<?php

$f_groupid = (int) readGetVar('groupid');
$f_ids = explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('ids'));
if ($_GET["set"]) {
    foreach ($f_ids as $i_id) {
        //9917//9917
        $g_db->Execute("INSERT INTO " . $srv_settings['table_prefix'] . "groups_users (groupid, id) VALUES ({$f_groupid}, {$i_id})");
    }
} else {
    $i_sql_where_addon = '';
    reset($f_ids);
    if (list(, $val) = each($f_ids)) {
        $i_sql_where_addon .= "id=" . (int) $val;
    }
    while (list(, $val) = each($f_ids)) {
        $i_sql_where_addon .= " OR id=" . (int) $val;
    }
    if ($i_sql_where_addon) {
        $i_sql_where_addon = ' AND (' . $i_sql_where_addon . ')';
    }
    //9917//9917
    if ($g_db->Execute("DELETE FROM " . $srv_settings['table_prefix'] . "groups_users WHERE groupid={$f_groupid}" . $i_sql_where_addon) === false) {
        showDBError(__FILE__, 2);
    }
}
gotoLocation('users.php' . getURLAddon('?action=groups', array('action')));
require_once "inc/init.inc.php";
if (isset($G_SESSION['id'])) {
    if ($G_SESSION['access_reporttemplates'] > 0) {
        $g_vars['page']['title'] = $lngstr['page_title_rtemplates'];
        switch (readGetVar('action')) {
            case 'create':
                if ($G_SESSION['access_reporttemplates'] > 1) {
                    include_once $DOCUMENT_PAGES . "report-templates-4.inc.php";
                } else {
                    gotoLocation('report-templates.php');
                }
                break;
            case 'delete':
                if ($G_SESSION['access_reporttemplates'] > 1) {
                    $f_confirmed = readGetVar('confirmed');
                    if ($f_confirmed == 1) {
                        if (isset($_GET['rtemplateid']) || isset($_POST["box_rtemplates"])) {
                            include_once $DOCUMENT_PAGES . "report-templates-5.inc.php";
                        } else {
                            gotoLocation('report-templates.php');
                        }
                    } else {
                        if ($f_confirmed == '0') {
                            gotoLocation('report-templates.php');
                        } else {
                            $i_confirm_header = $lngstr['page-rtemplates']['delete_rtemplate'];
                            $i_confirm_request = $lngstr['page-rtemplates']['qst_rtemplate_delete'];
                            $i_confirm_url = 'report-templates.php?rtemplateid=' . (int) $_GET['rtemplateid'] . '&action=delete';
                            include_once $DOCUMENT_PAGES . "confirm.inc.php";
                        }
    $i_rSet2->Close();
}
$f_subjectid = isset($_GET['subjectid']) ? (int) readGetVar('subjectid') : '';
writeTR2($lngstr['page_edittests_subjectid'], getSelectElement('subjectid', $f_subjectid, $i_subjects, ' onchange="document.location.href=\'test-manager.php?subjectid=\'+this.value+\'' . $i_testid_addon . $i_order_addon . $i_url_limitto_addon . '\';"'));
$i_tests = array('' => $lngstr['label_none']);
$i_rSet2 = $g_db->Execute("SELECT * FROM " . $srv_settings['table_prefix'] . "tests");
if (!$i_rSet2) {
    showDBError(__FILE__, 2);
} else {
    while (!$i_rSet2->EOF) {
        $i_tests[$i_rSet2->fields['testid']] = $i_rSet2->fields['test_name'];
        $i_rSet2->MoveNext();
    }
    $i_rSet2->Close();
}
$f_testid = isset($_GET['testid']) ? (int) readGetVar('testid') : '';
writeTR2($lngstr['page_edittests_testname'], getSelectElement('testid', $f_testid, $i_tests, ' onchange="document.location.href=\'test-manager.php?testid=\'+this.value+\'' . $i_subjectid_addon . $i_order_addon . $i_url_limitto_addon . '\';"'));
echo '</table>';
echo '</div></td></tr>';
echo '</table></p>';
echo '<p><form name=testsForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>';
echo '<table cellpadding=0 cellspacing=0 border=0 width="100%" style="background: url(images/toolbar-background.gif) repeat-x"><tr vAlign=center><td width=2><img src="images/toolbar-left.gif" width=2 height=32></td><td width=32><a href="test-manager.php?action=create"><img src="images/button-new-big.gif" width=32 height=32 border=0 title="' . $lngstr['label_action_create_test'] . '"></a></td><td width=3><img src="images/toolbar-separator.gif" width=3 height=32 border=0></td><td width=32><img src="images/button-groups-big.gif" border=0 title="' . $lngstr['label_action_groups'] . '" style="cursor: hand;" onclick="f=document.testsForm;f.action=\'test-manager.php?action=groups\';f.submit();"></td><td width=3><img src="images/toolbar-separator.gif" width=3 height=32 border=0></td><td width=32><img src="images/button-cross-big.gif" border=0 title="' . $lngstr['label_action_tests_delete'] . '" style="cursor: hand;" onclick="f=document.testsForm;if (confirm(\'' . $lngstr['qst_delete_tests'] . '\')) { f.action=\'test-manager.php?action=delete&confirmed=1\';f.submit();}"></td>';
echo '<td width=3><img src="images/1x1.gif" width=3 height=1></td>';
echo '<td width="100%">&nbsp;</td>';
if ($i_limitcount > 0) {
    $i_url_pages_addon = $i_url_limitto_addon . $i_order_addon . $i_testid_addon . $i_subjectid_addon;
    echo '<td vAlign=middle width=32><nobr>&nbsp;' . sprintf($lngstr['label']['KtoLofN'], $nRecordFrom, $nRecordTo, $i_recordcount) . '&nbsp;</nobr></td>';
    echo '<td width=3><img src="images/toolbar-separator.gif" width=3 height=32 border=0></td>';
    echo '<td vAlign=middle width=32><nobr>&nbsp;';
    for ($i = $nStartPage; $i <= $nEndPage; $i++) {
        if ($i != $i_pageno) {
<?php

