Umfragen
action.poll.php
Go to the documentation of this file.
1 <?php
2 /*
3  * backend/action.poll.php
4  *
5  * Copyright 2012 Johannes <jojo@jojo-42>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
20  * MA 02110-1301, USA.
21  *
22  *
23  */
43 require_once("../config.php");
44 require_once("../inc/user.class.php");
45 require_once("../inc/tools.php");
46 require_once("../inc/check_login.php");
47 
48 require_once("../inc/db.class.php");
49 require_once("../inc/config.class.php");
50 require_once("../inc/auth.class.php");
51 
52 require_once("../inc/poll.class.php");
53 require_once("../inc/messages.class.php");
54 require_once("../inc/html.class.php");
55 
56 $db= new db( DB_USER, DB_PASS, DB_DATABASE, DB_HOST );
57 $config = new config($db);
58 $config->load();
59 
60 $messages = new messageHandler();
61 // SESSION
62 make_session();
63 
64 $edit = "";
65 // LOAD POLL
66 
67 // when adding a poll we do not have and ID
68 if( (isset($_GET["action"])) AND ($_GET["action"] == "import_XML_poll") ){
69  $t = true;
70 }
71 if( (! isset($_POST["add_poll"])) AND (! isset($t)) ){
72  $r = load_poll_from_http_request($db,"GET");
73  if( !$r instanceof poll ){
74  die($r);
75  }else{
76  $poll = $r;
77  }
78  unset($r);
79 
80  if( ! isset($poll) ){
81  header("Location: index.php");
82  exit();
83  }
84 }
85 
86 if(isset($t) ){
87  unset($t);
88 }
89 
90 check_login();
91 
92 // duplicate from shared template needs own right check
93 if( (isset($_GET["action"])) AND ($_GET["action"] == "duplicate") AND ($poll->status == STATUS_SHARED_TEMPLATE) ){
94  if( $poll->is_group_in_groups( $_SESSION["user"]->group) ){
95  $dup_poll = $db->duplicate_poll($poll->ID);
96  if( ($poll->status == STATUS_TEMPLATE) OR ($poll->status == STATUS_SHARED_TEMPLATE) ){
97  $dup_poll->set_status($db,STATUS_USER_DEACTIVATED);
98  }
99  $db->garbage_collect_result_table($dup_poll);
100  if( (in_array($_SESSION["user"]->group,explode(",",TEACHER_GROUP)) ) ){
101  $au = make_auth_object();
102  $db->klassenliste($au,$dup_poll);
103  }
104  header("location: index.php");
105  exit();
106  }
107 }
108 
109 // edit needs ownership or admin rights
110 if( (!isset($_POST["add_poll"])) AND !( (isset($_GET["action"])) AND ($_GET["action"] == "import_XML_poll")) ){
111  if( (intval($_SESSION["user"]->ID) !== intval($poll->owner) ) AND
112  ( !in_array("{$_SESSION["user"]->ID}",explode(",",SUPER_ADMIN) )) ){
113  die("Umfrage Bearbeiten nicht erlaubt.");
114  }
115 }
116 
117 if( isset($_GET["action"]) ){
118 
119  // POLL delete
120  if( ($_GET["action"] == "rm") AND (isset($_POST["rmpoll_confirm"])) ){
121  $old_status = $poll->status;
122  $poll->set_status($db,STATUS_DELETED);
123  if( $old_status == STATUS_ARCHIVE ){
124  header("location: index.php?page=archive");
125  }else if( ($old_status == STATUS_TEMPLATE) OR ($old_status == STATUS_SHARED_TEMPLATE) ){
126  header("location: index.php?page=templates");
127  }else{
128  header("location: index.php");
129  }
130  exit();
131  }else if( ($_GET["action"] == "rm") AND (isset($_POST["cancel_action"])) ){
132  header("location: index.php");
133  exit();
134  }else if( ($_GET["action"] == "rm") ){
135  $edit="confirm poll remove";
136 
137  // POLL share
138  }else if( ($_GET["action"] == "share") AND (isset($_POST["share_confirm"])) ){
139  $poll->set_status($db,STATUS_SHARED_TEMPLATE);
140  $_SESSION["last_poll_edit"] = $poll->ID;
141  header("location: index.php?page=templates#poll{$poll->ID}");
142  exit();
143  }else if( ($_GET["action"] == "share") AND (isset($_POST["cancel_action"])) ){
144  header("location: index.php?page=templates");
145  exit();
146  }else if( ($_GET["action"] == "share") ){
147  $edit="confirm poll share";
