/**
* register::index()
* Process register form data and take appropriate action
* @return
*/
function actionIndex($surveyid = null)
{
Yii::app()->loadHelper('database');
Yii::app()->loadHelper('replacements');
$postlang = Yii::app()->request->getPost('lang');
if ($surveyid == null) {
$surveyid = Yii::app()->request->getPost('sid');
}
if (!$surveyid) {
Yii::app()->request->redirect(Yii::app()->baseUrl);
}
// Get passed language from form, so that we dont loose this!
if (!isset($postlang) || $postlang == "" || !$postlang) {
$baselang = Survey::model()->findByPk($surveyid)->language;
Yii::import('application.libraries.Limesurvey_lang');
Yii::app()->lang = new Limesurvey_lang($baselang);
$clang = Yii::app()->lang;
} else {
Yii::import('application.libraries.Limesurvey_lang');
Yii::app()->lang = new Limesurvey_lang($postlang);
$clang = Yii::app()->lang;
$baselang = $postlang;
}
$thissurvey = getSurveyInfo($surveyid, $baselang);
$register_errormsg = "";
// Check the security question's answer
if (function_exists("ImageCreate") && isCaptchaEnabled('registrationscreen', $thissurvey['usecaptcha'])) {
if (!isset($_POST['loadsecurity']) || !isset($_SESSION['survey_' . $surveyid]['secanswer']) || Yii::app()->request->getPost('loadsecurity') != $_SESSION['survey_' . $surveyid]['secanswer']) {
$register_errormsg .= $clang->gT("The answer to the security question is incorrect.") . "<br />\n";
}
}
//Check that the email is a valid style address
if (!validateEmailAddress(Yii::app()->request->getPost('register_email'))) {
$register_errormsg .= $clang->gT("The email you used is not valid. Please try again.");
}
// Check for additional fields
$attributeinsertdata = array();
foreach (GetParticipantAttributes($surveyid) as $field => $data) {
if (empty($data['show_register']) || $data['show_register'] != 'Y') {
continue;
}
$value = sanitize_xss_string(Yii::app()->request->getPost('register_' . $field));
if (trim($value) == '' && $data['mandatory'] == 'Y') {
$register_errormsg .= sprintf($clang->gT("%s cannot be left empty"), $thissurvey['attributecaptions'][$field]);
}
$attributeinsertdata[$field] = $value;
}
if ($register_errormsg != "") {
$_SESSION['survey_' . $surveyid]['register_errormsg'] = $register_errormsg;
Yii::app()->request->redirect(Yii::app()->createUrl('survey/index/sid/' . $surveyid));
}
//Check if this email already exists in token database
$query = "SELECT email FROM {{tokens_{$surveyid}}}\n" . "WHERE email = '" . sanitize_email(Yii::app()->request->getPost('register_email')) . "'";
$usrow = Yii::app()->db->createCommand($query)->queryRow();
if ($usrow) {
$register_errormsg = $clang->gT("The email you used has already been registered.");
$_SESSION['survey_' . $surveyid]['register_errormsg'] = $register_errormsg;
Yii::app()->request->redirect(Yii::app()->createUrl('survey/index/sid/' . $surveyid));
//include "index.php";
//exit;
}
$mayinsert = false;
// Get the survey settings for token length
//$this->load->model("surveys_model");
$tlresult = Survey::model()->findAllByAttributes(array("sid" => $surveyid));
if (isset($tlresult[0])) {
$tlrow = $tlresult[0];
} else {
$tlrow = $tlresult;
}
$tokenlength = $tlrow['tokenlength'];
//if tokenlength is not set or there are other problems use the default value (15)
if (!isset($tokenlength) || $tokenlength == '') {
$tokenlength = 15;
}
while ($mayinsert != true) {
$newtoken = randomChars($tokenlength);
$ntquery = "SELECT * FROM {{tokens_{$surveyid}}} WHERE token='{$newtoken}'";
$usrow = Yii::app()->db->createCommand($ntquery)->queryRow();
if (!$usrow) {
$mayinsert = true;
}
}
$postfirstname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_firstname')));
$postlastname = sanitize_xss_string(strip_tags(Yii::app()->request->getPost('register_lastname')));
$starttime = sanitize_xss_string(Yii::app()->request->getPost('startdate'));
$endtime = sanitize_xss_string(Yii::app()->request->getPost('enddate'));
