From 72698c4fc31f54f8f91262169948a8a31cd77dd8 Mon Sep 17 00:00:00 2001 From: Shawn Wales Date: Tue, 1 Aug 2006 15:09:36 +0000 Subject: [PATCH] Update loadanswers() for ADODB. Move createinsertquery() from index.php to save.php git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/phpsurveyor@1857 b72ed6b6-b9f8-46b5-92b4-906544132732 --- index.php | 148 ++---------------------------------------------------- save.php | 141 ++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 144 insertions(+), 145 deletions(-) diff --git a/index.php b/index.php index 3d2b7409330..ff1e711b71e 100644 --- a/index.php +++ b/index.php @@ -362,9 +362,8 @@ function loadanswers() { return; } - $result = mysql_query($query) or die ("Error loading results
$query
".mysql_error()); - - if (mysql_num_rows($result) < 1) + $result = db_execute_assoc($query) or die ("Error loading results
$query
".htmlspecialchars($connect->ErrorMsg())); + if ($result->RecordCount() < 1) { $errormsg .= _("There is no matching saved survey")."
\n"; } @@ -372,10 +371,9 @@ function loadanswers() { //A match has been found. Let's load the values! //If this is from an email, build surveysession first - $row=mysql_fetch_row($result); - foreach ($row as $i => $value) + $row=$result->FetchRow(); + foreach ($row as $column => $value) { - $column = mysql_field_name($result,$i); if ($column == "token") { $_POST['token']=$value; @@ -847,144 +845,6 @@ function remove_nulls_from_array($array) } } -//FUNCTIONS USED WHEN SUBMITTING RESULTS: -function createinsertquery() - { - global $thissurvey; - global $deletenonvalues, $thistpl; - global $surveyid, $connect; - $fieldmap=createFieldMap($surveyid); //Creates a list of the legitimate questions for this survey - - if (isset($_SESSION['insertarray']) && is_array($_SESSION['insertarray'])) - { - $inserts=array_unique($_SESSION['insertarray']); - foreach ($inserts as $value) - { - //Work out if the field actually exists in this survey - $fieldexists = arraySearchByKey($value, $fieldmap, "fieldname"); - //Iterate through possible responses - if (isset($_SESSION[$value]) && !empty($fieldexists)) - { - //If deletenonvalues is ON, delete any values that shouldn't exist - if($deletenonvalues==1) {checkconfield($value);} - //Only create column name and data entry if there is actually data! - $colnames[]=$value; - $values[]=$connect->qstr($_SESSION[$value]); - } - } - if (!isset($colnames) || !is_array($colnames)) //If something went horribly wrong - ie: none of the insertarray fields exist for this survey, crash out - { - echo submitfailed(); - exit; - } - - if ($thissurvey['datestamp'] == "Y") - { - $_SESSION['datestamp']=date("Y-m-d H:i:s"); - } -// --> START NEW FEATURE - SAVE - // CHECK TO SEE IF ROW ALREADY EXISTS - if (!isset($_SESSION['srid'])) - { - // INSERT NEW ROW - // TODO SQL: quote colum name correctly - $query = "INSERT INTO ".db_quote_id($thissurvey['tablename'])."\n" - ."(".implode(', ', array_map('db_quote_id',$colnames)); - if ($thissurvey['datestamp'] == "Y") - { - $query .= ",`datestamp`"; - } - if ($thissurvey['ipaddr'] == "Y") - { - $query .= ",`ipaddr`"; - } - if ($thissurvey['refurl'] == "Y") - { - $query .= ",`refurl`"; - } - if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) - { - $query .= ",`submitdate`"; - } - $query .=") "; - $query .="VALUES (".implode(", ", $values); - if ($thissurvey['datestamp'] == "Y") - { - $query .= ", '".$_SESSION['datestamp']."'"; - } - if ($thissurvey['ipaddr'] == "Y") - { - $query .= ", '".$_SERVER['REMOTE_ADDR']."'"; - } - if ($thissurvey['refurl'] == "Y") - { - $query .= ", '".getenv("HTTP_REFERER")."'"; - } - if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) - { - $query .= ", '".date("Y-m-d H:i:s")."'"; - } - $query .=")"; - } - else - { // UPDATE EXISTING ROW - // Updates only the MODIFIED fields posted on current page. - if (isset($_POST['modfields']) && $_POST['modfields']) - { - $query = "UPDATE {$thissurvey['tablename']} SET "; - if ($thissurvey['datestamp'] == "Y") - { - $query .= "datestamp = '".$_SESSION['datestamp']."',"; - } - if ($thissurvey['ipaddr'] == "Y") - { - $query .= "ipaddr = '".$_SERVER['REMOTE_ADDR']."',"; - } - if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) - { - $query .= "submitdate = '".date("Y-m-d H:i:s")."',"; - } - $fields=explode("|", $_POST['modfields']); - foreach ($fields as $field) - { - $query .= $field." = '".mysql_escape_string($_POST[$field])."',"; - } - $query .= "WHERE id=" . $_SESSION['srid']; - $query = str_replace(",WHERE", " WHERE", $query); // remove comma before WHERE clause - } - else - { - $query = ""; - if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) - { - $query = "UPDATE {$thissurvey['tablename']} SET "; - $query .= "submitdate = '".date("Y-m-d H:i:s")."' "; - $query .= "WHERE id=" . $_SESSION['srid']; - } - } - } -// <-- END NEW FEATURE - SAVE -//DEBUG START -//echo $query; -//DEBUG END - return $query; - } - else - { - sendcacheheaders(); - doHeader(); - foreach(file("$thistpl/startpage.pstpl") as $op) - { - echo templatereplace($op); - } - echo "
"._("Error")."

