/** * This function replaces keywords in a text and is mainly intended for templates * If you use this functions put your replacement strings into the $replacements variable * instead of using global variables * NOTE - Don't do any embedded replacements in this function. Create the array of replacement values and * they will be done in batch at the end * * @param mixed $line Text to search in * @param mixed $replacements Array of replacements: Array( <stringtosearch>=><stringtoreplacewith> * @param boolean $anonymized Determines if token data is being used or just replaced with blanks * @param questionNum - needed to support dynamic JavaScript-based tailoring within questions * @param bStaticReplacement - Default off, forces non-dynamic replacements without <SPAN> tags (e.g. for the Completed page) * @return string Text with replaced strings */ function templatereplace($line, $replacements = array(), &$redata = array(), $debugSrc = 'Unspecified', $anonymized = false, $questionNum = NULL, $registerdata = array(), $bStaticReplacement = false, $oTemplate = '') { /* global $clienttoken,$token,$sitename,$move,$showxquestions,$showqnumcode,$questioncode; global $s_lang,$errormsg,$saved_id, $languagechanger,$captchapath,$loadname; */ /* $allowedvars = array('surveylist', 'sitename', 'clienttoken', 'rooturl', 'thissurvey', 'imageurl', 'defaulttemplate', 'percentcomplete', 'move', 'groupname', 'groupdescription', 'question', 'showxquestions', 'showgroupinfo', 'showqnumcode', 'questioncode', 'answer', 'navigator', 'help', 'totalquestions', 'surveyformat', 'completed', 'notanswered', 'privacy', 'surveyid', 'publicurl', 'templatedir', 'token', 'assessments', 's_lang', 'errormsg', 'saved_id', 'usertemplaterootdir', 'languagechanger', 'printoutput', 'captchapath', 'loadname'); */ $allowedvars = array('assessments', 'captchapath', 'clienttoken', 'completed', 'errormsg', 'groupdescription', 'groupname', 'imageurl', 'languagechanger', 'loadname', 'move', 'navigator', 'moveprevbutton', 'movenextbutton', 'percentcomplete', 'privacy', 's_lang', 'saved_id', 'showgroupinfo', 'showqnumcode', 'showxquestions', 'sitename', 'sitelogo', 'surveylist', 'templatedir', 'thissurvey', 'token', 'totalBoilerplatequestions', 'totalquestions', 'questionindex', 'questionindexmenu'); $varsPassed = array(); foreach ($allowedvars as $var) { if (isset($redata[$var])) { ${$var} = $redata[$var]; $varsPassed[] = $var; } } // if (count($varsPassed) > 0) { // log_message('debug', 'templatereplace() called from ' . $debugSrc . ' contains: ' . implode(', ', $varsPassed)); // } // if (isset($redata['question'])) { // LimeExpressionManager::ShowStackTrace('has QID and/or SGA',$allowedvars); // } // extract($redata); // creates variables for each of the keys in the array // Local over-rides in case not set above if (!isset($showgroupinfo)) { $showgroupinfo = Yii::app()->getConfig('showgroupinfo'); } if (!isset($showqnumcode)) { $showqnumcode = Yii::app()->getConfig('showqnumcode'); } $_surveyid = Yii::app()->getConfig('surveyID'); if (!isset($showxquestions)) { $showxquestions = Yii::app()->getConfig('showxquestions'); } if (!isset($s_lang)) { $s_lang = isset(Yii::app()->session['survey_' . $_surveyid]['s_lang']) ? Yii::app()->session['survey_' . $_surveyid]['s_lang'] : 'en'; } if ($_surveyid && !isset($thissurvey)) { $thissurvey = getSurveyInfo($_surveyid, $s_lang); } if (!isset($captchapath)) { $captchapath = ''; } if (!isset($sitename)) { $sitename = Yii::app()->getConfig('sitename'); } if (!isset($saved_id) && isset(Yii::app()->session['survey_' . $_surveyid]['srid'])) { $saved_id = Yii::app()->session['survey_' . $_surveyid]['srid']; } Yii::app()->loadHelper('surveytranslator'); if (isset($thissurvey['sid'])) { $surveyid = $thissurvey['sid']; } // lets sanitize the survey template if (isset($thissurvey['templatedir'])) { $templatename = $thissurvey['templatedir']; } else { $templatename = Yii::app()->getConfig('defaulttemplate'); } if (!isset($templatedir)) { $templatedir = getTemplatePath($templatename); } if (!isset($templateurl)) { $templateurl = getTemplateURL($templatename) . "/"; } if (!$anonymized && isset($thissurvey['anonymized'])) { $anonymized = $thissurvey['anonymized'] == "Y"; } // TEMPLATECSS $_templatecss = ""; $_templatejs = ""; /** * Template css/js files from the template config files are loaded. * It use the asset manager (so user never need to empty the cache, even if template is updated) * If debug mode is on, no asset manager is used. * * oTemplate is defined in controller/survey/index * * If templatereplace is called from the template editor, a $oTemplate is provided. */ $oTemplate = Template::model()->getInstance($templatename); $aCssFiles = $oTemplate->config->files->css->filename; $aJsFiles = $oTemplate->config->files->js->filename; $aOtherFiles = $oTemplate->otherFiles; //var_dump($aOtherFiles); die(); if (stripos($line, "{TEMPLATECSS}")) { // If the template has files for css, we can't publish the files one by one, but we must publish them as a whole directory // TODO : extend asset manager so it check for file modification even in directory mode if (!YII_DEBUG || count($aOtherFiles) < 0) { foreach ($aCssFiles as $sCssFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile)) { Yii::app()->getClientScript()->registerCssFile(App()->getAssetManager()->publish($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile), $sCssFile['media']); } } } else { foreach ($aCssFiles as $sCssFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile)) { Yii::app()->getClientScript()->registerCssFile("{$templateurl}{$sCssFile}", $sCssFile['media']); } } } /* RTL CSS */ if (getLanguageRTL(App()->language)) { $aCssFiles = (array) $oTemplate->config->files->rtl->css->filename; if (!YII_DEBUG) { foreach ($aCssFiles as $sCssFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile)) { Yii::app()->getClientScript()->registerCssFile(App()->getAssetManager()->publish($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile), $sCssFile['media']); } } } else { foreach ($aCssFiles as $sCssFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sCssFile)) { Yii::app()->getClientScript()->registerCssFile("{$templateurl}{$sCssFile}", $sCssFile['media']); } } } } } if (stripos($line, "{TEMPLATEJS}")) { if (!YII_DEBUG) { foreach ($aJsFiles as $sJsFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sJsFile)) { App()->getClientScript()->registerScriptFile(App()->getAssetManager()->publish($oTemplate->path . DIRECTORY_SEPARATOR . $sJsFile)); } } } else { foreach ($aJsFiles as $sJsFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sJsFile)) { Yii::app()->getClientScript()->registerScriptFile("{$templateurl}{$sJsFile}"); } } } /* RTL JS */ if (getLanguageRTL(App()->language)) { $aJsFiles = (array) $oTemplate->config->files->rtl->js->filename; if (!YII_DEBUG) { foreach ($aJsFiles as $aJsFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $aJsFile)) { App()->getClientScript()->registerScriptFile(App()->getAssetManager()->publish($oTemplate->path . DIRECTORY_SEPARATOR . $aJsFile)); } } } else { foreach ($aJsFiles as $sJsFile) { if (file_exists($oTemplate->path . DIRECTORY_SEPARATOR . $sJsFile)) { Yii::app()->getClientScript()->registerScriptFile("{$templateurl}{$sJsFile}"); } } } } } // surveyformat if (isset($thissurvey['format'])) { $surveyformat = str_replace(array("A", "S", "G"), array("allinone", "questionbyquestion", "groupbygroup"), $thissurvey['format']); } else { $surveyformat = ""; } if ($oTemplate->config->engine->cssframework) { $surveyformat .= " " . $oTemplate->config->engine->cssframework . "-engine "; } if (isset(Yii::app()->session['step']) && Yii::app()->session['step'] % 2 && $surveyformat != "allinone") { $surveyformat .= " page-odd"; } if (isset($thissurvey['questionindex']) && $thissurvey['questionindex'] > 0 && $surveyformat != "allinone" && (isset(Yii::app()->session['step']) && Yii::app()->session['step'] > 0)) { $surveyformat .= " withindex"; } if (isset($thissurvey['showprogress']) && $thissurvey['showprogress'] == "Y") { $surveyformat .= " showprogress"; } if (isset($thissurvey['showqnumcode'])) { $surveyformat .= " showqnumcode-" . $thissurvey['showqnumcode']; } // real survey contact if (isset($surveylist) && isset($surveylist['contact'])) { $surveycontact = $surveylist['contact']; } elseif (isset($surveylist) && isset($thissurvey['admin']) && $thissurvey['admin'] != "") { $surveycontact = sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['admin'], $thissurvey['adminemail']); } else { $surveycontact = ""; } // If there are non-bracketed replacements to be made do so above this line. // Only continue in this routine if there are bracketed items to replace {} if (strpos($line, "{") === false) { // process string anyway so that it can be pretty-printed return LimeExpressionManager::ProcessString($line, $questionNum, NULL, false, 1, 1, true); } if ($showgroupinfo == 'both' || $showgroupinfo == 'name' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'N') { $_groupname = isset($groupname) ? $groupname : ''; } else { $_groupname = ''; } if ($showgroupinfo == 'both' || $showgroupinfo == 'description' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'D') { $_groupdescription = isset($groupdescription) ? $groupdescription : ''; } else { $_groupdescription = ''; } if (!isset($totalquestions)) { $totalquestions = 0; } $_totalquestionsAsked = $totalquestions; if ($showxquestions == 'show' || $showxquestions == 'choose' && !isset($thissurvey['showxquestions']) || $showxquestions == 'choose' && $thissurvey['showxquestions'] == 'Y') { if ($_totalquestionsAsked < 1) { $_therearexquestions = gT("There are no questions in this survey"); // Singular } elseif ($_totalquestionsAsked == 1) { $_therearexquestions = gT("There is 1 question in this survey"); //Singular } else { $_therearexquestions = gT("There are {NUMBEROFQUESTIONS} questions in this survey."); //Note this line MUST be before {NUMBEROFQUESTIONS} } } else { $_therearexquestions = ''; } if (isset($token)) { $_token = $token; } elseif (isset($clienttoken)) { $_token = htmlentities($clienttoken, ENT_QUOTES, 'UTF-8'); // or should it be URL-encoded? } else { $_token = ''; } // Expiry if (isset($thissurvey['expiry'])) { $dateformatdetails = getDateFormatData($thissurvey['surveyls_dateformat']); Yii::import('application.libraries.Date_Time_Converter', true); $datetimeobj = new Date_Time_Converter($thissurvey['expiry'], "Y-m-d"); $_dateoutput = $datetimeobj->convert($dateformatdetails['phpdate']); } else { $_dateoutput = '-'; } $_submitbutton = "<input class='submit btn btn-default' type='submit' value=' " . gT("Submit") . " ' name='move2' onclick=\"javascript:document.limesurvey.move.value = 'movesubmit';\" />"; if (isset($thissurvey['surveyls_url']) and $thissurvey['surveyls_url'] != "") { if (trim($thissurvey['surveyls_urldescription']) != '') { $_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_urldescription']}</a>"; } else { $_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_url']}</a>"; } } else { $_linkreplace = ''; } if (isset($thissurvey['sid']) && isset($_SESSION['survey_' . $thissurvey['sid']]['srid']) && $thissurvey['active'] == 'Y') { $iscompleted = SurveyDynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $thissurvey['sid']]['srid']); } else { $iscompleted = false; } if (isset($surveyid) && !$iscompleted) { $_clearall = CHtml::htmlButton(gT("Exit and clear survey"), array('type' => 'submit', 'id' => "clearall", 'value' => 'clearall', 'name' => 'clearall', 'class' => 'clearall button btn btn-default btn-lg col-xs-4 hidden', 'data-confirmedby' => 'confirm-clearall', 'title' => gT("This action need confirmation."))); $_clearall .= CHtml::checkBox("confirm-clearall", false, array('id' => 'confirm-clearall', 'value' => 'confirm', 'class' => 'hide jshide btn btn-default btn-lg col-xs-4')); $_clearall .= CHtml::label(gT("Are you sure you want to clear all your responses?"), 'confirm-clearall', array('class' => 'hide jshide btn btn-default btn-lg col-xs-4')); $_clearalllinks = '<li><a href="#" id="clearallbtnlink">' . gT("Exit and clear survey") . '</a></li>'; } else { $_clearall = ""; $_clearalllinks = ''; } if (isset(Yii::app()->session['datestamp'])) { $_datestamp = Yii::app()->session['datestamp']; } else { $_datestamp = '-'; } if (isset($thissurvey['allowsave']) and $thissurvey['allowsave'] == "Y") { $_saveall = doHtmlSaveAll(isset($move) ? $move : NULL); $_savelinks = doHtmlSaveLinks(isset($move) ? $move : NULL); } else { $_saveall = ""; $_savelinks = ""; } if (isset($thissurvey['allowprev']) && $thissurvey['allowprev'] == "N") { $_strreview = ""; } else { $_strreview = gT("If you want to check any of the answers you have made, and/or change them, you can do that now by clicking on the [<< prev] button and browsing through your responses."); } if (isset($surveyid)) { $restartparam = array(); if ($_token) { $restartparam['token'] = sanitize_token($_token); } // urlencode with needed with sanitize_token if (Yii::app()->request->getQuery('lang')) { $restartparam['lang'] = sanitize_languagecode(Yii::app()->request->getQuery('lang')); } elseif ($s_lang) { $restartparam['lang'] = $s_lang; } $restartparam['newtest'] = "Y"; $restarturl = Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}", $restartparam); $_restart = "<a href='{$restarturl}'>" . gT("Restart this Survey") . "</a>"; } else { $_restart = ""; } if (isset($thissurvey['anonymized']) && $thissurvey['anonymized'] == 'Y') { $_savealert = gT("To remain anonymous please use a pseudonym as your username, also an email address is not required."); } else { $_savealert = ""; } if (isset($surveyid)) { if ($_token) { $returnlink = Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}", array('token' => Token::sanitizeToken($_token))); } else { $returnlink = Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}"); } $_return_to_survey = "<a href='{$returnlink}'>" . gT("Return to survey") . "</a>"; } else { $_return_to_survey = ""; } // Save Form $_saveform = "<table class='save-survey-form'><tr class='save-survey-row save-survey-name'><td class='save-survey-label label-cell' align='right'><label for='savename'>" . gT("Name") . "</label>:</td><td class='save-survey-input input-cell'><input type='text' name='savename' id='savename' value='"; if (isset($_POST['savename'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savename'])); } $_saveform .= "' /></td></tr>\n" . "<tr class='save-survey-row save-survey-password-1'><td class='save-survey-label label-cell' align='right'><label for='savepass'>" . gT("Password") . "</label>:</td><td class='save-survey-input input-cell'><input type='password' id='savepass' name='savepass' value='"; if (isset($_POST['savepass'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savepass'])); } $_saveform .= "' /></td></tr>\n" . "<tr class='save-survey-row save-survey-password-2'><td class='save-survey-label label-cell' align='right'><label for='savepass2'>" . gT("Repeat password") . "</label>:</td><td class='save-survey-input input-cell'><input type='password' id='savepass2' name='savepass2' value='"; if (isset($_POST['savepass2'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savepass2'])); } $_saveform .= "' /></td></tr>\n" . "<tr class='save-survey-row save-survey-email'><td class='save-survey-label label-cell' align='right'><label for='saveemail'>" . gT("Your email address") . "</label>:</td><td class='save-survey-input input-cell'><input type='text' id='saveemail' name='saveemail' value='"; if (isset($_POST['saveemail'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['saveemail'])); } $_saveform .= "' /></td></tr>\n"; if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { $_saveform .= "<tr class='save-survey-row save-survey-captcha'><td class='save-survey-label label-cell' align='right'><label for='loadsecurity'>" . gT("Security question") . "</label>:</td><td class='save-survey-input input-cell'><table class='captcha-table'><tr><td class='captcha-image' valign='middle'><img alt='' src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . (isset($surveyid) ? $surveyid : '')) . "' /></td><td class='captcha-input' valign='middle' style='text-align:left'><input type='text' size='5' maxlength='3' id='loadsecurity' name='loadsecurity' value='' /></td></tr></table></td></tr>\n"; } $_saveform .= "<tr><td align='right'></td><td></td></tr>\n" . "<tr class='save-survey-row save-survey-submit'><td class='save-survey-label label-cell'><label class='hide jshide' for='savebutton'>" . gT("Save Now") . "</label></td><td class='save-survey-input input-cell'><input type='submit' id='savebutton' name='savesubmit' class='button' value='" . gT("Save Now") . "' /></td></tr>\n" . "</table>"; // Load Form $_loadform = "<table class='load-survey-form'><tr class='load-survey-row load-survey-name'><td class='load-survey-label label-cell' align='right'><label for='loadname'>" . gT("Saved name") . "</label>:</td><td class='load-survey-input input-cell'><input type='text' id='loadname' name='loadname' value='"; if (isset($loadname)) { $_loadform .= HTMLEscape(autoUnescape($loadname)); } $_loadform .= "' /></td></tr>\n" . "<tr class='load-survey-row load-survey-password'><td class='load-survey-label label-cell' align='right'><label for='loadpass'>" . gT("Password") . "</label>:</td><td class='load-survey-input input-cell'><input type='password' id='loadpass' name='loadpass' value='"; if (isset($loadpass)) { $_loadform .= HTMLEscape(autoUnescape($loadpass)); } $_loadform .= "' /></td></tr>\n"; if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { $_loadform .= "<tr class='load-survey-row load-survey-captcha'><td class='load-survey-label label-cell' align='right'><label for='loadsecurity'>" . gT("Security question") . "</label>:</td><td class='load-survey-input input-cell'><table class='captcha-table'><tr><td class='captcha-image' valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . (isset($surveyid) ? $surveyid : '')) . "' alt='' /></td><td class='captcha-input' valign='middle'><input type='text' size='5' maxlength='3' id='loadsecurity' name='loadsecurity' value='' alt=''/></td></tr></table></td></tr>\n"; } $_loadform .= "<tr class='load-survey-row load-survey-submit'><td class='load-survey-label label-cell'><label class='hide jshide' for='loadbutton'>" . gT("Load now") . "</label></td><td class='load-survey-input input-cell'><input type='submit' id='loadbutton' class='button' value='" . gT("Load now") . "' /></td></tr></table>\n"; // Assessments $assessmenthtml = ""; if (isset($surveyid) && !is_null($surveyid) && function_exists('doAssessment')) { $assessmentdata = doAssessment($surveyid, true); $_assessment_current_total = $assessmentdata['total']; if (stripos($line, "{ASSESSMENTS}")) { $assessmenthtml = doAssessment($surveyid, false); } } else { $_assessment_current_total = ''; } if (isset($thissurvey['googleanalyticsapikey']) && trim($thissurvey['googleanalyticsapikey']) != '') { $_googleAnalyticsAPIKey = trim($thissurvey['googleanalyticsapikey']); } else { $_googleAnalyticsAPIKey = trim(getGlobalSetting('googleanalyticsapikey')); } $_googleAnalyticsStyle = isset($thissurvey['googleanalyticsstyle']) ? $thissurvey['googleanalyticsstyle'] : '0'; $_googleAnalyticsJavaScript = ''; if ($_googleAnalyticsStyle != '' && $_googleAnalyticsStyle != 0 && $_googleAnalyticsAPIKey != '') { switch ($_googleAnalyticsStyle) { case '1': // Default Google Tracking $_googleAnalyticsJavaScript = <<<EOD <script> (function(i,s,o,g,r,a,m){ i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments) },i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', '{$_googleAnalyticsAPIKey}', 'auto'); // Replace with your property ID. ga('send', 'pageview'); </script> EOD; break; case '2': // SurveyName-[SID]/[GSEQ]-GroupName - create custom GSEQ based upon page step $moveInfo = LimeExpressionManager::GetLastMoveResult(); if (is_null($moveInfo)) { $gseq = 'welcome'; } else { if ($moveInfo['finished']) { $gseq = 'finished'; } else { if (isset($moveInfo['at_start']) && $moveInfo['at_start']) { $gseq = 'welcome'; } else { if (is_null($_groupname)) { $gseq = 'printanswers'; } else { $gseq = $moveInfo['gseq'] + 1; } } } } $_trackURL = htmlspecialchars($thissurvey['name'] . '-[' . $surveyid . ']/[' . $gseq . ']-' . $_groupname); $_googleAnalyticsJavaScript = <<<EOD <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', '{$_googleAnalyticsAPIKey}', 'auto'); // Replace with your property ID. ga('send', 'pageview'); ga('send', 'pageview', '{$_trackURL}'); </script> EOD; break; } } $_endtext = ''; if (isset($thissurvey['surveyls_endtext']) && trim($thissurvey['surveyls_endtext']) != '') { $_endtext = $thissurvey['surveyls_endtext']; } $sitelogo = !empty($oTemplate->siteLogo) ? '<img src="' . App()->getAssetManager()->publish($oTemplate->path . '/' . $oTemplate->siteLogo) . '"/>' : ''; // Set the array of replacement variables here - don't include curly braces $coreReplacements = array(); $coreReplacements['ACTIVE'] = isset($thissurvey['active']) && !