/*$postattribute1=sanitize_xss_string(strip_tags(returnGlobal('register_attribute1')));
$postattribute2=sanitize_xss_string(strip_tags(returnGlobal('register_attribute2'))); */
// Insert new entry into tokens db
Tokens_dynamic::sid($thissurvey['sid']);
$token = new Tokens_dynamic();
$token->firstname = $postfirstname;
$token->lastname = $postlastname;
$token->email = Yii::app()->request->getPost('register_email');
$token->emailstatus = 'OK';
$token->token = $newtoken;
if ($starttime && $endtime) {
$token->validfrom = $starttime;
$token->validuntil = $endtime;
}
foreach ($attributeinsertdata as $k => $v) {
$token->{$k} = $v;
}
$result = $token->save();
/**
$result = $connect->Execute($query, array($postfirstname,
$postlastname,
returnGlobal('register_email'),
'OK',
$newtoken)
// $postattribute1, $postattribute2)
) or safeDie ($query."<br />".$connect->ErrorMsg()); //Checked - According to adodb docs the bound variables are quoted automatically
*/
$tid = getLastInsertID($token->tableName());
$fieldsarray["{ADMINNAME}"] = $thissurvey['adminname'];
$fieldsarray["{ADMINEMAIL}"] = $thissurvey['adminemail'];
$fieldsarray["{SURVEYNAME}"] = $thissurvey['name'];
$fieldsarray["{SURVEYDESCRIPTION}"] = $thissurvey['description'];
$fieldsarray["{FIRSTNAME}"] = $postfirstname;
$fieldsarray["{LASTNAME}"] = $postlastname;
$fieldsarray["{EXPIRY}"] = $thissurvey["expiry"];
$message = $thissurvey['email_register'];
$subject = $thissurvey['email_register_subj'];
$from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>";
if (getEmailFormat($surveyid) == 'html') {
$useHtmlEmail = true;
$surveylink = $this->createAbsoluteUrl($surveyid . '/lang-' . $baselang . '/tk-' . $newtoken);
$optoutlink = $this->createAbsoluteUrl('optout/local/' . $surveyid . '/' . $baselang . '/' . $newtoken);
$optinlink = $this->createAbsoluteUrl('optin/local/' . $surveyid . '/' . $baselang . '/' . $newtoken);
$fieldsarray["{SURVEYURL}"] = "<a href='{$surveylink}'>" . $surveylink . "</a>";
$fieldsarray["{OPTOUTURL}"] = "<a href='{$optoutlink}'>" . $optoutlink . "</a>";
$fieldsarray["{OPTINURL}"] = "<a href='{$optinlink}'>" . $optinlink . "</a>";
} else {
$useHtmlEmail = false;
$fieldsarray["{SURVEYURL}"] = $this->createAbsoluteUrl('' . $surveyid . '/lang-' . $baselang . '/tk-' . $newtoken);
$fieldsarray["{OPTOUTURL}"] = $this->createAbsoluteUrl('optout/local/' . $surveyid . '/' . $baselang . '/' . $newtoken);
$fieldsarray["{OPTINURL}"] = $this->createAbsoluteUrl('optin/local/' . $surveyid . '/' . $baselang . '/' . $newtoken);
}
$message = ReplaceFields($message, $fieldsarray);
$subject = ReplaceFields($subject, $fieldsarray);
$html = "";
//Set variable
$sitename = Yii::app()->getConfig('sitename');
if (SendEmailMessage($message, $subject, Yii::app()->request->getPost('register_email'), $from, $sitename, $useHtmlEmail, getBounceEmail($surveyid))) {
// TLR change to put date into sent
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i", Yii::app()->getConfig('timeadjust'));
$query = "UPDATE {{tokens_{$surveyid}}}\n" . "SET sent='{$today}' WHERE tid={$tid}";
$result = dbExecuteAssoc($query) or show_error("Unable to execute this query : {$query}<br />");
//Checked
$html = "<center>" . $clang->gT("Thank you for registering to participate in this survey.") . "<br /><br />\n" . $clang->gT("An email has been sent to the address you provided with access details for this survey. Please follow the link in that email to proceed.") . "<br /><br />\n" . $clang->gT("Survey administrator") . " {ADMINNAME} ({ADMINEMAIL})";
$html = ReplaceFields($html, $fieldsarray);
$html .= "<br /><br /></center>\n";
} else {
$html = "Email Error";
}
//PRINT COMPLETED PAGE
if (!$thissurvey['template']) {
$thistpl = getTemplatePath(validateTemplateDir('default'));
} else {
$thistpl = getTemplatePath(validateTemplateDir($thissurvey['template']));
}
sendCacheHeaders();
doHeader();
Yii::app()->lang = $clang;
// fetch the defined variables and pass it to the header footer templates.