148 
149  // POLL unshare
150  }else if( ($_GET["action"] == "unshare") ){
151  $poll->set_status($db,STATUS_TEMPLATE);
152  $_SESSION["last_poll_edit"] = $poll->ID;
153  header("location: index.php?page=templates#poll{$poll->ID}");
154  exit();
155 
156  // POLL archive
157  }else if( ($_GET["action"] == "archive") ){
158  $poll->set_status($db,STATUS_ARCHIVE);
159  header("location: index.php");
160  exit();
161 
162  // POLL unarchive
163  }else if( ($_GET["action"] == "unarchive") ){
164  $poll->set_status($db,STATUS_USER_DEACTIVATED);
165  $_SESSION["last_poll_edit"] = $poll->ID;
166  header("location: index.php#poll{$poll->ID}");
167  exit();
168 
169  // POLL export
170  }else if( ($_GET["action"] == "export") ){
171  $db->garbage_collect_result_table($poll);
172  if( isset($_GET["export_poll_dl"]) ){
173  $poll->handle_export_edit($db,true);
174  exit();
175  }else if(isset($_GET["export_poll_show"])){
176  $poll->handle_export_edit($db,false);
177  exit();
178  }else if(isset($_GET["export_poll_show_html"])){
179  $edit = "show html results";
180  }
181 
182  // POLL duplicate
183  }else if( ($_GET["action"] == "duplicate") ){
184  $dup_poll = $db->duplicate_poll($poll->ID);
185  $dup_poll->set_status($db,STATUS_USER_DEACTIVATED);
186  $db->update_poll_field($dup_poll->ID,"name","Kopie von ".$dup_poll->name);
187  $db->garbage_collect_result_table($dup_poll);
188  if( (in_array($_SESSION["user"]->group,explode(",",TEACHER_GROUP)) ) ){
189  $au = make_auth_object();
190  $db->klassenliste($au,$dup_poll);
191  }
192  $_SESSION["last_poll_edit"] = $dup_poll->ID;
193  header("location: index.php#poll{$dup_poll->ID}");
194  exit();
195 
196  // POLL template
197  }else if( ($_GET["action"] == "set_template") ){
198  $p = $db->duplicate_poll($poll->ID);
199  $p->set_status($db,STATUS_TEMPLATE);
200  $_SESSION["last_poll_edit"] = $p->ID;
201  header("location: index.php?page=templates#poll{$p->ID}");
202  exit();
203 
204  // POLL regenerate public link
205  }else if( ($_GET["action"] == "regenerate_link") ){
206  $r = $poll->make_id_hash();
207  $db->update_poll_field($poll->ID,"hashID",$r);
208  header( "Location: edit.php?pollID={$poll->ID}" );
209  exit();
210 
211  // POLL toggle polltype
212  }else if( ($_GET["action"] == "toggle_polltype") AND (isset($_POST["toggle_polltype_confirm"])) ){
213  if( $poll->type == POLLTYPE_ADVANCED ){
214  $db->convert_polltype_A2S($poll);
215  }else if( $poll->type == POLLTYPE_SIMPLE ){
216  $db->convert_polltype_S2A($poll);
217  }
218  header("location: edit.php?pollID={$poll->ID}");
219  exit();
220  }else if( ($_GET["action"] == "toggle_polltype") AND (isset($_POST["cancel_action"])) ){
221  header("location: edit.php?pollID={$poll->ID}");
222  exit();
223  }else if( ($_GET["action"] == "toggle_polltype") ){
224  $edit="confirm toggle polltype";
225 
226  // POLL toggle anonymous
227  }else if( $_GET["action"] == "toggle_anonymous" ){
228  $err= "";
229  //$au = new LDAPauth(LDAP_HOST , LDAP_PORT , LDAP_ROOTDN);
230  $au = make_auth_object();
231  if( $poll->anonymous === false ){
232  $err = $poll->set_anonymous($db,$au,true);
233  }else if($poll->anonymous === true){
234  $err = $poll->set_anonymous($db,$au,false);
235  }
236  if( $err != "" ){
237  $messages->add_message( new errorMessage($err) );
238  }
239  header( "Location: edit.php?pollID={$poll->ID}" );
240  exit();
241 
242  // POLL toggle public
243  }else if( $_GET["action"] == "toggle_public" ){
244  $err= "";
245  //$au = new LDAPauth(LDAP_HOST , LDAP_PORT , LDAP_ROOTDN);
246  $au = make_auth_object();
247  if( $poll->is_public === false ){
248  // try to set anonymous
249  if( $poll->anonymous == false ){
