<?php
/***************************************************************************
- * Copyright (C) 2003-2007 Polytechnique.org *
+ * Copyright (C) 2003-2011 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
function handlers()
{
return array(
- 'survey' => $this->make_hook('index', AUTH_PUBLIC),
- 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC),
- 'survey/result' => $this->make_hook('result', AUTH_PUBLIC),
- 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE),
- 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE),
- 'survey/admin' => $this->make_hook('admin', AUTH_MDP, 'admin'),
- 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_MDP, 'admin'),
- 'survey/admin/valid' => $this->make_hook('adminValidate', AUTH_MDP, 'admin'),
- 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_MDP, 'admin'),
+ 'survey' => $this->make_hook('index', AUTH_PUBLIC),
+ 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC),
+ 'survey/result' => $this->make_hook('result', AUTH_PUBLIC),
+ 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE, 'user'),
+ 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE, 'user'),
+ 'survey/admin' => $this->make_hook('admin', AUTH_PASSWD, 'admin'),
+ 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_PASSWD, 'admin'),
+ 'survey/admin/valid' => $this->make_hook('adminValidate', AUTH_PASSWD, 'admin'),
+ 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_PASSWD, 'admin'),
);
}
// }}}
// {{{ function handler_index() : lists all available surveys
- function handler_index(&$page, $action = null)
+ function handler_index($page, $action = null)
{
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$page->changeTpl('survey/index.tpl');
$page->assign('survey_current', Survey::retrieveList('c'));
$page->assign('survey_old', Survey::retrieveList('o'));
// }}}
// {{{ function handler_vote() : handles the vote to a survey
- function handler_vote(&$page, $id = -1)
+ function handler_vote($page, $id = -1)
{
if (Post::has('survey_cancel')) { // if the user cancels, returns to index
- return $this->handler_index(&$page);
+ return $this->handler_index($page);
}
$id = intval($id);
if ($id == -1) {
- return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey');
+ return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey');
}
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$survey = Survey::retrieveSurvey($id); // retrieves the survey object structure
if ($survey == null || !$survey->isValid()) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey');
} elseif ($survey->isEnded()) {
- return $this->show_error($page, "Le sondage ".$survey->getTitle()." est terminé.", 'survey');
+ return $this->show_error($page, "Le sondage ".$survey->getTitle()." est terminé.", 'survey');
}
if (!$this->check_surveyPerms($page, $survey)) {
- return;
+ return PL_DO_AUTH;
}
if (Post::has('survey_submit')) { // checks if the survey has already been filled in
+ // admins can see the survey but not vote
+ if (!$this->check_surveyPerms($page, $survey, false, false)) {
+ return PL_DO_AUTH;
+ }
$uid = 0;
if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni
$uid = S::v('uid');
if ($survey->hasVoted($uid)) { // checks whether the user has already voted
- return $this->show_error($page, "Tu as déjà voté à ce sondage.", 'survey');
+ return $this->show_error($page, "Tu as déjà voté à ce sondage.", 'survey');
}
}
$survey->vote($uid, Post::v('survey'.$id)); // performs vote
- $this->show_success($page, "Ta réponse a bien été prise en compte. Merci d'avoir participé à ce sondage.", 'survey');
+ $this->show_success($page, "Ta réponse a bien été prise en compte. Merci d'avoir participé à ce sondage.", 'survey');
} else { // offers to fill in the survey
if ($survey->isMode(Survey::MODE_ALL) || !$survey->hasVoted(S::v('uid'))) {
$page->assign('survey_votemode', true);
} else {
- $page->assign('survey_warning', "Tu as déjà voté à ce sondage.");
+ $page->assign('survey_warning', "Tu as déjà voté à ce sondage.");
}
//$page->assign('survey_id', $id);
$this->show_survey($page, $survey);
{
$id = intval($id);
if ($id == -1) {
- return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey');