$redata = compact(array_keys(get_defined_vars()));
$this->_printTemplateContent($thistpl . '/startpage.pstpl', $redata, __LINE__);
$this->_printTemplateContent($thistpl . '/survey.pstpl', $redata, __LINE__);
echo $html;
$this->_printTemplateContent($thistpl . '/endpage.pstpl', $redata, __LINE__);
doFooter();
}
/**
* RPC Routine to add participants to the tokens collection of the survey.
* Returns the inserted data including additional new information like the Token entry ID and the token string.
*
* @access public
* @param string $sSessionKey Auth credentials
* @param int $iSurveyID Id of the Survey
* @param struct $aParticipantData Data of the participants to be added
* @param bool Optional - Defaults to true and determins if the access token automatically created
* @return array The values added
*/
public function add_participants($sSessionKey, $iSurveyID, $aParticipantData, $bCreateToken = true)
{
if (!$this->_checkSessionKey($sSessionKey)) {
return array('status' => 'Invalid session key');
}
$oSurvey = Survey::model()->findByPk($iSurveyID);
if (is_null($oSurvey)) {
return array('status' => 'Error: Invalid survey ID');
}
if (hasSurveyPermission($iSurveyID, 'tokens', 'create')) {
if (!Yii::app()->db->schema->getTable('{{tokens_' . $iSurveyID . '}}')) {
return array('status' => 'No token table');
}
$aDestinationFields = Yii::app()->db->schema->getTable('{{tokens_' . $iSurveyID . '}}')->getColumnNames();
$aDestinationFields = array_flip($aDestinationFields);
foreach ($aParticipantData as &$aParticipant) {
$aParticipant = array_intersect_key($aParticipant, $aDestinationFields);
Tokens_dynamic::sid($iSurveyID);
$token = new Tokens_dynamic();
if ($new_token_id = $token->insertParticipant($aParticipant)) {
if ($bCreateToken) {
$token_string = Tokens_dynamic::model()->createToken($new_token_id);
} else {
$token_string = '';
}
$aParticipant = array_merge($aParticipant, array('tid' => $new_token_id, 'token' => $token_string));
} else {
$aParticipant = false;
}
}
return $aParticipantData;
} else {
return array('status' => 'No permission');
}
}
/**
* Returns true when a token can not be used (either doesn't exist, has less then one usage left )
*
* @param mixed $tid Token
*/
function usedTokens($token, $surveyid)
{
$utresult = true;
Tokens_dynamic::sid($surveyid);
$query = Tokens_dynamic::model()->findAllByAttributes(array("token" => $token));
if (count($query) > 0) {
$row = $query[0];
if ($row->usesleft > 0) {
$utresult = false;
}
}
return $utresult;
}
/**
* Sets the survey ID for the next model
*
* @static
* @access public
* @param int $sid
* @return void
*/
public static function sid($sid)
{
self::$sid = (int) $sid;
}
/**
* Retrieves the token attribute value from the related token table
*
* @param mixed $surveyid The survey ID
* @param mixed $attrName The token-attribute field name
* @param mixed $token The token code
* @return string The token attribute value (or null on error)
*/
function getAttributeValue($surveyid, $attrName, $token)
{
$attrName = strtolower($attrName);
if (!tableExists('tokens_' . $surveyid) || !in_array($attrName, getTokenConditionsFieldNames($surveyid))) {
return null;
}
$surveyid = sanitize_int($surveyid);
Tokens_dynamic::sid($surveyid);
$query = Tokens_dynamic::model()->find(array("token" => $token));
$count = $query->count();
// OK - AR count
if ($count != 1) {
return null;
} else {
return $row->{$attrName};
//[0]
}
}
