<?php
/***************************************************************************
- * Copyright (C) 2003-2008 Polytechnique.org *
+ * Copyright (C) 2003-2014 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'survey' => $this->make_hook('index', AUTH_PUBLIC),
- 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC),
- 'survey/result' => $this->make_hook('result', AUTH_PUBLIC),
- 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE),
- 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE),
- 'survey/admin' => $this->make_hook('admin', AUTH_MDP, 'admin'),
- 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_MDP, 'admin'),
- 'survey/admin/valid' => $this->make_hook('adminValidate', AUTH_MDP, 'admin'),
- 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_MDP, 'admin'),
+ 'survey' => $this->make_hook('index', AUTH_PUBLIC),
+ 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC),
+ 'survey/result' => $this->make_hook('result', AUTH_PUBLIC),
+ 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE, 'user'),
+ 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE, 'user'),
+ 'survey/admin' => $this->make_hook('admin', AUTH_PASSWD, 'admin'),
+ 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_PASSWD, 'admin'),
+ 'survey/admin/valid' => $this->make_hook('adminValidate', AUTH_PASSWD, 'admin'),
+ 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_PASSWD, 'admin'),
);
}
// }}}
// {{{ function handler_index() : lists all available surveys
- function handler_index(&$page, $action = null)
+ function handler_index($page, $action = null)
{
$this->load('survey.inc.php');
$page->changeTpl('survey/index.tpl');
// }}}
// {{{ function handler_vote() : handles the vote to a survey
- function handler_vote(&$page, $id = -1)
+ function handler_vote($page, $id = -1)
{
if (Post::has('survey_cancel')) { // if the user cancels, returns to index
- return $this->handler_index(&$page);
+ return $this->handler_index($page);
}
$id = intval($id);
if ($id == -1) {
return PL_DO_AUTH;
}
if (Post::has('survey_submit')) { // checks if the survey has already been filled in
+ // admins can see the survey but not vote
+ if (!$this->check_surveyPerms($page, $survey, false, false)) {
+ return PL_DO_AUTH;
+ }
$uid = 0;
if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni
$uid = S::v('uid');
$survey = Survey::retrieveSurvey($id); // retrieves the survey object structure
if ($survey == null || !$survey->isValid()) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey');
- } elseif (!$survey->isEnded()) {
+ } elseif (!$survey->isEnded() && !$survey->canSeeEarlyResults(S::user())) {
return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey');
}
- if (!$this->check_surveyPerms($page, $survey)) {
+ if (!$survey->canSeeEarlyResults(S::user()) && !$this->check_surveyPerms($page, $survey)) {
return PL_DO_AUTH;
}
if ($show == 'csv') {
- header('Content-Type: text/csv; charset="UTF-8"');
+ pl_content_headers("text/csv");
+ header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"');
echo $survey->toCSV();
exit;
} else {
// }}}
// {{{ function handler_admin() : index of admin mode
- function handler_admin(&$page, $id = -1)
+ function handler_admin($page, $id = -1)
{
$this->load('survey.inc.php');
$this->clear_session();
// }}}
// {{{ function handler_adminEdit() : edits a survey in admin mode
- function handler_adminEdit(&$page, $id = -1, $req = -1)
+ function handler_adminEdit($page, $id = -1, $req = -1)
{
if ($id == -1 || ($id == 'req' && $req == -1)) {
return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
// }}}
// {{{ function handler_adminValidate() : validates a survey (admin mode)
- function handler_adminValidate(&$page, $id = -1)
+ function handler_adminValidate($page, $id = -1)
{
$id = Post::i('survey_id', $id);
if (Post::has('survey_cancel')) { // if the admin cancels the validation, returns to the admin index
$this->clear_session();
- return $this->handler_admin(&$page, $id);
+ return $this->handler_admin($page, $id);
}
if ($id == -1) {
return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
// }}}
// {{{ function handler_adminDelete() : deletes a survey (admin mode)
- function handler_adminDelete(&$page, $id = -1)
+ function handler_adminDelete($page, $id = -1)
{
$id = Post::i('survey_id', $id);
