Added cookie handling feature. Moved cache control headers to common.…

…php as function (sendcacheheaders()). git-svn-id: file:///Users/Shitiz/Downloads/lssvn/trunk/unstable@540 b72ed6b6-b9f8-46b5-92b4-906544132732
LimeSurvey · Jul 20, 2003 · f7e46c2 · f7e46c2
1 parent c2bd576
commit f7e46c2
Show file tree

Hide file tree

Showing 4 changed files with 136 additions and 65 deletions.
diff --git a/group.php b/group.php
@@ -173,11 +173,6 @@
 //SUBMIT
 if ($_POST['move'] == " "._SUBMIT." ")
 	{
-	foreach(file("$thistpl/startpage.pstpl") as $op)
-		{
-		echo templatereplace($op);
-		}
-
 	//If survey has datestamp turned on, add $localtimedate to sessions
 	if ($surveydatestamp == "Y")
 		{
@@ -214,6 +209,11 @@
 		}
 	else
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		echo "<br /><center><font face='verdana' size='2'><font color='red'><b>"._ERROR."</b></font><br /><br />\n";
 		echo _BADSUBMIT1."<br /><br />\n";
 		echo "<font size='1'>"._BADSUBMIT2."<br />\n";
@@ -223,15 +223,32 @@
 	//COMMIT CHANGES TO DATABASE
 	if ($surveyactive != "Y")
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 		$completed .= _NOTACTIVE1."<br /><br />\n";
 		$completed .= "<a href='$PHP_SELF?sid=$sid&move=clearall'>"._CLEARRESP."</a><br /><br />\n";
 		$completed .= "<font size='1'>$subquery</font>\n";
 		}
 	else
 		{
-		if (mysql_query($subquery))
+		if (mysql_query($subquery)) //submit of responses was successful
 			{
+			//UPDATE COOKIE IF REQUIRED
+			if ($surveyusecookie == "Y" && $tokensexist != 1)
+				{
+				$cookiename="PHPSID".returnglobal('sid')."STATUS";
+				$cookie_life = time() + 31536000; // 1 year life
+				setcookie($cookiename, "COMPLETE", $cookielife);
+				}
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2'><font color='green'>"._THANKS."</b></font><br /><br />\n\n";
 			$completed .= _SURVEYREC."<br />\n";
 			$completed .= "<a href='javascript:window.close()'>"._CLOSEWIN."</a></font><br /><br />\n";
@@ -275,6 +292,11 @@
 			}
 		else
 			{
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 			$completed .= _DIDNOTSAVE2."<br /><br />\n";
 			if ($adminemail)
@@ -377,14 +399,6 @@
 	exit;
 	}
 
-//SEE IF THERE ARE TOKENS FOR THIS SURVEY
-$i = 0; $tokensexist = 0;
-$tresult = @mysql_list_tables($databasename) or die ("Error getting tokens<br />".mysql_error());
-while($tbl = @mysql_tablename($tresult, $i++))
-	{
-	if ($tbl == "tokens_$sid") {$tokensexist = 1;}
-	}
-
 //RUN THIS IF THIS IS THE FIRST TIME
 if (!$_SESSION['step'])
 	{

diff --git a/index.php b/index.php
@@ -39,12 +39,6 @@
 
 include("./admin/config.php");
 
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");  // always modified
-header("Cache-Control: no-store, no-cache, must-revalidate");  // HTTP/1.1
-header("Cache-Control: post-check=0, pre-check=0", false);
-header("Pragma: no-cache");                          // HTTP/1.0
-
 //DEFAULT SETTINGS FOR TEMPLATES
 if (!$publicdir) {$publicdir=".";}
 $tpldir="$publicdir/templates";
@@ -53,14 +47,15 @@
 if (!$_GET['sid'] && !$_POST['sid'])
 	{
 	//A nice crashout
+	sendcacheheaders();
 	echo "<html>\n";
 	$output=file("$tpldir/default/startpage.pstpl");
 	foreach($output as $op)
 		{
 		echo templatereplace($op);
 		}
 	echo "\t\t<center><br />\n";
-	echo "\t\t\t<font color='RED'><b>ERROR:</b></font><br />\n";
+	echo "\t\t\t<font color='RED'><b>ERROR</b></font><br />\n";
 	echo "\t\t\tYou have not provided a survey identification number.<br /><br />\n";
 	echo "\t\t\tPlease contact <i>$siteadminname</i> at <i>$siteadminemail</i> for further assistance.<br /><br />\n";
 	$output=file("$tpldir/default/endpage.pstpl");
@@ -73,15 +68,17 @@
 	}
 
