<?php require_once "include/auth.class.php"; require_once "include/validation.class.php"; require_once "include/database.inc.php"; require_once "include/sqlbuilder.class.php"; $auth = new Auth(true); $user = Auth::getUser(); $_RULES = array("user_firstname" => Validation::$f->notEmpty_String, "user_lastname" => Validation::$f->notEmpty_String, "user_email" => Validation::$f->Email, "user_schoolname" => Validation::$f->notEmpty_String); $v = new Validation($_POST, array("user_firstname", "user_lastname", "user_email", "user_schoolname", "user_password", "user_repassword"), $_RULES); if ($v->fieldsExists()) { $setrepassword = Validation::Query($_POST, array("user_password", "user_repassword")); $repassword = $setrepassword ? $_POST["user_password"] == $_POST["user_repassword"] : false; $email_available = Auth::user_exists($_POST["user_email"]) == 0 || $_POST["user_email"] == $user->user_email; if ($v->testAll() && $email_available) { $set = $v->export($_MYSQLI, array("user_firstname", "user_lastname", "user_email", "user_schoolname", "user_password")); if (false) { $set["user_photo_path"] = ""; } if ($repassword) { $set["user_password"] = Security::CryptPassword($_POST["user_password"]); } $statement = new SQLBuilder($_MYSQLI); $q = $statement->update('user')->set($set)->where("user_id", "=", Auth::getUserId())->build(); $r = $_MYSQLI->query($q); } } $user = Auth::getUser(); /* $other_query_photo = 'SELECT user_photo_path
<?php require_once "../include/database.inc.php"; require_once "../include/auth.class.php"; require_once "../include/ajax.class.php"; require_once "../include/validation.class.php"; $auth = new Auth(true); $ajax = new Ajax(); if ($auth->isLogged()) { if (Validation::Query($_POST, array("questionnaire_id", "questions_order"))) { $questionnaire_id = $_POST["questionnaire_id"]; $raw_orders = $_POST["questions_order"]; $orders = explode("|", $raw_orders); $set = array(); $break = false; foreach ($orders as $val) { $set[(int) $val] = 1; if (!is_numeric($val)) { $break = true; } } if (!$break && is_numeric($questionnaire_id)) { $questionnaire_result = $_MYSQLI->query('SELECT questionnaire_id, questionnaire_user_id FROM questionnaire WHERE questionnaire_id=' . $questionnaire_id . ' AND questionnaire_user_id=' . $auth->getUserId()); if ($questionnaire_result->num_rows != 0) { $questions_result = $_MYSQLI->query('SELECT question_id FROM question WHERE question_questionnaire_id=' . $questionnaire_id); $questions_list = array(); if ($questions_result->num_rows == count($orders)) { $break = false; while ($question = $questions_result->fetch_object()) { if (!isset($set[(int) $question->question_id])) { $break = true;
if ($correct[$k]) { $one_correct = true; } } } if (count($insertions) > 0 && $one_correct) { $_MYSQLI->query('DELETE FROM choice WHERE choice_question_id = ' . $_GET["id"]); $_MYSQLI->query('INSERT INTO choice (choice_id, choice_question_id, choice_content, choice_status) VALUES ' . implode(", ", $insertions)); } // echo $q; $new = $new ? 1 : 0; header("Location: frame_form_answer.php?new=" . $new . "&refresh=true&id=" . $_GET["id"]); exit; } } else { if (!$own && Validation::Query($_POST, array("post")) && $data["question"]->questionnaire_end_date > time()) { foreach ($choice_ids as $cid) { $data["choices"][$cid]->checked = 0; } $delquery = ' DELETE FROM answer WHERE answer_student_user_id = ' . Auth::getUserId() . ' AND answer_choice_id IN (' . implode(', ', $choice_ids) . ')'; $_MYSQLI->query($delquery); if (isset($_POST["choices"])) { $insertion = array(); foreach ($_POST["choices"] as $cid) { $insertion[] = '(NULL, ' . Auth::getUserId() . ', ' . $cid . ')'; $data["choices"][$cid]->checked = 1; } $addquery = 'INSERT INTO answer (answer_id, answer_student_user_id, answer_choice_id) VALUES ' . join(', ', $insertion); $_MYSQLI->query($addquery); }
<?php require_once "include/database.inc.php"; require_once "include/auth.class.php"; require_once "include/validation.class.php"; $auth = new Auth(); $user = Auth::getUser(); $error = true; $data = array(); if (Validation::Query($_GET, array("id")) && is_numeric($_GET["id"])) { $questionnaire_result = $_MYSQLI->query('SELECT * FROM questionnaire INNER JOIN user ON user_id = questionnaire_user_id WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["id"]) . '" LIMIT 1'); if ($questionnaire_result->num_rows == 1) { $error = false; $questionnaire = $questionnaire_result->fetch_object(); $data["questionnaire"] = $questionnaire; $own = $questionnaire->questionnaire_user_id == Auth::getUserId(); $data["questionnaire"]->own = $own; if (!$own && !($questionnaire->questionnaire_start_date < time() && time() < $questionnaire->questionnaire_end_date)) { $error = true; } } } if ($error) { header("Location: 404.php"); exit; } ?> <!DOCTYPE html> <html> <head>
<?php require_once "include/auth.class.php"; require_once "include/validation.class.php"; $auth = new Auth(); if ($auth->isLogged()) { header("Location: index.php"); exit; } $error = false; if (Validation::Query($_POST, array("email", "password"))) { if ($auth->login($_POST['email'], $_POST['password'])) { header("Location: index.php"); exit; } else { $error = true; } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <title>QCManager</title> <link rel="stylesheet" type="text/css" href="css/auth.css"> </head> <body> <div class="login"> <div class="login-top"><span>QCManager</span></div>
<?php require_once "../include/rules.inc.php"; require_once "../include/database.inc.php"; require_once "../include/auth.class.php"; require_once "../include/ajax.class.php"; require_once "../include/validation.class.php"; $auth = new Auth(); $ajax = new Ajax(); $correspondance = array("same" => 0, "middle" => 1, "zero" => 2, "all" => 3); if ($auth->isLogged()) { if (Validation::Query($_GET, array("questionnaire_id", "rule"))) { $questionnaire_result = $_MYSQLI->query('SELECT * FROM questionnaire WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . '" LIMIT 1'); if ($questionnaire_result->num_rows == 1) { $questionnaire = $questionnaire_result->fetch_object(); $ajax->data["questionnaire"] = $questionnaire; $ajax->data["questionnaire"]->own = $questionnaire->questionnaire_user_id == Auth::getUserId(); if ($ajax->data["questionnaire"]->own && isset($correspondance[$_GET["rule"]])) { $_MYSQLI->query('UPDATE questionnaire SET questionnaire_notation_rule = ' . $correspondance[$_GET["rule"]] . ' WHERE questionnaire_id = "' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . '"'); } $query = ' SELECT * FROM question q JOIN choice c ON c.choice_question_id = q.question_id LEFT JOIN answer a ON a.answer_choice_id = c.choice_id WHERE question_questionnaire_id = ' . $_MYSQLI->real_escape_string($_GET["questionnaire_id"]) . ' GROUP BY choice_id ORDER BY question_num ASC, question_id ASC '; $ajax->data["questions"] = array(); $questions_result = $_MYSQLI->query($query); while ($question = $questions_result->fetch_object()) {