function checkAccess() { global $db, $survey; switch ($survey->getAccessType()) { case LOGIN_ANONYMOUS: return true; break; case LOGIN_DIRECT: return true; break; case LOGIN_LOGINCODE: $logincode = loadvarSurvey('primkey'); $result = $db->selectQuery('select count(*), primkey from ' . Config::dbSurvey() . '_respondents where aes_decrypt(logincode, \'' . Config::loginCodeKey() . '\') = \'' . prepareDatabaseString($logincode) . '\''); //echo 'select count(*), primkey from ' . Config::dbSurvey() . '_respondents where aes_decrypt(logincode, "' . Config::loginCodeKey() . '") = "' . prepareDatabaseString($logincode) . '"'; $row = $db->getRow($result); if ($row[0] == 1) { $_SESSION['PRIMKEY'] = $row['primkey']; return true; } else { $logactions = new LogActions(); $logactions->addAction('', '', "loginwrong", USCIC_SURVEY); } break; } return false; }
function surveyEntry() { global $engine; if ($this->checkDateTime() == false) { /* get whatever the language is (either post or default) and use it */ $l = getSurveyLanguage(); if (file_exists("language/language" . getSurveyLanguagePostFix($l) . ".php")) { require_once 'language' . getSurveyLanguagePostFix($l) . '.php'; // language } else { require_once 'language_en.php'; // fall back on english language file } $login = new Login(session_id()); return $login->getClosedScreen(); } $logactions = new LogActions(); $nosessionactions = $logactions->getNumberOfSurveyActionsBySession($this->phpid, USCIC_SURVEY); /* no entry yet, then ask for prim_key in login screen */ if ($nosessionactions == 0 || loadvarSurvey(POST_PARAM_NEW_PRIMKEY) == '1') { //no entry yet: ask for prim_key! if (loadvarSurvey(POST_PARAM_NEW_PRIMKEY) == '1') { $logactions->deleteLoggedInSurveySession($this->phpid); } /* get whatever the language is (either post or default) and use it */ $l = getSurveyLanguage(); if (file_exists("language/language" . getSurveyLanguagePostFix($l) . ".php")) { require_once 'language' . getSurveyLanguagePostFix($l) . '.php'; // language } else { require_once 'language_en.php'; // fall back on english language file } $logactions->addAction('', '', "loginstart", USCIC_SURVEY, 1); $login = new Login($this->phpid); return $login->getLoginScreen(); } else { //entry: is this person logged in? $loggedin = $logactions->getLoggedInSurveySession($this->phpid); // gets the last logged in action /* no prim_key assigned to this sessionid. Assign if given (and check for pwd etc??)! */ if ($loggedin["count"] == 0) { /* we don't have active session, so take the template we can get */ global $survey; require_once "display/templates/displayquestion_" . getSurveyTemplate() . ".php"; // we don't have an active session, so fall back to whatever was passed along as language in post OR is the default language $l = getSurveyLanguage(); if (file_exists("language/language" . getSurveyLanguagePostFix($l) . ".php")) { //echo 'well done'; require_once 'language' . getSurveyLanguagePostFix($l) . '.php'; // language } else { require_once 'language_en.php'; // fall back on english language file } $primkey = loadvarSurvey(POST_PARAM_PRIMKEY); $_SESSION['PRIMKEY'] = $primkey; if ($primkey != '' && strlen($primkey) < 20) { // make sure primkey is not encrypted! //check!!!!!! $login = new Login($this->phpid); if ($login->checkAccess()) { $primkey = $_SESSION['PRIMKEY']; $logactions->addAction($primkey, '', "loggedin", USCIC_SURVEY, 1); // pass along primkey to load correct engine! $engine = loadEngine(getSurvey(), $primkey, $this->phpid, getSurveyVersion(), getSurveySection(getSurvey(), $primkey)); $engine->setFirstForm(true); return $engine->getNextQuestion(); } else { // incorrect login..start new session endSession(); session_start(); session_regenerate_id(true); $logactions->addAction('', '', "loginempty", USCIC_SURVEY, 1); $login = new Login(session_id()); global $survey; return $login->getLoginScreen($survey->getLoginError()); } } else { $logactions->addAction('', '', "loginempty", USCIC_SURVEY, 1); $login = new Login($this->phpid); global $survey; if ($survey->getAccessType() == LOGIN_ANONYMOUS) { return $login->getLoginScreen(Language::messageEnterPrimKey()); } else { if ($survey->getAccessType() == LOGIN_LOGINCODE) { return $login->getLoginScreen($survey->getLoginError()); } else { return $login->getLoginScreen(Language::messageEnterPrimKeyDirectAccess()); } } } } else { //continue interview! EXTRA CHECK!!! /* update survey info with what we know from the last session action */ setSurvey($loggedin["suid"]); /* include survey template now that we know which survey we are in */ global $survey; require_once "display/templates/displayquestion_" . getSurveyTemplate() . ".php"; /* update interview mode with what we know from the last session action * IF we are not changing the interview mode right now */ if (isset($_POST['navigation']) && $_POST['navigation'] != NAVIGATION_MODE_CHANGE && $survey->getReentryMode() == MODE_REENTRY_YES) { setSurveyMode($loggedin["mode"]); } /* update language with what we know from the last session action * IF we are not changing the language right now */ if (isset($_POST['navigation']) && $_POST['navigation'] != NAVIGATION_LANGUAGE_CHANGE && $survey->getReentryLanguage(getSurveyMode()) == LANGUAGE_REENTRY_YES) { setSurveyLanguage($loggedin["language"]); } /* update version with what we know from the last session action */ setSurveyVersion($loggedin["version"]); // include language file $l = getSurveyLanguage(); //echo 'NOW: ' . $l; if (file_exists("language/language" . getSurveyLanguagePostFix($l) . ".php")) { //echo 'well done'; require_once 'language' . getSurveyLanguagePostFix($l) . '.php'; // language } else { require_once 'language_en.php'; // fall back on english language file } // pass along primkey to load correct engine! $engine = loadEngine(getSurvey(), $loggedin["primkey"], $this->phpid, getSurveyVersion(), getSurveySection(getSurvey(), $loggedin["primkey"])); /* handle button click */ return $engine->getNextQuestion(); } } }