if (Post::has('survey_cancel')) { // if the admin cancels the suppression, returns to the admin index
- return $this->handler_admin(&$page, $id);
+ return $this->handler_admin($page, $id);
}
if ($id == -1) {
return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
// }}}
// {{{ function handler_edit() : edits a survey (in normal mode unless called by handler_adminEdit() )
- function handler_edit(&$page, $action = 'show', $qid = 'root')
+ function handler_edit($page, $action = 'show', $qid = 'root')
{
$this->load('survey.inc.php');
$action = Post::v('survey_action', $action);
return $this->handler_index($page); // else shows the 'normal' index
}
} else { // asks for a confirmation if it has not been sent
- $this->show_confirm(&$page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, "
+ $this->show_confirm($page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, "
."toutes les données éditées jusque là seront définitivement perdues.",
'edit', array('action' => $action));
}
// }}}
// {{{ function handler_ajax() : some ajax in editing a new question (for now, there may be a little more later)
- function handler_ajax(&$page, $type)
+ function handler_ajax($page, $type)
{
$this->load('survey.inc.php');
- header('Content-Type: text/html; charset="UTF-8"');
+ pl_content_headers("text/html");
if (Survey::isType($type)) { // when type has been chosen, the form is updated to fit exactly the type of question chosen
$page->changeTpl('survey/edit_new.tpl', NO_SKIN);
$page->assign('survey_types', Survey::getTypes());
// }}}
// {{{ function check_surveyPerms() : checks the particular surveys access permissions
- function check_surveyPerms(&$page, $survey)
+ function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true)
{
$this->load('survey.inc.php');
- if (!$survey->isMode(Survey::MODE_ALL)) { // if the survey is reserved to alumni
- if (!S::logged()) {
- return false;
+ if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni
+ return true;
+ }
+ if (!S::logged()) {
+ return false;
+ }
+ $profile = S::user()->profile();
+ if (!$profile) {
+ return false;
+ }
+ // checks promotion
+ $allowed = false;
+ foreach ($profile->yearspromo() as $p) {
+ if ($survey->checkPromo($p)) {
+ $allowed = true;
+ break;
}
- if (!$survey->checkPromo(S::v('promo'))) { // checks promotion
- $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
+ }
+ if ($allowed) {
+ return true;
+ }
+ if (S::admin() && $admin_allowed) {
+ if (!$silent) {
+ $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
}
+ return true;
+ }
+ if (!$silent) {
+ $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
- return true;
+ return false;
}
// }}}
// {{{ function show_survey() : calls the template to display a survey, for editing, voting, or consulting the results
- function show_survey(&$page, $survey)
+ function show_survey($page, $survey)
{
$page->changeTpl('survey/show_root.tpl');
$page->assign('survey', $survey->toArray());
// }}}
// {{{ function show_form() : calls the template to display the editing form
- function show_form(&$page, $action, $qid, $type = 'new', $current = null)
+ function show_form($page, $action, $qid, $type = 'new', $current = null)
{
$page->changeTpl('survey/edit_survey.tpl');
$page->assign('survey_action', $action);
// }}}
// {{{ function show_confirm() : calls the template to display a confirm form
- function show_confirm(&$page, $message, $formaction, $formhidden = null)
+ function show_confirm($page, $message, $formaction, $formhidden = null)
{
$page->changeTpl('survey/confirm.tpl');
$page->assign('survey_message', $message);
// }}}
// {{{ function show_error() : calls the template to display an error message
- function show_error(&$page, $message, $link = "", $errArray = null)
+ function show_error($page, $message, $link = "", $errArray = null)
{
$page->changeTpl('survey/error.tpl');
$page->assign('survey_message', $message);
// }}}
// {{{ function show_success() : calls the template to display a success message
- function show_success(&$page, $message = "", $link = "")
+ function show_success($page, $message = "", $link = "")
{
$page->changeTpl('survey/success.tpl');
$page->assign('survey_message', $message);
// }}}
}
-// vim:set et sw=4 sts=4 ts=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 ts=4 foldmethod=marker fenc=utf-8:
?>
projects / platal.git / blobdiff