X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fsurvey.php;h=3c536254f381d12b268fe0b5f50f446302da25ed;hb=12262f1306059765d8625a6752364679c8625d31;hp=70dad6ab070ad1162c2d98e60095fad93a54eb9a;hpb=4b8c8634135be601c610e69322bd9b5e95680f73;p=platal.git diff --git a/modules/survey.php b/modules/survey.php index 70dad6a..3c53625 100644 --- a/modules/survey.php +++ b/modules/survey.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_PUBLIC), - 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC), - 'survey/result' => $this->make_hook('result', AUTH_PUBLIC), - 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE), - 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE), - 'survey/admin' => $this->make_hook('admin', AUTH_MDP, 'admin'), - 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_MDP, 'admin'), + 'survey' => $this->make_hook('index', AUTH_PUBLIC), + 'survey/vote' => $this->make_hook('vote', AUTH_PUBLIC), + 'survey/result' => $this->make_hook('result', AUTH_PUBLIC), + 'survey/edit' => $this->make_hook('edit', AUTH_COOKIE), + 'survey/ajax' => $this->make_hook('ajax', AUTH_COOKIE), + 'survey/admin' => $this->make_hook('admin', AUTH_MDP, 'admin'), + 'survey/admin/edit' => $this->make_hook('adminEdit', AUTH_MDP, 'admin'), 'survey/admin/valid' => $this->make_hook('adminValidate', AUTH_MDP, 'admin'), - 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_MDP, 'admin'), + 'survey/admin/del' => $this->make_hook('adminDelete', AUTH_MDP, 'admin'), ); } // }}} @@ -41,7 +41,7 @@ class SurveyModule extends PLModule // {{{ function handler_index() : lists all available surveys function handler_index(&$page, $action = null) { - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $this->load('survey.inc.php'); $page->changeTpl('survey/index.tpl'); $page->assign('survey_current', Survey::retrieveList('c')); $page->assign('survey_old', Survey::retrieveList('o')); @@ -57,33 +57,37 @@ class SurveyModule extends PLModule } $id = intval($id); if ($id == -1) { - return $this->show_error($page, "Un identifiant de sondage doit être précisé.", ''); + return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey'); } - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $this->load('survey.inc.php'); $survey = Survey::retrieveSurvey($id); // retrieves the survey object structure if ($survey == null || !$survey->isValid()) { - return $this->show_error($page, "Sondage ".$id." introuvable.", ''); + return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey'); } elseif ($survey->isEnded()) { - return $this->show_error($page, "Le sondage ".$survey->getTitle()." est terminé."); + return $this->show_error($page, "Le sondage ".$survey->getTitle()." est terminé.", 'survey'); } if (!$this->check_surveyPerms($page, $survey)) { - return; + return PL_DO_AUTH; } if (Post::has('survey_submit')) { // checks if the survey has already been filled in + // admins can see the survey but not vote + if (!$this->check_surveyPerms($page, $survey, false, false)) { + return PL_DO_AUTH; + } $uid = 0; if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni $uid = S::v('uid'); if ($survey->hasVoted($uid)) { // checks whether the user has already voted - return $this->show_error($page, "Tu as déjà voté à ce sondage."); + return $this->show_error($page, "Tu as déjà voté à ce sondage.", 'survey'); } } $survey->vote($uid, Post::v('survey'.$id)); // performs vote - $this->show_success($page, "Ta réponse a bien été prise en compte. Merci d'avoir participé à ce sondage.", ''); + $this->show_success($page, "Ta réponse a bien été prise en compte. Merci d'avoir participé à ce sondage.", 'survey'); } else { // offers to fill in the survey if ($survey->isMode(Survey::MODE_ALL) || !$survey->hasVoted(S::v('uid'))) { $page->assign('survey_votemode', true); } else { - $page->assign('survey_warning', "Tu as déjà voté à ce sondage."); + $page->assign('survey_warning', "Tu as déjà voté à ce sondage."); } //$page->assign('survey_id', $id); $this->show_survey($page, $survey); @@ -96,20 +100,21 @@ class SurveyModule extends PLModule { $id = intval($id); if ($id == -1) { - return $this->show_error($page, "Un identifiant de sondage doit être précisé.", ''); + return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey'); } - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $this->load('survey.inc.php'); $survey = Survey::retrieveSurvey($id); // retrieves the survey object structure if ($survey == null || !