survey_{$this->sid}_timings", true);
$iNewID = $oSurveyTimings->insertRecords($tdata);
switchMSSQLIdentityInsert("survey_{$this->sid}_timings", false);
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . ' SET ';
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = dbQuoteID('lastpage') . "=" . dbQuoteAll($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION[$this->sessid]['datestamp'])) {
$setter[] = dbQuoteID('datestamp') . "=" . dbQuoteAll($_SESSION[$this->sessid]['datestamp']);
}
if ($this->surveyOptions['ipaddr']) {
$setter[] = dbQuoteID('ipaddr') . "=" . dbQuoteAll(getIPAddress());
}
foreach ($updatedValues as $key => $value) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case '|':
//File upload
// This block can be removed once we require 5.3 or later
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$val = addslashes($val);
}
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = dbQuoteID($key) . "=NULL";
} else {
$setter[] = dbQuoteID($key) . "=" . dbQuoteAll($val);
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION[$this->sessid]['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION[$this->sessid]['srid'];
if (!dbExecuteAssoc($query)) {
echo submitfailed('');
// TODO - report SQL error?
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $this->gT('Error in SQL update');
// TODO - add SQL error?
}
} elseif ($this->surveyOptions['savetimings']) {
Yii::import("application.libraries.Save");
$cSave = new Save();
$cSave->set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM {{saved_control}} where srid=" . $_SESSION[$this->sessid]['srid'] . ' and sid=' . $this->sid;
Yii::app()->db->createCommand($query)->execute();
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br />' . $query;
}
} else {
if ($this->surveyOptions['allowsave'] && isset($_SESSION[$this->sessid]['scid'])) {
Saved_control::model()->updateByPk($_SESSION[$this->sessid]['scid'], array('saved_thisstep' => $thisstep));
}
}
// Check Quotas
$bQuotaMatched = false;
$aQuotas = checkQuota('return', $this->sid);
if ($aQuotas !== false) {
if ($aQuotas != false) {
foreach ($aQuotas as $aQuota) {
if (isset($aQuota['status']) && $aQuota['status'] == 'matched') {
$bQuotaMatched = true;
}
}
}
}
if ($bQuotaMatched) {
checkQuota('enforce', $this->sid);
// will create a page and quit.
} else {
if ($finished) {
$sQuery = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
if ($this->surveyOptions['datestamp']) {
// Replace with date("Y-m-d H:i:s") ? See timeadjust
$sQuery .= dbQuoteID('submitdate') . "=" . dbQuoteAll($_SESSION[$this->sessid]['datestamp']);
} else {
$sQuery .= dbQuoteID('submitdate') . "=" . dbQuoteAll(date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980)));
}
$sQuery .= " WHERE ID=" . $_SESSION[$this->sessid]['srid'];
dbExecuteAssoc($sQuery);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
/**
* RPC Routine to add a response to the survey responses collection.
* Returns the id of the inserted survey response
*
* @access public
* @param string $sSessionKey Auth credentials
* @param int $iSurveyID Id of the Survey to insert responses
* @param struct $aResponseData The actual response
* @return int The response ID
*/
public function add_response($sSessionKey, $iSurveyID, $aResponseData)
{
if (!$this->_checkSessionKey($sSessionKey)) {
return array('status' => 'Invalid session key');
}
$oSurvey = Survey::model()->findByPk($iSurveyID);
if (is_null($oSurvey)) {
return array('status' => 'Error: Invalid survey ID');
}
if (hasSurveyPermission($iSurveyID, 'responses', 'create')) {
if (!Yii::app()->db->schema->getTable('{{survey_' . $iSurveyID . '}}')) {
return array('status' => 'No survey response table');
}
//set required values if not set
// @todo: Some of this is part of the validation and should be done in the model instead
if (!isset($aResponseData['submitdate'])) {
$aResponseData['submitdate'] = date("Y-m-d H:i:s");
}
if (!isset($aResponseData['startlanguage'])) {
$aResponseData['startlanguage'] = getBaseLanguageFromSurveyID($iSurveyID);
}
if ($oSurvey->datestamp == 'Y') {
if (!isset($aResponseData['datestamp'])) {
$aResponseData['datestamp'] = date("Y-m-d H:i:s");
}
if (!isset($aResponseData['startdate'])) {
$aResponseData['startdate'] = date("Y-m-d H:i:s");
}
}
Survey_dynamic::sid($iSurveyID);
$survey_dynamic = new Survey_dynamic();
$result = $survey_dynamic->insert($aResponseData);
if ($result) {
return $survey_dynamic->primaryKey;
} else {
return array('status' => 'Unable to add response');
}
} else {
return array('status' => 'No permission');
}
}
function XMLImportResponses($sFullFilepath, $iSurveyID, $aFieldReMap = array())
{
Yii::app()->loadHelper('database');
$clang = Yii::app()->lang;
switchMSSQLIdentityInsert('survey_' . $iSurveyID, false);
$results['responses'] = 0;
$oXMLReader = new XMLReader();
$oXMLReader->open($sFullFilepath);
$DestinationFields = Yii::app()->db->schema->getTable('{{survey_' . $iSurveyID . '}}')->getColumnNames();
while ($oXMLReader->read()) {
if ($oXMLReader->name === 'LimeSurveyDocType' && $oXMLReader->nodeType == XMLReader::ELEMENT) {
$oXMLReader->read();
if ($oXMLReader->value != 'Responses') {
$results['error'] = $clang->gT("This is not a valid response data XML file.");
return $results;
}
}
if ($oXMLReader->name === 'rows' && $oXMLReader->nodeType == XMLReader::ELEMENT) {
while ($oXMLReader->read()) {
if ($oXMLReader->name === 'row' && $oXMLReader->nodeType == XMLReader::ELEMENT) {
$aInsertData = array();
while ($oXMLReader->read() && $oXMLReader->name != 'row') {
$sFieldname = $oXMLReader->name;
if ($sFieldname[0] == '_') {
$sFieldname = substr($sFieldname, 1);
}
$sFieldname = str_replace('-', '#', $sFieldname);
if (isset($aFieldReMap[$sFieldname])) {
$sFieldname = $aFieldReMap[$sFieldname];
}
if (!$oXMLReader->isEmptyElement) {
$oXMLReader->read();
if (in_array($sFieldname, $DestinationFields)) {
// some old response tables contain invalid column names due to old bugs
$aInsertData[$sFieldname] = $oXMLReader->value;
}
$oXMLReader->read();
} else {
if (in_array($sFieldname, $DestinationFields)) {
$aInsertData[$sFieldname] = '';
}
}
}
$result = Survey_dynamic::model($iSurveyID)->insertRecords($aInsertData) or safeDie($clang->gT("Error") . ": Failed to insert data<br />");
$results['responses']++;
}
}
}
}
switchMSSQLIdentityInsert('survey_' . $iSurveyID, false);
return $results;
}
/**
* Make sure all active tables have the right sized token field
*
* During a small period in the 2.0 cycle some survey tables got no
* token field or a token field that was too small. This patch makes
* sure all surveys that are not anonymous have a token field with the
* right size
*
* @return void
*/
function upgradeSurveyTables164()
{
$surveyidquery = "SELECT sid FROM {{surveys}} WHERE active='Y' and anonymized='N'";
$surveyidresult = Yii::app()->db->createCommand($surveyidquery)->queryAll();
if (!$surveyidresult) {
return "Database Error";
} else {
foreach ($surveyidresult as $sv) {
$token = Survey_dynamic::model($sv['sid'])->getTableSchema()->getColumn('token');
if (is_null($token)) {
addColumn('{{survey_' . $sv['sid'] . '}}', 'token', 'varchar(36)');
} elseif ($token->size < 36) {
alterColumn('{{survey_' . $sv['sid'] . '}}', 'token', 'varchar(36)');
}
}
}
}
function savedcontrol()
{
//This data will be saved to the "saved_control" table with one row per response.
// - a unique "saved_id" value (autoincremented)
// - the "sid" for this survey
// - the "srid" for the survey_x row id
// - "saved_thisstep" which is the step the user is up to in this survey
// - "saved_ip" which is the ip address of the submitter
// - "saved_date" which is the date ofthe saved response
// - an "identifier" which is like a username
// - a "password"
// - "fieldname" which is the fieldname of the saved response
// - "value" which is the value of the response
//We start by generating the first 5 values which are consistent for all rows.
global $surveyid, $thissurvey, $errormsg, $publicurl, $sitename, $timeadjust, $clang, $clienttoken, $thisstep;
//Check that the required fields have been completed.
$errormsg = '';
if (empty($_POST['savename'])) {
$errormsg .= $clang->gT("You must supply a name for this saved session.") . "<br />\n";
}
if (empty($_POST['savepass'])) {
$errormsg .= $clang->gT("You must supply a password for this saved session.") . "<br />\n";
}
if (empty($_POST['savepass']) || empty($_POST['savepass2']) || $_POST['savepass'] != $_POST['savepass2']) {
$errormsg .= $clang->gT("Your passwords do not match.") . "<br />\n";
}
// if security question asnwer is incorrect
if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) {
if (empty($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || $_POST['loadsecurity'] != $_SESSION['survey_' . $surveyid]['secanswer']) {
$errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n";
}
}
if (!empty($errormsg)) {
return;
}
$duplicate = Saved_control::model()->findByAttributes(array('sid' => $surveyid, 'identifier' => $_POST['savename']));
if (!empty($duplicate) && $duplicate->count() > 0) {
$errormsg .= $clang->gT("This name has already been used for this survey. You must use a unique save name.") . "<br />\n";
return;
} else {
//INSERT BLANK RECORD INTO "survey_x" if one doesn't already exist
if (!isset($_SESSION['survey_' . $surveyid]['srid'])) {
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
$sdata = array("datestamp" => $today, "ipaddr" => getIPAddress(), "startlanguage" => $_SESSION['survey_' . $surveyid]['s_lang'], "refurl" => getenv("HTTP_REFERER"));
if (Survey_dynamic::model($thissurvey['sid'])->insert($sdata)) {
$srid = getLastInsertID('{{survey_' . $surveyid . '}}');
$_SESSION['survey_' . $surveyid]['srid'] = $srid;
} else {
safeDie("Unable to insert record into survey table.<br /><br />");
}
}
//CREATE ENTRY INTO "saved_control"
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
$saved_control = new Saved_control();
$saved_control->sid = $surveyid;
$saved_control->srid = $_SESSION['survey_' . $surveyid]['srid'];
$saved_control->identifier = $_POST['savename'];
// Binding does escape, so no quoting/escaping necessary
$saved_control->access_code = md5($_POST['savepass']);
$saved_control->email = $_POST['saveemail'];
$saved_control->ip = getIPAddress();
$saved_control->saved_thisstep = $thisstep;
$saved_control->status = 'S';
$saved_control->saved_date = $today;
$saved_control->refurl = getenv('HTTP_REFERER');
if ($saved_control->save()) {
$scid = getLastInsertID('{{saved_control}}');
$_SESSION['survey_' . $surveyid]['scid'] = $scid;
} else {
safeDie("Unable to insert record into saved_control table.<br /><br />");
}
$_SESSION['survey_' . $surveyid]['holdname'] = $_POST['savename'];
//Session variable used to load answers every page. Unsafe - so it has to be taken care of on output
$_SESSION['survey_' . $surveyid]['holdpass'] = $_POST['savepass'];
//Session variable used to load answers every page. Unsafe - so it has to be taken care of on output
//Email if needed
if (isset($_POST['saveemail']) && validateEmailAddress($_POST['saveemail'])) {
$subject = $clang->gT("Saved Survey Details") . " - " . $thissurvey['name'];
$message = $clang->gT("Thank you for saving your survey in progress. The following details can be used to return to this survey and continue where you left off. Please keep this e-mail for your reference - we cannot retrieve the password for you.");
$message .= "\n\n" . $thissurvey['name'] . "\n\n";
$message .= $clang->gT("Name") . ": " . $_POST['savename'] . "\n";
$message .= $clang->gT("Password") . ": " . $_POST['savepass'] . "\n\n";
$message .= $clang->gT("Reload your survey by clicking on the following link (or pasting it into your browser):") . "\n";
$message .= Yii::app()->getController()->createAbsoluteUrl("/survey/index/sid/{$surveyid}/loadall/reload/scid/{$scid}/loadname/" . urlencode($_POST['savename']) . "/loadpass/" . urlencode($_POST['savepass']) . "/lang/" . urlencode($clang->langcode));
if ($clienttoken) {
$message .= "/token/{$clienttoken}";
}
$from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>";
if (SendEmailMessage($message, $subject, $_POST['saveemail'], $from, $sitename, false, getBounceEmail($surveyid))) {
$emailsent = "Y";
} else {
$errormsg .= $clang->gT('Error: Email failed, this may indicate a PHP Mail Setup problem on the server. Your survey details have still been saved, however you will not get an email with the details. You should note the "name" and "password" you just used for future reference.');
if (trim($thissurvey['adminemail']) == '') {
$errormsg .= $clang->gT('(Reason: Admin email address empty)');
}
}
}
return $clang->gT('Your survey was successfully saved.');
}
}
/**
* Supply an array with the responseIds and all files will be added to the zip
* and it will be be spit out on success
*
* @param array $responseIds
* @param string $zipfilename
* @param string $language
* @return ZipArchive
*/
private function _zipFiles($iSurveyID, $responseIds, $zipfilename, $language)
{
Yii::app()->loadLibrary('admin/pclzip/pclzip');
$tmpdir = Yii::app()->getConfig('uploaddir') . DIRECTORY_SEPARATOR . "surveys" . DIRECTORY_SEPARATOR . $iSurveyID . DIRECTORY_SEPARATOR . "files" . DIRECTORY_SEPARATOR;
$filelist = array();
$fieldmap = createFieldMap($iSurveyID, 'full', false, false, $language);
foreach ($fieldmap as $field) {
if ($field['type'] == "|" && $field['aid'] !== 'filecount') {
$filequestion[] = $field['fieldname'];
}
}
foreach ((array) $responseIds as $responseId) {
$responseId = (int) $responseId;
// sanitize the value
$filearray = Survey_dynamic::model($iSurveyID)->findAllByAttributes(array('id' => $responseId)) or die('Could not download response');
$metadata = array();
$filecount = 0;
foreach ($filearray as $metadata) {
foreach ($metadata as $aData) {
$phparray = json_decode_ls($aData);
if (is_array($phparray)) {
foreach ($phparray as $file) {
$filecount++;
$file['responseid'] = $responseId;
$file['name'] = rawurldecode($file['name']);
$file['index'] = $filecount;
/*
* Now add the file to the archive, prefix files with responseid_index to keep them
* unique. This way we can have 234_1_image1.gif, 234_2_image1.gif as it could be
* files from a different source with the same name.
