function checkAccess() { global $db, $survey; switch ($survey->getAccessType()) { case LOGIN_ANONYMOUS: return true; break; case LOGIN_DIRECT: return true; break; case LOGIN_LOGINCODE: $logincode = loadvarSurvey('primkey'); $result = $db->selectQuery('select count(*), primkey from ' . Config::dbSurvey() . '_respondents where aes_decrypt(logincode, \'' . Config::loginCodeKey() . '\') = \'' . prepareDatabaseString($logincode) . '\''); //echo 'select count(*), primkey from ' . Config::dbSurvey() . '_respondents where aes_decrypt(logincode, "' . Config::loginCodeKey() . '") = "' . prepareDatabaseString($logincode) . '"'; $row = $db->getRow($result); if ($row[0] == 1) { $_SESSION['PRIMKEY'] = $row['primkey']; return true; } else { $logactions = new LogActions(); $logactions->addAction('', '', "loginwrong", USCIC_SURVEY); } break; } return false; }
function checkProxyCode($startcode, $permissioncode) { global $db; $query = 'select count(*) as cnt from ' . Config::dbSurvey() . '_proxypermission where startcode=\'' . prepareDatabaseString($startcode) . '\' and permissioncode = \'' . prepareDatabaseString($permissioncode) . '\''; //echo '<br/><br/><br/>' . $query; $result = $db->selectQuery($query); $row = $db->getRow($result); return $row['cnt'] > 0; }
function GPS($village, $dwellingid) { global $db; $query = 'select *,'; $query .= 'aes_decrypt(latitude, "' . Config::smsPersonalInfoKey() . '") as latitude, '; $query .= 'aes_decrypt(longitude, "' . Config::smsPersonalInfoKey() . '") as longitude '; $query .= ' from ' . Config::dbSurvey() . '_gps where dwellingid = "' . prepareDatabaseString($dwellingid) . '" and code = "' . prepareDatabaseString($village) . '"'; //echo '<br/><br/><br/>' . $query; $result = $db->selectQuery($query); $this->gps = $db->getRow($result); }
function Psu($rowOrPuid) { global $db; if (is_array($rowOrPuid)) { $this->psu = $rowOrPuid; } else { $query = 'select * from ' . Config::dbSurvey() . '_psus where puid = ' . prepareDatabaseString($rowOrPuid); $result = $db->selectQuery($query); $this->psu = $db->getRow($result); } }
function Version($rowOrVnid = "") { if (is_array($rowOrVnid)) { $this->version = $rowOrVnid; } else { if ($rowOrVnid != "") { global $db; $result = $db->selectQuery('select * from ' . Config::dbSurvey() . '_versions where suid=' . prepareDatabaseString(getSurvey()) . ' and vnid = ' . prepareDatabaseString($rowOrVnid)); $this->version = $db->getRow($result); } } }
function addRemark($primkey, $remark, $urid) { global $db; $query = 'replace into ' . Config::dbSurvey() . '_remarks (primkey, remark, urid, ts) values (\'' . prepareDatabaseString($primkey) . '\', aes_encrypt(\'' . prepareDatabaseString($remark) . '\',\'' . Config::smsRemarkKey() . '\'), ' . $urid . ', \'' . date('Y-m-d H:i:s') . '\')'; // echo '<br/><br/><br/>' . $query; $db->executeQuery($query); if (isset($this->remarksArray[$primkey])) { unset($this->remarksArray[primkey]); //remove from array so getremarks re-reads it. } return $query; }
function getFiles($labbarcode) { global $db; $files = array(); $query = 'select id, urid, name, size from ' . Config::dbSurveyData() . '_files where labbarcode="' . prepareDatabaseString($labbarcode) . '"'; $result = $db->selectQuery($query); if ($result != null && $db->getNumberOfRows($result) > 0) { while ($row = $db->getRow($result)) { $files[] = array(id => $row['id'], urid => $row['urid'], name => $row['name'], size => $row['size']); } } return $files; }
function getEntry($trid) { global $db; $query = "select * from " . Config::dbSurvey() . "_tracks where trid=" . prepareDatabaseString($trid); $res = $db->selectQuery($query); $arr = array(); if ($res) { if ($db->getNumberOfRows($res) > 0) { $arr = $db->getRow($res); } } return $arr; }
function getUsersBySupervisor($urid) { global $db; if (isset($this->userArray[$_SESSION['URID']])) { $users = $this->userArray[$_SESSION['URID']]; } else { $users = array(); $result = $db->selectQuery('SELECT ' . $this->getSelectQuery() . ' FROM ' . Config::dbSurvey() . '_users where sup = ' . prepareDatabaseString($urid)); while ($row = $db->getRow($result)) { $users[] = new User($row); } $this->userArray[$_SESSION['URID']] = $users; } return $users; }
function User($uridorrow, $createnew = false) { global $db; if ($uridorrow == '' && $createnew == true) { //create new user $result = $db->selectQuery('select max(urid) as maxurid from ' . Config::dbSurvey() . '_users'); $row = $db->getRow($result); $uridorrow = $row['maxurid'] + 1; $result = $db->selectQuery('insert into ' . Config::dbSurvey() . '_users (urid) values (' . prepareDatabaseString($uridorrow) . ')'); } if (is_array($uridorrow)) { $this->user = $uridorrow; } else { $result = $db->selectQuery('select ' . Users::getSelectQuery() . ' from ' . Config::dbSurvey() . '_users where urid = ' . prepareDatabaseString($uridorrow)); $this->user = $db->getRow($result); } $this->contacts = new Contacts(); }
function storeUpload($updateSql, $urid) { global $db; if ($updateSql != '') { $query = 'insert into ' . Config::dbSurvey() . '_communication '; $query .= ' (urid, insertts, sqlcode, direction) values ('; $query .= prepareDatabaseString($urid) . ', '; $query .= '"' . prepareDatabaseString(date('Y-m-d H:i:s')) . '", '; $query .= '"' . addslashes($updateSql) . '", '; // $query .= 'COMPRESS(AES_ENCRYPT("' . addslashes($updateSql) . '", "basbas")), '; $query .= '2)'; $db->executeQuery($query); // echo '<br/><br/><br/>' . $query; } }
private function storeAnswer($primkey, $variable, $answer, $striptags = true) { global $engine; $localdb = null; if (Config::useTransactions() == true) { global $transdb; $localdb = $transdb; } else { global $db; $localdb = $db; } $dirty = $this->getDirty(); $prim = $primkey; $var = $variable; //$engine->prefixVariableName($variable); $ans = $answer; if ($ans == "" && $ans !== 0) { // preserve '0' as answer $ans = null; } $version = getSurveyVersion(); $language = getSurveyLanguage(); $mode = getSurveyMode(); $suid = getSurvey(); // set session language/mode here if changed through routing! if ($ans != null) { if (strtoupper($variable) == strtoupper(VARIABLE_LANGUAGE)) { $_SESSION['PARAMS'][SESSION_PARAM_LANGUAGE] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_MODE)) { $_SESSION['PARAMS'][SESSION_PARAM_MODE] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_VERSION)) { $_SESSION['PARAMS'][SESSION_PARAM_VERSION] = $ans; } else { if (strtoupper($variable) == strtoupper(VARIABLE_TEMPLATE)) { $_SESSION['PARAMS'][SESSION_PARAM_TEMPLATE] = $ans; } } } } } /* set attributes for data record processing in export */ $this->suid = $suid; $this->primkey = $prim; $this->language = $language; $this->mode = $mode; $this->version = $version; $this->ts = date("Y-m-d h:i:s", time()); if (Config::prepareDataQueries() == false) { global $survey; $key = $survey->getDataEncryptionKey(); if ($ans == null && $ans !