Issues in survey.php (master) - Issues in master - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1796)

public/main/survey/survey.php (1 issue)

Labels

Severity

Informational 1

<?php

/* For licensing terms, see /license.txt */

use ChamiloSession as Session;
use Chamilo\CoreBundle\Component\Utils\ActionIcon;
use Chamilo\CoreBundle\Component\Utils\ToolIcon;
use Chamilo\CoreBundle\Component\Utils\StateIcon;

/**
 * @author Patrick Cool <[email protected]>, Ghent University:
 * cleanup, refactoring and rewriting large parts of the code
 * @author Julio Montoya
 */
require_once __DIR__.'/../inc/global.inc.php';

$this_section = SECTION_COURSES;
$current_course_tool = TOOL_SURVEY;

api_protect_course_script(true);

/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
// Coach can't view this page
$extend_rights_for_coachs = api_get_setting('extend_rights_for_coach_on_survey');
$isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(api_get_user_id(), api_get_course_info());

if ($isDrhOfCourse) {
    header('Location: '.api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq());
    exit;
}
if (!api_is_allowed_to_edit(false, true) ||
    (api_is_session_general_coach() && 'false' === $extend_rights_for_coachs)
) {
    api_not_allowed(true);
    exit;
}

// Database table definitions
$table_survey = Database::get_course_table(TABLE_SURVEY);
$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
$table_survey_question_group = Database::get_course_table(TABLE_SURVEY_QUESTION_GROUP);
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_user = Database::get_main_table(TABLE_MAIN_USER);

$survey_id = (int) $_GET['survey_id'];
$course_id = api_get_course_int_id();
$action = $_GET['action'] ?? null;

// Breadcrumbs
$interbreadcrumb[] = [
    'url' => api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq(),
    'name' => get_lang('Survey list'),
];

Session::erase('answer_count');
Session::erase('answer_list');

// Getting the survey information
if (!empty($_GET['survey_id'])) {
    $course_code = api_get_course_id();
    if (-1 != $course_code) {
        $survey_data = SurveyManager::get_survey($survey_id);
    } else {
        api_not_allowed(true);
    }
} else {
    api_not_allowed(true);
}

$tool_name = strip_tags($survey_data['title'], '<span>');
$is_survey_type_1 = 1 == $survey_data['survey_type'];

if (api_strlen(strip_tags($survey_data['title'])) > 40) {
    $tool_name .= '...';
}

if ($is_survey_type_1 && ('addgroup' === $action || 'deletegroup' === $action)) {
    $_POST['name'] = trim($_POST['name']);
    if ('addgroup' === $action) {
        if (!empty($_POST['group_id'])) {
            Database::query('UPDATE '.$table_survey_question_group.' SET description = \''.Database::escape_string($_POST['description']).'\'
                             WHERE c_id = '.$course_id.' AND id = \''.Database::escape_string($_POST['group_id']).'\'');
            Display::addFlash(Display::return_message(get_lang('Update successful')));
        } elseif (!empty($_POST['name'])) {
            Database::query('INSERT INTO '.$table_survey_question_group.' (c_id, title,description,survey_id) values ('.$course_id.', \''.Database::escape_string($_POST['name']).'\',\''.Database::escape_string($_POST['description']).'\',\''.$survey_id.'\') ');
            Display::addFlash(Display::return_message(get_lang('Item added')));
        } else {
            Display::addFlash(Display::return_message(get_lang('Group need name'), 'warning'));
        }
    }

    if ('deletegroup' === $action) {
        $sql = 'DELETE FROM '.$table_survey_question_group.'
                WHERE c_id = '.$course_id.' AND id = '.intval($_GET['gid']).' AND survey_id = '.$survey_id;
        Database::query($sql);
        Display::addFlash(Display::return_message(get_lang('Deleted')));
    }

    api_location(api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&'.api_get_cidreq());
}

$my_question_id_survey = isset($_GET['question_id']) ? (int) $_GET['question_id'] : null;
$my_survey_id_survey = (int) $_GET['survey_id'];
// Displaying the header
if (!empty($action)) {
    switch ($action) {
        case 'copyquestion':
            $copied = SurveyManager::copyQuestion($_GET['question_id']);
            if (false !== $copied) {
                Display::addFlash(Display::return_message(get_lang('The question has been added.')));
            } else {
                Display::addFlash(Display::return_message(get_lang('An error occurred.'), 'warning'));
            }
            break;
        case 'delete':
            $result = SurveyManager::deleteQuestion($my_question_id_survey);
            if (false == $result) {

                Display::addFlash(Display::return_message(get_lang('An error occurred.'), 'warning'));
            } else {
                Display::addFlash(Display::return_message(get_lang('Deleted')));
            }
            break;
        case 'moveup':
        case 'movedown':
            SurveyManager::moveSurveyQuestion(
                $action,
                $my_question_id_survey,
                $my_survey_id_survey
            );
            Display::addFlash(Display::return_message(get_lang('The question has been moved')));
            break;
    }

    api_location(api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&'.api_get_cidreq());
}