$g_vars['page']['location'] = array('reports_manager', 'test_results', 'question_details');
$g_smarty->assign('g_vars', $g_vars);
displayTemplate('_header');
$f_resultid = (int) readGetVar('resultid');
$g_vars['page']['selected_section'] = 'reportsmanager';
$g_vars['page']['selected_tab'] = 'reportsmanager-2';
$g_vars['page']['menu_2_items'] = getMenu2Items($g_vars['page']['selected_section']);
writePanel2($g_vars['page']['menu_2_items']);
echo '<h2>' . $lngstr['page_header_results_questions'] . '</h2>';
$i_pagewide_id = 0;
$i_resultid_addon = "&resultid=" . $f_resultid;
$i_can_access = false;
if ($G_SESSION['access_reportsmanager'] > 1) {
    $i_can_access = true;
} else {
    $i_rSet1 = $g_db->Execute("SELECT resultid FROM " . $srv_settings['table_prefix'] . "results WHERE id=" . $G_SESSION['id'] . " AND resultid=" . $f_resultid);
    if (!$i_rSet1) {
        showDBError(__FILE__, 1);
    } else {
        $i_can_access = $i_rSet1->RecordCount() > 0;
    }
}
if (!$i_can_access) {
    $g_vars['page']['notifications'] = $lngstr['inf_cant_view_this_test_details'];
}
writeErrorsWarningsBar();
if ($i_can_access) {
    $i_direction = "";
    $i_order_addon = "";
<?php

if (!empty($g_vars['system']['payment_engine'])) {
    include_once $DOCUMENT_ADDONS . 'payment/' . $g_vars['system']['payment_engine'] . '/checkout.inc.php';
    exit;
} else {
    $g_vars['page']['header'] = $lngstr['page_buycheckout']['title'];
    $g_vars['page']['errors'] = $lngstr['page_buycheckout']['err_no_handler'];
    $f_testid = (int) readGetVar('testid');
    $g_smarty->assign('g_vars', $g_vars);
    displayTemplate('buy-checkout');
}
Esempio n. 6
0
<?php

require_once "inc/init.inc.php";
switch (readGetVar('action')) {
    case 'activate':
        if (isset($_GET['id'])) {
            if (isset($_POST['bsubmit']) || isset($_GET['checkword'])) {
                include_once $DOCUMENT_PAGES . "account-activate-submit.inc.php";
            } else {
                include_once $DOCUMENT_PAGES . "account-activate.inc.php";
            }
        }
        break;
}
<?php

$f_review_questionno = (int) readGetVar('questionno');
if ($f_review_questionno > $G_SESSION['yt_questionno']) {
    $f_review_questionno = $G_SESSION['yt_questionno'];
}
if ($G_SESSION['yt_canreview'] == IGT_TEST_REVIEW_ALLOWED && $f_review_questionno > 0) {
    unset($G_SESSION['questionid']);
    unset($G_SESSION['yt_questionstart']);
    $G_SESSION['yt_questionno_current'] = $f_review_questionno;
    if ($f_review_questionno >= $G_SESSION['yt_questionno']) {
        if ($G_SESSION['yt_questionno'] >= $G_SESSION['yt_questioncount']) {
            $G_SESSION['yt_state'] = TEST_STATE_QREVIEW;
        } else {
            $G_SESSION['yt_state'] = TEST_STATE_QSHOW;
        }
    } else {
        $G_SESSION['yt_state'] = TEST_STATE_QREVIEW;
    }
    include_once $DOCUMENT_PAGES . 'test-1.inc.php';
}
            $i_grade_times_percentage = $i_grades_times[$i_gradeid] * 100 / $i_grades_times_total;
            echo '<td>' . getGauge($i_grade_times_percentage) . '</td>';
            echo '<td align=right>' . $i_grades_times[$i_gradeid] . '</td>';
            echo '<td align=right>' . sprintf("%.2f", $i_grade_times_percentage) . '%</td>';
        } else {
            echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>';
        }
        echo '</tr>';
    }
    echo '<tr class=rowone>';
    echo '<td>' . $lngstr['page_testmanager_stats']['total_responses'] . '</td>';
    echo '<td></td>';
    echo '<td align=right>' . $i_resultcount . '</td>';
    echo '<td align=right></td>';
    echo '</tr>';
}
echo '<p><form name=tstatsForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>';
echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
echo '<tr>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_testid_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_testid'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_test_data_hint'] . '" colspan=2>' . $lngstr['page_testmanager_stats']['hdr_test_data'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_points'] . '">' . $lngstr['page_testmanager_stats']['hdr_points_hint'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['page_testmanager_stats']['hdr_percents_hint'] . '">' . $lngstr['page_testmanager_stats']['hdr_percents'] . '</td>';
echo '</tr>';
$i_tests = isset($_POST['box_tests']) ? readPostVar('box_tests') : explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('testids'));
foreach ($i_tests as $i_testid) {
    writeTestStats($i_testid);
}
echo '</table>';
echo '</td></tr></table></form>';
displayTemplate('_footer');
<?php