$survey->isValid()) { - return $this->show_error($page, "Sondage ".$id." introuvable.", ''); - } elseif (!$survey->isEnded()) { - return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé."); + return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey'); + } elseif (!$survey->isEnded() && !$survey->canSeeEarlyResults(S::user())) { + return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey'); } - if (!$this->check_surveyPerms($page, $survey)) { - return; + if (!$survey->canSeeEarlyResults(S::user()) && !$this->check_surveyPerms($page, $survey)) { + return PL_DO_AUTH; } if ($show == 'csv') { - header('Content-Type: text/csv; charset="UTF-8"'); + pl_content_headers("text/csv"); + header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"'); echo $survey->toCSV(); exit; } else { @@ -122,7 +127,7 @@ class SurveyModule extends PLModule // {{{ function handler_admin() : index of admin mode function handler_admin(&$page, $id = -1) { - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $this->load('survey.inc.php'); $this->clear_session(); if ($id == -1) { $page->changeTpl('survey/admin.tpl'); @@ -131,9 +136,10 @@ class SurveyModule extends PLModule $page->assign('survey_old', Survey::retrieveList('o')); $page->assign('survey_modes', Survey::getModes(false)); } else { + $id = intval($id); $survey = Survey::retrieveSurvey($id); // retrieves all survey object structure if ($survey == null) { - $this->show_error($page, "Sondage ".$id." introuvable.", 'admin'); + $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin'); } $page->assign('survey_adminmode', true); $this->show_survey($page, $survey); @@ -142,15 +148,27 @@ class SurveyModule extends PLModule // }}} // {{{ function handler_adminEdit() : edits a survey in admin mode - function handler_adminEdit(&$page, $id = -1) + function handler_adminEdit(&$page, $id = -1, $req = -1) { - if ($id == -1) { - return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'admin'); + if ($id == -1 || ($id == 'req' && $req == -1)) { + return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin'); } - require_once dirname(__FILE__).'/survey/survey.inc.php'; - $survey = Survey::retrieveSurvey($id); // retrieves the survey in database + $this->load('survey.inc.php'); $this->clear_session(); // cleans session (in case there would have been a problem before) - $this->store_session($survey, $id); + if ($id == 'req') { + $survey = Survey::retrieveSurveyReq($req); + if ($survey == null) { + return $this->show_error($page, "Sondage introuvable.", 'survey/admin'); + } + $this->store_session($survey, $req, true); + } else { + $id = intval($id); + $survey = Survey::retrieveSurvey($id); // retrieves the survey in database + if ($survey == null) { + return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin'); + } + $this->store_session($survey, $id); + } $this->handler_edit($page, 'show'); // calls handler_edit, but in admin mode since 'survey_id' is in session } // }}} @@ -164,22 +182,23 @@ class SurveyModule extends PLModule return $this->handler_admin(&$page, $id); } if ($id == -1) { - return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'admin'); + return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin'); } - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $id = intval($id); + $this->load('survey.inc.php'); $surveyInfo = Survey::retrieveSurveyInfo($id); // retrieves information about the survey (does not retrieve and unserialize the object structure) if ($surveyInfo == null) { - return $this->show_error($page, "Sondage ".$id." introuvable.", 'admin'); + return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin'); } if (Post::has('survey_submit')) { // needs a confirmation before validation if (Survey::validateSurvey($id)) { // validates the survey (in the database) - $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été validé, les votes sont maintenant ouverts.", 'admin'); + $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été validé, les votes sont maintenant ouverts.", 'survey/admin'); } else { - $this->show_error($page, '', 'admin'); + $this->show_error($page, '', 'survey/admin'); } } else { // asks for a confirmation - $this->show_confirm($page, "Êtes-vous certain de vouloir valider le sondage \"".