($thissurvey['active'] != "Y"); $coreReplacements['ANSWERSCLEARED'] = gT("Answers cleared"); $coreReplacements['ASSESSMENTS'] = $assessmenthtml; $coreReplacements['ASSESSMENT_CURRENT_TOTAL'] = $_assessment_current_total; $coreReplacements['ASSESSMENT_HEADING'] = gT("Your assessment"); $coreReplacements['CHECKJAVASCRIPT'] = "<noscript><span class='warningjs'>" . gT("Caution: JavaScript execution is disabled in your browser. You may not be able to answer all questions in this survey. Please, verify your browser parameters.") . "</span></noscript>"; $coreReplacements['CLEARALL'] = $_clearall; $coreReplacements['CLEARALL_LINKS'] = $_clearalllinks; $coreReplacements['CLOSEWINDOW'] = ''; // Obsolete tag - keep this line for compatibility reaons $coreReplacements['COMPLETED'] = isset($redata['completed']) ? $redata['completed'] : ''; // global $coreReplacements['DATESTAMP'] = $_datestamp; $coreReplacements['ENDTEXT'] = $_endtext; $coreReplacements['EXPIRY'] = $_dateoutput; $coreReplacements['ADMINNAME'] = isset($thissurvey['admin']) ? $thissurvey['admin'] : ''; $coreReplacements['ADMINEMAIL'] = isset($thissurvey['adminemail']) ? $thissurvey['adminemail'] : ''; $coreReplacements['GID'] = Yii::app()->getConfig('gid', ''); // Use the gid of the question, except if we are not in question (Randomization group name) $coreReplacements['GOOGLE_ANALYTICS_API_KEY'] = $_googleAnalyticsAPIKey; $coreReplacements['GOOGLE_ANALYTICS_JAVASCRIPT'] = $_googleAnalyticsJavaScript; $coreReplacements['GROUPDESCRIPTION'] = $_groupdescription; $coreReplacements['GROUPNAME'] = $_groupname; $coreReplacements['LANG'] = App()->language; $coreReplacements['LANGUAGECHANGER'] = isset($languagechanger) ? $languagechanger : ''; // global $coreReplacements['LOADERROR'] = isset($errormsg) ? $errormsg : ''; // global $coreReplacements['LOADFORM'] = $_loadform; $coreReplacements['LOADHEADING'] = gT("Load a previously saved survey"); $coreReplacements['LOADMESSAGE'] = gT("You can load a survey that you have previously saved from this screen.") . "<br />" . gT("Type in the 'name' you used to save the survey, and the password.") . "<br />"; $coreReplacements['NAVIGATOR'] = isset($navigator) ? $navigator : ''; // global $coreReplacements['MOVEPREVBUTTON'] = isset($moveprevbutton) ? $moveprevbutton : ''; // global $coreReplacements['MOVENEXTBUTTON'] = isset($movenextbutton) ? $movenextbutton : ''; // global $coreReplacements['NOSURVEYID'] = isset($surveylist) ? $surveylist['nosid'] : ''; $coreReplacements['NUMBEROFQUESTIONS'] = $_totalquestionsAsked; $coreReplacements['PERCENTCOMPLETE'] = isset($percentcomplete) ? $percentcomplete : ''; // global $coreReplacements['PRIVACY'] = isset($privacy) ? $privacy : ''; // global $coreReplacements['PRIVACYMESSAGE'] = "<span style='font-weight:bold; font-style: italic;'>" . gT("A Note On Privacy") . "</span><br />" . gT("This survey is anonymous.") . "<br />" . gT("The record of your survey responses does not contain any identifying information about you, unless a specific survey question explicitly asked for it.") . ' ' . gT("If you used an identifying token to access this survey, please rest assured that this token will not be stored together with your responses. It is managed in a separate database and will only be updated to indicate whether you did (or did not) complete this survey. There is no way of matching identification tokens with survey responses."); $coreReplacements['QUESTION_INDEX'] = isset($questionindex) ? $questionindex : ''; $coreReplacements['QUESTION_INDEX_MENU'] = isset($questionindexmenu) ? $questionindexmenu : ''; $coreReplacements['RESTART'] = $_restart; $coreReplacements['RETURNTOSURVEY'] = $_return_to_survey; $coreReplacements['SAVE_LINKS'] = $_savelinks; $coreReplacements['SAVE'] = $_saveall; $coreReplacements['SAVEALERT'] = $_savealert; $coreReplacements['SAVEDID'] = isset($saved_id) ? $saved_id : ''; // global $coreReplacements['SAVEERROR'] = isset($errormsg) ? $errormsg : ''; // global - same as LOADERROR $coreReplacements['SAVEFORM'] = $_saveform; $coreReplacements['SAVEHEADING'] = gT("Save your unfinished survey"); $coreReplacements['SAVEMESSAGE'] = gT("Enter a name and password for this survey and click save below.") . "<br />\n" . gT("Your survey will be saved using that name and password, and can be completed later by logging in with the same name and password.") . "<br /><br />\n<span class='emailoptional'>" . gT("If you give an email address, an email containing the details will be sent to you.") . "</span><br /><br />\n" . gT("After having clicked the save button you can either close this browser window or continue filling out the survey."); $coreReplacements['SID'] = Yii::app()->getConfig('surveyID', ''); // Allways use surveyID from config $coreReplacements['SITENAME'] = isset($sitename) ? $sitename : ''; // global $coreReplacements['SITELOGO'] = $sitelogo; $coreReplacements['SUBMITBUTTON'] = $_submitbutton; $coreReplacements['SUBMITCOMPLETE'] = "<strong>" . gT("Thank you!") . "<br /><br />" . gT("You have completed answering the questions in this survey.") . "</strong><br /><br />" . gT("Click on 'Submit' now to complete the process and save your answers."); $coreReplacements['SUBMITREVIEW'] = $_strreview; $coreReplacements['SURVEYCONTACT'] = $surveycontact; $coreReplacements['SURVEYDESCRIPTION'] = isset($thissurvey['description']) ? $thissurvey['description'] : ''; $coreReplacements['SURVEYFORMAT'] = isset($surveyformat) ? $surveyformat : ''; // global $coreReplacements['SURVEYLANGUAGE'] = App()->language; $coreReplacements['SURVEYLIST'] = isset($surveylist) ? $surveylist['list'] : ''; $coreReplacements['SURVEYLISTHEADING'] = isset($surveylist) ? $surveylist['listheading'] : ''; $coreReplacements['SURVEYNAME'] = isset($thissurvey['name']) ? $thissurvey['name'] : ''; $coreReplacements['SURVEYRESOURCESURL'] = isset($thissurvey['sid']) ? Yii::app()->getConfig("uploadurl") . '/surveys/' . $thissurvey['sid'] . '/' : ''; $coreReplacements['TEMPLATECSS'] = $_templatecss; $coreReplacements['TEMPLATEJS'] = $_templatejs; $coreReplacements['TEMPLATEURL'] = $templateurl; $coreReplacements['THEREAREXQUESTIONS'] = $_therearexquestions; $coreReplacements['TOKEN'] = !$anonymized ? $_token : ''; // Silently replace TOKEN by empty string $coreReplacements['URL'] = $_linkreplace; $coreReplacements['WELCOME'] = isset($thissurvey['welcome']) ? $thissurvey['welcome'] : ''; if (!isset($replacements['QID'])) { Yii::import('application.helpers.SurveyRuntimeHelper'); $coreReplacements = array_merge($coreReplacements, SurveyRuntimeHelper::getQuestionReplacement(null)); // so $replacements overrides core values } if (!is_null($replacements) && is_array($replacements)) { $doTheseReplacements = array_merge($coreReplacements, $replacements); // so $replacements overrides core values } else { $doTheseReplacements = $coreReplacements; } // Now do all of the replacements - In rare cases, need to do 3 deep recursion, that that is default $line = LimeExpressionManager::ProcessString($line, $questionNum, $doTheseReplacements, false, 3, 1, false, true, $bStaticReplacement); return $line; }
/** * This function replaces keywords in a text and is mainly intended for templates * If you use this functions put your replacement strings into the $replacements variable * instead of using global variables * NOTE - Don't do any embedded replacements in this function. Create the array of replacement values and * they will be done in batch at the end * * @param mixed $line Text to search in * @param mixed $replacements Array of replacements: Array( <stringtosearch>=><stringtoreplacewith> * @param boolean $anonymized Determines if token data is being used or just replaced with blanks * @param questionNum - needed to support dynamic JavaScript-based tailoring within questions * @return string Text with replaced strings */ function templatereplace($line, $replacements = array(), &$redata = array(), $debugSrc = 'Unspecified', $anonymized = false, $questionNum = NULL, $registerdata = array()) { /* global $clienttoken,$token,$sitename,$move,$showxquestions,$showqnumcode,$questioncode,$register_errormsg; global $s_lang,$errormsg,$saved_id, $relativeurl, $languagechanger,$captchapath,$loadname; */ /* $allowedvars = array('surveylist', 'sitename', 'clienttoken', 'rooturl', 'thissurvey', 'imageurl', 'defaulttemplate', 'percentcomplete', 'move', 'groupname', 'groupdescription', 'question', 'showxquestions', 'showgroupinfo', 'showqnumcode', 'questioncode', 'answer', 'navigator', 'help', 'totalquestions', 'surveyformat', 'completed', 'register_errormsg', 'notanswered', 'privacy', 'surveyid', 'publicurl', 'templatedir', 'token', 'assessments', 's_lang', 'errormsg', 'clang', 'saved_id', 'usertemplaterootdir', 'relativeurl', 'languagechanger', 'printoutput', 'captchapath', 'loadname'); */ $allowedvars = array('answer', 'assessments', 'captchapath', 'clienttoken', 'completed', 'errormsg', 'groupdescription', 'groupname', 'help', 'imageurl', 'languagechanger', 'loadname', 'move', 'navigator', 'percentcomplete', 'privacy', 'question', 'register_errormsg', 'relativeurl', 's_lang', 'saved_id', 'showgroupinfo', 'showqnumcode', 'showxquestions', 'sitename', 'surveylist', 'templatedir', 'thissurvey', 'token', 'totalBoilerplatequestions', 'totalquestions'); $varsPassed = array(); foreach ($allowedvars as $var) { if (isset($redata[$var])) { ${$var} = $redata[$var]; $varsPassed[] = $var; } } // if (count($varsPassed) > 0) { // log_message('debug', 'templatereplace() called from ' . $debugSrc . ' contains: ' . implode(', ', $varsPassed)); // } // if (isset($redata['question'])) { // LimeExpressionManager::ShowStackTrace('has QID and/or SGA',$allowedvars); // } // extract($redata); // creates variables for each of the keys in the array // Local over-rides in case not set above if (!isset($showgroupinfo)) { $showgroupinfo = Yii::app()->getConfig('showgroupinfo'); } if (!isset($showqnumcode)) { $showqnumcode = Yii::app()->getConfig('showqnumcode'); } $_surveyid = Yii::app()->getConfig('surveyID'); if (!isset($showxquestions)) { $showxquestions = Yii::app()->getConfig('showxquestions'); } if (!isset($s_lang)) { $s_lang = isset(Yii::app()->session['survey_' . $_surveyid]['s_lang']) ? Yii::app()->session['survey_' . $_surveyid]['s_lang'] : 'en'; } if (!isset($captchapath)) { $captchapath = ''; } $clang = Yii::app()->lang; Yii::app()->loadHelper('surveytranslator'); $questiondetails = array('sid' => 0, 'gid' => 0, 'qid' => 0, 'aid' => 0); if (isset($question) && isset($question['sgq'])) { $questiondetails = getSIDGIDQIDAIDType($question['sgq']); } //Gets an array containing SID, GID, QID, AID and Question Type) if (isset($thissurvey['sid'])) { $surveyid = $thissurvey['sid']; } // lets sanitize the survey template if (isset($thissurvey['templatedir'])) { $templatename = $thissurvey['templatedir']; } else { $templatename = Yii::app()->getConfig('defaulttemplate'); } if (!isset($templatedir)) { $templatedir = getTemplatePath($templatename); } if (!isset($templateurl)) { $templateurl = getTemplateURL($templatename) . "/"; } // TEMPLATECSS and TEMPLATEJS $_templatecss = ""; $_templatejs = ""; if (stripos($line, "{TEMPLATECSS}")) { $css_header_includes = Yii::app()->getConfig("css_header_includes"); if (file_exists($templatedir . DIRECTORY_SEPARATOR . 'jquery-ui-custom.css')) { $template_jqueryui_css = "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}jquery-ui-custom.css' />\n"; } elseif (file_exists($templatedir . DIRECTORY_SEPARATOR . 'jquery-ui.css')) { $template_jqueryui_css = "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}jquery-ui.css' />\n"; } else { $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . Yii::app()->getConfig('publicstyleurl') . "jquery-ui.css' />\n"; // Remove it after corrected slider $template_jqueryui_css = ""; } if ($css_header_includes) { foreach ($css_header_includes as $cssinclude) { if (substr($cssinclude, 0, 4) == 'http' || substr($cssinclude, 0, strlen(Yii::app()->getConfig('publicurl'))) == Yii::app()->getConfig('publicurl')) { $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . $cssinclude . "' />\n"; } else { if (file_exists($templatedir . DIRECTORY_SEPARATOR . $cssinclude)) { $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}{$cssinclude}' />\n"; } else { $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='" . Yii::app()->getConfig('publicstyleurl') . $cssinclude . "' />\n"; } } } } $_templatecss .= $template_jqueryui_css; // Template jquery ui after default css $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}template.css' />\n"; if (getLanguageRTL($clang->langcode)) { $_templatecss .= "<link rel='stylesheet' type='text/css' media='all' href='{$templateurl}template-rtl.css' />\n"; } } if (stripos($line, "{TEMPLATEJS}")) { $js_header_includes = header_includes(false, 'js'); $_jqueryuijsurl = Yii::app()->getConfig('generalscripts') . "jquery/jquery-ui.js"; $_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "jquery/jquery.js'></script>\n"; $_templatejs .= "<script type='text/javascript' src='{$_jqueryuijsurl}'></script>\n"; $_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "jquery/jquery.ui.touch-punch.min.js'></script>\n"; if ($js_header_includes) { foreach ($js_header_includes as $jsinclude) { if (substr($jsinclude, 0, 4) == 'http' || substr($jsinclude, 0, strlen(Yii::app()->getConfig('publicurl'))) == Yii::app()->getConfig('publicurl')) { $_templatejs .= "<script type='text/javascript' src='{$jsinclude}'></script>\n"; } else { $_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . $jsinclude . "'></script>\n"; } } } $_templatejs .= "<script type='text/javascript' src='" . Yii::app()->getConfig('generalscripts') . "survey_runtime.js'></script>\n"; $_templatejs .= "<script type='text/javascript' src='{$templateurl}template.js'></script>\n"; $_templatejs .= useFirebug(); } // surveyformat if (isset($thissurvey['format'])) { $surveyformat = str_replace(array("A", "S", "G"), array("allinone", "questionbyquestion", "groupbygroup"), $thissurvey['format']); } else { $surveyformat = ""; } if (isset(Yii::app()->session['step']) && Yii::app()->session['step'] % 2 && $surveyformat != "allinone") { $surveyformat .= " page-odd"; } if (isset($thissurvey['allowjumps']) && $thissurvey['allowjumps'] == "Y" && $surveyformat != "allinone" && (isset(Yii::app()->session['step']) && Yii::app()->session['step'] > 0)) { $surveyformat .= " withindex"; } if (isset($thissurvey['showprogress']) && $thissurvey['showprogress'] == "Y") { $surveyformat .= " showprogress"; } if (isset($thissurvey['showqnumcode'])) { $surveyformat .= " showqnumcode-" . $thissurvey['showqnumcode']; } // real survey contact if (isset($surveylist) && isset($surveylist['contact'])) { $surveycontact = $surveylist['contact']; } elseif (isset($surveylist) && isset($thissurvey['admin']) && $thissurvey['admin'] != "") { $surveycontact = sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['admin'], $thissurvey['adminemail']); } else { $surveycontact = ""; } // If there are non-bracketed replacements to be made do so above this line. // Only continue in this routine if there are bracketed items to replace {} if (strpos($line, "{") === false) { // process string anyway so that it can be pretty-printed return LimeExpressionManager::ProcessString($line, $questionNum, NULL, false, 1, 1, true); } if ($showgroupinfo == 'both' || $showgroupinfo == 'name' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'N') { $_groupname = isset($groupname) ? $groupname : ''; } else { $_groupname = ''; } if ($showgroupinfo == 'both' || $showgroupinfo == 'description' || $showgroupinfo == 'choose' && !isset($thissurvey['showgroupinfo']) || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'B' || $showgroupinfo == 'choose' && $thissurvey['showgroupinfo'] == 'D') { $_groupdescription = isset($groupdescription) ? $groupdescription : ''; } else { $_groupdescription = ''; } if (isset($question) && is_array($question)) { $_question = $question['all']; $_question_text = $question['text']; $_question_help = $question['help']; $_question_mandatory = $question['mandatory']; $_question_man_message = $question['man_message']; $_question_valid_message = $question['valid_message']; $_question_file_valid_message = $question['file_valid_message']; $_question_sgq = isset($question['sgq']) ? $question['sgq'] : ''; $_question_essentials = $question['essentials']; $_getQuestionClass = $question['class']; $_question_man_class = $question['man_class']; $_question_input_error_class = $question['input_error_class']; $_question_number = $question['number']; $_question_code = $question['code']; $_question_type = $question['type']; } else { $_question = isset($question) ? $question : ''; $_question_text = ''; $_question_help = ''; $_question_mandatory = ''; $_question_man_message = ''; $_question_valid_message = ''; $_question_file_valid_message = ''; $_question_sgq = ''; $_question_essentials = ''; $_getQuestionClass = ''; $_question_man_class = ''; $_question_input_error_class = ''; $_question_number = ''; $_question_code = ''; $_question_type = ''; } if ($_question_type == '*') { $_question_text = '<div class="em_equation">' . $_question_text . '</div>'; } if (!($showqnumcode == 'both' || $showqnumcode == 'number' || $showqnumcode == 'choose' && !isset($thissurvey['showqnumcode']) || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'B' || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'N')) { $_question_number = ''; } if (!($showqnumcode == 'both' || $showqnumcode == 'code' || $showqnumcode == 'choose' && !isset($thissurvey['showqnumcode']) || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'B' || $showqnumcode == 'choose' && $thissurvey['showqnumcode'] == 'C')) { $_question_code = ''; } if (!isset($totalquestions)) { $totalquestions = 0; } $_totalquestionsAsked = $totalquestions; if ($showxquestions == 'show' || $showxquestions == 'choose' && !isset($thissurvey['showxquestions']) || $showxquestions == 'choose' && $thissurvey['showxquestions'] == 'Y') { if ($_totalquestionsAsked < 1) { $_therearexquestions = $clang->gT("There are no questions in this survey"); // Singular } elseif ($_totalquestionsAsked == 1) { $_therearexquestions = $clang->gT("There is 1 question in this survey"); //Singular } else { $_therearexquestions = $clang->gT("There are {NUMBEROFQUESTIONS} questions in this survey."); //Note this line MUST be before {NUMBEROFQUESTIONS} } } else { $_therearexquestions = ''; } if (isset($token)) { $_token = $token; } elseif (isset($clienttoken)) { $_token = htmlentities($clienttoken, ENT_QUOTES, 'UTF-8'); // or should it be URL-encoded? } else { $_token = ''; } // Expiry if (isset($thissurvey['expiry'])) { $dateformatdetails = getDateFormatData($thissurvey['surveyls_dateformat']); Yii::import('application.libraries.Date_Time_Converter', true); $datetimeobj = new Date_Time_Converter($thissurvey['expiry'], "Y-m-d"); $_dateoutput = $datetimeobj->convert($dateformatdetails['phpdate']); } else { $_dateoutput = '-'; } $_submitbutton = "<input class='submit' type='submit' value=' " . $clang->gT("Submit") . " ' name='move2' onclick=\"javascript:document.limesurvey.move.value = 'movesubmit';\" />"; if (isset($thissurvey['surveyls_url']) and $thissurvey['surveyls_url'] != "") { if (trim($thissurvey['surveyls_urldescription']) != '') { $_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_urldescription']}</a>"; } else { $_linkreplace = "<a href='{$thissurvey['surveyls_url']}'>{$thissurvey['surveyls_url']}</a>"; } } else { $_linkreplace = ''; } if (isset($thissurvey['sid']) && isset($_SESSION['survey_' . $thissurvey['sid']]['srid']) && $thissurvey['active'] == 'Y') { $iscompleted = Survey_dynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $thissurvey['sid']]['srid']); } else { $iscompleted = false; } if (isset($surveyid) && !$iscompleted) { $_clearall = "<input type='button' name='clearallbtn' value='" . $clang->gT("Exit and clear survey") . "' class='clearall' " . "onclick=\"if (confirm('" . $clang->gT("Are you sure you want to clear all your responses?", 'js') . "')) {\nwindow.open('" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}", array('move' => 'clearall', 'lang' => $s_lang), '&'); if (returnGlobal('token')) { $_clearall .= "&token=" . urlencode(trim(sanitize_token(strip_tags(returnGlobal('token'))))); } $_clearall .= "', '_self')}\" />"; } else { $_clearall = ""; } if (isset(Yii::app()->session['datestamp'])) { $_datestamp = Yii::app()->session['datestamp']; } else { $_datestamp = '-'; } if (isset($thissurvey['allowsave']) and $thissurvey['allowsave'] == "Y") { // Find out if the user has any saved data if ($thissurvey['format'] == 'A') { if ($thissurvey['tokenanswerspersistence'] != 'Y' || !isset($surveyid) || !tableExists('tokens_' . $surveyid)) { $_saveall = "\t\t\t<input type='button' name='loadall' value='" . $clang->gT("Load unfinished survey") . "' class='saveall' onclick=\"javascript:addHiddenField(document.getElementById('limesurvey'),'loadall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>" . "\n\t\t\t<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>"; // Show Save So Far button } else { $_saveall = "\t\t\t<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>"; // Show Save So Far button } } elseif (isset($surveyid) && (!isset($_SESSION['survey_' . $surveyid]['step']) || !