== 0) { $answer = 'null'; } else { $answer = '"' . prepareDatabaseString($ans, $striptags) . '"'; if ($key != "") { $answer = "aes_encrypt('" . prepareDatabaseString($ans, $striptags) . "', '" . $key . "')"; } } $queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode'; $queryvalues = prepareDatabaseString($suid); $queryvalues .= ",'" . prepareDatabaseString($prim) . "'"; $queryvalues .= ",'" . prepareDatabaseString($var) . "'"; $queryvalues .= "," . $answer; $queryvalues .= "," . prepareDatabaseString($dirty); $queryvalues .= "," . prepareDatabaseString($version); $queryvalues .= "," . prepareDatabaseString($language); $queryvalues .= "," . prepareDatabaseString($mode); $query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')'; //echo $query; if ($localdb->executeQuery($query)) { $this->variable["answer"] = $ans; // hook for extra storage if (function_exists("storeAnswerExtra")) { storeAnswerExtra($query); } return true; } return false; } else { $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, $suid); $bp->add(MYSQL_BINDING_STRING, $prim); $bp->add(MYSQL_BINDING_STRING, $var); $bp->add(MYSQL_BINDING_STRING, $ans); $bp->add(MYSQL_BINDING_INTEGER, $dirty); $bp->add(MYSQL_BINDING_INTEGER, $version); $bp->add(MYSQL_BINDING_INTEGER, $language); $bp->add(MYSQL_BINDING_INTEGER, $mode); global $survey; $key = $survey->getDataEncryptionKey(); $answer = "?"; if ($key != "") { $answer = "aes_encrypt(?, '" . $key . "')"; } $queryparams = 'suid, primkey, variablename, answer, dirty, version, language, mode'; $queryvalues = '?,?,?,' . $answer . ',?,?,?,?'; $query = 'REPLACE INTO ' . Config::dbSurveyData() . '_data (' . $queryparams . ') VALUES (' . $queryvalues . ')'; if ($localdb->executeBoundQuery($query, $bp->get())) { $this->variable["answer"] = $ans; // hook for extra storage if (function_exists("storeAnswerExtra")) { storeAnswerExtra($queryparams, $queryvalues, $bp); } return true; } return false; } }
function save() { global $db; if (!isset($this->variabledescriptive['vsid'])) { $query = "select max(vsid) as max from " . Config::dbSurvey() . "_variables"; $r = $db->selectQuery($query); $row = $db->getRow($r); $vsid = $row["max"] + 1; $this->setObjectName($vsid); $this->setVsid($vsid); /* set position */ $query = "select max(position) as max from " . Config::dbSurvey() . "_variables where suid=" . $this->getSuid() . " and seid=" . $this->getSeid(); $r = $db->selectQuery($query); $row = $db->getRow($r); $pos = $row["max"] + 1; $this->setPosition($pos); } $query = "replace into " . Config::dbSurvey() . "_variables (suid, vsid, seid, variablename, position, tyd) values("; $query .= prepareDatabaseString($this->getSuid()) . ","; $query .= prepareDatabaseString($this->getVsid()) . ","; $query .= prepareDatabaseString($this->getSeid()) . ","; $query .= "'" . prepareDatabaseString($this->getName()) . "',"; $order = $this->getPosition(); if ($order == "") { $order = 1; } $query .= prepareDatabaseString($order) . ","; $tyd = $this->getTyd(); if ($tyd == "") { $tyd = -1; } $query .= prepareDatabaseString($tyd) . ""; $query .= ")"; $db->executeQuery($query); /* save settings */ $settings = $this->getSettingsArray(); foreach ($settings as $key => $setting) { $setting->setObject($this->getVsid()); $setting->setSuid($this->getSuid()); $setting->save(); } }
function saveChanges() { global $db; $query = 'UPDATE ' . Config::dbSurveyData() . '_lab SET '; $query .= 'barcode = aes_encrypt("' . prepareDatabaseString($this->getBarcode()) . '", "' . Config::labKey() . '"), '; $query .= 'labbarcode = aes_encrypt("' . prepareDatabaseString($this->getLabBarcode()) . '", "' . Config::labKey() . '"), '; $query .= 'consent1 = "' . prepareDatabaseString($this->getConsent1()) . '",'; $query .= 'consent2 = "' . prepareDatabaseString($this->getConsent2()) . '", '; $query .= 'consent3 = "' . prepareDatabaseString($this->getConsent3()) . '", '; $query .= 'consent4 = "' . prepareDatabaseString($this->getConsent4()) . '", '; $query .= 'consent5 = "' . prepareDatabaseString($this->getConsent5()) . '", '; $query .= 'refusal = "' . prepareDatabaseString($this->getRefusal()) . '", '; $query .= 'refusalreason = "' . prepareDatabaseString($this->getRefusalReason()) . '", '; $query .= 'refusaldate = "' . prepareDatabaseString($this->getRefusalDate()) . '", '; $query .= 'cd4res = "' . prepareDatabaseString($this->getCD4res()) . '", '; $query .= 'cd4date = "' . prepareDatabaseString($this->getCD4date()) . '", '; $query .= 'survey = "' . prepareDatabaseString($this->getSurvey()) . '", '; $query .= 'measures = "' . prepareDatabaseString($this->getMeasures()) . '", '; $query .= 'vision = "' . prepareDatabaseString($this->getVision()) . '", '; $query .= 'anthropometrics = "' . prepareDatabaseString($this->getAnthropometrics()) . '", '; $query .= 'requestform = "' . prepareDatabaseString($this->getRequestForm()) . '", '; $query .= 'urid = "' . prepareDatabaseString($this->getUrid()) . '", '; $query .= 'labvisitts = "' . prepareDatabaseString($this->getLabVisitTs()) . '", '; $query .= 'fielddbsshipmentdate = "' . prepareDatabaseString($this->getFieldDBSShipmentDate()) . '", '; $query .= 'fielddbsreceiveddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDate()) . '", '; $query .= 'fielddbscollecteddate = "' . prepareDatabaseString($this->getFieldDBSCollectedDate()) . '", '; $query .= 'fielddbsshipmentreturneddate = "' . prepareDatabaseString($this->getFieldDBSReceivedDateFromLab()) . '", '; $query .= 'fielddbsclinicresultsissueddate = "' . prepareDatabaseString($this->getFieldDBSClinicResultsIssued()) . '", '; $query .= 'fielddbsstatus = "' . prepareDatabaseString($this->getFieldDBSStatus()) . '", '; $query .= 'labdbslocation = "' . prepareDatabaseString($this->getLabDBSLocation()) . '", '; $query .= 'labdbsposition = "' . prepareDatabaseString($this->getLabDBSPosition()) . '", '; $query .= 'labbloodstatus = "' . prepareDatabaseString($this->getLabBloodStatus()) . '", '; $query .= 'labbloodshipmentdate = "' . prepareDatabaseString($this->getLabBloodShipmentDate()) . '", '; $query .= 'labbloodshipmentreturneddate = "' . prepareDatabaseString($this->getLabBloodReceivedDateFromLab()) . '", '; $query .= 'labbloodlocation = "' . prepareDatabaseString($this->getLabBloodLocation()) . '", '; $query .= 'labbloodposition = "' . prepareDatabaseString($this->getLabBloodPosition()) . '", '; $query .= 'labbloodsenttolab = "' . prepareDatabaseString($this->getLabBloodSentToLab()) . '", '; $query .= 'labbloodnotcollected = "' . prepareDatabaseString($this->getLabBloodNotCollected()) . '", '; $query .= 'consenturid = "' . prepareDatabaseString($this->getConsentUrid()) . '", '; $query .= 'consentts = "' . prepareDatabaseString($this->getConsentTs()) . '" '; $query .= 'WHERE primkey = "' . prepareDatabaseString($this->getPrimkey()) . '"'; //echo '<br/><br/><br/>' . $query; $db->executeQuery($query); }