Display::display_header($tool_name, 'Survey');

if (!empty($survey_data['survey_version'])) {
    echo '<b>'.get_lang('Version').': '.$survey_data['survey_version'].'</b>';
}

// We exit here is the first or last question is a pagebreak (which causes errors)
SurveyUtil::check_first_last_question($_GET['survey_id']);

// Action links
$survey_actions = '';
if (3 != $survey_data['survey_type']) {
    $survey_actions = '<a href="'.api_get_path(WEB_CODE_PATH).'survey/create_new_survey.php?'.api_get_cidreq(
        ).'&action=edit&survey_id='.$survey_id.'">'.
        Display::getMdiIcon(ActionIcon::EDIT, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Edit survey')).'</a>';
}
$survey_actions .= '<a
    href="'.api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq().'&action=delete&survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('Delete survey').'?', ENT_QUOTES)).'\')) return false;">'.
    Display::getMdiIcon(ActionIcon::DELETE, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Delete survey')).'</a>';

if (3 != $survey_data['survey_type']) {
    $survey_actions .= '<a href="'.api_get_path(WEB_CODE_PATH).'survey/preview.php?'.api_get_cidreq().'&survey_id='.$survey_id.'">'.
        Display::getMdiIcon(ActionIcon::PREVIEW_CONTENT, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Preview')).'</a>';
}

$survey_actions .= '<a href="'.api_get_path(WEB_CODE_PATH).'survey/survey_invite.php?'.api_get_cidreq().'&survey_id='.$survey_id.'">'.
    Display::getMdiIcon(StateIcon::MAIL_NOTIFICATION, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Publish')).'</a>';

if (3 != $survey_data['survey_type']) {
    if ('true' !== api_get_setting('survey.hide_survey_reporting_button')) {
        $survey_actions .= Display::url(
            Display::getMdiIcon(ToolIcon::TRACKING, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Reporting')),
            api_get_path(WEB_CODE_PATH).'survey/reporting.php?'.api_get_cidreq().'&survey_id='.$survey_id
        );
    }
}

$survey_actions .= SurveyUtil::getAdditionalTeacherActions($survey_id, ICON_SIZE_MEDIUM);
echo Display::toolbarAction('survey', [$survey_actions]);

$urlQuestion = api_get_path(WEB_CODE_PATH).'survey/question.php?'.api_get_cidreq().'&action=add';
if (0 == $survey_data['survey_type']) {
    $questions = Display::url(
        Display::getMdiIcon('thumbs-up-down', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Yes / No')),
        $urlQuestion.'&type=yesno&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('format-list-bulleted', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple choice')),
        $urlQuestion.'&type=multiplechoice&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('format-list-bulleted-square', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple answers')),
        $urlQuestion.'&type=multipleresponse&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('form-textarea', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Open')),
        $urlQuestion.'&type=open&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('form-dropdown', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Dropdown')),
        $urlQuestion.'&type=dropdown&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('percent-box-outline', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Percentage')),
        $urlQuestion.'&type=percentage&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('format-annotation-plus', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Score')),
        $urlQuestion.'&type=score&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('format-align-top', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Comment')),
        $urlQuestion.'&type=comment&survey_id='.$survey_id
    );
    $questions .= Display::url(
        Display::getMdiIcon('format-list-bulleted-type', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple choice with *other* option')),
        $urlQuestion.'&type=multiplechoiceother&survey_id='.$survey_id
    );
    if (0 == $survey_data['one_question_per_page']) {
        $questions .= Display::url(
            Display::getMdiIcon('thumbs-up-down', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Selective display')),
            $urlQuestion.'&type=selectivedisplay&survey_id='.$survey_id
        );
        $questions .= Display::url(
            Display::getMdiIcon('format-page-break', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Page break (distinct questions)')),
            $urlQuestion.'&type=pagebreak&survey_id='.$survey_id
        );
    }

    echo Display::toolbarAction('questions', [$questions]);
} else {
    if (3 != $survey_data['survey_type']) {
        echo '<div class="well">';
        echo Display::url(
            Display::getMdiIcon('thumbs-up-down', 'ch-tool-icon', null, ICON_SIZE_BIG, get_lang('Yes / No')),
            $urlQuestion.'&type=personality&survey_id='.$survey_id
        );
        echo '</a></div>';
    }
}

// Displaying the table header with all the questions
echo '<table class="table table-bordered data_table">';
echo '<thead>';
echo '<tr>';
echo '		<th width="5%">'.get_lang('N°').'</th>';
echo '		<th width="50%">'.get_lang('Title').'</th>';
echo '		<th width="15%">'.get_lang('Type').'</th>';
echo '		<th width="15%" >'.get_lang('Options').'</th>';
echo '		<th width="15%">'.get_lang('Edit').'</th>';
if ($is_survey_type_1) {
    echo '<th width="100">'.get_lang('Condition').'</th>';
    echo '<th width="40">'.get_lang('Group').'</th>';
}
echo '	</tr>';
echo '</thead>';