$_SESSION['survey_' . $surveyid]['step'])) { //First page, show LOAD if ($thissurvey['tokenanswerspersistence'] != 'Y' || !isset($surveyid) || !tableExists('tokens_' . $surveyid)) { $_saveall = "\t\t\t<input type='button' name='loadall' value='" . $clang->gT("Load unfinished survey") . "' class='saveall' onclick=\"javascript:addHiddenField(document.getElementById('limesurvey'),'loadall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>"; } else { $_saveall = ''; } } elseif (isset(Yii::app()->session['scid']) && (isset($move) && $move == "movelast")) { //Already saved and on Submit Page, dont show Save So Far button $_saveall = ''; } else { $_saveall = "<input type='button' name='saveallbtn' value='" . $clang->gT("Resume later") . "' class='saveall' onclick=\"javascript:document.limesurvey.move.value = this.value;addHiddenField(document.getElementById('limesurvey'),'saveall',this.value);document.getElementById('limesurvey').submit();\" " . ($thissurvey['active'] != "Y" ? "disabled='disabled'" : "") . "/>"; // Show Save So Far button } } else { $_saveall = ""; } if (!isset($help)) { $help = ""; } if (flattenText($help, true, true) != '') { if (!isset($helpicon)) { if (file_exists($templatedir . '/help.gif')) { $helpicon = $templateurl . 'help.gif'; } elseif (file_exists($templatedir . '/help.png')) { $helpicon = $templateurl . 'help.png'; } else { $helpicon = Yii::app()->getConfig('imageurl') . "/help.gif"; } } $_questionhelp = "<img src='{$helpicon}' alt='Help' align='left' />" . $help; } else { $_questionhelp = $help; } if (isset($thissurvey['allowprev']) && $thissurvey['allowprev'] == "N") { $_strreview = ""; } else { $_strreview = $clang->gT("If you want to check any of the answers you have made, and/or change them, you can do that now by clicking on the [<< prev] button and browsing through your responses."); } if (isset($thissurvey['active']) and $thissurvey['active'] == "N") { $_restart = "<a href='" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}/newtest/Y"); if (isset($s_lang) && $s_lang != '') { $_restart .= "/lang/" . $s_lang; } $_restart .= "'>" . $clang->gT("Restart this survey") . "</a>"; } else { if (isset($surveyid)) { $restart_extra = ""; $restart_token = returnGlobal('token'); if (!empty($restart_token)) { $restart_extra .= "/token/" . urlencode($restart_token); } else { $restart_extra = "/newtest/Y"; } if (!empty($_GET['lang'])) { $restart_extra .= "/lang/" . returnGlobal('lang'); } $_restart = "<a href='" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}{$restart_extra}") . "'>" . $clang->gT("Restart this Survey") . "</a>"; } else { $_restart = ""; } } if (isset($thissurvey['anonymized']) && $thissurvey['anonymized'] == 'Y') { $_savealert = $clang->gT("To remain anonymous please use a pseudonym as your username, also an email address is not required."); } else { $_savealert = ""; } if (isset($surveyid)) { $_return_to_survey = "<a href=" . Yii::app()->getController()->createUrl("survey/index/sid/{$surveyid}"); if (returnGlobal('token')) { $_return_to_survey .= "?amp;token=" . urlencode(trim(sanitize_xss_string(strip_tags(returnGlobal('token'))))); } $_return_to_survey .= "'>" . $clang->gT("Return to survey") . "</a>"; } else { $_return_to_survey = ""; } // Save Form $_saveform = "<table><tr><td align='right'>" . $clang->gT("Name") . ":</td><td><input type='text' name='savename' value='"; if (isset($_POST['savename'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savename'])); } $_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Password") . ":</td><td><input type='password' name='savepass' value='"; if (isset($_POST['savepass'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savepass'])); } $_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Repeat password") . ":</td><td><input type='password' name='savepass2' value='"; if (isset($_POST['savepass2'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['savepass2'])); } $_saveform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Your email address") . ":</td><td><input type='text' name='saveemail' value='"; if (isset($_POST['saveemail'])) { $_saveform .= HTMLEscape(autoUnescape($_POST['saveemail'])); } $_saveform .= "' /></td></tr>\n"; if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { $_saveform .= "<tr><td align='right'>" . $clang->gT("Security question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . (isset($surveyid) ? $surveyid : '')) . "' alt6='' /></td><td valign='middle' style='text-align:left'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table></td></tr>\n"; } $_saveform .= "<tr><td align='right'></td><td></td></tr>\n" . "<tr><td></td><td><input type='submit' id='savebutton' name='savesubmit' value='" . $clang->gT("Save Now") . "' /></td></tr>\n" . "</table>"; // Load Form $_loadform = "<table><tr><td align='right'>" . $clang->gT("Saved name") . ":</td><td><input type='text' name='loadname' value='"; if (isset($loadname)) { $_loadform .= HTMLEscape(autoUnescape($loadname)); } $_loadform .= "' /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Password") . ":</td><td><input type='password' name='loadpass' value='"; if (isset($loadpass)) { $_loadform .= HTMLEscape(autoUnescape($loadpass)); } $_loadform .= "' /></td></tr>\n"; if (isset($thissurvey['usecaptcha']) && function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { $_loadform .= "<tr><td align='right'>" . $clang->gT("Security question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='' /></td><td valign='middle'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' alt=''/></td></tr></table></td></tr>\n"; } $_loadform .= "<tr><td align='right'></td><td></td></tr>\n" . "<tr><td></td><td><input type='submit' id='loadbutton' value='" . $clang->gT("Load now") . "' /></td></tr></table>\n"; // Registration Form if (isset($surveyid) || isset($registerdata) && $debugSrc == 'register.php') { if (isset($surveyid)) { $tokensid = $surveyid; } else { $tokensid = $registerdata['sid']; } $_registerform = "<form method='post' action='" . Yii::app()->getController()->createUrl('/register/index/surveyid/' . $tokensid) . "'>\n"; if (!isset($_REQUEST['lang'])) { $_reglang = Survey::model()->findByPk($tokensid)->language; } else { $_reglang = returnGlobal('lang'); } $_registerform .= "<input type='hidden' name='lang' value='" . $_reglang . "' />\n"; $_registerform .= "<input type='hidden' name='sid' value='{$tokensid}' id='sid' />\n"; $_registerform .= "<table class='register' summary='Registrationform'>\n" . "<tr><td align='right'>" . $clang->gT("First name") . ":</td>" . "<td align='left'><input class='text' type='text' name='register_firstname'"; if (isset($_POST['register_firstname'])) { $_registerform .= " value='" . htmlentities(returnGlobal('register_firstname'), ENT_QUOTES, 'UTF-8') . "'"; } $_registerform .= " /></td></tr>" . "<tr><td align='right'>" . $clang->gT("Last name") . ":</td>\n" . "<td align='left'><input class='text' type='text' name='register_lastname'"; if (isset($_POST['register_lastname'])) { $_registerform .= " value='" . htmlentities(returnGlobal('register_lastname'), ENT_QUOTES, 'UTF-8') . "'"; } $_registerform .= " /></td></tr>\n" . "<tr><td align='right'>" . $clang->gT("Email address") . ":</td>\n" . "<td align='left'><input class='text' type='text' name='register_email'"; if (isset($_POST['register_email'])) { $_registerform .= " value='" . htmlentities(returnGlobal('register_email'), ENT_QUOTES, 'UTF-8') . "'"; } $_registerform .= " /></td></tr>\n"; foreach ($thissurvey['attributedescriptions'] as $field => $attribute) { if (empty($attribute['show_register']) || $attribute['show_register'] != 'Y') { continue; } $_registerform .= ' <tr> <td align="right">' . $thissurvey['attributecaptions'][$field] . ($attribute['mandatory'] == 'Y' ? '*' : '') . ':</td> <td align="left"><input class="text" type="text" name="register_' . $field . '" /></td> </tr>'; } if ((count($registerdata) > 1 || isset($thissurvey['usecaptcha'])) && function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $thissurvey['usecaptcha'])) { $_registerform .= "<tr><td align='right'>" . $clang->gT("Security Question") . ":</td><td><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='' /></td><td valign='middle'><input type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table></td></tr>\n"; } $_registerform .= "<tr><td></td><td><input id='registercontinue' class='submit' type='submit' value='" . $clang->gT("Continue") . "' />" . "</td></tr>\n" . "</table>\n"; if (count($registerdata) > 1 && $registerdata['sid'] != NULL && $debugSrc == 'register.php') { $_registerform .= "<input name='startdate' type ='hidden' value='" . $registerdata['startdate'] . "' />"; $_registerform .= "<input name='enddate' type ='hidden' value='" . $registerdata['enddate'] . "' />"; } $_registerform .= "</form>\n"; } else { $_registerform = ""; } // Assessments $assessmenthtml = ""; if (isset($surveyid) && !is_null($surveyid) && function_exists('doAssessment')) { $assessmentdata = doAssessment($surveyid, true); $_assessment_current_total = $assessmentdata['total']; if (stripos($line, "{ASSESSMENTS}")) { $assessmenthtml = doAssessment($surveyid, false); } } else { $_assessment_current_total = ''; } if (isset($thissurvey['googleanalyticsapikey']) && trim($thissurvey['googleanalyticsapikey']) != '') { $_googleAnalyticsAPIKey = trim($thissurvey['googleanalyticsapikey']); } else { $_googleAnalyticsAPIKey = trim(getGlobalSetting('googleanalyticsapikey')); } $_googleAnalyticsStyle = isset($thissurvey['googleanalyticsstyle']) ? $thissurvey['googleanalyticsstyle'] : '0'; $_googleAnalyticsJavaScript = ''; if ($_googleAnalyticsStyle != '' && $_googleAnalyticsStyle != 0 && $_googleAnalyticsAPIKey != '') { switch ($_googleAnalyticsStyle) { case '1': // Default Google Tracking $_googleAnalyticsJavaScript = <<<EOD <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', '{$_googleAnalyticsAPIKey}']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> EOD; break; case '2': // SurveyName-[SID]/[GSEQ]-GroupName - create custom GSEQ based upon page step $moveInfo = LimeExpressionManager::GetLastMoveResult(); if (is_null($moveInfo)) { $gseq = 'welcome'; } else { if ($moveInfo['finished']) { $gseq = 'finished'; } else { if (isset($moveInfo['at_start']) && $moveInfo['at_start']) { $gseq = 'welcome'; } else { if (is_null($_groupname)) { $gseq = 'printanswers'; } else { $gseq = $moveInfo['gseq'] + 1; } } } } $_trackURL = htmlspecialchars($thissurvey['name'] . '-[' . $surveyid . ']/[' . $gseq . ']-' . $_groupname); $_googleAnalyticsJavaScript = <<<EOD <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', '{$_googleAnalyticsAPIKey}']); _gaq.push(['_trackPageview','{$_trackURL}']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> EOD; break; } } $_endtext = ''; if (isset($thissurvey['surveyls_endtext']) && trim($thissurvey['surveyls_endtext']) != '') { $_endtext = $thissurvey['surveyls_endtext']; } // Set the array of replacement variables here - don't include curly braces $coreReplacements = array(); $coreReplacements['ACTIVE'] = isset($thissurvey['active']) && !($thissurvey['active'] != "Y"); $coreReplacements['AID'] = isset($questiondetails['aid']) ? $questiondetails['aid'] : ''; $coreReplacements['ANSWER'] = isset($answer) ? $answer : ''; // global $coreReplacements['ANSWERSCLEARED'] = $clang->gT("Answers cleared"); $coreReplacements['ASSESSMENTS'] = $assessmenthtml; $coreReplacements['ASSESSMENT_CURRENT_TOTAL'] = $_assessment_current_total; $coreReplacements['ASSESSMENT_HEADING'] = $clang->gT("Your assessment"); $coreReplacements['CHECKJAVASCRIPT'] = "<noscript><span class='warningjs'>" . $clang->gT("Caution: JavaScript execution is disabled in your browser. You may not be able to answer all questions in this survey. Please, verify your browser parameters.") . "</span></noscript>"; $coreReplacements['CLEARALL'] = $_clearall; $coreReplacements['CLOSEWINDOW'] = "<a href='javascript:%20self.close()'>" . $clang->gT("Close this window") . "</a>"; $coreReplacements['COMPLETED'] = isset($redata['completed']) ? $redata['completed'] : ''; // global $coreReplacements['DATESTAMP'] = $_datestamp; $coreReplacements['ENDTEXT'] = $_endtext; $coreReplacements['EXPIRY'] = $_dateoutput; $coreReplacements['GID'] = isset($questiondetails['gid']) ? $questiondetails['gid'] : ''; $coreReplacements['GOOGLE_ANALYTICS_API_KEY'] = $_googleAnalyticsAPIKey; $coreReplacements['GOOGLE_ANALYTICS_JAVASCRIPT'] = $_googleAnalyticsJavaScript; $coreReplacements['GROUPDESCRIPTION'] = $_groupdescription; $coreReplacements['GROUPNAME'] = $_groupname; $coreReplacements['LANG'] = $clang->getlangcode(); $coreReplacements['LANGUAGECHANGER'] = isset($languagechanger) ? $languagechanger : ''; // global $coreReplacements['LOADERROR'] = isset($errormsg) ? $errormsg : ''; // global $coreReplacements['LOADFORM'] = $_loadform; $coreReplacements['LOADHEADING'] = $clang->gT("Load a previously saved survey"); $coreReplacements['LOADMESSAGE'] = $clang->gT("You can load a survey that you have previously saved from this screen.") . "<br />" . $clang->gT("Type in the 'name' you used to save the survey, and the password.") . "<br />"; $coreReplacements['NAVIGATOR'] = isset($navigator) ? $navigator : ''; // global $coreReplacements['NOSURVEYID'] = isset($surveylist) ? $surveylist['nosid'] : ''; $coreReplacements['NUMBEROFQUESTIONS'] = $_totalquestionsAsked; $coreReplacements['PERCENTCOMPLETE'] = isset($percentcomplete) ? $percentcomplete : ''; // global $coreReplacements['PRIVACY'] = isset($privacy) ? $privacy : ''; // global $coreReplacements['PRIVACYMESSAGE'] = "<span style='font-weight:bold; font-style: italic;'>" . $clang->gT("A Note On Privacy") . "</span><br />" . $clang->gT("This survey is anonymous.") . "<br />" . $clang->gT("The record kept of your survey responses does not contain any identifying information about you unless a specific question in the survey has asked for this. If you have responded to a survey that used an identifying token to allow you to access the survey, you can rest assured that the identifying token is not kept with your responses. It is managed in a separate database, and will only be updated to indicate that you have (or haven't) completed this survey. There is no way of matching identification tokens with survey responses in this survey."); $coreReplacements['QID'] = isset($questiondetails['qid']) ? $questiondetails['qid'] : ''; $coreReplacements['QUESTION'] = $_question; $coreReplacements['QUESTIONHELP'] = $_questionhelp; $coreReplacements['QUESTIONHELPPLAINTEXT'] = strip_tags(addslashes($help)); // global $coreReplacements['QUESTION_CLASS'] = $_getQuestionClass; $coreReplacements['QUESTION_CODE'] = $_question_code; $coreReplacements['QUESTION_ESSENTIALS'] = $_question_essentials; $coreReplacements['QUESTION_FILE_VALID_MESSAGE'] = $_question_file_valid_message; $coreReplacements['QUESTION_HELP'] = $_question_help; $coreReplacements['QUESTION_INPUT_ERROR_CLASS'] = $_question_input_error_class; $coreReplacements['QUESTION_MANDATORY'] = $_question_mandatory; $coreReplacements['QUESTION_MAN_CLASS'] = $_question_man_class; $coreReplacements['QUESTION_MAN_MESSAGE'] = $_question_man_message; $coreReplacements['QUESTION_NUMBER'] = $_question_number; $coreReplacements['QUESTION_TEXT'] = $_question_text; $coreReplacements['QUESTION_VALID_MESSAGE'] = $_question_valid_message; $coreReplacements['REGISTERERROR'] = isset($register_errormsg) ? $register_errormsg : ''; // global $coreReplacements['REGISTERFORM'] = $_registerform; $coreReplacements['REGISTERMESSAGE1'] = $clang->gT("You must be registered to complete this survey"); $coreReplacements['REGISTERMESSAGE2'] = $clang->gT("You may register for this survey if you wish to take part.") . "<br />\n" . $clang->gT("Enter your details below, and an email containing the link to participate in this survey will be sent immediately."); $coreReplacements['RESTART'] = $_restart; $coreReplacements['RETURNTOSURVEY'] = $_return_to_survey; $coreReplacements['SAVE'] = $_saveall; $coreReplacements['SAVEALERT'] = $_savealert; $coreReplacements['SAVEDID'] = isset($saved_id) ? $saved_id : ''; // global $coreReplacements['SAVEERROR'] = isset($errormsg) ? $errormsg : ''; // global - same as LOADERROR $coreReplacements['SAVEFORM'] = $_saveform; $coreReplacements['SAVEHEADING'] = $clang->gT("Save your unfinished survey"); $coreReplacements['SAVEMESSAGE'] = $clang->gT("Enter a name and password for this survey and click save below.") . "<br />\n" . $clang->gT("Your survey will be saved using that name and password, and can be completed later by logging in with the same name and password.") . "<br /><br />\n" . $clang->gT("If you give an email address, an email containing the details will be sent to you.") . "<br /><br />\n" . $clang->gT("After having clicked the save button you can either close this browser window or continue filling out the survey."); $coreReplacements['SGQ'] = $_question_sgq; $coreReplacements['SID'] = isset($surveyid) ? $surveyid : (isset($questiondetails['sid']) ? $questiondetails['sid'] : ''); $coreReplacements['SITENAME'] = isset($sitename) ? $sitename : ''; // global $coreReplacements['SUBMITBUTTON'] = $_submitbutton; $coreReplacements['SUBMITCOMPLETE'] = "<strong>" . $clang->gT("Thank you!") . "<br /><br />" . $clang->gT("You have completed answering the questions in this survey.") . "</strong><br /><br />" . $clang->gT("Click on 'Submit' now to complete the process and save your answers."); $coreReplacements['SUBMITREVIEW'] = $_strreview; $coreReplacements['SURVEYCONTACT'] = $surveycontact; $coreReplacements['SURVEYDESCRIPTION'] = isset($thissurvey['description']) ? $thissurvey['description'] : ''; $coreReplacements['SURVEYFORMAT'] = isset($surveyformat) ? $surveyformat : ''; // global $coreReplacements['SURVEYLANGAGE'] = $clang->langcode; $coreReplacements['SURVEYLANGUAGE'] = $clang->langcode; $coreReplacements['SURVEYLIST'] = isset($surveylist) ? $surveylist['list'] : ''; $coreReplacements['SURVEYLISTHEADING'] = isset($surveylist) ? $surveylist['listheading'] : ''; $coreReplacements['SURVEYNAME'] = isset($thissurvey['name']) ? $thissurvey['name'] : ''; $coreReplacements['TEMPLATECSS'] = $_templatecss; $coreReplacements['TEMPLATEJS'] = $_templatejs; $coreReplacements['TEMPLATEURL'] = $templateurl; $coreReplacements['THEREAREXQUESTIONS'] = $_therearexquestions; if (!$anonymized) { $coreReplacements['TOKEN'] = $_token; } $coreReplacements['URL'] = $_linkreplace; $coreReplacements['WELCOME'] = isset($thissurvey['welcome']) ? $thissurvey['welcome'] : ''; if (!is_null($replacements) && is_array($replacements)) { $doTheseReplacements = array_merge($coreReplacements, $replacements); // so $replacements overrides core values } else { $doTheseReplacements = $coreReplacements; } // Now do all of the replacements - In rare cases, need to do 3 deep recursion, that that is default $line = LimeExpressionManager::ProcessString($line, $questionNum, $doTheseReplacements, false, 3, 1); return $line; }