*/
$filelist[] = array(PCLZIP_ATT_FILE_NAME => $tmpdir . $file['filename'], PCLZIP_ATT_FILE_NEW_FULL_NAME => sprintf("%05s_%02s_%s", $file['responseid'], $file['index'], $file['name']));
}
}
}
}
}
if (count($filelist) > 0) {
// TODO: to extend the yii app function loadLibrary to meet the app requirements
$zip = new PclZip($tmpdir . $zipfilename);
if ($zip->create($filelist) === 0) {
//Oops something has gone wrong!
}
if (file_exists($tmpdir . '/' . $zipfilename)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($zipfilename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($tmpdir . "/" . $zipfilename));
ob_clean();
flush();
readfile($tmpdir . '/' . $zipfilename);
unlink($tmpdir . '/' . $zipfilename);
exit;
}
}
}
function getSearch_json($iSurveyId)
{
$clang = $this->getController()->lang;
// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
$bTokenExists = tableExists('{{tokens_' . $iSurveyId . '}}');
if (!$bTokenExists) {
self::_newtokentable($iSurveyId);
}
$prow = Survey::model()->findByPk($iSurveyId)->getAttributes();
//Get survey settings
$page = Yii::app()->request->getPost('page') != "" ? Yii::app()->request->getPost('page') : 1;
$limit = Yii::app()->request->getPost('rows') != "" ? Yii::app()->request->getPost('rows') : 25;
$fields = array('tid', 'firstname', 'lastname', 'email', 'emailstatus', 'token', 'language', 'sent', 'sentreminder', 'remindercount', 'completed', 'usesleft', 'validfrom', 'validuntil');
$searchcondition = Yii::app()->request->getQuery('search');
$searchcondition = urldecode($searchcondition);
$finalcondition = array();
$condition = explode("||", $searchcondition);
$aData = new stdClass();
if (count($condition) == 3) {
$records = Tokens_dynamic::model($iSurveyId)->getSearch($condition, $page, $limit);
$aData->records = count(Tokens_dynamic::model($iSurveyId)->getSearch($condition, 0, 0));
} else {
$records = Tokens_dynamic::model($iSurveyId)->getSearchMultiple($condition, $page, $limit);
$aData->records = count(Tokens_dynamic::model($iSurveyId)->getSearchMultiple($condition, 0, 0));
}
$aData->page = $page;
$aData->total = ceil($aData->records / $limit);
$i = 0;
foreach ($records as $row => $value) {
$action = "";
if ($value['token'] != "" && ($value['completed'] == "N" || $value['completed'] == "")) {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'do_16.png" title="' . $clang->gT("Do survey") . '" alt="' . $clang->gT("Do survey") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("survey/index/sid/{$iSurveyId}/token/{$value['token']}") . '", "_blank")\'>';
} elseif ($value['completed'] != "N" && $value['completed'] != "" && $prow['anonymized'] == "N") {
//Get the survey response id of the matching entry
$id = Survey_dynamic::model($iSurveyId)->findAllByAttributes(array('token' => $value['token']));
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_viewanswer.png" title="' . $clang->gT("View response details") . '" alt="' . $clang->gT("View response details") . '" onClick=\'window.open("' . Yii::app()->getController()->createUrl("admin/responses/view/surveyid/{$iSurveyId}/id/{$id[0]['id']}") . '", "_top")\'>';
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_delete.png" title="' . $clang->gT("Delete token entry") . '" alt="' . $clang->gT("Delete token entry") . '" onclick=\'if (confirm("' . $clang->gT("Are you sure you want to delete this entry?") . ' (' . $value['tid'] . ')")) {$("#displaytokens").delRowData(' . $value['tid'] . ');$.post(delUrl,{tid:' . $value['tid'] . '});}\'>';
if (strtolower($value['emailstatus']) == 'ok') {
if ($value['completed'] == 'N' && $value['usesleft'] > 0) {
if ($value['sent'] == 'N') {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_invite.png" name="sendinvitations" id="sendinvitations" title="' . $clang->gT("Send invitation email to this person (if they have not yet been sent an invitation email)") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("admin/tokens/email/surveyid/{$iSurveyId}/tokenids/" . $value['tid']) . '", "_blank")\' />';
} else {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_remind.png" name="sendreminders" id="sendreminders" title="' . $clang->gT("Send reminder email to this person (if they have already received the invitation email)") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("admin/tokens/email/action/remind/surveyid/{$iSurveyId}/tokenids/" . $value['tid']) . '", "_blank")\' />';
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
}
$action .= '<input style="float: left; height: 16; width: 16px; font-size: 8; font-family: verdana" type="image" src="' . Yii::app()->getConfig('adminimageurl') . 'edit_16.png" class="token_edit" title="' . $clang->gT("Edit token entry") . '" alt="' . $clang->gT("Edit token entry") . '">';
if (!empty($value['participant_id']) && $value['participant_id'] != "") {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'cpdb_16.png" name="viewparticipant" id="viewparticipant" title="' . $clang->gT("View this person in the central participants database") . '" alt="' . $clang->gT("View this person in the central participants database") . '" onClick=\'window.open("' . Yii::app()->getController()->createUrl("admin/participants/displayParticipants/searchurl/participant_id||equal||" . $value['participant_id']) . '", "_top")\'>';
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$sortablearray[$i] = array($value['tid'], $action, $value['firstname'], $value['lastname'], $value['email'], $value['emailstatus'], $value['token'], $value['language'], $value['sent'], $value['remindersent'], $value['remindercount'], $value['completed'], $value['usesleft'], $value['validfrom'], $value['validuntil']);
$i++;
}
function subval_sort($a, $subkey, $order)
{
foreach ($a as $k => $v) {
$b[$k] = strtolower($v[$subkey]);
}
if ($order == "asc") {
asort($b, SORT_REGULAR);
} else {
arsort($b, SORT_REGULAR);
}
foreach ($b as $key => $val) {
$c[] = $a[$key];
}
return $c;
}
if (!empty($sortablearray)) {
$indexsort = array_search(Yii::app()->request->getPost('sidx'), $fields);
$sortedarray = subval_sort($sortablearray, $indexsort, Yii::app()->request->getPost('sord'));
$i = 0;
$count = count($sortedarray[0]);
foreach ($sortedarray as $key => $value) {
$aData->rows[$i]['id'] = $value[0];
$aData->rows[$i]['cell'] = array();
for ($j = 0; $j < $count; $j++) {
array_push($aData->rows[$i]['cell'], $value[$j]);
}
$i++;
}
}
echo ls_json_encode($aData);
}
/**
* Return data to populate a Google Map
* @param string$sField Field name
* @param $qsid Survey id
* @return array
*/
function getQuestionMapData($sField, $qsid)
{
Survey_dynamic::sid($qsid);
$aresult = Survey_dynamic::model()->findAll();
$d = array();
//loop through question data
foreach ($aresult as $arow) {
$alocation = explode(";", $arow->{$sField});
if (count($alocation) >= 2) {
$d[] = "{$alocation[0]} {$alocation[1]}";
}
}
return $d;
}
/**
* Returns a simple list of values in a particular column, that meet the requirements of the SQL
*/
function _listcolumn($surveyid, $column, $sortby = "", $sortmethod = "", $sorttype = "")
{
$search['condition'] = Yii::app()->db->quoteColumnName($column) . " != ''";
$sDBDriverName = Yii::app()->db->getDriverName();
if ($sDBDriverName == 'sqlsrv' || $sDBDriverName == 'mssql') {
$search['condition'] = "CAST(" . Yii::app()->db->quoteColumnName($column) . " as varchar) != ''";
}
//Look for any selects/filters set in the original statistics query, and apply them to the column listing
if (isset(Yii::app()->session['statistics_selects_' . $surveyid]) && is_array(Yii::app()->session['statistics_selects_' . $surveyid])) {
foreach (Yii::app()->session['statistics_selects_' . $surveyid] as $sql) {
$search['condition'] .= " AND {$sql}";
}
}
if ($sortby != '') {
if ($sDBDriverName == 'sqlsrv' || $sDBDriverName == 'mssql') {
$sortby = "CAST(" . Yii::app()->db->quoteColumnName($sortby) . " as varchar)";
} else {
$sortby = Yii::app()->db->quoteColumnName($sortby);
}
if ($sorttype == 'N') {
$sortby = "({$sortby} * 1)";
}
//Converts text sorting into numerical sorting
$search['order'] = $sortby . ' ' . $sortmethod;
}
$results = Survey_dynamic::model($surveyid)->findAll($search);
$output = array();
foreach ($results as $row) {
$output[] = array("id" => $row['id'], "value" => $row[$column]);
}
return $output;
}
/**
* This function sends the shared participant info to the share panel using JSON encoding
* This function is called after the share panel grid is loaded
* This function returns the json depending on the user logged in by checking it from the session
* @param it takes the session user data loginID
* @return JSON encoded string containg sharing information
*/
function getTokens_json($iSurveyId, $search = null)
{
// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
$bTokenExists = tableExists('{{tokens_' . $iSurveyId . '}}');
if (!$bTokenExists) {
$clang->eT("No token table.");
// return json ? error not treated in js.