$f_testid = (int) readGetVar('testid');
$f_test_questionid = (int) readGetVar('test_questionid');
$i_questioncount = getRecordCount($srv_settings['table_prefix'] . 'tests_questions', "testid=" . $f_testid);
if ($f_test_questionid < $i_questioncount) {
    $g_db->Execute("LOCK TABLES " . $srv_settings['table_prefix'] . "tests_questions WRITE");
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests_questions SET test_questionid=0 WHERE test_questionid=" . ($f_test_questionid + 1) . " AND testid=" . $f_testid);
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests_questions SET test_questionid=test_questionid+1 WHERE test_questionid=" . $f_test_questionid . " AND testid=" . $f_testid);
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests_questions SET test_questionid=" . $f_test_questionid . " WHERE test_questionid=0 AND testid=" . $f_testid);
    $g_db->Execute("UNLOCK TABLES");
}
gotoLocation('test-manager.php' . getURLAddon('?action=editt', array('action')));
$g_vars['page']['menu_2_items'] = getMenu2Items($g_vars['page']['selected_section']);
writePanel2($g_vars['page']['menu_2_items']);
echo '<h2>' . $lngstr['page_header_edit_question'] . '</h2>';
writeErrorsWarningsBar();
$i_rSet1 = $g_db->Execute("SELECT * FROM " . $srv_settings['table_prefix'] . "questions WHERE questionid=" . $f_questionid);
if (!$i_rSet1) {
    showDBError(__FILE__, 1);
} else {
    if (!$i_rSet1->EOF) {
        if (!is_numeric($f_question_type) || $f_question_type < 0 || $f_question_type > QUESTION_TYPE_COUNT) {
            $f_question_type = $i_rSet1->fields['question_type'];
        }
        echo '<p><form method=post action="question-bank.php' . getURLAddon() . '" onsubmit="return submitForm();">';
        echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
        $i_rowno = 0;
        $f_subjectid = isset($_GET['subjectid']) ? (int) readGetVar('subjectid') : $i_rSet1->fields['subjectid'];
        $i_subjects = array();
        $i_rSet2 = $g_db->Execute("SELECT * FROM " . $srv_settings['table_prefix'] . "subjects");
        if (!$i_rSet2) {
            showDBError(__FILE__, 2);
        } else {
            while (!$i_rSet2->EOF) {
                $i_subjects[$i_rSet2->fields['subjectid']] = $i_rSet2->fields['subject_name'];
                $i_rSet2->MoveNext();
            }
            $i_rSet2->Close();
        }
        writeTR2($lngstr['page_editquestion_subjectid'], getSelectElement('subjectid', $f_subjectid, $i_subjects));
        $i = 0;
        $i_rSet3 = $g_db->Execute("SELECT * FROM " . $srv_settings['table_prefix'] . "answers WHERE questionid={$f_questionid} ORDER BY answerid");
        if (!$i_rSet1) {
writePanel2($g_vars['page']['menu_2_items']);
echo '<h2>' . $lngstr['page_title_users_memberof_users'] . '</h2>';
writeErrorsWarningsBar();
writeInfoBar($lngstr['tooltip_users_groups']);
$i_pagewide_id = 0;
$f_ids = array();
$i_ids_addon = "";
if (isset($_POST["box_users"]) && is_array($_POST["box_users"])) {
    foreach ($_POST["box_users"] as $f_id) {
        array_push($f_ids, $f_id);
    }
} else {
    if (isset($_GET["ids"]) && $_GET["ids"] != "") {
        $f_ids = explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('ids'));
    } else {
        array_push($f_ids, readGetVar('id'));
    }
}
$i_ids_addon .= "&ids=" . implode(SYSTEM_ARRAY_ITEM_SEPARATOR, $f_ids);
reset($f_ids);
$i_direction = "";
$i_order_addon = "";
$i_sql_order_addon = "";
$i_tablefields = array(array($lngstr["label_manageusers_hdr_id"], $lngstr["label_manageusers_hdr_id_hint"], $srv_settings['table_prefix'] . "users.id"), array($lngstr["label_manageusers_hdr_user_notes"], $lngstr["label_manageusers_hdr_user_notes_hint"], ""), array($lngstr["label_manageusers_hdr_username"], $lngstr["label_manageusers_hdr_username_hint"], $srv_settings['table_prefix'] . "users.username"), array($lngstr["label_manageusers_hdr_email"], $lngstr["label_manageusers_hdr_email_hint"], $srv_settings['table_prefix'] . "users.email"), array($lngstr["label_manageusers_hdr_user_firstname"], $lngstr["label_manageusers_hdr_user_firstname_hint"], $srv_settings['table_prefix'] . "users.user_firstname"), array($lngstr["label_manageusers_hdr_user_lastname"], $lngstr["label_manageusers_hdr_user_lastname_hint"], $srv_settings['table_prefix'] . "users.user_lastname"), array($lngstr["label_manageusers_hdr_user_enabled"], $lngstr["label_manageusers_hdr_user_enabled_hint"], $srv_settings['table_prefix'] . "users.user_enabled"));
$i_order_no = isset($_GET["order"]) ? (int) $_GET["order"] : 0;
if ($i_order_no >= count($i_tablefields)) {
    $i_order_no = -1;
}
if ($i_order_no >= 0) {
    $i_direction = isset($_GET["direction"]) && $_GET["direction"] ? "DESC" : "";
    $i_order_addon = "&order=" . $i_order_no . "&direction=" . $i_direction;
echo '<h2>' . $lngstr['page_header_test_assignto_tests'] . '</h2>';
writeErrorsWarningsBar();
writeInfoBar($lngstr['tooltip_tests_groups']);
$i_pagewide_id = 0;
$f_testids = array();
$i_testids_addon = "";
$i_sql_where_addon = "";
if (isset($_POST["box_tests"]) && is_array($_POST["box_tests"])) {
    foreach ($_POST["box_tests"] as $f_testid) {
        array_push($f_testids, $f_testid);
    }
} else {
    if (isset($_GET["testids"]) && $_GET["testids"] != "") {
        $f_testids = explode(SYSTEM_ARRAY_ITEM_SEPARATOR, readGetVar('testids'));
    } else {
        array_push($f_testids, readGetVar('testid'));
    }
}
$i_testids_addon .= "&testids=" . implode(SYSTEM_ARRAY_ITEM_SEPARATOR, $f_testids);
reset($f_testids);
if (list(, $val) = each($f_testids)) {
    $i_sql_where_addon .= "testid=" . (int) $val;
}
while (list(, $val) = each($f_testids)) {
    $i_sql_where_addon .= " OR testid=" . (int) $val;
}
if ($i_sql_where_addon != "") {
    $i_sql_where_addon = '(' . $i_sql_where_addon . ') AND ';
}
$i_direction = "";
$i_order_addon = "";
<?php

