diff --git a/application/components/LocalizedFormatter.php b/application/components/LocalizedFormatter.php index c81f4adcbb9..6ebda108839 100644 --- a/application/components/LocalizedFormatter.php +++ b/application/components/LocalizedFormatter.php @@ -23,16 +23,18 @@ public function formatBooleanIcon($value) { public function formatPercentage($factor) { return number_format($factor * 100, 1) . '%'; } - - public function formatEmail($email) { - $encoded = ''; - foreach (str_split($email, 1) as $character) { - $ord = ord($character); - $encoded .= '&#'; - $encoded .= rand(0, 1) === 0 ? 'x' . dechex($ord) : $ord; - $encoded .= ';'; - } - return $encoded; - } + /** + * This encodes an email, but it breaks the mailto link. For now this has been disabled. + */ +// public function formatEmail($email) { +// $encoded = ''; +// foreach (str_split($email, 1) as $character) { +// $ord = ord($character); +// $encoded .= '&#'; +// $encoded .= rand(0, 1) === 0 ? 'x' . dechex($ord) : $ord; +// $encoded .= ';'; +// } +// return parent::formatEmail($encoded); +// } } \ No newline at end of file diff --git a/application/controllers/PrintanswersController.php b/application/controllers/PrintanswersController.php index ef3140b88b4..5a730d686da 100644 --- a/application/controllers/PrintanswersController.php +++ b/application/controllers/PrintanswersController.php @@ -57,7 +57,6 @@ function actionView($surveyid,$printableexport=FALSE) $iSurveyID=0; $sLanguage = Yii::app()->getConfig("defaultlang"); } - SetSurveyLanguage($iSurveyID, $sLanguage); $aSurveyInfo = getSurveyInfo($iSurveyID,$sLanguage); //SET THE TEMPLATE DIRECTORY $sTemplate = $aSurveyInfo['template']; diff --git a/application/controllers/Statistics_userController.php b/application/controllers/Statistics_userController.php index 60eda6584b2..f4c13ace666 100644 --- a/application/controllers/Statistics_userController.php +++ b/application/controllers/Statistics_userController.php @@ -138,8 +138,6 @@ function actionAction($surveyid,$language=null) { $sLanguage=sanitize_languagecode($sLanguage); } - //set survey language for translations - SetSurveyLanguage($iSurveyID, $sLanguage); //Create header sendCacheHeaders(); $condition = false; diff --git a/application/controllers/admin/printablesurvey.php b/application/controllers/admin/printablesurvey.php index aacdb034b8c..2b1937c3eeb 100644 --- a/application/controllers/admin/printablesurvey.php +++ b/application/controllers/admin/printablesurvey.php @@ -43,7 +43,6 @@ function index($surveyid, $lang = null) $aSurveyInfo=getSurveyInfo($surveyid,$lang); if (!($aSurveyInfo)) $this->getController()->error('Invalid survey ID'); - SetSurveyLanguage($surveyid,$lang); $sLanguageCode=App()->language; $templatename = $aSurveyInfo['template']; diff --git a/application/controllers/admin/surveypermission.php b/application/controllers/admin/surveypermission.php deleted file mode 100644 index df1f02ad103..00000000000 --- a/application/controllers/admin/surveypermission.php +++ /dev/null @@ -1,660 +0,0 @@ -getConfig('adminimageurl'); - - if(App()->user->checkAccess('surveysecurity', ['crud' => 'read', 'entity' => 'survey', 'entity_id' => $surveyid])) - { - $aBaseSurveyPermissions=Permission::model()->getSurveyBasePermissions(); - $userList=getUserList('onlyuidarray'); // Limit the user list for the samegrouppolicy - App()->getClientScript()->registerPackage('jquery-tablesorter'); - App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . "surveypermissions.js"); - $surveysecurity ="
".gT("Survey permissions")."
\n"; - $result2 = Permission::model()->getUserDetails($surveyid); - if(count($result2) > 0) - { - $surveysecurity = "" - . "" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n"; - foreach ($aBaseSurveyPermissions as $sPermission=>$aSubPermissions ) - { - $surveysecurity.="\n"; - } - $surveysecurity .= "\n"; - - // Foot first - - if (Yii::app()->getConfig('usercontrolSameGroupPolicy') == true) - { - $authorizedGroupsList = getUserGroupList(NULL,'simplegidarray'); - } - - $surveysecurity .= "\n"; - $row = 0; - foreach ($result2 as $PermissionRow) - { - if(in_array($PermissionRow['uid'],$userList)) - { - - $result3 = UserInGroup::model()->with('users')->findAll('users.uid = :uid',array(':uid' => $PermissionRow['uid'])); - foreach ($result3 as $resul3row) - { - if (Yii::app()->getConfig('usercontrolSameGroupPolicy') == false || - in_array($resul3row->ugid,$authorizedGroupsList)) - { - $group_ids[] = $resul3row->ugid; - } - } - - if(isset($group_ids) && $group_ids[0] != NULL) - { - $group_ids_query = implode(",", $group_ids); - unset($group_ids); - $result4 = UserGroup::model()->findAll("ugid IN ($group_ids_query)"); - - foreach ($result4 as $resul4row) - { - $group_names[] = $resul4row->name; - } - if(count($group_names) > 0) - $group_names_query = implode(", ", $group_names); - } - // else {break;} //TODO Commented by lemeur - $surveysecurity .= "\n"; - - $surveysecurity .= "\n"; - $surveysecurity .= "\n" - . "\n" - . "\n"; - - //Now show the permissions - foreach ($aBaseSurveyPermissions as $sPKey=>$aPDetails) { - unset($aPDetails['img']); - unset($aPDetails['description']); - unset($aPDetails['title']); - $iCount=0; - $iPermissionCount=0; - foreach ($aPDetails as $sPDetailKey=>$sPDetailValue) - { - if ($sPDetailValue && App()->authManager->checkAccess($sPKey, $PermissionRow['uid'], ['crud' => $sPDetailKey, 'entity' => 'survey', 'entity_id' => $surveyid]) && !($sPKey=='survey' && $sPDetailKey=='read')) $iCount++; - if ($sPDetailValue) $iPermissionCount++; - } - if ($sPKey=='survey') $iPermissionCount--; - if ($iCount==$iPermissionCount) { - $insert = "
 
"; - } - elseif ($iCount>0){ - $insert = "
 
"; - } - else - { - $insert = "
 
"; - } - $surveysecurity .= "\n"; - } - - $surveysecurity .= "\n"; - $row++; - } - } - $surveysecurity .= "\n" - . "
".gT("Action")."".gT("Username")."".gT("User group")."".gT("Full name")."\"<span".$aSubPermissions['title']."
