may/1KA_F2F
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

V urlju za izpolnjevanje ankete imamo po novem random 8-mestni hash namesto id-ja ankete. VECJI UPDATE - POTREBNO DOBRO TESTIRATI

Browse Source
This commit is contained in:
pero1203 2021-09-30 14:11:09 +02:00
parent 089c643e85
commit aace61b391
34 changed files with 170 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
admin/survey/SurveyAdmin.php
View File

@ -211,6 +211,7 @@ class SurveyAdmin
echo '<form name="meta" action="" style="display:none">';
echo '<input type="hidden" name="anketa" id="srv_meta_anketa_id" value="' . $this->anketa . '" />';
echo '<input type="hidden" name="anketa_hash" id="srv_meta_anketa_hash" value="' . SurveyInfo::getInstance()->getSurveyHash() . '" />';
echo '<input type="hidden" name="srv_site_url" id="srv_site_url" value="' . $site_url . '" />';
echo '<input type="hidden" name="grupa" id="srv_meta_grupa" value="' . $this->grupa . '" />';
echo '<input type="hidden" name="branching" id="srv_meta_branching" value="' . $this->branching . '" />';
@ -3792,7 +3793,6 @@ class SurveyAdmin
{
global $site_url;
//return '&lt;iframe id="1ka" src="'.$site_url.'main/survey/index.php?anketa='.$this->anketa.'" scrolling="auto" frameborder="0" width="100%"&gt;&lt;/iframe&gt;&lt;script type="text/javascript"&gt;function r(){var a=window.location.hash.replace("#","");if(a.length==0)return;document.getElementById("1ka").style.height=a+"px";window.location.hash=""};window.setInterval(\\\'r()\\\',100);&lt;/script&gt;';
$iframe = '<iframe id="1ka" src="' . SurveyInfo::getSurveyLink() . '" height="400px" width="100%" scrolling="auto" frameborder="0"></iframe>';
$javascript = '<script type="text/javascript">function r(){var a=window.location.hash.replace("#","");if(a.length==0)return;document.getElementById("1ka").style.height=a+"px";window.location.hash=""};window.setInterval("r()",100);</script>';
@ -4601,11 +4601,15 @@ class SurveyAdmin
$mobile_skin = 'Mobile'.$skin;
}
$sql = sisplet_query("INSERT INTO srv_anketa (id, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, show_intro, show_concl, survey_type, lang_admin, lang_resp, active, skin, mobile_skin) " .
"VALUES ('', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '$text', '$url', '$intro_opomba', '$showIntro', '$showConcl', '$survey_type', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '$skin', '$mobile_skin')");
// Nastavimo se hash
$hash = Common::generateSurveyHash();
$sql = sisplet_query("INSERT INTO srv_anketa (id, hash, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, show_intro, show_concl, survey_type, lang_admin, lang_resp, active, skin, mobile_skin) " .
"VALUES ('', '".$hash."', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '$text', '$url', '$intro_opomba', '$showIntro', '$showConcl', '$survey_type', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '$skin', '$mobile_skin')");
if (!$sql) {
$error = mysqli_error($GLOBALS['connect_db']);
}
$anketa = mysqli_insert_id($GLOBALS['connect_db']);
@ -4614,8 +4618,7 @@ class SurveyAdmin
// Updatamo srv_activity, ce je anketa aktivna - drugace se ne zabelezi ok ko se deaktivira
if ($autoActiveSurvey == 1) {
$activity_insert_string = "INSERT INTO srv_activity (sid, starts, expire, uid) VALUES('" . $anketa . "', $starts, $expire, '" . $global_user_id . "' );";
$sql_insert = sisplet_query($activity_insert_string);
$sql_insert = sisplet_query("INSERT INTO srv_activity (sid, starts, expire, uid) VALUES ('".$anketa."', $starts, $expire, '".$global_user_id."')");
}
// vnesemo tudi 1. grupo aka page
@ -4648,6 +4651,7 @@ class SurveyAdmin
//popravljanje default nastavitev - stat=0, show_intro=0
$sqlSpr = sisplet_query("UPDATE srv_spremenljivka SET stat = '0' WHERE id = '$spr_id'");
$sqlAnk = sisplet_query("UPDATE srv_anketa SET show_intro = '0', show_concl = '0', progressbar = '0', countType = '0', akronim = ' ' WHERE id = '$anketa'");
// vsilimo refresh podatkov
SurveyInfo::getInstance()->resetSurveyData();
}
@ -4694,12 +4698,6 @@ class SurveyAdmin
// Nastavimo obvescanje pri poteku ankete (default ob kreiranju ankete)
SurveyAlert::setDefaultAlertBeforeExpire();
// uporabniku dodamo anketo se v knjiznico "moje ankete"
// torej uporabniku ne bomo avtomatsko dodali ankete v knjiznico "moje ankete"
//$sqlk = sisplet_query("SELECT * FROM srv_library_folder WHERE uid='$uid' AND tip='1' AND parent='0'");
//$rowk = mysqli_fetch_array($sqlk);
//sisplet_query("INSERT INTO srv_library_anketa (ank_id, uid, folder) VALUES ('$anketa', '$uid', '$rowk[id]')");
return $anketa;
}
else{