// Displaying the table contents with all the questions
$question_counter = 1;
/*$sql = "SELECT * FROM $table_survey_question_group
        WHERE c_id = $course_id AND survey_id = $survey_id
        ORDER BY iid";
$result = Database::query($sql);
$groups = [];
while ($row = Database::fetch_array($result)) {
    $groups[$row['iid']] = $row['name'];
}*/
$sql = "SELECT survey_question.*, count(survey_question_option.iid) as number_of_options
        FROM $table_survey_question survey_question
        LEFT JOIN $table_survey_question_option survey_question_option
        ON
            survey_question.iid = survey_question_option.question_id
        WHERE
            survey_question.survey_id = $survey_id
        GROUP BY survey_question.iid
        ORDER BY survey_question.sort ASC";

$result = Database::query($sql);
$question_counter_max = Database::num_rows($result);
$questionsGroupClass = '';
while ($row = Database::fetch_assoc($result)) {
    $questionId = $row['iid'];

    $breakClass = '';
    // Visually impact questions between page breaks by changing the bg color
    if ('pagebreak' === $row['type']) {
        $breakClass = ' highlight';
        if (empty($questionsGroupClass)) {
            $questionsGroupClass = 'row_even';
        } else {
            $questionsGroupClass = '';
        }
    }

    echo '<tr class="'.$questionsGroupClass.$breakClass.'">';
    echo '	<td>'.$question_counter.'</td>';
    echo '	<td>';

    if (3 != $survey_data['survey_type']) {
        if (api_strlen($row['survey_question']) > 100) {
            echo api_substr(strip_tags($row['survey_question']), 0, 100).' ... ';
        } else {
            echo $row['survey_question'];
        }
    } else {
        $parts = explode('@@', $row['survey_question']);
        echo api_get_local_time($parts[0]).' - '.api_get_local_time($parts[1]);
    }

    if ('yesno' === $row['type']) {
        $tool_name = get_lang('Yes / No');
    } elseif ('multiplechoice' === $row['type']) {
        $tool_name = get_lang('UniqueSelect');
    } elseif ('multipleresponse' === $row['type']) {
        $tool_name = get_lang('Multiple choice, multiple answers');
    } elseif ('selectivedisplay' === $row['type']) {
        $tool_name = get_lang('Selective display');
    } else {
        $tool_name = get_lang(api_ucfirst(Security::remove_XSS($row['type'])));
    }

    echo '</td>';
    echo '<td>'.$tool_name.'</td>';
    echo '<td>'.$row['number_of_options'].'</td>';
    echo '<td>';
    if (3 != $survey_data['survey_type']) {
        echo '<a
            href="'.api_get_path(WEB_CODE_PATH).
            'survey/question.php?'.api_get_cidreq().'&action=edit&type='.$row['type'].'&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
            Display::getMdiIcon(ActionIcon::EDIT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Edit')).'</a>';
    }

    echo '<a
        href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
        api_get_cidreq().'&action=copyquestion&type='.$row['type'].'&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
        Display::getMdiIcon(ActionIcon::COPY_CONTENT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Copy')).'</a>';

    echo '<a
        href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
        api_get_cidreq().'&action=delete&survey_id='.$survey_id.'&question_id='.$questionId.'"
        onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang("Are you sure you want to delete the question?").'?', ENT_QUOTES)).'\')) return false;">'.
        Display::getMdiIcon(ActionIcon::DELETE, 'ch-tool-icon', null, ICON_SIZE_MEDIUM, get_lang('Delete')).'</a>';
    if (3 != $survey_data['survey_type']) {
        if ($question_counter > 1) {
            echo '<a
                href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
                api_get_cidreq().'&action=moveup&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
                Display::getMdiIcon(ActionIcon::UP, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Move up')).'</a>';
        } else {
            echo Display::getMdiIcon(ActionIcon::UP, 'ch-tool-icon-disabled', null, ICON_SIZE_SMALL, '&nbsp;');
        }
        if ($question_counter < $question_counter_max) {
            echo '<a
                href="'.api_get_path(WEB_CODE_PATH).
                'survey/survey.php?'.api_get_cidreq().'&action=movedown&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
                Display::getMdiIcon(ActionIcon::DOWN, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Move down')).'</a>';
        } else {
            echo Display::getMdiIcon(ActionIcon::DOWN, 'ch-tool-icon-disabled', null, ICON_SIZE_SMALL,'&nbsp;');
        }
    }
    echo '	</td>';
    $question_counter++;