$surveyInfo['title']."\" ? " - ."Les votes seront immédiatement ouverts.", 'admin/valid', array('id' => $id)); + $this->show_confirm($page, "Êtes-vous certain de vouloir valider le sondage \"".$surveyInfo['title']."\" ? " + ."Les votes seront immédiatement ouverts.", 'admin/valid', array('id' => $id)); } } // }}} @@ -192,21 +211,22 @@ class SurveyModule extends PLModule return $this->handler_admin(&$page, $id); } if ($id == -1) { - return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'admin'); + return $this->show_error($page, "Un identifiant de sondage doit être précisé.", 'survey/admin'); } - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $id = intval($id); + $this->load('survey.inc.php'); $surveyInfo = Survey::retrieveSurveyInfo($id); // retrieves information about the survey (does not retrieve and unserialize the object structure) if ($surveyInfo == null) { - return $this->show_error($page, "Sondage ".$id." introuvable.", 'admin'); + return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey/admin'); } if (Post::has('survey_submit')) { // needs a confirmation before suppression if (Survey::deleteSurvey($id)) { // deletes survey in database - $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été supprimé, ainsi que tous les votes le concernant.", 'admin'); + $this->show_success($page, "Le sondage \"".$surveyInfo['title']."\" a bien été supprimé, ainsi que tous les votes le concernant.", 'survey/admin'); } else { - $this->show_error($page, '', 'admin'); + $this->show_error($page, '', 'survey/admin'); } } else { // asks for a confirmation - $this->show_confirm($page, "Êtes-vous certain de vouloir supprimer le sondage \"".$surveyInfo['title']."\" ?", 'admin/del', array('id' => $id)); + $this->show_confirm($page, "Êtes-vous certain de vouloir supprimer le sondage \"".$surveyInfo['title']."\" ?", 'admin/del', array('id' => $id)); } } // }}} @@ -214,7 +234,7 @@ class SurveyModule extends PLModule // {{{ function handler_edit() : edits a survey (in normal mode unless called by handler_adminEdit() ) function handler_edit(&$page, $action = 'show', $qid = 'root') { - require_once dirname(__FILE__).'/survey/survey.inc.php'; + $this->load('survey.inc.php'); $action = Post::v('survey_action', $action); $qid = Post::v('survey_qid', $qid); if (Post::has('survey_cancel')) { // after cancelling changes, shows the survey @@ -236,7 +256,7 @@ class SurveyModule extends PLModule $survey = unserialize(S::v('survey')); $args = Post::v('survey_question'); if (!$survey->editQuestion($qid, $args)) { // update the survey object structure - return $this->show_error($page, '', 'edit'); + return $this->show_error($page, '', 'survey/edit'); } $this->show_survey($page, $survey); $this->store_session($survey); @@ -244,7 +264,7 @@ class SurveyModule extends PLModule $survey = unserialize(S::v('survey')); $current = $survey->toArray($qid); // gets the current parameters of the question if ($current == null) { - return $this->show_error($page, '', 'edit'); + return $this->show_error($page, '', 'survey/edit'); } $this->show_form($page, $action, $qid, $current['type'], $current); } // }}} @@ -256,13 +276,13 @@ class SurveyModule extends PLModule $this->store_session($survey); } else { $this->clear_session(); - $this->show_form($page, $action, 'root', 'root'); + $this->show_form($page, $action, 'root', 'newsurvey'); } // }}} } elseif ($action == 'add') { // {{{ adds a new question if (Post::has('survey_submit')) { // if the form has been submitted, adds the question $survey = unserialize(S::v('survey')); if (!$survey->addQuestion($qid, $survey->factory(Post::v('survey_type'), Post::v('survey_question')))) { - return $this->show_error($page, '', 'edit'); + return $this->show_error($page, '', 'survey/edit'); } $this->show_survey($page, $survey); $this->store_session($survey); @@ -273,7 +293,7 @@ class SurveyModule extends PLModule if (Post::has('survey_submit')) { // if a confirmation has been sent, deletes the question $survey = unserialize(S::v('survey')); if (!