diff --git a/admin/survey/classes/class.SurveyTelephone.php b/admin/survey/classes/class.SurveyTelephone.php index 3c94787b1..e8fab94ba 100644 --- a/admin/survey/classes/class.SurveyTelephone.php +++ b/admin/survey/classes/class.SurveyTelephone.php @@ -698,7 +698,7 @@ class SurveyTelephone { $onlyThisSurvey = (isset($_SESSION['inv_rec_only_this_survey']) && $_SESSION['inv_rec_only_this_survey'] == false) ? 0 : 1; if ($onlyThisSurvey == 0) { #id-ji profilov do katerih lahko dostopamo - $sql_string = "SELECT name, pid FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."') OR pid IN (SELECT DISTINCT pid FROM srv_invitations_recipients_profiles_access where uid = '$global_user_id')"; + $sql_string = "SELECT name, pid FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."') OR pid IN (SELECT DISTINCT pid FROM srv_invitations_recipients_profiles_access where uid = '$global_user_id')"; $sql_query = sisplet_query($sql_string); } else { # 1 @@ -2865,7 +2865,7 @@ class SurveyTelephone { $array_profiles = array(); # polovimo še ostale porfile - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."') AND from_survey = '".$this->sid. "'"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."') AND from_survey = '".$this->sid. "'"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $array_profiles[$sql_row['pid']] = array('name' => $sql_row['name'], 'comment'=>$sql_row['comment']); diff --git a/admin/survey/classes/surveyEmails/class.SurveyInvitationsNew.php b/admin/survey/classes/surveyEmails/class.SurveyInvitationsNew.php index 2d21a4f6b..68f645aec 100644 --- a/admin/survey/classes/surveyEmails/class.SurveyInvitationsNew.php +++ b/admin/survey/classes/surveyEmails/class.SurveyInvitationsNew.php @@ -3289,7 +3289,7 @@ class SurveyInvitationsNew { # polovimo sezname $lists = array(); - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $lists[$sql_row['pid']] = $sql_row['name']; @@ -3442,7 +3442,7 @@ class SurveyInvitationsNew { # polovimo sezname $lists = array(); - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $lists[$sql_row['pid']] = $sql_row['name']; @@ -4534,7 +4534,7 @@ class SurveyInvitationsNew { echo '
'; # polovimo sezname $lists = array(); - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $lists[$sql_row['pid']] = $sql_row['name']; @@ -4879,34 +4879,12 @@ class SurveyInvitationsNew { $array_profiles[-1] = array('name' => $_SESSION['inv_rec_profile'][$this->sid]['name']); } $array_profiles[0] = array('name' => $lang['srv_temp_profile_author']); - /* - $_only_this_survey = (isset($_SESSION['inv_rec_only_this_survey']) && $_SESSION['inv_rec_only_this_survey'] == false) ? '' : " AND from_survey = '".$this->sid. "'" ; - - $ppid = isset($_POST['pid']) ? (int)$_POST['pid'] : -1; - - #id-ji profilov do katerih lahko dostopamo - $accPid = ''; - $accStr = "SELECT DISTINCT pid FROM srv_invitations_recipients_profiles_access where uid = '$global_user_id'"; - $accQry = sisplet_query($accStr); - while (list($pid) = mysqli_fetch_row($accQry)) { - $accPid .= $prefix."'".$pid."'"; - $prefix = ','; - } - if ($accPid != '') { - $accPid = ' OR pid IN ('.$accPid.')'; - } - # polovimo še ostale porfile - $sql_string = "SELECT pid, name FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')".$accPid.$_only_this_survey; - $sql_query = sisplet_query($sql_string); - while ($sql_row = mysqli_fetch_assoc($sql_query)) { - $array_profiles[$sql_row['pid']] = array('name' => $sql_row['name']); - } - */ + $onlyThisSurvey = (isset($_SESSION['inv_rec_only_this_survey']) && (int)$_SESSION['inv_rec_only_this_survey'] == 1) ? false : true; if ($onlyThisSurvey == 0) { #id-ji profilov do katerih lahko dostopamo - $sql_string = "SELECT * FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."') OR pid IN (SELECT DISTINCT pid FROM srv_invitations_recipients_profiles_access where uid = '$global_user_id')"; + $sql_string = "SELECT * FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."') OR pid IN (SELECT DISTINCT pid FROM srv_invitations_recipients_profiles_access where uid = '$global_user_id')"; $sql_query = sisplet_query($sql_string); } else { # 1 @@ -5150,12 +5128,12 @@ class SurveyInvitationsNew { else { # dodajamo v obstoječ profil # polovimo podatke obstoječega profila - $sql_string = "SELECT * FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."') AND pid = '".