Database::insert($table_survey_invitation, $params);
}
// From here we use the new invitationcode auto-userid-surveycode string
$_GET['invitationcode'] = $autoInvitationcode;
$invitationcode = $autoInvitationcode;
}
}
// Now we check if the invitation code is valid
$sql = "SELECT * FROM {$table_survey_invitation}\n WHERE\n c_id = {$course_id} AND\n invitation_code = '" . Database::escape_string($invitationcode) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) < 1) {
api_not_allowed(true, get_lang('WrongInvitationCode'));
}
$survey_invitation = Database::fetch_array($result, 'ASSOC');
// Now we check if the user already filled the survey
if (!isset($_POST['finish_survey']) && ($isAnonymous && isset($_SESSION['surveyuser']) && SurveyUtil::isSurveyAnsweredFlagged($survey_invitation['survey_code'], $survey_invitation['c_id'])) || $survey_invitation['answered'] == 1 && !isset($_GET['user_id'])) {
api_not_allowed(true, get_lang('YouAlreadyFilledThisSurvey'));
}
// Checking if there is another survey with this code.
// If this is the case there will be a language choice
$sql = "SELECT * FROM {$table_survey}\n WHERE\n c_id = {$course_id} AND\n code='" . Database::escape_string($survey_invitation['survey_code']) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) > 1) {
if ($_POST['language']) {
$survey_invitation['survey_id'] = $_POST['language'];
} else {
// Header
Display::display_header(get_lang('ToolSurvey'));
echo '<form id="language" name="language" method="POST" action="' . api_get_self() . '?course=' . Security::remove_XSS($_GET['course']) . '&invitationcode=' . Security::remove_XSS($_GET['invitationcode']) . '&cidReq=' . Security::remove_XSS($_GET['cidReq']) . '">';
echo '<select name="language">';
while ($row = Database::fetch_array($result, 'ASSOC')) {