return;
}
$clang = $this->getController()->lang;
if (!hasSurveyPermission($iSurveyId, 'tokens', 'read')) {
$clang->eT("We are sorry but you don't have permissions to do this.");
// return json ? error not treated in js.
return;
}
$page = Yii::app()->request->getPost('page', 1);
$sidx = Yii::app()->request->getPost('sidx', 'lastname');
$sord = Yii::app()->request->getPost('sord', 'asc');
$limit = Yii::app()->request->getPost('rows', 25);
$aData = new stdClass();
$aData->page = $page;
if (!empty($search)) {
$condition = Tokens_dynamic::model($iSurveyId)->getSearchMultipleCondition($search);
} else {
$condition = new CDbCriteria();
}
$condition->order = $sidx . " " . $sord;
$condition->offset = ($page - 1) * $limit;
$condition->limit = $limit;
$tokens = Tokens_dynamic::model($iSurveyId)->findAll($condition);
$condition->offset = 0;
$condition->limit = 0;
$aData->records = Tokens_dynamic::model($iSurveyId)->count($condition);
if ($limit > $aData->records) {
$limit = $aData->records;
}
if ($limit != 0) {
$aData->total = ceil($aData->records / $limit);
} else {
$aData->total = 0;
}
Yii::app()->loadHelper("surveytranslator");
$format = getDateFormatData(Yii::app()->session['dateformat']);
$aSurveyInfo = Survey::model()->findByPk($iSurveyId)->getAttributes();
//Get survey settings
$attributes = getAttributeFieldNames($iSurveyId);
// Now find all responses for the visible tokens
$visibleTokens = array();
$answeredTokens = array();
if ($aSurveyInfo['anonymized'] == "N" && $aSurveyInfo['active'] == "Y") {
foreach ($tokens as $token) {
if (isset($token['token']) && $token['token']) {
$visibleTokens[] = $token['token'];
}
}
$answers = Survey_dynamic::model($iSurveyId)->findAllByAttributes(array('token' => $visibleTokens));
foreach ($answers as $answer) {
$answeredTokens[$answer['token']] = $answer['token'];
}
}
foreach ($tokens as $token) {
$aRowToAdd = array();
if ((int) $token['validfrom']) {
$token['validfrom'] = date($format['phpdate'] . ' H:i', strtotime(trim($token['validfrom'])));
} else {
$token['validfrom'] = '';
}
if ((int) $token['validuntil']) {
$token['validuntil'] = date($format['phpdate'] . ' H:i', strtotime(trim($token['validuntil'])));
} else {
$token['validuntil'] = '';
}
$aRowToAdd['id'] = $token['tid'];
$action = "";
$action .= "<div class='inputbuttons'>";
// so we can hide this when edit is clicked
// Check is we have an answer
if (in_array($token['token'], $answeredTokens) && hasSurveyPermission($iSurveyId, 'responses', 'read')) {
// @@TODO change link
$url = $this->getController()->createUrl("admin/responses/sa/browse/surveyid/{$iSurveyId}", array('token' => $token['token']));
$title = $clang->gT("View response details");
$action .= CHtml::link(CHtml::image(Yii::app()->getConfig('adminimageurl') . 'token_viewanswer.png', $title, array('title' => $title)), $url, array('class' => 'imagelink'));
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
// Check if the token can be taken
if ($token['token'] != "" && ($token['completed'] == "N" || $token['completed'] == "") && hasSurveyPermission($iSurveyId, 'responses', 'create')) {
$action .= viewHelper::getImageLink('do_16.png', "survey/index/sid/{$iSurveyId}/token/{$token['token']}/newtest/Y", $clang->gT("Do survey"), '_blank');
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
if (hasSurveyPermission($iSurveyId, 'tokens', 'delete')) {
$attribs = array('onclick' => 'if (confirm("' . $clang->gT("Are you sure you want to delete this entry?") . ' (' . $token['tid'] . ')")) {$("#displaytokens").delRowData(' . $token['tid'] . ');$.post(delUrl,{tid:' . $token['tid'] . '});}');
$action .= viewHelper::getImageLink('token_delete.png', null, $clang->gT("Delete token entry"), null, 'imagelink btnDelete', $attribs);
}
if (strtolower($token['emailstatus']) == 'ok' && hasSurveyPermission($iSurveyId, 'tokens', 'update')) {
if ($token['completed'] == 'N' && $token['usesleft'] > 0) {
if ($token['sent'] == 'N') {
$action .= viewHelper::getImageLink('token_invite.png', "admin/tokens/sa/email/surveyid/{$iSurveyId}/tokenids/" . $token['tid'], $clang->gT("Send invitation email to this person (if they have not yet been sent an invitation email)"), "_blank");
} else {
$action .= viewHelper::getImageLink('token_remind.png', "admin/tokens/sa/email/action/remind/surveyid/{$iSurveyId}/tokenids/" . $token['tid'], $clang->gT("Send reminder email to this person (if they have already received the invitation email)"), "_blank");
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
if (hasSurveyPermission($iSurveyId, 'tokens', 'update')) {
$action .= viewHelper::getImageLink('edit_16.png', null, $clang->gT("Edit token entry"), null, 'imagelink token_edit');
}
if (!empty($token['participant_id']) && $token['participant_id'] != "" && hasGlobalPermission('USER_RIGHT_PARTICIPANT_PANEL')) {
$action .= viewHelper::getImageLink('cpdb_16.png', "admin/participants/sa/displayParticipants/searchurl/participant_id||equal||" . $token['participant_id'], $clang->gT("View this person in the central participants database"), '_top');
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$action .= '</div>';
$aRowToAdd['cell'] = array($token['tid'], $action, $token['firstname'], $token['lastname'], $token['email'], $token['emailstatus'], $token['token'], $token['language'], $token['sent'], $token['remindersent'], $token['remindercount'], $token['completed'], $token['usesleft'], $token['validfrom'], $token['validuntil']);
foreach ($attributes as $attribute) {
$aRowToAdd['cell'][] = $token[$attribute];
}
$aData->rows[] = $aRowToAdd;
}
echo ls_json_encode($aData);
}
/**
* Loads results for the survey into the $survey->responses array. The
* results begin from $minRecord and end with $maxRecord. Either none,
* or both, the $minRecord and $maxRecord variables must be provided.
* If none are then all responses are loaded.
*
* @param Survey $survey
* @param int $iOffset
* @param int $iLimit
*/
public function loadSurveyResults(SurveyObj $survey, $iLimit, $iOffset, $iMaximum, $sFilter = '')
{
// Get info about the survey
$oRecordSet = Yii::app()->db->createCommand()->select()->from('{{survey_' . $survey->id . '}}');
if (tableExists('tokens_' . $survey->id) && array_key_exists('token', Survey_dynamic::model($survey->id)->attributes)) {
$oRecordSet->leftJoin('{{tokens_' . $survey->id . '}}', '{{tokens_' . $survey->id . '}}.token={{survey_' . $survey->id . '}}.token');
}
if ($survey->info['savetimings'] == "Y") {
$oRecordSet->leftJoin("{{survey_" . $survey->id . "_timings}} survey_timings", "{{survey_" . $survey->id . "}}.id = survey_timings.id");
}
if ($sFilter != '') {
$oRecordSet->where($sFilter);
}
if ($iOffset + $iLimit > $iMaximum) {
$iLimit = $iMaximum - $iOffset;
}
$survey->responses = $oRecordSet->order('{{survey_' . $survey->id . '}}.id')->limit($iLimit, $iOffset)->query()->readAll();
return count($survey->responses);
}
/**
* Loads results for the survey into the $survey->responses array. The
* results begin from $minRecord and end with $maxRecord. Either none,
* or both, the $minRecord and $maxRecord variables must be provided.
* If none are then all responses are loaded.
*
* @param Survey $survey
* @param int $iOffset
* @param int $iLimit
*/
public function loadSurveyResults(SurveyObj $survey, $iLimit, $iOffset, $iMaximum, $sFilter = '')
{
// Get info about the survey
$aSelectFields = Yii::app()->db->schema->getTable('{{survey_' . $survey->id . '}}')->getColumnNames();
$oRecordSet = Yii::app()->db->createCommand()->from('{{survey_' . $survey->id . '}}');
if (tableExists('tokens_' . $survey->id) && array_key_exists('token', Survey_dynamic::model($survey->id)->attributes) && hasSurveyPermission($survey->id, 'tokens', 'read')) {
$oRecordSet->leftJoin('{{tokens_' . $survey->id . '}} tokentable', 'tokentable.token={{survey_' . $survey->id . '}}.token');
$aTokenFields = Yii::app()->db->schema->getTable('{{tokens_' . $survey->id . '}}')->getColumnNames();
$aSelectFields = array_merge($aSelectFields, array_diff($aTokenFields, array('token')));
$aSelectFields = array_diff($aSelectFields, array('token'));
$aSelectFields[] = '{{survey_' . $survey->id . '}}.token';
}
if ($survey->info['savetimings'] == "Y") {
$oRecordSet->leftJoin("{{survey_" . $survey->id . "_timings}} survey_timings", "{{survey_" . $survey->id . "}}.id = survey_timings.id");
$aTimingFields = Yii::app()->db->schema->getTable("{{survey_" . $survey->id . "_timings}}")->getColumnNames();
$aSelectFields = array_merge($aSelectFields, array_diff($aTimingFields, array('id')));
$aSelectFields = array_diff($aSelectFields, array('id'));
$aSelectFields[] = '{{survey_' . $survey->id . '}}.id';
}
if ($sFilter != '') {
$oRecordSet->where($sFilter);
}
if ($iOffset + $iLimit > $iMaximum) {
$iLimit = $iMaximum - $iOffset;
}
$survey->responses = $oRecordSet->select($aSelectFields)->order('{{survey_' . $survey->id . '}}.id')->limit($iLimit, $iOffset)->query()->readAll();
return count($survey->responses);
}
/**
* Deletes some records from survey's table
* according to specific condition
*
* @static
* @access public
* @param array $condition
* @return int
*/
public static function deleteSomeRecords($condition = FALSE)
{
$survey = new Survey_dynamic();
$criteria = new CDbCriteria();
if ($condition != FALSE) {
foreach ($condition as $column => $value) {
return $criteria->addCondition($column . "=`" . $value . "`");
}
}
return $survey->deleteAll($criteria);
}
/**
* RPC Routine to export responses.