if (isset($_POST["box_visitors"])) {
    foreach ($_POST["box_visitors"] as $f_visitorid) {
        deleteVisitor((int) $f_visitorid);
    }
} else {
    $f_visitorid = (int) readGetVar('visitorid');
    deleteVisitor($f_visitorid);
}
gotoLocation('visitors.php' . getURLAddon('', array('action', 'confirmed')));
function deleteVisitor($i_visitorid)
{
    global $g_db, $srv_settings;
    if ($g_db->Execute("DELETE FROM " . $srv_settings['table_prefix'] . "visitors WHERE visitorid={$i_visitorid}") === false) {
        showDBError(__FILE__, 1);
    }
}
<?php

$f_groupid = (int) readGetVar('groupid');
$f_group_name = readPostVar('group_name');
$f_group_name = $g_db->qstr($f_group_name, get_magic_quotes_gpc());
$f_group_description = readPostVar('group_description');
$f_group_description = $g_db->qstr($f_group_description, get_magic_quotes_gpc());
$f_access_tests = (int) readPostVar('access_tests');
$f_access_questionbank = (int) readPostVar('access_questionbank');
$f_access_subjects = (int) readPostVar('access_subjects');
$f_access_testmanager = (int) readPostVar('access_testmanager');
$f_access_gradingsystems = (int) readPostVar('access_gradingsystems');
$f_access_emailtemplates = (int) readPostVar('access_emailtemplates');
$f_access_reporttemplates = (int) readPostVar('access_reporttemplates');
$f_access_reportsmanager = (int) readPostVar('access_reportsmanager');
$f_access_users = (int) readPostVar('access_users');
$f_access_groups = (int) readPostVar('access_groups');
$f_access_config = (int) readPostVar('access_config');
$f_access_visitors = (int) readPostVar('access_visitors');
if ($g_vars['page']['errors']) {
    include_once $DOCUMENT_PAGES . "groups-2.inc.php";
} else {
    //9917
    if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "groups SET group_name=" . $f_group_name . ", group_description=" . $f_group_description . ", access_tests=" . $f_access_tests . ", access_testmanager=" . $f_access_testmanager . ", access_gradingsystems=" . $f_access_gradingsystems . ", access_emailtemplates=" . $f_access_emailtemplates . ", access_reporttemplates=" . $f_access_reporttemplates . ", access_reportsmanager=" . $f_access_reportsmanager . ", access_questionbank=" . $f_access_questionbank . ", access_subjects=" . $f_access_subjects . ", access_groups=" . $f_access_groups . ", access_users=" . $f_access_users . ", access_visitors=" . $f_access_visitors . ", access_config=" . $f_access_config . " WHERE groupid=" . $f_groupid) === false) {
        showDBError(__FILE__, 1);
    }
    gotoLocation('groups.php');
}
        $i_sql_where_addon = '';
    }
} else {
    $i_sql_where_addon = $srv_settings['table_prefix'] . 'results.id=' . $G_SESSION['id'] . ' AND ';
}
$f_user_lastname = readCookieVar('filter_reportsmanager_user_lastname', readGetVar('user_lastname'));
if (!empty($f_user_lastname)) {
    $i_user_lastname = $g_db->qstr($f_user_lastname, get_magic_quotes_gpc());
    $i_sql_where_addon .= $srv_settings['table_prefix'] . 'users.user_lastname LIKE ' . $i_user_lastname . ' AND ';
}
$f_testid = readCookieVar('filter_reportsmanager_testid', readGetVar('testid'));
if (!empty($f_testid)) {
    $f_testid = (int) $f_testid;
    $i_sql_where_addon .= $srv_settings['table_prefix'] . 'results.testid=' . $f_testid . ' AND ';
}
$f_result_date = readCookieVar('filter_reportsmanager_result_date', readGetVar('result_date', 1));
if ($f_result_date > 0) {
    $i_result_date = mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y") - $f_result_date);
    $i_sql_where_addon .= $srv_settings['table_prefix'] . 'results.result_datestart>=' . $i_result_date . ' AND ';
}
$i_direction = '';
$i_order_addon = '';
$i_sql_order_addon = '';
$i_tablefields = array(array($lngstr['label_report_hdr_resultid'], $lngstr['label_report_hdr_resultid_hint'], $srv_settings['table_prefix'] . 'results.resultid'), array($lngstr['label_report_hdr_result_datestart'], $lngstr['label_report_hdr_result_datestart_hint'], $srv_settings['table_prefix'] . 'results.result_datestart'), array($lngstr['label_report_hdr_username'], $lngstr['label_report_hdr_username_hint'], $srv_settings['table_prefix'] . 'users.username'), array($lngstr['label_report_hdr_test_name'], $lngstr['label_report_hdr_test_name_hint'], $srv_settings['table_prefix'] . 'tests.test_name'), array($lngstr['page_reportsmanager']['hdr_test_attempts'], $lngstr['page_reportsmanager']['hdr_test_attempts_hint'], ''), array($lngstr['label_report_hdr_result_timeexceeded'], $lngstr['label_report_hdr_result_timeexceeded_hint'], $srv_settings['table_prefix'] . 'results.result_timeexceeded'), array($lngstr['label_report_hdr_result_points'], $lngstr['label_report_hdr_result_points_hint'], $srv_settings['table_prefix'] . 'results.result_points'), array($lngstr['label_report_hdr_result_pointsmax'], $lngstr['label_report_hdr_result_pointsmax_hint'], $srv_settings['table_prefix'] . 'results.result_pointsmax'), array($lngstr['label_report_hdr_result_score'], $lngstr['label_report_hdr_result_score_hint'], 'result_score'), array($lngstr['label_report_hdr_gscale_gradeid'], $lngstr['label_report_hdr_gscale_gradeid_hint'], $srv_settings['table_prefix'] . 'gscales_grades.gscale_gradeid'));
$i_order_no = isset($_GET['order']) ? (int) $_GET['order'] : 0;
if ($i_order_no >= count($i_tablefields)) {
    $i_order_no = -1;
}
if ($i_order_no >= 0) {
    $i_direction = isset($_GET['direction']) && $_GET['direction'] ? 'DESC' : '';
    $i_order_addon = '&order=' . $i_order_no . '&direction=' . $i_direction;
Esempio n. 16
0
<?php