".$aSubPermissions['description']."\" />
\n"; - - if(App()->user->checkAccess('surveysecurity', ['crud' => 'update', 'entity' => 'survey', 'entity_id' => $surveyid])) - { - if($PermissionRow['uid']!=Yii::app()->user->getId() || App()->user->checkAccess('superadmin')) // Can not update own security - { - $surveysecurity .= CHtml::form(array("admin/surveypermission/sa/set/surveyid/{$surveyid}"), 'post', array('style'=>"display:inline;")) - ."" - ."" - ."" - ."" - ."\n"; - } - } - if(App()->user->checkAccess('surveysecurity', ['crud' => 'delete', 'entity' => 'survey', 'entity_id' => $surveyid])) - { - $surveysecurity .= CHtml::form(array("admin/surveypermission/sa/delete/surveyid/{$surveyid}"), 'post', array('style'=>"display:inline;")) - ."" - ."" - ."" - ."" - .""; - } - - $surveysecurity .= "{$PermissionRow['users_name']}"; - - if(isset($group_names) > 0) - { - $surveysecurity .= $group_names_query; - } - else - { - $surveysecurity .= "---"; - } - unset($group_names); - - $surveysecurity .= "\n{$PermissionRow['full_name']}\n$insert\n
\n"; - } - else - { - - } - if(App()->user->checkAccess('surveysecurity', ['crud' => 'create', 'entity' => 'survey', 'entity_id' => $surveyid])) - { - $surveysecurity .= CHtml::form(array("admin/surveypermission/sa/adduser/surveyid/{$surveyid}"), 'post', array('class'=>"form44"))."\n"; - - $surveysecurity .= CHtml::form(array("admin/surveypermission/sa/addusergroup/surveyid/{$surveyid}"), 'post', array('class'=>"form44")).""; - } - - $aViewUrls['output'] = $surveysecurity; - } - else - { - $this->getController()->error('Access denied'); - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - /** - * surveypermission::addusergroup() - * Function responsible to add usergroup. - * @param mixed $surveyid - * @return void - */ - function addusergroup($surveyid) - { - $aData['surveyid'] = $surveyid = sanitize_int($surveyid); - $aViewUrls = array(); - - $action = $_POST['action']; - $imageurl = Yii::app()->getConfig('imageurl'); - - $postusergroupid = !empty($_POST['ugid']) ? $_POST['ugid'] : false; - - - if($action == "addusergroupsurveysecurity") - { - $addsummary = "
".gT("Add user group")."
\n"; - $addsummary .= "
\n"; - - $result = Survey::model()->findAll('sid = :surveyid AND owner_id = :owner_id',array(':surveyid' => $surveyid, ':owner_id' => App()->user->id)); - if( App()->user->checkAccess('surveysecurity', ['crud' => 'create', 'entity' => 'survey', 'entity_id' => $surveyid]) - && in_array($postusergroupid,getSurveyUserGroupList('simpleugidarray',$surveyid)) - ) - { - if($postusergroupid > 0){ - $result2 = User::model()->getCommonUID($surveyid, $postusergroupid); //Checked - $result2 = $result2->readAll(); - if(count($result2) > 0) - { - foreach ($result2 as $row2 ) - { - $uid_arr[] = $row2['uid']; - $isrresult = Permission::model()->insertSomeRecords(array('entity_id' => $surveyid, 'entity'=>'survey', 'uid' => $row2['uid'], 'permission' => 'survey', 'read_p' => 1)); - if (!$isrresult) break; - } - - if($isrresult) - { - $addsummary .= "
".gT("User group added.")."
\n"; - Yii::app()->session['uids'] = $uid_arr; - $addsummary .= "
" - .CHtml::form(array("admin/surveypermission/sa/set/surveyid/{$surveyid}"), 'post') - ."" - ."" - ."" - ."\n"; - } - else - { - // Error while adding user to the database - $addsummary .= "
".gT("Failed to add user group.")."
\n"; - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - } - else - { - // no user to add - $addsummary .= "
".gT("Failed to add user group.")."
\n"; - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - } - else - { - $addsummary .= "
".gT("Failed to add user.")."
\n" - . "
" . gT("No Username selected.")."
\n"; - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - } - else - { - $this->getController()->error('Access denied'); - } - $addsummary .= "
\n"; - - $aViewUrls['output'] = $addsummary; - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - - /** - * surveypermission::adduser() - * Function responsible to add user. - * @param mixed $surveyid - * @return void - */ - function adduser($surveyid) - { - $aData['surveyid'] = $surveyid = sanitize_int($surveyid); - $aViewUrls = array(); - - $action = $_POST['action']; - - - $imageurl = Yii::app()->getConfig('imageurl'); - $postuserid = $_POST['uid']; - - if($action == "addsurveysecurity") - { - $addsummary = "
".gT("Add user")."
