/**
 * getsurveylist() Queries the database (survey table) for a list of existing surveys
 *
 * @param mixed $returnarray   boolean - if set to true an array instead of an HTML option list is given back
 *
 * @global string $surveyid
 * @global string $dbprefix
 * @global string $scriptname
 * @global string $connect
 * @global string $clang
 *
 * @return string This string is returned containing <option></option> formatted list of existing surveys
 *
 */
function getsurveylist($returnarray = false, $returnwithouturl = false)
{
    global $surveyid, $dbprefix, $scriptname, $connect, $clang, $timeadjust;
    static $cached = null;
    if (is_null($cached)) {
        $surveyidquery = " SELECT a.*, surveyls_title, surveyls_description, surveyls_welcometext, surveyls_url " . " FROM " . db_table_name('surveys') . " AS a " . "INNER JOIN " . db_table_name('surveys_languagesettings') . " on (surveyls_survey_id=a.sid and surveyls_language=a.language) ";
        if (!bHasGlobalPermission('USER_RIGHT_SUPERADMIN')) {
            $surveyidquery .= "WHERE a.sid in (select sid from " . db_table_name('survey_permissions') . " where uid={$_SESSION['loginID']} and permission='survey' and read_p=1) ";
        }
        $surveyidquery .= " order by active DESC, surveyls_title";
        $surveyidresult = db_execute_assoc($surveyidquery);
        //Checked
        if (!$surveyidresult) {
            return "Database Error";
        }
        $surveynames = $surveyidresult->GetRows();
        $cached = $surveynames;
    } else {
        $surveynames = $cached;
    }
    $surveyselecter = "";
    if ($returnarray === true) {
        return $surveynames;
    }
    $activesurveys = '';
    $inactivesurveys = '';
    $expiredsurveys = '';
    if ($surveynames) {
        foreach ($surveynames as $sv) {
            $surveylstitle = FlattenText($sv['surveyls_title']);
            if (strlen($surveylstitle) > 45) {
                $surveylstitle = htmlspecialchars(mb_strcut(html_entity_decode($surveylstitle, ENT_QUOTES, 'UTF-8'), 0, 45, 'UTF-8')) . "...";
            }
            if ($sv['active'] != 'Y') {
                $inactivesurveys .= "<option ";
                if ($_SESSION['loginID'] == $sv['owner_id']) {
                    $inactivesurveys .= " style=\"font-weight: bold;\"";
                }
                if ($sv['sid'] == $surveyid) {
                    $inactivesurveys .= " selected='selected'";
                    $svexist = 1;
                }
                if ($returnwithouturl === false) {
                    $inactivesurveys .= " value='{$scriptname}?sid={$sv['sid']}'>{$surveylstitle}</option>\n";
                } else {
                    $inactivesurveys .= " value='{$sv['sid']}'>{$surveylstitle}</option>\n";
                }
            } elseif ($sv['expires'] != '' && $sv['expires'] < date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust)) {
                $expiredsurveys .= "<option ";
                if ($_SESSION['loginID'] == $sv['owner_id']) {
                    $expiredsurveys .= " style=\"font-weight: bold;\"";
                }
                if ($sv['sid'] == $surveyid) {
                    $expiredsurveys .= " selected='selected'";
                    $svexist = 1;
                }
                if ($returnwithouturl === false) {
                    $expiredsurveys .= " value='{$scriptname}?sid={$sv['sid']}'>{$surveylstitle}</option>\n";
                } else {
                    $expiredsurveys .= " value='{$sv['sid']}'>{$surveylstitle}</option>\n";
                }
            } else {
                $activesurveys .= "<option ";
                if ($_SESSION['loginID'] == $sv['owner_id']) {
                    $activesurveys .= " style=\"font-weight: bold;\"";
                }
                if ($sv['sid'] == $surveyid) {
                    $activesurveys .= " selected='selected'";
                    $svexist = 1;
                }
