X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fsurvey.php;h=8ce9d73669c50ad54d1b47188a8bcadd6e945973;hb=dd36cc0d7c791ef442c43eb90e4c52c748947dc3;hp=03829f0a7297e2ff73c7a17d53da7dd66004cd7c;hpb=12678e901f4d02dedfb7ffcd31f41d509fb68a8d;p=platal.git

diff --git a/modules/survey.php b/modules/survey.php
index 03829f0..8ce9d73 100644
--- a/modules/survey.php
+++ b/modules/survey.php
@@ -70,6 +70,10 @@ class SurveyModule extends PLModule
             return PL_DO_AUTH;
         }
         if (Post::has('survey_submit')) { // checks if the survey has already been filled in
+            // admins can see the survey but not vote
+            if (!$this->check_surveyPerms($page, $survey, false, false)) {
+                return PL_DO_AUTH;
+            }
             $uid = 0;
             if (!$survey->isMode(Survey::MODE_ALL)) { // if survey is restriced to alumni
                 $uid = S::v('uid');
@@ -102,7 +106,7 @@ class SurveyModule extends PLModule
         $survey = Survey::retrieveSurvey($id); // retrieves the survey object structure
         if ($survey == null || !$survey->isValid()) {
             return $this->show_error($page, "Sondage ".$id." introuvable.", 'survey');
-        } elseif (!$survey->isEnded()) {
+        } elseif (!$survey->isEnded() && !$survey->canSeeEarlyResults(S::user())) {
             return $this->show_error($page, "Le sondage ".$survey->getTitle()." n'est pas encore terminé.", 'survey');
         }
         if (!$this->check_surveyPerms($page, $survey)) {
@@ -110,6 +114,7 @@ class SurveyModule extends PLModule
         }
         if ($show == 'csv') {
             pl_content_headers("text/csv");
+            header('Content-Disposition: attachment; filename="'.addslashes($survey->getTitle()).'.csv"');
             echo $survey->toCSV();
             exit;
         } else {
@@ -396,7 +401,7 @@ class SurveyModule extends PLModule
     // }}}
 
     // {{{ function check_surveyPerms() : checks the particular surveys access permissions
-    function check_surveyPerms(&$page, $survey, $silent = false)
+    function check_surveyPerms(&$page, $survey, $silent = false, $admin_allowed = true)
     {
         $this->load('survey.inc.php');
         if ($survey->isMode(Survey::MODE_ALL)) { // if the survey is not reserved to alumni
@@ -420,6 +425,12 @@ class SurveyModule extends PLModule
         if ($allowed) {
             return true;
         }
+        if (S::admin() && $admin_allowed) {
+            if (!$silent) {
+                $page->trigWarning('Tu as accès à ce sondage car tu es administrateur du site.');
+            }
+            return true;
+        }
         if (!$silent) {
             $page->kill("Tu n'as pas accès à ce sondage car il est réservé à d'autres promotions.");
         }