Пример #1
0
            }
        } else {
            $surveysecurity .= "<tr><td colspan='18'></td></tr>"; //fix error on empty table
        }
        $surveysecurity .= "</tbody>\n"
        . "</table>\n"
        . "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul>\n"
        . "<li><label for='uidselect'>".$clang->gT("User").": </label><select id='uidselect' name='uid'>\n"
        . sGetSurveyUserlist(false,false)
        . "</select>\n"
        . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User")."'  onclick=\"if (document.getElementById('uidselect').value == -1) {alert('".$clang->gT("Please select a user first","js")."'); return false;}\"/>"
        . "<input type='hidden' name='action' value='addsurveysecurity' />"
        . "</li></ul></form>\n"
        . "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul><li>\n"
        . "<label for='ugidselect'>".$clang->gT("Groups").": </label><select id='ugidselect' name='ugid'>\n"
        . getsurveyusergrouplist()
        . "</select>\n"
        . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User Group")."' onclick=\"if (document.getElementById('ugidselect').value == -1) {alert('".$clang->gT("Please select a user group first","js")."'); return false;}\" />"
        . "<input type='hidden' name='action' value='addusergroupsurveysecurity' />\n"
        . "</li></ul></form>";

    }
    else
    {
        include("access_denied.php");
    }
}

elseif ($action == "surveyrights")
{
    $addsummary = "<div class='header ui-widget-header'>".$clang->gT("Edit survey permissions")."</div>\n";
Пример #2
0
                        $insert = "<div class=\"ui-icon ui-icon-check\">&nbsp;</div>";
                    } elseif ($iCount > 0) {
                        $insert = "<div class=\"ui-icon ui-icon-check mixed\">&nbsp;</div>";
                    } else {
                        $insert = "<div>&nbsp;</div>";
                    }
                    $surveysecurity .= "<td align=\"center\">\n{$insert}\n</td>\n";
                }
                $surveysecurity .= "</tr>\n";
                $row++;
            }
        } else {
            $surveysecurity .= "<tr><td colspan='18'></td></tr>";
            //fix error on empty table
        }
        $surveysecurity .= "</tbody>\n" . "</table>\n" . "<form class='form44' action='{$scriptname}?sid={$surveyid}' method='post'><ul>\n" . "<li><label for='uidselect'>" . $clang->gT("User") . ": </label><select id='uidselect' name='uid'>\n" . sGetSurveyUserlist(false, false) . "</select>\n" . "<input style='width: 15em;' type='submit' value='" . $clang->gT("Add User") . "'  onclick=\"if (document.getElementById('uidselect').value == -1) {alert('" . $clang->gT("Please select a user first", "js") . "'); return false;}\"/>" . "<input type='hidden' name='action' value='addsurveysecurity' />" . "</li></ul></form>\n" . "<form class='form44' action='{$scriptname}?sid={$surveyid}' method='post'><ul><li>\n" . "<label for='ugidselect'>" . $clang->gT("Groups") . ": </label><select id='ugidselect' name='ugid'>\n" . getsurveyusergrouplist() . "</select>\n" . "<input style='width: 15em;' type='submit' value='" . $clang->gT("Add User Group") . "' onclick=\"if (document.getElementById('ugidselect').value == -1) {alert('" . $clang->gT("Please select a user group first", "js") . "'); return false;}\" />" . "<input type='hidden' name='action' value='addusergroupsurveysecurity' />\n" . "</li></ul></form>";
    } else {
        include "access_denied.php";
    }
} elseif ($action == "surveyrights") {
    $addsummary = "<div class='header ui-widget-header'>" . $clang->gT("Edit survey permissions") . "</div>\n";
    $addsummary .= "<div class='messagebox ui-corner-all'>\n";
    if (isset($postuserid)) {
        $query = "SELECT sid, owner_id FROM " . db_table_name('surveys') . " WHERE sid = {$surveyid}";
        if ($_SESSION['USER_RIGHT_SUPERADMIN'] != 1) {
            $query .= " AND owner_id != {$postuserid} AND owner_id = " . $_SESSION['loginID'];