require_once "../inc/init.inc.php";
$i_url = '/guide.php' . getURLAddon();
if (!empty($_GET['language'])) {
    $i_language = readGetVar('language');
} else {
    $i_language = $srv_settings['language'];
}
if ($i_language != 'en' && $i_language != 'de' && $i_language != 'es') {
    $i_language = 'en';
}
$i_url = $i_language . '' . $i_url;
gotoLocation($i_url);
<?php

$g_vars['page']['header'] = $lngstr['page_buycheckout']['title'];
$f_state = readGetVar('state');
eventOnBeforePageGeneration(array('page_name' => 'buy-state'));
switch ($f_state) {
    case 'success':
        $g_vars['page']['notifications'] = $lngstr['page_buystate']['success'];
        if (isset($G_SESSION['id'])) {
            $g_vars['page']['title'] = $lngstr['page_title_panel'];
            include_once $DOCUMENT_PAGES . 'home.inc.php';
        } else {
            $g_vars['page']['title'] = $lngstr['page_title_signin'];
            include_once $DOCUMENT_PAGES . 'signin-1.inc.php';
        }
        break;
    case 'fail':
        $g_vars['page']['errors'] = $lngstr['page_buystate']['fail'];
        if (isset($G_SESSION['id'])) {
            $g_vars['page']['title'] = $lngstr['page_title_panel'];
            include_once $DOCUMENT_PAGES . 'home.inc.php';
        } else {
            $g_vars['page']['title'] = $lngstr['page_title_signin'];
            include_once $DOCUMENT_PAGES . 'signin-1.inc.php';
        }
        break;
}
<?php

$f_gscaleid = (int) readGetVar('gscaleid');
$f_gscale_gradeid = (int) readGetVar('gscale_gradeid');
$i_gradecount = getRecordCount($srv_settings['table_prefix'] . 'gscales_grades', "gscaleid=" . $f_gscaleid);
if ($f_gscale_gradeid < $i_gradecount) {
    $g_db->Execute("LOCK TABLES " . $srv_settings['table_prefix'] . "gscales_grades WRITE");
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales_grades SET gscale_gradeid=0 WHERE gscale_gradeid=" . ($f_gscale_gradeid + 1) . " AND gscaleid=" . $f_gscaleid);
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales_grades SET gscale_gradeid=gscale_gradeid+1 WHERE gscale_gradeid=" . $f_gscale_gradeid . " AND gscaleid=" . $f_gscaleid);
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "gscales_grades SET gscale_gradeid=" . $f_gscale_gradeid . " WHERE gscale_gradeid=0 AND gscaleid=" . $f_gscaleid);
    $g_db->Execute("UNLOCK TABLES");
}
gotoLocation('grades.php' . getURLAddon('?action=edit', array('action')));
<?php

