/** * This function changes the modify column of the sortable table * * @param integer $survey_id the id of the survey * @return html code that are the actions that can be performed on any survey * * @author Patrick Cool <*****@*****.**>, Ghent University * @version January 2007 */ static function modify_filter($survey_id) { $survey_id = Security::remove_XSS($survey_id); $return = ''; // Coach can see that only if the survey is in his session if (api_is_allowed_to_edit() || api_is_element_in_the_session(TOOL_SURVEY, $survey_id)) { $return .= '<a href="create_new_survey.php?' . api_get_cidreq() . '&action=edit&survey_id=' . $survey_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), '', ICON_SIZE_SMALL) . '</a>'; if (survey_manager::survey_generation_hash_available()) { $return .= Display::url(Display::return_icon('new_link.png', get_lang('GenerateSurveyAccessLink'), '', ICON_SIZE_SMALL), 'generate_link.php?survey_id=' . $survey_id . '&' . api_get_cidreq()); } $return .= Display::url(Display::return_icon('copy.png', get_lang('DuplicateSurvey'), '', ICON_SIZE_SMALL), 'survey_list.php?action=copy_survey&survey_id=' . $survey_id . '&' . api_get_cidreq()); $return .= ' <a href="survey_list.php?' . api_get_cidreq() . '&action=empty&survey_id=' . $survey_id . '" onclick="javascript: if(!confirm(\'' . addslashes(api_htmlentities(get_lang("EmptySurvey") . '?')) . '\')) return false;">' . Display::return_icon('clean.png', get_lang('EmptySurvey'), '', ICON_SIZE_SMALL) . '</a> '; } $return .= '<a href="preview.php?' . api_get_cidreq() . '&survey_id=' . $survey_id . '">' . Display::return_icon('preview_view.png', get_lang('Preview'), '', ICON_SIZE_SMALL) . '</a> '; $return .= '<a href="survey_invite.php?' . api_get_cidreq() . '&survey_id=' . $survey_id . '">' . Display::return_icon('mail_send.png', get_lang('Publish'), '', ICON_SIZE_SMALL) . '</a> '; $return .= '<a href="reporting.php?' . api_get_cidreq() . '&survey_id=' . $survey_id . '">' . Display::return_icon('stats.png', get_lang('Reporting'), '', ICON_SIZE_SMALL) . '</a>'; if (api_is_allowed_to_edit() || api_is_element_in_the_session(TOOL_SURVEY, $survey_id)) { $return .= '<a href="survey_list.php?' . api_get_cidreq() . '&action=delete&survey_id=' . $survey_id . '" onclick="javascript: if(!confirm(\'' . addslashes(api_htmlentities(get_lang("DeleteSurvey") . '?', ENT_QUOTES)) . '\')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), '', ICON_SIZE_SMALL) . '</a> '; } return $return; }
<?php /* For licensing terms, see /license.txt */ //require_once '../inc/global.inc.php'; $survey_id = isset($_REQUEST['i']) ? intval($_REQUEST['i']) : null; if (empty($survey_id)) { api_not_allowed(true); } if (!survey_manager::survey_generation_hash_available()) { api_not_allowed(true); } $course_info = api_get_course_info_by_id($_REQUEST['c']); $hash_is_valid = survey_manager::validate_survey_hash($survey_id, $_REQUEST['c'], $_REQUEST['s'], $_REQUEST['g'], $_REQUEST['h']); if ($hash_is_valid && $course_info) { $survey_data = survey_manager::get_survey($survey_id, null, $course_info['code']); $invitation_code = api_get_unique_id(); $params = array('c_id' => $_REQUEST['c'], 'session_id' => $_REQUEST['s'], 'user' => $invitation_code, 'survey_code' => $survey_data['code'], 'invitation_code' => $invitation_code, 'invitation_date' => api_get_utc_datetime()); $invitation_id = SurveyUtil::save_invitation($params); if ($invitation_id) { $link = api_get_path(WEB_CODE_PATH) . 'survey/fillsurvey.php?invitationcode=' . $invitation_code . '&course=' . $course_info['code']; header('Location: ' . $link); exit; } } else { api_not_allowed(true); }