} if ($error) { header("Location: 404.php"); exit; } $_RULES = array("question_content" => Validation::$f->notEmpty_String, "question_type" => function ($d) { return $d == "checkbox" || $d == "radio"; }, "question_hint" => Validation::$f->String, "question_weight" => function ($d) { return is_numeric($d) && $d % 1 == 0 && $d >= 1 && $d <= 5; }); $v = new Validation($_POST, array("question_content", "question_type", "question_hint", "question_weight"), $_RULES); if ($own && Validation::Query($_POST, array("indexes", "correct_indexes", "labels")) && $v->fieldsExists()) { if ($v->testAll()) { $statement = new SQLBuilder($_MYSQLI); if ($new) { $q = $statement->insertInto('question')->set($v->export(null, array("question_content", "question_type", "question_hint", "question_weight"), array("question_questionnaire_id" => $_GET["qid"], "question_num" => $questionnaire->questionnaire_total_questions + 1)))->build(); $_MYSQLI->query($q); $_GET["id"] = $_MYSQLI->insert_id; } else { $q = $statement->update('question')->set($v->export(null, array("question_content", "question_type", "question_hint", "question_weight")))->where("question_id", "=", $_GET["id"])->build(); $_MYSQLI->query($q); } $insertions = array(); $correct = array(); $one_correct = false; foreach ($_POST["indexes"] as $k => $val) { $correct[$k] = in_array($val, $_POST["correct_indexes"]) ? 1 : 0; } foreach ($_POST["labels"] as $k => $lbl) { if ($lbl != "") { $insertions[] = '(NULL, ' . $_GET["id"] . ', \'' . $_MYSQLI->real_escape_string($lbl) . '\', \'' . $correct[$k] . '\')';
$repassword = true; if ($v->fieldsExists()) { $repassword = $_POST["user_password"] == $_POST["user_repassword"]; $email_available = Auth::user_exists($_POST["user_email"]) == 0; if (!$email_available) { $error = "E-Mail non disponible"; } else { if (!$repassword) { $error = "Les mots de passe ne correspondent pas"; } else { $error = "Champ(s) invalide(s)"; } } if ($v->testAll() && $repassword && $email_available) { $statement = new SQLBuilder($_MYSQLI); $q = $statement->insertInto('user')->set($v->export($_MYSQLI, array("user_firstname", "user_lastname", "user_email", "user_schoolname"), array("user_photo_path" => "", "user_password" => Security::CryptPassword($_POST["user_password"]))))->build(); $r = $_MYSQLI->query($q); Auth::login($_POST["user_email"], $_POST["user_password"]); header("Location: index.php"); exit; } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <title>QCManager</title> <link rel="stylesheet" type="text/css" href="css/auth.css"> </head>
$_RULES = array("questionnaire_title" => Validation::$f->notEmpty_String, "questionnaire_description" => Validation::$f->notEmpty_String, "questionnaire_start_date" => Validation::$f->datetime, "questionnaire_end_date" => Validation::$f->datetime); $v = new Validation($_POST, array("questionnaire_title", "questionnaire_description", "questionnaire_start_date", "questionnaire_end_date"), $_RULES); if ($v->fieldsExists()) { $startdate_instance = DateTime::createFromFormat('d/m/Y H:i', $_POST["questionnaire_start_date"]); $enddate_instance = DateTime::createFromFormat('d/m/Y H:i', $_POST["questionnaire_end_date"]); $datetimes = false; if ($startdate_instance instanceof DateTime && $enddate_instance instanceof DateTime) { $startdate = $startdate_instance->format('U'); $enddate = $enddate_instance->format('U'); $datetimes = $enddate > $startdate; } if ($v->testAll() && $datetimes) { $statement = new SQLBuilder($_MYSQLI); if ($new) { $inserted = true; $q = $statement->insertInto('questionnaire')->set($v->export(null, array("questionnaire_title", "questionnaire_description"), array("questionnaire_start_date" => $startdate, "questionnaire_end_date" => $enddate, "questionnaire_user_id" => Auth::getUserId())))->build(); $_MYSQLI->query($q); echo "<html><head><title></title></head><body><script>parent.location.href='form.php?id=" . $_MYSQLI->insert_id . "';</script></body></html>"; exit; } else { $q = $statement->update('questionnaire')->set($v->export(null, array("questionnaire_title", "questionnaire_description"), array("questionnaire_start_date" => $startdate, "questionnaire_end_date" => $enddate)))->where("questionnaire_id", "=", $_GET["id"])->build(); $_MYSQLI->query($q); header("Location: frame_form_edit.php?refresh=true&id=" . $_GET["id"]); exit; } } if ($v->fail("questionnaire_title")) { echo "questionnaire_title fail"; } if ($v->fail("questionnaire_description")) { echo "questionnaire_description fail";