Umfragen
action.widget.php
Go to the documentation of this file.
1 <?php
2 /*
3  * backend/action.widget.php
4  *
5  * Copyright 2012 Johannes <jojo@jojo-42>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
20  * MA 02110-1301, USA.
21  *
22  *
23  */
43 require_once("../config.php");
44 require_once("../inc/user.class.php");
45 require_once("../inc/tools.php");
46 require_once("../inc/check_login.php");
47 
48 require_once("../inc/db.class.php");
49 require_once("../inc/config.class.php");
50 require_once("../inc/auth.class.php");
51 
52 require_once("../inc/poll.class.php");
53 require_once("../inc/messages.class.php");
54 require_once("../inc/html.class.php");
55 
56 $db= new db( DB_USER, DB_PASS, DB_DATABASE, DB_HOST );
57 $config = new config($db);
58 $config->load();
59 
60 $messages = new messageHandler();
61 $edit = "";
62 // SESSION
63 make_session();
64 
65 /*****************
66  * LOAD POLL & WIDGET
67  *****************/
68 // when addign a widget we do not have a widget ID
69 $noWidgetID = false;
70 if( (isset($_GET["action"])) AND ($_GET["action"] == "import_XML_widget") ){
71  $noWidgetID = true;
72 }
73 if( isset($_POST["add_widget"]) ){
74  $noWidgetID = true;
75 }
76 
77 if( isset($_POST["add_widget"]) ){
78  $r = load_poll_from_http_request($db,"POST");
79 }else{
80  $r = load_poll_from_http_request($db,"GET");
81 }
82 
83 // check if poll loaded
84 if( !$r instanceof poll ){
85  die($r);
86 }else{
87  $poll = $r;
88 }
89 unset($r);
90 
91 // load widget if needed
92 if( $noWidgetID == false ){
93  $r = load_widget_from_http_request($poll,"GET");
94  if( !$r instanceof widget ){
95  die($r);
96  }else{
97  $widget = $r;
98  }
99  unset($r);
100 }
101 
102 // check if poll and widget loaded
103 if( ! isset($poll) ){
104  header("Location: index.php");
105  exit();
106 }
107 if( (!isset($widget)) AND ($noWidgetID === false) ){
108  header("Location: index.php");
109  exit();
110 }
111 
112 
113 /*****************
114  * PERMISSIONS
115  *****************/
116 check_login();
117 // edit needs ownership or admin rights
118 if( (intval($_SESSION["user"]->ID) !== intval($poll->owner) ) AND
119  ( !in_array("{$_SESSION["user"]->ID}",explode(",",SUPER_ADMIN) )) ){
120  die("Umfrage Bearbeiten nicht erlaubt.");
121 }
122 
123 
124 /*****************
125  * DO ACTION
126  *****************/
127 if( isset($_GET["action"]) ){
128  // WIDGET move up
129  if( ($_GET["action"] == "mvup") AND (isset($widget)) ){
130  $poll->move_widget($db,$widget->index,$widget->index-1);
131  $_SESSION["last_widget_edit"] = $widget->ID;
132  header("location: edit.php?pollID={$poll->ID}#widget{$widget->ID}");
133  exit();
134  // WIDGET move down
135  }else if( ($_GET["action"] == "mvdwn") AND (isset($widget) ) ){
136  $poll->move_widget($db,$widget->index,$widget->index+1);
137  $_SESSION["last_widget_edit"] = $widget->ID;
138  header("location: edit.php?pollID={$poll->ID}#widget{$widget->ID}");
139  exit();
140  // WIDGET delete
141  }else if( ($_GET["action"] == "rmwid") AND (isset($widget) ) AND (isset($_POST["rmwid_confirm"])) ){
142  $poll->delete_widget($db,$widget->ID);
143  $db->garbage_collect_result_table($poll);
144  header("location: edit.php?pollID={$poll->ID}");
145  exit();
146  }else if( ($_GET["action"] == "rmwid") AND (isset($_POST["cancel_action"])) AND (isset($widget)) ){
147  header("location: edit.php?pollID={$poll->ID}");
148  exit();
149  }else if( ($_GET["action"] == "rmwid") AND (isset($widget) ) ){
150  $edit="confirm widget remove";
151 
152  // WIDGET duplicate
153  }else if( ($_GET["action"] == "duplicate_widget") AND (isset($widget)) ){
154  $new_id = $db->duplicate_widget($poll->ID,$widget->ID);
155  $_SESSION["last_widget_edit"] = $new_id;
156  header("location: edit.php?pollID={$poll->ID}#widget{$new_id}");
157  exit();
158 
159  // WIDGET export XML
160  }else if( ($_GET["action"] == "export_XML_widget") AND (isset($widget)) ){
161  require_once("../inc/xml.class.php");
162  $fn = "Frage-".$widget->ID;
163  if( (isset($widget->dispName)) AND ($widget->dispName !="") AND ($widget->dispName != "-")){
164  $fn = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $widget->dispName);
165  }
166 
167  header('Content-type: text/xml; charset="utf-8"');
168  header("Content-Disposition: attachment; filename=\"$fn.xml\"");
169  header("Expires: 0");
170  header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