\n"; - echo _("Cannot submit results - there are none to submit.")."

\n"; - echo ""._("This error can occur if you have already submitted your responses and pressed 'refresh' on your browser. In this case, your responses have already been saved.

If you receive this message in the middle of completing a survey, you should choose '<- BACK' on your browser and then refresh/reload the previous page. While you will lose answers from the last page all your others will still exist. This problem can occur if the webserver is suffering from overload or excessive use. We apologise for this problem.")."
\n"; - echo "


"; - exit; - } - } - function submittokens() { global $thissurvey; diff --git a/save.php b/save.php index 79aca52cf33..8aa1c99a7e0 100644 --- a/save.php +++ b/save.php @@ -231,7 +231,7 @@ function savedcontrol() $sdata = array("datestamp"=>date("Y-m-d H:i:s"), "ipaddr"=>$_SERVER['REMOTE_ADDR'], "refurl"=>getenv("HTTP_REFERER")); - + //One of the strengths of ADOdb's AutoExecute() is that only valid field names for $table are updated if ($connect->AutoExecute("{$thissurvey['tablename']}", $sdata,'INSERT')) { $srid = $connect->Insert_ID(); @@ -298,4 +298,143 @@ function savedcontrol() } } +//FUNCTIONS USED WHEN SUBMITTING RESULTS: +function createinsertquery() +{ +global $thissurvey; +global $deletenonvalues, $thistpl; +global $surveyid, $connect; +$fieldmap=createFieldMap($surveyid); //Creates a list of the legitimate questions for this survey + +if (isset($_SESSION['insertarray']) && is_array($_SESSION['insertarray'])) + { + $inserts=array_unique($_SESSION['insertarray']); + foreach ($inserts as $value) + { + //Work out if the field actually exists in this survey + $fieldexists = arraySearchByKey($value, $fieldmap, "fieldname"); + //Iterate through possible responses + if (isset($_SESSION[$value]) && !empty($fieldexists)) + { + //If deletenonvalues is ON, delete any values that shouldn't exist + if($deletenonvalues==1) {checkconfield($value);} + //Only create column name and data entry if there is actually data! + $colnames[]=$value; + $values[]=$connect->qstr($_SESSION[$value]); + } + } + if (!isset($colnames) || !is_array($colnames)) //If something went horribly wrong - ie: none of the insertarray fields exist for this survey, crash out + { + echo submitfailed(); + exit; + } + + if ($thissurvey['datestamp'] == "Y") + { + $_SESSION['datestamp']=date("Y-m-d H:i:s"); + } + +// --> START NEW FEATURE - SAVE +// CHECK TO SEE IF ROW ALREADY EXISTS + if (!isset($_SESSION['srid'])) + { + // INSERT NEW ROW + // TODO SQL: quote colum name correctly + $query = "INSERT INTO ".db_quote_id($thissurvey['tablename'])."\n" + ."(".implode(', ', array_map('db_quote_id',$colnames)); + if ($thissurvey['datestamp'] == "Y") + { + $query .