\n"; - $addsummary .= "
\n"; - - $result = Survey::model()->findAll('sid = :sid AND owner_id = :owner_id AND owner_id != :postuserid',array(':sid' => $surveyid, ':owner_id' => App()->user->id, ':postuserid' => $postuserid)); - if( App()->user->checkAccess('surveysecurity', ['crud' => 'create', 'entity' => 'survey', 'entity_id' => $surveyid]) - && in_array($postuserid,getUserList('onlyuidarray')) - ) - { - - if($postuserid > 0){ - - $isrresult = Permission::model()->insertSomeRecords(array('entity_id' => $surveyid, 'entity'=>'survey', 'uid' => $postuserid, 'permission' => 'survey', 'read_p' => 1)); - - if($isrresult) - { - - $addsummary .= "
".gT("User added.")."
\n"; - $addsummary .= "
" - .CHtml::form(array("admin/surveypermission/sa/set/surveyid/{$surveyid}"), 'post') - ."" - ."" - ."" - ."\n"; - } - else - { - // Username already exists. - $addsummary .= "
".gT("Failed to add user.")."
\n" - . "
" . gT("Username already exists.")."
\n"; - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - } - else - { - $addsummary .= "
".gT("Failed to add user.")."
\n" - . "
" . gT("No Username selected.")."
\n"; - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - } - else - { - $this->getController()->error('Access denied'); - } - - $addsummary .= "
\n"; - - $aViewUrls['output'] = $addsummary; - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - /** - * surveypermission::set() - * Function responsible to set permissions to a user/usergroup. - * @param mixed $surveyid - * @return void - */ - function set($surveyid) - { - $aData['surveyid'] = $surveyid = sanitize_int($surveyid); - $aViewUrls = array(); - - $action = App()->getRequest()->getPost('action'); - - - $imageurl = Yii::app()->getConfig('adminimageurl'); - $postuserid = !empty($_POST['uid']) ? $_POST['uid'] : null; - $postusergroupid = !empty($_POST['ugid']) ? $_POST['ugid'] : null; - if($action == "setsurveysecurity") - { - if ( (!App()->user->checkAccess('superadmin') && Yii::app()->user->getId()==$postuserid) // User can not change own security (except superadmin) - || !in_array($postuserid,getUserList('onlyuidarray')) // User can not set user security if it can not see it - ) - { - $this->getController()->error('Access denied'); - } - } - elseif( $action == "setusergroupsurveysecurity" ) - { - if ( !App()->user->checkAccess('superadmin') && !in_array($postusergroupid,getUserGroupList(null, 'simplegidarray')) ) // User can not change own security (except for superadmin ?) - { - $this->getController()->error('Access denied'); - } - } - else - { - Yii::app()->request->redirect(Yii::app()->getController()->createUrl('admin/surveypermission/sa/view', array('surveyid'=>$surveyid))); - //$this->getController()->error('Unknow action'); - } - - if( App()->user->checkAccess('surveysecurity', ['crud' => 'update', 'entity' => 'survey', 'entity_id' => $surveyid]) ) - { - App()->getClientScript()->registerPackage('jquery-tablesorter'); - App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . "surveypermissions.js"); - if ($action == "setsurveysecurity") - { - $query = "select users_name from {{users}} where uid=:uid"; - $resrow = Yii::app()->db->createCommand($query)->bindParam(":uid", $postuserid, PDO::PARAM_INT)->queryRow(); - $sUsername=$resrow['users_name']; - $usersummary = "
".sprintf(gT("Edit survey permissions for user %s"),"".$sUsername."")."
"; - } - else - { - $resrow = UserGroup::model()->find('ugid = :ugid',array(':ugid' => $postusergroupid)); - $sUsergroupName=$resrow['name']; - $usersummary = "
".sprintf(gT("Edit survey permissions for group %s"),"".$sUsergroupName."")."
"; - } - $usersummary .= "
" - .CHtml::form(array("admin/surveypermission/sa/surveyright/surveyid/{$surveyid}"), 'post') - . "\n"; - - $usersummary .= "" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n" - . "\n"; - - //content - - $aBasePermissions=Permission::model()->getSurveyBasePermissions(); - - $oddcolumn=false; - foreach($aBasePermissions as $sPermissionKey=>$aCRUDPermissions) - { - $oddcolumn=!$oddcolumn; - $usersummary .= ""; - $usersummary .= ""; - $usersummary .= ""; - foreach ($aCRUDPermissions as $sCRUDKey=>$CRUDValue) - { - if (!in_array($sCRUDKey,array('create','read','update','delete','import','export'))) continue; - $usersummary .= ""; - } - $usersummary .= ""; - } - $usersummary .= "\n
".gT("Permission")."".gT("Create")."".gT("View/read")."".gT("Update")."".gT("Delete")."".gT("Import")."".gT("Export")."
{$aCRUDPermissions['title']}"; - - if ($CRUDValue) - { - if (!($sPermissionKey=='survey' && $sCRUDKey=='read')) - { - $usersummary .= "authManager->checkAccess($sPermissionKey, $postuserid, ['crud' => $sCRUDKey, 'entity' => 'survey', 'entity_id' => $surveyid])) { - $usersummary .= ' checked="checked" '; - } - $usersummary .=" />"; - } - } - $usersummary .= "
" - ."

" - ."" - .""; - - if ($action=='setsurveysecurity') - { - $usersummary .=""; - } - else - { - $usersummary .=""; - } - $usersummary .= "\n"; - - $aViewUrls['output'] = $usersummary; - } - else - { - $this->getController()->error('Access denied'); - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - /** - * surveypermission::delete() - * Function responsible to delete a user/usergroup. - * @param mixed $surveyid - * @return void - */ - function delete($surveyid) - { - - $aData['surveyid'] = $surveyid = sanitize_int($surveyid); - $aViewUrls = array(); - - $action = $_POST['action']; - - - $imageurl = Yii::app()->getConfig('imageurl'); - $postuserid = !empty($_POST['uid']) ? $_POST['uid'] : false; - $postusergroupid = !empty($_POST['gid']) ? $_POST['gid'] : false;// Not used - - if($postuserid && !in_array($postuserid,getUserList('onlyuidarray'))) - { - $this->getController()->error('Access denied'); - } - elseif( $postusergroupid && !in_array($postusergroupid,getUserList('onlyuidarray'))) - { - $this->getController()->error('Access denied'); - } - - if($action == "delsurveysecurity") - { - $addsummary = "

".gT("Deleting User")."