250  $err2 = $poll->set_anonymous($db,$au,true);
251  if( $err2 != "" ){
252  $messages->add_message( new errorMessage($err2) );
253  }
254  }
255  $err = $poll->set_is_public($db,$au,true);
256  }else if($poll->is_public === true){
257  $err = $poll->set_is_public($db,$au,false);
258  }
259  if( $err != "" ){
260  $messages->add_message( new errorMessage($err) );
261  }
262  header( "Location: edit.php?pollID={$poll->ID}" );
263  exit();
264 
265  // EXPORT TO XML
266  }else if( ($_GET["action"] == "export_XML_poll") ){
267  require_once("../inc/xml.class.php");
268 
269  $fn = "Umfrage-".$poll->ID;
270  if( (isset($poll->name)) AND ($poll->name !="") ){
271  $fn = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $poll->name);
272  }
273 
274  header('Content-type: text/xml; charset="utf-8"');
275  header("Content-Disposition: attachment; filename=$fn.xml");
276  header("Expires: 0");
277  header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
278  $xmlobj = new xml();
279  $xml = $xmlobj->export($poll);
280  //pretty print
281  $dom = new DOMDocument('1.0',"UTF-8");
282  $dom->preserveWhiteSpace = false;
283  $dom->formatOutput = true;
284  $dom->loadXML($xml);
285  echo $dom->saveXML();
286  exit();
287  }
288 
289  // IMPORT FROM XML
290  else if( ($_GET["action"] == "import_XML_poll") ){
291  if( isset($_FILES["pollxmlfile"]) ){
292  $finfo = new finfo();
293  $mime = $finfo->file($_FILES["pollxmlfile"]["tmp_name"],FILEINFO_MIME_TYPE);
294  if( ($mime === "application/xml") OR ($mime === "application/xml") ){
295  require_once("../inc/xml.class.php");
296  $xml = file_get_contents( $_FILES["pollxmlfile"]["tmp_name"] );
297  $xmlobj = new xml();
298  $poll_list = $xmlobj->import($xml);
299  if( (is_array($poll_list)) AND (sizeof($poll_list) > 0 ) AND ($poll_list[0] instanceof poll) ){
300  $poll = $poll_list[0];
301 
302  $poll->owner = $_SESSION["user"]->ID;
303  $poll->owner_fn = $_SESSION["user"]->fullName;
304  $db->insert_poll($poll);
305 
306  $md = $poll->make_id_hash();
307  $db->update_poll_field($poll->ID,"hashID",$md);
308  $db->update_poll_field($poll->ID,"timeout",$poll->timeout);
309  $db->update_poll_field($poll->ID,"active_since",$poll->active_since);
310  $poll->save_groups($db);
311  $poll->set_status($db,STATUS_USER_DEACTIVATED);
312  $poll->save_noDisplay($db);
313 
314  foreach( $poll->widget_list as $widget ){
315  $widget->pollID = $poll->ID;
316  if( is_numeric($widget->name) ){
317  $widget->name = "-";
318  }
319  if( $widget instanceof container ){
320  $childs = $widget->get_all_childs();
321  foreach( $childs as $child ){
322  $child->pollID = $poll->ID;
323  $child->name = "-";
324  }
325  }
326  $db->insert_widget($widget,$poll->type);
327  }
328  }else{ // end if poll_list
329  $messages->add_message( new errorMessage("Diese XML-Datei enthält keine Umfragenbeschreibung (oder ist kaputt). Bitte eine gültige Datei hochladen.") );
330  }
331  }else{ // end if xml file
332  $messages->add_message( new errorMessage("Dies ist keine gültige XML-Datei. Bitte eine xml-Datei, die die Beschreibung einer Umfrage enthält zum Hochladen angeben.") );
333  }
334  if( isset($poll) ){
335  $_SESSION["last_poll_edit"] = $poll->ID;
336  }
337  header("Location: index.php");
338  exit();
339 
340  }else{
341  $messages->add_message( new errorMessage("Bitte eine xml-Datei, die die Beschreibung einer Umfrage enthält zum Hochladen angeben.") );
342  }
343 
344 
345  }
346 
347 
348 // ADD A POLL
349 }else if( isset($_POST["add_poll"]) ){
350  $poll = new poll();
351  $r = $poll->handle_name_edit();
352 
353  if($r === true){
354  $poll->owner = $_SESSION["user"]->ID;
355  $poll->owner_fn = $_SESSION["user"]->fullName;
