public static function prepared($query, $bindvals)
{
$stmt = self::$mysqli->prepare($query);
if ($stmt) {
$bindParam = new BindParam();
if (is_array($bindvals)) {
foreach ($bindvals as &$val) {
$bindParam->add($val);
}
} else {
$bindParam->add($bindvals);
}
if (count($bindvals) > 0) {
call_user_func_array(array($stmt, 'bind_param'), makeValuesReferenced($bindParam->get()));
}
if ($stmt->execute()) {
if ($stmt->affected_rows === -1) {
$result = $stmt->get_result();
return new ResultSet(self::$mysqli, $result, $query);
} else {
return true;
}
}
} else {
self::log("Failed to prepare query." . self::error(), YG_WARNING);
return false;
}
}
/**
* @covers BindParam::__construct
* @covers BindParam::getPhraseStr
* @covers BindParam::getParamArray
* @covers BindParam::getConditionStr
*/
public function testBindParam()
{
$cond_str = "condition string";
$phrase_str = "phrase string";
$param_array = array(1, 2, "3");
$param = new BindParam($param_array, $cond_str, $phrase_str);
$actual = $param->getConditionStr();
$expected = $cond_str;
$this->assertEquals($expected, $actual);
$actual = $param->getParamArray();
$expected = $param_array;
$this->assertEquals($expected, $actual);
$actual = $param->getPhraseStr();
$expected = $phrase_str;
$this->assertEquals($expected, $actual);
}
function addLogs($variable, $answer, $di)
{
if (Config::logSurveyActions() == false) {
return;
}
$localdb = null;
if (Config::useTransactions() == true) {
global $transdb;
$localdb = $transdb;
} else {
global $db;
$localdb = $db;
}
$ans = $answer;
if ($ans == "") {
$ans = null;
}
$prim = $this->getPrimaryKey();
$var = $variable;
$dirty = $di;
$action = $this->currentaction;
$suid = $this->getSuid();
$version = getSurveyVersion();
$language = getSurveyLanguage();
$mode = getSurveyMode();
if (Config::prepareDataQueries() == false) {
global $survey;
$key = $survey->getDataEncryptionKey();
$answer = '"' . prepareDatabaseString($ans) . '"';
if ($key != "") {
$answer = "aes_encrypt('" . prepareDatabaseString($ans) . "', '" . $key . "')";
}
$localdb->executeQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')');
//echo 'INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')<br/>';
} else {
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $suid);
$bp->add(MYSQL_BINDING_STRING, $prim);
$bp->add(MYSQL_BINDING_STRING, $var);
$bp->add(MYSQL_BINDING_STRING, $ans);
$bp->add(MYSQL_BINDING_INTEGER, $dirty);
$bp->add(MYSQL_BINDING_INTEGER, $action);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
$answer = "?";
global $survey;
$key = $survey->getDataEncryptionKey();
if ($key != "") {
$answer = "aes_encrypt(?, '" . $key . "')";
}
$localdb->executeBoundQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (?,?,?,' . $answer . ',?,?,?,?,?)', $bp->get());
}
}
function addEntry($setting, $value)
{
global $db;
$query = "insert into " . Config::dbSurvey() . "_tracks (urid, suid, object, objecttype, setting, value, language, mode, version) values (?, ?,?,?,?,?,?,?,?)";
$mode = getSurveyMode();
$language = getSurveyLanguage();
$version = getSurveyVersion();
$bp = new BindParam();
$bp->add(MYSQL_BINDING_INTEGER, $_SESSION['URID']);
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_INTEGER, $this->object);
$bp->add(MYSQL_BINDING_INTEGER, $this->objecttype);
$bp->add(MYSQL_BINDING_STRING, $setting);
$bp->add(MYSQL_BINDING_STRING, $value);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$db->executeBoundQuery($query, $bp->get());
}
private function storeAnswer($primkey, $variable, $answer, $striptags = true)
{
global $engine;
$localdb = null;
if (Config::useTransactions() == true) {
global $transdb;
$localdb = $transdb;
} else {
global $db;
$localdb = $db;
}
$dirty = $this->getDirty();
$prim = $primkey;
$var = $variable;
//$engine->prefixVariableName($variable);
$ans = $answer;
if ($ans == "" && $ans !== 0) {
// preserve '0' as answer
$ans = null;
}
$version = getSurveyVersion();
$language = getSurveyLanguage();
$mode = getSurveyMode();
$suid = getSurvey();
// set session language/mode here if changed through routing!