    /*if ($is_survey_type_1) {
        echo '<td>'.((0 == $row['survey_group_pri']) ? get_lang('Secondary') : get_lang('Primary')).'</td>';
        echo '<td>'.((0 == $row['survey_group_pri']) ? $groups[$row['survey_group_sec1']].'-'.$groups[$row['survey_group_sec2']] : $groups[$row['survey_group_pri']]).'</td>';
    }*/
    echo '</tr>';
}

echo '</table>';

if ($is_survey_type_1) {
    echo '<br /><br /><b>'.get_lang('Manage groups').'</b><br /><br />';
    if (in_array(
        $_GET['sendmsg'],
        ['GroupUpdatedSuccessfully', 'GroupDeletedSuccessfully', 'GroupCreatedSuccessfully']
    )
    ) {
        echo Display::return_message(
            get_lang($_GET['sendmsg']),
            'confirmation',
            false
        );
    }

    if (in_array($_GET['sendmsg'], ['GroupNeedName'])) {
        echo Display::return_message(
            get_lang($_GET['sendmsg']),
            'warning',
            false
        );
    }
    echo '<table border="0">
            <tr><td width="100">'.get_lang('Name').'</td><td>'.get_lang('Description').'</td></tr></table>';
    echo '<form
        action="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?action=addgroup&survey_id='.$survey_id.'" method="post">';
    if ('editgroup' === $_GET['action']) {
        $sql = 'SELECT title, description FROM '.$table_survey_question_group.'
                WHERE id = '.intval($_GET['gid']).' AND survey_id = '.$survey_id.'
                LIMIT 1';
        $rs = Database::query($sql);
        $editedrow = Database::fetch_assoc($rs);
        echo '<input type="text" maxlength="20" name="name" value="'.$editedrow['title'].'" size="10" disabled>';
        echo '<input type="text" maxlength="150" name="description" value="'.$editedrow['description'].'" size="40">';
        echo '<input type="hidden" name="group_id" value="'.Security::remove_XSS($_GET['gid']).'">';
        echo '<input
                type="submit"
                value="'.get_lang('Save').'"'.'
                <input type="button" value="'.get_lang('Cancel').'"
                onclick="window.location.href = \'survey.php?survey_id='.Security::remove_XSS($survey_id).'\';" />';
    } else {
        echo '<input type="text" maxlength="20" name="name" value="" size="10">';
        echo '<input type="text" maxlength="250" name="description" value="" size="80">';
        echo '<input type="submit" value="'.get_lang('Create').'"';
    }
    echo '</form><br />';
    echo '<table class="data_table">';
    echo '	<tr class="row_odd">';
    echo '		<th width="200">'.get_lang('Name').'</th>';
    echo '		<th>'.get_lang('Description').'</th>';
    echo '		<th width="100">'.get_lang('Edit').'</th>';
    echo '	</tr>';

    $sql = 'SELECT id, title, description
            FROM '.$table_survey_question_group.'
            WHERE
                c_id = '.$course_id.' AND
                survey_id = '.intval($survey_id).'
            ORDER BY name';

    $rs = Database::query($sql);
    $grouplist = '';
    while ($row = Database::fetch_assoc($rs)) {
        $grouplist .= '<tr><td>'.$row['title'].'</td><td>'.$row['description'].'</td><td>'.
        '<a href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&gid='.$row['id'].'&action=editgroup">'.
        Display::getMdiIcon(ActionIcon::EDIT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Edit')).'</a> '.
        '<a
            href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&gid='.$row['id'].'&action=deletegroup"
            onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('Are you sure you want to delete %s?'), $row['title']).'?', ENT_QUOTES)).'\')) return false;">'.
        Display::getMdiIcon(ActionIcon::DELETE, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Delete')).'</a>'.
        '</td></tr>';
    }
    echo $grouplist.'</table>';
}

Session::erase('answer_count');
Display::display_footer();