$profile_id."'"; + $sql_string = "SELECT * FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."') AND pid = '".$profile_id."'"; $sql_query = sisplet_query($sql_string); $sql_row = mysqli_fetch_assoc($sql_query); $respondents = $sql_row['respondents']."\n".$recipients_list; - $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET respondents = '".$respondents."', comment='".$profile_comment."' WHERE uid in('0', '".$global_user_id."') AND pid = '".$profile_id."'"; + $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET respondents = '".$respondents."', comment='".$profile_comment."' WHERE uid in('".$global_user_id."') AND pid = '".$profile_id."'"; $sqlQuery = sisplet_query($sql_string_update); sisplet_query("COMMIT"); if (!$sqlQuery) { @@ -6614,7 +6592,7 @@ class SurveyInvitationsNew { # polovimo sezname $lists = array(); - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $lists[$sql_row['pid']] = $sql_row['name']; @@ -7959,7 +7937,7 @@ class SurveyInvitationsNew { } # polovimo še ostale porfile - $sql_string = "SELECT rp.*,DATE_FORMAT(rp.insert_time,'%d.%m.%Y, %T') AS ds, u.name as firstname, u.surname, u.email FROM srv_invitations_recipients_profiles AS rp LEFT JOIN users AS u ON rp.uid = u.id WHERE rp.uid in('0', '".$global_user_id."')".($accPid != '' ? ' OR pid IN ('.$accPid.')':''); + $sql_string = "SELECT rp.*,DATE_FORMAT(rp.insert_time,'%d.%m.%Y, %T') AS ds, u.name as firstname, u.surname, u.email FROM srv_invitations_recipients_profiles AS rp LEFT JOIN users AS u ON rp.uid = u.id WHERE rp.uid in('".$global_user_id."')".($accPid != '' ? ' OR pid IN ('.$accPid.')':''); $sql_query = sisplet_query($sql_string); } else if ($onlyThisSurvey == 2) { @@ -8468,7 +8446,7 @@ class SurveyInvitationsNew { session_start(); # polovimo še ostale porfile - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')"; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')"; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $array_profiles[$sql_row['pid']] = array('name' => $sql_row['name'], 'comment'=>$sql_row['comment']); @@ -8541,7 +8519,7 @@ class SurveyInvitationsNew { $rec_profile_comment = $_POST['rec_profile_comment']; # dodajamo v obstoječ profil - $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET name='$rec_profile_name', comment='$rec_profile_comment', respondents = '$recipients_list', fields='$field_list' WHERE uid in('0', '$global_user_id') AND pid = '$profile_id'"; + $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET name='$rec_profile_name', comment='$rec_profile_comment', respondents = '$recipients_list', fields='$field_list' WHERE uid in('$global_user_id') AND pid = '$profile_id'"; $sqlQuery = sisplet_query($sql_string_update); sisplet_query("COMMIT"); $this->removeDuplicates($profile_id); @@ -8591,7 +8569,7 @@ class SurveyInvitationsNew { sisplet_query("COMMIT"); } else { # dodajamo v obstoječ profil - $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET name='$profile_name', respondents = '$recipients_list', comment='$profile_comment' WHERE uid in('0', '$global_user_id') AND pid = '$profile_id'"; + $sql_string_update = "UPDATE srv_invitations_recipients_profiles SET name='$profile_name', respondents = '$recipients_list', comment='$profile_comment' WHERE uid in('$global_user_id') AND pid = '$profile_id'"; $sqlQuery = sisplet_query($sql_string_update); sisplet_query("COMMIT"); @@ -9494,7 +9472,7 @@ class SurveyInvitationsNew { $_only_this_survey = (isset($_SESSION['inv_rec_only_this_survey']) && (int)$_SESSION['inv_rec_only_this_survey'] == 1) ? '' : " AND from_survey = '".$this->sid. "'" ; # polovimo še ostale porfile - $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('0', '".$global_user_id."')".$_only_this_survey; + $sql_string = "SELECT pid, name,comment FROM srv_invitations_recipients_profiles WHERE uid in('".$global_user_id."')".$_only_this_survey; $sql_query = sisplet_query($sql_string); while ($sql_row = mysqli_fetch_assoc($sql_query)) { $array_profiles[$sql_row['pid']] = array('name' => $sql_row['name'], 'comment'=>$sql_row['comment']);