        }
    } else {
        $sQuery = "SELECT owner_id FROM " . db_table_name('surveys') . " WHERE sid = {$surveyid}";
        if ($_SESSION['USER_RIGHT_SUPERADMIN'] != 1) {
            $query .= " AND owner_id = " . $_SESSION['loginID'];
Пример #3
0
        $exportstructure .= "</form>\n";
    } else {
        include 'dumpquestion.php';
    }
}
if ($action == "surveysecurity") {
    if (bHasRight($surveyid)) {
        $js_admin_includes[] = '../scripts/jquery/jquery.tablesorter.min.js';
        $js_admin_includes[] = 'scripts/surveysecurity.js';
        $query2 = "SELECT a.*, b.users_name, b.full_name FROM " . db_table_name('surveys_rights') . " AS a INNER JOIN " . db_table_name('users') . " AS b ON a.uid = b.uid WHERE a.sid = {$surveyid} AND b.uid != " . $_SESSION['loginID'] . " ORDER BY b.users_name";
        $result2 = db_execute_assoc($query2);
        //Checked
        $surveysecurity = "<div class='header'>" . $clang->gT("Survey Security") . "</div>\n";
        $surveysecurity .= "<table class='surveysecurity'><thead>" . "<tr>\n" . "<th>" . $clang->gT("Username") . "</th>\n" . "<th>" . $clang->gT("User Group") . "</th>\n" . "<th>" . $clang->gT("Full name") . "</th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Edit Survey Property") . "\"></th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Define Questions") . "\"></th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Browse Response") . "\"></th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Export") . "\"></th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Delete Survey") . "\"></th>\n" . "<th align=\"center\"><img src=\"{$imagefiles}/help.gif\" alt=\"" . $clang->gT("Activate Survey") . "\"></th>\n" . "<th>" . $clang->gT("Action") . "</th>\n" . "</tr></thead>\n";
        $style = "style='width: 15em;'";
        $surveysecurity .= "<tfoot>\n" . "<tr>\n" . "<td colspan='9' align='right'>" . "<form action='{$scriptname}?sid={$surveyid}' method='post'>\n" . "<strong>" . $clang->gT("User") . ": </strong><select id='uidselect' name='uid'>\n" . getsurveyuserlist() . "</select>\n" . "<input {$style} type='submit' value='" . $clang->gT("Add User") . "'  onclick=\"if (document.getElementById('uidselect').value == -1) {alert('" . $clang->gT("Please select a user first", "js") . "'); return false;}\"/>" . "<input type='hidden' name='action' value='addsurveysecurity' />" . "</form>\n" . "</td>\n" . "<td></td>\n" . "</tr>\n" . "<tr>\n" . "<td colspan='9' align='right'>" . "<form action='{$scriptname}?sid={$surveyid}' method='post'>\n" . "<strong>" . $clang->gT("Groups") . ": </strong><select id='ugidselect' name='ugid'>\n" . getsurveyusergrouplist() . "</select>\n" . "<input {$style} type='submit' value='" . $clang->gT("Add User Group") . "' onclick=\"if (document.getElementById('ugidselect').value == -1) {alert('" . $clang->gT("Please select a user group first", "js") . "'); return false;}\" />" . "<input type='hidden' name='action' value='addusergroupsurveysecurity' />\n" . "</form>\n" . "</td>\n" . "<td></td>\n" . "</tr></tfoot>\n";
        if (isset($usercontrolSameGroupPolicy) && $usercontrolSameGroupPolicy == true) {
            $authorizedGroupsList = getusergrouplist('simplegidarray');
        }
        $surveysecurity .= "<tbody>\n";
        if ($result2->RecordCount() > 0) {
            //	output users
            $row = 0;
            while ($resul2row = $result2->FetchRow()) {
                $query3 = "SELECT a.ugid FROM " . db_table_name('user_in_groups') . " AS a RIGHT OUTER JOIN " . db_table_name('users') . " AS b ON a.uid = b.uid WHERE b.uid = " . $resul2row['uid'];
                $result3 = db_execute_assoc($query3);
                //Checked
                while ($resul3row = $result3->FetchRow()) {
                    if (!isset($usercontrolSameGroupPolicy) || $usercontrolSameGroupPolicy == false || in_array($resul3row['ugid'], $authorizedGroupsList)) {
                        $group_ids[] = $resul3row['ugid'];
                    }