function save() { global $db; if (!isset($this->survey['suid'])) { $query = "select max(suid) as max from " . Config::dbSurvey() . "_surveys"; $r = $db->selectQuery($query); $row = $db->getRow($r); $suid = $row["max"] + 1; $this->setSuid($suid); } if (!isset($this->survey['position'])) { /* set position */ $query = "select max(position) as max from " . Config::dbSurvey() . "_surveys"; $r = $db->selectQuery($query); $row = $db->getRow($r); $pos = $row["max"] + 1; $this->setPosition($pos); } $query = "replace into " . Config::dbSurvey() . "_surveys (suid, name, description, position) values("; $query .= prepareDatabaseString($this->getSuid()) . ","; $query .= "'" . prepareDatabaseString($this->getName()) . "',"; $query .= "'" . prepareDatabaseString($this->getDescription()) . "',"; $query .= "'" . prepareDatabaseString($this->getPosition()) . "'"; $query .= ")"; $db->executeQuery($query); /* save settings */ $settings = $this->getSettingsArray(); foreach ($settings as $key => $setting) { $setting->setObjectName($this->getSuid()); $setting->setSuid($this->getSuid()); $setting->save(); } }
function showSearchSysadmin($searchparameters) { $returnStr = '<a id="closelink" class="close pull-right">×</a>'; $returnStr .= "<script type='text/javascript'>\n \$ ('#closelink').click(function(event) {\n \$.sidr('close', 'optionssidebar');\n \$.get('" . setSessionParams(array("page" => "sysadmin.search.hide")) . "&updatesessionpage=2" . "',{},function(response){});\n });\n "; $returnStr .= "</script>"; if (trim($searchparameters) == "") { $returnStr .= $this->displayWarning(Language::messageSearchNoTerm()); } else { global $db, $survey; $query = "select * from " . Config::dbSurvey() . "_settings where suid=" . $_SESSION['SUID'] . " and CONVERT(value using utf8) COLLATE utf8_general_ci like '%" . prepareDatabaseString($searchparameters) . "%' group by objecttype,object order by objecttype, object"; $res = $db->selectQuery($query); $query1 = "select * from " . Config::dbSurvey() . "_routing where suid=" . $_SESSION['SUID'] . " and CONVERT(rule using utf8) COLLATE utf8_general_ci like '%" . prepareDatabaseString($searchparameters) . "%' order by seid asc, rgid asc"; $res1 = $db->selectQuery($query1); if ($res || $res1) { if ($db->getNumberOfRows($res) == 0 && $db->getNumberOfRows($res1) == 0) { $returnStr .= $this->displayWarning(Language::labelNoSearched($searchparameters)); } else { /* * */ $returnStr .= $this->displayCookieScripts(); $returnStr .= "<script type='text/javascript'>\n \$(document).ready(function(){\n \$('#search a').bind('click',function(event){\n event.preventDefault();\n var url=this.href + \"&" . POST_PARAM_AJAX_LOAD . "=" . AJAX_LOAD . "\";\n \$.get(url,{},function(response){ \n \$('#content').html(\$(response).children().first())\n })\t\n })\n });\n "; $returnStr .= "</script>"; $_SESSION['SEARCH'] = SEARCH_OPEN_YES; $_SESSION['SEARCHTERM'] = $searchparameters; $returnStr .= $this->displaySuccess(Language::labelSearched($searchparameters)); $var_results = array(); $type_results = array(); $survey_results = array(); $group_results = array(); $section_results = array(); // TODO: HOW TO GROUP HERE: VARIABLE YES, SURVEY NO, SHOW NUMBER OF PLACES FOUND IN CASE OF MULTIPLE LOCATIONS? OR SHOW ALL ENTRIES? if ($db->getNumberOfRows($res) > 0) { while ($row = $db->getRow($res)) { /* process */ switch ($row["objecttype"]) { case OBJECT_VARIABLEDESCRIPTIVE: $variable = $survey->getVariableDescriptive($row["object"]); $tagclass = ""; //'class="btn btn-default"'; if (isset($_COOKIE['uscicvariablecookie'])) { $cookievalue = $_COOKIE['uscicvariablecookie']; if (inArray($variable->getSuid() . "~" . $variable->getVsid(), explode("-", $cookievalue))) { $tagclass = 'class="uscic-cookie-tag-active"'; } } $var_results[$row["name"] . $row["object"] . $row["objecttype"]] = "<tr>\n <td><a " . $tagclass . ' onclick="var res = updateCookie(\'uscicvariablecookie\',\'' . $variable->getSuid() . "~" . $variable->getVsid() . '\'); if (res == 1) { $(this).addClass(\'uscic-cookie-tag-active\'); } else { $(this).removeClass(\'uscic-cookie-tag-active\'); } return false;" title="' . Language::linkTagTooltip() . '" href="" role="button"><span class="glyphicon glyphicon-tag"></span></a></td>' . "<td><a class='searchlink' href='" . setSessionParams(array("page" => "sysadmin.survey.editvariable", "suid" => $_SESSION['SUID'], "vsid" => $row["object"])) . "'>" . $variable->getName() . "</a></td> \n </tr>"; break; case OBJECT_TYPE: $type = $survey->getType($row["object"]); $tagclass = ""; //'class="btn btn-default"'; if (isset($_COOKIE['uscictypeecookie'])) { $cookievalue = $_COOKIE['uscictypecookie']; if (inArray($type->getSuid() . "~" . $type->getTyd(), explode("-", $cookievalue))) { $tagclass = 'class="uscic-cookie-tag-active"'; } } $type_results[] = "<tr>\n <td><a " . $tagclass . ' onclick="var res = updateCookie(\'uscictypecookie\',\'' . $type->getSuid() . "~" . $type->getTyd() . '\'); if (res == 1) { $(this).addClass(\'uscic-cookie-tag-active\'); } else { $(this).removeClass(\'uscic-cookie-tag-active\'); } return false;" title="' . Language::linkTagTooltip() . '" href="" role="button"><span class="glyphicon glyphicon-tag"></span></a></td>' . "<td><a class='searchlink' href='" . setSessionParams(array("page" => "sysadmin.survey.edittype", "suid" => $_SESSION['SUID'], "tyd" => $row["object"])) . "'>" . $type->getName() . "</a></td>\n\n </tr>"; break; case OBJECT_SECTION: $section = $survey->getSection($row["object"]); $tagclass = ""; //'class="btn btn-default"'; if (isset($_COOKIE['uscicsectioncookie'])) { $cookievalue = $_COOKIE['uscicsectioncookie']; if (inArray($section->getSuid() . "~" . $section->getSeid(), explode("-", $cookievalue))) { $tagclass = 'class="uscic-cookie-tag-active"'; } } $section_results[] = "<tr>\n <td><a " . $tagclass . ' onclick="var res = updateCookie(\'uscicsectioncookie\',\'' . $section->getSuid() . "~" . $section->getSeid() . '\'); if (res == 1) { $(this).addClass(\'uscic-cookie-tag-active\'); } else { $(this).removeClass(\'uscic-cookie-tag-active\'); } return false;" title="' . Language::linkTagTooltip() . '" href="" role="button"><span class="glyphicon glyphicon-tag"></span></a></td>' . "<td><a