if ($ans != null) {
if (strtoupper($variable) == strtoupper(VARIABLE_LANGUAGE)) {
$_SESSION['PARAMS'][SESSION_PARAM_LANGUAGE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_MODE)) {
$_SESSION['PARAMS'][SESSION_PARAM_MODE] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_VERSION)) {
$_SESSION['PARAMS'][SESSION_PARAM_VERSION] = $ans;
} else {
if (strtoupper($variable) == strtoupper(VARIABLE_TEMPLATE)) {
$_SESSION['PARAMS'][SESSION_PARAM_TEMPLATE] = $ans;
}
}
}
}
}
/* set attributes for data record processing in export */
$this->suid = $suid;
$this->primkey = $prim;
$this->language = $language;
$this->mode = $mode;
$this->version = $version;
$this->ts = date("Y-m-d h:i:s", time());
if (Config::prepareDataQueries() == false) {
global $survey;
$key = $survey->getDataEncryptionKey();
if ($ans == null && $ans !== 0) {
$answer = 'null';
} else {
$answer = '"' . prepareDatabaseString($ans, $striptags) . '"';
if ($key != "") {
$answer = "aes_encrypt('" . prepareDatabaseString($ans, $striptags) . "', '" . $key . "')";
}
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = prepareDatabaseString($suid);
$queryvalues .= ",'" . prepareDatabaseString($prim) . "'";
$queryvalues .= ",'" . prepareDatabaseString($var) . "'";
$queryvalues .= "," . $answer;
$queryvalues .= "," . prepareDatabaseString($dirty);
$queryvalues .= "," . prepareDatabaseString($version);
$queryvalues .= "," . prepareDatabaseString($language);
$queryvalues .= "," . prepareDatabaseString($mode);
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
//echo $query;
if ($localdb->executeQuery($query)) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($query);
}
return true;
}
return false;
} else {
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $suid);
$bp->add(MYSQL_BINDING_STRING, $prim);
$bp->add(MYSQL_BINDING_STRING, $var);
$bp->add(MYSQL_BINDING_STRING, $ans);
$bp->add(MYSQL_BINDING_INTEGER, $dirty);
$bp->add(MYSQL_BINDING_INTEGER, $version);
$bp->add(MYSQL_BINDING_INTEGER, $language);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
global $survey;
$key = $survey->getDataEncryptionKey();
$answer = "?";
if ($key != "") {
$answer = "aes_encrypt(?, '" . $key . "')";
}
$queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode';
$queryvalues = '?,?,?,' . $answer . ',?,?,?,?';
$query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')';
if ($localdb->executeBoundQuery($query, $bp->get())) {
$this->variable["answer"] = $ans;
// hook for extra storage
if (function_exists("storeAnswerExtra")) {
storeAnswerExtra($queryparams, $queryvalues, $bp);
}
return true;
}
return false;
}
}
function captureScreenshot()
{
global $db;
$l = $this->getParam(POST_PARAM_LANGUAGE);
$m = $this->getParam(POST_PARAM_MODE);
$v = $this->getParam(POST_PARAM_VERSION);
$result = urldecode(loadvar(POST_PARAM_SCREENSHOT));
$stateid = $this->getParam(POST_PARAM_STATEID);
$primkey = $this->getParam(POST_PARAM_PRIMKEY);
$suid = $this->getParam(POST_PARAM_SUID);
$screen = gzcompress($result, 9);
if ($stateid == "") {
$stateid = 1;
}
$bp = new BindParam();
$scid = null;
$bp->add(MYSQL_BINDING_INTEGER, $scid);
$bp->add(MYSQL_BINDING_INTEGER, $suid);
$bp->add(MYSQL_BINDING_STRING, $primkey);
$bp->add(MYSQL_BINDING_INTEGER, $stateid);
$bp->add(MYSQL_BINDING_STRING, $screen);
$bp->add(MYSQL_BINDING_INTEGER, $m);
$bp->add(MYSQL_BINDING_INTEGER, $l);