/** * This function builds all the required session variables when a survey is first started and * it loads any answer defaults from command line or from the table defaultvalues * It is called from the related format script (group.php, question.php, survey.php) * if the survey has just started. */ function buildsurveysession($surveyid, $preview = false) { Yii::trace('start', 'survey.buildsurveysession'); global $secerror, $clienttoken; global $tokensexist; //global $surveyid; global $move, $rooturl; $clang = Yii::app()->lang; $sLangCode = $clang->langcode; $languagechanger = makeLanguageChangerSurvey($sLangCode); if (!$preview) { $preview = Yii::app()->getConfig('previewmode'); } $thissurvey = getSurveyInfo($surveyid, $sLangCode); $_SESSION['survey_' . $surveyid]['templatename'] = validateTemplateDir($thissurvey['template']); $_SESSION['survey_' . $surveyid]['templatepath'] = getTemplatePath($_SESSION['survey_' . $surveyid]['templatename']) . DIRECTORY_SEPARATOR; $sTemplatePath = $_SESSION['survey_' . $surveyid]['templatepath']; $loadsecurity = returnGlobal('loadsecurity', true); // NO TOKEN REQUIRED BUT CAPTCHA ENABLED FOR SURVEY ACCESS if ($tokensexist == 0 && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha']) && !isset($_SESSION['survey_' . $surveyid]['captcha_surveyaccessscreen']) && !$preview) { // IF CAPTCHA ANSWER IS NOT CORRECT OR NOT SET if (!isset($loadsecurity) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || $loadsecurity != $_SESSION['survey_' . $surveyid]['secanswer']) { sendCacheHeaders(); doHeader(); // No or bad answer to required security question $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[875]'); //echo makedropdownlist(); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[877]'); if (isset($loadsecurity)) { // was a bad answer echo "<font color='#FF0000'>" . $clang->gT("The answer to the security question is incorrect.") . "</font><br />"; } echo "<p class='captcha'>" . $clang->gT("Please confirm access to survey by answering the security question below and click continue.") . "</p>" . CHtml::form(array("/survey/index/sid/{$surveyid}"), 'post', array('class' => 'captcha')) . "\n <table align='center'>\n <tr>\n <td align='right' valign='middle'>\n <input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />"; // In case we this is a direct Reload previous answers URL, then add hidden fields if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) { echo "\n <input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall']) . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname']) . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass']) . "' id='loadpass' />"; } echo "\n </td>\n </tr>"; if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) { echo "<tr>\n <td align='center' valign='middle'><label for='captcha'>" . $clang->gT("Security question:") . "</label></td><td align='left' valign='middle'><table><tr><td valign='middle'><img src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='captcha' /></td>\n <td valign='middle'><input id='captcha' type='text' size='5' maxlength='3' name='loadsecurity' value='' /></td></tr></table>\n </td>\n </tr>"; } echo "<tr><td colspan='2' align='center'><input class='submit' type='submit' value='" . $clang->gT("Continue") . "' /></td></tr>\n </table>\n </form>"; echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1567]'); doFooter(); exit; } else { $_SESSION['survey_' . $surveyid]['captcha_surveyaccessscreen'] = true; } } //BEFORE BUILDING A NEW SESSION FOR THIS SURVEY, LET'S CHECK TO MAKE SURE THE SURVEY SHOULD PROCEED! // TOKEN REQUIRED BUT NO TOKEN PROVIDED if ($tokensexist == 1 && !$clienttoken && !$preview) { if ($thissurvey['nokeyboard'] == 'Y') { includeKeypad(); $kpclass = "text-keypad"; } else { $kpclass = ""; } // DISPLAY REGISTER-PAGE if needed // DISPLAY CAPTCHA if needed sendCacheHeaders(); doHeader(); $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1594]'); //echo makedropdownlist(); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1596]'); if (isset($thissurvey) && $thissurvey['allowregister'] == "Y") { echo templatereplace(file_get_contents($sTemplatePath . "register.pstpl"), array(), $redata, 'frontend_helper[1599]'); } else { // ->renderPartial('entertoken_view'); if (isset($secerror)) { echo "<span class='error'>" . $secerror . "</span><br />"; } echo '<div id="wrapper"><p id="tokenmessage">' . $clang->gT("This is a controlled survey. You need a valid token to participate.") . "<br />"; echo $clang->gT("If you have been issued a token, please enter it in the box below and click continue.") . "</p>\n <script type='text/javascript'>var focus_element='#token';</script>" . CHtml::form(array("/survey/index/sid/{$surveyid}"), 'post', array('id' => 'tokenform', 'autocomplete' => 'off')) . "\n <ul>\n <li>"; ?> <label for='token'><?php $clang->eT("Token:"); ?> </label><input class='text <?php echo $kpclass; ?> ' id='token' type='password' name='token' value='' /> <?php echo "<input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />"; if (isset($_GET['newtest']) && $_GET['newtest'] == "Y") { echo " <input type='hidden' name='newtest' value='Y' id='newtest' />"; } // If this is a direct Reload previous answers URL, then add hidden fields if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) { echo "\n <input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall']) . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname']) . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass']) . "' id='loadpass' />"; } echo "</li>"; if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) { echo "<li>\n <label for='captchaimage'>" . $clang->gT("Security Question") . "</label><img id='captchaimage' src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='captcha' /><input type='text' size='5' maxlength='3' name='loadsecurity' value='' />\n </li>"; } echo "<li>\n <input class='submit button' type='submit' value='" . $clang->gT("Continue") . "' />\n </li>\n </ul>\n </form></div>"; } echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1645]'); doFooter(); exit; } elseif ($tokensexist == 1 && $clienttoken && !isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) { //check if token actually does exist // check also if it is allowed to change survey after completion if ($thissurvey['alloweditaftercompletion'] == 'Y') { $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token' => $clienttoken)); } else { $oTokenEntry = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $clienttoken)); } if (!isset($oTokenEntry)) { //TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT killSurveySession($surveyid); sendCacheHeaders(); doHeader(); $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1676]'); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1677]'); echo '<div id="wrapper"><p id="tokenmessage">' . $clang->gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />\n" . "\t" . $clang->gT("The token you have provided is either not valid, or has already been used.") . "<br /><br />\n" . "\t" . sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)</p></div>\n"; echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1684]'); doFooter(); exit; } } elseif ($tokensexist == 1 && $clienttoken && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) { // IF CAPTCHA ANSWER IS CORRECT if (isset($loadsecurity) && isset($_SESSION['survey_' . $surveyid]['secanswer']) && $loadsecurity == $_SESSION['survey_' . $surveyid]['secanswer']) { if ($thissurvey['alloweditaftercompletion'] == 'Y') { $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token' => $clienttoken)); } else { $oTokenEntry = Token::model($surveyid)->incomplete()->findByAttributes(array('token' => $clienttoken)); } if (!isset($oTokenEntry)) { sendCacheHeaders(); doHeader(); //TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1719]'); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1720]'); echo "\t<div id='wrapper'>\n" . "\t<p id='tokenmessage'>\n" . "\t" . $clang->gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />\n" . "\t" . $clang->gT("The token you have provided is either not valid, or has already been used.") . "<br/><br />\n" . "\t" . sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)\n" . "\t</p>\n" . "\t</div>\n"; echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1731]'); doFooter(); exit; } } else { if (!isset($move) || is_null($move)) { unset($_SESSION['survey_' . $surveyid]['srid']); $gettoken = $clienttoken; sendCacheHeaders(); doHeader(); // No or bad answer to required security question $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1745]'); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1746]'); // If token wasn't provided and public registration // is enabled then show registration form if (!isset($gettoken) && isset($thissurvey) && $thissurvey['allowregister'] == "Y") { echo templatereplace(file_get_contents($sTemplatePath . "register.pstpl"), array(), $redata, 'frontend_helper[1751]'); } else { // only show CAPTCHA echo '<div id="wrapper"><p id="tokenmessage">'; if (isset($loadsecurity)) { // was a bad answer echo "<span class='error'>" . $clang->gT("The answer to the security question is incorrect.") . "</span><br />"; } echo $clang->gT("This is a controlled survey. You need a valid token to participate.") . "<br /><br />"; // IF TOKEN HAS BEEN GIVEN THEN AUTOFILL IT // AND HIDE ENTRY FIELD if (!isset($gettoken)) { echo $clang->gT("If you have been issued a token, please enter it in the box below and click continue.") . "</p>\n <form id='tokenform' method='get' action='" . Yii::app()->getController()->createUrl("/survey/index") . "'>\n <ul>\n <li>\n <input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />"; if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) { echo "<input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall']) . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname']) . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass']) . "' id='loadpass' />"; } echo '<label for="token">' . $clang->gT("Token") . "</label><input class='text' type='password' id='token' name='token'></li>"; } else { echo $clang->gT("Please confirm the token by answering the security question below and click continue.") . "</p>\n <form id='tokenform' method='get' action='" . Yii::app()->getController()->createUrl("/survey/index") . "'>\n <ul>\n <li>\n <input type='hidden' name='sid' value='" . $surveyid . "' id='sid' />\n <input type='hidden' name='lang' value='" . $sLangCode . "' id='lang' />"; if (isset($_GET['loadall']) && isset($_GET['scid']) && isset($_GET['loadname']) && isset($_GET['loadpass'])) { echo "<input type='hidden' name='loadall' value='" . htmlspecialchars($_GET['loadall']) . "' id='loadall' />\n <input type='hidden' name='scid' value='" . returnGlobal('scid', true) . "' id='scid' />\n <input type='hidden' name='loadname' value='" . htmlspecialchars($_GET['loadname']) . "' id='loadname' />\n <input type='hidden' name='loadpass' value='" . htmlspecialchars($_GET['loadpass']) . "' id='loadpass' />"; } echo '<label for="token">' . $clang->gT("Token:") . "</label><span id='token'>{$gettoken}</span>" . "<input type='hidden' name='token' value='{$gettoken}'></li>"; } if (function_exists("ImageCreate") && isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha'])) { echo "<li>\n <label for='captchaimage'>" . $clang->gT("Security Question") . "</label><img id='captchaimage' src='" . Yii::app()->getController()->createUrl('/verification/image/sid/' . $surveyid) . "' alt='captcha' /><input type='text' size='5' maxlength='3' name='loadsecurity' value='' />\n </li>"; } echo "<li><input class='submit' type='submit' value='" . $clang->gT("Continue") . "' /></li>\n </ul>\n </form>\n </id>"; } echo '</div>' . templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1817]'); doFooter(); exit; } } } //RESET ALL THE SESSION VARIABLES AND START AGAIN unset($_SESSION['survey_' . $surveyid]['grouplist']); unset($_SESSION['survey_' . $surveyid]['fieldarray']); unset($_SESSION['survey_' . $surveyid]['insertarray']); unset($_SESSION['survey_' . $surveyid]['fieldnamesInfo']); unset($_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . '-randMaster']); unset($_SESSION['survey_' . $surveyid]['groupReMap']); $_SESSION['survey_' . $surveyid]['fieldnamesInfo'] = array(); // Multi lingual support order : by REQUEST, if not by Token->language else by survey default language if (returnGlobal('lang', true)) { $language_to_set = returnGlobal('lang', true); } elseif (isset($oTokenEntry) && $oTokenEntry) { // If survey have token : we have a $oTokenEntry // Can use $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token'=>$clienttoken)); if we move on another function : this par don't validate the token validity $language_to_set = $oTokenEntry->language; } else { $language_to_set = $thissurvey['language']; } if (!isset($_SESSION['survey_' . $surveyid]['s_lang'])) { SetSurveyLanguage($surveyid, $language_to_set); } UpdateGroupList($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']); $sQuery = "SELECT count(*)\n" . " FROM {{groups}} INNER JOIN {{questions}} ON {{groups}}.gid = {{questions}}.gid\n" . " WHERE {{questions}}.sid=" . $surveyid . "\n" . " AND {{groups}}.language='" . $_SESSION['survey_' . $surveyid]['s_lang'] . "'\n" . " AND {{questions}}.language='" . $_SESSION['survey_' . $surveyid]['s_lang'] . "'\n" . " AND {{questions}}.parent_qid=0\n"; $totalquestions = Yii::app()->db->createCommand($sQuery)->queryScalar(); // Fix totalquestions by substracting Test Display questions $iNumberofQuestions = dbExecuteAssoc("SELECT count(*)\n" . " FROM {{questions}}" . " WHERE type in ('X','*')\n" . " AND sid={$surveyid}" . " AND language='" . $_SESSION['survey_' . $surveyid]['s_lang'] . "'" . " AND parent_qid=0")->read(); $_SESSION['survey_' . $surveyid]['totalquestions'] = $totalquestions - (int) reset($iNumberofQuestions); //2. SESSION VARIABLE: totalsteps //The number of "pages" that will be presented in this survey //The number of pages to be presented will differ depending on the survey format switch ($thissurvey['format']) { case "A": $_SESSION['survey_' . $surveyid]['totalsteps'] = 1; break; case "G": if (isset($_SESSION['survey_' . $surveyid]['grouplist'])) { $_SESSION['survey_' . $surveyid]['totalsteps'] = count($_SESSION['survey_' . $surveyid]['grouplist']); } break; case "S": $_SESSION['survey_' . $surveyid]['totalsteps'] = $totalquestions; } if ($totalquestions == 0) { sendCacheHeaders(); doHeader(); $redata = compact(array_keys(get_defined_vars())); echo templatereplace(file_get_contents($sTemplatePath . "startpage.pstpl"), array(), $redata, 'frontend_helper[1914]'); echo templatereplace(file_get_contents($sTemplatePath . "survey.pstpl"), array(), $redata, 'frontend_helper[1915]'); echo "\t<div id='wrapper'>\n" . "\t<p id='tokenmessage'>\n" . "\t" . $clang->gT("This survey does not yet have any questions and cannot be tested or completed.") . "<br /><br />\n" . "\t" . sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname']) . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)<br /><br />\n" . "\t</p>\n" . "\t</div>\n"; echo templatereplace(file_get_contents($sTemplatePath . "endpage.pstpl"), array(), $redata, 'frontend_helper[1925]'); doFooter(); exit; } //Perform a case insensitive natural sort on group name then question title of a multidimensional array // usort($arows, 'groupOrderThenQuestionOrder'); //3. SESSION VARIABLE - insertarray //An array containing information about used to insert the data into the db at the submit stage //4. SESSION VARIABLE - fieldarray //See rem at end.. if ($tokensexist == 1 && $clienttoken) { $_SESSION['survey_' . $surveyid]['token'] = $clienttoken; } if ($thissurvey['anonymized'] == "N") { $_SESSION['survey_' . $surveyid]['insertarray'][] = "token"; } $qtypes = getQuestionTypeList('', 'array'); $fieldmap = createFieldMap($surveyid, 'full', true, false, $_SESSION['survey_' . $surveyid]['s_lang']); // Randomization groups for groups $aRandomGroups = array(); $aGIDCompleteMap = array(); // first find all groups and their groups IDS $criteria = new CDbCriteria(); $criteria->addColumnCondition(array('sid' => $surveyid, 'language' => $_SESSION['survey_' . $surveyid]['s_lang'])); $criteria->addCondition("randomization_group != ''"); $oData = QuestionGroup::model()->findAll($criteria); foreach ($oData as $aGroup) { $aRandomGroups[$aGroup['randomization_group']][] = $aGroup['gid']; } // Shuffle each group and create a map for old GID => new GID foreach ($aRandomGroups as $sGroupName => $aGIDs) { $aShuffledIDs = $aGIDs; shuffle($aShuffledIDs); $aGIDCompleteMap = $aGIDCompleteMap + array_combine($aGIDs, $aShuffledIDs); } $_SESSION['survey_' . $surveyid]['groupReMap'] = $aGIDCompleteMap; $randomized = false; // So we can trigger reorder once for group and question randomization // Now adjust the grouplist if (count($aRandomGroups) > 0 && !$preview) { $randomized = true; // So we can trigger reorder once for group and question randomization // Now adjust the grouplist Yii::import('application.helpers.frontend_helper', true); // make sure frontend helper is loaded UpdateGroupList($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']); // ... and the fieldmap // First create a fieldmap with GID as key foreach ($fieldmap as $aField) { if (isset($aField['gid'])) { $GroupFieldMap[$aField['gid']][] = $aField; } else { $GroupFieldMap['other'][] = $aField; } } // swap it foreach ($GroupFieldMap as $iOldGid => $fields) { $iNewGid = $iOldGid; if (isset($aGIDCompleteMap[$iOldGid])) { $iNewGid = $aGIDCompleteMap[$iOldGid]; } $newGroupFieldMap[$iNewGid] = $GroupFieldMap[$iNewGid]; } $GroupFieldMap = $newGroupFieldMap; // and convert it back to a fieldmap unset($fieldmap); foreach ($GroupFieldMap as $aGroupFields) { foreach ($aGroupFields as $aField) { if (isset($aField['fieldname'])) { $fieldmap[$aField['fieldname']] = $aField; // isset() because of the shuffled flag above } } } unset($GroupFieldMap); } // Randomization groups for questions // Find all defined randomization groups through question attribute values $randomGroups = array(); if (in_array(Yii::app()->db->getDriverName(), array('mssql', 'sqlsrv', 'dblib'))) { $rgquery = "SELECT attr.qid, CAST(value as varchar(255)) as value FROM {{question_attributes}} as attr right join {{questions}} as quests on attr.qid=quests.qid WHERE attribute='random_group' and CAST(value as varchar(255)) <> '' and sid={$surveyid} GROUP BY attr.qid, CAST(value as varchar(255))"; } else { $rgquery = "SELECT attr.qid, value FROM {{question_attributes}} as attr right join {{questions}} as quests on attr.qid=quests.qid WHERE attribute='random_group' and value <> '' and sid={$surveyid} GROUP BY attr.qid, value"; } $rgresult = dbExecuteAssoc($rgquery); foreach ($rgresult->readAll() as $rgrow) { // Get the question IDs for each randomization group $randomGroups[$rgrow['value']][] = $rgrow['qid']; } // If we have randomization groups set, then lets cycle through each group and // replace questions in the group with a randomly chosen one from the same group if (count($randomGroups) > 0 && !$preview) { $randomized = true; // So we can trigger reorder once for group and question randomization $copyFieldMap = array(); $oldQuestOrder = array(); $newQuestOrder = array(); $randGroupNames = array(); foreach ($randomGroups as $key => $value) { $oldQuestOrder[$key] = $randomGroups[$key]; $newQuestOrder[$key] = $oldQuestOrder[$key]; // We shuffle the question list to get a random key->qid which will be used to swap from the old key shuffle($newQuestOrder[$key]); $randGroupNames[] = $key; } // Loop through the fieldmap and swap each question as they come up foreach ($fieldmap as $fieldkey => $fieldval) { $found = 0; foreach ($randomGroups as $gkey => $gval) { // We found a qid that is in the randomization group if (isset($fieldval['qid']) && in_array($fieldval['qid'], $oldQuestOrder[$gkey])) { // Get the swapped question $idx = array_search($fieldval['qid'], $oldQuestOrder[$gkey]); foreach ($fieldmap as $key => $field) { if (isset($field['qid']) && $field['qid'] == $newQuestOrder[$gkey][$idx]) { $field['random_gid'] = $fieldval['gid']; // It is possible to swap to another group $copyFieldMap[$key] = $field; } } $found = 1; break; } else { $found = 2; } } if ($found == 2) { $copyFieldMap[$fieldkey] = $fieldval; } reset($randomGroups); } $fieldmap = $copyFieldMap; } if ($randomized === true) { // reset the sequencing counts $gseq = -1; $_gid = -1; $qseq = -1; $_qid = -1; $copyFieldMap = array(); foreach ($fieldmap as $key => $val) { if ($val['gid'] != '') { if (isset($val['random_gid'])) { $gid = $val['random_gid']; } else { $gid = $val['gid']; } if ($gid != $_gid) { $_gid = $gid; ++$gseq; } } if ($val['qid'] != '' && $val['qid'] != $_qid) { $_qid = $val['qid']; ++$qseq; } if ($val['gid'] != '' && $val['qid'] != '') { $val['groupSeq'] = $gseq; $val['questionSeq'] = $qseq; } $copyFieldMap[$key] = $val; } $fieldmap = $copyFieldMap; unset($copyFieldMap); $_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang']] = $fieldmap; $_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . '-randMaster'] = 'fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang']; } // TMSW Condition->Relevance: don't need hasconditions, or usedinconditions $_SESSION['survey_' . $surveyid]['fieldmap'] = $fieldmap; foreach ($fieldmap as $field) { if (isset($field['qid']) && $field['qid'] != '') { $_SESSION['survey_' . $surveyid]['fieldnamesInfo'][$field['fieldname']] = $field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']; $_SESSION['survey_' . $surveyid]['insertarray'][] = $field['fieldname']; //fieldarray ARRAY CONTENTS - // [0]=questions.qid, // [1]=fieldname, // [2]=questions.title, // [3]=questions.question // [4]=questions.type, // [5]=questions.gid, // [6]=questions.mandatory, // [7]=conditionsexist, // [8]=usedinconditions // [8]=usedinconditions // [9]=used in group.php for question count // [10]=new group id for question in randomization group (GroupbyGroup Mode) if (!isset($_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']])) { //JUST IN CASE : PRECAUTION! //following variables are set only if $style=="full" in createFieldMap() in common_helper. //so, if $style = "short", set some default values here! if (isset($field['title'])) { $title = $field['title']; } else { $title = ""; } if (isset($field['question'])) { $question = $field['question']; } else { $question = ""; } if (isset($field['mandatory'])) { $mandatory = $field['mandatory']; } else { $mandatory = 'N'; } if (isset($field['hasconditions'])) { $hasconditions = $field['hasconditions']; } else { $hasconditions = 'N'; } if (isset($field['usedinconditions'])) { $usedinconditions = $field['usedinconditions']; } else { $usedinconditions = 'N'; } $_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']] = array($field['qid'], $field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid'], $title, $question, $field['type'], $field['gid'], $mandatory, $hasconditions, $usedinconditions); } if (isset($field['random_gid'])) { $_SESSION['survey_' . $surveyid]['fieldarray'][$field['sid'] . 'X' . $field['gid'] . 'X' . $field['qid']][10] = $field['random_gid']; } } } // Prefill questions/answers from command line params $reservedGetValues = array('token', 'sid', 'gid', 'qid', 'lang', 'newtest', 'action'); $startingValues = array(); if (isset($_GET)) { foreach ($_GET as $k => $v) { if (!in_array($k, $reservedGetValues) && isset($_SESSION['survey_' . $surveyid]['fieldmap'][$k])) { $startingValues[$k] = $v; } else { // Search question codes to use those for prefilling. foreach ($_SESSION['survey_' . $surveyid]['fieldmap'] as $sgqa => $details) { if ($details['title'] == $k) { $startingValues[$sgqa] = $v; } } } } } $_SESSION['survey_' . $surveyid]['startingValues'] = $startingValues; if (isset($_SESSION['survey_' . $surveyid]['fieldarray'])) { $_SESSION['survey_' . $surveyid]['fieldarray'] = array_values($_SESSION['survey_' . $surveyid]['fieldarray']); } //Check if a passthru label and value have been included in the query url $oResult = SurveyURLParameter::model()->getParametersForSurvey($surveyid); foreach ($oResult->readAll() as $aRow) { if (isset($_GET[$aRow['parameter']]) && !$preview) { $_SESSION['survey_' . $surveyid]['urlparams'][$aRow['parameter']] = $_GET[$aRow['parameter']]; if ($aRow['targetqid'] != '') { foreach ($fieldmap as $sFieldname => $aField) { if ($aRow['targetsqid'] != '') { if ($aField['qid'] == $aRow['targetqid'] && $aField['sqid'] == $aRow['targetsqid']) { $_SESSION['survey_' . $surveyid]['startingValues'][$sFieldname] = $_GET[$aRow['parameter']]; $_SESSION['survey_' . $surveyid]['startingValues'][$aRow['parameter']] = $_GET[$aRow['parameter']]; } } else { if ($aField['qid'] == $aRow['targetqid']) { $_SESSION['survey_' . $surveyid]['startingValues'][$sFieldname] = $_GET[$aRow['parameter']]; $_SESSION['survey_' . $surveyid]['startingValues'][$aRow['parameter']] = $_GET[$aRow['parameter']]; } } } } } } Yii::trace('end', 'survey.buildsurveysession'); }