class='searchlink' href='" . setSessionParams(array("page" => "sysadmin.survey.editsection", "suid" => $_SESSION['SUID'], "seid" => $row["object"])) . "'>" . $section->getName() . "</a></td>\n\n </tr>"; break; case OBJECT_GROUP: $group = $survey->getGroup($row["object"]); $tagclass = ""; //'class="btn btn-default"'; if (isset($_COOKIE['uscicgroupcookie'])) { $cookievalue = $_COOKIE['uscicgroupcookie']; if (inArray($group->getSuid() . "~" . $group->getGid(), explode("-", $cookievalue))) { $tagclass = 'class="uscic-cookie-tag-active"'; } } $group_results[] = "<tr>\n <td><a " . $tagclass . ' onclick="var res = updateCookie(\'uscicgroupcookie\',\'' . $group->getSuid() . "~" . $group->getGid() . '\'); if (res == 1) { $(this).addClass(\'uscic-cookie-tag-active\'); } else { $(this).removeClass(\'uscic-cookie-tag-active\'); } return false;" title="' . Language::linkTagTooltip() . '" href="" role="button"><span class="glyphicon glyphicon-tag"></span></a></td>' . "<td><a class='searchlink' href='" . setSessionParams(array("page" => "sysadmin.survey.editgroup", "suid" => $_SESSION['SUID'], "gid" => $row["object"])) . "'>" . $group->getName() . "</a></td>\n\n </tr>"; break; case OBJECT_SURVEY: $survey_results[] = "<tr>\n <td>" . $survey->getName() . "</td> \n </tr>"; break; } } } $var_header .= '<div id="collapseVariables" class="panel-collapse collapse"> <div class="panel-body">'; if (sizeof($var_results) > 0) { $var_header .= '<table class="table table-striped table-bordered"> <thead> <th></th><th align=middle>' . Language::labelSearchName() . '</th>' . '</thead> <tbody data-link="row" class="rowlink">'; $var_footer .= "</tbody></table></div></div>"; } else { $var_footer .= "</div></div>"; } $type_header .= '<div id="collapseTypes" class="panel-collapse collapse"> <div class="panel-body">'; if (sizeof($type_results) > 0) { $type_header .= '<table class="table table-striped table-bordered"> <thead> <th align=middle>' . Language::labelSearchName() . '</th>' . '</thead> <tbody data-link="row" class="rowlink">'; $type_footer .= "</tbody></table></div></div>"; } else { $type_footer .= "</div></div>"; } $survey_header .= '<div id="collapseSurvey" class="panel-collapse collapse"> <div class="panel-body">'; if (sizeof($survey_results) > 0) { $survey_header .= '<table class="table table-striped table-bordered"> <thead> <th align=middle>' . Language::labelSearchName() . '</th>' . '</thead> <tbody data-link="row" class="rowlink">'; $survey_footer .= "</tbody></table></div></div>"; } else { $survey_footer .= "</div></div>"; } $group_header .= '<div id="collapseGroups" class="panel-collapse collapse"> <div class="panel-body">'; if (sizeof($group_results) > 0) { $group_header .= '<table class="table table-striped table-bordered"> <thead> <th align=middle>' . Language::labelSearchName() . '</th>' . '</thead> <tbody data-link="row" class="rowlink">'; $group_footer .= "</tbody></table></div></div>"; } else { $group_footer .= "</div></div>"; } $section_header .= '<div id="collapseSections" class="panel-collapse collapse"> <div class="panel-body">'; if (sizeof($section_results) > 0) { $section_header .= '<table class="table table-striped table-bordered"> <thead> <th align=middle>' . Language::labelSearchName() . '</th>' . '</thead> <tbody data-link="row" class="rowlink">'; $section_footer .= "</tbody></table></div></div>"; } else { $section_footer .= "</div></div>"; } /* search in routing */ $routing_results = array(); $routing_header .= '<div id="collapseRouting" class="panel-collapse collapse"> <div class="panel-body">'; if ($db->getNumberOfRows($res1) > 0) { while ($row = $db->getRow($res1)) { $section = $survey->getSection($row["seid"]); $routing_results[] = "<tr>\n <td><a class='searchlink' href='" . setSessionParams(array("page" => "sysadmin.survey.section", "suid" => $_SESSION['SUID'], "seid" => $row["seid"], "routingline" => $row["rgid"])) . "'>" . $section->getName() . " at " . Language::labelSearchLine() . " " . $row["rgid"] . "</a></td>\n </tr>"; } } if (sizeof($routing_results) > 0) { $routing_header .= '<table class="table table-striped table-bordered"> <thead> <th align=middle>' . Language::labelSearchSection() . ' at ' . Language::labelSearchLine() . '</th> </thead> <tbody data-link="row" class="rowlink">'; $routing_footer .= "</tbody></table></div></div>"; } else { $routing_footer .= "</div></div>"; } if (sizeof($var_results) > 0) { $varstring = $var_header . implode("", $var_results) . $var_footer; } else { $varstring = $var_header . $this->displayWarning(Language::messageSearchNoResults()) . $var_footer; } if (sizeof($type_results) > 0) { $typestring = $type_header . implode("", $type_results) . $type_footer; } else { $typestring = $type_header . $this->displayWarning(Language::messageSearchNoResults()) . $type_footer; } if (sizeof($group_results) > 0) { $groupstring = $group_header . implode("", $group_results) . $group_footer; } else { $groupstring = $group_header . $this->displayWarning(Language::messageSearchNoResults()) . $group_footer; } if (sizeof($section_results) > 0) { $sectionstring = $section_header . implode("", $section_results) . $section_footer; } else { $sectionstring = $section_header . $this->displayWarning(Language::messageSearchNoResults()) . $section_footer; } if (sizeof($survey_results) > 0) { $surveystring = $survey_header . implode("", $survey_results) . $survey_footer; } else { $surveystring = $survey_header . $this->displayWarning(Language::messageSearchNoResults()) . $survey_footer; } if (sizeof($routing_results) > 0) { $routingstring = $routing_header . implode("", $routing_results) . $routing_footer; } else { $routingstring = $routing_header . $this->displayWarning(Language::messageSearchNoResults()) . $routing_footer; } $returnStr .= '<div id="search"> <div class="panel-group" id="accordion"> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseVariables"> ' . Language::labelSearchVariables() . '(' . sizeof($var_results) . ') </a> </h4> </div> ' . $varstring . '</div> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseSurvey"> ' . Language::labelSearchSurvey() . '(' . sizeof($survey_results) . ') </a> </h4> </div> ' . $surveystring . '</div> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseRouting"> ' . Language::labelSearchRouting() . '(' . sizeof($routing_results) . ') </a> </h4> </div> ' . $routingstring . '</div> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseTypes"> ' . Language::labelSearchTypes() . '(' . sizeof($type_results) . ') </a> </h4> </div> ' . $typestring . '</div> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseGroups"> ' . Language::labelSearchGroups() . '(' . sizeof($group_results) . ') </a> </h4> </div> ' . $groupstring . '</div> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"> <a data-toggle="collapse" data-target="#collapseSections"> ' . Language::labelSearchSections() . '(' . sizeof($section_results) . ') </a> </h4> </div> ' . $sectionstring . '</div>'; /* accordion end div */ $returnStr .= '</div>'; /* end search div */ $returnStr .= "</div>"; } } else { $returnStr .= $this->displayWarning(Language::messageSearchNoResults()); } } return $returnStr; }