$bp->add(MYSQL_BINDING_INTEGER, $v);
$key = $this->survey->getDataEncryptionKeyDirectly($m, $l, $this->getParam(POST_PARAM_DEFAULT_MODE), $this->getParam(POST_PARAM_DEFAULT_LANGUAGE));
if ($key == "") {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)";
} else {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)";
}
//echo $query;
//print_r($bp->get());
$db->executeBoundQuery($query, $bp->get());
exit;
}
function captureScreenshot($result)
{
global $engine, $survey, $db;
$l = getSurveyLanguage();
$m = getSurveyMode();
$v = getSurveyVersion();
$key = $survey->getDataEncryptionKey();
$stateid = $engine->getStateId();
if ($engine->getForward() == true) {
$stateid++;
}
//$screen = gzcompress(preg_replace($i, $ii, $result), 9);
$screen = gzcompress($result, 9);
if ($stateid == "") {
$stateid = 1;
}
$primkey = $engine->getPrimaryKey();
$bp = new BindParam();
$suid = $engine->getSuid();
$scid = null;
$bp->add(MYSQL_BINDING_INTEGER, $scid);
$bp->add(MYSQL_BINDING_INTEGER, $suid);
$bp->add(MYSQL_BINDING_STRING, $primkey);
$bp->add(MYSQL_BINDING_INTEGER, $stateid);
$bp->add(MYSQL_BINDING_STRING, $screen);
$bp->add(MYSQL_BINDING_INTEGER, $m);
$bp->add(MYSQL_BINDING_INTEGER, $l);
$bp->add(MYSQL_BINDING_INTEGER, $v);
if ($key == "") {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,?,?,?,?)";
} else {
$query = "insert into " . Config::dbSurveyData() . "_screendumps(scdid, suid, primkey, stateid, screen, mode, language, version) values (?,?,?,?,aes_encrypt(?, '" . $key . "'),?,?,?)";
}
//echo $query;
//print_r($bp->get());
$db->executeBoundQuery($query, $bp->get());
return "";
}
return $this->importNubis();
case IMPORT_TYPE_MMIC:
return $this->importMMIC();
case IMPORT_TYPE_BLAISE:
break;
}
}
function importNubis()
{
$arr = $_FILES[SETTING_IMPORT_TEXT];
if (sizeof($arr) == 0) {
return Language::messageImportNoFile();
}
$name = $arr["name"];
if (!endsWith($name, EXPORT_FILE_NUBIS)) {
return Language::messageImportInvalidFile();
}
$str = file_get_contents($arr["tmp_name"]);
if ($str == "") {
return Language::messageImportInvalidFile();
}
$urid = $_SESSION['URID'];
$user = new User($urid);
if (loadvar(SETTING_IMPORT_AS) == IMPORT_TARGET_ADD) {
$surveys = new Surveys();
$this->addtosuid = $surveys->getMaximumSuid() + 1;
} else {
if (loadvar(SETTING_IMPORT_AS) == IMPORT_TARGET_REPLACE) {
$this->addtosuid = 1;
/* delete existing content */
$tables = Common::surveyTables();
foreach ($tables as $table) {
$query = "delete from " . Config::dbSurvey() . $table;
$this->db->executeQuery($query);
}
/* delete existing data */
$tables = Common::surveyDataTables();
foreach ($tables as $table) {
if ($table == "_actions") {
$query = "delete from " . Config::dbSurvey() . $table . " where suid != ''";
} else {
$query = "delete from " . Config::dbSurvey() . $table;
}
$this->db->executeQuery($query);
}
/* delete test data */
$tables = Common::surveyTestDataTables();
foreach ($tables as $table) {
if ($table == "_actions") {
$query = "delete from " . Config::dbSurvey() . $table . " where suid != ''";
} else {
$query = "delete from " . Config::dbSurvey() . $table;
}
$this->db->executeQuery($query);
}
}
}
// add suid and urid
$str = str_ireplace(EXPORT_PLACEHOLDER_URID, $urid, $str);
$str = str_ireplace(EXPORT_PLACEHOLDER_SUID, $this->addtosuid, $str);
$queries = explode("\r\n", $str);
$tables = Common::surveyExportTables();