1			<?php
2
3			/* For licensing terms, see /license.txt */
4
5			use ChamiloSession as Session;
6			use Chamilo\CoreBundle\Component\Utils\ActionIcon;
7			use Chamilo\CoreBundle\Component\Utils\ToolIcon;
8			use Chamilo\CoreBundle\Component\Utils\StateIcon;
9
10			/**
11			* @author Patrick Cool <[email protected]>, Ghent University:
12			* cleanup, refactoring and rewriting large parts of the code
13			* @author Julio Montoya
14			*/
15			require_once __DIR__.'/../inc/global.inc.php';
16
17			$this_section = SECTION_COURSES;
18			$current_course_tool = TOOL_SURVEY;
19
20			api_protect_course_script(true);
21
22			/** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
23			// Coach can't view this page
24			$extend_rights_for_coachs = api_get_setting('extend_rights_for_coach_on_survey');
25			$isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(api_get_user_id(), api_get_course_info());
26
27			if ($isDrhOfCourse) {
28			header('Location: '.api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq());
29			exit;
30			}
31			if (!api_is_allowed_to_edit(false, true) \|\|
32			(api_is_session_general_coach() && 'false' === $extend_rights_for_coachs)
33			) {
34			api_not_allowed(true);
35			exit;
36			}
37
38			// Database table definitions
39			$table_survey = Database::get_course_table(TABLE_SURVEY);
40			$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
41			$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
42			$table_survey_question_group = Database::get_course_table(TABLE_SURVEY_QUESTION_GROUP);
43			$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
44			$table_user = Database::get_main_table(TABLE_MAIN_USER);
45
46			$survey_id = (int) $_GET['survey_id'];
47			$course_id = api_get_course_int_id();
48			$action = $_GET['action'] ?? null;
49
50			// Breadcrumbs
51			$interbreadcrumb[] = [
52			'url' => api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq(),
53			'name' => get_lang('Survey list'),
54			];
55
56			Session::erase('answer_count');
57			Session::erase('answer_list');
58
59			// Getting the survey information
60			if (!empty($_GET['survey_id'])) {
61			$course_code = api_get_course_id();
62			if (-1 != $course_code) {
63			$survey_data = SurveyManager::get_survey($survey_id);
64			} else {
65			api_not_allowed(true);
66			}
67			} else {
68			api_not_allowed(true);
69			}
70
71			$tool_name = strip_tags($survey_data['title'], '<span>');
72			$is_survey_type_1 = 1 == $survey_data['survey_type'];
73
74			if (api_strlen(strip_tags($survey_data['title'])) > 40) {
75			$tool_name .= '...';
76			}
77
78			if ($is_survey_type_1 && ('addgroup' === $action \|\| 'deletegroup' === $action)) {
79			$_POST['name'] = trim($_POST['name']);
80			if ('addgroup' === $action) {
81			if (!empty($_POST['group_id'])) {
82			Database::query('UPDATE '.$table_survey_question_group.' SET description = \''.Database::escape_string($_POST['description']).'\'
83			WHERE c_id = '.$course_id.' AND id = \''.Database::escape_string($_POST['group_id']).'\'');
84			Display::addFlash(Display::return_message(get_lang('Update successful')));
85			} elseif (!empty($_POST['name'])) {
86			Database::query('INSERT INTO '.$table_survey_question_group.' (c_id, title,description,survey_id) values ('.$course_id.', \''.Database::escape_string($_POST['name']).'\',\''.Database::escape_string($_POST['description']).'\',\''.$survey_id.'\') ');
87			Display::addFlash(Display::return_message(get_lang('Item added')));
88			} else {
89			Display::addFlash(Display::return_message(get_lang('Group need name'), 'warning'));
90			}
91			}
92
93			if ('deletegroup' === $action) {
94			$sql = 'DELETE FROM '.$table_survey_question_group.'
95			WHERE c_id = '.$course_id.' AND id = '.intval($_GET['gid']).' AND survey_id = '.$survey_id;
96			Database::query($sql);
97			Display::addFlash(Display::return_message(get_lang('Deleted')));
98			}
99
100			api_location(api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&'.api_get_cidreq());
101			}
102
103			$my_question_id_survey = isset($_GET['question_id']) ? (int) $_GET['question_id'] : null;
104			$my_survey_id_survey = (int) $_GET['survey_id'];
105			// Displaying the header
106			if (!empty($action)) {
107			switch ($action) {
108			case 'copyquestion':
109			$copied = SurveyManager::copyQuestion($_GET['question_id']);
110			if (false !== $copied) {
111			Display::addFlash(Display::return_message(get_lang('The question has been added.')));
112			} else {
113			Display::addFlash(Display::return_message(get_lang('An error occurred.'), 'warning'));
114			}
115			break;
116			case 'delete':
117			$result = SurveyManager::deleteQuestion($my_question_id_survey);
118			if (false == $result) {
			0 ignored issues – show Coding Style Best Practice introduced 2020-06-05 03:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
119			Display::addFlash(Display::return_message(get_lang('An error occurred.'), 'warning'));
120			} else {
121			Display::addFlash(Display::return_message(get_lang('Deleted')));
122			}