\n"; - $addsummary .= "
\n"; - - if( App()->user->checkAccess('surveysecurity', ['crud' => 'delete', 'entity' => 'survey', 'entity_id' => $surveyid]) ) - { - if (isset($postuserid)) - { - $dbresult = Permission::model()->deleteAll("uid = :uid AND entity_id = :sid AND entity = 'survey'",array(':uid' => $postuserid, ':sid' => $surveyid)); - $addsummary .= "
".gT("Username").": ".sanitize_xss_string($_POST['user'])."

\n"; - $addsummary .= "
".gT("Success!")."
\n"; - } - else - { - $addsummary .= "
".gT("Could not delete user. User was not supplied.")."
\n"; - } - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - } - else - { - $this->getController()->error('Access denied'); - } - $addsummary .= "
\n"; - - $aViewUrls['output'] = $addsummary; - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - /** - * surveypermission::surveyright() - * Function responsible to process setting of permission of a user/usergroup. - * @param mixed $surveyid - * @return void - */ - function surveyright($surveyid) - { - $aData['surveyid'] = $surveyid = sanitize_int($surveyid); - $aViewUrls = array(); - - $action = $_POST['action']; - - $imageurl = Yii::app()->getConfig('imageurl'); - $postuserid = !empty($_POST['uid']) ? $_POST['uid'] : false; - $postusergroupid = !empty($_POST['ugid']) ? $_POST['ugid'] : false; - - if($postuserid && !in_array($postuserid,getUserList('onlyuidarray'))) - { - $this->getController()->error('Access denied'); - } - elseif( $postusergroupid && !in_array($postusergroupid,getUserGroupList(null, 'simplegidarray'))) - { - $this->getController()->error('Access denied'); - } - - if ($action == "surveyrights" && App()->user->checkAccess('surveysecurity', ['crud' => 'update', 'entity' => 'survey', 'entity_id' => $surveyid])) - { - $addsummary = "
".gT("Edit survey permissions")."
\n"; - $addsummary .= "
\n"; - $where = ' '; - if($postuserid){ - if (!App()->user->checkAccess('superadmin')) - { - $where .= "sid = :surveyid AND owner_id != :postuserid AND owner_id = :owner_id"; - $resrow = Survey::model()->find($where,array(':surveyid' => $surveyid, ':owner_id' => App()->user->id, ':postuserid' => $postuserid)); - } - } - else{ - $where .= "sid = :sid"; - $resrow = Survey::model()->find($where,array(':sid' => $surveyid)); - $iOwnerID=$resrow['owner_id']; - } - - $aBaseSurveyPermissions = Permission::model()->getSurveyBasePermissions(); - $aPermissions=array(); - foreach ($aBaseSurveyPermissions as $sPermissionKey=>$aCRUDPermissions) - { - foreach ($aCRUDPermissions as $sCRUDKey=>$CRUDValue) - { - if (!in_array($sCRUDKey,array('create','read','update','delete','import','export'))) continue; - - if ($CRUDValue) - { - if(isset($_POST["perm_{$sPermissionKey}_{$sCRUDKey}"])){ - $aPermissions[$sPermissionKey][$sCRUDKey]=1; - } - else - { - $aPermissions[$sPermissionKey][$sCRUDKey]=0; - } - } - } - } - - if (isset($postusergroupid) && $postusergroupid>0) - { - $oResult = UserInGroup::model()->findAll('ugid = :ugid AND uid <> :uid AND uid <> :iOwnerID',array(':ugid' => $postusergroupid, ':uid' => App()->user->id, ':iOwnerID' => $iOwnerID)); - if(count($oResult) > 0) - { - foreach ($oResult as $aRow) - { - Permission::model()->setPermissions($aRow->uid, $surveyid, 'survey', $aPermissions); - } - $addsummary .= "
".gT("Survey permissions for all users in this group were successfully updated.")."
\n"; - } - } - else - { - if (Permission::model()->setPermissions($postuserid, $surveyid, 'survey', $aPermissions)) - { - $addsummary .= "
".gT("Survey permissions were successfully updated.")."
\n"; - } - else - { - $addsummary .= "
".gT("Failed to update survey permissions!")."
\n"; - } - - } - $addsummary .= "
getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".gT("Continue")."\"/>\n"; - $addsummary .= "
\n"; - $aViewUrls['output'] = $addsummary; - } - else - { - $this->getController()->error('Access denied'); - } - - $this->_renderWrappedTemplate('authentication', $aViewUrls, $aData); - } - - /** - * Renders template(s) wrapped in header and footer - * - * @param string $sAction Current action, the folder to fetch views from - * @param string|array $aViewUrls View url(s) - * @param array $aData Data to be passed on. Optional. - */ - protected function _renderWrappedTemplate($sAction = 'authentication', $aViewUrls = array(), $aData = array()) - { - - parent::_renderWrappedTemplate($sAction, $aViewUrls, $aData); - } - -} diff --git a/application/controllers/admin/usergroups.php b/application/controllers/admin/usergroups.php deleted file mode 100644 index e23dc9e74c4..00000000000 --- a/application/controllers/admin/usergroups.php +++ /dev/null @@ -1,404 +0,0 @@ -request->getPost("action"); - - if ($action == "mailsendusergroup") { - - // user must be in user group or superadmin - $result = UserInGroup::model()->findAllByPk(array('ugid' => $ugid, 'uid' => App()->user->id)); - if (count($result) > 0 || App()->user->checkAccess('superadmin')) - { - $criteria = new CDbCriteria; - $criteria->compare('ugid',$ugid)->addNotInCondition('users.uid',array(App()->user->id)); - $eguresult = UserInGroup::model()->with('users')->findAll($criteria); - //die('me'); - $to = array(); - - foreach ($eguresult as $egurow) - { - $to[] = $egurow->users->users_name . ' <' . $egurow->users->email . '>'; - } - - $from_user_result = User::model()->findByPk(App()->user->id); - $from_user_row = $from_user_result; - - if ($from_user_row->full_name) { - $from = $from_user_row->full_name; - $from .= ' <'; - $from .= $from_user_row->email . '> '; - } - else - { - $from = $from_user_row->users_name . ' <' . $from_user_row->email . '> '; - } - - $body = $_POST['body']; - $subject = $_POST['subject']; - - if (isset($_POST['copymail']) && $_POST['copymail'] == 1) { - $to[] = $from; - } - $body = str_replace("\n.", "\n..", $body); - $body = wordwrap($body, 70); - - - //echo $body . '-'.$subject .'-'.'