* Returns the requested file as base64 encoded string
*
* @access public
* @param string $sSessionKey Auth credentials
* @param int $iSurveyID Id of the Survey
* @param string $sDocumentType pdf,csv,xls,doc
* @param string $sLanguageCode The language to be used
* @param string $sCompletionStatus Optional 'complete','incomplete' or 'all' - defaults to 'all'
* @param string $sHeadingType 'code','full' or 'abbreviated' Optional defaults to 'code'
* @param string $sResponseType 'short' or 'long' Optional defaults to 'short'
* @param integer $iFromResponseID Optional
* @param integer $iToResponseID Optional
* @param array $aFields Optional Selected fields
* @return array|string On success: Requested file as base 64-encoded string. On failure array with error information
* */
public function export_responses($sSessionKey, $iSurveyID, $sDocumentType, $sLanguageCode = null, $sCompletionStatus = 'all', $sHeadingType = 'code', $sResponseType = 'short', $iFromResponseID = null, $iToResponseID = null, $aFields = null)
{
if (!$this->_checkSessionKey($sSessionKey)) {
return array('status' => 'Invalid session key');
}
Yii::app()->loadHelper('admin/exportresults');
if (!hasSurveyPermission($iSurveyID, 'responses', 'export')) {
return array('status' => 'No permission');
}
if (is_null($sLanguageCode)) {
$sLanguageCode = getBaseLanguageFromSurveyID($iSurveyID);
}
if (is_null($aFields)) {
$aFields = array_keys(createFieldMap($iSurveyID, 'full', true, false, $sLanguageCode));
}
if ($sDocumentType == 'xls') {
// Cut down to the first 255 fields
$aFields = array_slice($aFields, 0, 255);
}
$oFomattingOptions = new FormattingOptions();
$oFomattingOptions->responseMinRecord = $iFromResponseID;
if ($iToResponseID != null) {
$oFomattingOptions->responseMaxRecord = $iToResponseID;
} else {
$oFomattingOptions->responseMaxRecord = Survey_dynamic::model($iSurveyID)->count();
}
$oFomattingOptions->selectedColumns = $aFields;
$oFomattingOptions->responseCompletionState = $sCompletionStatus;
$oFomattingOptions->headingFormat = $sHeadingType;
$oFomattingOptions->answerFormat = $sResponseType;
$oFomattingOptions->output = 'file';
$oExport = new ExportSurveyResultsService();
$sTempFile = $oExport->exportSurvey($iSurveyID, $sLanguageCode, $sDocumentType, $oFomattingOptions, '');
$sFileData = file_get_contents($sTempFile);
unlink($sTempFile);
return base64_encode($sFileData);
}
/**
* This function replaces keywords in a text and is mainly intended for templates
* If you use this functions put your replacement strings into the $replacements variable
* instead of using global variables
* NOTE - Don't do any embedded replacements in this function. Create the array of replacement values and
* they will be done in batch at the end
*
* @param mixed $line Text to search in
* @param mixed $replacements Array of replacements: Array( <stringtosearch>=><stringtoreplacewith>
* @param boolean $anonymized Determines if token data is being used or just replaced with blanks
* @param questionNum - needed to support dynamic JavaScript-based tailoring within questions
* @return string Text with replaced strings
*/
function templatereplace($line, $replacements = array(), &$redata = array(), $debugSrc = 'Unspecified', $anonymized = false, $questionNum = NULL, $registerdata = array())
{
/*
global $clienttoken,$token,$sitename,$move,$showxquestions,$showqnumcode,$questioncode,$register_errormsg;
global $s_lang,$errormsg,$saved_id, $relativeurl, $languagechanger,$captchapath,$loadname;
*/
/*
$allowedvars = array('surveylist', 'sitename', 'clienttoken', 'rooturl', 'thissurvey', 'imageurl', 'defaulttemplate',
'percentcomplete', 'move', 'groupname', 'groupdescription', 'question', 'showxquestions',
'showgroupinfo', 'showqnumcode', 'questioncode', 'answer', 'navigator', 'help', 'totalquestions',
'surveyformat', 'completed', 'register_errormsg', 'notanswered', 'privacy', 'surveyid', 'publicurl',
'templatedir', 'token', 'assessments', 's_lang', 'errormsg', 'clang', 'saved_id', 'usertemplaterootdir',
'relativeurl', 'languagechanger', 'printoutput', 'captchapath', 'loadname');
*/
$allowedvars = array('answer', 'assessments', 'captchapath', 'clienttoken', 'completed', 'errormsg', 'groupdescription', 'groupname', 'help', 'imageurl', 'languagechanger', 'loadname', 'move', 'navigator', 'percentcomplete', 'privacy', 'question', 'register_errormsg', 'relativeurl', 's_lang', 'saved_id', 'showgroupinfo', 'showqnumcode', 'showxquestions', 'sitename', 'surveylist', 'templatedir', 'thissurvey', 'token', 'totalBoilerplatequestions', 'totalquestions');
$varsPassed = array();
foreach ($allowedvars as $var) {
if (isset($redata[$var])) {
${$var} = $redata[$var];
$varsPassed[] = $var;
}
}
// if (count($varsPassed) > 0) {
// log_message('debug', 'templatereplace() called from ' . $debugSrc . ' contains: ' . implode(', ', $varsPassed));
// }
// if (isset($redata['question'])) {
// LimeExpressionManager::ShowStackTrace('has QID and/or SGA',$allowedvars);
// }
// extract($redata); // creates variables for each of the keys in the array
// Local over-rides in case not set above
if (!isset($showgroupinfo)) {
$showgroupinfo = Yii::app()->getConfig('showgroupinfo');
}
if (!isset($showqnumcode)) {
$showqnumcode = Yii::app()->getConfig('showqnumcode');
}
$_surveyid = Yii::app()->getConfig('surveyID');
if (!isset($showxquestions)) {
$showxquestions = Yii::app()->getConfig('showxquestions');
}
if (!isset($s_lang)) {
$s_lang = isset(Yii::app()->session['survey_' . $_surveyid]['s_lang']) ? Yii::app()->session['survey_' . $_surveyid]['s_lang'] : 'en';
}
if (!isset($captchapath)) {
$captchapath = '';
}
$clang = Yii::app()->lang;
Yii::app()->loadHelper('surveytranslator');
$questiondetails = array('sid' => 0, 'gid' => 0, 'qid' => 0, 'aid' => 0);
if (isset($question) && isset($question['sgq'])) {
$questiondetails = getSIDGIDQIDAIDType($question['sgq']);
}
//Gets an array containing SID, GID, QID, AID and Question Type)
if (isset($thissurvey['sid'])) {
$surveyid = $thissurvey['sid'];
}
// lets sanitize the survey template
if (isset($thissurvey['templatedir'])) {
$templatename = $thissurvey['templatedir'];
} else {
$templatename = Yii::app()->getConfig('defaulttemplate');
}
if (!isset($templatedir)) {
$templatedir = getTemplatePath($templatename);
}
if (!isset($templateurl)) {
$templateurl = getTemplateURL($templatename) . "/";
}
// TEMPLATECSS and TEMPLATEJS
$_templatecss = "";
$_templatejs = "";
if (stripos($line, "{TEMPLATECSS}")) {
$css_header_includes = Yii::app()->getConfig("css_header_includes");
if (file_exists($templatedir . DIRECTORY_SEPARATOR . 'jquery-ui-custom.css')) {
$template_jqueryui_css = "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}jquery-ui-custom.css' />\n";
} elseif (file_exists($templatedir . DIRECTORY_SEPARATOR . 'jquery-ui.css')) {
$template_jqueryui_css = "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}jquery-ui.css' />\n";
} else {
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . Yii::app()->getConfig('publicstyleurl') . "jquery-ui.css' />\n";
// Remove it after corrected slider
$template_jqueryui_css = "";
}
if ($css_header_includes) {
foreach ($css_header_includes as $cssinclude) {
if (substr($cssinclude, 0, 4) == 'http' || substr($cssinclude, 0, strlen(Yii::app()->getConfig('publicurl'))) == Yii::app()->getConfig('publicurl')) {
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . $cssinclude . "' />\n";
} else {
if (file_exists($templatedir . DIRECTORY_SEPARATOR . $cssinclude)) {
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}{$cssinclude}' />\n";
} else {
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . Yii::app()->getConfig('publicstyleurl') . $cssinclude . "' />\n";
}
}
}
}
$_templatecss .= $template_jqueryui_css;
// Template jquery ui after default css
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}template.css' />\n";
if (getLanguageRTL($clang->langcode)) {
$_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}template-rtl.css' />\n";
}
}
if (stripos($line, "{TEMPLATEJS}")) {
$js_header_includes = header_includes(false, 'js');
$_jqueryuijsurl = Yii::app()->getConfig('generalscripts') . "jquery/jquery-ui.js";
$_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "jquery/jquery.js'></script>\n";
$_templatejs .= "<script type='text/javascript' src='{$_jqueryuijsurl}'></script>\n";
$_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "jquery/jquery.ui.touch-punch.min.js'></script>\n";
if ($js_header_includes) {
foreach ($js_header_includes as $jsinclude) {
if (substr($jsinclude, 0, 4) == 'http' || substr($jsinclude, 0, strlen(Yii::app()->getConfig('publicurl'))) == Yii::app()->getConfig('publicurl')) {
$_templatejs .= "<script type='text/javascript' src='{$jsinclude}'></script>\n";
} else {
$_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . $jsinclude . "'></script>\n";
}
}
}
$_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "survey_runtime.js'></script>\n";
$_templatejs .= "<script type='text/javascript' src='{$templateurl}template.js'></script>\n";
$_templatejs .= useFirebug();
}
// surveyformat
if (isset($thissurvey['format'])) {
$surveyformat = str_replace(array("A", "S", "G"), array("allinone", "questionbyquestion", "groupbygroup"), $thissurvey['format']);
} else {
$surveyformat = "";
}
if (isset(Yii::app()->session['step']) && Yii::app()->session['step'] % 2 && $surveyformat != "allinone") {
$surveyformat .= " page-odd";
}
if (isset($thissurvey['allowjumps']) && $thissurvey['allowjumps'] == "Y" && $surveyformat != "allinone" && (isset(Yii::app()->session['step']) && Yii::app()->session['step'] > 0)) {
$surveyformat .= " withindex";
}
if (isset($thissurvey['showprogress']) && $thissurvey['showprogress'] == "Y") {
$surveyformat .= " showprogress";
}
if (isset($thissurvey['showqnumcode'])) {
$surveyformat .= " showqnumcode-" . $thissurvey['showqnumcode'];
}
// real survey contact
if (isset($surveylist) && isset($surveylist['contact'])) {
$surveycontact = $surveylist['contact'];
} elseif (isset($surveylist) && isset($thissurvey['admin']) && $thissurvey['admin'] != "") {
$surveycontact = sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['admin'], $thissurvey['adminemail']);
} else {
$surveycontact = "";
}
// If there are non-bracketed replacements to be made do so above this line.
// Only continue in this routine if there are bracketed items to replace {}
if (strpos($line, "{") === false) {
// process string anyway so that it can be pretty-printed
return LimeExpressionManager::ProcessString($line, $questionNum, NULL, false, 1, 1, true);
}
if ($showgroupinfo == 'both' || $showgroupinfo == 'name' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'N') {
$_groupname = isset($groupname) ? $groupname : '';
} else {
$_groupname = '';
}
if ($showgroupinfo == 'both' || $showgroupinfo == 'description' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'D') {
$_groupdescription = isset($groupdescription) ? $groupdescription : '';
} else {
$_groupdescription = '';
}
if (isset($question) && is_array($question)) {
$_question = $question['all'];
$_question_text = $question['text'];
$_question_help = $question['help'];
$_question_mandatory = $question['mandatory'];
$_question_man_message = $question['man_message'];
$_question_valid_message = $question['valid_message'];
$_question_file_valid_message = $question['file_valid_message'];
$_question_sgq = isset($question['sgq']) ? $question['sgq'] : '';
$_question_essentials = $question['essentials'];
$_getQuestionClass = $question['class'];
$_question_man_class = $question['man_class'];
$_question_input_error_class = $question['input_error_class'];
$_question_number = $question['number'];
$_question_code = $question['code'];
$_question_type = $question['type'];
} else {
$_question = isset($question) ? $question : '';
$_question_text = '';
$_question_help = '';
$_question_mandatory = '';
$_question_man_message = '';
$_question_valid_message = '';
$_question_file_valid_message = '';
$_question_sgq = '';
$_question_essentials = '';
$_getQuestionClass = '';
$_question_man_class = '';
$_question_input_error_class = '';
$_question_number = '';
$_question_code = '';
$_question_type = '';
}
if ($_question_type == '*') {
$_question_text = '<div class="em_equation">' . $_question_text . '</div>';
}
if (!($showqnumcode == 'both' || $showqnumcode == 'number' || $showqnumcode == 'choose' && !isset($thissurvey['showqnumcode']) || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'B' || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'N')) {
$_question_number = '';
}
if (!($showqnumcode == 'both' || $showqnumcode == 'code' || $showqnumcode == 'choose' && !isset($thissurvey['showqnumcode']) || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'B' || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'C')) {
$_question_code = '';
}
if (!isset($totalquestions)) {
$totalquestions = 0;
}
$_totalquestionsAsked = $totalquestions;
if ($showxquestions == 'show' || $showxquestions == 'choose' && !isset($thissurvey['showxquestions']) || $showxquestions == 'choose' && $thissurvey['showxquestions'] == 'Y') {
if ($_totalquestionsAsked < 1) {
$_therearexquestions = $clang->gT("There are no questions in this survey");
// Singular
} elseif ($_totalquestionsAsked == 1) {
$_therearexquestions = $clang->gT("There is 1 question in this survey");
//Singular
} else {
$_therearexquestions = $clang->gT("There are {NUMBEROFQUESTIONS} questions in this survey.");
//Note this line MUST be before {NUMBEROFQUESTIONS}
}
} else {
$_therearexquestions = '';
}
if (isset($token)) {
$_token = $token;
} elseif (isset($clienttoken)) {
$_token = htmlentities($clienttoken, ENT_QUOTES, 'UTF-8');
// or should it be URL-encoded?