foreach ($queries as $q) {
$q = explode(EXPORT_DELIMITER, trim($q));
if (sizeof($q) != 3) {
continue;
}
if (!inArray($q[0], $tables)) {
continue;
}
//echo $q[1];
$fields = sizeof(explode(",", $q[1]));
$f = "";
for ($i = 0; $i < $fields; $i++) {
if ($f != "") {
$f .= ",";
}
$f .= "?";
}
$query = IMPORT_STATEMENT_INSERT . ' ' . Config::dbSurvey() . $q[0] . " (" . $q[1] . ") " . IMPORT_STATEMENT_INSERT_VALUES . " (" . $f . ")";
$bp = new BindParam();
$fields2 = sizeof(explode(",", $q[2]));
if ($fields != $fields2) {
continue;
// mismatch column count and value count
}
$it = explode(",", $q[2]);
for ($i = 0; $i < $fields2; $i++) {
$val =& prepareImportString($it[$i]);
$bp->add(MYSQL_BINDING_STRING, $val);
//echo 'adding: ' . $val . '----';
}
//echo print_r($bp->get()) . "<br/>";
$this->db->executeBoundQuery($query, $bp->get());
}
// prepare
set_time_limit(0);
// compile
$survey = new Survey($this->addtosuid);
$compiler = new Compiler($this->addtosuid, getSurveyVersion($survey));
// sections
$sections = $survey->getSections();
foreach ($sections as $section) {
$mess = $compiler->generateEngine($section->getSeid());
}
$mess = $compiler->generateSections();
$mess = $compiler->generateVariableDescriptives();
$mess = $compiler->generateTypes();
$mess = $compiler->generateGetFills();
$mess = $compiler->generateSetFills();
$mess = $compiler->generateInlineFields();
$mess = $compiler->generateGroups();
$user = new User($_SESSION['URID']);
$mods = explode("~", $survey->getAllowedModes());
function generateProgressBar($seid)
{
$_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_SURVEY_RETRIEVAL;
global $db;
// check for any missing for loop statements prior to a nested for loop
//$q1 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and locate('~', outerlooptimes) != 0";
$q1 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid;
//echo $q1;
$toprocess = array();
$res1 = $db->selectQuery($q1);
if ($res1) {
if ($db->getNumberOfRows($res1) > 0) {
$previous = "";
while ($row1 = $db->getRow($res1)) {
if (contains($row1["outerlooptimes"], "~")) {
if ($previous == "") {
$toprocess[] = $row1;
$previous = $row1["outerlooptimes"];
//echo 'added ' . $row1["rgid"] . "<br/>";
} else {
/* ignore anything following until we exited any nested loops */
}
} else {
$previous = "";
}
}
}
}
foreach ($toprocess as $t) {
//echo '<hr>Looking at: ' . $t["rgid"];
$outerlooptimes = explode("~", $t["outerlooptimes"]);
$outerlooprgids = explode("~", $t["outerlooprgids"]);
array_pop($outerlooptimes);
array_pop($outerlooprgids);
$outerlooptimes = array_reverse($outerlooptimes);
$outerlooprgids = array_reverse($outerlooprgids);
//print_r($outerlooptimes);
//print_r($outerlooprgids);
$lookbefore = $t["number"];
$dummy = sizeof($outerlooptimes);
for ($i = 0; $i < sizeof($outerlooptimes); $i++) {
$o = $outerlooptimes[$i];
$needwork = true;
//echo '<hr>Looking at outer loop: ' . $o;
// how far can we look back? (not farther than end of any previous loops)
$maxback = "";
$q2 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and number < " . $lookbefore . " and outerlooptimes=-1 order by number desc";
//echo $q2;
$res2 = $db->selectQuery($q2);
if ($db->getNumberOfRows($res2) > 0) {
$row2 = $db->getRow($res2);
$maxback = $row2["number"];
} else {
$maxback = 0;
}
//echo '<hr>maxback: ' . $maxback;
// any entries that are with the right loop count