$survey->delQuestion(Post::v('survey_qid'))) { // deletes the node in the survey object structure - return $this->show_error($page, '', 'edit'); + return $this->show_error($page, '', 'survey/edit'); } $this->show_survey($page, $survey); $this->store_session($survey); @@ -281,10 +301,10 @@ class SurveyModule extends PLModule $survey = unserialize(S::v('survey')); $current = $survey->toArray($qid); // needed to get the title of the question to delete (more user-friendly than an id) if ($current == null) { - return $this->show_error($page, '', 'edit'); + return $this->show_error($page, '', 'survey/edit'); } - $this->show_confirm($page, 'Êtes-vous certain de vouloir supprimer la question intitulé "'.$current['question'].'" ? ' - .'Attention, cela supprimera en même temps toutes les questions qui dépendent de celle-ci.', + $this->show_confirm($page, 'Êtes-vous certain de vouloir supprimer la question intitulé "'.$current['question'].'" ? ' + .'Attention, cela supprimera en même temps toutes les questions qui dépendent de celle-ci.', 'edit', array('action' => 'del', 'qid' => $qid)); } // }}} } elseif ($action == 'show') { // {{{ simply shows the survey in its current state @@ -294,17 +314,18 @@ class SurveyModule extends PLModule if (Post::has('survey_submit')) { // needs a confirmation before storing the proposition $survey = unserialize(S::v('survey')); if (S::has('survey_id')) { // if 'survey_id' is in session, we are modifying an existing survey (in admin mode) instead of proposing a new one + $link = (S::has('survey_validate'))? 'admin/validate' : 'survey/admin'; if ($survey->updateSurvey()) { // updates the database according the new survey object structure - $this->show_success($page, "Les modifications sur le sondage ont bien été enregistrées.", 'admin'); + $this->show_success($page, "Les modifications sur le sondage ont bien été enregistrées.", $link); } else { - $this->show_error($page, '', 'admin'); + $this->show_error($page, '', $link); } } else { // if no 'survey_id' is in session, we are indeed proposing a new survey if ($survey->proposeSurvey()) { // stores the survey object structure in database - $this->show_success($page, "Votre proposition de sondage a bien été enregistrée, - elle est en attent de validation par un administrateur du site.", ''); + $this->show_success($page, "Votre proposition de sondage a bien été enregistrée, + elle est en attente de validation par un administrateur du site.", 'survey'); } else { - $this->show_error($page); + $this->show_error($page, '', 'survey'); } } $this->clear_session(); @@ -312,10 +333,10 @@ class SurveyModule extends PLModule $survey = unserialize(S::v('survey')); $errors = $survey->checkSyntax(); if (!is_null($errors)) { - $this->show_error($page, "", 'edit', $errors); + $this->show_error($page, "", 'survey/edit', $errors); } else { if (S::has('survey_id')) { - $this->show_confirm($page, "Veuillez confirmer l'enregistrement des modifications apportées à ce sondage", 'edit', array('action' => 'valid')); + $this->show_confirm($page, "Veuillez confirmer l'enregistrement des modifications apportées à ce sondage.", 'edit', array('action' => 'valid')); } else { $this->show_confirm($page, "Veuillez confirmer l'envoi de cette proposition de sondage.", 'edit', array('action' => 'valid')); } @@ -323,27 +344,32 @@ class SurveyModule extends PLModule } // }}} } elseif ($action == 'cancel') { // {{{ cancels the creation/modification of a survey if (Post::has('survey_submit')) { // needs a confirmation - if (S::has('survey_id')) { // only possible when modifying a survey in admin mode, still this should be considered again, - $this->clear_session(); // maybe some name with "admin" in it, "survey_adminid" or anything that might not be confusing. - return $this->handler_admin($page); // in this case, shows the admin index + if (S::has('survey_id')) { // only possible when modifying a survey in admin mode + if (S::has('survey_validate')) { // if a link has been supplied, uses it + $this->clear_session(); + return $this->show_success($page, "Les modifications effectuées ont été annulées", 'admin/validate'); + } else { // else shows the admin index + $this->clear_session(); + return $this->handler_admin($page); + } } else { - $this->clear_session(); // cleans session + $this->clear_session(); return $this->handler_index($page); // else shows