 //GET BASIC INFORMATION ABOUT THIS SURVEY
-$sid=$_GET['sid']; if (!$sid) {$sid=$_POST['sid'];}
-if (!$token) 
-	{
-	$token=$_GET['token'];
-	if (!$token)
-		{
-		$token=$_POST['token'];
-		}
-	}
+if (!isset($sid)) {$sid=returnglobal('sid');}
+if (!isset($token)) {$token=returnglobal('token');}
+//$sid=$_GET['sid']; if (!$sid) {$sid=$_POST['sid'];}
+//if (!$token) 
+//	{
+//	$token=$_GET['token'];
+//	if (!$token)
+//		{
+//		$token=$_POST['token'];
+//		}
+//	}
 $query="SELECT * FROM surveys WHERE sid=$sid";
 $result=mysql_query($query) or die ("Couldn't access surveys<br />$query<br />".mysql_error());
 $surveyexists=mysql_num_rows($result);
@@ -102,6 +99,15 @@
 	$surveyformat = $row['format'];
 	$surveylanguage = $row['language'];
 	$surveydatestamp = $row['datestamp'];
+	$surveyusecookie = $row['usecookie'];
+	}
+
+//SEE IF SURVEY USES TOKENS
+$i = 0; $tokensexist = 0;
+$tresult = @mysql_list_tables($databasename) or die ("Error getting tokens<br />".mysql_error());
+while($tbl = @mysql_tablename($tresult, $i++))
+	{
+	if ($tbl == "tokens_$sid") {$tokensexist = 1;}
 	}
 
 //SET THE TEMPLATE DIRECTORY
@@ -115,9 +121,35 @@
 if (!is_file($langfilename)) {$langfilename="$langdir/$defaultlang.lang.php";}
 require($langfilename);
 
+//CHECK FOR PREVIOUSLY COMPLETED COOKIE
+//If cookies are being used, and this survey has been completed, a cookie called "PHPSID[sid]STATUS" will exist (ie: SID6STATUS) and will have a value of "COMPLETE"
+$cookiename="PHPSID".returnglobal('sid')."STATUS";
+if ($_COOKIE[$cookiename] == "COMPLETE" && $surveyusecookie == "Y" && $tokensexist != 1)
+	{
+	sendcacheheaders();
+	echo "<html>\n";
+	$output=file("$tpldir/default/startpage.pstpl");
+	foreach($output as $op)
+		{
+		echo templatereplace($op);
+		}
+	echo "\t\t<center><br />\n";
+	echo "\t\t\t<font color='RED'><b>"._ERROR."</b></font><br />\n";
+	echo "\t\t\tYou have already completed this survey.<br /><br />\n";
+	echo "\t\t\tPlease contact <i>$siteadminname</i> at <i>$siteadminemail</i> for further assistance.<br /><br />\n";
+	$output=file("$tpldir/default/endpage.pstpl");
+	foreach($output as $op)
+		{
+		echo templatereplace($op);
+		}
+	echo "</html>\n";
+	exit;
+	}
+
 //CLEAR SESSION IF REQUESTED
 if ($_GET['move'] == "clearall")
 	{
+	sendcacheheaders();
 	echo "<html>\n";
 	foreach(file("$thistpl/startpage.pstpl") as $op)
 		{
@@ -157,10 +189,9 @@
 		{
 		session_unset();
 		}
-	//session_unset();
-	//session_destroy();
 	}
 
+sendcacheheaders();
 //CALL APPROPRIATE SCRIPT
 switch ($surveyformat)
 	{

diff --git a/question.php b/question.php
@@ -154,12 +154,6 @@
 //SUBMIT
 if ($_POST['move'] == " "._SUBMIT." ")
 	{
-	echo "<html>\n";
-	foreach(file("$thistpl/startpage.pstpl") as $op)
-		{
-		echo templatereplace($op);
-		}
-
 	//If survey has datestamp turned on, add $localtimedate to sessions
 	if ($surveydatestamp == "Y")
 		{
@@ -194,8 +188,13 @@
 		$values = substr($values, 2); //Strip off first comma & space
 		$subquery .= "\n($col_name) \nVALUES \n($values)";
 		}
-	else
+	else //there is no insertarray
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		echo "<br /><center><font face='verdana' size='2'><font color='red'><b>"._ERROR."</b></font><br /><br />\n";
 		echo _BADSUBMIT1."<br /><br />\n";
 		echo "<font size='1'>"._BADSUBMIT2."<br />\n";
@@ -205,15 +204,32 @@
 	//COMMIT CHANGES TO DATABASE
 	if ($surveyactive != "Y")
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 		$completed .= _NOTACTIVE1."<br /><br />\n";
 		$completed .= "<a href='$PHP_SELF?sid=$sid&move=clearall'>"._CLEARRESP."</a><br /><br />\n";
 		$completed .= "<font size='1'>$subquery</font>\n";
 		}
-	else
+	else //submit the responses
 		{
-		if (mysql_query($subquery))
+		if (mysql_query($subquery)) //submit was successful
 			{
+			//UPDATE COOKIE IF REQUIRED
+			if ($surveyusecookie == "Y" && $tokensexist != 1) //don't use cookies if tokens are being used
+				{
+				$cookiename="PHPSID".returnglobal('sid')."STATUS";
+				$cookie_life = time() + 31536000; // 1 year life
+				setcookie($cookiename, "COMPLETE", $cookielife);
+				}
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2'><font color='green'>"._THANKS."</b></font><br /><br />\n\n";
 			$completed .= _SURVEYREC."<br />\n";
 			$completed .= "<a href='javascript:window.close()'>"._CLOSEWIN."</a></font><br /><br />\n";
@@ -255,8 +271,13 @@
 			session_unset();
 			session_destroy();
 			}
-		else
+		else //submit failed
 			{
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 			$completed .= _DIDNOTSAVE2."<br /><br />\n";
 			if ($adminemail)
@@ -318,14 +339,6 @@
 	exit;
 	}
 