123			break;
124			case 'moveup':
125			case 'movedown':
126			SurveyManager::moveSurveyQuestion(
127			$action,
128			$my_question_id_survey,
129			$my_survey_id_survey
130			);
131			Display::addFlash(Display::return_message(get_lang('The question has been moved')));
132			break;
133			}
134
135			api_location(api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&'.api_get_cidreq());
136			}
137
138			Display::display_header($tool_name, 'Survey');
139
140			if (!empty($survey_data['survey_version'])) {
141			echo '<b>'.get_lang('Version').': '.$survey_data['survey_version'].'</b>';
142			}
143
144			// We exit here is the first or last question is a pagebreak (which causes errors)
145			SurveyUtil::check_first_last_question($_GET['survey_id']);
146
147			// Action links
148			$survey_actions = '';
149			if (3 != $survey_data['survey_type']) {
150			$survey_actions = '<a href="'.api_get_path(WEB_CODE_PATH).'survey/create_new_survey.php?'.api_get_cidreq(
151			).'&action=edit&survey_id='.$survey_id.'">'.
152			Display::getMdiIcon(ActionIcon::EDIT, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Edit survey')).'</a>';
153			}
154			$survey_actions .= '<a
155			href="'.api_get_path(WEB_CODE_PATH).'survey/survey_list.php?'.api_get_cidreq().'&action=delete&survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang('Delete survey').'?', ENT_QUOTES)).'\')) return false;">'.
156			Display::getMdiIcon(ActionIcon::DELETE, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Delete survey')).'</a>';
157
158			if (3 != $survey_data['survey_type']) {
159			$survey_actions .= '<a href="'.api_get_path(WEB_CODE_PATH).'survey/preview.php?'.api_get_cidreq().'&survey_id='.$survey_id.'">'.
160			Display::getMdiIcon(ActionIcon::PREVIEW_CONTENT, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Preview')).'</a>';
161			}
162
163			$survey_actions .= '<a href="'.api_get_path(WEB_CODE_PATH).'survey/survey_invite.php?'.api_get_cidreq().'&survey_id='.$survey_id.'">'.
164			Display::getMdiIcon(StateIcon::MAIL_NOTIFICATION, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Publish')).'</a>';
165
166			if (3 != $survey_data['survey_type']) {
167			if ('true' !== api_get_setting('survey.hide_survey_reporting_button')) {
168			$survey_actions .= Display::url(
169			Display::getMdiIcon(ToolIcon::TRACKING, 'ch-toolbar-icon', null, ICON_SIZE_MEDIUM, get_lang('Reporting')),
170			api_get_path(WEB_CODE_PATH).'survey/reporting.php?'.api_get_cidreq().'&survey_id='.$survey_id
171			);
172			}
173			}
174
175			$survey_actions .= SurveyUtil::getAdditionalTeacherActions($survey_id, ICON_SIZE_MEDIUM);
176			echo Display::toolbarAction('survey', [$survey_actions]);
177
178			$urlQuestion = api_get_path(WEB_CODE_PATH).'survey/question.php?'.api_get_cidreq().'&action=add';
179			if (0 == $survey_data['survey_type']) {
180			$questions = Display::url(
181			Display::getMdiIcon('thumbs-up-down', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Yes / No')),
182			$urlQuestion.'&type=yesno&survey_id='.$survey_id
183			);
184			$questions .= Display::url(
185			Display::getMdiIcon('format-list-bulleted', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple choice')),
186			$urlQuestion.'&type=multiplechoice&survey_id='.$survey_id
187			);
188			$questions .= Display::url(
189			Display::getMdiIcon('format-list-bulleted-square', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple answers')),
190			$urlQuestion.'&type=multipleresponse&survey_id='.$survey_id
191			);
192			$questions .= Display::url(
193			Display::getMdiIcon('form-textarea', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Open')),
194			$urlQuestion.'&type=open&survey_id='.$survey_id
195			);
196			$questions .= Display::url(
197			Display::getMdiIcon('form-dropdown', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Dropdown')),
198			$urlQuestion.'&type=dropdown&survey_id='.$survey_id
199			);
200			$questions .= Display::url(
201			Display::getMdiIcon('percent-box-outline', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Percentage')),
202			$urlQuestion.'&type=percentage&survey_id='.$survey_id
203			);
204			$questions .= Display::url(
205			Display::getMdiIcon('format-annotation-plus', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Score')),
206			$urlQuestion.'&type=score&survey_id='.$survey_id
207			);
208			$questions .= Display::url(
209			Display::getMdiIcon('format-align-top', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Comment')),
210			$urlQuestion.'&type=comment&survey_id='.$survey_id
211			);
212			$questions .= Display::url(
213			Display::getMdiIcon('format-list-bulleted-type', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Multiple choice with other option')),
214			$urlQuestion.'&type=multiplechoiceother&survey_id='.$survey_id
215			);
216			if (0 == $survey_data['one_question_per_page']) {
217			$questions .= Display::url(
218			Display::getMdiIcon('thumbs-up-down', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Selective display')),