+ return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey');
}
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$survey = Survey::retrieveSurvey($id); // retrieves the survey object structure
if ($survey == null || !$survey->isValid()) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey');
- } elseif (!$survey->isEnded()) {
- return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey');
+ } elseif (!$survey->isEnded() && !$survey->canSeeEarlyResults(S::user())) {
+ return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey');
}
- if (!$this->check_surveyPerms($page, $survey)) {
- return;
+ if (!$survey->canSeeEarlyResults(S::user()) && !$this->check_surveyPerms($page, $survey)) {
+ return PL_DO_AUTH;
}
if ($show == 'csv') {
- header('Content-Type: text/csv; charset="UTF-8"');
+ pl_content_headers("text/csv");
+ header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"');
echo $survey->toCSV();
exit;
} else {
// }}}
// {{{ function handler_admin() : index of admin mode
- function handler_admin(&$page, $id = -1)
+ function handler_admin($page, $id = -1)
{
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$this->clear_session();
if ($id == -1) {
$page->changeTpl('survey/admin.tpl');
// }}}
// {{{ function handler_adminEdit() : edits a survey in admin mode
- function handler_adminEdit(&$page, $id = -1, $req = -1)
+ function handler_adminEdit($page, $id = -1, $req = -1)
{
if ($id == -1 || ($id == 'req' && $req == -1)) {
- return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
+ return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
}
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$this->clear_session(); // cleans session (in case there would have been a problem before)
if ($id == 'req') {
$survey = Survey::retrieveSurveyReq($req);
// }}}
// {{{ function handler_adminValidate() : validates a survey (admin mode)
- function handler_adminValidate(&$page, $id = -1)
+ function handler_adminValidate($page, $id = -1)
{
$id = Post::i('survey_id', $id);
if (Post::has('survey_cancel')) { // if the admin cancels the validation, returns to the admin index
$this->clear_session();
- return $this->handler_admin(&$page, $id);
+ return $this->handler_admin($page, $id);
}
if ($id == -1) {
- return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
+ return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
}
$id = intval($id);
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$surveyInfo = Survey::retrieveSurveyInfo($id); // retrieves information about the survey (does not retrieve and unserialize the object structure)
if ($surveyInfo == null) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin');
}
if (Post::has('survey_submit')) { // needs a confirmation before validation
if (Survey::validateSurvey($id)) { // validates the survey (in the database)
- $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été validé, les votes sont maintenant ouverts.", 'survey/admin');
+ $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été validé, les votes sont maintenant ouverts.", 'survey/admin');
} else {
$this->show_error($page, '', 'survey/admin');
}
} else { // asks for a confirmation
- $this->show_confirm($page, "Êtes-vous certain de vouloir valider le sondage \"".$surveyInfo['title']."\" ? "
- ."Les votes seront immédiatement ouverts.", 'admin/valid', array('id' => $id));
+ $this->show_confirm($page, "Êtes-vous certain de vouloir valider le sondage \"".$surveyInfo['title']."\" ? "
+ ."Les votes seront immédiatement ouverts.", 'admin/valid', array('id' => $id));
}
}
// }}}
// {{{ function handler_adminDelete() : deletes a survey (admin mode)
- function handler_adminDelete(&$page, $id = -1)
+ function handler_adminDelete($page, $id = -1)
{
$id = Post::i('survey_id', $id);
if (Post::has('survey_cancel')) { // if the admin cancels the suppression, returns to the admin index
- return $this->handler_admin(&$page, $id);
+ return $this->handler_admin($page, $id);
}
if ($id == -1) {
- return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
+ return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin');
}
$id = intval($id);