$f_resultid = (int) readGetVar('resultid');
$f_answerid = (int) readGetVar('answerid');
$f_points = readPostVar('points');
$f_feedback = readPostVar('feedback');
$f_feedback = $g_db->qstr($f_feedback, get_magic_quotes_gpc());
$i_testid = 0;
$i_gscaleid = 0;
$i_rSet2 = $g_db->Execute("SELECT testid, gscaleid FROM " . $srv_settings['table_prefix'] . "results WHERE resultid=" . $f_resultid);
if (!$i_rSet2) {
    showDBError(__FILE__, 2);
} else {
    if (!$i_rSet2->EOF) {
        $i_testid = $i_rSet2->fields["testid"];
        $i_gscaleid = $i_rSet2->fields["gscaleid"];
    }
    $i_rSet2->Close();
}
$i_questionid = 0;
$i_rSet3 = $g_db->Execute("SELECT questionid, result_answer_text, result_answer_points, result_answer_iscorrect FROM " . $srv_settings['table_prefix'] . "results_answers WHERE resultid=" . $f_resultid . " AND result_answerid=" . $f_answerid);
if (!$i_rSet3) {
    showDBError(__FILE__, 3);
} else {
    if (!$i_rSet3->EOF) {
        $i_questionid = (int) $i_rSet3->fields["questionid"];
        $i_result_answer_text = $i_rSet3->fields["result_answer_text"];
        $i_result_answer_points = $i_rSet3->fields["result_answer_points"];
        $i_result_answer_iscorrect = $i_rSet3->fields["result_answer_iscorrect"];
    }
    $i_rSet3->Close();
<?php

$f_testid = (int) readGetVar('testid');
$f_id = (int) readGetVar('id');
if ((int) readGetVar('set')) {
    $g_db->Execute("INSERT INTO " . $srv_settings['table_prefix'] . "tests_attempts (testid, id, test_attempt_count) VALUES (" . $f_testid . ", " . $f_id . ", 0)");
    $g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "tests_attempts SET test_attempt_count=999999 WHERE testid=" . $f_testid . " AND id=" . $f_id);
} else {
    $g_db->Execute("DELETE FROM " . $srv_settings['table_prefix'] . "tests_attempts WHERE testid=" . $f_testid . " AND id=" . $f_id);
}
gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action', 'testid', 'id', 'set')));
<?php

$f_etemplateid = (int) readGetVar('etemplateid');
$f_etemplate_name = readPostVar('etemplate_name');
$f_etemplate_name = $g_db->qstr($f_etemplate_name, get_magic_quotes_gpc());
$f_etemplate_description = readPostVar('etemplate_description');
$f_etemplate_description = $g_db->qstr($f_etemplate_description, get_magic_quotes_gpc());
$f_etemplate_from = readPostVar('etemplate_from');
$f_etemplate_from = $g_db->qstr($f_etemplate_from, get_magic_quotes_gpc());
$f_etemplate_subject = readPostVar('etemplate_subject');
$f_etemplate_subject = $g_db->qstr($f_etemplate_subject, get_magic_quotes_gpc());
$f_etemplate_body = readPostVar('etemplate_body');
$f_etemplate_body = $g_db->qstr($f_etemplate_body, get_magic_quotes_gpc());
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "etemplates SET etemplate_name={$f_etemplate_name}, etemplate_description={$f_etemplate_description}, etemplate_from={$f_etemplate_from}, etemplate_subject={$f_etemplate_subject}, etemplate_body={$f_etemplate_body} WHERE etemplateid={$f_etemplateid}") === false) {
    showDBError(__FILE__, 1);
}
header('Location: email-templates.php');
Esempio n. 22
0
<?php

require_once 'inc/init.inc.php';
$f_strLanguage = readGetVar('language');
if (!isset($lngstr['languages'][$f_strLanguage])) {
    $f_strLanguage = $srv_settings['language'];
}
setCookieVar('current_language', $f_strLanguage);
$f_strGoTo = readGetVar('goto');
gotoLocationLocal($f_strGoTo);
<?php

$g_vars['page']['location'] = array('test_manager', 'grading_systems', 'edit_grading_system');
$g_smarty->assign('g_vars', $g_vars);
displayTemplate('_header');
$f_gscaleid = (int) readGetVar('gscaleid');
$g_vars['page']['selected_section'] = 'testmanager';
$g_vars['page']['selected_tab'] = 'grades-2';
$g_vars['page']['menu_2_items'] = getMenu2Items($g_vars['page']['selected_section']);
writePanel2($g_vars['page']['menu_2_items']);
echo '<h2>' . $lngstr['page_header_grades_edit'] . '</h2>';
writeErrorsWarningsBar();
$i_rSet1 = $g_db->Execute("SELECT * FROM " . $srv_settings['table_prefix'] . "gscales WHERE gscaleid={$f_gscaleid}");
if (!$i_rSet1) {
    showDBError(__FILE__, 1);
} else {
    if (!$i_rSet1->EOF) {
        echo '<p><form method=post action="grades.php?gscaleid=' . $f_gscaleid . '&action=settings">';
        echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
        $i_rowno = 0;
        writeTR2($lngstr['page_grades_gscaleid'], $i_rSet1->fields["gscaleid"]);
        writeTR2($lngstr['page_grades_gradename'], getInputElement('gscale_name', $i_rSet1->fields["gscale_name"]));
        writeTR2($lngstr['page_grades_gradedescription'], getTextArea('gscale_description', $i_rSet1->fields["gscale_description"]));
        $i_scale_text = "";
        $i_rSet3 = $g_db->Execute("SELECT gscale_gradeid, grade_name, grade_from, grade_to FROM " . $srv_settings['table_prefix'] . "gscales_grades WHERE gscaleid=" . $f_gscaleid);
        if (!$i_rSet3) {
            showDBError(__FILE__, 3);
        } else {
            while (!$i_rSet3->EOF) {
                $i_scale_text .= sprintf("%.1f", $i_rSet3->fields['grade_from']) . '% - ' . sprintf("%.1f", $i_rSet3->fields['grade_to']) . '% <b>' . $i_rSet3->fields['grade_name'] . '</b> [<a href="grades.php?action=edits&gscaleid=' . $f_gscaleid . '&gscale_gradeid=' . $i_rSet3->fields['gscale_gradeid'] . '">' . $lngstr['page_grades']['edit_grade'] . '</a>]<br>';
                $i_rSet3->MoveNext();
<?php