$q2 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and number > " . $maxback . " and number < " . $lookbefore . " and looptimes=" . $o . " order by number desc";
//echo $q2 . "<hr>";
$res2 = $db->selectQuery($q2);
if ($res2) {
if ($db->getNumberOfRows($res2) > 0) {
$needwork = false;
$row3 = $db->getRow($res2);
$lookbefore = $row3["number"];
}
}
if ($needwork) {
$loopstring = "";
$out = array();
$temp = array_reverse($outerlooptimes);
//print_r($temp);
$looptimes = 1;
//echo 'i is ' . $i . "<hr>";
for ($j = 0; $j < sizeof($temp) - $i; $j++) {
$out[] = $temp[$j];
$looptimes = $looptimes * $temp[$j];
}
//echo '<br/>loop time: ' . end($temp);
$loopstring = implode("~", $out);
$query = "replace into " . Config::dbSurvey() . "_screens (suid, seid, rgid, number, section, looptimes, outerlooptimes, outerlooprgids, dummy) values(" . prepareDatabaseString($row2["suid"]) . ", " . prepareDatabaseString($row2["seid"]) . ", '" . prepareDatabaseString($outerlooprgids[$i]) . "', '" . prepareDatabaseString($t["number"]) . "', " . prepareDatabaseString($row2["section"]) . ", " . prepareDatabaseString($looptimes) . ", '" . prepareDatabaseString($loopstring) . "', '', " . $dummy . ")";
//echo $query . "<br/>";
$db->executeQuery($query);
$dummy--;
}
}
}
// delete existing
$query = "delete from " . Config::dbSurvey() . "_progressbars where suid=" . $this->suid . " and seid=" . $seid;
$db->executeQuery($query);
$progressbar = new Progressbar($this->suid, $seid);
$this->generateProgressBarSection($progressbar, $seid, $seid, 0, "", "", 0);
$progressbar->save();
/* store compiled in db */
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, gzcompress(serialize($progressbar), 9));
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_INTEGER, $seid);
$bp->add(MYSQL_BINDING_INTEGER, $this->version);
$query = "update " . Config::dbSurvey() . "_engines set progressbar = ? where suid = ? and seid = ? and version = ?";
$db->executeBoundQuery($query, $bp->get());
$_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_ADMIN_RETRIEVAL;
}
foreach ($change as $key => $value) {
if ($key == "username") {
$param_keys[] = "username = ?";
} elseif ($key == "email") {
$param_keys[] = "email = ?";
} elseif ($key == "password") {
$param_keys[] = "password = ?";
} elseif ($key == "img") {
$param_keys[] = "img = ?";
} elseif ($key == "info") {
$param_keys[] = "info = ?";
}
}
$sql_q = "UPDATE users SET " . implode(',', $param_keys) . " WHERE id = ?";
$sql_s = $mysql->prepare($sql_q);
$params = new BindParam();
foreach ($change as $key => $value) {
if ($key == "username") {
$params->add('s', $value);
} elseif ($key == "email") {
$params->add('s', $value);
} elseif ($key == "password") {
$passhash = hashpass($value);
$params->add('s', $params);
} elseif ($key == "img") {
$params->add('s', $value);
} elseif ($key == "info") {
$params->add('s', $value);
}
}
$params->add('i', $uid);
}
function loadData($data)
{
if ($data != "") {
$this->data = unserialize(gzuncompress($data));
}
}
function saveState()
{
global $db, $survey;
$key = $survey->getDataEncryptionKey();
$data = "?";
$assignments = "?";
$fills = "?";
if ($key != "") {
$data = "aes_encrypt(?, '" . $key . "')";
$assignments = "aes_encrypt(?, '" . $key . "')";
$fills = "aes_encrypt(?, '" . $key . "')";
}