/** * register::index() * Process register form data and take appropriate action * @return */ function actionIndex($surveyid = null) { Yii::app()->loadHelper('database'); Yii::app()->loadHelper('replacements'); $postlang = Yii::app()->request->getPost('lang'); if ($surveyid == null) { $surveyid = Yii::app()->request->getPost('sid'); } if (!$surveyid) { Yii::app()->request->redirect(Yii::app()->baseUrl); } // Get passed language from form, so that we dont loose this! if (!isset($postlang) || $postlang == "" || !$postlang) { $baselang = Survey::model()->findByPk($surveyid)->language; Yii::import('application.libraries.Limesurvey_lang'); Yii::app()->lang = new Limesurvey_lang($baselang); $clang = Yii::app()->lang; } else { Yii::import('application.libraries.Limesurvey_lang'); Yii::app()->lang = new Limesurvey_lang($postlang); $clang = Yii::app()->lang; $baselang = $postlang; } $thissurvey = getSurveyInfo($surveyid, $baselang); $register_errormsg = ""; // Check the security question's answer if (function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $thissurvey['usecaptcha'])) { if (!isset($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || Yii::app()->request->getPost('loadsecurity') != $_SESSION['survey_' . $surveyid]['secanswer']) { $register_errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n"; } } //Check that the email is a valid style address if (!validateEmailAddress(Yii::app()->request->getPost('register_email'))) { $register_errormsg .= $clang->gT("The email you used is not valid. Please try again."); } // Check for additional fields $attributeinsertdata = array(); foreach (GetParticipantAttributes($surveyid) as $field => $data) { if (empty($data['show_register']) || $data['show_register'] != 'Y') { continue; } $value = sanitize_xss_string(Yii::app()->request->getPost('register_' . $field)); if (trim($value) == '' && $data['mandatory'] == 'Y') { $register_errormsg .= sprintf($clang->gT("%s cannot be left empty"), $thissurvey['attributecaptions'][$field]); } $attributeinsertdata[$field] = $value; } if ($register_errormsg != "") { $_SESSION['survey_' . $surveyid]['register_errormsg'] = $register_errormsg; Yii::app()->request->redirect(Yii::app()->createUrl('survey/index/sid/' . $surveyid)); } //Check if this email already exists in token database $query = "SELECT email FROM {{tokens_{$surveyid}}}\n" . "WHERE email = '" . sanitize_email(Yii::app()->request->getPost('register_email')) . "'"; $usrow = Yii::app()->db->createCommand($query)->queryRow(); if ($usrow) { $register_errormsg = $clang->gT("The email you used has already been registered."); $_SESSION['survey_' . $surveyid]['register_errormsg'] = $register_errormsg; Yii::app()->request->redirect(Yii::app()->createUrl('survey/index/sid/' . $surveyid)); //include "index.php"; //exit; } $mayinsert = false; // Get the survey settings for token length //$this->load->model("surveys_model"); $tlresult = Survey::model()->findAllByAttributes(array("sid" => $surveyid)); if (isset($tlresult[0])) { $tlrow = $tlresult[0]; } else { $tlrow = $tlresult; } $tokenlength = $tlrow['tokenlength']; //if tokenlength is not set or there are other problems use the default value (15) if (!isset($tokenlength) || $tokenlength == '') { $tokenlength = 15; } while ($mayinsert != true) { $newtoken = randomChars($tokenlength); $ntquery = "SELECT * FROM {{tokens_{$surveyid}}} WHERE token='{$newtoken}'"; $usrow = Yii::app()->db->createCommand($ntquery)->queryRow(); if (!$usrow) { $mayinsert = true; } } $postfirstname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_firstname'))); $postlastname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_lastname'))); $starttime = sanitize_xss_string(Yii::app()->request->getPost('startdate')); $endtime = sanitize_xss_string(Yii::app()->request->getPost('enddate')); /*$postattribute1=sanitize_xss_string(strip_tags(returnGlobal('register_attribute1'))); $postattribute2=sanitize_xss_string(strip_tags(returnGlobal('register_attribute2'))); */ // Insert new entry into tokens db Tokens_dynamic::sid($thissurvey['sid']); $token = new Tokens_dynamic(); $token->firstname = $postfirstname; $token->lastname = $postlastname; $token->email = Yii::app()->request->getPost('register_email'); $token->emailstatus = 'OK'; $token->token = $newtoken; if ($starttime && $endtime) { $token->validfrom = $starttime; $token->validuntil = $endtime; } foreach ($attributeinsertdata as $k => $v) { $token->{$k} = $v; } $result = $token->save(); /** $result = $connect->Execute($query, array($postfirstname, $postlastname, returnGlobal('register_email'), 'OK', $newtoken) // $postattribute1, $postattribute2) ) or safeDie ($query."<br />".$connect->ErrorMsg()); //Checked - According to adodb docs the bound variables are quoted automatically */ $tid = getLastInsertID($token->tableName()); $fieldsarray["{ADMINNAME}"] = $thissurvey['adminname']; $fieldsarray["{ADMINEMAIL}"] = $thissurvey['adminemail']; $fieldsarray["{SURVEYNAME}"] = $thissurvey['name']; $fieldsarray["{SURVEYDESCRIPTION}"] = $thissurvey['description']; $fieldsarray["{FIRSTNAME}"] = $postfirstname; $fieldsarray["{LASTNAME}"] = $postlastname; $fieldsarray["{EXPIRY}"] = $thissurvey["expiry"]; $message = $thissurvey['email_register']; $subject = $thissurvey['email_register_subj']; $from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>"; if (getEmailFormat($surveyid) == 'html') { $useHtmlEmail = true; $surveylink = $this->createAbsoluteUrl($surveyid . '/lang-' . $baselang . '/tk-' . $newtoken); $optoutlink = $this->createAbsoluteUrl('optout/local/' . $surveyid . '/' . $baselang . '/' . $newtoken); $optinlink = $this->createAbsoluteUrl('optin/local/' . $surveyid . '/' . $baselang . '/' . $newtoken); $fieldsarray["{SURVEYURL}"] = "<a href='{$surveylink}'>" . $surveylink . "</a>"; $fieldsarray["{OPTOUTURL}"] = "<a href='{$optoutlink}'>" . $optoutlink . "</a>"; $fieldsarray["{OPTINURL}"] = "<a href='{$optinlink}'>" . $optinlink . "</a>"; } else { $useHtmlEmail = false; $fieldsarray["{SURVEYURL}"] = $this->createAbsoluteUrl('' . $surveyid . '/lang-' . $baselang . '/tk-' . $newtoken); $fieldsarray["{OPTOUTURL}"] = $this->createAbsoluteUrl('optout/local/' . $surveyid . '/' . $baselang . '/' . $newtoken); $fieldsarray["{OPTINURL}"] = $this->createAbsoluteUrl('optin/local/' . $surveyid . '/' . $baselang . '/' . $newtoken); } $message = ReplaceFields($message, $fieldsarray); $subject = ReplaceFields($subject, $fieldsarray); $html = ""; //Set variable $sitename = Yii::app()->getConfig('sitename'); if (SendEmailMessage($message, $subject, Yii::app()->request->getPost('register_email'), $from, $sitename, $useHtmlEmail, getBounceEmail($surveyid))) { // TLR change to put date into sent $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i", Yii::app()->getConfig('timeadjust')); $query = "UPDATE {{tokens_{$surveyid}}}\n" . "SET sent='{$today}' WHERE tid={$tid}"; $result = dbExecuteAssoc($query) or show_error("Unable to execute this query : {$query}<br />"); //Checked $html = "<center>" . $clang->gT("Thank you for registering to participate in this survey.") . "<br /><br />\n" . $clang->gT("An email has been sent to the address you provided with access details for this survey. Please follow the link in that email to proceed.") . "<br /><br />\n" . $clang->gT("Survey administrator") . " {ADMINNAME} ({ADMINEMAIL})"; $html = ReplaceFields($html, $fieldsarray); $html .= "<br /><br /></center>\n"; } else { $html = "Email Error"; } //PRINT COMPLETED PAGE if (!$thissurvey['template']) { $thistpl = getTemplatePath(validateTemplateDir('default')); } else { $thistpl = getTemplatePath(validateTemplateDir($thissurvey['template'])); } sendCacheHeaders(); doHeader(); Yii::app()->lang = $clang; // fetch the defined variables and pass it to the header footer templates. $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__); echo $html; $this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__); doFooter(); }
function savedcontrol() { //This data will be saved to the "saved_control" table with one row per response. // - a unique "saved_id" value (autoincremented) // - the "sid" for this survey // - the "srid" for the survey_x row id // - "saved_thisstep" which is the step the user is up to in this survey // - "saved_ip" which is the ip address of the submitter // - "saved_date" which is the date ofthe saved response // - an "identifier" which is like a username // - a "password" // - "fieldname" which is the fieldname of the saved response // - "value" which is the value of the response //We start by generating the first 5 values which are consistent for all rows. global $surveyid, $thissurvey, $errormsg, $publicurl, $sitename, $clang, $clienttoken, $thisstep; $timeadjust = getGlobalSetting('timeadjust'); //Check that the required fields have been completed. $errormsg = ''; if (empty($_POST['savename'])) { $errormsg .= $clang->gT("You must supply a name for this saved session.") . "<br />\n"; } if (empty($_POST['savepass'])) { $errormsg .= $clang->gT("You must supply a password for this saved session.") . "<br />\n"; } if (empty($_POST['savepass']) || empty($_POST['savepass2']) || $_POST['savepass'] != $_POST['savepass2']) { $errormsg .= $clang->gT("Your passwords do not match.") . "<br />\n"; } // if security question asnwer is incorrect if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { if (empty($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || $_POST['loadsecurity'] != $_SESSION['survey_' . $surveyid]['secanswer']) { $errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n"; } } if (!empty($errormsg)) { return; } $duplicate = SavedControl::model()->findByAttributes(array('sid' => $surveyid, 'identifier' => $_POST['savename'])); if (!empty($duplicate) && $duplicate->count() > 0) { $errormsg .= $clang->gT("This name has already been used for this survey. You must use a unique save name.") . "<br />\n"; return; } else { //INSERT BLANK RECORD INTO "survey_x" if one doesn't already exist if (!isset($_SESSION['survey_' . $surveyid]['srid'])) { $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust); $sdata = array("datestamp" => $today, "ipaddr" => getIPAddress(), "startlanguage" => $_SESSION['survey_' . $surveyid]['s_lang'], "refurl" => getenv("HTTP_REFERER")); if (SurveyDynamic::model($thissurvey['sid'])->insert($sdata)) { $srid = getLastInsertID('{{survey_' . $surveyid . '}}'); $_SESSION['survey_' . $surveyid]['srid'] = $srid; } else { safeDie("Unable to insert record into survey table.<br /><br />"); } } //CREATE ENTRY INTO "saved_control" $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust); $saved_control = new SavedControl(); $saved_control->sid = $surveyid; $saved_control->srid = $_SESSION['survey_' . $surveyid]['srid']; $saved_control->identifier = $_POST['savename']; // Binding does escape, so no quoting/escaping necessary $saved_control->access_code = md5($_POST['savepass']); $saved_control->email = $_POST['saveemail']; $saved_control->ip = getIPAddress(); $saved_control->saved_thisstep = $thisstep; $saved_control->status = 'S'; $saved_control->saved_date = $today; $saved_control->refurl = getenv('HTTP_REFERER'); if ($saved_control->save()) { $scid = getLastInsertID('{{saved_control}}'); $_SESSION['survey_' . $surveyid]['scid'] = $scid; } else { safeDie("Unable to insert record into saved_control table.<br /><br />"); } $_SESSION['survey_' . $surveyid]['holdname'] = $_POST['savename']; //Session variable used to load answers every page. Unsafe - so it has to be taken care of on output $_SESSION['survey_' . $surveyid]['holdpass'] = $_POST['savepass']; //Session variable used to load answers every page. Unsafe - so it has to be taken care of on output //Email if needed if (isset($_POST['saveemail']) && validateEmailAddress($_POST['saveemail'])) { $subject = $clang->gT("Saved Survey Details") . " - " . $thissurvey['name']; $message = $clang->gT("Thank you for saving your survey in progress. The following details can be used to return to this survey and continue where you left off. Please keep this e-mail for your reference - we cannot retrieve the password for you."); $message .= "\n\n" . $thissurvey['name'] . "\n\n"; $message .= $clang->gT("Name") . ": " . $_POST['savename'] . "\n"; $message .= $clang->gT("Password") . ": " . $_POST['savepass'] . "\n\n"; $message .= $clang->gT("Reload your survey by clicking on the following link (or pasting it into your browser):") . "\n"; $message .= Yii::app()->getController()->createAbsoluteUrl("/survey/index/sid/{$surveyid}/loadall/reload/scid/{$scid}/loadname/" . rawurlencode($_POST['savename']) . "/loadpass/" . rawurlencode($_POST['savepass']) . "/lang/" . rawurlencode($clang->langcode)); if ($clienttoken) { $message .= "/token/" . rawurlencode($clienttoken); } $from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>"; if (SendEmailMessage($message, $subject, $_POST['saveemail'], $from, $sitename, false, getBounceEmail($surveyid))) { $emailsent = "Y"; } else { $errormsg .= $clang->gT('Error: Email failed, this may indicate a PHP Mail Setup problem on the server. Your survey details have still been saved, however you will not get an email with the details. You should note the "name" and "password" you just used for future reference.'); if (trim($thissurvey['adminemail']) == '') { $errormsg .= $clang->gT('(Reason: Admin email address empty)'); } } } return $clang->gT('Your survey was successfully saved.'); } }
function action() { global $surveyid; global $thissurvey, $thisstep; global $clienttoken, $tokensexist, $token; // only attempt to change session lifetime if using a DB backend // with file based sessions, it's up to the admin to configure maxlifetime if (isset(Yii::app()->session->connectionID)) { @ini_set('session.gc_maxlifetime', Yii::app()->getConfig('iSessionExpirationTime')); } $this->_loadRequiredHelpersAndLibraries(); $param = $this->_getParameters(func_get_args(), $_POST); $surveyid = $param['sid']; Yii::app()->setConfig('surveyID', $surveyid); $thisstep = $param['thisstep']; $move = getMove(); Yii::app()->setConfig('move', $move); $clienttoken = trim($param['token']); $standardtemplaterootdir = Yii::app()->getConfig('standardtemplaterootdir'); if (is_null($thissurvey) && !is_null($surveyid)) { $thissurvey = getSurveyInfo($surveyid); } // unused vars in this method (used in methods using compacted method vars) @($loadname = $param['loadname']); @($loadpass = $param['loadpass']); $sitename = Yii::app()->getConfig('sitename'); if (isset($param['newtest']) && $param['newtest'] == "Y") { killSurveySession($surveyid); } $surveyExists = $surveyid && Survey::model()->findByPk($surveyid); $isSurveyActive = $surveyExists && Survey::model()->findByPk($surveyid)->active == "Y"; // collect all data in this method to pass on later $redata = compact(array_keys(get_defined_vars())); $this->_loadLimesurveyLang($surveyid); if ($this->_isClientTokenDifferentFromSessionToken($clienttoken, $surveyid)) { $sReloadUrl = $this->getController()->createUrl("/survey/index/sid/{$surveyid}", array('token' => $clienttoken, 'lang' => App()->language, 'newtest' => 'Y')); $asMessage = array(gT('Token mismatch'), gT('The token you provided doesn\'t match the one in your session.'), "<a class='reloadlink newsurvey' href={$sReloadUrl}>" . gT("Click here to start the survey.") . "</a>"); $this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage); } if ($this->_isSurveyFinished($surveyid) && ($thissurvey['alloweditaftercompletion'] != 'Y' || $thissurvey['tokenanswerspersistence'] != 'Y')) { $aReloadUrlParam = array('lang' => App()->language, 'newtest' => 'Y'); if ($clienttoken) { $aReloadUrlParam['token'] = $clienttoken; } $sReloadUrl = $this->getController()->createUrl("/survey/index/sid/{$surveyid}", $aReloadUrlParam); $asMessage = array(gT('Previous session is set to be finished.'), gT('Your browser reports that it was used previously to answer this survey. We are resetting the session so that you can start from the beginning.'), "<a class='reloadlink newsurvey' href={$sReloadUrl}>" . gT("Click here to start the survey.") . "</a>"); $this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage); } $previewmode = false; if (isset($param['action']) && in_array($param['action'], array('previewgroup', 'previewquestion'))) { if (!$this->_canUserPreviewSurvey($surveyid)) { $asMessage = array(gT('Error'), gT("We are sorry but you don't have permissions to do this.")); $this->_niceExit($redata, __LINE__, null, $asMessage); } else { if (intval($param['qid']) && $param['action'] == 'previewquestion') { $previewmode = 'question'; } if (intval($param['gid']) && $param['action'] == 'previewgroup') { $previewmode = 'group'; } } } Yii::app()->setConfig('previewmode', $previewmode); if ($this->_surveyCantBeViewedWithCurrentPreviewAccess($surveyid, $isSurveyActive, $surveyExists)) { $bPreviewRight = $this->_userHasPreviewAccessSession($surveyid); if ($bPreviewRight === false) { $asMessage = array(gT("Error"), gT("We are sorry but you don't have permissions to do this."), sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, null, $asMessage); } } // TODO can this be moved to the top? // (Used to be global, used in ExpressionManager, merged into amVars. If not filled in === '') // can this be added in the first computation of $redata? if (isset($_SESSION['survey_' . $surveyid]['srid'])) { $saved_id = $_SESSION['survey_' . $surveyid]['srid']; } // recompute $redata since $saved_id used to be a global $redata = compact(array_keys(get_defined_vars())); if ($this->_didSessionTimeOut($surveyid)) { // @TODO is this still required ? $asMessage = array(gT("Error"), gT("We are sorry but your session has expired."), gT("Either you have been inactive for too long, you have cookies disabled for your browser, or there were problems with your connection."), sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, null, $asMessage); } // Set the language of the survey, either from POST, GET parameter of session var // Keep the old value, because SetSurveyLanguage update $_SESSION $sOldLang = isset($_SESSION['survey_' . $surveyid]['s_lang']) ? $_SESSION['survey_' . $surveyid]['s_lang'] : ""; // Keep the old value, because SetSurveyLanguage update $_SESSION if (!empty($param['lang'])) { $sDisplayLanguage = $param['lang']; // $param take lang from returnGlobal and returnGlobal sanitize langagecode } elseif (isset($_SESSION['survey_' . $surveyid]['s_lang'])) { $sDisplayLanguage = $_SESSION['survey_' . $surveyid]['s_lang']; } elseif (Survey::model()->findByPk($surveyid)) { $sDisplayLanguage = Survey::model()->findByPk($surveyid)->language; } else { $sDisplayLanguage = Yii::app()->getConfig('defaultlang'); } //CHECK FOR REQUIRED INFORMATION (sid) if ($surveyid && $surveyExists) { LimeExpressionManager::SetSurveyId($surveyid); // must be called early - it clears internal cache if a new survey is being used SetSurveyLanguage($surveyid, $sDisplayLanguage); if ($previewmode) { LimeExpressionManager::SetPreviewMode($previewmode); } if (App()->language != $sOldLang) { UpdateGroupList($surveyid, App()->language); // to refresh the language strings in the group list session variable UpdateFieldArray(); // to refresh question titles and question text } } else { throw new CHttpException(404, "The survey in which you are trying to participate does not seem to exist. It may have been deleted or the link you were given is outdated or incorrect."); } // Get token if (!isset($token)) { $token = $clienttoken; } //GET BASIC INFORMATION ABOUT THIS SURVEY $thissurvey = getSurveyInfo($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']); $event = new PluginEvent('beforeSurveyPage'); $event->set('surveyId', $surveyid); App()->getPluginManager()->dispatchEvent($event); if (!is_null($event->get('template'))) { $thissurvey['templatedir'] = $event->get('template'); } //SEE IF SURVEY USES TOKENS if ($surveyExists == 1 && tableExists('{{tokens_' . $thissurvey['sid'] . '}}')) { $tokensexist = 1; } else { $tokensexist = 0; unset($_POST['token']); unset($param['token']); unset($token); unset($clienttoken); } //SET THE TEMPLATE DIRECTORY global $oTemplate; $thistpl = $oTemplate->viewPath; $timeadjust = Yii::app()->getConfig("timeadjust"); //MAKE SURE SURVEY HASN'T EXPIRED if ($thissurvey['expiry'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) > $thissurvey['expiry'] && $thissurvey['active'] != 'N' && !$previewmode) { $redata = compact(array_keys(get_defined_vars())); $asMessage = array(gT("Error"), gT("This survey is no longer available."), sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thissurvey['templatedir'], $asMessage); } //MAKE SURE SURVEY IS ALREADY VALID if ($thissurvey['startdate'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) < $thissurvey['startdate'] && $thissurvey['active'] != 'N' && !