'.htmlspecialchars($to).'
'.'-'.$from; - if (SendEmailMessage($body, $subject, $to, $from, '')) { - list($aViewUrls, $aData) = $this->index($ugid, array("type" => "success", "message" => "Message(s) sent successfully!")); - } - else - { - global $maildebug; - global $debug; - global $maildebugbody; - //$maildebug = (isset($maildebug)) ? $maildebug : "Their was a unknown error in the mailing part :)"; - //$debug = (isset($debug)) ? $debug : 9; - //$maildebugbody = (isset($maildebugbody)) ? $maildebugbody : 'an unknown error accourd'; - $headercfg["type"] = "warning"; - $headercfg["message"] = sprintf(gT("Email to %s failed. Error Message:"), $to) . " " . $maildebug; - list($aViewUrls, $aData) = $this->index($ugid, $headercfg); - } - } - else - { - die(); - } - - } - else - { - $where = array('and', 'a.ugid =' . $ugid, 'uid =' . App()->user->id); - $join = array('where' => "{{user_in_groups}} AS b", 'on' => 'a.ugid = b.ugid'); - $result = UserGroup::model()->join(array('a.ugid', 'a.name', 'a.owner_id', 'b.uid'), "{{user_groups}} AS a", $where, $join, 'name'); - - $crow = $result; - $aData['ugid'] = $ugid; - - $aViewUrls = 'mailUserGroup_view'; - } - - $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); - } - - /** - * Usergroups::delete() - * Function responsible to delete a user group. - * @return void - */ - public function delete($ugid) - { - - $aViewUrls = array(); - $aData = array(); - - if (App()->user->checkAccess('usergroups', ['crud' => 'delete'])) { - - if (!empty($ugid) && ($ugid > -1)) { - $result = UserGroup::model()->requestEditGroup($ugid, Yii::app()->session["loginID"]); - if ($result->count() > 0) { // OK - AR count - $delquery_result = UserGroup::model()->deleteGroup($ugid, Yii::app()->session["loginID"]); - - if ($delquery_result) //Checked) - { - list($aViewUrls, $aData) = $this->index(false, array("type" => "success", "message" => gT("Success!"))); - } - else - { - list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => gT("Could not delete user group."))); - } - } - } - else - { - list($aViewUrls, $aData) = $this->index($ugid, array("type" => "warning", "message" => gT("Could not delete user group. No group selected."))); - } - } - - $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); - } - - - public function add() - { - - - $action = (isset($_POST['action'])) ? $_POST['action'] : ''; - $aData = array(); - - if (App()->user->checkAccess('usergroups', ['crud' => 'create'])) { - - if ($action == "usergroupindb") { - $db_group_name = flattenText($_POST['group_name'],false,true,'UTF-8',true); - $db_group_description = $_POST['group_description']; - - if (isset($db_group_name) && strlen($db_group_name) > 0) { - if (strlen($db_group_name) > 21) { - list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => gT("Failed to add group! Group name length more than 20 characters."))); - } - elseif (UserGroup::model()->find("name=:groupName", array(':groupName'=>$db_group_name))) { - list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => gT("Failed to add group! Group already exists."))); - } - else - { - $ugid = UserGroup::model()->addGroup($db_group_name, $db_group_description); - Yii::app()->session['flashmessage'] = gT("User group successfully added!"); - list($aViewUrls, $aData) = $this->index($ugid, true); - } - } - else - { - list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => gT("Failed to add group! Group Name was not supplied."))); - } - } - else - { - $aViewUrls = 'addUserGroup_view'; - } - } - - $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); - } - - /** - * Usergroups::edit() - * Load edit user group screen. - * @param mixed $ugid - * @return void - */ - function edit($ugid) - { - $ugid = (int)$ugid; - - $action = (isset($_POST['action'])) ? $_POST['action'] : ''; - if (App()->user->checkAccess('usergroups',['crud' => 'update'])) { - if ($action == "editusergroupindb") { - - $ugid = (int)$_POST['ugid']; - - $db_name = $_POST['name']; - $db_description = $_POST['description']; - if (UserGroup::model()->updateGroup($db_name, $db_description, $ugid)) { - Yii::app()->session['flashmessage'] = gT("User group successfully saved!"); - $aData['ugid'] = $ugid; - $this->getController()->redirect(array('admin/usergroups/sa/view/ugid/'.$ugid)); - } - else - { - Yii::app()->session['flashmessage'] = gT("Failed to edit user group!"); - $this->getController()->redirect(array('admin/usergroups/sa/edit/ugid/'.$ugid)); - } - - } - else - { - $result = UserGroup::model()->requestEditGroup($ugid, App()->user->id); - $aData['esrow'] = $result; - $aData['ugid'] = $result->ugid; - $aViewUrls = 'editUserGroup_view'; - } - } - - $this->_renderWrappedTemplate('usergroup', 'editUserGroup_view', $aData); - } - - - /** - * Load viewing of a user group screen. - * @param bool $ugid - * @param array|bool $header (type=success, warning)(message=localized message) - * @return void - */ - public function index($ugid = false, $header = false) - { - if ($ugid != false) - $ugid = (int)$ugid; - - if (!empty($header)) - $aData['headercfg'] = $header; - else - $aData = array(); - - $aViewUrls = array(); - $aData['ugid'] = $ugid; - $aData['imageurl'] = Yii::app()->getConfig("adminimageurl"); - - if (App()->user->id) { - - if ($ugid) { - $ugid = sanitize_int($ugid); - $aData["usergroupid"] = $ugid; - $result = UserGroup::model()->requestViewGroup($ugid, Yii::app()->session["loginID"]); - $crow = $result[0]; - if ($result) { - $aData["groupfound"] = true; - $aData["groupname"] = $crow['name']; - if (!empty($crow['description'])) - $aData["usergroupdescription"] = $crow['description']; - else - $aData["usergroupdescription"] = ""; - } - //$this->user_in_groups_model = new User_in_groups; - $eguquery = "SELECT * FROM {{user_in_groups}} AS a INNER JOIN {{users}} AS b ON a.uid = b.uid WHERE ugid = " . $ugid . " ORDER BY b.users_name"; - $eguresult = dbExecuteAssoc($eguquery); - $aUserInGroupsResult = $eguresult->readAll(); - $query2 = "SELECT ugid FROM {{user_groups}} WHERE ugid = " . $ugid . " AND owner_id = " . App()->user->id; - $result2 = dbSelectLimitAssoc($query2, 1); - $row2 = $result2->readAll(); - $row = 1; - $userloop = array(); - $bgcc = "oddrow"; - foreach ($aUserInGroupsResult as $egurow) - { - if ($bgcc == "evenrow") { - $bgcc = "oddrow"; - } else { - $bgcc = "evenrow"; - } - $userloop[$row]["userid"] = $egurow['uid']; - - // output users - $userloop[$row]["rowclass"] = $bgcc; - if (App()->user->checkAccess('superadmin', ['crud' => 'update'])) { - $userloop[$row]["displayactions"] = true; - } else { - $userloop[$row]["displayactions"] = false; - } - - $userloop[$row]["username"] = $egurow['users_name']; - $userloop[$row]["email"] = $egurow['email']; - - $row++; - } - $aData["userloop"] = $userloop; - if (isset($row2[0]['ugid'])) { - $aData["useradddialog"] = true; - $aData["useraddusers"] = getGroupUserList($ugid, 'optionlist'); - $aData["useraddurl"] = ""; - } - } - - $aViewUrls[] = 'viewUserGroup_view'; - } - - if (!empty($header)) - { - return array($aViewUrls, $aData); - } - else - { - $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); - } - } - - function user($ugid, $action = 'add') - { - if (!App()->user->checkAccess('usergroups') || !in_array($action, array('add', 'remove'))) - { - die('access denied'); - } - $uid = (int) Yii::app()->request->getPost('uid'); - - $group = UserGroup::model()->findByAttributes(array('ugid' => $ugid, 'owner_id' => App()->user->id)); - - if (empty($group)) - { - list($aViewUrls, $aData) = $this->index(0, array('type' => 'warning', 'message' => gT('Failed.') . '
' . gT('Group not found.'))); - } - else - { - if ($uid > 0 && User::model()->findByPk($uid)) - { - if ($group->owner_id == $uid) - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => gT('Failed.') . '
' . gT('You can not add or remove the group owner from the group.'))); - } - else { - $user_in_group = UserInGroup::model()->findByPk(array('ugid' => $ugid, 'uid' => $uid)); - - switch ($action) - { - case 'add' : - if (empty($user_in_group) && UserInGroup::model()->insertRecords(array('ugid' => $ugid, 'uid' => $uid))) - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => gT('User added.'))); - } - else - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => gT('Failed to add user.') . '
' . gT('User already exists in the group.'))); - } - break; - case 'remove' : - if (!empty($user_in_group) && UserInGroup::model()->deleteByPk(array('ugid' => $ugid, 'uid' => $uid))) - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => gT('User removed.'))); - } - else - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => gT('Failed to remove user.') . '
' . gT('User does not exist in the group.'))); - } - break; - } - } - } - else - { - list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => gT('Failed.') . '
' . gT('User not found.'))); - } - } - $this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData); - } - - /** - * Renders template(s) wrapped in header and footer - * - * @param string $sAction Current action, the folder to fetch views from - * @param string|array $aViewUrls View url(s) - * @param array $aData Data to be passed on. Optional. - */ - protected function _renderWrappedTemplate($sAction = 'usergroup', $aViewUrls = array(), $aData = array()) - { - App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl')."superfish.css"); - App()->getClientScript()->registerPackage('jquery-tablesorter'); - App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts').'users.js'); - - $aData['display']['menu_bars']['user_group'] = true; - - parent::_renderWrappedTemplate($sAction, $aViewUrls, $aData); - } -} diff --git a/application/controllers/survey/index.php b/application/controllers/survey/index.php index 2d874459e4a..99fa020151a 100644 --- a/application/controllers/survey/index.php +++ b/application/controllers/survey/index.php @@ -67,8 +67,29 @@ public function action() header('X-ResponseId: ' . $session->responseId); - - $move = getMove(); + $validMoves = ['default','movenext','movesubmit','moveprev','saveall','loadall','clearall','changelang']; + // We can control is save and load are OK : todo fix according to survey settings + // Maybe allow $aAcceptedMove in Plugin + $move = $request->getParam('move'); + foreach($validMoves as $validMove) + { + if($request->getParam($validMove)) + $move = $validMove; + } + if($move=='default') + { + $session = App()->surveySessionManager->current; + $iSessionStep = $session->step; + $iSessionTotalSteps = $session->totalSteps; + if ($iSessionStep > 0 && ($iSessionStep == $iSessionTotalSteps) || $session->format == Survey::FORMAT_ALL_IN_ONE) + { + $move="movesubmit"; + } + else + { + $move="movenext"; + } + } if ($session->isFinished && ( diff --git a/application/helpers/SurveyRuntimeHelper.php b/application/helpers/SurveyRuntimeHelper.php index 669902cffe4..8c0d6d3af97 100644 --- a/application/helpers/SurveyRuntimeHelper.php +++ b/application/helpers/SurveyRuntimeHelper.php @@ -285,7 +285,7 @@ function run(SurveySession $session, $move) 'SubmitStartpageI', null, true); //Check for assessments - if ($thissurvey['assessments'] == "Y" && $assessments) { + if ($survey->bool_assessments && $assessments) { renderOldTemplate($templatePath . "assessment.pstpl", array(), $redata, 'SubmitAssessmentI', null, true); } @@ -427,10 +427,6 @@ function run(SurveySession $session, $move) null, true); doFooter(); - // The session cannot be killed until the page is completely rendered - if ($session->survey->bool_printanswers) { - killSurveySession($session->surveyId); - } exit; } @@ -452,9 +448,7 @@ function run(SurveySession $session, $move) if ($session->format != Survey::FORMAT_ALL_IN_ONE && $session->survey->bool_showprogress) { $percentcomplete = makegraph($session->step, $session->stepCount); } - if (!(isset($languagechanger) && strlen($languagechanger) > 0) && function_exists('makeLanguageChangerSurvey')) { - $languagechanger = makeLanguageChangerSurvey($session->language); - } + //READ TEMPLATES, INSERT DATA AND PRESENT PAGE sendCacheHeaders(); diff --git a/application/helpers/common_helper.php b/application/helpers/common_helper.php index 4f0e2732584..3e88774bbdc 100644 --- a/application/helpers/common_helper.php +++ b/application/helpers/common_helper.php @@ -2128,41 +2128,6 @@ function arraySearchByKey($needle, $haystack, $keyname, $maxanswers="") { return $output; } -/** -* set the rights of a user and his children -* -* @param int $uid the user id -* @param mixed $rights rights array -*/ -function setuserpermissions($uid, $rights) -{ - $uid=sanitize_int($uid); - $updates = "create_survey=".$rights['create_survey'] - . ", create_user=".$rights['create_user'] - . ", participant_panel=".$rights['participant_panel'] - . ", delete_user=".$rights['delete_user'] - . ", superadmin=".$rights['superadmin'] - . ", configurator=".$rights['configurator'] - . ", manage_template=".$rights['manage_template'] - . ", manage_label=".$rights['manage_label']; - $uquery = "UPDATE {{users}} SET ".$updates." WHERE uid = ".$uid; - return dbSelectLimitAssoc($uquery); //Checked -} - - - -/** -* Returns the base language from a survey id -* -* @deprecated Use Survey::model()->findByPk($surveyid)->language -* @param int $surveyid -* @return string -*/ -function getBaseLanguageFromSurveyID($surveyid) -{ - return Survey::model()->findByPk($surveyid)->language; -} - function buildLabelSetCheckSumArray() { @@ -5155,182 +5120,6 @@ function cleanLanguagesFromSurvey($sid, $availlangs) return true; } -/** -* fixLanguageConsistency() fixes missing groups, questions, answers, quotas & assessments for languages on a survey -* @param string $sid - the currently selected survey -* @param string $availlangs - space separated list of additional languages in survey - if empty all additional languages of a survey are checked against the base language -* @return bool - always returns true -*/ -function fixLanguageConsistency($sid, $availlangs='') -{ - $sid=sanitize_int($sid); - - - if (trim($availlangs)!='') - { - $availlangs=sanitize_languagecodeS($availlangs); - $langs = explode(" ",$availlangs); - if($langs[count($langs)-1] == "") array_pop($langs); - } else { - $langs=Survey::model()->findByPk($sid)->additionalLanguages; - } - if (count($langs)==0) return true; // Survey only has one language - $baselang = Survey::model()->findByPk($sid)->language; - $query = "SELECT * FROM {{groups}} WHERE sid='{$sid}' AND language='{$baselang}' ORDER BY group_order"; - $result = Yii::app()->db->createCommand($query)->query(); - foreach($result->readAll() as $group) - { - foreach ($langs as $lang) - { - - $query = "SELECT count(gid) FROM {{groups}} WHERE sid='{$sid}' AND gid='{$group['gid']}' AND language='{$lang}'"; - $gresult = Yii::app()->db->createCommand($query)->queryScalar(); - if ($gresult < 1) - { - $data = array( - 'gid' => $group['gid'], - 'sid' => $group['sid'], - 'group_name' => $group['group_name'], - 'group_order' => $group['group_order'], - 'description' => $group['description'], - 'randomization_group' => $group['randomization_group'], - 'grelevance' => $group['grelevance'], - 'language' => $lang - - ); - switchMSSQLIdentityInsert('groups',true); - Yii::app()->db->createCommand()->insert('{{groups}}', $data); - switchMSSQLIdentityInsert('groups',false); - } - } - reset($langs); - } - - $quests = array(); - $query = "SELECT * FROM {{questions}} WHERE sid='{$sid}' AND language='{$baselang}' ORDER BY question_order"; - $result = Yii::app()->db->createCommand($query)->query()->readAll(); - if (count($result) > 0) - { - foreach($result as $question) - { - array_push($quests,$question['qid']); - foreach ($langs as $lang) - { - $query = "SELECT count(qid) FROM {{questions}} WHERE sid='{$sid}' AND qid='{$question['qid']}' AND language='{$lang}' AND scale_id={$question['scale_id']}"; - $gresult = Yii::app()->db->createCommand($query)->queryScalar(); - if ($gresult < 1) - { - switchMSSQLIdentityInsert('questions',true); - $data = array( - 'qid' => $question['qid'], - 'sid' => $question['sid'], - 'gid' => $question['gid'], - 'type' => $question['type'], - 'title' => $question['title'], - 'question' => $question['question'], - 'preg' => $question['preg'], - 'help' => $question['help'], - 'other' => $question['other'], - 'mandatory' => $question['mandatory'], - 'question_order' => $question['question_order'], - 'language' => $lang, - 'scale_id' => $question['scale_id'], - 'parent_qid' => $question['parent_qid'], - 'relevance' => $question['relevance'] - ); - Yii::app()->db->createCommand()->insert('{{questions}}', $data); - } - } - reset($langs); - } - - $sqlans = ""; - foreach ($quests as $quest) - { - $sqlans .