} else {
$_token = '';
}
// Expiry
if (isset($thissurvey['expiry'])) {
$dateformatdetails = getDateFormatData($thissurvey['surveyls_dateformat']);
Yii::import('application.libraries.Date_Time_Converter', true);
$datetimeobj = new Date_Time_Converter($thissurvey['expiry'], "Y-m-d");
$_dateoutput = $datetimeobj->convert($dateformatdetails['phpdate']);
} else {
$_dateoutput = '-';
}
$_submitbutton = "<input class='submit' type='submit' value=' " . $clang->gT("Submit") . " ' name='move2' onclick=\"javascript:document.limesurvey.move.value = 'movesubmit';\" />";
if (isset($thissurvey['surveyls_url']) and $thissurvey['surveyls_url'] != "") {
if (trim($thissurvey['surveyls_urldescription']) != '') {
$_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_urldescription']}</a>";
} else {
$_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_url']}</a>";
}
} else {
$_linkreplace = '';
}
if (isset($thissurvey['sid']) && isset($_SESSION['survey_' . $thissurvey['sid']]['srid']) && $thissurvey['active'] == 'Y') {
$iscompleted = Survey_dynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $thissurvey['sid']]['srid']);
} else {
$iscompleted = false;
}
if (isset($surveyid) && !$iscompleted) {
$_clearall = "<input type='button' name='clearallbtn' value='" . $clang->gT("Exit and clear survey") . "' class='clearall' " . "onclick=\"if (confirm('" . $clang->gT("Are you sure you want to clear all your responses?", 'js') . "')) {\nwindow.open('" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}", array('move' => 'clearall', 'lang' => $s_lang), '&');
if (returnGlobal('token')) {
$_clearall .= "&token=" . urlencode(trim(sanitize_token(strip_tags(returnGlobal('token')))));
}
$_clearall .= "', '_self')}\" />";
} else {
$_clearall = "";
}
if (isset(Yii::app()->session['datestamp'])) {
$_datestamp = Yii::app()->session['datestamp'];
} else {
$_datestamp = '-';
}
if (isset($thissurvey['allowsave']) and $thissurvey['allowsave'] == "Y") {
// Find out if the user has any saved data
if ($thissurvey['format'] == 'A') {
if ($thissurvey['tokenanswerspersistence'] != 'Y' || !isset($surveyid) || !tableExists('tokens_' . $surveyid)) {
$_saveall = "\t\t\t<input type='button' name='loadall' value='" . $clang->gT("Load unfinished survey") . "' class='saveall' onclick=\"javascript:addHiddenField(document.getElementById('limesurvey'),'loadall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>" . "\n\t\t\t<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>";
// Show Save So Far button
} else {
$_saveall = "\t\t\t<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>";
// Show Save So Far button
}
} elseif (isset($surveyid) && (!isset($_SESSION['survey_' . $surveyid]['step']) || !$_SESSION['survey_' . $surveyid]['step'])) {
//First page, show LOAD
if ($thissurvey['tokenanswerspersistence'] != 'Y' || !isset($surveyid) || !tableExists('tokens_' . $surveyid)) {
$_saveall = "\t\t\t<input type='button' name='loadall' value='" . $clang->gT("Load unfinished survey") . "' class='saveall' onclick=\"javascript:addHiddenField(document.getElementById('limesurvey'),'loadall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>";
} else {
$_saveall = '';
}
} elseif (isset(Yii::app()->session['scid']) && (isset($move) && $move == "movelast")) {
//Already saved and on Submit Page, dont show Save So Far button
$_saveall = '';
} else {
$_saveall = "<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>";
// Show Save So Far button
}
} else {
$_saveall = "";
}
if (!isset($help)) {
$help = "";
}
if (flattenText($help, true, true) != '') {
if (!isset($helpicon)) {
if (file_exists($templatedir . '/help.gif')) {
$helpicon = $templateurl . 'help.gif';
} elseif (file_exists($templatedir . '/help.png')) {
$helpicon = $templateurl . 'help.png';
} else {
$helpicon = Yii::app()->getConfig('imageurl') . "/help.gif";
}
}
$_questionhelp = "<img src='{$helpicon}' alt='Help' align='left' />" . $help;
} else {
$_questionhelp = $help;
}
if (isset($thissurvey['allowprev']) && $thissurvey['allowprev'] == "N") {
$_strreview = "";
} else {
$_strreview = $clang->gT("If you want to check any of the answers you have made, and/or change them, you can do that now by clicking on the [<< prev] button and browsing through your responses.");
}
if (isset($thissurvey['active']) and $thissurvey['active'] == "N") {
$_restart = "<a href='" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}/newtest/Y");
if (isset($s_lang) && $s_lang != '') {
$_restart .= "/lang/" . $s_lang;
}
$_restart .= "'>" . $clang->gT("Restart this survey") . "</a>";
} else {
if (isset($surveyid)) {
$restart_extra = "";
$restart_token = returnGlobal('token');
if (!empty($restart_token)) {
$restart_extra .= "/token/" . urlencode($restart_token);
} else {
$restart_extra = "/newtest/Y";
}
if (!empty($_GET['lang'])) {
$restart_extra .= "/lang/" . returnGlobal('lang');
}
$_restart = "<a href='" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}{$restart_extra}") . "'>" . $clang->gT("Restart this Survey") . "</a>";
} else {
$_restart = "";
}
}
if (isset($thissurvey['anonymized']) && $thissurvey['anonymized'] == 'Y') {
$_savealert = $clang->gT("To remain anonymous please use a pseudonym as your username, also an email address is not required.");
} else {
$_savealert = "";
}
if (isset($surveyid)) {
$_return_to_survey = "<a href=" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}");
if (returnGlobal('token')) {
$_return_to_survey .= "?amp;token=" . urlencode(trim(sanitize_xss_string(strip_tags(returnGlobal('token')))));
}
$_return_to_survey .= "'>" . $clang->gT("Return to survey") . "</a>";
} else {
$_return_to_survey = "";
}
// Save Form
$_saveform = "<table><tr><td align='right'>" . $clang->gT("Name") . ":</td><td><input type='text' name='savename' value='";
if (isset($_POST['savename'])) {
$_saveform .= HTMLEscape(autoUnescape($_POST['savename']));
}
$_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Password") . ":</td><td><input type='password' name='savepass' value='";
if (isset($_POST['savepass'])) {
$_saveform .= HTMLEscape(autoUnescape($_POST['savepass']));
}
$_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Repeat password") . ":</td><td><input type='password' name='savepass2' value='";
if (isset($_POST['savepass2'])) {
$_saveform .= HTMLEscape(autoUnescape($_POST['savepass2']));
}
$_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Your email address") . ":</td><td><input type='text' name='saveemail' value='";
if (isset($_POST['saveemail'])) {
$_saveform .= HTMLEscape(autoUnescape($_POST['saveemail']));
}
$_saveform .= "' /></td></tr>\n";
if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) {
$_saveform .= "<tr><td align='right'>" . $clang->gT("Security question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . (isset($surveyid) ? $surveyid : '')) . "' alt6='' /></td><td valign='middle' style='text-align:left'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table></td></tr>\n";
}
$_saveform .= "<tr><td align='right'></td><td></td></tr>\n" . "<tr><td></td><td><input type='submit' id='savebutton' name='savesubmit' value='" . $clang->gT("Save Now") . "' /></td></tr>\n" . "</table>";
// Load Form
$_loadform = "<table><tr><td align='right'>" . $clang->gT("Saved name") . ":</td><td><input type='text' name='loadname' value='";
if (isset($loadname)) {
$_loadform .= HTMLEscape(autoUnescape($loadname));
}
$_loadform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Password") . ":</td><td><input type='password' name='loadpass' value='";
if (isset($loadpass)) {
$_loadform .= HTMLEscape(autoUnescape($loadpass));
}
$_loadform .= "' /></td></tr>\n";
if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) {
$_loadform .= "<tr><td align='right'>" . $clang->gT("Security question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='' /></td><td valign='middle'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' alt=''/></td></tr></table></td></tr>\n";
}
$_loadform .= "<tr><td align='right'></td><td></td></tr>\n" . "<tr><td></td><td><input type='submit' id='loadbutton' value='" . $clang->gT("Load now") . "' /></td></tr></table>\n";
// Registration Form
if (isset($surveyid) || isset($registerdata) && $debugSrc == 'register.php') {
if (isset($surveyid)) {
$tokensid = $surveyid;
} else {
$tokensid = $registerdata['sid'];
}
$_registerform = "<form method='post' action='" . Yii::app()->getController()->createUrl('/register/index/surveyid/' . $tokensid) . "'>\n";
if (!isset($_REQUEST['lang'])) {
$_reglang = Survey::model()->findByPk($tokensid)->language;
} else {
$_reglang = returnGlobal('lang');
}
$_registerform .= "<input type='hidden' name='lang' value='" . $_reglang . "' />\n";
$_registerform .= "<input type='hidden' name='sid' value='{$tokensid}' id='sid' />\n";
$_registerform .= "<table class='register' summary='Registrationform'>\n" . "<tr><td align='right'>" . $clang->gT("First name") . ":</td>" . "<td align='left'><input class='text' type='text' name='register_firstname'";
if (isset($_POST['register_firstname'])) {
$_registerform .= " value='" . htmlentities(returnGlobal('register_firstname'), ENT_QUOTES, 'UTF-8') . "'";
}
$_registerform .= " /></td></tr>" . "<tr><td align='right'>" . $clang->gT("Last name") . ":</td>\n" . "<td align='left'><input class='text' type='text' name='register_lastname'";
if (isset($_POST['register_lastname'])) {
$_registerform .= " value='" . htmlentities(returnGlobal('register_lastname'), ENT_QUOTES, 'UTF-8') . "'";
}
$_registerform .= " /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Email address") . ":</td>\n" . "<td align='left'><input class='text' type='text' name='register_email'";
if (isset($_POST['register_email'])) {
$_registerform .= " value='" . htmlentities(returnGlobal('register_email'), ENT_QUOTES, 'UTF-8') . "'";
}
$_registerform .= " /></td></tr>\n";
foreach ($thissurvey['attributedescriptions'] as $field => $attribute) {
if (empty($attribute['show_register']) || $attribute['show_register'] != 'Y') {
continue;
}
$_registerform .= '
<tr>
<td align="right">' . $thissurvey['attributecaptions'][$field] . ($attribute['mandatory'] == 'Y' ? '*' : '') . ':</td>
<td align="left"><input class="text" type="text" name="register_' . $field . '" /></td>
</tr>';
}
if ((count($registerdata) > 1 || isset($thissurvey['usecaptcha'])) && function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $thissurvey['usecaptcha'])) {
$_registerform .= "<tr><td align='right'>" . $clang->gT("Security Question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='' /></td><td valign='middle'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table></td></tr>\n";
}
$_registerform .= "<tr><td></td><td><input id='registercontinue' class='submit' type='submit' value='" . $clang->gT("Continue") . "' />" . "</td></tr>\n" . "</table>\n";