$previewmode) { $redata = compact(array_keys(get_defined_vars())); $asMessage = array(gT("Error"), gT("This survey is not yet started."), sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thissurvey['templatedir'], $asMessage); } //CHECK FOR PREVIOUSLY COMPLETED COOKIE //If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE" $sCookieName = "LS_" . $surveyid . "_STATUS"; if (isset($_COOKIE[$sCookieName]) && $_COOKIE[$sCookieName] == "COMPLETE" && $thissurvey['usecookie'] == "Y" && $tokensexist != 1 && (!isset($param['newtest']) || $param['newtest'] != "Y")) { $redata = compact(array_keys(get_defined_vars())); $asMessage = array(gT("Error"), gT("You have already completed this survey."), sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thissurvey['templatedir'], $asMessage); } //LOAD SAVED SURVEY if (Yii::app()->request->getParam('loadall') == "reload") { $errormsg = ""; $sLoadName = Yii::app()->request->getParam('loadname'); $sLoadPass = Yii::app()->request->getParam('loadpass'); if (isset($sLoadName) && !$sLoadName) { $errormsg .= gT("You did not provide a name") . "<br />\n"; } if (isset($sLoadPass) && !$sLoadPass) { $errormsg .= gT("You did not provide a password") . "<br />\n"; } // if security question answer is incorrect // Not called if scid is set in GET params (when using email save/reload reminder URL) if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha']) && is_null(Yii::app()->request->getQuery('scid'))) { $sLoadSecurity = Yii::app()->request->getPost('loadsecurity'); if (empty($sLoadSecurity)) { $errormsg .= gT("You did not answer to the security question.") . "<br />\n"; } elseif (!isset($_SESSION['survey_' . $surveyid]['secanswer']) || $sLoadSecurity != $_SESSION['survey_' . $surveyid]['secanswer']) { $errormsg .= gT("The answer to the security question is incorrect.") . "<br />\n"; } } if ($errormsg == "") { LimeExpressionManager::SetDirtyFlag(); buildsurveysession($surveyid); if (loadanswers()) { Yii::app()->setConfig('move', 'reload'); $move = "reload"; // veyRunTimeHelper use $move in $arg } else { $errormsg .= gT("There is no matching saved survey"); } } if ($errormsg) { Yii::app()->setConfig('move', "loadall"); // Show loading form } } //Allow loading of saved survey if (Yii::app()->getConfig('move') == "loadall") { $redata = compact(array_keys(get_defined_vars())); Yii::import("application.libraries.Load_answers"); $tmp = new Load_answers(); $tmp->run($redata); } //Check if TOKEN is used for EVERY PAGE //This function fixes a bug where users able to submit two surveys/votes //by checking that the token has not been used at each page displayed. // bypass only this check at first page (Step=0) because // this check is done in buildsurveysession and error message // could be more interresting there (takes into accound captcha if used) if ($tokensexist == 1 && isset($token) && $token != "" && isset($_SESSION['survey_' . $surveyid]['step']) && $_SESSION['survey_' . $surveyid]['step'] > 0 && tableExists("tokens_{$surveyid}}}")) { // check also if it is allowed to change survey after completion if ($thissurvey['alloweditaftercompletion'] == 'Y') { $tokenInstance = Token::model($surveyid)->findByAttributes(array('token' => $token)); } else { $tokenInstance = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $token)); } if (!isset($tokenInstance) && !$previewmode) { //TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT $asMessage = array(null, gT("This is a controlled survey. You need a valid token to participate."), sprintf(gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)")); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true); } } if ($tokensexist == 1 && isset($token) && $token != "" && tableExists("{{tokens_" . $surveyid . "}}") && !$previewmode) { // check also if it is allowed to change survey after completion if ($thissurvey['alloweditaftercompletion'] == 'Y') { $tokenInstance = Token::model($surveyid)->editable()->findByAttributes(array('token' => $token)); } else { $tokenInstance = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $token)); } if (!isset($tokenInstance)) { $oToken = Token::model($surveyid)->findByAttributes(array('token' => $token)); if ($oToken) { $now = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig("timeadjust")); if ($oToken->completed != 'N' && !empty($oToken->completed)) { $sError = gT("This invitation has already been used."); } elseif (strtotime($now) < strtotime($oToken->validfrom)) { $sError = gT("This invitation is not valid yet."); } elseif (strtotime($now) > strtotime($oToken->validuntil)) { $sError = gT("This invitation is not valid anymore."); } else { $sError = gT("This is a controlled survey. You need a valid token to participate."); } } else { $sError = gT("This is a controlled survey. You need a valid token to participate."); } $asMessage = array($sError, gT("We are sorry but you are not allowed to enter this survey."), sprintf(gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)")); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true); } } //Clear session and remove the incomplete response if requested. if (isset($move) && $move == "clearall") { // delete the response but only if not already completed $s_lang = $_SESSION['survey_' . $surveyid]['s_lang']; if (isset($_SESSION['survey_' . $surveyid]['srid']) && !SurveyDynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $surveyid]['srid'])) { // delete the response but only if not already completed $result = dbExecuteAssoc('DELETE FROM {{survey_' . $surveyid . '}} WHERE id=' . $_SESSION['survey_' . $surveyid]['srid'] . " AND submitdate IS NULL"); if ($result->count() > 0) { // Using count() here *should* be okay for MSSQL because it is a delete statement // find out if there are any fuqt questions - checked $fieldmap = createFieldMap($surveyid, 'short', false, false, $s_lang); foreach ($fieldmap as $field) { if ($field['type'] == "|" && !strpos($field['fieldname'], "_filecount")) { if (!isset($qid)) { $qid = array(); } $qid[] = $field['fieldname']; } } // if yes, extract the response json to those questions if (isset($qid)) { $query = "SELECT * FROM {{survey_" . $surveyid . "}} WHERE id=" . $_SESSION['survey_' . $surveyid]['srid']; $result = dbExecuteAssoc($query); foreach ($result->readAll() as $row) { foreach ($qid as $question) { $json = $row[$question]; if ($json == "" || $json == NULL) { continue; } // decode them $phparray = json_decode($json); foreach ($phparray as $metadata) { $target = Yii::app()->getConfig("uploaddir") . "/surveys/" . $surveyid . "/files/"; // delete those files unlink($target . $metadata->filename); } } } } // done deleting uploaded files } // also delete a record from saved_control when there is one dbExecuteAssoc('DELETE FROM {{saved_control}} WHERE srid=' . $_SESSION['survey_' . $surveyid]['srid'] . ' AND sid=' . $surveyid); } killSurveySession($surveyid); sendCacheHeaders(); doHeader(); $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); echo "\n\n<!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->\n" . "\t<script type='text/javascript'>\n" . "\t<!--\n" . "function checkconditions(value, name, type, evt_type)\n" . "\t{\n" . "\t}\n" . "\t//-->\n" . "\t</script>\n\n"; //Present the clear all page using clearall.pstpl template $this->_printTemplateContent($thistpl . '/clearall.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__); doFooter(); exit; } //Check to see if a refering URL has been captured. if (!isset($_SESSION['survey_' . $surveyid]['refurl'])) { $_SESSION['survey_' . $surveyid]['refurl'] = GetReferringUrl(); // do not overwrite refurl } // Let's do this only if // - a saved answer record hasn't been loaded through the saved feature // - the survey is not anonymous // - the survey is active // - a token information has been provided // - the survey is setup to allow token-response-persistence if (!isset($_SESSION['survey_' . $surveyid]['srid']) && $thissurvey['anonymized'] == "N" && $thissurvey['active'] == "Y" && isset($token) && $token != '') { // load previous answers if any (dataentry with nosubmit) $oResponses = Response::model($surveyid)->findAllByAttributes(array('token' => $token), array('order' => 'id DESC')); if (!empty($oResponses)) { /** * We fire the response selection event when at least 1 response was found. * If there is just 1 response the plugin still has to option to choose * NOT to use it. */ $event = new PluginEvent('beforeLoadResponse'); $event->set('responses', $oResponses); $event->set('surveyId', $surveyid); App()->pluginManager->dispatchEvent($event); $oResponse = $event->get('response'); // If $oResponse is false we act as if no response was found. // This allows a plugin to deny continuing a response. if ($oResponse !== false) { // If plugin does not set a response we use the first one found, (this replicates pre-plugin behavior) if (!isset($oResponse) && (!isset($oResponses[0]->submitdate) || $thissurvey['alloweditaftercompletion'] == 'Y') && $thissurvey['tokenanswerspersistence'] == 'Y') { $oResponse = $oResponses[0]; } if (isset($oResponse)) { $_SESSION['survey_' . $surveyid]['srid'] = $oResponse->id; if (!empty($oResponse->lastpage)) { $_SESSION['survey_' . $surveyid]['LEMtokenResume'] = true; // If the response was completed and user is allowed to edit after completion start at the beginning and not at the last page - just makes more sense if (!($oResponse->submitdate && $thissurvey['alloweditaftercompletion'] == 'Y')) { $_SESSION['survey_' . $surveyid]['step'] = $oResponse->lastpage; } } buildsurveysession($surveyid); if (!empty($oResponse->submitdate)) { $_SESSION['survey_' . $surveyid]['maxstep'] = $_SESSION['survey_' . $surveyid]['totalsteps']; } loadanswers(); } } } } // Preview action : Preview right already tested before if ($previewmode) { // Unset all SESSION: be sure to have the last version unset($_SESSION['fieldmap-' . $surveyid . App()->language]); // Needed by createFieldMap: else fieldmap can be outdated unset($_SESSION['survey_' . $surveyid]); if ($param['action'] == 'previewgroup') { $thissurvey['format'] = 'G'; } elseif ($param['action'] == 'previewquestion') { $thissurvey['format'] = 'S'; } buildsurveysession($surveyid, true); } sendCacheHeaders(); //Send local variables to the appropriate survey type unset($redata); $redata = compact(array_keys(get_defined_vars())); Yii::import('application.helpers.SurveyRuntimeHelper'); $tmp = new SurveyRuntimeHelper(); $tmp->run($surveyid, $redata); if (isset($_POST['saveall']) || isset($flashmessage)) { echo "<script type='text/javascript'> \$(document).ready( function() { alert('" . gT("Your responses were successfully saved.", "js") . "');}) </script>"; } }
function action() { global $surveyid; global $thissurvey, $thisstep; global $clienttoken, $tokensexist, $token; global $clang; $clang = Yii::app()->lang; @ini_set('session.gc_maxlifetime', Yii::app()->getConfig('iSessionExpirationTime')); $this->_loadRequiredHelpersAndLibraries(); $param = $this->_getParameters(func_get_args(), $_POST); $surveyid = $param['sid']; Yii::app()->setConfig('surveyID', $surveyid); $thisstep = $param['thisstep']; $move = $param['move']; $clienttoken = $param['token']; $standardtemplaterootdir = Yii::app()->getConfig('standardtemplaterootdir'); // unused vars in this method (used in methods using compacted method vars) @($loadname = $param['loadname']); @($loadpass = $param['loadpass']); $sitename = Yii::app()->getConfig('sitename'); if (isset($param['newtest']) && $param['newtest'] == "Y") { killSurveySession($surveyid); } list($surveyExists, $isSurveyActive) = $this->_surveyExistsAndIsActive($surveyid); // collect all data in this method to pass on later $redata = compact(array_keys(get_defined_vars())); $clang = $this->_loadLimesurveyLang($surveyid); if ($this->_isClientTokenDifferentFromSessionToken($clienttoken, $surveyid)) { $asMessage = array($clang->gT('Token mismatch'), $clang->gT('The token you provided doesn\'t match the one in your session.'), $clang->gT('Please wait to begin with a new session.')); $this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage); } if ($this->_isSurveyFinished($surveyid)) { $asMessage = array($clang->gT('Previous session is set to be finished.'), $clang->gT('Your browser reports that it was used previously to answer this survey. We are resetting the session so that you can start from the beginning.'), $clang->gT('Please wait to begin with a new session.')); $this->_createNewUserSessionAndRedirect($surveyid, $redata, __LINE__, $asMessage); } if ($this->_isPreviewAction($param) && !$this->_canUserPreviewSurvey($surveyid)) { $asMessage = array($clang->gT('Error'), $clang->gT('We are sorry but you don\'t have permissions to do this.')); $this->_niceExit($redata, __LINE__, null, $asMessage); } if ($this->_surveyCantBeViewedWithCurrentPreviewAccess($surveyid, $isSurveyActive, $surveyExists)) { $bPreviewRight = $this->_userHasPreviewAccessSession($surveyid); if ($bPreviewRight === false) { $asMessage = array($clang->gT("Error"), $clang->gT("We are sorry but you don't have permissions to do this."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, null, $asMessage); } } // TODO can this be moved to the top? // (Used to be global, used in ExpressionManager, merged into amVars. If not filled in === '') // can this be added in the first computation of $redata? if (isset($_SESSION['survey_' . $surveyid]['srid'])) { $saved_id = $_SESSION['survey_' . $surveyid]['srid']; } // recompute $redata since $saved_id used to be a global $redata = compact(array_keys(get_defined_vars())); /*if ( $this->_didSessionTimeOut() ) { // @TODO is this still required ? $asMessage = array( $clang->gT("Error"), $clang->gT("We are sorry but your session has expired."), $clang->gT("Either you have been inactive for too long, you have cookies disabled for your browser, or there were problems with your connection."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."),$thissurvey['adminname'],$thissurvey['adminemail']) ); $this->_niceExit($redata, __LINE__, null, $asMessage); };*/ // Set the language of the survey, either from POST, GET parameter of session var if (!empty($_REQUEST['lang'])) { $sTempLanguage = sanitize_languagecode($_REQUEST['lang']); } elseif (!empty($param['lang'])) { $sTempLanguage = sanitize_languagecode($param['lang']); } elseif (isset($_SESSION['survey_' . $surveyid]['s_lang'])) { $sTempLanguage = $_SESSION['survey_' . $surveyid]['s_lang']; } else { $sTempLanguage = ''; } //CHECK FOR REQUIRED INFORMATION (sid) if ($surveyid && $surveyExists) { LimeExpressionManager::SetSurveyId($surveyid); // must be called early - it clears internal cache if a new survey is being used $clang = SetSurveyLanguage($surveyid, $sTempLanguage); UpdateSessionGroupList($surveyid, $sTempLanguage); // to refresh the language strings in the group list session variable UpdateFieldArray(); // to refresh question titles and question text } else { if (!is_null($param['lang'])) { $sDisplayLanguage = $param['lang']; } else { $sDisplayLanguage = Yii::app()->getConfig('defaultlang'); } $clang = $this->_loadLimesurveyLang($sDisplayLanguage); $languagechanger = makeLanguageChanger($sDisplayLanguage); //Find out if there are any publicly available surveys $query = "SELECT sid, surveyls_title, publicstatistics, language\n FROM {{surveys}}\n INNER JOIN {{surveys_languagesettings}}\n ON ( surveyls_survey_id = sid )\n AND (surveyls_language=language)\n WHERE\n active='Y'\n AND listpublic='Y'\n AND ((expires >= '" . date("Y-m-d H:i") . "') OR (expires is null))\n AND ((startdate <= '" . date("Y-m-d H:i") . "') OR (startdate is null))\n ORDER BY surveyls_title"; $result = dbExecuteAssoc($query, false, true) or safeDie("Could not connect to database. If you try to install LimeSurvey please refer to the <a href='http://docs.limesurvey.org'>installation docs</a> and/or contact the system administrator of this webpage."); //Checked $list = array(); foreach ($result->readAll() as $rows) { $querylang = "SELECT surveyls_title\n FROM {{surveys_languagesettings}}\n WHERE surveyls_survey_id={$rows['sid']}\n AND surveyls_language='{$sDisplayLanguage}'"; $resultlang = Yii::app()->db->createCommand($querylang)->queryRow(); if ($resultlang['surveyls_title']) { $rows['surveyls_title'] = $resultlang['surveyls_title']; $langtag = ""; } else { $langtag = "lang=\"{$rows['language']}\""; } $link = "<li><a href='" . $this->getController()->createUrl('/survey/index/sid/' . $rows['sid']); if (isset($param['lang']) && $langtag == "") { $link .= "/lang-" . sanitize_languagecode($param['lang']); } $link .= "' {$langtag} class='surveytitle'>" . $rows['surveyls_title'] . "</a>\n"; if ($rows['publicstatistics'] == 'Y') { $link .= "<a href='" . $this->getController()->createUrl("/statistics_user/action/surveyid/" . $rows['sid']) . "/language/" . $sDisplayLanguage . "'>(" . $clang->gT('View statistics') . ")</a>"; } $link .= "</li>\n"; $list[] = $link; } //Check for inactive surveys which allow public registration. // TODO add a new template replace {SURVEYREGISTERLIST} ? $squery = "SELECT sid, surveyls_title, publicstatistics, language\n FROM {{surveys}}\n INNER JOIN {{surveys_languagesettings}}\n ON (surveyls_survey_id = sid)\n AND (surveyls_language=language)\n WHERE allowregister='Y'\n AND active='Y'\n AND listpublic='Y'\n AND ((expires >= '" . date("Y-m-d H:i") . "') OR (expires is null))\n AND (startdate >= '" . date("Y-m-d H:i") . "')\n ORDER BY surveyls_title"; $sresult = dbExecuteAssoc($squery) or safeDie("Couldn't execute {$squery}"); $aRows = $sresult->readAll(); if (count($aRows) > 0) { $list[] = "</ul>" . " <div class=\"survey-list-heading\">" . $clang->gT("Following survey(s) are not yet active but you can register for them.") . "</div>" . " <ul>"; // TODO give it to template foreach ($aRows as $rows) { $querylang = "SELECT surveyls_title\n FROM {{surveys_languagesettings}}\n WHERE surveyls_survey_id={$rows['sid']}\n AND surveyls_language='{$sDisplayLanguage}'"; $resultlang = Yii::app()->db->createCommand($querylang)->queryRow(); if ($resultlang['surveyls_title']) { $rows['surveyls_title'] = $resultlang['surveyls_title']; $langtag = ""; } else { $langtag = "lang=\"{$rows['language']}\""; } $link = "<li><a href=\"#\" id='inactivesurvey' onclick = 'sendreq(" . $rows['sid'] . ");' "; //$link = "<li><a href=\"#\" id='inactivesurvey' onclick = 'convertGETtoPOST(".$this->getController()->createUrl('survey/send/')."?sid={$rows['sid']}&)sendreq(".$rows['sid'].",".$rows['startdate'].",".$rows['expires'].");' "; $link .= " {$langtag} class='surveytitle'>" . $rows['surveyls_title'] . "</a>\n"; $link .= "</li><div id='regform'></div>\n"; $list[] = $link; } } if (count($list) < 1) { $list[] = "<li class='surveytitle'>" . $clang->gT("No available surveys") . "</li>"; } if (!$surveyid) { $thissurvey['name'] = Yii::app()->getConfig("sitename"); $nosid = $clang->gT("You have not provided a survey identification number"); } else { $thissurvey['name'] = $clang->gT("The survey identification number is invalid"); $nosid = $clang->gT("The survey identification number is invalid"); } $surveylist = array("nosid" => $nosid, "contact" => sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), Yii::app()->getConfig("siteadminname"), encodeEmail(Yii::app()->getConfig("siteadminemail"))), "listheading" => $clang->gT("The following surveys are available:"), "list" => implode("\n", $list)); $data['thissurvey'] = $thissurvey; //$data['privacy'] = $privacy; $data['surveylist'] = $surveylist; $data['surveyid'] = $surveyid; $data['templatedir'] = getTemplatePath(Yii::app()->getConfig("defaulttemplate")); $data['templateurl'] = getTemplateURL(Yii::app()->getConfig("defaulttemplate")) . "/"; $data['templatename'] = Yii::app()->getConfig("defaulttemplate"); $data['sitename'] = Yii::app()->getConfig("sitename"); $data['languagechanger'] = $languagechanger; //A nice exit sendCacheHeaders(); doHeader(); $this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/startpage.pstpl", $data, __LINE__); $this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/surveylist.pstpl", $data, __LINE__); echo '<script type="text/javascript" > function sendreq(surveyid) { $.ajax({ type: "GET", url: "' . $this->getController()->createUrl("/register/ajaxregisterform/surveyid") . '/" + surveyid, }).done(function(msg) { document.getElementById("regform").innerHTML = msg; }); } </script>'; $this->_printTemplateContent(getTemplatePath(Yii::app()->getConfig("defaulttemplate")) . "/endpage.pstpl", $data, __LINE__); doFooter(); exit; } // Get token if (!isset($token)) { $token = $clienttoken; } //GET BASIC INFORMATION ABOUT THIS SURVEY $thissurvey = getSurveyInfo($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']); //SEE IF SURVEY USES TOKENS if ($surveyExists == 1 && tableExists('{{tokens_' . $thissurvey['sid'] . '}}')) { $tokensexist = 1; } else { $tokensexist = 0; unset($_POST['token']); unset($param['token']); unset($token); unset($clienttoken); } //SET THE TEMPLATE DIRECTORY $thistpl = getTemplatePath($thissurvey['templatedir']); $timeadjust = Yii::app()->getConfig("timeadjust"); //MAKE SURE SURVEY HASN'T EXPIRED if ($thissurvey['expiry'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) > $thissurvey['expiry'] && $thissurvey['active'] != 'N') { $redata = compact(array_keys(get_defined_vars())); $asMessage = array($clang->gT("Error"), $clang->gT("This survey is no longer available."