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$surveyInfo = Survey::retrieveSurveyInfo($id); // retrieves information about the survey (does not retrieve and unserialize the object structure)
if ($surveyInfo == null) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin');
}
if (Post::has('survey_submit')) { // needs a confirmation before suppression
if (Survey::deleteSurvey($id)) { // deletes survey in database
- $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été supprimé, ainsi que tous les votes le concernant.", 'survey/admin');
+ $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été supprimé, ainsi que tous les votes le concernant.", 'survey/admin');
} else {
$this->show_error($page, '', 'survey/admin');
}
} else { // asks for a confirmation
- $this->show_confirm($page, "Êtes-vous certain de vouloir supprimer le sondage \"".$surveyInfo['title']."\" ?", 'admin/del', array('id' => $id));
+ $this->show_confirm($page, "Êtes-vous certain de vouloir supprimer le sondage \"".$surveyInfo['title']."\" ?", 'admin/del', array('id' => $id));
}
}
// }}}
// {{{ function handler_edit() : edits a survey (in normal mode unless called by handler_adminEdit() )
- function handler_edit(&$page, $action = 'show', $qid = 'root')
+ function handler_edit($page, $action = 'show', $qid = 'root')
{
- require_once dirname(__FILE__).'/survey/survey.inc.php';
+ $this->load('survey.inc.php');
$action = Post::v('survey_action', $action);
$qid = Post::v('survey_qid', $qid);
if (Post::has('survey_cancel')) { // after cancelling changes, shows the survey
if ($current == null) {
return $this->show_error($page, '', 'survey/edit');
}
- $this->show_confirm($page, 'Êtes-vous certain de vouloir supprimer la question intitulé "'.$current['question'].'" ? '
- .'Attention, cela supprimera en même temps toutes les questions qui dépendent de celle-ci.',
+ $this->show_confirm($page, 'Êtes-vous certain de vouloir supprimer la question intitulé "'.$current['question'].'" ? '
+ .'Attention, cela supprimera en même temps toutes les questions qui dépendent de celle-ci.',
'edit', array('action' => 'del', 'qid' => $qid));
} // }}}
} elseif ($action == 'show') { // {{{ simply shows the survey in its current state
if (S::has('survey_id')) { // if 'survey_id' is in session, we are modifying an existing survey (in admin mode) instead of proposing a new one
$link = (S::has('survey_validate'))? 'admin/validate' : 'survey/admin';
if ($survey->updateSurvey()) { // updates the database according the new survey object structure
- $this->show_success($page, "Les modifications sur le sondage ont bien été enregistrées.", $link);
+ $this->show_success($page, "Les modifications sur le sondage ont bien été enregistrées.", $link);
} else {
$this->show_error($page, '', $link);
}
} else { // if no 'survey_id' is in session, we are indeed proposing a new survey
if ($survey->proposeSurvey()) { // stores the survey object structure in database
- $this->show_success($page, "Votre proposition de sondage a bien été enregistrée,
+ $this->show_success($page, "Votre proposition de sondage a bien été enregistrée,
elle est en attente de validation par un administrateur du site.", 'survey');
} else {
$this->show_error($page, '', 'survey');
$this->show_error($page, "", 'survey/edit', $errors);
} else {
if (S::has('survey_id')) {
- $this->show_confirm($page, "Veuillez confirmer l'enregistrement des modifications apportées à ce sondage", 'edit', array('action' => 'valid'));
+ $this->show_confirm($page, "Veuillez confirmer l'enregistrement des modifications apportées à ce sondage.", 'edit', array('action' => 'valid'));
} else {
$this->show_confirm($page, "Veuillez confirmer l'envoi de cette proposition de sondage.", 'edit', array('action' => 'valid'));
}
if (S::has('survey_id')) { // only possible when modifying a survey in admin mode
if (S::has('survey_validate')) { // if a link has been supplied, uses it
$this->clear_session();
- return $this->show_success($page, "Les modifications effectuées ont été annulées", 'admin/validate');
+ return $this->show_success($page, "Les modifications effectuées ont été annulées", 'admin/validate');
} else { // else shows the admin index
