return PL_DO_AUTH;
}
if (Post::has('survey_submit')) { // checks if the survey has already been filled in
+ // admins can see the survey but not vote
+ if (!$this->check_surveyPerms($page, $survey, false, false)) {
+ return PL_DO_AUTH;
+ }
$uid = 0;
if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni
$uid = S::v('uid');
$survey = Survey::retrieveSurvey($id); // retrieves the survey object structure
if ($survey == null || !$survey->isValid()) {
return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey');
- } elseif (!$survey->isEnded()) {
+ } elseif (!$survey->isEnded() && !$survey->canSeeEarlyResults(S::user())) {
return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey');
}
- if (!$this->check_surveyPerms($page, $survey)) {
+ if (!$survey->canSeeEarlyResults(S::user()) && !$this->check_surveyPerms($page, $survey)) {
return PL_DO_AUTH;
}
if ($show == 'csv') {
pl_content_headers("text/csv");
+ header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"');
echo $survey->toCSV();
exit;
} else {
// }}}
// {{{ function check_surveyPerms() : checks the particular surveys access permissions
- function check_surveyPerms(&$page, $survey, $silent = false)
+ function check_surveyPerms(&$page, $survey, $silent = false, $admin_allowed = true)
{
$this->load('survey.inc.php');
if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni
if ($allowed) {
return true;
}
+ if (S::admin() && $admin_allowed) {
+ if (!$silent) {
+ $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
+ }
+ return true;
+ }
if (!$silent) {
$page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
}
projects / platal.git / blobdiff