<?php
$selected_page = "User";
require 'includes/header.php';
if (!isset($_SESSION['user_id']) && !isset($_SESSION['admin_id'])) {
header('Location: login.php');
}
if (!get_running1_batch_id() && !get_running2_batch_id() && !get_published_batch_id() && isset($_SESSION['user_id'])) {
// destroy session
session_destroy();
//unset cookies
setcookie("username", "", time() - 7200);
header('Location: login.php');
}
if (isset($_SESSION['admin_id']) && !get_published_batch_id()) {
header('Location: admin.php');
}
?>
<div class="content">
<div class="topContent">
<?php
if (isset($_SESSION['user_id'])) {
if (get_published_batch_id()) {
$user = $_SESSION['user_id'];
$name = get_user_by_id($user);
$batch = get_published_batch_id();
echo "<h2>" . get_text('Information') . " " . strtolower(get_text('About')) . ": {$name['0']} {$name['1']}</h2>";
?>
<p>
<a href="pdf.php?id=<?php
echo $_SESSION['user_id'];
function login($username, $password, $rememberme)
{
$username = sanitize($username);
$password = sanitize($password);
$rememberme = sanitize($rememberme);
if (get_running1_batch_id() || get_running2_batch_id() || get_published_batch_id()) {
$query = mysql_query("SELECT ID, Password, Username FROM user WHERE UPPER(Username) = UPPER('{$username}')");
if (!$query || mysql_num_rows($query) <= 0) {
//echo mysql_error();
return get_text('Error_occured') . get_text('Do_you_have_account');
} else {
$user = mysql_fetch_row($query);
if (password_verify($password, $user['1'])) {
if ($rememberme == "on") {
setcookie("username", $username, time() + 7200);
} else {
if ($rememberme == "") {
$_SESSION['user_id'] = $user['0'];
$_SESSION['user_name'] = $user['2'];
}
}
header('Location: index.php');
exit;
} else {
return get_text('Wrong_password');
}
}
} else {
return get_text('Login_not_allowed');
}
}
} else {
$poll = $_GET['Poll'];
$poll_status = get_poll_status($poll);
$reviewee_id = get_poll_reviewee($poll);
$reviewer_id = get_poll_reviewer($poll);
$reviewee = get_user_by_id($reviewee_id);
$reviewer = get_user_by_id($reviewer_id);
if (isset($_GET['delete_comment'])) {
if ($_SESSION['user_id'] == $reviewer_id) {
delete_comment($poll);
}
}
if (isset($_POST['answer_questions']) || isset($_POST['save_questions']) || isset($_POST['add_comment'])) {
if ($_SESSION['user_id'] == $reviewer_id) {
if (!isset($_POST['add_comment'])) {
$poll = get_poll_by_reviewer_reviewee_batch($_SESSION['user_id'], $reviewee_id, get_running2_batch_id());
for ($question = 1; $question < 30; $question++) {
$answer = $_POST[$question];
answer($poll, $question, $answer);
}
if (isset($_POST['answer_questions'])) {
change_poll_status($poll, 'Ingestuurd');
$result = "<p>" . get_text('Poll_send_successfully') . "</p>";
if (isset($_POST['comment'])) {
$comment = $_POST['comment'];
add_poll_comment($poll, $comment);
$result = "<p>" . get_text('Comment_added_successfully') . "</p>";
}
} else {
if (isset($_POST['save_questions'])) {
change_poll_status($poll, 'Opgeslagen');
echo get_text('Send_reminder');
?>
">
</form>
<?php
if (isset($_POST['reminder_1'])) {
foreach ($users as $user) {
send_reminder_phase1($user['Username'], $user['Email']);
}
echo '<p>' . get_text('Reminder_send') . '.</p>';
}
} else {
echo get_text('Every_user_has_answered_own_poll_can_start_phase_2');
}
} else {
if (get_running2_batch_id()) {
$users = get_users_not_answered_other_questions();
if ($users) {
$number = 0;
foreach ($users as $user) {
$number++;
}
?>
<p style="width: 100%;">
<b><?php
echo $number;
?>
</b> <?php
echo get_text('Users_have_not_filled_in_other_poll');
?>
echo $batch['ID'];
?>
"/>
<?php
if (get_batch_status_name($batch['Status']) == 'Init') {
?>
<input type="submit" name="change_batch_status"
onclick="change_batchstatus(<?php
echo $batch['ID'];
?>
, 'Start')"
value="<?php
echo get_text('Start_phase_1');
?>
" <?php
if (get_running1_batch_id() || get_running2_batch_id() || get_calculating_batch_id() || get_accepted_batch_id()) {
echo 'disabled="disabled"';
}
?>
/>
<?php
} else {
if (get_batch_status_name($batch['Status']) == 'Running1') {
?>
<input type="submit" name="change_batch_status"
onclick="change_batchstatus(<?php
echo $batch['ID'];
?>
, 'Calculate')"
value="<?php
echo get_text('Calculate_polls');
