requireLogin(); $app->sslOn(); require_once 'codebase/lib/PageNumbers.inc.php'; require_once 'codebase/lib/Cache.inc.php'; require_once 'codebase/lib/SortOrder.inc.php'; require_once 'codebase/lib/HTML.inc.php'; require_once 'models/Survey.inc.php'; /******************************************************************** * CONFIG ********************************************************************/ // Titles and navigation header. $nav->add(_("Surveys"), null); // Instantiate a sorting object with the default sort and order. Add SQL for each column. $so = new SortOrder('survey_tbl.begin_datetime', 'ASC'); $so->asc_widget = ''; $so->desc_widget = ''; $so->setColumn('survey_tbl.survey_id', 'survey_tbl.survey_id ASC', 'survey_tbl.survey_id DESC'); $so->setColumn('survey_tbl.survey_name', 'survey_tbl.survey_name ASC', 'survey_tbl.survey_name DESC'); $so->setColumn('survey_tbl.status', 'survey_tbl.status ASC', 'survey_tbl.status DESC'); $so->setColumn('survey_tbl.num_questions', 'survey_tbl.num_questions ASC', 'survey_tbl.num_questions DESC'); $so->setColumn('survey_tbl.num_participants', 'survey_tbl.num_participants ASC', 'survey_tbl.num_participants DESC'); $so->setColumn('survey_tbl.num_responses', 'survey_tbl.num_responses ASC', 'survey_tbl.num_responses DESC'); $so->setColumn('survey_tbl.begin_datetime', 'survey_tbl.begin_datetime ASC', 'survey_tbl.begin_datetime DESC'); $so->setColumn('survey_tbl.end_datetime', 'survey_tbl.end_datetime ASC', 'survey_tbl.end_datetime DESC'); $so->setColumn('survey_tbl.added_datetime', 'survey_tbl.added_datetime ASC', 'survey_tbl.added_datetime DESC'); $so->setColumn('survey_tbl.added_by_user_id', 'survey_tbl.added_by_user_id ASC', 'survey_tbl.added_by_user_id DESC'); $so->setColumn('survey_tbl.modified_datetime', 'survey_tbl.modified_datetime ASC', 'survey_tbl.modified_datetime DESC'); $so->setColumn('survey_tbl.modified_by_user_id', 'survey_tbl.modified_by_user_id ASC', 'survey_tbl.modified_by_user_id DESC'); // Instantiate page numbers. Total items are set and calculation is done in the getList method. $page = new PageNumbers(); $page->setPerPage(getFormData('per_page'), 100); $page->setPageNumber(getFormData('page_number')); // Query parameters to retain always. $app->carryQuery(array( 'filter___///__', )); // Query parameters to retain only locally. $locally_carried_queries = array( 'q', ); /******************************************************************** * MAIN ********************************************************************/ // We may want to use the add/edit interface from another script, so this // allows us to remember which page we came from so we can go back there. if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) { $app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'survey'); } if (getFormData('break_list_cache', false)) { // Remove any stale cached list data. $cache->delete('survey list'); } // What action to take. switch (getFormData('op')) { case 'add' : // Bounce the user if they don't have permission to create a record. Survey::requireAllow('create'); // Initialize variables for the form template. $frm = getAddFields(); $nav->add(_("Add new survey")); $main_template = 'survey_form.inc.html'; break; case 'edit' : // Bounce the user if they don't have permission to update a record. Survey::requireAllow('update'); // Initialize variables for the form template. $frm = getEditFields(getFormData('survey_id')); $nav->add(_("Edit Survey")); $main_template = 'survey_form.inc.html'; break; case 'del' : $app->requireValidCSRFToken(); // Bounce the user if they don't have permission to delete the specified record. Survey::requireAllow('delete', Survey::get(array('survey_id' => getFormData('survey_id')), 1)); if ($del_row = Survey::get(array('survey_id' => getFormData('survey_id')), 1)) { Survey::delete(getFormData('survey_id')); $app->raiseMsg(sprintf(_("The survey %s has been deleted."), $del_row['survey_name']), MSG_SUCCESS, __FILE__, __LINE__); } if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; case 'insert' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to create a record under the specified account_id. Survey::requireAllow('create', array(array('account_id' => getFormData('account_id')))); } else { // Bounce the user if they don't have permission to create a record at all. Survey::requireAllow('create'); } if (getFormdata('btn_cancel', false)) { if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getAddFields(); $frm = array_merge($frm, getFormData()); $nav->add(_("Add new survey")); $main_template = 'survey_form.inc.html'; } else { $survey_id = Survey::insert(getFormData()); $app->raiseMsg(sprintf(_("The survey %s has been added."), getFormData('survey_name')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display function again. $app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries); } else if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Immediately go to add questions. $app->dieURL(sprintf('/questions.php?op=add&survey_id=%s', $survey_id)); } break; case 'update' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to update the specified record or don't have permission to assign this record to the specified account_id. $check_rows = array_merge(Survey::get(array('survey_id' => getFormData('survey_id')), 1), array(array('account_id' => getFormData('account_id')))); Survey::requireAllow('update', $check_rows); } else { // Bounce the user if they don't have permission to update the specified record. Survey::requireAllow('update', Survey::get(array('survey_id' => getFormData('survey_id')), 1)); } if (getFormdata('btn_reset', false)) { $app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__); $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&survey_id=' . getFormData('survey_id'), $locally_carried_queries); } if (getFormdata('btn_cancel', false)) { // Remove lock $lock->select('survey_tbl', 'survey_id', getFormData('survey_id')); $lock->remove(); if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getEditFields(getFormData('survey_id')); $frm = array_merge($frm, getFormData()); $nav->add(_("Edit Survey")); $main_template = 'survey_form.inc.html'; } else { Survey::update(getFormData()); $app->raiseMsg(sprintf(_("The survey %s has been updated."), getFormData('survey_name')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display edit function with next available ID. $qid = $db->query("SELECT survey_id FROM survey_tbl WHERE survey_id > '" . $db->escapeString(getFormData('survey_id')) . "' ORDER BY survey_id ASC LIMIT 1"); if (list($next_id) = mysql_fetch_row($qid)) { $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&survey_id=' . $next_id, $locally_carried_queries); } else { $app->raiseMsg(_("Cannot edit next, the end of the list was reached"), MSG_NOTICE, __FILE__, __LINE__); } } else if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } break; case 'run' : // Bounce the user if they don't have permission to update the specified record. $run_row = Survey::get(array('survey_id' => getFormData('survey_id')), 1); Survey::requireAllow('update', $run_row); // Check if another survey is already running. $s = Survey::getCurrent(); if (isset($s['survey_id']) && $s['survey_id'] != getFormData('survey_id')) { // Another survey is already running. // TODO: allow multiple surveys to run simutaneously. $app->raiseMsg(sprintf(_("Sorry, we can’t start that survey because the survey %s is already running. You must close that survey first before running a new one."), $s['survey_name'], $app->ohref(sprintf('/surveys.php?op=close&survey_id=%s', $s['survey_id']))), MSG_SUCCESS, __FILE__, __LINE__); $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } if ($run_row) { Survey::run(getFormData('survey_id')); $app->raiseMsg(sprintf(_("The survey %s has begun!"), $run_row['survey_name']), MSG_SUCCESS, __FILE__, __LINE__); } if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; case 'close' : // Bounce the user if they don't have permission to update the specified record. $run_row = Survey::get(array('survey_id' => getFormData('survey_id')), 1); Survey::requireAllow('update', $run_row); if ($run_row) { Survey::close(getFormData('survey_id')); $app->raiseMsg(sprintf(_("The survey %s has been closed."), $run_row['survey_name']), MSG_SUCCESS, __FILE__, __LINE__); } if ($app->validBoomerangURL('survey')) { // Display boomerang page. $app->dieBoomerangURL('survey', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; default : // Bounce the user if they don't have permission to list records. Survey::requireAllow('read'); // If the user does not have access to 'any' record, limit by their account_id. $where_clause = ''; if (!$acl->check('user_id:' . $auth->get('user_id'), 'survey:read', 'any')) { $where_clause = "WHERE survey_tbl.account_id = '" . $db->escapeString($auth->get('account_id')) . "'"; } $list = Survey::getPaginatedList($where_clause); $main_template = 'survey_list.inc.html'; break; } /******************************************************************** * OUTPUT ********************************************************************/ include 'header.inc.html'; $app->carryQuery($locally_carried_queries); include $main_template; include 'footer.inc.html'; /******************************************************************** * FUNCTIONS ********************************************************************/ /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function validateInput($fv) { $fv->numericRange('survey_id', 0, 16777215, sprintf(_("%s must be a number between %d and %d."), _("Survey ID"), 0, 16777215)); $fv->isInteger('survey_id', sprintf(_("%s must be an integer."), _("Survey ID"))); $fv->notEmpty('survey_name', sprintf(_("%s cannot be blank."), _("Survey name"))); $fv->stringLength('survey_name', 0, 80, sprintf(_("%s must be %d-to-%d characters in length."), _("Survey name"), 0, 80)); $fv->notEmpty('begin_datetime', sprintf(_("%s cannot be blank."), _("Begin date"))); $fv->validateStrDate('begin_datetime', sprintf(_("%s must be a valid date in YYYY-MM-DD format."), _("Begin date"))); $fv->notEmpty('end_datetime', sprintf(_("%s cannot be blank."), _("End date"))); $fv->validateStrDate('end_datetime', sprintf(_("%s must be a valid date in YYYY-MM-DD format."), _("End date"))); return $fv; } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getAddFields() { // Set default values for the reset of the fields. return Survey::merge(array( 'new_op' => 'insert', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Add new survey"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Add & repeat"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), )); } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getEditFields($id) { global $lock, $locally_carried_queries; $db =& DB::getInstance(); $app =& App::getInstance(); $lock->select('survey_tbl', 'survey_id', $id); if ($lock->isLocked() && !$lock->isMine()) { $lock->dieErrorPage(); } // Get the information for the form. if (!$frm = Survey::get(array('survey_id' => $id))) { $app->logMsg('Could not find record with survey_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__); $app->dieBoomerangURL('survey', $locally_carried_queries); } // Lock this record. $lock->set('survey_tbl', 'survey_id', $id, $frm['survey_name']); // Set misc values for the form. return Survey::merge(array( 'new_op' => 'update', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Save changes"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Save & edit next"), 'class' => 'small button secondary', 'accesskey' => 'e'), array('name' => 'btn_reset', 'value' => _("Reset"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), ), $frm); }