219			$urlQuestion.'&type=selectivedisplay&survey_id='.$survey_id
220			);
221			$questions .= Display::url(
222			Display::getMdiIcon('format-page-break', 'ch-toolbar-icon', null, ICON_SIZE_BIG, get_lang('Page break (distinct questions)')),
223			$urlQuestion.'&type=pagebreak&survey_id='.$survey_id
224			);
225			}
226
227			echo Display::toolbarAction('questions', [$questions]);
228			} else {
229			if (3 != $survey_data['survey_type']) {
230			echo '<div class="well">';
231			echo Display::url(
232			Display::getMdiIcon('thumbs-up-down', 'ch-tool-icon', null, ICON_SIZE_BIG, get_lang('Yes / No')),
233			$urlQuestion.'&type=personality&survey_id='.$survey_id
234			);
235			echo '</a></div>';
236			}
237			}
238
239			// Displaying the table header with all the questions
240			echo '<table class="table table-bordered data_table">';
241			echo '<thead>';
242			echo '<tr>';
243			echo ' <th width="5%">'.get_lang('N°').'</th>';
244			echo ' <th width="50%">'.get_lang('Title').'</th>';
245			echo ' <th width="15%">'.get_lang('Type').'</th>';
246			echo ' <th width="15%" >'.get_lang('Options').'</th>';
247			echo ' <th width="15%">'.get_lang('Edit').'</th>';
248			if ($is_survey_type_1) {
249			echo '<th width="100">'.get_lang('Condition').'</th>';
250			echo '<th width="40">'.get_lang('Group').'</th>';
251			}
252			echo ' </tr>';
253			echo '</thead>';
254
255			// Displaying the table contents with all the questions
256			$question_counter = 1;
257			/$sql = "SELECT FROM $table_survey_question_group
258			WHERE c_id = $course_id AND survey_id = $survey_id
259			ORDER BY iid";
260			$result = Database::query($sql);
261			$groups = [];
262			while ($row = Database::fetch_array($result)) {
263			$groups[$row['iid']] = $row['name'];
264			}*/
265			$sql = "SELECT survey_question.*, count(survey_question_option.iid) as number_of_options
266			FROM $table_survey_question survey_question
267			LEFT JOIN $table_survey_question_option survey_question_option
268			ON
269			survey_question.iid = survey_question_option.question_id
270			WHERE
271			survey_question.survey_id = $survey_id
272			GROUP BY survey_question.iid
273			ORDER BY survey_question.sort ASC";
274
275			$result = Database::query($sql);
276			$question_counter_max = Database::num_rows($result);
277			$questionsGroupClass = '';
278			while ($row = Database::fetch_assoc($result)) {
279			$questionId = $row['iid'];
280
281			$breakClass = '';
282			// Visually impact questions between page breaks by changing the bg color
283			if ('pagebreak' === $row['type']) {
284			$breakClass = ' highlight';
285			if (empty($questionsGroupClass)) {
286			$questionsGroupClass = 'row_even';
287			} else {
288			$questionsGroupClass = '';
289			}
290			}
291
292			echo '<tr class="'.$questionsGroupClass.$breakClass.'">';
293			echo ' <td>'.$question_counter.'</td>';
294			echo ' <td>';
295
296			if (3 != $survey_data['survey_type']) {
297			if (api_strlen($row['survey_question']) > 100) {
298			echo api_substr(strip_tags($row['survey_question']), 0, 100).' ... ';
299			} else {
300			echo $row['survey_question'];
301			}
302			} else {
303			$parts = explode('@@', $row['survey_question']);
304			echo api_get_local_time($parts[0]).' - '.api_get_local_time($parts[1]);
305			}
306
307			if ('yesno' === $row['type']) {
308			$tool_name = get_lang('Yes / No');
309			} elseif ('multiplechoice' === $row['type']) {
310			$tool_name = get_lang('UniqueSelect');
311			} elseif ('multipleresponse' === $row['type']) {
312			$tool_name = get_lang('Multiple choice, multiple answers');
313			} elseif ('selectivedisplay' === $row['type']) {
314			$tool_name = get_lang('Selective display');
315			} else {
316			$tool_name = get_lang(api_ucfirst(Security::remove_XSS($row['type'])));
317			}
318
319			echo '</td>';
320			echo '<td>'.$tool_name.'</td>';
321			echo '<td>'.$row['number_of_options'].'</td>';
322			echo '<td>';
323			if (3 != $survey_data['survey_type']) {
324			echo '<a
325			href="'.api_get_path(WEB_CODE_PATH).
326			'survey/question.php?'.api_get_cidreq().'&action=edit&type='.$row['type'].'&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
327			Display::getMdiIcon(ActionIcon::EDIT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Edit')).'</a>';
328			}
329
330			echo '<a
331			href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
332			api_get_cidreq().'&action=copyquestion&type='.$row['type'].'&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
333			Display::getMdiIcon(ActionIcon::COPY_CONTENT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Copy')).'</a>';
334
335			echo '<a
336			href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
337			api_get_cidreq().'&action=delete&survey_id='.$survey_id.'&question_id='.$questionId.'"
338			onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(get_lang("Are you sure you want to delete the question?").'?', ENT_QUOTES)).'\')) return false;">'.
339			Display::getMdiIcon(ActionIcon::DELETE, 'ch-tool-icon', null, ICON_SIZE_MEDIUM, get_lang('Delete')).'</a>';