$this->clear_session();
return $this->handler_admin($page);
return $this->handler_index($page); // else shows the 'normal' index
}
} else { // asks for a confirmation if it has not been sent
- $this->show_confirm(&$page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, "
- ."toutes les données éditées jusque là seront définitivement perdues.",
+ $this->show_confirm($page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, "
+ ."toutes les données éditées jusque là seront définitivement perdues.",
'edit', array('action' => $action));
}
} // }}}
}
// }}}
-
+
// {{{ function handler_ajax() : some ajax in editing a new question (for now, there may be a little more later)
- function handler_ajax(&$page, $type)
+ function handler_ajax($page, $type)
{
- require_once dirname(__FILE__).'/survey/survey.inc.php';
- header('Content-Type: text/html; charset="UTF-8"');
+ $this->load('survey.inc.php');
+ pl_content_headers("text/html");
if (Survey::isType($type)) { // when type has been chosen, the form is updated to fit exactly the type of question chosen
$page->changeTpl('survey/edit_new.tpl', NO_SKIN);
$page->assign('survey_types', Survey::getTypes());
// }}}
// {{{ function check_surveyPerms() : checks the particular surveys access permissions
- function check_surveyPerms(&$page, $survey)
+ function check_surveyPerms($page, $survey, $silent = false, $admin_allowed = true)
{
- require_once dirname(__FILE__).'/survey/survey.inc.php';
- if (!$survey->isMode(Survey::MODE_ALL)) { // if the survey is reserved to alumni
- global $globals;
- if (!call_user_func(array($globals->session, 'doAuth'))) { // checks authentification
- global $platal;
- $platal->force_login($page);
+ $this->load('survey.inc.php');
+ if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni
+ return true;
+ }
+ if (!S::logged()) {
+ return false;
+ }
+ $profile = S::user()->profile();
+ if (!$profile) {
+ return false;
+ }
+ // checks promotion
+ $allowed = false;
+ foreach ($profile->yearspromo() as $p) {
+ if ($survey->checkPromo($p)) {
+ $allowed = true;
+ break;
}
- if (!$survey->checkPromo(S::v('promo'))) { // checks promotion
- $this->show_error($page, "Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.", 'survey');
- return false;
+ }
+ if ($allowed) {
+ return true;
+ }
+ if (S::admin() && $admin_allowed) {
+ if (!$silent) {
+ $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
}
+ return true;
+ }
+ if (!$silent) {
+ $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
- return true;
+ return false;
}
// }}}
// {{{ function show_survey() : calls the template to display a survey, for editing, voting, or consulting the results
- function show_survey(&$page, $survey)
+ function show_survey($page, $survey)
{
$page->changeTpl('survey/show_root.tpl');
$page->assign('survey', $survey->toArray());
// }}}
// {{{ function show_form() : calls the template to display the editing form
- function show_form(&$page, $action, $qid, $type = 'new', $current = null)
+ function show_form($page, $action, $qid, $type = 'new', $current = null)
{
$page->changeTpl('survey/edit_survey.tpl');
$page->assign('survey_action', $action);
}
}
// }}}
-
+
// {{{ function show_confirm() : calls the template to display a confirm form
- function show_confirm(&$page, $message, $formaction, $formhidden = null)
+ function show_confirm($page, $message, $formaction, $formhidden = null)
{
$page->changeTpl('survey/confirm.tpl');
$page->assign('survey_message', $message);
// }}}
// {{{ function show_error() : calls the template to display an error message
- function show_error(&$page, $message, $link = "", $errArray = null)
+ function show_error($page, $message, $link = "", $errArray = null)
{
$page->changeTpl('survey/error.tpl');
$page->assign('survey_message', $message);
if (!is_null($errArray)) {
$page->assign('survey_errors', $errArray);
}
+
}
// }}}
// {{{ function show_success() : calls the template to display a success message
- function show_success(&$page, $message = "", $link = "")
+ function show_success($page, $message = "", $link = "")
{
$page->changeTpl('survey/success.tpl');
$page->assign('survey_message', $message);