-//SEE IF THERE ARE TOKENS FOR THIS SURVEY
-$i = 0; $tokensexist = 0;
-$tresult = @mysql_list_tables($databasename) or die ("Error getting tokens<br />".mysql_error());
-while($tbl = @mysql_tablename($tresult, $i++))
-	{
-	if ($tbl == "tokens_$sid") {$tokensexist = 1;}
-	}
-
 //RUN THIS IF THIS IS THE FIRST TIME
 if (!$_SESSION['step'])
 	{

diff --git a/survey.php b/survey.php
@@ -182,12 +182,6 @@
 			$privacy .= $op;
 			}
 		}
-	echo "<html>\n";
-	foreach(file("$thistpl/startpage.pstpl") as $op)
-		{
-		echo templatereplace($op);
-		}
-
 	//If survey has datestamp turned on, add $localtimedate to sessions
 	if ($surveydatestamp == "Y")
 		{
@@ -224,6 +218,11 @@
 		}
 	else
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		echo "<br /><center><font face='verdana' size='2'><font color='red'><b>"._ERROR."</b></font><br /><br />\n";
 		echo _BADSUBMIT1."<br /><br />\n";
 		echo "<font size='1'>"._BADSUBMIT2."<br />\n";
@@ -233,15 +232,32 @@
 	//COMMIT CHANGES TO DATABASE
 	if ($surveyactive != "Y")
 		{
+		echo "<html>\n";
+		foreach(file("$thistpl/startpage.pstpl") as $op)
+			{
+			echo templatereplace($op);
+			}
 		$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 		$completed .= _NOTACTIVE1."<br /><br />\n";
 		$completed .= "<a href='$PHP_SELF?sid=$sid&move=clearall'>"._CLEARRESP."</a><br /><br />\n";
 		$completed .= "<font size='1'>$subquery</font>\n";
 		}
 	else
 		{
-		if (mysql_query($subquery))
+		if (mysql_query($subquery)) //save responses was succesful
 			{
+			//UPDATE COOKIE IF REQUIRED
+			if ($surveyusecookie == "Y" && $tokensexist != 1)
+				{
+				$cookiename="PHPSID".returnglobal('sid')."STATUS";
+				$cookie_life = time() + 31536000; // 1 year life
+				setcookie($cookiename, "COMPLETE", $cookielife);
+				}
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2'><font color='green'>"._THANKS."</b></font><br /><br />\n\n";
 			$completed .= _SURVEYREC."<br />\n";
 			$completed .= "<a href='javascript:window.close()'>"._CLOSEWIN."</a></font><br /><br />\n";
@@ -285,6 +301,11 @@
 			}
 		else
 			{
+			echo "<html>\n";
+			foreach(file("$thistpl/startpage.pstpl") as $op)
+				{
+				echo templatereplace($op);
+				}
 			$completed = "<br /><b><font size='2' color='red'>"._DIDNOTSAVE."</b></font><br /><br />\n\n";
 			$completed .= _DIDNOTSAVE2."<br /><br />\n";
 			if ($adminemail)
@@ -381,14 +402,6 @@
 	exit;
 	}
 
-//SEE IF THERE ARE TOKENS FOR THIS SURVEY
-$i = 0; $tokensexist = 0;
-$tresult = @mysql_list_tables($databasename) or die ("Error getting tokens<br />".mysql_error());
-while($tbl = @mysql_tablename($tresult, $i++))
-	{
-	if ($tbl == "tokens_$sid") {$tokensexist = 1;}
-	}
-
 //RUN THIS IF THIS IS THE FIRST TIME
 if (!$_SESSION['step'])
 	{