171  $xmlobj = new xml();
172  $xml = $xmlobj->export($widget);
173  //pretty print
174  $dom = new DOMDocument('1.0',"UTF-8");
175  $dom->preserveWhiteSpace = false;
176  $dom->formatOutput = true;
177  $dom->loadXML($xml);
178  echo $dom->saveXML();
179  exit();
180 
181  // WIDGET import XML
182  }else if( ($_GET["action"] == "import_XML_widget") AND (isset($_FILES["pollxmlfile"])) ){
183  $finfo = new finfo();
184  $mime = $finfo->file($_FILES["pollxmlfile"]["tmp_name"],FILEINFO_MIME_TYPE);
185  if( ($mime === "application/xml") OR ($mime === "application/xml") ){
186  require_once("../inc/xml.class.php");
187  $xml = file_get_contents( $_FILES["pollxmlfile"]["tmp_name"] );
188  $xmlobj = new xml();
189  $widget_list = $xmlobj->import($xml);
190  if( (is_array($widget_list)) AND (sizeof($widget_list) > 0 ) AND ($widget_list[0] instanceof widget) ){
191  $widget_list[0]->pollID = $poll->ID;
192  if( $widget_list[0] instanceof container ){
193  $childs = $widget_list[0]->get_all_childs();
194  foreach( $childs as $child ){
195  $child->pollID = $poll->ID;
196  $child->name='-';
197  }
198  }
199  if( (is_numeric($widget_list[0]->name)) ){
200  $widget_list[0]->name='-';
201  }
202  $poll->insert_widget(-1,$widget_list[0]);
203  $db->insert_widget($widget_list[0],$poll->type);
204  $_SESSION["last_widget_edit"] = $widget_list[0]->ID;
205  }else{
206  $messages->add_message( new errorMessage("XML Datei ist ungültig") );
207  }
208  }else{
209  $messages->add_message( new errorMessage("Datei ist keine XML Datei") );
210  }
211 
212  header("Location: edit.php?pollID={$poll->ID}");
213  exit();
214  }
215 
216 
217 }else if( (isset( $_POST["add_widget"])) AND ($_POST["add_widget"] != "") ){
218  $err_reason = "";
219  if( (isset($_POST["widget_typ"])) AND ($_POST["widget_typ"] != "") ){
220  $widget_whitelist = array("label","text","textExt","longtext","radioButtonList","line","checkBoxList","checkBoxSingle","matrix","schedule");
221  if( in_array($_POST["widget_typ"],$widget_whitelist) ){
222  $widget = widgetFactory($_POST["widget_typ"]);
223  if( sizeof(class_parents($widget)) == 0 ){
224  $err_reason="Widget nicht verfügbar";
225  }
226  }else{
227  $err_reason="Bitte einen Fragetyp auswählen um eine Frage hinzuzufügen";
228  }
229  }else{
230  $err_reason="Bitte einen Fragetyp auswählen um eine Frage hinzuzufügen";
231  }
232 
233  if($err_reason == ""){
234  $widget->set_name("-");
235  $widget->set_default_values($db);
236  }else{
237  $messages->add_message( new errorMessage($err_reason) );
238  }
239 
240  if( ($messages->iserr()) === false){
241  $poll->insert_widget(-1,$widget);
242  $widget->set_config("font-size", $poll->get_widget_default_font_config("font-size") );
243  $widget->set_config("font-family", $poll->get_widget_default_font_config("font-family") );
244  $db->insert_widget( $poll->widget_list[ sizeof($poll->widget_list)-1 ] ,$poll->type);
245 
246  // make default childs
247  if($widget instanceof container){
248  $widget->set_default_values($db);
249  }
250 
251  // clean up result table
252  $db->garbage_collect_result_table($poll);
253  }
254 
255  if( ($messages->iserr()) === true ){
256  header("Location: edit.php?pollID={$poll->ID}");
257  }else{
258  header("location: edit.php?pollID={$poll->ID}&widgetID={$widget->ID}");
259  }
260  exit();
261 }
262 
263 
264 
265 
266 
267 /*****************
268  * BEGIN HTML
269  *****************/
270 $navbar = array( 0 => array("name"=>"Backend","href"=>"index.php","onclick"=>"") );
271 $navbar[] = array( "name"=>"Umfrage {$poll->ID} Bearbeiten" , "href"=>"edit.php?pollID={$poll->ID}" , "onclick"=>"");
272 $navbar[] = array( "name"=>"Frage {$widget->ID} Bearbeiten" , "href"=>"" , "onclick"=>"");
273 
274 HTML::doctype();
275 HTML::head("",1); // extra header section , level of deepness for relative paths
276 HTML::menu($navbar); // navbar array
277 
278 $messages->display_messages();
279 $messages->del_all_messages();
280 
281 
282 if( $edit == "confirm widget remove" ){
283  print_warning("<b>{$widget->dispName}</b> mit der ID <b>{$widget->ID}</b> in der Umfrage <b>{$poll->name}</b> wirklich löschen?");
284  echo "<form method='POST' action=''>";
285  echo "<input type='submit' name='cancel_action' value='Abbrechen' />";
286  echo "<input type='submit' name='rmwid_confirm' value='Ja, wirklich' />";
287  echo "</form>";
288 
289 }
290 
291 HTML::foot();
292 
293 ?>