356  if( isset($_POST["poll_type"]) ){
357  if($_POST["poll_type"] == "simple"){
358  $poll->type = POLLTYPE_SIMPLE;
359  }else if ($_POST["poll_type"] == "advanced"){
360  $poll->type = POLLTYPE_ADVANCED;
361  }else{
362  $messages->add_message( new errorMessage("Umfragetyp (erweitert/einfach) ungültig!") );
363  $poll->type = POLLTYPE_SIMPLE;
364  }
365  }else{
366  $poll->type = POLLTYPE_SIMPLE;
367  }
368  $poll->handle_anonymous_edit();
369 
370  $db->insert_poll($poll);
371  header("Location: edit.php?pollID={$poll->ID}");
372  }else{
373  $messages->add_message( new errorMessage($r) );
374  header("Location: index.php");
375  }
376  exit();
377 }
378 
379 
380 /*****************
381  * BEGIN HTML
382  *****************/
383 
384 $navbar = array( 0 => array("name"=>"Backend","href"=>"index.php","onclick"=>"") );
385 $navbar[] = array( "name"=>"Umfrage {$poll->ID} Bearbeiten" , "href"=>"" , "onclick"=>"");
386 
387 HTML::doctype();
388 HTML::head("",1); // extra header section , level of deepness for relative paths
389 HTML::menu($navbar); // navbar array
390 
391 $messages->display_messages();
392 $messages->del_all_messages();
393 
394 
395 // confirms
396 if( $edit == "confirm poll remove"){
397  print_warning("Umfrage <b>{$poll->name}</b> mit der ID <b>{$poll->ID}</b> wirklich löschen?");
398  echo "<form method='POST' action=''>";
399  echo "<input type='submit' name='cancel_action' value='Abbrechen' />";
400  echo "<input type='submit' name='rmpoll_confirm' value='Ja, wirklich' />";
401  echo "</form>";
402 
403 
404 }else if( $edit == "confirm poll share"){
405  //$au = new LDAPauth(LDAP_HOST , LDAP_PORT , LDAP_ROOTDN);
406  $au = make_auth_object();
407  $map = $au->get_gid_to_name_mapping();
408  unset($au); $gr = "";
409  if( in_array("*",$poll->groups) ){
410  $gr = "<li>Alle Klassen</li>";
411  }else{
412  foreach( $poll->groups as $group ){
413  if( isset($map[$group]) ){
414  $gr = $gr."<li>{$map[$group]}</li>";
415  }
416  }
417  }
418  $text = "Umfrage <b>{$poll->name}</b> mit der ID <b>{$poll->ID}</b> wirklich mit folgenden Klassen teilen? <br/> <ul>$gr</ul>";
419  print_warning($text);
420  echo "<p>Die Klassenbeschränkung der Umfrage gibt vor, mit welchen Klassen diese Umfrage geteilt wird.</p>";
421  echo "<p> <a href='edit.php?pollID={$poll->ID}'>Klassen ändern</a></p>";
422  echo "<form method='POST' action=''>";
423  echo "<input type='submit' name='cancel_action' value='Abbrechen' />";
424  echo "<input type='submit' name='share_confirm' value='teilen' />";
425  echo "</form>";
426 
427 
428 }else if( $edit == "confirm toggle polltype"){
429  if( $poll->type == POLLTYPE_SIMPLE ){
430  echo "<p>Das konvertieren der Umfrage in den erweiterten Modus dient zur Unterstützung und erleicherung externer Datenbankabfragen.</p>";
431  echo "<p>Es tauchen in den Frageeinstellungen weitere Optionen für die Datenbank auf.</p>";
432  $text = "Umfrage in den erweiterten Modus konvertieren?";
433  }else if($poll->type == POLLTYPE_ADVANCED){
434  echo "<p>Das Konvertieren der Umfrage in den einfachen Modus löscht die vergebenden Datenbanknamen der Fragen.</p>";
435  echo "<p>Externe Programme, die auf die Datenbank zugriff haben könnten nicht mehr richtig mit der Umfragesoftware zusammen funktionieren.</p>";
436  $text = "Umfrage in den einfachen Modus konvertieren und eingestellte Datenbanknamen der Fragen überschreiben?";
437  }
438  print_warning($text);
439  echo "<form method='POST' action=''>";
440  echo "<input type='submit' name='cancel_action' value='Abbrechen' />";
441  echo "<input type='submit' name='toggle_polltype_confirm' value='Konvertieren' />";
442  echo "</form>";
443 
444 }
445 
446 
447 HTML::foot();
448 
449 
450 ?>