function save() { global $db; if (!isset($this->group['gid'])) { $query = "select max(gid) as max from " . Config::dbSurvey() . "_groups"; $r = $db->selectQuery($query); $row = $db->getRow($r); $gid = $row["max"] + 1; $this->setObjectName($gid); $this->setGid($gid); } $query = "replace into " . Config::dbSurvey() . "_groups (suid, gid, name) values("; $query .= prepareDatabaseString($this->getSuid()) . ","; $query .= prepareDatabaseString($this->getGid()) . ","; $query .= "'" . prepareDatabaseString($this->getName()) . "'"; $query .= ")"; //echo $query; $db->executeQuery($query); /* save settings */ $settings = $this->getSettingsArray(); foreach ($settings as $key => $setting) { $setting->setObject($this->getGid()); $setting->setSuid($this->getSuid()); $setting->save(); } }
function getNumberOfScreenDumps($suid, $id) { global $db; $query = "select screen from " . Config::dbSurveyData() . "_screendumps where suid=" . prepareDatabaseString($suid) . " and primkey='" . prepareDatabaseString($id) . "'"; $res = $db->selectQuery($query); $arr = array(); //echo $query; if ($res) { return $db->getNumberOfRows($res); } return 0; }
function getVersion() { return $this->version; } function setVersion($l)
function showSendReceiveUploadData() { $displayNurse = new DisplayNurse(); $communication = new Communication(); if ($this->user->getLastData() != '' && $this->user->getLastData() != '0000-00-00 00:00:00') { $tables = array('data', 'datarecords', 'states', 'times', 'remarks', 'contacts', 'observations'); } else { $tables = array('data', 'datarecords', 'times', 'remarks', 'contacts', 'observations'); } $data = $communication->exportTables($tables, $this->user->getLastData(), 'primkey not like "999%"'); //no test data // $data = $communication->exportTables(array('data'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data // $data = $communication->exportTables(array('remarks'), $this->user->getLastData(), 'primkey not like "999%"'); //no test data //update lab! $respondents = new Respondents(); $respondents = $respondents->getRespondentsByUrid($_SESSION['URID']); foreach ($respondents as $respondent) { $data = 'UPDATE ' . Config::dbSurveyData() . '_lab set status = ' . $respondent->getStatus() . ' where primkey = \'' . prepareDatabaseString($respondent->getPrimkey()) . '\'' . ";\n"; } if ($communication->sendToServerAsFile($data, $this->user->getUrid())) { //success sending data to server //update lastdate! $this->user->setLastData(date('Y-m-d H:i:s')); $this->user->saveChanges(); $message = $displayNurse->displaySuccess(Language::labelDataUploaded()); } else { $message = $displayNurse->displayError(Language::labelDataNotUploaded()); } return $this->mainPage($message); }
function setToIncomplete() { global $db; if (Config::useDataRecords() == true) { $query = "update " . Config::dbSurveyData() . "_datarecords set completed=" . INTERVIEW_NOTCOMPLETED . " where suid=" . prepareDatabaseString($this->suid) . " and primkey='" . prepareDatabaseString($this->primkey) . "'"; $db->executeQuery($query); } $query = "update " . Config::dbSurveyData() . "_data set completed=" . INTERVIEW_NOTCOMPLETED . ", ts=ts where suid=" . prepareDatabaseString($this->suid) . " and primkey='" . prepareDatabaseString($this->primkey) . "'"; $db->executeQuery($query); }
function getRefusalsByUrid($urid) { global $db; if (isset($this->refusalsByUridArray[$urid])) { $contacts = $this->refusalsByUridArray[$urid]; } else { $contacts = array(); //$csidQuery = ' AND code = 103 '; // $result = $db->selectQuery('select *, aes_decrypt(remark, "' . Config::smsContactRemarkKey() . '") as remark_dec, aes_decrypt(proxyname, "' . Config::smsContactNameKey() . '") as proxyname_dec from ' . Config::dbSurvey() . '_contacts as t1 left join ' . Config::dbSurvey() . '_users as t2 on t1.urid = t2.urid where t1.urid = ' . prepareDatabaseString($urid) . $csidQuery . ' order by t1.contactts desc'); //echo '<br/><br/><br/>'. 'select *, aes_decrypt(remark, "' . Config::smsContactRemarkKey() . '") as remark_dec, aes_decrypt(proxyname, "' . Config::smsContactNameKey() . '") as proxyname_dec from ' . Config::dbSurvey() . '_contacts as t1 left join ' . Config::dbSurvey() . '_users as t2 on t1.urid = t2.urid where t1.urid = ' . prepareDatabaseString($urid) . ' order by t1.contactts desc'; $query = 'select *, aes_decrypt(remark, "' . Config::smsContactRemarkKey() . '") as remark_dec, aes_decrypt(proxyname, "' . Config::smsContactNameKey() . '") as proxyname_dec from ' . Config::dbSurvey() . '_contacts as t1 '; $query .= 'left join ' . Config::dbSurvey() . '_users as t2 on t1.urid = t2.urid '; $query .= 'left join ' . Config::dbSurvey() . '_respondents as t3 on t1.primkey = t3.primkey '; $query .= 'where t3.primkey is not null AND ' . getTextmodeStr() . ' t1.urid = ' . prepareDatabaseString($urid) . ' order by t1.contactts desc'; $result = $db->selectQuery($query); while ($row = $db->getRow($result)) { $contact = new Contact($row); if ($contact->isRefusal()) { $contacts[] = $contact; } } $this->refusalsByUridArray[$urid] = $contacts; } return $contacts; }
function exportSQL() { global $db; $returnStr = ""; $history = loadvar(SETTING_EXPORT_HISTORY); $create = loadvar(SETTING_EXPORT_CREATE); $alltables = Common::allTables(); // create table statements if ($create == EXPORT_CREATE_YES) { foreach ($alltables as $export) { $create = "SHOW CREATE TABLE " . Config::dbSurvey() . $export; $rescreate = $db->selectQuery($create); if ($rescreate) { $row2 = $db->getRow($rescreate); $str = str_ireplace("CREATE TABLE", "CREATE TABLE IF NOT EXISTS", $row2[1]); $str = str_ireplace(Config::dbSurvey() . $export, EXPORT_PLACEHOLDER_TABLE . $export, $str); if ($returnStr != "") { $returnStr .= "\r\n"; } $returnStr .= $str . EXPORT_SQL_DELIMITER . "\r\n"; } } } // content $exporttables = Common::surveyExportTables(); /* based off https://davidwalsh.name/backup-mysql-database-php */ foreach ($exporttables as $export) { if (strtoupper($export) == strtoupper("_tracks") && $history != EXPORT_HISTORY_YES) { continue; } $query = 'select * from ' . Config::dbSurvey() . $export . ' where suid=' . $this->suid; $result = $db->selectQuery($query); $num_fields = $db->getNumberOfFields($result); $fields = $db->getFields($result); $num_fields = sizeof($fields); $fieldstr = ""; // ` for ($i = 0; $i < $num_fields; $i++) { if ($fieldstr != "") { $fieldstr .