if (count($registerdata) > 1 && $registerdata['sid'] != NULL && $debugSrc == 'register.php') {
$_registerform .= "<input name='startdate' type ='hidden' value='" . $registerdata['startdate'] . "' />";
$_registerform .= "<input name='enddate' type ='hidden' value='" . $registerdata['enddate'] . "' />";
}
$_registerform .= "</form>\n";
} else {
$_registerform = "";
}
// Assessments
$assessmenthtml = "";
if (isset($surveyid) && !is_null($surveyid) && function_exists('doAssessment')) {
$assessmentdata = doAssessment($surveyid, true);
$_assessment_current_total = $assessmentdata['total'];
if (stripos($line, "{ASSESSMENTS}")) {
$assessmenthtml = doAssessment($surveyid, false);
}
} else {
$_assessment_current_total = '';
}
if (isset($thissurvey['googleanalyticsapikey']) && trim($thissurvey['googleanalyticsapikey']) != '') {
$_googleAnalyticsAPIKey = trim($thissurvey['googleanalyticsapikey']);
} else {
$_googleAnalyticsAPIKey = trim(getGlobalSetting('googleanalyticsapikey'));
}
$_googleAnalyticsStyle = isset($thissurvey['googleanalyticsstyle']) ? $thissurvey['googleanalyticsstyle'] : '0';
$_googleAnalyticsJavaScript = '';
if ($_googleAnalyticsStyle != '' && $_googleAnalyticsStyle != 0 && $_googleAnalyticsAPIKey != '') {
switch ($_googleAnalyticsStyle) {
case '1':
// Default Google Tracking
$_googleAnalyticsJavaScript = <<<EOD
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', '{$_googleAnalyticsAPIKey}']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
EOD;
break;
case '2':
// SurveyName-[SID]/[GSEQ]-GroupName - create custom GSEQ based upon page step
$moveInfo = LimeExpressionManager::GetLastMoveResult();
if (is_null($moveInfo)) {
$gseq = 'welcome';
} else {
if ($moveInfo['finished']) {
$gseq = 'finished';
} else {
if (isset($moveInfo['at_start']) && $moveInfo['at_start']) {
$gseq = 'welcome';
} else {
if (is_null($_groupname)) {
$gseq = 'printanswers';
} else {
$gseq = $moveInfo['gseq'] + 1;
}
}
}
}
$_trackURL = htmlspecialchars($thissurvey['name'] . '-[' . $surveyid . ']/[' . $gseq . ']-' . $_groupname);
$_googleAnalyticsJavaScript = <<<EOD
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', '{$_googleAnalyticsAPIKey}']);
_gaq.push(['_trackPageview','{$_trackURL}']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
EOD;
break;
}
}
$_endtext = '';
if (isset($thissurvey['surveyls_endtext']) && trim($thissurvey['surveyls_endtext']) != '') {
$_endtext = $thissurvey['surveyls_endtext'];
}
// Set the array of replacement variables here - don't include curly braces
$coreReplacements = array();
$coreReplacements['ACTIVE'] = isset($thissurvey['active']) && !($thissurvey['active'] != "Y");
$coreReplacements['AID'] = isset($questiondetails['aid']) ? $questiondetails['aid'] : '';
$coreReplacements['ANSWER'] = isset($answer) ? $answer : '';
// global
$coreReplacements['ANSWERSCLEARED'] = $clang->gT("Answers cleared");
$coreReplacements['ASSESSMENTS'] = $assessmenthtml;
$coreReplacements['ASSESSMENT_CURRENT_TOTAL'] = $_assessment_current_total;
$coreReplacements['ASSESSMENT_HEADING'] = $clang->gT("Your assessment");
$coreReplacements['CHECKJAVASCRIPT'] = "<noscript><span class='warningjs'>" . $clang->gT("Caution: JavaScript execution is disabled in your browser. You may not be able to answer all questions in this survey. Please, verify your browser parameters.") . "</span></noscript>";
$coreReplacements['CLEARALL'] = $_clearall;
$coreReplacements['CLOSEWINDOW'] = "<a href='javascript:%20self.close()'>" . $clang->gT("Close this window") . "</a>";
$coreReplacements['COMPLETED'] = isset($redata['completed']) ? $redata['completed'] : '';
// global
$coreReplacements['DATESTAMP'] = $_datestamp;
$coreReplacements['ENDTEXT'] = $_endtext;
$coreReplacements['EXPIRY'] = $_dateoutput;
$coreReplacements['GID'] = isset($questiondetails['gid']) ? $questiondetails['gid'] : '';
$coreReplacements['GOOGLE_ANALYTICS_API_KEY'] = $_googleAnalyticsAPIKey;
$coreReplacements['GOOGLE_ANALYTICS_JAVASCRIPT'] = $_googleAnalyticsJavaScript;
$coreReplacements['GROUPDESCRIPTION'] = $_groupdescription;
$coreReplacements['GROUPNAME'] = $_groupname;
$coreReplacements['LANG'] = $clang->getlangcode();
$coreReplacements['LANGUAGECHANGER'] = isset($languagechanger) ? $languagechanger : '';
// global
$coreReplacements['LOADERROR'] = isset($errormsg) ? $errormsg : '';
// global
$coreReplacements['LOADFORM'] = $_loadform;
$coreReplacements['LOADHEADING'] = $clang->gT("Load a previously saved survey");
$coreReplacements['LOADMESSAGE'] = $clang->gT("You can load a survey that you have previously saved from this screen.") . "<br />" . $clang->gT("Type in the 'name' you used to save the survey, and the password.") . "<br />";
$coreReplacements['NAVIGATOR'] = isset($navigator) ? $navigator : '';
// global
$coreReplacements['NOSURVEYID'] = isset($surveylist) ? $surveylist['nosid'] : '';
$coreReplacements['NUMBEROFQUESTIONS'] = $_totalquestionsAsked;
$coreReplacements['PERCENTCOMPLETE'] = isset($percentcomplete) ? $percentcomplete : '';
// global
$coreReplacements['PRIVACY'] = isset($privacy) ? $privacy : '';
// global
$coreReplacements['PRIVACYMESSAGE'] = "<span style='font-weight:bold; font-style: italic;'>" . $clang->gT("A Note On Privacy") . "</span><br />" . $clang->gT("This survey is anonymous.") . "<br />" . $clang->gT("The record kept of your survey responses does not contain any identifying information about you unless a specific question in the survey has asked for this. If you have responded to a survey that used an identifying token to allow you to access the survey, you can rest assured that the identifying token is not kept with your responses. It is managed in a separate database, and will only be updated to indicate that you have (or haven't) completed this survey. There is no way of matching identification tokens with survey responses in this survey.");
$coreReplacements['QID'] = isset($questiondetails['qid']) ? $questiondetails['qid'] : '';
$coreReplacements['QUESTION'] = $_question;
$coreReplacements['QUESTIONHELP'] = $_questionhelp;
$coreReplacements['QUESTIONHELPPLAINTEXT'] = strip_tags(addslashes($help));
// global
$coreReplacements['QUESTION_CLASS'] = $_getQuestionClass;
$coreReplacements['QUESTION_CODE'] = $_question_code;
$coreReplacements['QUESTION_ESSENTIALS'] = $_question_essentials;
$coreReplacements['QUESTION_FILE_VALID_MESSAGE'] = $_question_file_valid_message;
$coreReplacements['QUESTION_HELP'] = $_question_help;
$coreReplacements['QUESTION_INPUT_ERROR_CLASS'] = $_question_input_error_class;
$coreReplacements['QUESTION_MANDATORY'] = $_question_mandatory;
$coreReplacements['QUESTION_MAN_CLASS'] = $_question_man_class;
$coreReplacements['QUESTION_MAN_MESSAGE'] = $_question_man_message;
$coreReplacements['QUESTION_NUMBER'] = $_question_number;
$coreReplacements['QUESTION_TEXT'] = $_question_text;
$coreReplacements['QUESTION_VALID_MESSAGE'] = $_question_valid_message;
$coreReplacements['REGISTERERROR'] = isset($register_errormsg) ? $register_errormsg : '';
// global
$coreReplacements['REGISTERFORM'] = $_registerform;
$coreReplacements['REGISTERMESSAGE1'] = $clang->gT("You must be registered to complete this survey");
$coreReplacements['REGISTERMESSAGE2'] = $clang->gT("You may register for this survey if you wish to take part.") . "<br />\n" . $clang->gT("Enter your details below, and an email containing the link to participate in this survey will be sent immediately.");
$coreReplacements['RESTART'] = $_restart;
$coreReplacements['RETURNTOSURVEY'] = $_return_to_survey;
$coreReplacements['SAVE'] = $_saveall;
$coreReplacements['SAVEALERT'] = $_savealert;
$coreReplacements['SAVEDID'] = isset($saved_id) ? $saved_id : '';
// global
$coreReplacements['SAVEERROR'] = isset($errormsg) ? $errormsg : '';
// global - same as LOADERROR
$coreReplacements['SAVEFORM'] = $_saveform;
$coreReplacements['SAVEHEADING'] = $clang->gT("Save your unfinished survey");
$coreReplacements['SAVEMESSAGE'] = $clang->gT("Enter a name and password for this survey and click save below.") . "<br />\n" . $clang->gT("Your survey will be saved using that name and password, and can be completed later by logging in with the same name and password.") . "<br /><br />\n" . $clang->gT("If you give an email address, an email containing the details will be sent to you.") . "<br /><br />\n" . $clang->gT("After having clicked the save button you can either close this browser window or continue filling out the survey.");
$coreReplacements['SGQ'] = $_question_sgq;
$coreReplacements['SID'] = isset($surveyid) ? $surveyid : (isset($questiondetails['sid']) ? $questiondetails['sid'] : '');
$coreReplacements['SITENAME'] = isset($sitename) ? $sitename : '';
// global
$coreReplacements['SUBMITBUTTON'] = $_submitbutton;
$coreReplacements['SUBMITCOMPLETE'] = "<strong>" . $clang->gT("Thank you!") . "<br /><br />" . $clang->gT("You have completed answering the questions in this survey.") . "</strong><br /><br />" . $clang->gT("Click on 'Submit' now to complete the process and save your answers.");
$coreReplacements['SUBMITREVIEW'] = $_strreview;
$coreReplacements['SURVEYCONTACT'] = $surveycontact;
$coreReplacements['SURVEYDESCRIPTION'] = isset($thissurvey['description']) ? $thissurvey['description'] : '';
$coreReplacements['SURVEYFORMAT'] = isset($surveyformat) ? $surveyformat : '';
// global
$coreReplacements['SURVEYLANGAGE'] = $clang->langcode;
$coreReplacements['SURVEYLANGUAGE'] = $clang->langcode;
$coreReplacements['SURVEYLIST'] = isset($surveylist) ? $surveylist['list'] : '';
$coreReplacements['SURVEYLISTHEADING'] = isset($surveylist) ? $surveylist['listheading'] : '';
$coreReplacements['SURVEYNAME'] = isset($thissurvey['name']) ? $thissurvey['name'] : '';
$coreReplacements['TEMPLATECSS'] = $_templatecss;
$coreReplacements['TEMPLATEJS'] = $_templatejs;
$coreReplacements['TEMPLATEURL'] = $templateurl;
$coreReplacements['THEREAREXQUESTIONS'] = $_therearexquestions;
if (!$anonymized) {
$coreReplacements['TOKEN'] = $_token;
}
$coreReplacements['URL'] = $_linkreplace;
$coreReplacements['WELCOME'] = isset($thissurvey['welcome']) ? $thissurvey['welcome'] : '';
if (!is_null($replacements) && is_array($replacements)) {
$doTheseReplacements = array_merge($coreReplacements, $replacements);
// so $replacements overrides core values
} else {
$doTheseReplacements = $coreReplacements;
}
// Now do all of the replacements - In rare cases, need to do 3 deep recursion, that that is default
$line = LimeExpressionManager::ProcessString($line, $questionNum, $doTheseReplacements, false, 3, 1);
return $line;
}
/**
* Loads results for the survey into the $survey->responses array. The
* results begin from $minRecord and end with $maxRecord. Either none,
* or both, the $minRecord and $maxRecord variables must be provided.