= " OR qid = '".$quest."' "; - } - $query = "SELECT * FROM {{answers}} WHERE language='{$baselang}' and (".trim($sqlans,' OR').") ORDER BY qid, code"; - $result = Yii::app()->db->createCommand($query)->query(); - foreach($result->readAll() as $answer) - { - foreach ($langs as $lang) - { - $query = "SELECT count(qid) FROM {{answers}} WHERE code='{$answer['code']}' AND qid='{$answer['qid']}' AND language='{$lang}' AND scale_id={$answer['scale_id']}"; - $gresult = Yii::app()->db->createCommand($query)->queryScalar(); - if ($gresult < 1) - { - $data = array( - 'qid' => $answer['qid'], - 'code' => $answer['code'], - 'answer' => $answer['answer'], - 'scale_id' => $answer['scale_id'], - 'sortorder' => $answer['sortorder'], - 'language' => $lang, - 'assessment_value' => $answer['assessment_value'] - ); - Yii::app()->db->createCommand()->insert('{{answers}}', $data); - } - } - reset($langs); - } - } - - - $query = "SELECT * FROM {{assessments}} WHERE sid='{$sid}' AND language='{$baselang}'"; - $result = Yii::app()->db->createCommand($query)->query(); - foreach($result->readAll() as $assessment) - { - foreach ($langs as $lang) - { - $query = "SELECT count(id) FROM {{assessments}} WHERE sid='{$sid}' AND id='{$assessment['id']}' AND language='{$lang}'"; - $gresult = Yii::app()->db->createCommand($query)->queryScalar(); - if ($gresult < 1) - { - $data = array( - 'id' => $assessment['id'], - 'sid' => $assessment['sid'], - 'scope' => $assessment['scope'], - 'gid' => $assessment['gid'], - 'name' => $assessment['name'], - 'minimum' => $assessment['minimum'], - 'maximum' => $assessment['maximum'], - 'message' => $assessment['message'], - 'language' => $lang - ); - Yii::app()->db->createCommand()->insert('{{assessments}}', $data); - } - } - reset($langs); - } - - - $query = "SELECT * FROM {{quota_languagesettings}} join {{quota}} q on quotals_quota_id=q.id WHERE q.sid='{$sid}' AND quotals_language='{$baselang}'"; - $result = Yii::app()->db->createCommand($query)->query(); - foreach($result->readAll() as $qls) - { - foreach ($langs as $lang) - { - $query = "SELECT count(quotals_id) FROM {{quota_languagesettings}} WHERE quotals_quota_id='{$qls['quotals_quota_id']}' AND quotals_language='{$lang}'"; - $gresult = Yii::app()->db->createCommand($query)->queryScalar(); - if ($gresult < 1) - { - $data = array( - 'quotals_quota_id' => $qls['quotals_quota_id'], - 'quotals_name' => $qls['quotals_name'], - 'quotals_message' => $qls['quotals_message'], - 'quotals_url' => $qls['quotals_url'], - 'quotals_urldescrip' => $qls['quotals_urldescrip'], - 'quotals_language' => $lang - ); - Yii::app()->db->createCommand()->insert('{{quota_languagesettings}}', $data); - } - } - reset($langs); - } - - return true; -} - /** * This function switches identity insert on/off for the MSSQL database * @@ -5901,164 +5690,6 @@ function doFooter() echo getFooter(); } -/** -* Checks that each object from an array of CSV data [question-rows,answer-rows,labelsets-row] supports at least a given language -* -* @param mixed $csvarray array with a line of csv data per row -* @param mixed $idkeysarray array of integers giving the csv-row numbers of the object keys -* @param mixed $langfieldnum integer giving the csv-row number of the language(s) filed -* ==> the language field can be a single language code or a -* space separated language code list -* @param mixed $langcode the language code to be tested -* @param mixed $hasheader if we should strip off the first line (if it contains headers) -*/ -function doesImportArraySupportLanguage($csvarray,$idkeysarray,$langfieldnum,$langcode, $hasheader = false) -{ - // An array with one row per object id and langsupport status as value - $objlangsupportarray=Array(); - if ($hasheader === true ) - { // stripping first row to skip headers if any - array_shift($csvarray); - } - - foreach ($csvarray as $csvrow) - { - $rowcontents = convertCSVRowToArray($csvrow,',','"'); - $rowid = ""; - foreach ($idkeysarray as $idfieldnum) - { - $rowid .= $rowcontents[$idfieldnum]."-"; - } - $rowlangarray = explode (" ", @$rowcontents[$langfieldnum]); - if (!isset($objlangsupportarray[$rowid])) - { - if (array_search($langcode,$rowlangarray)!== false) - { - $objlangsupportarray[$rowid] = "true"; - } - else - { - $objlangsupportarray[$rowid] = "false"; - } - } - else - { - if ($objlangsupportarray[$rowid] == "false" && - array_search($langcode,$rowlangarray) !== false) - { - $objlangsupportarray[$rowid] = "true"; - } - } - } // end foreach rown - - // If any of the object doesn't support the given language, return false - if (array_search("false",$objlangsupportarray) === false) - { - return true; - } - else - { - return false; - } -} - - -/** -* Retrieve a HTML