Skip to content

Commit

Permalink
Merge pull request #11 from jositopr/Yii
Browse files Browse the repository at this point in the history 
Fixed issue #6286: White screen when you enter in /index.php/admin/index after login with a user whitout permission
  • Loading branch information
@c-schmitz
c-schmitz committed Jul 6, 2012
2 parents 9bd2e88 + b68a3ae commit 3080694
Showing 1 changed file with 91 additions and 93 deletions.
184 changes: 91 additions & 93 deletions application/controllers/admin/surveyadmin.php
View file
Expand Up @@ -38,11 +38,6 @@ class SurveyAdmin extends Survey_Common_Action
public function __construct($controller, $id)
{
parent::__construct($controller, $id);

if (Yii::app()->session['USER_RIGHT_SUPERADMIN'] != 1)
{
die();
}
}

/**
Expand Down Expand Up @@ -494,111 +489,114 @@ public function getSurveys_json()
$aSurveyEntries->page = 1;
foreach ($surveys as $rows)
{
$aSurveyEntry = array();
$rows = array_merge($rows->attributes, $rows->languagesettings[0]->attributes, $rows->owner->attributes);

// Set status
if ($rows['active'] == "Y" && $rows['expires'] != '' && $rows['expires'] < dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust')))
{
$aSurveyEntry[] = '<!--a--><img src="' . Yii::app()->getConfig('adminimageurl') . '/expired.png" alt="' . $clang->gT("This survey is active but expired.") . '" />';
}
elseif ($rows['active'] == "Y" && $rows['startdate'] != '' && $rows['startdate'] > dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust')))
{
$aSurveyEntry[] = '<!--b--><img src="' . Yii::app()->getConfig('adminimageurl') . '"/notyetstarted.png" alt="' . $clang->gT("This survey is active but has a start date.") . '" />';
}
elseif ($rows['active'] == "Y")
if($rows['users_name'] == Yii::app()->session['user'] || Yii::app()->session['USER_RIGHT_SUPERADMIN'] == 1)//If is owner or superadmin show survey.
{
if (hasSurveyPermission($rows['sid'], 'surveyactivation', 'update'))
$aSurveyEntry = array();
$rows = array_merge($rows->attributes, $rows->languagesettings[0]->attributes, $rows->owner->attributes);

// Set status
if ($rows['active'] == "Y" && $rows['expires'] != '' && $rows['expires'] < dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust')))
{
$aSurveyEntry[] = '<!--a--><img src="' . Yii::app()->getConfig('adminimageurl') . '/expired.png" alt="' . $clang->gT("This survey is active but expired.") . '" />';
}
elseif ($rows['active'] == "Y" && $rows['startdate'] != '' && $rows['startdate'] > dateShift(date("Y-m-d H:i:s"), "Y-m-d", Yii::app()->getConfig('timeadjust')))
{
$aSurveyEntry[] = '<!--b--><img src="' . Yii::app()->getConfig('adminimageurl') . '"/notyetstarted.png" alt="' . $clang->gT("This survey is active but has a start date.") . '" />';
}
elseif ($rows['active'] == "Y")
{
$aSurveyEntry[] = '<!--c--><a href="' . $this->getController()->createUrl('admin/survey/deactivate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . '/active.png" alt="' . $clang->gT("This survey is active - click here to stop this survey.") . '"/></a>';
if (hasSurveyPermission($rows['sid'], 'surveyactivation', 'update'))
{
$aSurveyEntry[] = '<!--c--><a href="' . $this->getController()->createUrl('admin/survey/deactivate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . '/active.png" alt="' . $clang->gT("This survey is active - click here to stop this survey.") . '"/></a>';
}
else
{
$aSurveyEntry[] = '<!--d--><img src="' . Yii::app()->getConfig('adminimageurl') . '/active.png" alt="' . $clang->gT("This survey is currently active.") . '" />';
}
}
else
{
$aSurveyEntry[] = '<!--d--><img src="' . Yii::app()->getConfig('adminimageurl') . '/active.png" alt="' . $clang->gT("This survey is currently active.") . '" />';
$condition = "sid={$rows['sid']} AND language='" . $rows['language'] . "'";
$questionsCountResult = Questions::model()->findAll($condition);

if (count($questionsCountResult) && hasSurveyPermission($rows['sid'], 'surveyactivation', 'update'))
{
$aSurveyEntry[] = '<!--e--><a href="' . $this->getController()->createUrl('admin/survey/activate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . '/inactive.png" title="" alt="' . $clang->gT("This survey is currently not active - click here to activate this survey.") . '" /></a>';
}
else
{
$aSurveyEntry[] = '<!--f--><img src="' . Yii::app()->getConfig('adminimageurl') . '/inactive.png" title="' . $clang->gT("This survey is currently not active.") . '" alt="' . $clang->gT("This survey is currently not active.") . '" />';
}
}
}
else
{
$condition = "sid={$rows['sid']} AND language='" . $rows['language'] . "'";
$questionsCountResult = Questions::model()->findAll($condition);

if (count($questionsCountResult) && hasSurveyPermission($rows['sid'], 'surveyactivation', 'update'))

//Set SID
$aSurveyEntry[] = $rows['sid'];
'<a href="' . $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']) . '">' . $rows['sid'] . '</a>';

//Set Title
$aSurveyEntry[] = '<!--' . $rows['surveyls_title'] . '--><a href="' . $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']) . '" title="' . $rows['surveyls_title'] . '">' . $rows['surveyls_title'] . '</a>';