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage); } //MAKE SURE SURVEY IS ALREADY VALID if ($thissurvey['startdate'] != '' and dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust) < $thissurvey['startdate'] && $thissurvey['active'] != 'N') { $redata = compact(array_keys(get_defined_vars())); $asMessage = array($clang->gT("Error"), $clang->gT("This survey is not yet started."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage); } //CHECK FOR PREVIOUSLY COMPLETED COOKIE //If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE" $sCookieName = "LS_" . $surveyid . "_STATUS"; if (isset($_COOKIE[$sCookieName]) && $_COOKIE[$sCookieName] == "COMPLETE" && $thissurvey['usecookie'] == "Y" && $tokensexist != 1 && (!isset($param['newtest']) || $param['newtest'] != "Y")) { $redata = compact(array_keys(get_defined_vars())); $asMessage = array($clang->gT("Error"), $clang->gT("You have already completed this survey."), sprintf($clang->gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage); } if (isset($_GET['loadall']) && $_GET['loadall'] == "reload") { if (returnGlobal('loadname') && returnGlobal('loadpass')) { $_POST['loadall'] = "reload"; } } //LOAD SAVED SURVEY if (isset($_POST['loadall']) && $_POST['loadall'] == "reload") { $errormsg = ""; if (!isset($param['loadname']) || $param['loadname'] == null) { $errormsg .= $clang->gT("You did not provide a name") . "<br />\n"; } if (!isset($param['loadpass']) || $param['loadpass'] == null) { $errormsg .= $clang->gT("You did not provide a password") . "<br />\n"; } // if security question answer is incorrect // Not called if scid is set in GET params (when using email save/reload reminder URL) if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])) { if ((!isset($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || $_POST['loadsecurity'] != $_SESSION['survey_' . $surveyid]['secanswer']) && !isset($_GET['scid'])) { $errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n"; } } // Load session before loading the values from the saved data if (isset($_GET['loadall'])) { buildsurveysession($surveyid); } $_SESSION['survey_' . $surveyid]['holdname'] = $param['loadname']; //Session variable used to load answers every page. $_SESSION['survey_' . $surveyid]['holdpass'] = $param['loadpass']; //Session variable used to load answers every page. if ($errormsg == "") { loadanswers(); } $move = "movenext"; if ($errormsg) { $_POST['loadall'] = $clang->gT("Load unfinished survey"); } } //Allow loading of saved survey if (isset($_POST['loadall']) && $_POST['loadall'] == $clang->gT("Load unfinished survey")) { $redata = compact(array_keys(get_defined_vars())); Yii::import("application.libraries.Load_answers"); $tmp = new Load_answers(); $tmp->run($redata); } //Check if TOKEN is used for EVERY PAGE //This function fixes a bug where users able to submit two surveys/votes //by checking that the token has not been used at each page displayed. // bypass only this check at first page (Step=0) because // this check is done in buildsurveysession and error message // could be more interresting there (takes into accound captcha if used) if ($tokensexist == 1 && isset($token) && $token && isset($_SESSION['survey_' . $surveyid]['step']) && $_SESSION['survey_' . $surveyid]['step'] > 0 && tableExists("tokens_{$surveyid}}}")) { //check if tokens actually haven't been already used $areTokensUsed = usedTokens(trim(strip_tags(returnGlobal('token'))), $surveyid); // check if token actually does exist // check also if it is allowed to change survey after completion if ($thissurvey['alloweditaftercompletion'] == 'Y') { $sQuery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "'"; } else { $sQuery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "' AND (completed = 'N' or completed='')"; } $aRow = Yii::app()->db->createCommand($sQuery)->queryRow(); $tokendata = $aRow; if (!$aRow || $areTokensUsed && $thissurvey['alloweditaftercompletion'] != 'Y') { sendCacheHeaders(); doHeader(); //TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__); $asMessage = array(null, $clang->gT("This is a controlled survey. You need a valid token to participate."), sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)")); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true); } } if ($tokensexist == 1 && isset($token) && $token && tableExists("{{tokens_" . $surveyid . "}}")) { // check also if it is allowed to change survey after completion if ($thissurvey['alloweditaftercompletion'] == 'Y') { $tkquery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "'"; } else { $tkquery = "SELECT * FROM {{tokens_" . $surveyid . "}} WHERE token='" . $token . "' AND (completed = 'N' or completed='')"; } $tkresult = dbExecuteAssoc($tkquery); //Checked $tokendata = $tkresult->read(); if (isset($tokendata['validfrom']) && (trim($tokendata['validfrom']) != '' && $tokendata['validfrom'] > dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust)) || isset($tokendata['validuntil']) && (trim($tokendata['validuntil']) != '' && $tokendata['validuntil'] < dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust))) { sendCacheHeaders(); doHeader(); //TOKEN DOESN'T EXIST OR HAS ALREADY BEEN USED. EXPLAIN PROBLEM AND EXIT $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__); $asMessage = array(null, $clang->gT("We are sorry but you are not allowed to enter this survey."), $clang->gT("Your token seems to be valid but can be used only during a certain time period."), sprintf($clang->gT("For further information please contact %s"), $thissurvey['adminname'] . " (<a href='mailto:{$thissurvey['adminemail']}'>" . "{$thissurvey['adminemail']}</a>)")); $this->_niceExit($redata, __LINE__, $thistpl, $asMessage, true); } } //Clear session and remove the incomplete response if requested. if (isset($move) && $move == "clearall") { // delete the response but only if not already completed $s_lang = $_SESSION['survey_' . $surveyid]['s_lang']; if (isset($_SESSION['survey_' . $surveyid]['srid']) && !Survey_dynamic::model($surveyid)->isCompleted($_SESSION['survey_' . $surveyid]['srid'])) { // delete the response but only if not already completed $result = dbExecuteAssoc('DELETE FROM {{survey_' . $surveyid . '}} WHERE id=' . $_SESSION['survey_' . $surveyid]['srid'] . " AND submitdate IS NULL"); if ($result->count() > 0) { // Using count() here *should* be okay for MSSQL because it is a delete statement // find out if there are any fuqt questions - checked $fieldmap = createFieldMap($surveyid, 'short', false, false, $s_lang); foreach ($fieldmap as $field) { if ($field['type'] == "|" && !strpos($field['fieldname'], "_filecount")) { if (!isset($qid)) { $qid = array(); } $qid[] = $field['fieldname']; } } // if yes, extract the response json to those questions if (isset($qid)) { $query = "SELECT * FROM {{survey_" . $surveyid . "}} WHERE id=" . $_SESSION['survey_' . $surveyid]['srid']; $result = dbExecuteAssoc($query); foreach ($result->readAll() as $row) { foreach ($qid as $question) { $json = $row[$question]; if ($json == "" || $json == NULL) { continue; } // decode them $phparray = json_decode($json); foreach ($phparray as $metadata) { $target = Yii::app()->getConfig("uploaddir") . "/surveys/" . $surveyid . "/files/"; // delete those files unlink($target . $metadata->filename); } } } } // done deleting uploaded files } // also delete a record from saved_control when there is one dbExecuteAssoc('DELETE FROM {{saved_control}} WHERE srid=' . $_SESSION['survey_' . $surveyid]['srid'] . ' AND sid=' . $surveyid); } killSurveySession($surveyid); sendCacheHeaders(); doHeader(); $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); echo "\n\n<!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->\n" . "\t<script type='text/javascript'>\n" . "\t<!--\n" . "function checkconditions(value, name, type, evt_type)\n" . "\t{\n" . "\t}\n" . "\t//-->\n" . "\t</script>\n\n"; //Present the clear all page using clearall.pstpl template $this->_printTemplateContent($thistpl . '/clearall.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__); doFooter(); exit; } //Check to see if a refering URL has been captured. if (!isset($_SESSION['survey_' . $surveyid]['refurl'])) { $_SESSION['survey_' . $surveyid]['refurl'] = GetReferringUrl(); // do not overwrite refurl } // Let's do this only if // - a saved answer record hasn't been loaded through the saved feature // - the survey is not anonymous // - the survey is active // - a token information has been provided // - the survey is setup to allow token-response-persistence if (!isset($_SESSION['survey_' . $surveyid]['srid']) && $thissurvey['anonymized'] == "N" && $thissurvey['active'] == "Y" && isset($token) && $token != '') { // load previous answers if any (dataentry with nosubmit) $sQuery = "SELECT id,submitdate,lastpage FROM {$thissurvey['tablename']} WHERE {$thissurvey['tablename']}.token='{$token}' order by id desc"; $aRow = Yii::app()->db->createCommand($sQuery)->queryRow(); if ($aRow) { if ($aRow['submitdate'] == '' && $thissurvey['tokenanswerspersistence'] == 'Y' || $aRow['submitdate'] != '' && $thissurvey['alloweditaftercompletion'] == 'Y') { $_SESSION['survey_' . $surveyid]['srid'] = $aRow['id']; if (!is_null($aRow['lastpage']) && $aRow['submitdate'] == '') { $_SESSION['survey_' . $surveyid]['LEMtokenResume'] = true; $_SESSION['survey_' . $surveyid]['step'] = $aRow['lastpage']; } } buildsurveysession($surveyid); loadanswers(); } } // // SAVE POSTED ANSWERS TO DATABASE IF MOVE (NEXT,PREV,LAST, or SUBMIT) or RETURNING FROM SAVE FORM // if (isset($move) || isset($_POST['saveprompt'])) // { // $redata = compact(array_keys(get_defined_vars())); // //save.php // Yii::import("application.libraries.Save"); // $tmp = new Save(); // $tmp->run($redata); // // // RELOAD THE ANSWERS INCASE SOMEONE ELSE CHANGED THEM // if ($thissurvey['active'] == "Y" && // ( $thissurvey['allowsave'] == "Y" || $thissurvey['tokenanswerspersistence'] == "Y") ) // { // loadanswers(); // } // } if (isset($param['action']) && $param['action'] == 'previewgroup') { $thissurvey['format'] = 'G'; buildsurveysession($surveyid, true); } if (isset($param['action']) && $param['action'] == 'previewquestion') { $thissurvey['format'] = 'S'; buildsurveysession($surveyid, true); } sendCacheHeaders(); //Send local variables to the appropriate survey type unset($redata); $redata = compact(array_keys(get_defined_vars())); Yii::import('application.helpers.SurveyRuntimeHelper'); $tmp = new SurveyRuntimeHelper(); $tmp->run($surveyid, $redata); if (isset($_POST['saveall']) || isset($flashmessage)) { echo "<script type='text/javascript'> \$(document).ready( function() { alert('" . $clang->gT("Your responses were successfully saved.", "js") . "');}) </script>"; } }
public function beforeSurveyPage() { $oEvent = $this->event; $iSurveyId = $oEvent->get('surveyId'); self::__init(); $bUse=$this->get('bUse', 'Survey', $iSurveyId); if(is_null($bUse)) $bUse=$this->bUse; if(!$bUse) return; $sToken= Yii::app()->request->getParam('token'); if($iSurveyId && !$sToken)// Test invalid token ? { // Get the survey model $oSurvey=Survey::model()->find("sid=:sid",array(':sid'=>$iSurveyId)); if($oSurvey && $oSurvey->active=="Y" && $oSurvey->allowregister=="Y" && tableExists("tokens_{$iSurveyId}")) { // Fill parameters $bShowTokenForm=$this->get('bShowTokenForm', 'Survey', $iSurveyId); if(is_null($bShowTokenForm)) $bShowTokenForm=$this->bShowTokenForm; $bShowTokenForm=$this->get('use', 'Survey', $iSurveyId); if(is_null($bShowTokenForm)) $bShowTokenForm=$this->bUse; Yii::app()->getClientScript()->registerCssFile(Yii::app()->getConfig('publicurl')."plugins/replaceRegister/css/register.css"); // We can go $sLanguage = Yii::app()->request->getParam('lang',''); if ($sLanguage=="" ) { $sLanguage = Survey::model()->findByPk($iSurveyId)->language; } $aSurveyInfo=getSurveyInfo($iSurveyId,$sLanguage); $sAction= Yii::app()->request->getParam('action','view') ; $sHtmlRegistererror=""; $sHtmlRegistermessage1=gT("You must be registered to complete this survey");; $sHtmlRegistermessage2=gT("You may register for this survey if you wish to take part.")."<br />\n".gT("Enter your details below, and an email containing the link to participate in this survey will be sent immediately."); $sHtmlRegisterform=""; $sHtml=""; $bShowForm=true; $bValidMail=false; $bTokenCreate=true; $aExtraParams=array(); $aRegisterError=array(); $sR_email= Yii::app()->request->getPost('register_email'); $sR_firstname= sanitize_xss_string(Yii::app()->request->getPost('register_firstname',"")); $sR_lastname= sanitize_xss_string(Yii::app()->request->getPost('register_lastname',"")); $sR_lastname= sanitize_xss_string(Yii::app()->request->getPost('register_lastname',"")); $aR_attribute=array(); $aR_attributeGet=array(); $aExtraParams=array(); $aMail=array(); foreach ($aSurveyInfo['attributedescriptions'] as $field => $aAttribute) { if (!empty($aAttribute['show_register']) && $aAttribute['show_register'] == 'Y') { $aR_attribute[$field]= sanitize_xss_string(Yii::app()->request->getPost('register_'.$field),"");// Need to be filtered ? } elseif($aAttribute['description']==sanitize_paranoid_string($aAttribute['description']) && trim(Yii::app()->request->getQuery($aAttribute['description'],"")) ) { $aR_attributeGet[$field]= sanitize_xss_string(trim(Yii::app()->request->getQuery($aAttribute['description'],"")));// Allow prefill with URL (TODO: add an option) $aExtraParams[$aAttribute['description']]=sanitize_xss_string(trim(Yii::app()->request->getParam($aAttribute['description'],""))); } } if($sAction=='register' && !is_null($sR_email) && Yii::app()->request->getPost('changelang')!='changelang') { $bShowForm=false; // captcha $sLoadsecurity=Yii::app()->request->getPost('loadsecurity'); $sSecAnswer=(isset($_SESSION['survey_'.$iSurveyId]['secanswer']))?$_SESSION['survey_'.$iSurveyId]['secanswer']:""; $bShowForm=false; $bNoError=true; // Copy paste RegisterController if($sR_email) { //Check that the email is a valid style addressattribute_2 if (!validateEmailAddress($sR_email)) { $aRegisterError[]= gT("The email you used is not valid. Please try again."); } } else { $aRegisterError[]= gT("The email you used is not valid. Please try again.");// Empty email } // Fill and validate mandatory extra attribute foreach ($aSurveyInfo['attributedescriptions'] as $field => $aAttribute) { if (!empty($aAttribute['show_register']) && $aAttribute['show_register'] == 'Y' && $aAttribute['mandatory'] == 'Y' && ($aR_attribute[$field]=="" || is_null($aR_attribute[$field])) ) { $aRegisterError[]= sprintf(gT("%s cannot be left empty").".", $aSurveyInfo['attributecaptions'][$field]); } } // Check the security question's answer : at end because the security question is the last one if (function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen',$aSurveyInfo['usecaptcha']) ) { if (!$sLoadsecurity || !$sSecAnswer || $sLoadsecurity != $sSecAnswer) { $aRegisterError[]= gT("The answer to the security question is incorrect."); } } if(count($aRegisterError)==0) { //Check if this email already exists in token database $oToken=TokenDynamic::model($iSurveyId)->find('email=:email',array(':email'=>$sR_email)); if ($oToken) { if($oToken->usesleft<1 && $aSurveyInfo['alloweditaftercompletion']!='Y') { $aRegisterError="The e-mail address you have entered is already registered an the questionnaire has been completed."; } elseif(strtolower(substr(trim($oToken->emailstatus),0,6))==="optout")// And global blacklisting ? { $aRegisterError="This email address is already registered but someone ask to don't receive new email again."; } elseif(!$oToken->emailstatus && $oToken->emailstatus!="OK") { $aRegisterError="This email address is already registered but the email adress was bounced."; } else { $iTokenId=$oToken->tid; $aMail['subject']=$aSurveyInfo['email_register_subj']; $aMail['message']=$aSurveyInfo['email_register']; $aMail['information']="The address you have entered is already registered. An email has been sent to this address with a link that gives you access to the survey."; // Did we update the token ? Setting ? } } else { $oToken= Token::create($iSurveyId); $oToken->firstname = $sR_firstname; $oToken->lastname = $sR_lastname; $oToken->email = $sR_email; $oToken->emailstatus = 'OK'; $oToken->language = $sLanguage; $oToken->setAttributes($aR_attribute); $oToken->setAttributes($aR_attributeGet);// Need an option if ($aSurveyInfo['startdate']) { $oToken->validfrom = $aSurveyInfo['startdate']; } if ($aSurveyInfo['expires']) { $oToken->validuntil = $aSurveyInfo['expires']; } $oToken->save(); $iTokenId=$oToken->tid; TokenDynamic::model($iSurveyId)->createToken($iTokenId);// Review if really create a token $aMail['subject']=$aSurveyInfo['email_register_subj']; $aMail['message']=$aSurveyInfo['email_register']; $aMail['information']=gT("An email has been sent to the address you provided with access details for this survey. Please follow the link in that email to proceed."); } } } if($aMail && $oToken) { $aReplacementFields=array(); $aReplacementFields["{ADMINNAME}"]=$aSurveyInfo['adminname']; $aReplacementFields["{ADMINEMAIL}"]=$aSurveyInfo['adminemail']; $aReplacementFields["{SURVEYNAME}"]=$aSurveyInfo['name']; $aReplacementFields["{SURVEYDESCRIPTION}"]=$aSurveyInfo['description']; $aReplacementFields["{EXPIRY}"]=$aSurveyInfo["expiry"]; $oToken=TokenDynamic::model($iSurveyId)->findByPk($iTokenId); foreach($oToken->attributes as $attribute=>$value){ $aReplacementFields["{".strtoupper($attribute)."}"]=$value; } $sToken=$oToken->token; $aMail['subject']=preg_replace("/{TOKEN:([A-Z0-9_]+)}/","{"."$1"."}",$aMail['subject']); $aMail['message']=preg_replace("/{TOKEN:([A-Z0-9_]+)}/","{"."$1"."}",$aMail['message']); $surveylink = App()->createAbsoluteUrl("/survey/index/sid/{$iSurveyId}",array('lang'=>$sLanguage,'token'=>$sToken)); $optoutlink = App()->createAbsoluteUrl("/optout/tokens/surveyid/{$iSurveyId}",array('langcode'=>$sLanguage,'token'=>$sToken)); $optinlink = App()->createAbsoluteUrl("/optin/tokens/surveyid/{$iSurveyId}",array('langcode'=>$sLanguage,'token'=>$sToken)); if (getEmailFormat($iSurveyId) == 'html') { $useHtmlEmail = true; $aReplacementFields["{SURVEYURL}"]="<a href='$surveylink'>".$surveylink."</a>"; $aReplacementFields["{OPTOUTURL}"]="<a href='$optoutlink'>".$optoutlink."</a>"; $aReplacementFields["{OPTINURL}"]="<a href='$optinlink'>".$optinlink."</a>"; } else { $useHtmlEmail = false; $aReplacementFields["{SURVEYURL}"]= $surveylink; $aReplacementFields["{OPTOUTURL}"]= $optoutlink; $aReplacementFields["{OPTINURL}"]= $optinlink; } // Allow barebone link for all URL $aMail['message'] = str_replace("@@SURVEYURL@@", $surveylink, $aMail['message']); $aMail['message'] = str_replace("@@OPTOUTURL@@", $optoutlink, $aMail['message']); $aMail['message'] = str_replace("@@OPTINURL@@", $optinlink, $aMail['message']); // Replace the fields $aMail['subject']=ReplaceFields($aMail['subject'], $aReplacementFields); $aMail['message']=ReplaceFields($aMail['message'], $aReplacementFields); // We have it, then try to send the mail. $from = "{$aSurveyInfo['adminname']} <{$aSurveyInfo['adminemail']}>"; $sitename = Yii::app()->getConfig('sitename'); if (SendEmailMessage($aMail['message'], $aMail['subject'], $sR_email, $from, $sitename,$useHtmlEmail,getBounceEmail($iSurveyId))) { // TLR change to put date into sent $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i", Yii::app()->getConfig('timeadjust')); $oToken->sent=$today; $oToken->save(); $sReturnHtml="<div id='wrapper' class='message tokenmessage'>" . "<p>".gT("Thank you for registering to participate in this survey.")."</p>\n" . "<p>".$aMail['information']."</p>\n" . "<p>".gT("Survey administrator")." {ADMINNAME} ({ADMINEMAIL})</p>" . "</div>\n"; } else { $sReturnHtml="<div id='wrapper' class='message tokenmessage'>" . "<p>".gT("Thank you for registering to participate in this survey.")."</p>\n" . "<p>"."We can not sent you an email actually, please contact the survey administrator"."</p>\n" . "<p>".gT("Survey administrator")." {ADMINNAME} ({ADMINEMAIL})</p>" . "</div>\n"; } $sReturnHtml=ReplaceFields($sReturnHtml, $aReplacementFields); $sTemplatePath=$aData['templatedir'] = getTemplatePath($aSurveyInfo['template']); ob_start(function($buffer, $phase) { App()->getClientScript()->render($buffer); App()->getClientScript()->reset(); return $buffer; }); ob_implicit_flush(false); sendCacheHeaders(); doHeader(); $aData['thissurvey'] = $aSurveyInfo; $aData['thissurvey'] = $aSurveyInfo; echo templatereplace(file_get_contents($sTemplatePath.'/startpage.pstpl'),array(), $aData); echo templatereplace(file_get_contents($sTemplatePath.'/survey.pstpl'),array(), $aData); echo $sReturnHtml; echo templatereplace(file_get_contents($sTemplatePath.'/endpage.pstpl'),array(), $aData); doFooter(); ob_flush(); App()->end(); } if($bShowForm || count($aRegisterError)) { // Language ? if(count($aRegisterError)==1){ $sHtmlRegistererror="<p class='error error-register'><strong>{$aRegisterError[0]}</strong></p>"; }elseif(count($aRegisterError)>1){ $sHtmlRegistererror="<ul class='error error-register error-list'>"; foreach ($aRegisterError as $sRegisterError) $sHtmlRegistererror.="<li><strong>{$sRegisterError}</strong></li>"; $sHtmlRegistererror.