* If none are then all responses are loaded.
*
* @param Survey $survey
* @param int $iOffset
* @param int $iLimit
*/
public function loadSurveyResults(SurveyObj $survey, $iLimit, $iOffset, $sFilter = '')
{
$oRecordSet = Yii::app()->db->createCommand()->select()->from('{{survey_' . $survey->id . '}}');
if (tableExists('tokens_' . $survey->id) && in_array('token', Survey_dynamic::model($survey->id)->attributes)) {
$oRecordSet->join('{{tokens_' . $survey->id . '}}', '{{tokens_' . $survey->id . '}}.token={{survey_' . $survey->id . '}}.token');
}
if ($sFilter != '') {
$oRecordSet->where($sFilter);
}
$survey->responses = $oRecordSet->order('id')->limit($iLimit, $iOffset)->query()->readAll();
return count($survey->responses);
}
/**
* dataentry::insert()
* insert new dataentry
* @return
*/
public function insert()
{
$clang = Yii::app()->lang;
$subaction = Yii::app()->request->getPost('subaction');
$surveyid = Yii::app()->request->getPost('sid');
$lang = isset($_POST['lang']) ? Yii::app()->request->getPost('lang') : NULL;
$aData = array('surveyid' => $surveyid, 'lang' => $lang, 'clang' => $clang);
if (hasSurveyPermission($surveyid, 'responses', 'read')) {
if ($subaction == "insert" && hasSurveyPermission($surveyid, 'responses', 'create')) {
$surveytable = "{{survey_{$surveyid}}}";
$thissurvey = getSurveyInfo($surveyid);
$errormsg = "";
Yii::app()->loadHelper("database");
$aViewUrls['display']['menu_bars']['browse'] = $clang->gT("Data entry");
$aDataentryoutput = '';
$aDataentrymsgs = array();
$hiddenfields = '';
$lastanswfortoken = '';
// check if a previous answer has been submitted or saved
$rlanguage = '';
if (isset($_POST['token'])) {
$tokencompleted = "";
$tcquery = "SELECT completed from {{tokens_{$surveyid}}} WHERE token='{$_POST['token']}'";
//dbQuoteAll($_POST['token'],true);
$tcresult = dbExecuteAssoc($tcquery);
$tcresult = $tcresult->readAll();
$tccount = count($tcresult);
foreach ($tcresult as $tcrow) {
$tokencompleted = $tcrow['completed'];
}
if ($tccount < 1) {
// token doesn't exist in token table
$lastanswfortoken = 'UnknownToken';
} elseif ($thissurvey['anonymized'] == "Y") {
// token exist but survey is anonymous, check completed state
if ($tokencompleted != "" && $tokencompleted != "N") {
// token is completed
$lastanswfortoken = 'PrivacyProtected';
}
} else {
// token is valid, survey not anonymous, try to get last recorded response id
$aquery = "SELECT id,startlanguage FROM {$surveytable} WHERE token='" . $_POST['token'] . "'";
//dbQuoteAll($_POST['token'],true);
$aresult = dbExecuteAssoc($aquery);
foreach ($aresult->readAll() as $arow) {
if ($tokencompleted != "N") {
$lastanswfortoken = $arow['id'];
}
$rlanguage = $arow['startlanguage'];
}
}
}
// First Check if the survey uses tokens and if a token has been provided
if (tableExists('{{tokens_' . $thissurvey['sid'] . '}}') && !$_POST['token']) {
$errormsg = CHtml::tag('div', array('class' => 'warningheader'), $clang->gT("Error"));
$errormsg .= CHtml::tag('p', array(), $clang->gT("This is a closed-access survey, so you must supply a valid token. Please contact the administrator for assistance."));
} elseif (tableExists('{{tokens_' . $thissurvey['sid'] . '}}') && $lastanswfortoken == 'UnknownToken') {
$errormsg = CHtml::tag('div', array('class' => 'warningheader'), $clang->gT("Error"));
$errormsg .= CHtml::tag('p', array(), $clang->gT("The token you have provided is not valid or has already been used."));
} elseif (tableExists('{{tokens_' . $thissurvey['sid'] . '}}') && $lastanswfortoken != '') {
$errormsg = CHtml::tag('div', array('class' => 'warningheader'), $clang->gT("Error"));
$errormsg .= CHtml::tag('p', array(), $clang->gT("There is already a recorded answer for this token"));
if ($lastanswfortoken != 'PrivacyProtected') {
$errormsg .= "<br /><br />" . $clang->gT("Follow the following link to update it") . ":\n";
$errormsg .= CHtml::link("[id:{$lastanswfortoken}]", Yii::app()->baseUrl . ('/admin/dataentry/editdata/subaction/edit/id/' . $lastanswfortoken . '/surveyid/' . $surveyid . '/lang/' . $rlanguage), array('title' => $clang->gT("Edit this entry")));
} else {
$errormsg .= "<br /><br />" . $clang->gT("This surveys uses anonymized responses, so you can't update your response.") . "\n";
}
} else {
$last_db_id = 0;
if (isset($_POST['save']) && $_POST['save'] == "on") {
$aData['save'] = TRUE;
$saver['identifier'] = $_POST['save_identifier'];
$saver['language'] = $_POST['save_language'];
$saver['password'] = $_POST['save_password'];
$saver['passwordconfirm'] = $_POST['save_confirmpassword'];
$saver['email'] = $_POST['save_email'];
if (!returnGlobal('redo')) {
$password = md5($saver['password']);
} else {
$password = $saver['password'];
}
$errormsg = "";
if (!$saver['identifier']) {
$errormsg .= $clang->gT("Error") . ": " . $clang->gT("You must supply a name for this saved session.");
}
if (!$saver['password']) {
$errormsg .= $clang->gT("Error") . ": " . $clang->gT("You must supply a password for this saved session.");
}
if ($saver['password'] != $saver['passwordconfirm']) {
$errormsg .= $clang->gT("Error") . ": " . $clang->gT("Your passwords do not match.");
}
$aData['errormsg'] = $errormsg;
if ($errormsg) {
foreach ($_POST as $key => $val) {
if (substr($key, 0, 4) != "save" && $key != "action" && $key != "sid" && $key != "datestamp" && $key != "ipaddr") {
$hiddenfields .= CHtml::hiddenField($key, $val);
//$aDataentryoutput .= "<input type='hidden' name='$key' value='$val' />\n";
}
}
}
}
//BUILD THE SQL TO INSERT RESPONSES
$baselang = Survey::model()->findByPk($surveyid)->language;
$fieldmap = createFieldMap($surveyid, 'full', false, false, getBaseLanguageFromSurveyID($surveyid));
$insert_data = array();
$_POST['startlanguage'] = $baselang;
if ($thissurvey['datestamp'] == "Y") {
$_POST['startdate'] = $_POST['datestamp'];
}
if (isset($_POST['closerecord'])) {
if ($thissurvey['datestamp'] == "Y") {
$_POST['submitdate'] = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig('timeadjust'));
} else {
$_POST['submitdate'] = date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980));
}
}
foreach ($fieldmap as $irow) {
$fieldname = $irow['fieldname'];
if (isset($_POST[$fieldname])) {
if ($_POST[$fieldname] == "" && ($irow['type'] == 'D' || $irow['type'] == 'N' || $irow['type'] == 'K')) {
// can't add '' in Date column
// Do nothing
} else {
if ($irow['type'] == '|') {
if (!strpos($irow['fieldname'], "_filecount")) {
$json = $_POST[$fieldname];
$phparray = json_decode(stripslashes($json));
$filecount = 0;
for ($i = 0; $filecount < count($phparray); $i++) {
if ($_FILES[$fieldname . "_file_" . $i]['error'] != 4) {
$target = Yii::app()->getConfig('uploaddir') . "/surveys/" . $thissurvey['sid'] . "/files/" . randomChars(20);
$size = 0.001 * $_FILES[$fieldname . "_file_" . $i]['size'];
$name = rawurlencode($_FILES[$fieldname . "_file_" . $i]['name']);
if (move_uploaded_file($_FILES[$fieldname . "_file_" . $i]['tmp_name'], $target)) {
$phparray[$filecount]->filename = basename($target);
$phparray[$filecount]->name = $name;
$phparray[$filecount]->size = $size;
$pathinfo = pathinfo($_FILES[$fieldname . "_file_" . $i]['name']);
$phparray[$filecount]->ext = $pathinfo['extension'];
$filecount++;
}
}
}
$insert_data[$fieldname] = ls_json_encode($phparray);
} else {
$insert_data[$fieldname] = count($phparray);
}
} elseif ($irow['type'] == 'D') {
Yii::app()->loadLibrary('Date_Time_Converter');
$qidattributes = getQuestionAttributeValues($irow['qid'], $irow['type']);
$dateformatdetails = getDateFormatDataForQID($qidattributes, $thissurvey);
$datetimeobj = new Date_Time_Converter($_POST[$fieldname], $dateformatdetails['phpdate']);
$insert_data[$fieldname] = $datetimeobj->convert("Y-m-d H:i:s");
} else {
$insert_data[$fieldname] = $_POST[$fieldname];
}
}
}
}
Survey_dynamic::sid($surveyid);
$new_response = new Survey_dynamic();
foreach ($insert_data as $column => $value) {
$new_response->{$column} = $value;
}
$new_response->save();
$last_db_id = $new_response->getPrimaryKey();
if (isset($_POST['closerecord']) && isset($_POST['token']) && $_POST['token'] != '') {
// get submit date
if (isset($_POST['closedate'])) {
$submitdate = $_POST['closedate'];
} else {
$submitdate = dateShift(date("Y-m-d H:i:s"), "Y-m-d", $timeadjust);
}
// check how many uses the token has left
$usesquery = "SELECT usesleft FROM {{tokens_}}{$surveyid} WHERE token='" . $_POST['token'] . "'";
$usesresult = dbExecuteAssoc($usesquery);
$usesrow = $usesresult->readAll();
//$usesresult->row_array()
if (isset($usesrow)) {
$usesleft = $usesrow[0]['usesleft'];
}
// query for updating tokens
$utquery = "UPDATE {{tokens_{$surveyid}}}\n";
if (isTokenCompletedDatestamped($thissurvey)) {
if (isset($usesleft) && $usesleft <= 1) {
$utquery .= "SET usesleft=usesleft-1, completed='{$submitdate}'\n";
} else {
$utquery .= "SET usesleft=usesleft-1\n";
}
} else {
if (isset($usesleft) && $usesleft <= 1) {
$utquery .= "SET usesleft=usesleft-1, completed='Y'\n";
} else {
$utquery .= "SET usesleft=usesleft-1\n";
}
}
$utquery .= "WHERE token='" . $_POST['token'] . "'";
$utresult = dbExecuteAssoc($utquery);
//Yii::app()->db->Execute($utquery) or safeDie ("Couldn't update tokens table!<br />\n$utquery<br />\n".Yii::app()->db->ErrorMsg());
// save submitdate into survey table
$srid = Yii::app()->db->getLastInsertID();
// Yii::app()->db->getLastInsertID();
$sdquery = "UPDATE {{survey_{$surveyid}}} SET submitdate='" . $submitdate . "' WHERE id={$srid}\n";
$sdresult = dbExecuteAssoc($sdquery) or safeDie("Couldn't set submitdate response in survey table!<br />\n{$sdquery}<br />\n");
$last_db_id = Yii::app()->db->getLastInsertID();
}
if (isset($_POST['save']) && $_POST['save'] == "on") {
$srid = Yii::app()->db->getLastInsertID();
//Yii::app()->db->getLastInsertID();
$aUserData = Yii::app()->session;
//CREATE ENTRY INTO "saved_control"
$saved_control_table = '{{saved_control}}';
$columns = array("sid", "srid", "identifier", "access_code", "email", "ip", "refurl", 'saved_thisstep', "status", "saved_date");
$values = array("'" . $surveyid . "'", "'" . $srid . "'", "'" . $saver['identifier'] . "'", "'" . $password . "'", "'" . $saver['email'] . "'", "'" . $aUserData['ip_address'] . "'", "'" . getenv("HTTP_REFERER") . "'", 0, "'" . "S" . "'", "'" . dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", "'" . Yii::app()->getConfig('timeadjust')) . "'");