$query = "replace into " . Config::dbSurveyData() . "_states (suid, mainseid, seid, parentseid, parentrgid, prefix, parentprefix, stateid, primkey, rgid, displayed, looprgid, loopstring, looplastaction, whilergid, whilelastaction, template, assigned, data, assignments, fills, subdisplays, inlinefields, language, mode, version) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,{$data},{$assignments},{$fills},?,?,?,?,?)";
$bp = new BindParam();
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_INTEGER, $this->mainseid);
$bp->add(MYSQL_BINDING_INTEGER, $this->seid);
$bp->add(MYSQL_BINDING_INTEGER, $this->parentseid);
$bp->add(MYSQL_BINDING_INTEGER, $this->parentrgid);
$bp->add(MYSQL_BINDING_STRING, $this->prefix);
$bp->add(MYSQL_BINDING_STRING, $this->parentprefix);
$bp->add(MYSQL_BINDING_INTEGER, $this->stateid);
$bp->add(MYSQL_BINDING_STRING, $this->primkey);
$bp->add(MYSQL_BINDING_INTEGER, $this->rgid);
$bp->add(MYSQL_BINDING_STRING, $this->displayed);
$bp->add(MYSQL_BINDING_INTEGER, $this->looprgid);
$bp->add(MYSQL_BINDING_STRING, $this->loopstring);
if ($this->leftoff == null) {
$this->leftoff = "";
}
$bp->add(MYSQL_BINDING_STRING, $this->leftoff);
$bp->add(MYSQL_BINDING_INTEGER, $this->whilergid);
if ($this->whileleftoff == null) {
$this->whileleftoff = "";
}
$bp->add(MYSQL_BINDING_STRING, $this->whileleftoff);
$bp->add(MYSQL_BINDING_STRING, $this->template);
$assigned = implode("~", $this->getAssigned());
$bp->add(MYSQL_BINDING_STRING, $assigned);
$data = gzcompress($this->saveData());
$assignments = gzcompress($this->saveAssignments());
$fills = gzcompress($this->saveFillText());
$subdisplays = gzcompress($this->saveSubDisplays());
$inlinefields = gzcompress($this->saveInlineFields());
$bp->add(MYSQL_BINDING_STRING, $data);
$bp->add(MYSQL_BINDING_STRING, $assignments);
$bp->add(MYSQL_BINDING_STRING, $fills);
$bp->add(MYSQL_BINDING_STRING, $subdisplays);
$bp->add(MYSQL_BINDING_STRING, $inlinefields);
$l = getSurveyLanguage();
$m = getSurveyMode();
function saveRecord()
{
if (Config::useDataRecords() == false) {
return;
}
global $db, $survey;
$key = $survey->getDataEncryptionKey();
$data = "?";
if ($key != "") {
$data = "aes_encrypt(?, '" . $key . "')";
}
$datanames = $this->getDataNames();
$names = '';
if (is_array($datanames)) {
sort($datanames);
$names = implode("~", $datanames);
}
//echo implode("~", $datanames) . '----';
if ($this->newrecord == true) {
$query = "insert into " . Config::dbSurveyData() . "_datarecords (suid, primkey, datanames, data) values (?,?,?,{$data})";
$bp = new BindParam();
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_STRING, $this->primkey);
$bp->add(MYSQL_BINDING_STRING, gzcompress($names, 9));
$data = gzcompress(serialize($this->data), 9);
$bp->add(MYSQL_BINDING_STRING, $data);
$db->executeBoundQuery($query, $bp->get());
//echo 'new<br/>';
} else {
$query = "update " . Config::dbSurveyData() . "_datarecords set datanames=?, data={$data} where suid=? and primkey=?";
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, gzcompress(implode("~", $datanames), 9));
$data = gzcompress(serialize($this->data), 9);
$bp->add(MYSQL_BINDING_STRING, $data);
$bp->add(MYSQL_BINDING_INTEGER, $this->suid);
$bp->add(MYSQL_BINDING_STRING, $this->primkey);
$db->executeBoundQuery($query, $bp->get());
//echo 'update<br/>';
}
}
function saveChanges()
{
global $db;
$query = 'UPDATE ' . Config::dbSurvey() . '_users SET ';
$query .= 'username = ?, ';
