diff --git a/application/libraries/Save.php b/application/libraries/Save.php
index b70fec3b9ae..de1e200ad4f 100644
--- a/application/libraries/Save.php
+++ b/application/libraries/Save.php
@@ -328,50 +328,49 @@ function saveSurvey()
global $surveyid, $thissurvey, $errormsg, $publicurl, $sitename, $clienttoken, $thisstep;
- $aSaveForm = array();
+ $aSaveForm = array();
$timeadjust = getGlobalSetting('timeadjust');
- //Check that the required fields have been completed.
+ // Check that the required fields have been completed.
$errormsg = '';
if (!Yii::app()->request->getPost('savename')){
- $this->aSaveErrors[]=gT("You must supply a name for this saved session.");
+ $this->aSaveErrors[] = gT("You must supply a name for this saved session.");
}
if (!Yii::app()->request->getPost('savepass')){
- $this->aSaveErrors[]= gT("You must supply a password for this saved session.");
+ $this->aSaveErrors[] = gT("You must supply a password for this saved session.");
}
if (Yii::app()->request->getPost('savepass') != Yii::app()->request->getPost('savepass2'))
{
- $this->aSaveErrors[]=gT("Your passwords do not match.");
+ $this->aSaveErrors[] = gT("Your passwords do not match.");
}
- // if security question asnwer is incorrect
- if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha']))
- {
+ // Check captcha
+ if (function_exists("ImageCreate") && isCaptchaEnabled('saveandloadscreen', $thissurvey['usecaptcha'])){
+
if (!Yii::app()->request->getPost('loadsecurity')
|| !isset($_SESSION['survey_'.$surveyid]['secanswer'])
|| Yii::app()->request->getPost('loadsecurity') != $_SESSION['survey_'.$surveyid]['secanswer']
- )
- {
- $this->aSaveErrors[]=gT("The answer to the security question is incorrect.");
+ ){
+ $this->aSaveErrors[] = gT("The answer to the security question is incorrect.");
}
}
- $saveName=Yii::app()->request->getPost('savename');
+ $saveName = Yii::app()->request->getPost('savename');
$duplicate = SavedControl::model()->findByAttributes(array('sid' => $surveyid, 'identifier' => $saveName));
+
+ // Check name
if (strpos($saveName,'/')!==false || strpos($saveName,'/')!==false || strpos($saveName,'&')!==false || strpos($saveName,'&')!==false
- || strpos($saveName,'\\')!==false || strpos($saveName,'\\')!==false)
- {
+ || strpos($saveName,'\\')!==false || strpos($saveName,'\\')!==false){
+
$this->aSaveErrors[]=gT("You may not use slashes or ampersands in your name or password.");
- }
- elseif (!empty($duplicate) && $duplicate->count() > 0) // OK - AR count
- {
+
+ } elseif (!empty($duplicate) && $duplicate->count() > 0){
+
$this->aSaveErrors[]=gT("This name has already been used for this survey. You must use a unique save name.");
- }
- else
- {
+ }else{
//INSERT BLANK RECORD INTO "survey_x" if one doesn't already exist
- if (!isset($_SESSION['survey_'.$surveyid]['srid']))
- {
+
+ if (!isset($_SESSION['survey_'.$surveyid]['srid'])){
$today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
$sdata = array(
"datestamp" => $today,
@@ -379,44 +378,39 @@ function saveSurvey()
"startlanguage" => $_SESSION['survey_'.$surveyid]['s_lang'],
"refurl" => ((isset($_SESSION['survey_'.$surveyid]['refurl'])) ? $_SESSION['survey_'.$surveyid]['refurl'] : getenv('HTTP_REFERER'))
);
- if (SurveyDynamic::model($thissurvey['sid'])->insert($sdata)) // Checked
- {
+
+ if (SurveyDynamic::model($thissurvey['sid'])->insert($sdata)){
$srid = getLastInsertID('{{survey_' . $surveyid . '}}');
$_SESSION['survey_'.$surveyid]['srid'] = $srid;
- }
- else
- {
+ }else{
+ // TODO: $this->aSaveErrors
safeDie("Unable to insert record into survey table.