= ",`datestamp`"; + } + if ($thissurvey['ipaddr'] == "Y") + { + $query .= ",`ipaddr`"; + } + if ($thissurvey['refurl'] == "Y") + { + $query .= ",`refurl`"; + } + if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) + { + $query .= ",`submitdate`"; + } + $query .=") "; + $query .="VALUES (".implode(", ", $values); + if ($thissurvey['datestamp'] == "Y") + { + $query .= ", '".$_SESSION['datestamp']."'"; + } + if ($thissurvey['ipaddr'] == "Y") + { + $query .= ", '".$_SERVER['REMOTE_ADDR']."'"; + } + if ($thissurvey['refurl'] == "Y") + { + $query .= ", '".getenv("HTTP_REFERER")."'"; + } + if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) + { + $query .= ", '".date("Y-m-d H:i:s")."'"; + } + $query .=")"; + } + else + { // UPDATE EXISTING ROW + // Updates only the MODIFIED fields posted on current page. + if (isset($_POST['modfields']) && $_POST['modfields']) + { + $query = "UPDATE {$thissurvey['tablename']} SET "; + if ($thissurvey['datestamp'] == "Y") + { + $query .= "datestamp = '".$_SESSION['datestamp']."',"; + } + if ($thissurvey['ipaddr'] == "Y") + { + $query .= "ipaddr = '".$_SERVER['REMOTE_ADDR']."',"; + } + if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) + { + $query .= "submitdate = '".date("Y-m-d H:i:s")."',"; + } + $fields=explode("|", $_POST['modfields']); + foreach ($fields as $field) + { + $query .= $field." = '".mysql_escape_string($_POST[$field])."',"; + } + $query .= "WHERE id=" . $_SESSION['srid']; + $query = str_replace(",WHERE", " WHERE", $query); // remove comma before WHERE clause + } + else + { + $query = ""; + if ((isset($_POST['move']) && $_POST['move'] == " "._("submit")." ")) + { + $query = "UPDATE {$thissurvey['tablename']} SET "; + $query .= "submitdate = '".date("Y-m-d H:i:s")."' "; + $query .= "WHERE id=" . $_SESSION['srid']; + } + } + } +// <-- END NEW FEATURE - SAVE +//DEBUG START +//echo $query; +//DEBUG END + return $query; + } +else + { + sendcacheheaders(); + doHeader(); + foreach(file("$thistpl/startpage.pstpl") as $op) + { + echo templatereplace($op); + } + echo "
"._("Error")."

\n"; + echo _("Cannot submit results - there are none to submit.")."

\n"; + echo ""._("This error can occur if you have already submitted your responses and pressed 'refresh' on your browser. In this case, your responses have already been saved.

If you receive this message in the middle of completing a survey, you should choose '<- BACK' on your browser and then refresh/reload the previous page. While you will lose answers from the last page all your others will still exist. This problem can occur if the webserver is suffering from overload or excessive use. We apologise for this problem.")."
\n"; + echo "


"; + exit; + } +} + ?> \ No newline at end of file