$query .= 'name = ?, ';
$query .= 'settings = ?, ';
$query .= 'password = aes_encrypt(?, "' . Config::smsPasswordKey() . '"), ';
$query .= 'filter = ?, ';
$query .= 'regionfilter = ?, ';
$query .= 'testmode = ?, ';
$query .= 'status= ?, ';
$query .= 'sup= ?, ';
$query .= 'usertype = ?, ';
$query .= 'usersubtype = ?, ';
$query .= 'access = ?, ';
$query .= 'lastdata = ?,';
$query .= 'communication = ? ';
$query .= 'WHERE urid = ?';
$bp = new BindParam();
$bp->add(MYSQL_BINDING_STRING, $this->getUsername());
$bp->add(MYSQL_BINDING_STRING, $this->getName());
$bp->add(MYSQL_BINDING_STRING, $this->getSettings());
$bp->add(MYSQL_BINDING_STRING, $this->getPassword());
$bp->add(MYSQL_BINDING_INTEGER, $this->getFilter());
$bp->add(MYSQL_BINDING_INTEGER, $this->getRegionFilter());
$bp->add(MYSQL_BINDING_INTEGER, $this->getTestMode());
$bp->add(MYSQL_BINDING_INTEGER, $this->getStatus());
$bp->add(MYSQL_BINDING_INTEGER, $this->getSupervisor());
$bp->add(MYSQL_BINDING_INTEGER, $this->getUserType());
$bp->add(MYSQL_BINDING_INTEGER, $this->getUserSubType());
$bp->add(MYSQL_BINDING_STRING, $this->getAccess());
$bp->add(MYSQL_BINDING_STRING, $this->getLastData());
$bp->add(MYSQL_BINDING_INTEGER, $this->getCommunication());
$bp->add(MYSQL_BINDING_INTEGER, $this->getUrid());
return $db->executeBoundQuery($query, $bp->get());
}
function save()
{
// nothing changed, then don't save (so the timestamp remains the same, so it does not appear as if it needs translation again)!
if ($this->changed == false) {
return;
}
global $db;
//$query = "replace into " . Config::dbSurvey() . "_settings (suid, object, objecttype, name, value, mode, language) values(";
$query = "replace into " . Config::dbSurvey() . "_settings (suid, object, objecttype, name, value, mode, language) values(?,?,?,?,?,?,?)";
$suid = $this->getSuid();
$object = $this->getObject();
$objecttype = $this->getObjectType();
$name = $this->getName();
$value = $this->getValue();
if ($this->getMode() != "") {
$mode = $this->getMode();
} else {
$mode = getSurveyMode();
}
if ($this->getLanguage() != "") {
$language = $this->getLanguage();
} else {
$language = getSurveyLanguage();
}
$bp = new BindParam();
$bp->add(MYSQL_BINDING_INTEGER, $suid);
$bp->add(MYSQL_BINDING_INTEGER, $object);
$bp->add(MYSQL_BINDING_STRING, $objecttype);
$bp->add(MYSQL_BINDING_STRING, $name);
$bp->add(MYSQL_BINDING_STRING, $value);
$bp->add(MYSQL_BINDING_INTEGER, $mode);
$bp->add(MYSQL_BINDING_STRING, $language);
$db->executeBoundQuery($query, $bp->get());
/* save history if value change */
if ($this->previousvalue != $value) {
$track = new Track($suid, $object, $objecttype);
$track->addEntry($name, $value);
}
// update previous values now we saved
$this->previousvalue = $this->getValue();
$this->previousobject = $this->getObject();
$this->previoussuid = $this->getSuid();
$this->previouslanguage = $this->getLanguage();
$this->previousmode = $this->getMode();
$this->previousobjecttype = $this->getObjectType();
}
/**
* @param string $table
* @param BindParam $params
* @return bool|PDOResponse
*/
public function delete($table, $params)
{
$sql = 'DELETE FROM ' . $table;
if ($params) {
$paramArray = $params->getParamArray();
$condition = $params->getConditionStr();
if ($condition != "") {
$sql .= " WHERE {$condition}";
return $this->pdo->prepAndExec($sql, $paramArray);
}
}
return false;
}