");
}
}
+
//CREATE ENTRY INTO "saved_control"
- $today = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
- $saved_control = new SavedControl;
- $saved_control->sid = $surveyid;
- $saved_control->srid = $_SESSION['survey_'.$surveyid]['srid'];
- $saved_control->identifier = $_POST['savename']; // Binding does escape, so no quoting/escaping necessary
- $saved_control->access_code = hash('sha256',$_POST['savepass']);
- $saved_control->email = $_POST['saveemail'];
- $saved_control->ip = getIPAddress();
+ $saved_control = new SavedControl;
+ $saved_control->sid = $surveyid;
+ $saved_control->srid = $_SESSION['survey_'.$surveyid]['srid'];
+ $saved_control->identifier = $_POST['savename']; // Binding does escape, so no quoting/escaping necessary
+ $saved_control->access_code = hash('sha256',$_POST['savepass']);
+ $saved_control->email = $_POST['saveemail'];
+ $saved_control->ip = getIPAddress();
$saved_control->saved_thisstep = $thisstep;
- $saved_control->status = 'S';
- $saved_control->saved_date = $today;
- if (isset($_SESSION['survey_'.$surveyid]['refurl']))
- {
+ $saved_control->status = 'S';
+ $saved_control->saved_date = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust);
+
+ if (isset($_SESSION['survey_'.$surveyid]['refurl'])){
$saved_control->refurl = $_SESSION['survey_'.$surveyid]['refurl'];
- }
- else
- {
+ }else{
$saved_control->refurl = getenv("HTTP_REFERER");
}
- if ($saved_control->save())
- {
- $scid = getLastInsertID('{{saved_control}}');
+ if ($saved_control->save()){
+ $scid = getLastInsertID('{{saved_control}}');
$_SESSION['survey_'.$surveyid]['scid'] = $scid;
- }
- else
- {
+ }else{
+ // TODO: $this->aSaveErrors
safeDie("Unable to insert record into saved_control table.
");
}
@@ -424,8 +418,8 @@ function saveSurvey()
$_SESSION['survey_'.$surveyid]['holdpass'] = $_POST['savepass']; //Session variable used to load answers every page. Unsafe - so it has to be taken care of on output
//Email if needed
- if (isset($_POST['saveemail']) && validateEmailAddress($_POST['saveemail']))
- {
+ if (isset($_POST['saveemail']) && validateEmailAddress($_POST['saveemail'])){
+
$subject = gT("Saved Survey Details") . " - " . $thissurvey['name'];
$message = gT("Thank you for saving your survey in progress. The following details can be used to return to this survey and continue where you left off. Please keep this e-mail for your reference - we cannot retrieve the password for you.");
$message .= "\n\n".$thissurvey['name']."\n\n";
@@ -433,31 +427,29 @@ function saveSurvey()
$message .= gT("Password").": ".$_POST['savepass']."\n\n";
$message .= gT("Reload your survey by clicking on the following link (or pasting it into your browser):")."\n";
$aParams=array('scid'=>$scid,'lang'=>App()->language,'loadname'=>$_POST['savename'],'loadpass'=>$_POST['savepass']);
- if (!empty($clienttoken))
- {
+
+ if (!empty($clienttoken)){
$aParams['token'] = $clienttoken;
}
+
$message .= Yii::app()->getController()->createAbsoluteUrl("/survey/index/sid/{$surveyid}/loadall/reload",$aParams);
+ $from = "{$thissurvey['adminname']} <{$thissurvey['adminemail']}>";
- $from="{$thissurvey['adminname']} <{$thissurvey['adminemail']}>";
- if (SendEmailMessage($message, $subject, $_POST['saveemail'], $from, $sitename, false, getBounceEmail($surveyid)))
- {
+ if (SendEmailMessage($message, $subject, $_POST['saveemail'], $from, $sitename, false, getBounceEmail($surveyid))){
$emailsent = "Y";
- }
- else
- {
+ }else{
+
$errormsg .= gT('Error: Email failed, this may indicate a PHP Mail Setup problem on the server. Your survey details have still been saved, however you will not get an email with the details. You should note the "name" and "password" you just used for future reference.');
- if (trim($thissurvey['adminemail'])=='')
- {
+ if (trim($thissurvey['adminemail'])==''){
$errormsg .=gT('(Reason: Admin email address empty)');
}
}
}
+
return gT('Your survey was successfully saved.');
}
- if (!empty($this->aSaveErrors))
- {
+ if (!empty($this->aSaveErrors)){
$aSaveForm['success'] = false;
$aSaveForm['aSaveErrors'] = $this->aSaveErrors;
}