340			if (3 != $survey_data['survey_type']) {
341			if ($question_counter > 1) {
342			echo '<a
343			href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?'.
344			api_get_cidreq().'&action=moveup&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
345			Display::getMdiIcon(ActionIcon::UP, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Move up')).'</a>';
346			} else {
347			echo Display::getMdiIcon(ActionIcon::UP, 'ch-tool-icon-disabled', null, ICON_SIZE_SMALL, ' ');
348			}
349			if ($question_counter < $question_counter_max) {
350			echo '<a
351			href="'.api_get_path(WEB_CODE_PATH).
352			'survey/survey.php?'.api_get_cidreq().'&action=movedown&survey_id='.$survey_id.'&question_id='.$questionId.'">'.
353			Display::getMdiIcon(ActionIcon::DOWN, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Move down')).'</a>';
354			} else {
355			echo Display::getMdiIcon(ActionIcon::DOWN, 'ch-tool-icon-disabled', null, ICON_SIZE_SMALL,' ');
356			}
357			}
358			echo ' </td>';
359			$question_counter++;
360
361			/*if ($is_survey_type_1) {
362			echo '<td>'.((0 == $row['survey_group_pri']) ? get_lang('Secondary') : get_lang('Primary')).'</td>';
363			echo '<td>'.((0 == $row['survey_group_pri']) ? $groups[$row['survey_group_sec1']].'-'.$groups[$row['survey_group_sec2']] : $groups[$row['survey_group_pri']]).'</td>';
364			}*/
365			echo '</tr>';
366			}
367
368			echo '</table>';
369
370			if ($is_survey_type_1) {
371			echo '<br /><br /><b>'.get_lang('Manage groups').'</b><br /><br />';
372			if (in_array(
373			$_GET['sendmsg'],
374			['GroupUpdatedSuccessfully', 'GroupDeletedSuccessfully', 'GroupCreatedSuccessfully']
375			)
376			) {
377			echo Display::return_message(
378			get_lang($_GET['sendmsg']),
379			'confirmation',
380			false
381			);
382			}
383
384			if (in_array($_GET['sendmsg'], ['GroupNeedName'])) {
385			echo Display::return_message(
386			get_lang($_GET['sendmsg']),
387			'warning',
388			false
389			);
390			}
391			echo '<table border="0">
392			<tr><td width="100">'.get_lang('Name').'</td><td>'.get_lang('Description').'</td></tr></table>';
393			echo '<form
394			action="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?action=addgroup&survey_id='.$survey_id.'" method="post">';
395			if ('editgroup' === $_GET['action']) {
396			$sql = 'SELECT title, description FROM '.$table_survey_question_group.'
397			WHERE id = '.intval($_GET['gid']).' AND survey_id = '.$survey_id.'
398			LIMIT 1';
399			$rs = Database::query($sql);
400			$editedrow = Database::fetch_assoc($rs);
401			echo '<input type="text" maxlength="20" name="name" value="'.$editedrow['title'].'" size="10" disabled>';
402			echo '<input type="text" maxlength="150" name="description" value="'.$editedrow['description'].'" size="40">';
403			echo '<input type="hidden" name="group_id" value="'.Security::remove_XSS($_GET['gid']).'">';
404			echo '<input
405			type="submit"
406			value="'.get_lang('Save').'"'.'
407			<input type="button" value="'.get_lang('Cancel').'"
408			onclick="window.location.href = \'survey.php?survey_id='.Security::remove_XSS($survey_id).'\';" />';
409			} else {
410			echo '<input type="text" maxlength="20" name="name" value="" size="10">';
411			echo '<input type="text" maxlength="250" name="description" value="" size="80">';
412			echo '<input type="submit" value="'.get_lang('Create').'"';
413			}
414			echo '</form><br />';
415			echo '<table class="data_table">';
416			echo ' <tr class="row_odd">';
417			echo ' <th width="200">'.get_lang('Name').'</th>';
418			echo ' <th>'.get_lang('Description').'</th>';
419			echo ' <th width="100">'.get_lang('Edit').'</th>';
420			echo ' </tr>';
421
422			$sql = 'SELECT id, title, description
423			FROM '.$table_survey_question_group.'
424			WHERE
425			c_id = '.$course_id.' AND
426			survey_id = '.intval($survey_id).'
427			ORDER BY name';
428
429			$rs = Database::query($sql);
430			$grouplist = '';
431			while ($row = Database::fetch_assoc($rs)) {
432			$grouplist .= '<tr><td>'.$row['title'].'</td><td>'.$row['description'].'</td><td>'.
433			'<a href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&gid='.$row['id'].'&action=editgroup">'.
434			Display::getMdiIcon(ActionIcon::EDIT, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Edit')).'</a> '.
435			'<a
436			href="'.api_get_path(WEB_CODE_PATH).'survey/survey.php?survey_id='.$survey_id.'&gid='.$row['id'].'&action=deletegroup"
437			onclick="javascript:if(!confirm(\''.addslashes(api_htmlentities(sprintf(get_lang('Are you sure you want to delete %s?'), $row['title']).'?', ENT_QUOTES)).'\')) return false;">'.
438			Display::getMdiIcon(ActionIcon::DELETE, 'ch-tool-icon', null, ICON_SIZE_SMALL, get_lang('Delete')).'</a>'.
439			'</td></tr>';
440			}
441			echo $grouplist.'</table>';
442			}
443
444			Session::erase('answer_count');
445			Display::display_footer();
446

chamilo / chamilo-lms

Issues (1796)

public/main/survey/survey.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like