                if ($returnwithouturl === false) {
                    $activesurveys .= " value='{$scriptname}?sid={$sv['sid']}'>{$surveylstitle}</option>\n";
                } else {
                    $activesurveys .= " value='{$sv['sid']}'>{$surveylstitle}</option>\n";
                }
            }
        }
        // End Foreach
    }
    //Only show each activesurvey group if there are some
    if ($activesurveys != '') {
        $surveyselecter .= "<optgroup label='" . $clang->gT("Active") . "' class='activesurveyselect'>\n";
        $surveyselecter .= $activesurveys . "</optgroup>";
    }
    if ($expiredsurveys != '') {
        $surveyselecter .= "<optgroup label='" . $clang->gT("Expired") . "' class='expiredsurveyselect'>\n";
        $surveyselecter .= $expiredsurveys . "</optgroup>";
    }
    if ($inactivesurveys != '') {
        $surveyselecter .= "<optgroup label='" . $clang->gT("Inactive") . "' class='inactivesurveyselect'>\n";
        $surveyselecter .= $inactivesurveys . "</optgroup>";
    }
    if (!isset($svexist)) {
        $surveyselecter = "<option selected='selected' value=''>" . $clang->gT("Please choose...") . "</option>\n" . $surveyselecter;
    } else {
        if ($returnwithouturl === false) {
            $surveyselecter = "<option value='{$scriptname}?sid='>" . $clang->gT("None") . "</option>\n" . $surveyselecter;
        } else {
            $surveyselecter = "<option value=''>" . $clang->gT("None") . "</option>\n" . $surveyselecter;
        }
    }
    return $surveyselecter;
}
Пример #2
0
 * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
 * All rights reserved.
 * License: GNU/GPL License v2 or later, see LICENSE.php
 * LimeSurvey is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id:
 *
 */
include_once "login_check.php";
//Login Check dies also if the script is started directly
// Editing the survey
if (!bHasSurveyPermission($surveyid, 'surveysettings', 'read') && !bHasGlobalPermission('USER_RIGHT_CREATE_SURVEY')) {
    include "access_denied.php";
} else {
    $js_admin_includes[] = 'scripts/surveysettings.js';
    if ($action == "newsurvey") {
        //New survey, set the defaults
        $esrow = array();
        $esrow['active'] = 'N';
        $esrow['allowjumps'] = 'N';
        $esrow['format'] = 'S';
        //queXS question by question mode
        $esrow['template'] = $defaulttemplate;
        $esrow['allowsave'] = 'Y';
        $esrow['allowprev'] = 'Y';
        $esrow['nokeyboard'] = 'N';
        $esrow['printanswers'] = 'N';
        $listsurveys .= "</table><br />";
    } else {
        $listsurveys = "<p><strong> " . $clang->gT("No Surveys available - please create one.") . " </strong><br /><br />";
    }
} elseif ($action == "ajaxowneredit") {
    header('Content-type: application/json');
    if (isset($_REQUEST['newowner'])) {
        $intNewOwner = sanitize_int($_REQUEST['newowner']);
    }
    if (isset($_REQUEST['survey_id'])) {
        $intSurveyId = sanitize_int($_REQUEST['survey_id']);
    }
    $owner_id = $_SESSION['loginID'];
    header('Content-type: application/json');
    $query = "UPDATE " . db_table_name('surveys') . " SET owner_id = {$intNewOwner} WHERE sid={$intSurveyId}";
    if (bHasGlobalPermission("USER_RIGHT_SUPERADMIN")) {
        $query .= ";";
    } else {
        $query .= " AND owner_id={$owner_id};";
    }
    $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
    $query = "SELECT b.users_name FROM " . db_table_name('surveys') . " as a" . " INNER JOIN  " . db_table_name('users') . " as b ON a.owner_id = b.uid   WHERE sid={$intSurveyId} AND owner_id={$intNewOwner};";
    $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
    $intRecordCount = $result->RecordCount();
    $aUsers = array('record_count' => $intRecordCount);
    if ($result->RecordCount() > 0) {
        while ($rows = $result->FetchRow()) {
            $aUsers['newowner'] = $rows['users_name'];
        }
    }
    $ajaxoutput = json_encode($aUsers) . "\n";