return PL_DO_AUTH;
}
if (Post::has('survey_submit')) { // checks if the survey has already been filled in
+ // admins can see the survey but not vote
+ if (!$this->check_surveyPerms($page, $survey, false, false)) {
+ return PL_DO_AUTH;
+ }
$uid = 0;
if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni
$uid = S::v('uid');
}
if ($show == 'csv') {
pl_content_headers("text/csv");
+ header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"');
echo $survey->toCSV();
exit;
} else {
// }}}
// {{{ function check_surveyPerms() : checks the particular surveys access permissions
- function check_surveyPerms(&$page, $survey)
+ function check_surveyPerms(&$page, $survey, $silent = false, $admin_allowed = true)
{
$this->load('survey.inc.php');
- if (!$survey->isMode(Survey::MODE_ALL)) { // if the survey is reserved to alumni
- if (!S::logged()) {
- return false;
- }
- $profile = S::user()->profile();
- if (!$profile) {
- return false;
- }
- // checks promotion
- $allowed = false;
- foreach ($profile->yearspromo() as $p) {
- if ($survey->checkPromo($p)) {
- $allowed = true;
- break;
- }
+ if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni
+ return true;
+ }
+ if (!S::logged()) {
+ return false;
+ }
+ $profile = S::user()->profile();
+ if (!$profile) {
+ return false;
+ }
+ // checks promotion
+ $allowed = false;
+ foreach ($profile->yearspromo() as $p) {
+ if ($survey->checkPromo($p)) {
+ $allowed = true;
+ break;
}
- if (!$allowed) {
- $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
+ }
+ if ($allowed) {
+ return true;
+ }
+ if (S::admin() && $admin_allowed) {
+ if (!$silent) {
+ $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
}
+ return true;
+ }
+ if (!$silent) {
+ $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
- return true;
+ return false;
}
// }}}