="</ul>"; } $aExtraParams['action']='register'; $aExtraParams['lang']=$sLanguage; $sHtmlRegisterform = CHtml::form(Yii::app()->createUrl("/survey/index/sid/{$iSurveyId}",$aExtraParams), 'post'); $sHtmlRegisterform.="<table class='register'><tbody>\n"; $sHtmlRegisterform.= "<tr><th><label for='register_firstname'>".gT("First name") . "</label></th><td>".CHtml::textField('register_firstname',htmlentities($sR_firstname, ENT_QUOTES, 'UTF-8'),array('class'=>'text'))."</td></tr>\n"; $sHtmlRegisterform.= "<tr><th><label for='register_lastname'>".gT("Last name") . "</label></th><td>".CHtml::textField('register_lastname',htmlentities($sR_lastname, ENT_QUOTES, 'UTF-8'),array('class'=>'text'))."</td></tr>\n"; $sHtmlRegisterform.= "<tr class='mandatory'><th><label for='register_email'>".gT("Email address") . "</label></th><td>".CHtml::textField('register_email',htmlentities($sR_email, ENT_QUOTES, 'UTF-8'),array('class'=>'text'))."</td></tr>\n"; // Extra attribute foreach ($aSurveyInfo['attributedescriptions'] as $field => $aAttribute) { if (!empty($aAttribute['show_register']) && $aAttribute['show_register'] == 'Y') { $sHtmlRegisterform.= "<tr".($aAttribute['mandatory'] == 'Y' ? " class='mandatory'" : '')."><th><label for='register_{$field}'>".$aSurveyInfo['attributecaptions'][$field].($aAttribute['mandatory'] == 'Y' ? ' *' : '')."</label></th><td>".CHtml::textField('register_'.$field,htmlentities($aR_attribute[$field], ENT_QUOTES, 'UTF-8'),array('class'=>'text'))."</td></tr>\n"; } } if (function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $aSurveyInfo['usecaptcha'])) $sHtmlRegisterform.= "<tr><th><label for='loadsecurity'>" . gT("Security question") . "</label></th><td><img src='".Yii::app()->getController()->createUrl("/verification/image/sid/{$iSurveyId}")."' alt='' /><input type='text' size='5' maxlength='3' name='loadsecurity' id='loadsecurity' value='' /></td></tr>\n"; $sHtmlRegisterform.= "<tr><td></td><td>".CHtml::submitButton(gT("Continue"))."</td></tr>"; $sHtmlRegisterform.= "</tbody></table>\n"; $sHtmlRegisterform.= makeLanguageChangerSurvey($sLanguage);// Need to be inside the form $sHtmlRegisterform.= CHtml::endForm(); } $sTemplatePath=$aData['templatedir'] = getTemplatePath($aSurveyInfo['template']); ob_start(function($buffer, $phase) { App()->getClientScript()->render($buffer); App()->getClientScript()->reset(); return $buffer; }); ob_implicit_flush(false); sendCacheHeaders(); doHeader(); // Get the register.pstpl file content, but remplace default by own string $sHtmlRegister=file_get_contents($sTemplatePath.'/register.pstpl'); $sHtmlRegister= str_replace("{REGISTERERROR}",$sHtmlRegistererror,$sHtmlRegister); $sHtmlRegister= str_replace("{REGISTERMESSAGE1}",$sHtmlRegistermessage1,$sHtmlRegister); $sHtmlRegister= str_replace("{REGISTERMESSAGE2}",$sHtmlRegistermessage2,$sHtmlRegister); $sHtmlRegister= str_replace("{REGISTERFORM}",$sHtmlRegisterform,$sHtmlRegister); $aData['thissurvey'] = $aSurveyInfo; echo templatereplace(file_get_contents($sTemplatePath.'/startpage.pstpl'),array(), $aData); echo templatereplace(file_get_contents($sTemplatePath.'/survey.pstpl'),array(), $aData); echo templatereplace($sHtmlRegister); echo templatereplace(file_get_contents($sTemplatePath.'/endpage.pstpl'),array(), $aData); doFooter(); ob_flush(); App()->end(); } } }
public function getRegisterForm($iSurveyId) { $aSurveyInfo = getSurveyInfo($iSurveyId, App()->language); $sTemplate = getTemplatePath($aSurveyInfo['template']); // Event to replace register form $event = new PluginEvent('beforeRegisterForm'); $event->set('surveyid', $iSurveyId); $event->set('lang', App()->language); $event->set('aRegistersErrors', $this->aRegisterErrors); App()->getPluginManager()->dispatchEvent($event); // Allow adding error or replace error with plugin ? $this->aRegisterErrors = $event->get('aRegistersErrors'); if (!is_null($event->get('registerForm'))) { return $event->get('registerForm'); } $aFieldValue = $this->getFieldValue($iSurveyId); $aRegisterAttributes = $this->getExtraAttributeInfo($iSurveyId); $aData['iSurveyId'] = $iSurveyId; $aData['sLanguage'] = App()->language; $aData['sFirstName'] = $aFieldValue['sFirstName']; $aData['sLastName'] = $aFieldValue['sLastName']; $aData['sEmail'] = $aFieldValue['sEmail']; $aData['aAttribute'] = $aFieldValue['aAttribute']; $aData['aExtraAttributes'] = $aRegisterAttributes; $aData['urlAction'] = App()->createUrl('register/index', array('sid' => $iSurveyId)); $aData['bCaptcha'] = function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $aSurveyInfo['usecaptcha']); $aReplacement['REGISTERFORM'] = $this->renderPartial('registerForm', $aData, true); if (is_array($this->aRegisterErrors)) { $sRegisterError = implode('<br />', $this->aRegisterErrors); } else { $sRegisterError = ''; } $aReplacement['REGISTERERROR'] = $sRegisterError; $aReplacement['REGISTERMESSAGE1'] = gT("You must be registered to complete this survey"); if ($sStartDate = $this->getStartDate($iSurveyId)) { $aReplacement['REGISTERMESSAGE2'] = sprintf(gT("You may register for this survey but you have to wait for the %s before starting the survey."), $sStartDate) . "<br />\n" . gT("Enter your details below, and an email containing the link to participate in this survey will be sent immediately."); } else { $aReplacement['REGISTERMESSAGE2'] = gT("You may register for this survey if you wish to take part.") . "<br />\n" . gT("Enter your details below, and an email containing the link to participate in this survey will be sent immediately."); } $aData['thissurvey'] = $aSurveyInfo; Yii::app()->setConfig('surveyID', $iSurveyId); //Needed for languagechanger $aData['languagechanger'] = makeLanguageChangerSurvey(App()->language); /// $oTemplate is a global variable defined in controller/survey/index global $oTemplate; return templatereplace(file_get_contents("{$oTemplate->viewPath}/register.pstpl"), $aReplacement, $aData); }
/** * This function builds all the required session variables when a survey is first started and * it loads any answer defaults from command line or from the table defaultvalues * It is called from the related format script (group.php, question.php, survey.php) * if the survey has just started. * @param int $surveyid * @param boolean $preview Defaults to false * @return void */ function buildsurveysession($surveyid, $preview = false) { Yii::trace('start', 'survey.buildsurveysession'); global $secerror, $clienttoken; global $tokensexist; global $move, $rooturl; $sLangCode = App()->language; $languagechanger = makeLanguageChangerSurvey($sLangCode); if (!$preview) { $preview = Yii::app()->getConfig('previewmode'); } $thissurvey = getSurveyInfo($surveyid, $sLangCode); if ($thissurvey['nokeyboard'] == 'Y') { includeKeypad(); $kpclass = "text-keypad"; } else { $kpclass = ''; } // $thissurvey['template'] already fixed by model : but why put this in session ? $_SESSION['survey_' . $surveyid]['templatename'] = $thissurvey['template']; $_SESSION['survey_' . $surveyid]['templatepath'] = getTemplatePath($thissurvey['template']) . DIRECTORY_SEPARATOR; $sTemplatePath = $_SESSION['survey_' . $surveyid]['templatepath']; $oTemplate = Template::model()->getInstance('', $surveyid); $sTemplatePath = $oTemplate->path; $sTemplateViewPath = $oTemplate->viewPath; /** * This method has multiple outcomes that virtually do the same thing * Possible scenarios/subscenarios are => * - No token required & no captcha required * - No token required & captcha required * > captcha may be wrong * - token required & captcha required * > token may be wrong/used * > captcha may be wrong */ $scenarios = array("tokenRequired" => $tokensexist == 1, "captchaRequired" => isCaptchaEnabled('surveyaccessscreen', $thissurvey['usecaptcha']) && !isset($_SESSION['survey_' . $surveyid]['captcha_surveyaccessscreen'])); /** * Set subscenarios depending on scenario outcome */ $subscenarios = array("captchaCorrect" => false, "tokenValid" => false); //Check the scenario for token required if ($scenarios['tokenRequired']) { //Check for the token-validity if ($thissurvey['alloweditaftercompletion'] == 'Y') { $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token' => $clienttoken)); } else { $oTokenEntry = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $clienttoken)); } $subscenarios['tokenValid'] = !empty($oTokenEntry) && $clienttoken != ""; } else { $subscenarios['tokenValid'] = true; } //Check the scenario for captcha required if ($scenarios['captchaRequired']) { //Check if the Captcha was correct $loadsecurity = returnGlobal('loadsecurity', true); $captcha = Yii::app()->getController()->createAction('captcha'); $subscenarios['captchaCorrect'] = $captcha->validate($loadsecurity, false); } else { $subscenarios['captchaCorrect'] = true; $loadsecurity = false; } //RenderWay defines which html gets rendered to the user_error // Possibilities are main,register,correct $renderCaptcha = ""; $renderToken = ""; //Define array to render the partials $aEnterTokenData = array(); $aEnterTokenData['bNewTest'] = false; $aEnterTokenData['bDirectReload'] = false; $aEnterTokenData['error'] = $secerror; $aEnterTokenData['iSurveyId'] = $surveyid; $aEnterTokenData['sKpClass'] = $kpclass; // ??? $aEnterTokenData['sLangCode'] = $sLangCode; if (isset($_GET['bNewTest']) && $_GET['newtest'] == "Y") { $aEnterTokenData['bNewTest'] = true; } // If this is a direct Reload previous answers URL, then add hidden fields if (isset($loadall) && isset($scid) && isset($loadname) && isset($loadpass)) { $aEnterTokenData['bDirectReload'] = true; $aEnterTokenData['sCid'] = $scid; $aEnterTokenData['sLoadname'] = htmlspecialchars($loadname); $aEnterTokenData['sLoadpass'] = htmlspecialchars($loadpass); } $FlashError = ""; // Scenario => Captcha required if ($scenarios['captchaRequired'] && !$preview) { list($renderCaptcha, $FlashError) = testCaptcha($aEnterTokenData, $subscenarios, $surveyid, $loadsecurity); } // Scenario => Token required if ($scenarios['tokenRequired'] && !$preview) { //Test if token is valid list($renderToken, $FlashError) = testIfTokenIsValid($subscenarios, $thissurvey, $aEnterTokenData, $clienttoken); } //If there were errors, display through yii->FlashMessage if ($FlashError !== "") { $aEnterTokenData['errorMessage'] = $FlashError; } $renderWay = getRenderWay($renderToken, $renderCaptcha); $redata = compact(array_keys(get_defined_vars())); renderRenderWayForm($renderWay, $redata, $scenarios, $sTemplateViewPath, $aEnterTokenData, $surveyid); // Reset all the session variables and start again resetAllSessionVariables($surveyid); // Multi lingual support order : by REQUEST, if not by Token->language else by survey default language if (returnGlobal('lang', true)) { $language_to_set = returnGlobal('lang', true); } elseif (isset($oTokenEntry) && $oTokenEntry) { // If survey have token : we have a $oTokenEntry // Can use $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token'=>$clienttoken)); if we move on another function : this par don't validate the token validity $language_to_set = $oTokenEntry->language; } else { $language_to_set = $thissurvey['language']; } // Always SetSurveyLanguage : surveys controller SetSurveyLanguage too, if different : broke survey (#09769) SetSurveyLanguage($surveyid, $language_to_set); UpdateGroupList($surveyid, $_SESSION['survey_' . $surveyid]['s_lang']); $totalquestions = Question::model()->getTotalQuestions($surveyid); $iTotalGroupsWithoutQuestions = QuestionGroup::model()->getTotalGroupsWithoutQuestions($surveyid); // Fix totalquestions by substracting Test Display questions $iNumberofQuestions = Question::model()->getNumberOfQuestions($surveyid); $_SESSION['survey_' . $surveyid]['totalquestions'] = $totalquestions - (int) reset($iNumberofQuestions); // 2. SESSION VARIABLE: totalsteps setTotalSteps($surveyid, $thissurvey, $totalquestions); // Break out and crash if there are no questions! if ($totalquestions == 0 || $iTotalGroupsWithoutQuestions > 0) { $redata = compact(array_keys(get_defined_vars())); breakOutAndCrash($redata, $sTemplateViewPath, $totalquestions, $iTotalGroupsWithoutQuestions, $thissurvey); } //Perform a case insensitive natural sort on group name then question title of a multidimensional array // usort($arows, 'groupOrderThenQuestionOrder'); //3. SESSION VARIABLE - insertarray //An array containing information about used to insert the data into the db at the submit stage //4. SESSION VARIABLE - fieldarray //See rem at end.. if ($tokensexist == 1 && $clienttoken) { $_SESSION['survey_' . $surveyid]['token'] = $clienttoken; } if ($thissurvey['anonymized'] == "N") { $_SESSION['survey_' . $surveyid]['insertarray'][] = "token"; } $qtypes = getQuestionTypeList('', 'array'); $fieldmap = createFieldMap($surveyid, 'full', true, false, $_SESSION['survey_' . $surveyid]['s_lang']); //$seed = ls\mersenne\getSeed($surveyid, $preview); // Randomization groups for groups list($fieldmap, $randomized1) = randomizationGroup($surveyid, $fieldmap, $preview); // Randomization groups for questions list($fieldmap, $randomized2) = randomizationQuestion($surveyid, $fieldmap, $preview); $randomized = $randomized1 || $randomized2; if ($randomized === true) { $fieldmap = finalizeRandomization($fieldmap); $_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang']] = $fieldmap; $_SESSION['survey_' . $surveyid]['fieldmap-' . $surveyid . '-randMaster'] = 'fieldmap-' . $surveyid . $_SESSION['survey_' . $surveyid]['s_lang']; } // TMSW Condition->Relevance: don't need hasconditions, or usedinconditions $_SESSION['survey_' . $surveyid]['fieldmap'] = $fieldmap; initFieldArray($surveyid, $fieldmap); // Prefill questions/answers from command line params prefillFromCommandLine($surveyid); if (isset($_SESSION['survey_' . $surveyid]['fieldarray'])) { $_SESSION['survey_' . $surveyid]['fieldarray'] = array_values($_SESSION['survey_' . $surveyid]['fieldarray']); } //Check if a passthru label and value have been included in the query url checkPassthruLabel($surveyid, $preview, $fieldmap); Yii::trace('end', 'survey.buildsurveysession'); //traceVar($_SESSION['survey_' . $surveyid]); }
/** * register::index() * Process register form data and take appropriate action * @return */ function actionIndex($iSurveyID = null) { Yii::app()->loadHelper('database'); Yii::app()->loadHelper('replacements'); $sLanguage = Yii::app()->request->getParam('lang', ''); if ($iSurveyID == null) { $iSurveyID = Yii::app()->request->getPost('sid'); } if (!$iSurveyID) { $this->redirect(Yii::app()->baseUrl); } if ($sLanguage == "") { $sBaseLanguage = Survey::model()->findByPk($iSurveyID)->language; } else { $sBaseLanguage = $sLanguage; } Yii::import('application.libraries.Limesurvey_lang'); Yii::app()->lang = new Limesurvey_lang($sBaseLanguage); $clang = Yii::app()->lang; $thissurvey = getSurveyInfo($iSurveyID, $sBaseLanguage); $register_errormsg = ""; // Check the security question's answer if (function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $thissurvey['usecaptcha'])) { if (!isset($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $iSurveyID]['secanswer']) || Yii::app()->request->getPost('loadsecurity') != $_SESSION['survey_' . $iSurveyID]['secanswer']) { $register_errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n"; } } //Check that the email is a valid style address if (!validateEmailAddress(Yii::app()->request->getPost('register_email'))) { $register_errormsg .= $clang->gT("The email you used is not valid. Please try again."); } // Check for additional fields $attributeinsertdata = array(); foreach (GetParticipantAttributes($iSurveyID) as $field => $data) { if (empty($data['show_register']) || $data['show_register'] != 'Y') { continue; } $value = sanitize_xss_string(Yii::app()->request->getPost('register_' . $field)); if (trim($value) == '' && $data['mandatory'] == 'Y') { $register_errormsg .= sprintf($clang->gT("%s cannot be left empty"), $thissurvey['attributecaptions'][$field]); } $attributeinsertdata[$field] = $value; } if ($register_errormsg != "") { $_SESSION['survey_' . $iSurveyID]['register_errormsg'] = $register_errormsg; $this->redirect($this->createUrl("survey/index/sid/{$iSurveyID}", array('lang' => $sBaseLanguage))); } //Check if this email already exists in token database $oToken = TokenDynamic::model($iSurveyID)->find('email=:email', array(':email' => Yii::app()->request->getPost('register_email'))); if ($oToken) { $register_errormsg = $clang->gT("The email you used has already been registered."); $_SESSION['survey_' . $iSurveyID]['register_errormsg'] = $register_errormsg; $this->redirect($this->createUrl("survey/index/sid/{$iSurveyID}", array('lang' => $sBaseLanguage))); //include "index.php"; //exit; } $mayinsert = false; // Get the survey settings for token length $tokenlength = $thissurvey['tokenlength']; //if tokenlength is not set or there are other problems use the default value (15) if (!isset($tokenlength) || $tokenlength == '') { $tokenlength = 15; } while ($mayinsert != true) { $newtoken = randomChars($tokenlength); $oTokenExist = TokenDynamic::model($iSurveyID)->find('token=:token', array(':token' => $newtoken)); if (!$oTokenExist) { $mayinsert = true; } } $postfirstname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_firstname'))); $postlastname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_lastname'))); $starttime = sanitize_xss_string(Yii::app()->request->getPost('startdate')); $endtime = sanitize_xss_string(Yii::app()->request->getPost('enddate')); /*$postattribute1=sanitize_xss_string(strip_tags(returnGlobal('register_attribute1'))); $postattribute2=sanitize_xss_string(strip_tags(returnGlobal('register_attribute2'))); */ // Insert new entry into tokens db $oToken = Token::create($thissurvey['sid']); $oToken->firstname = $postfirstname; $oToken->lastname = $postlastname; $oToken->email = Yii::app()->request->getPost('register_email'); $oToken->emailstatus = 'OK'; $oToken->token = $newtoken; if ($starttime && $endtime) { $oToken->validfrom = $starttime; $oToken->validuntil = $endtime; } $oToken->setAttributes($attributeinsertdata, false); $result = $oToken->save(); //$tid = $oToken->tid;// Not needed any more $fieldsarray["{ADMINNAME}"] = $thissurvey['adminname']; $fieldsarray["{ADMINEMAIL}"] = $thissurvey['adminemail']; $fieldsarray["{SURVEYNAME}"] = $thissurvey['name']; $fieldsarray["{SURVEYDESCRIPTION}"] = $thissurvey['description']; $fieldsarray["{FIRSTNAME}"] = $postfirstname; $fieldsarray["{LASTNAME}"] = $postlastname; $fieldsarray["{EXPIRY}"] = $thissurvey["expiry"]; $fieldsarray["{TOKEN}"] = $oToken->token; $fieldsarray["{EMAIL}"] = $oToken->email; $token = $oToken->token; $message = $thissurvey['email_register']; $subject = $thissurvey['email_register_subj']; $from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>"; $surveylink = $this->createAbsoluteUrl("/survey/index/sid/{$iSurveyID}", array('lang' => $sBaseLanguage, 'token' => $newtoken)); $optoutlink = $this->createAbsoluteUrl("/optout/tokens/surveyid/{$iSurveyID}", array('langcode' => $sBaseLanguage, 'token' => $newtoken)); $optinlink = $this->createAbsoluteUrl("/optin/tokens/surveyid/{$iSurveyID}", array('langcode' => $sBaseLanguage, 'token' => $newtoken)); if (getEmailFormat($iSurveyID) == 'html') { $useHtmlEmail = true; $fieldsarray["{SURVEYURL}"] = "<a href='{$surveylink}'>" . $surveylink . "</a>"; $fieldsarray["{OPTOUTURL}"] = "<a href='{$optoutlink}'>" . $optoutlink . "</a>"; $fieldsarray["{OPTINURL}"] = "<a href='{$optinlink}'>" . $optinlink . "</a>"; } else { $useHtmlEmail = false; $fieldsarray["{SURVEYURL}"] = $surveylink; $fieldsarray["{OPTOUTURL}"] = $optoutlink; $fieldsarray["{OPTINURL}"] = $optinlink; } $message = ReplaceFields($message, $fieldsarray); $subject = ReplaceFields($subject, $fieldsarray); $html = ""; //Set variable $sitename = Yii::app()->getConfig('sitename'); if (SendEmailMessage($message, $subject, Yii::app()->request->getPost('register_email'), $from, $sitename, $useHtmlEmail, getBounceEmail($iSurveyID))) { // TLR change to put date into sent $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i", Yii::app()->getConfig('timeadjust')); $oToken->sent = $today; $oToken->save(); $html = "<div id='wrapper' class='message tokenmessage'>" . "<p>" . $clang->gT("Thank you for registering to participate in this survey.") . "</p>\n" . "<p>" . $clang->gT("An email has been sent to the address you provided with access details for this survey. Please follow the link in that email to proceed.") . "</p>\n" . "<p>" . $clang->gT("Survey administrator") . " {ADMINNAME} ({ADMINEMAIL})</p>" . "</div>\n"; $html = ReplaceFields($html, $fieldsarray); } else { $html = "Email Error"; } //PRINT COMPLETED PAGE if (!$thissurvey['template']) { $thistpl = getTemplatePath(validateTemplateDir('default')); } else { $thistpl = getTemplatePath(validateTemplateDir($thissurvey['template'])); } // Same fix than http://bugs.limesurvey.org/view.php?id=8441 ob_start(function ($buffer, $phase) { App()->getClientScript()->render($buffer); App()->getClientScript()->reset(); return $buffer; }); ob_implicit_flush(false); sendCacheHeaders(); doHeader(); Yii::app()->lang = $clang; // fetch the defined variables and pass it to the header footer templates. $redata = compact(array_keys(get_defined_vars())); $this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__); $this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__); echo $html; $this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__); doFooter(); ob_flush(); }