//Set Date
Yii::import('application.libraries.Date_Time_Converter', true);
$datetimeobj = new Date_Time_Converter(array($rows['datecreated'], "Y-m-d H:i:s"));
$aSurveyEntry[] = '<!--' . $rows['datecreated'] . '-->' . $datetimeobj->convert($dateformatdetails['phpdate']);

//Set Owner
$aSurveyEntry[] = $rows['users_name'] . ' (<a href="#" class="ownername_edit" translate_to="' . $clang->gT('Edit') . '" id="ownername_edit_' . $rows['sid'] . '">'. $clang->gT('Edit') .'</a>)';

//Set Access
if (Yii::app()->db->schema->getTable('{{tokens_' . $rows['sid'] . '}}'))
{
$aSurveyEntry[] = '<!--e--><a href="' . $this->getController()->createUrl('admin/survey/activate/surveyid/' . $rows['sid']) . '"><img src="' . Yii::app()->getConfig('adminimageurl') . '/inactive.png" title="" alt="' . $clang->gT("This survey is currently not active - click here to activate this survey.") . '" /></a>';
$aSurveyEntry[] = $clang->gT("Closed");
}
else
{
$aSurveyEntry[] = '<!--f--><img src="' . Yii::app()->getConfig('adminimageurl') . '/inactive.png" title="' . $clang->gT("This survey is currently not active.") . '" alt="' . $clang->gT("This survey is currently not active.") . '" />';
$aSurveyEntry[] = $clang->gT("Open");
}
}

//Set SID
$aSurveyEntry[] = $rows['sid'];
'<a href="' . $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']) . '">' . $rows['sid'] . '</a>';

//Set Title
$aSurveyEntry[] = '<!--' . $rows['surveyls_title'] . '--><a href="' . $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']) . '" title="' . $rows['surveyls_title'] . '">' . $rows['surveyls_title'] . '</a>';

//Set Date
Yii::import('application.libraries.Date_Time_Converter', true);
$datetimeobj = new Date_Time_Converter(array($rows['datecreated'], "Y-m-d H:i:s"));
$aSurveyEntry[] = '<!--' . $rows['datecreated'] . '-->' . $datetimeobj->convert($dateformatdetails['phpdate']);

//Set Owner
$aSurveyEntry[] = $rows['users_name'] . ' (<a href="#" class="ownername_edit" translate_to="' . $clang->gT('Edit') . '" id="ownername_edit_' . $rows['sid'] . '">'. $clang->gT('Edit') .'</a>)';

//Set Access
if (Yii::app()->db->schema->getTable('{{tokens_' . $rows['sid'] . '}}'))
{
$aSurveyEntry[] = $clang->gT("Closed");
}
else
{
$aSurveyEntry[] = $clang->gT("Open");
}

//Set Anonymous
if ($rows['anonymized'] == "Y")
{
$aSurveyEntry[] = $clang->gT("Yes");
}
else
{
$aSurveyEntry[] = $clang->gT("No");
}

//Set Responses
if ($rows['active'] == "Y")
{
$partial = Survey_dynamic::model($rows['sid'])->countByAttributes(array('submitdate' => null));
$all = Survey_dynamic::model($rows['sid'])->count();

$aSurveyEntry[] = $all - $partial;
$aSurveyEntry[] = $partial;
$aSurveyEntry[] = $all;


$aSurveyEntry['viewurl'] = $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']);
if (Yii::app()->db->schema->getTable("{{tokens_" . $rows['sid'] . "}}"))

//Set Anonymous
if ($rows['anonymized'] == "Y")
{
$tokens = Tokens_dynamic::model($rows['sid'])->count();
$tokenscompleted = Tokens_dynamic::model($rows['sid'])->count(array(
'condition' => "completed <> 'N'"
));

$aSurveyEntry[] = $tokens;
$aSurveyEntry[] = ($tokens == 0) ? 0 : round($tokenscompleted / $tokens * 100, 1);
$aSurveyEntry[] = $clang->gT("Yes");
}
else
{
$aSurveyEntry[] = $aSurveyEntry[] = '';
$aSurveyEntry[] = $clang->gT("No");
}

//Set Responses
if ($rows['active'] == "Y")
{
$partial = Survey_dynamic::model($rows['sid'])->countByAttributes(array('submitdate' => null));
$all = Survey_dynamic::model($rows['sid'])->count();

$aSurveyEntry[] = $all - $partial;
$aSurveyEntry[] = $partial;
$aSurveyEntry[] = $all;


$aSurveyEntry['viewurl'] = $this->getController()->createUrl("/admin/survey/view/surveyid/" . $rows['sid']);
if (Yii::app()->db->schema->getTable("{{tokens_" . $rows['sid'] . "}}"))
{
$tokens = Tokens_dynamic::model($rows['sid'])->count();
$tokenscompleted = Tokens_dynamic::model($rows['sid'])->count(array(
'condition' => "completed <> 'N'"
));

$aSurveyEntry[] = $tokens;
$aSurveyEntry[] = ($tokens == 0) ? 0 : round($tokenscompleted / $tokens * 100, 1);
}
else
{
$aSurveyEntry[] = $aSurveyEntry[] = '';
}
}
else
{
$aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = '';
}
$aSurveyEntries->rows[] = array('id' => $rows['sid'], 'cell' => $aSurveyEntry);
}
else
{
$aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = $aSurveyEntry[] = '';
}
$aSurveyEntries->rows[] = array('id' => $rows['sid'], 'cell' => $aSurveyEntry);
}

echo ls_json_encode($aSurveyEntries);
Expand Down

0 comments on commit 3080694

Please sign in to comment.