the 'normal' index } } else { // asks for a confirmation if it has not been sent - $this->show_confirm(&$page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, " - ."toutes les données éditées jusque lâ seront définitivement perdues.", + $this->show_confirm(&$page, "Êtes-vous certain de vouloir annuler totalement l'édition de ce sondage ? Attention, " + ."toutes les données éditées jusque là seront définitivement perdues.", 'edit', array('action' => $action)); } } // }}} } // }}} - + // {{{ function handler_ajax() : some ajax in editing a new question (for now, there may be a little more later) function handler_ajax(&$page, $type) { - require_once dirname(__FILE__).'/survey/survey.inc.php'; - header('Content-Type: text/html; charset="UTF-8"'); + $this->load('survey.inc.php'); + pl_content_headers("text/html"); if (Survey::isType($type)) { // when type has been chosen, the form is updated to fit exactly the type of question chosen $page->changeTpl('survey/edit_new.tpl', NO_SKIN); $page->assign('survey_types', Survey::getTypes()); @@ -357,35 +383,58 @@ class SurveyModule extends PLModule { S::kill('survey'); S::kill('survey_id'); + S::kill('survey_validate'); } // }}} // {{{ function store_session() : serializes and stores survey (and survey_id) in session - function store_session($survey, $survey_id = -1) + function store_session($survey, $survey_id = -1, $survey_validate = false) { $_SESSION['survey'] = serialize($survey); if ($survey_id != -1) { $_SESSION['survey_id'] = $survey_id; } + if ($survey_validate) { + $_SESSION['survey_validate'] = true; + } } // }}} // {{{ function check_surveyPerms() : checks the particular surveys access permissions - function check_surveyPerms(&$page, $survey) + function check_surveyPerms(&$page, $survey, $silent = false, $admin_allowed = true) { - require_once dirname(__FILE__).'/survey/survey.inc.php'; - if (!$survey->isMode(Survey::MODE_ALL)) { // if the survey is reserved to alumni - global $globals; - if (!call_user_func(array($globals->session, 'doAuth'))) { // checks authentification - global $platal; - $platal->force_login($page); + $this->load('survey.inc.php'); + if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni + return true; + } + if (!S::logged()) { + return false; + } + $profile = S::user()->profile(); + if (!$profile) { + return false; + } + // checks promotion + $allowed = false; + foreach ($profile->yearspromo() as $p) { + if ($survey->checkPromo($p)) { + $allowed = true; + break; } - if (!$survey->checkPromo(S::v('promo'))) { // checks promotion - $this->show_error($page, "Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions."); - return false; + } + if ($allowed) { + return true; + } + if (S::admin() && $admin_allowed) { + if (!$silent) { + $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.'); } + return true; + } + if (!$silent) { + $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions."); } - return true; + return false; } // }}} @@ -412,12 +461,12 @@ class SurveyModule extends PLModule $page->addJsLink('ajax.js'); $page->assign('survey_types', Survey::getTypes()); } - if ($type == 'root') { + if ($type == 'root' || $type == 'newsurvey') { $page->assign('survey_modes', Survey::getModes()); } } // }}} - + // {{{ function show_confirm() : calls the template to display a confirm form function show_confirm(&$page, $message, $formaction, $formhidden = null) { @@ -433,10 +482,11 @@ class SurveyModule extends PLModule { $page->changeTpl('survey/error.tpl'); $page->assign('survey_message', $message); - $page->assign('survey_link', './survey/'.$link); // 'return' link to let the user leave the page + $page->assign('survey_link', $link); // 'return' link to let the user leave the page if (!is_null($errArray)) { $page->assign('survey_errors', $errArray); } + } // }}} @@ -445,10 +495,10 @@ class SurveyModule extends PLModule { $page->changeTpl('survey/success.tpl'); $page->assign('survey_message', $message); - $page->assign('survey_link', './survey/'.$link); // 'return' link to let the user leave the page + $page->assign('survey_link', $link); // 'return' link to let the user leave the page } // }}} } -// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: +// vim:set et sw=4 sts=4 ts=4 foldmethod=marker enc=utf-8: ?>