if (isset($_POST["box_questions"])) {
    foreach ($_POST["box_questions"] as $f_questionid) {
        deleteQuestion((int) $f_questionid);
    }
} else {
    $f_questionid = (int) readGetVar('questionid');
    deleteQuestion($f_questionid);
}
if (isset($_GET["testid"])) {
    gotoLocation('test-manager.php' . getURLAddon('?action=editt', array('action', 'confirmed', 'questionid')));
} else {
    gotoLocation('question-bank.php' . getURLAddon('', array('action', 'confirmed', 'questionid')));
}
function deleteQuestion($i_questionid)
{
    global $g_db, $srv_settings;
    $i_rSet1 = $g_db->Execute("SELECT test_questionid, testid FROM " . $srv_settings['table_prefix'] . "tests_questions WHERE questionid={$i_questionid} ORDER BY test_questionid DESC");
    if (!$i_rSet1) {
        showDBError(__FILE__, 1);
    } else {
        while (!$i_rSet1->EOF) {
            deleteQuestionLink($i_rSet1->fields["testid"], $i_rSet1->fields["test_questionid"]);
            $i_rSet1->MoveNext();
        }
        $i_rSet1->Close();
    }
    if ($g_db->Execute("DELETE FROM " . $srv_settings['table_prefix'] . "answers WHERE questionid={$i_questionid}") === false) {
        showDBError(__FILE__, 2);
    }
<?php

$f_rtemplateid = (int) readGetVar('rtemplateid');
$f_rtemplate_name = readPostVar('rtemplate_name');
$f_rtemplate_name = $g_db->qstr($f_rtemplate_name, get_magic_quotes_gpc());
$f_rtemplate_description = readPostVar('rtemplate_description');
$f_rtemplate_description = $g_db->qstr($f_rtemplate_description, get_magic_quotes_gpc());
$f_rtemplate_body = readPostVar('rtemplate_body');
$f_rtemplate_body = $g_db->qstr($f_rtemplate_body, get_magic_quotes_gpc());
if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "rtemplates SET rtemplate_name={$f_rtemplate_name}, rtemplate_description={$f_rtemplate_description}, rtemplate_body={$f_rtemplate_body} WHERE rtemplateid={$f_rtemplateid}") === false) {
    showDBError(__FILE__, 1);
}
gotoLocation('report-templates.php');
<?php