= ","; } $fi = $fields[$i]; $fieldstr .= "`" . $fi->name . "`"; } // add content (table name and suid are added as placeholders) while ($row = $db->getRow($result)) { $returnStr .= IMPORT_STATEMENT_INSERT . ' ' . EXPORT_PLACEHOLDER_TABLE . $export . ' (' . $fieldstr . IMPORT_STATEMENT_INSERT_VALUES; for ($j = 0; $j < $num_fields; $j++) { $fi = $fields[$j]; if (strtoupper($fi->name) == strtoupper(EXPORT_COLUMN_SUID)) { $returnStr .= '"' . EXPORT_PLACEHOLDER_SUID . '"'; } else { if (strtoupper($fi->name) == strtoupper(EXPORT_COLUMN_URID)) { $returnStr .= '"' . EXPORT_PLACEHOLDER_URID . '"'; } else { if (isset($row[$j])) { $returnStr .= '"' . prepareDatabaseString($row[$j]) . '"'; } else { $returnStr .= '""'; } } } if ($j < $num_fields - 1) { $returnStr .= ','; } } $returnStr .= ")" . EXPORT_SQL_DELIMITER . "\r\n"; } } // output as SQL file /* allow for time */ set_time_limit(0); // http://www.richnetapps.com/the-right-way-to-handle-file-downloads-in-php/ /* declare headers */ header("Content-Description: File Transfer"); header("Content-Type: application/force-download"); header("Content-Type: application/download"); header('Content-Type: application/octet-stream'); header("Content-Disposition: attachment; filename=" . Config::dbSurvey() . EXPORT_FILE_SQL . '; modification-date="' . date('r', time()) . '";'); header("Content-Type: application/sql"); /* prevent caching (http://stackoverflow.com/questions/13640109/how-to-prevent-browser-cache-for-php-site) */ header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // http://stackoverflow.com/questions/15299325/x-download-options-noopen-equivalent header("X-Content-Type-Options: nosniff"); // http://stackoverflow.com/questions/21723436/firefox-downloads-text-plain-instead-of-showing-it /* clean buffer before outputting file */ ob_end_clean(); // echo output echo $returnStr; // stop exit; }
function getSurveyMainSection($suid, $primkey) { /* declare */ $seid = ""; global $currentmainseid; /* returning to survey or starting */ if (getFromSessionParams(SESSION_PARAM_RGID) == '') { /* check in session first (overrides last state) */ $seid = getFromSessionParams(SESSION_PARAM_MAINSEID); if (isSurveySection($seid)) { $currentmainseid = $seid; return $seid; } /* check for last state */ global $db; $result = $db->selectQuery('select mainseid from ' . Config::dbSurveyData() . '_states where suid=' . prepareDatabaseString($suid) . ' and primkey = "' . prepareDatabaseString($primkey) . '" order by stateid desc limit 0,1'); /* we are re-entering */ if ($db->getNumberOfRows($result) > 0) { $row = $db->getRow($result); $seid = $row["mainseid"]; if (isSurveySection($seid)) { $currentmainseid = $seid; return $seid; } } /* we are starting the survey and no session parameter, then assume root section */ $currentmainseid = getBaseSectionSeid($suid); return $currentmainseid; } else { /* button action */ if (isset($_POST['navigation'])) { /* back button */ if ($_POST['navigation'] == Language::buttonBack()) { /* check for last state to determine which section we are going to */ global $db; $result = $db->selectQuery('select mainseid from ' . Config::dbSurveyData() . '_states where suid=' . prepareDatabaseString($suid) . ' and primkey = "' . prepareDatabaseString($primkey) . '" order by stateid desc limit 0,1'); //echo 'select * from ' . Config::dbSurveyData() . '_states where suid=' . prepareDatabaseString($suid) . ' and primkey = "' . prepareDatabaseString($primkey) . '" order by stateid desc limit 0,1'; if ($db->getNumberOfRows($result) > 0) { $row = $db->getRow($result); $seid = $row["mainseid"]; if (isSurveySection($seid)) { $currentmainseid = $seid; return $seid; } } } else { if ($_POST['navigation'] == Language::buttonUpdate()) { /* section does not change, so return from session */ $seid = getFromSessionParams(SESSION_PARAM_MAINSEID); if (isSurveySection($seid)) { $currentmainseid = $seid; return $seid; } } else { /* section may change, but this is handled by the current section engine * calling the nex section engine, so we keep the same section */ $seid = getFromSessionParams(SESSION_PARAM_MAINSEID); if (isSurveySection($seid)) { $currentmainseid = $seid; return $seid; } } } } /* everything failed, then assume root section */ $currentmainseid = getBaseSectionSeid($suid); return $currentmainseid; } /* check last state */ $currentmainseid = getBaseSectionSeid($suid); return $currentmainseid; }
function getLastSurveyAction($sessionid, $primkey) { global $db; $query = 'select asid from ' . Config::dbSurveyData() . '_actions where sessionid = \'' . prepareDatabaseString($sessionid) . '\' and primkey = \'' . prepareDatabaseString($primkey) . '\' and systemtype = ' . USCIC_SURVEY . " and actiontype != " . ACTION_WINDOW_IN . " and actiontype != " . ACTION_WINDOW_OUT . " order by asid desc limit 0,1"; if ($result = $db->selectQuery($query)) { if ($db->getNumberOfRows($result) == 0) { return 0; } $row = $db->getRow($result); return $row["asid"]; } return -1; }
function saveChanges() { global $db; $errorMessage = array(); $query = 'UPDATE ' . Config::dbSurvey() . '_respondents SET '; $query .= 'logincode = AES_ENCRYPT(\'' . prepareDatabaseString($this->getLoginCode()) . '\', \'' . Config::loginCodeKey() . '\'), '; $query .= 'firstname = AES_ENCRYPT(\'' . prepareDatabaseString($this->getFirstName()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'lastname = AES_ENCRYPT(\'' . prepareDatabaseString($this->getLastName()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'address1 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getAddress1()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'address2 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getAddress2()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'city = AES_ENCRYPT(\'' . prepareDatabaseString($this->getCity()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'puid = \'' . prepareDatabaseString($this->getPuid()) . '\', '; $query .= 'longitude = AES_ENCRYPT(\'' . prepareDatabaseString($this->getLongitude()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'latitude = AES_ENCRYPT(\'' . prepareDatabaseString($this->getLatitude()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'zip = AES_ENCRYPT(\'' . prepareDatabaseString($this->getZip()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'telephone1 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getTelephone1()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'telephone2 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getTelephone2()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'email = AES_ENCRYPT(\'' . prepareDatabaseString($this->getEmail()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'age = AES_ENCRYPT(\'' . prepareDatabaseString($this->getAge()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'sex = AES_ENCRYPT(\'' . prepareDatabaseString($this->getSex()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'birthdate = AES_ENCRYPT(\'' . prepareDatabaseString($this->getBirthDate()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'schoolingyears = \'' . prepareDatabaseString($this->getYearsOfSchooling()) . '\', '; $query .