$SQL = "INSERT INTO {$saved_control_table}\n (" . implode(',', $columns) . ")\n VALUES\n (" . implode(',', $values) . ")";
/*$scdata = array("sid"=>$surveyid,
"srid"=>$srid,
"identifier"=>$saver['identifier'],
"access_code"=>$password,
"email"=>$saver['email'],
"ip"=>$aUserData['ip_address'],
"refurl"=>getenv("HTTP_REFERER"),
'saved_thisstep' => 0,
"status"=>"S",
"saved_date"=>dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig('timeadjust')));
$this->load->model('saved_control_model');*/
if (dbExecuteAssoc($SQL)) {
$scid = Yii::app()->db->getLastInsertID();
// Yii::app()->db->getLastInsertID("{{saved_control}}","scid");
$aDataentrymsgs[] = CHtml::tag('font', array('class' => 'successtitle'), $clang->gT("Your survey responses have been saved successfully. You will be sent a confirmation e-mail. Please make sure to save your password, since we will not be able to retrieve it for you."));
//$aDataentryoutput .= "<font class='successtitle'></font><br />\n";
$tokens_table = "{{tokens_{$surveyid}}}";
$last_db_id = Yii::app()->db->getLastInsertID();
if (tableExists($tokens_table)) {
$tkquery = "SELECT * FROM {$tokens_table}";
$tkresult = dbExecuteAssoc($tkquery);
/*$tokendata = array (
"firstname"=> $saver['identifier'],
"lastname"=> $saver['identifier'],
"email"=>$saver['email'],
"token"=>randomChars(15),
"language"=>$saver['language'],
"sent"=>dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i", $timeadjust),
"completed"=>"N");*/
$columns = array("firstname", "lastname", "email", "token", "language", "sent", "completed");
$values = array("'" . $saver['identifier'] . "'", "'" . $saver['identifier'] . "'", "'" . $saver['email'] . "'", "'" . $password . "'", "'" . randomChars(15) . "'", "'" . $saver['language'] . "'", "'" . "N" . "'");
$SQL = "INSERT INTO {$token_table}\n (" . implode(',', $columns) . ")\n VALUES\n (" . implode(',', $values) . ")";
//$this->tokens_dynamic_model->insertToken($surveyid,$tokendata);
dbExecuteAssoc($SQL);
//Yii::app()->db->AutoExecute(db_table_name("tokens_".$surveyid), $tokendata,'INSERT');
$aDataentrymsgs[] = CHtml::tag('font', array('class' => 'successtitle'), $clang->gT("A token entry for the saved survey has been created too."));
//$aDataentryoutput .= "<font class='successtitle'></font><br />\n";
$last_db_id = Yii::app()->db->getLastInsertID();
}
if ($saver['email']) {
//Send email
if (validateEmailAddress($saver['email']) && !returnGlobal('redo')) {
$subject = $clang->gT("Saved Survey Details");
$message = $clang->gT("Thank you for saving your survey in progress. The following details can be used to return to this survey and continue where you left off. Please keep this e-mail for your reference - we cannot retrieve the password for you.");
$message .= "\n\n" . $thissurvey['name'] . "\n\n";
$message .= $clang->gT("Name") . ": " . $saver['identifier'] . "\n";
$message .= $clang->gT("Password") . ": " . $saver['password'] . "\n\n";
$message .= $clang->gT("Reload your survey by clicking on the following link (or pasting it into your browser):") . ":\n";
$message .= Yii::app()->getConfig('publicurl') . "/index.php?sid={$surveyid}&loadall=reload&scid=" . $scid . "&lang=" . urlencode($saver['language']) . "&loadname=" . urlencode($saver['identifier']) . "&loadpass="******"&token=" . $tokendata['token'];
}
$from = $thissurvey['adminemail'];
if (SendEmailMessage($message, $subject, $saver['email'], $from, $sitename, false, getBounceEmail($surveyid))) {
$emailsent = "Y";
$aDataentrymsgs[] = CHtml::tag('font', array('class' => 'successtitle'), $clang->gT("An email has been sent with details about your saved survey"));
}
}
}
} else {
safeDie("Unable to insert record into saved_control table.<br /><br />");
}
}
$aData['thisid'] = $last_db_id;
}
$aData['errormsg'] = $errormsg;
$aData['dataentrymsgs'] = $aDataentrymsgs;
$this->_renderWrappedTemplate('dataentry', 'insert', $aData);
}
}
}
/**
* This function sends the shared participant info to the share panel using JSON encoding
* This function is called after the share panel grid is loaded
* This function returns the json depending on the user logged in by checking it from the session
* @param it takes the session user data loginID
* @return JSON encoded string containg sharing information
*/
function getTokens_json($iSurveyId, $search = null)
{
// CHECK TO SEE IF A TOKEN TABLE EXISTS FOR THIS SURVEY
$bTokenExists = tableExists('{{tokens_' . $iSurveyId . '}}');
if (!$bTokenExists) {
self::_newtokentable($iSurveyId);
}
$clang = $this->getController()->lang;
$page = Yii::app()->request->getPost('page');
$sidx = Yii::app()->request->getPost('sidx');
$sidx = !empty($sidx) ? $sidx : "lastname";
$sord = Yii::app()->request->getPost('sord');
$sord = !empty($sord) ? $sord : "asc";
$limit = Yii::app()->request->getPost('rows');
$limit = isset($limit) ? $limit : 25;
//Stop division by zero errors
$page = isset($page) ? $page : 1;
//Stop division by zero errors
$aData = new stdClass();
$aData->page = $page;
if (!empty($search)) {
$condition = Tokens_dynamic::model($iSurveyId)->getSearchMultipleCondition($search);
} else {
$condition = new CDbCriteria();
}
$condition->order = $sidx . " " . $sord;
$condition->offset = ($page - 1) * $limit;
$condition->limit = $limit;
$tokens = Tokens_dynamic::model($iSurveyId)->findAll($condition);
$condition->offset = 0;
$condition->limit = 0;
$aData->records = Tokens_dynamic::model($iSurveyId)->count($condition);
if ($limit > $aData->records) {
$limit = $aData->records;
}
if ($limit != 0) {
$aData->total = ceil($aData->records / $limit);
} else {
$aData->total = 0;
}
Yii::app()->loadHelper("surveytranslator");
$format = getDateFormatData(Yii::app()->session['dateformat']);
$aSurveyInfo = Survey::model()->findByPk($iSurveyId)->getAttributes();
//Get survey settings
$attributes = getAttributeFieldNames($iSurveyId);
foreach ($tokens as $token) {
$aRowToAdd = array();
if ((int) $token['validfrom']) {
$token['validfrom'] = date($format['phpdate'] . ' H:i', strtotime(trim($token['validfrom'])));
} else {
$token['validfrom'] = '';
}
if ((int) $token['validuntil']) {
$token['validuntil'] = date($format['phpdate'] . ' H:i', strtotime(trim($token['validuntil'])));
} else {
$token['validuntil'] = '';
}
$aRowToAdd['id'] = $token['tid'];
$action = "";
if ($token['token'] != "" && ($token['completed'] == "N" || $token['completed'] == "")) {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'do_16.png" title="' . $clang->gT("Do survey") . '" alt="' . $clang->gT("Do survey") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("survey/index/sid/{$iSurveyId}/token/{$token['token']}/newtest/Y") . '", "_blank")\'>';
} elseif ($token['completed'] != "N" && $token['completed'] != "" && $aSurveyInfo['anonymized'] == "N" && $aSurveyInfo['active'] == 'Y') {
// Get the survey response id of the matching entry, can be optimised into 1 call leaving for now
$id = Survey_dynamic::model($iSurveyId)->findAllByAttributes(array('token' => $token['token']));
if (count($id) > 0) {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_viewanswer.png" title="' . $clang->gT("View response details") . '" alt="' . $clang->gT("View response details") . '" onClick=\'window.open("' . Yii::app()->getController()->createUrl("admin/responses/sa/view/surveyid/{$iSurveyId}/id/{$id[0]['id']}") . '", "_top")\'>';
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_delete.png" title="' . $clang->gT("Delete token entry") . '" alt="' . $clang->gT("Delete token entry") . '" onclick=\'if (confirm("' . $clang->gT("Are you sure you want to delete this entry?") . ' (' . $token['tid'] . ')")) {$("#displaytokens").delRowData(' . $token['tid'] . ');$.post(delUrl,{tid:' . $token['tid'] . '});}\'>';
if (strtolower($token['emailstatus']) == 'ok') {
if ($token['completed'] == 'N' && $token['usesleft'] > 0) {
if ($token['sent'] == 'N') {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_invite.png" name="sendinvitations" id="sendinvitations" title="' . $clang->gT("Send invitation email to this person (if they have not yet been sent an invitation email)") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("admin/tokens/sa/email/surveyid/{$iSurveyId}/tokenids/" . $token['tid']) . '")\' />';
} else {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'token_remind.png" name="sendreminders" id="sendreminders" title="' . $clang->gT("Send reminder email to this person (if they have already received the invitation email)") . '" onclick=\'window.open("' . Yii::app()->getController()->createUrl("admin/tokens/sa/email/action/remind/surveyid/{$iSurveyId}/tokenids/" . $token['tid']) . '")\' />';
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$action .= '<input style="float: left; height: 16; width: 16px; font-size: 8; font-family: verdana" type="image" src="' . Yii::app()->getConfig('adminimageurl') . 'edit_16.png" class="token_edit" title="' . $clang->gT("Edit token entry") . '" alt="' . $clang->gT("Edit token entry") . '">';
if (!empty($token['participant_id']) && $token['participant_id'] != "" && hasGlobalPermission('USER_RIGHT_PARTICIPANT_PANEL')) {
$action .= '<input type="image" style="float: left" src="' . Yii::app()->getConfig('adminimageurl') . 'cpdb_16.png" name="viewparticipant" id="viewparticipant" title="' . $clang->gT("View this person in the central participants database") . '" alt="' . $clang->gT("View this person in the central participants database") . '" onClick=\'window.open("' . Yii::app()->getController()->createUrl("admin/participants/sa/displayParticipants/searchurl/participant_id||equal||" . $token['participant_id']) . '", "_top")\'>';
} else {
$action .= '<div style="width: 20px; height: 16px; float: left;"></div>';
}
$aRowToAdd['cell'] = array($token['tid'], $action, $token['firstname'], $token['lastname'], $token['email'], $token['emailstatus'], $token['token'], $token['language'], $token['sent'], $token['remindersent'], $token['remindercount'], $token['completed'], $token['usesleft'], $token['validfrom'], $token['validuntil']);
foreach ($attributes as $attribute) {
$aRowToAdd['cell'][] = $token[$attribute];
}
$aData->rows[] = $aRowToAdd;
}
echo ls_json_encode($aData);
}