$f_id = (int) readGetVar('id');
$bIsNewUser = $f_id <= 0;
if (!$bIsNewUser) {
    $arrValuesToUpdate = array();
    $arrValuesToUpdate['id'] = $f_id;
}
if (isset($_POST['user_enabled'])) {
    $arrValuesToUpdate['user_enabled'] = (int) (bool) readPostVar('user_enabled');
}
if (isset($_POST['user_expiredate'])) {
    $f_user_expiredate = readPostVar('user_expiredate');
    if (empty($f_user_expiredate)) {
        $f_user_expiredate = 0;
    } else {
        $f_user_expiredate = (int) strtotime($f_user_expiredate);
    }
    $arrValuesToUpdate['user_expiredate'] = $f_user_expiredate;
}
if (isset($_POST['username'])) {
    $arrValuesToUpdate['username'] = readPostVar('username');
}
if (isset($_POST['user_password']) && strlen($_POST['user_password']) > 0) {
    $f_user_password = readPostVar('user_password');
    $f_user_password_confirm = readPostVar('user_password_confirm');
    if ($f_user_password == $f_user_password_confirm) {
        if (get_magic_quotes_gpc()) {
            $f_user_password = stripslashes($f_user_password);
        }
        $i_pass_hash = md5($f_user_password);
    echo '</tr>';
    if ($i_question_type == QUESTION_TYPE_ESSAY) {
        echo '<tr class=rowone>';
        echo '<td>' . $lngstr['page_questionstats_undefined_count'] . '</td>';
        if ($question_views_total != 0) {
            $question_undefined_percentage = $question_undefined * 100 / $question_views_total;
            echo '<td>' . getGauge($question_undefined_percentage, 'gray') . '</td>';
            echo '<td align=right>' . $question_undefined . '</td>';
            echo '<td align=right>' . sprintf("%.2f", $question_undefined_percentage) . '%</td>';
        } else {
            echo '<td colspan=3 align=center class=gray>' . $lngstr['label_notapplicable'] . '</td>';
        }
        echo '</tr>';
    }
}
echo '<p><form name=qbankForm class=iactive method=post><table cellpadding=0 cellspacing=0 border=0 width="100%"><tr><td>';
echo '<table class=rowtable2 cellpadding=5 cellspacing=1 border=0 width="100%">';
echo '<tr vAlign=top>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questionid_hint'] . '">' . $lngstr['label_questionstats_hdr_questionid'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_questiondata_hint'] . '" colspan=2>' . $lngstr['label_questionstats_hdr_questiondata'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerclicks_hint'] . '">' . $lngstr['label_questionstats_hdr_answerclicks'] . '</td>';
echo '<td class=rowhdr1 title="' . $lngstr['label_questionstats_hdr_answerpercent_hint'] . '">' . $lngstr['label_questionstats_hdr_answerpercent'] . '</td>';
echo '<td class=rowhdr1 colspan=2>' . $lngstr['label_hdr_action'] . '</td></tr>';
$i_counter = 0;
$i_questions = isset($_POST['box_questions']) ? readPostVar('box_questions') : array(readGetVar('questionid'));
foreach ($i_questions as $i_questionid) {
    writeQuestionStats($i_questionid);
}
echo '</table>';
echo '</td></tr></table></form>';
displayTemplate('_footer');
         setCookieVar('filter_reportsmanager_result_date', readPostVar('result_date', readGetVar('result_date')));
         $f_result_datestart = readPostVar('result_datestart', readGetVar('result_datestart'));
         if (!empty($f_result_datestart)) {
             $f_result_datestart = strtotime($f_result_datestart);
         }
         setCookieVar('filter_reportsmanager_result_datestart', $f_result_datestart);
         $f_result_dateend = readPostVar('result_dateend', readGetVar('result_dateend'));
         if (!empty($f_result_dateend)) {
             $f_result_dateend = strtotime($f_result_dateend);
         }
         setCookieVar('filter_reportsmanager_result_dateend', $f_result_dateend);
         setCookieVar('filter_reportsmanager_id', readPostVar('id', readGetVar('id')));
         setCookieVar('filter_reportsmanager_testid', readPostVar('testid', readGetVar('testid')));
         setCookieVar('filter_reportsmanager_user_lastname', readPostVar('user_lastname', readGetVar('user_lastname')));
         setCookieVar('filter_reportsmanager_user_department', readPostVar('user_department', readGetVar('user_department')));
         setCookieVar('filter_reportsmanager_subjectid', readPostVar('subjectid', readGetVar('subjectid')));
         gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action')));
     } else {
         setCookieVar('filter_reportsmanager_result_date', 0);
         setCookieVar('filter_reportsmanager_result_datestart', 0);
         setCookieVar('filter_reportsmanager_result_dateend', 0);
         setCookieVar('filter_reportsmanager_id', '');
         setCookieVar('filter_reportsmanager_testid', '');
         setCookieVar('filter_reportsmanager_user_lastname', '');
         setCookieVar('filter_reportsmanager_user_department', '');
         setCookieVar('filter_reportsmanager_subjectid', '');
         gotoLocation('reports-manager.php' . getURLAddon('?action=', array('action', 'id', 'user_lastname', 'user_department', 'testid')));
     }
     break;
 case 'exportcsv':
     if ($G_SESSION['access_reportsmanager'] > 1) {
<?php

$f_subjectid = (int) readGetVar('subjectid');
$f_subject_parent_subjectid = (int) readPostVar('subject_parent_subjectid');
$f_subject_name = readPostVar('subject_name');
$f_subject_name = $g_db->qstr($f_subject_name, get_magic_quotes_gpc());
$f_subject_description = readPostVar('subject_description');
$f_subject_description = $g_db->qstr($f_subject_description, get_magic_quotes_gpc());
if ($g_vars['page']['errors']) {
    include_once $DOCUMENT_PAGES . "subjects-2.inc.php";
} else {
    if ($g_db->Execute("UPDATE " . $srv_settings['table_prefix'] . "subjects SET subject_parent_subjectid={$f_subject_parent_subjectid}, subject_name={$f_subject_name}, subject_description={$f_subject_description} WHERE subjectid={$f_subjectid}") === false) {
        showDBError(__FILE__, 2);
    }
    gotoLocation('subjects.php');
}
Esempio n. 30
0
<?php

require_once "inc/init.inc.php";
if (isset($G_SESSION['id'])) {
    if ($G_SESSION['access_config'] > 0) {
        $g_vars['page']['title'] = $lngstr['page_title_config'];
        switch (readGetVar('action')) {
            case 'section':
                switch (readGetVar('id')) {
                    case 'ldap':
                        include_once $DOCUMENT_ADDONS . 'authorization/ldap/install.inc.php';
                        break;
                }
                break;
            default:
                if (isset($_POST['bsubmit'])) {
                    if ($G_SESSION['access_config'] > 1) {
                        include_once $DOCUMENT_PAGES . "config-3.inc.php";
                    } else {
                        gotoLocation('config.php' . getURLAddon('', array('action')));
                    }
                } else {
                    include_once $DOCUMENT_PAGES . "config-1.inc.php";
                }
        }
    } else {
        $g_vars['page']['notifications'] = $lngstr['inf_cant_access_config'];
        include_once $DOCUMENT_PAGES . "home.inc.php";
    }
} else {
    $g_vars['page']['title'] = $lngstr['page_title_signin'];