= 'educationlevel = \'' . prepareDatabaseString($this->getEducationLevel()) . '\', '; $query .= 'occupationalstatus = \'' . prepareDatabaseString($this->getOccupationalStatus()) . '\', '; $query .= 'relationshiphh = \'' . prepareDatabaseString($this->getRelationshipHhHead()) . '\', '; $query .= 'spouseprimkey = \'' . prepareDatabaseString($this->getSpousePrimkey()) . '\', '; $query .= 'consenttype = \'' . prepareDatabaseString($this->getConsentType()) . '\', '; $query .= 'hhhead = \'' . prepareDatabaseString($this->getHhHead()) . '\', '; $query .= 'famr = \'' . prepareDatabaseString($this->getFamR()) . '\', '; $query .= 'finr = \'' . prepareDatabaseString($this->getFinR()) . '\', '; $query .= 'covr = \'' . prepareDatabaseString($this->getCovR()) . '\', '; if (isset($this->respondent['permanent'])) { $query .= 'permanent = \'' . prepareDatabaseString($this->getPermanent()) . '\', '; } if (isset($this->respondent['validation'])) { $query .= 'validation = \'' . prepareDatabaseString($this->getValidation()) . '\', '; } if (isset($this->respondent['movedout'])) { $query .= 'movedout = \'' . prepareDatabaseString($this->getMovedOut()) . '\', '; } if (isset($this->respondent['hhorder'])) { $query .= 'hhorder = \'' . prepareDatabaseString($this->getHhOrder()) . '\', '; } $query .= 'present = \'' . prepareDatabaseString($this->getPresent()) . '\', '; $query .= 'selected = \'' . prepareDatabaseString($this->getSelected()) . '\', '; if (dbConfig::defaultSeparateInterviewAddress()) { // begin custom personal networks $query .= 'original_firstname = AES_ENCRYPT(\'' . prepareDatabaseString($this->getOriginalFirstName()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'original_lastname = AES_ENCRYPT(\'' . prepareDatabaseString($this->getOriginalLastName()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'originalR = \'' . prepareDatabaseString($this->getOriginalR()) . '\', '; $query .= 'callbackOtherR = \'' . prepareDatabaseString($this->getCallbackOtherR()) . '\', '; $query .= 'interview_address1 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getInterviewAddress1()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'interview_address2 = AES_ENCRYPT(\'' . prepareDatabaseString($this->getInterviewAddress2()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'interview_zip = AES_ENCRYPT(\'' . prepareDatabaseString($this->getInterviewZip()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'interview_city = AES_ENCRYPT(\'' . prepareDatabaseString($this->getInterviewCity()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'interview_state = AES_ENCRYPT(\'' . prepareDatabaseString($this->getInterviewState()) . '\', \'' . Config::smsPersonalInfoKey() . '\'), '; $query .= 'interview_mode = \'' . prepareDatabaseString($this->getInterviewMode()) . '\', '; // end custom personal networks } $query .= 'status = ' . prepareDatabaseString($this->getStatus()) . ', '; $query .= 'urid = ' . prepareDatabaseString($this->getUrid()) . ' '; $query .= 'WHERE primkey = \'' . prepareDatabaseString($this->getPrimkey()) . '\''; //echo '<br/><br/><br/>' . $query . '<br/>'; $db->executeQuery($query); return $errorMessage; }
function getRespondentsByUrid($urid) { global $db; $respondents = array(); $query = 'select primkey from ' . Config::dbSurvey() . '_lab where urid = \'' . prepareDatabaseString($urid) . '\''; $result = $db->selectQuery($query); while ($row = $db->getRow($result)) { $respondents[] = new Respondent($row['primkey']); } return $respondents; }
function generateProgressBar($seid) { $_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_SURVEY_RETRIEVAL; global $db; // check for any missing for loop statements prior to a nested for loop //$q1 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and locate('~', outerlooptimes) != 0"; $q1 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid; //echo $q1; $toprocess = array(); $res1 = $db->selectQuery($q1); if ($res1) { if ($db->getNumberOfRows($res1) > 0) { $previous = ""; while ($row1 = $db->getRow($res1)) { if (contains($row1["outerlooptimes"], "~")) { if ($previous == "") { $toprocess[] = $row1; $previous = $row1["outerlooptimes"]; //echo 'added ' . $row1["rgid"] . "<br/>"; } else { /* ignore anything following until we exited any nested loops */ } } else { $previous = ""; } } } } foreach ($toprocess as $t) { //echo '<hr>Looking at: ' . $t["rgid"]; $outerlooptimes = explode("~", $t["outerlooptimes"]); $outerlooprgids = explode("~", $t["outerlooprgids"]); array_pop($outerlooptimes); array_pop($outerlooprgids); $outerlooptimes = array_reverse($outerlooptimes); $outerlooprgids = array_reverse($outerlooprgids); //print_r($outerlooptimes); //print_r($outerlooprgids); $lookbefore = $t["number"]; $dummy = sizeof($outerlooptimes); for ($i = 0; $i < sizeof($outerlooptimes); $i++) { $o = $outerlooptimes[$i]; $needwork = true; //echo '<hr>Looking at outer loop: ' . $o; // how far can we look back? (not farther than end of any previous loops) $maxback = ""; $q2 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and number < " . $lookbefore . " and outerlooptimes=-1 order by number desc"; //echo $q2; $res2 = $db->selectQuery($q2); if ($db->getNumberOfRows($res2) > 0) { $row2 = $db->getRow($res2); $maxback = $row2["number"]; } else { $maxback = 0; } //echo '<hr>maxback: ' . $maxback; // any entries that are with the right loop count $q2 = "select * from " . Config::dbSurvey() . "_screens where suid=" . $this->suid . " and seid=" . $seid . " and number > " . $maxback . " and number < " . $lookbefore . " and looptimes=" . $o . " order by number desc"; //echo $q2 . "<hr>"; $res2 = $db->selectQuery($q2); if ($res2) { if ($db->getNumberOfRows($res2) > 0) { $needwork = false; $row3 = $db->getRow($res2); $lookbefore = $row3["number"]; } } if ($needwork) { $loopstring = ""; $out = array(); $temp = array_reverse($outerlooptimes); //print_r($temp); $looptimes = 1; //echo 'i is ' . $i . "<hr>"; for ($j = 0; $j < sizeof($temp) - $i; $j++) { $out[] = $temp[$j]; $looptimes = $looptimes * $temp[$j]; } //echo '<br/>loop time: ' . end($temp); $loopstring = implode("~", $out); $query = "replace into " . Config::dbSurvey() . "_screens (suid, seid, rgid, number, section, looptimes, outerlooptimes, outerlooprgids, dummy) values(" . prepareDatabaseString($row2["suid"]) . ", " . prepareDatabaseString($row2["seid"]) . ", '" . prepareDatabaseString($outerlooprgids[$i]) . "', '" . prepareDatabaseString($t["number"]) . "', " . prepareDatabaseString($row2["section"]) . ", " . prepareDatabaseString($looptimes) . ", '" . prepareDatabaseString($loopstring) . "', '', " . $dummy . ")"; //echo $query . "<br/>"; $db->executeQuery($query); $dummy--; } } } // delete existing $query = "delete from " . Config::dbSurvey() . "_progressbars where suid=" . $this->suid . " and seid=" . $seid; $db->executeQuery($query); $progressbar = new Progressbar($this->suid, $seid); $this->generateProgressBarSection($progressbar, $seid, $seid, 0, "", "", 0); $progressbar->save(); /* store compiled in db */ $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, gzcompress(serialize($progressbar), 9)); $bp->add(MYSQL_BINDING_INTEGER, $this->suid); $bp->add(MYSQL_BINDING_INTEGER, $seid); $bp->add(MYSQL_BINDING_INTEGER, $this->version); $query = "update " . Config::dbSurvey() . "_engines set progressbar = ? where suid = ? and seid = ? and version = ?"; $db->executeBoundQuery($query, $bp->get()); $_SESSION['PARAMETER_RETRIEVAL'] = PARAMETER_ADMIN_RETRIEVAL; }
function addLogs($variable, $answer, $di) { if (Config::logSurveyActions() == false) { return; } $localdb = null; if (Config::useTransactions() == true) { global $transdb; $localdb = $transdb; } else { global $db; $localdb = $db; } $ans = $answer; if ($ans == "") { $ans = null; } $prim = $this->getPrimaryKey(); $var = $variable; $dirty = $di; $action = $this->currentaction; $suid = $this->getSuid(); $version = getSurveyVersion(); $language = getSurveyLanguage(); $mode = getSurveyMode(); if (Config::prepareDataQueries() == false) { global $survey; $key = $survey->getDataEncryptionKey(); $answer = '"' . prepareDatabaseString($ans) . '"'; if ($key != "") { $answer = "aes_encrypt('" . prepareDatabaseString($ans) . "', '" . $key . "')"; } $localdb->executeQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')'); //echo 'INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (' . $suid . ',"' . $prim . '","' . $var . '",' . $answer . ',' . $dirty . ',' . $action . ',' . $version . ',' . $language . ',' . $mode . ')<br/>'; } else { $bp = new BindParam(); $bp->add(MYSQL_BINDING_STRING, $suid); $bp->add(MYSQL_BINDING_STRING, $prim); $bp->add(MYSQL_BINDING_STRING, $var); $bp->add(MYSQL_BINDING_STRING, $ans); $bp->add(MYSQL_BINDING_INTEGER, $dirty); $bp->add(MYSQL_BINDING_INTEGER, $action); $bp->add(MYSQL_BINDING_INTEGER, $version); $bp->add(MYSQL_BINDING_INTEGER, $language); $bp->add(MYSQL_BINDING_INTEGER, $mode); $answer = "?"; global $survey; $key = $survey->getDataEncryptionKey(); if ($key != "") { $answer = "aes_encrypt(?, '" . $key . "')"; } $localdb->executeBoundQuery('INSERT INTO ' . Config::dbSurveyData() . '_logs (suid, primkey, variablename, answer, dirty, action, version, language, mode) VALUES (?,?,?,' . $answer . ',?,?,?,?,?)', $bp->get()); } }
} } $query = "update " . $this->targettable . "_routing set rule='endgroup' where suid=" . $this->suid . " and trim(rule)='endcombine'"; $this->db->executeQuery($query); } } } function convertTypes() { $query = "select teid as id, name as name, questiontype as answertype, answer as options from " . $this->sourcetable . "_type where syid=" . $this->syid . " order by teid"; if ($res = $this->importdb->selectQuery($query)) { if ($this->importdb->getNumberOfRows($res) > 0) { while ($row = $this->importdb->getRow($res)) { $query = "replace into " . $this->targettable . "_types (suid, tyd, name) values ("; $query .= prepareDatabaseString($this->suid) . ","; $query .= prepareDatabaseString($row["id"]) . ","; $query .= "'" . prepareDatabaseString($row["name"]) . "')"; $this->db->executeQuery($query); /* add rest as settings */ $this->addSetting($row["id"], OBJECT_TYPE, SETTING_ANSWERTYPE, $this->convertAnswerType($row["answertype"], $row["settings"])); $this->addSetting($row["id"], OBJECT_TYPE, SETTING_OPTIONS, $row["options"]); /* add usage in variables */ $query = "select * from " . $this->targettable . "_settings where suid=" . $this->suid . " and name='" . SETTING_OPTIONS . "' and objecttype=" . OBJECT_VARIABLEDESCRIPTIVE . " and value='" . $row["name"] . "'"; // echo $query; $res1 = $this->db->selectQuery($query); if ($res1) { //echo 'found some for ' . $row["tyd"] . "-----" . $query . "<br/>"; if ($this->db->getNumberOfRows($res1) > 0) { while ($row1 = $this->db->getRow($res1)) { $q = "update " . $this->targettable . "_variables set tyd=" . $row["id"] . " where suid=" . $this->suid . " and vsid=" . $row1["object"]; $this->db->executeQuery($q); // remove options in settings for variable, so it does not override the type's options $q = "delete from " . $this->targettable . "_settings where suid=" . $this->suid . " and object=" . $row1["object"] . " and name='" . SETTING_OPTIONS . "' and objecttype=" . OBJECT_VARIABLEDESCRIPTIVE; $this->db->executeQuery($q); } } } /* add settings */ $this->convertSettings($row, OBJECT_TYPE); /* convert translations */ $q = "select source, language, cast(translation as char) as translation from " . $this->sourcetable . "_translation where syid=" . $this->syid . " and id=" . $row["id"] . " order by source"; if ($r = $this->importdb->selectQuery($q)) { if ($this->importdb->getNumberOfRows($r) > 0) { while ($rowtrans = $this->importdb->getRow($r)) { $language = $rowtrans["language"]; $source = $rowtrans["source"]; switch ($source) { case "teid": $this->addSetting($row["id"], OBJECT_TYPE, SETTING_OPTIONS, $rowtrans["translation"], $language); break; } if (!inArray($language, $this->languages)) { $this->languages[] = $language; } } } } } // update answer types $updates = array("update " . $this->targettable . "_settings set value=" . $this->convertAnswerType(3) . " where suid=" . $this->suid . " and objecttype=" . OBJECT_TYPE . " and name='" . SETTING_ANSWERTYPE . "' and value=3", "update " . $this->targettable . "_settings set value=" . $this->convertAnswerType(4) . " where suid=" . $this->suid . " and objecttype=" . OBJECT_TYPE . " and name='" . SETTING_ANSWERTYPE . "' and value=4", "update " . $this->targettable . "_settings set value=" . $this->convertAnswerType(5) . " where suid=" . $this->suid . " and objecttype=" . OBJECT_TYPE . " and name='" . SETTING_ANSWERTYPE . "' and value=5", "update " . $this->targettable . "_settings set value=" . $this->convertAnswerType(6) . " where suid=" . $this->suid . " and objecttype=" . OBJECT_TYPE . " and name='" . SETTING_ANSWERTYPE . "' and value=6");