13
admin/survey/SurveyAdminAjax.php
View File

@ -111,17 +111,6 @@ class SurveyAdminAjax {
header('Location: index.php?anketa=' . $this->anketa . '&grupa=' . $this->grupa . '');
}
/*
// meta podatki, ki jih beremo z JS
echo '<form name="meta" action="" style="display:none">';
echo '<input type="hidden" name="anketa" id="srv_meta_anketa_id" value="' . $this->anketa . '" />';
echo '<input type="hidden" name="grupa" id="srv_meta_grupa" value="' . $this->grupa . '" />';
echo '<input type="hidden" name="branching" id="srv_meta_branching" value="' . $this->branching . '" />';
echo '<input type="hidden" name="podstran" id="srv_meta_podstran" value="' . $_GET['m'] . '" />';
echo '<input type="hidden" name="akcija" id="srv_meta_akcija" value="' . $_GET['a'] . '" />';
echo '<input type="hidden" name="full_screen_edit" id="srv_meta_full_screen_edit" value="' . ($this->full_screen_edit == 1 ? 1 : 0) . '" />';
echo '</form>';
*/
}
// tole je, ce se inicializira v branhingu z $action=-1 (pa mogoce/najbrz se kje), da se ne prikazujejo 2x te meta podatki in redirecta...
@ -5412,7 +5401,7 @@ class SurveyAdminAjax {
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
$link = 'main/survey/uporabnost.php?anketa=' . $anketa ;
else
$link = 'main/survey/index.php?anketa=' . $anketa ;
$link = 'main/survey/index.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash();
// Dodamo nice url

3
admin/survey/SurveyAdminSettings.php
View File

@ -2351,7 +2351,7 @@ class SurveyAdminSettings {
$base_lang_resp = $lang['language'];
$p->include_base_lang();
$link1 = $site_url.'a/'.Common::encryptAnketaID($this->anketa);
$link1 = $site_url.'a/'.$row['hash'];
echo '<b><a href="'.$link1.'" target="_blank">'.$link1.'</a>'.(count($lang_array) > 0 ? ' - '.$base_lang_resp : '').'</b>';
echo '<a href="#" onclick="CopyToClipboard(\''.$link1.'\');" return false;" title="Kopiraj povezavo" class="srv_ico">'
@ -2648,7 +2648,6 @@ class SurveyAdminSettings {
SurveyInfo::getInstance()->SurveyInit($this->anketa);
$row = SurveyInfo::getInstance()->getSurveyRow();
//return '&lt;iframe id="1ka" src="'.$site_url.'main/survey/index.php?anketa='.$this->anketa.'" scrolling="auto" frameborder="0" width="100%"&gt;&lt;/iframe&gt;&lt;script type="text/javascript"&gt;function r(){var a=window.location.hash.replace("#","");if(a.length==0)return;document.getElementById("1ka").style.height=a+"px";window.location.hash=""};window.setInterval(\\\'r()\\\',100);&lt;/script&gt;';
$iframe = '<iframe id="1ka" src="'.$link.'?e=1" height="500px" width="100%" scrolling="auto" frameborder="0"></iframe>';
$javascript = '<script type="text/javascript">function r(){var a=window.location.hash.replace("#","");if(a.length==0)return;document.getElementById("1ka").style.height=a+"px";window.location.hash=""};window.setInterval("r()",100);'
.'</script>';

23
admin/survey/api/class.ApiSurvey.php
View File

@ -2144,12 +2144,14 @@ class ApiSurvey {
$res = sisplet_query("SELECT value FROM misc WHERE what='SurveyCookie'");
list ($SurveyCookie) = mysqli_fetch_row($res);
// Nastavimo se hash
$hash = Common::generateSurveyHash();
// GLASOVANJE
if ($survey_type == 0) {
$sql = sisplet_query("INSERT INTO srv_anketa (id, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, show_intro, show_concl, locked, mobile_created) " .
"VALUES ('', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '0', '$lang_admin', '$lang_resp', '0', '1kaBlue', '0', '0', '0', '$mobile_created')");
$sql = sisplet_query("INSERT INTO srv_anketa (id, hash, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, show_intro, show_concl, locked, mobile_created) " .
"VALUES ('', '".$hash."', $naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '0', '$lang_admin', '$lang_resp', '0', '1kaBlue', '0', '0', '0', '$mobile_created')");
if (!$sql) {
$error = mysqli_error($GLOBALS['connect_db']);
@ -2158,7 +2160,8 @@ class ApiSurvey {
if ($anketa > 0) {
$url .= 'a/' . $anketa;
$url .= 'a/' . $hash;
// vnesemo tudi 1. grupo aka page
$sql = sisplet_query("INSERT INTO srv_grupa (id, ank_id, naslov, vrstni_red) VALUES ('', '$anketa', '$lang[srv_stran] 1', '1')");
@ -2219,8 +2222,8 @@ class ApiSurvey {
$zakljucek_besedilo = $purifier->purify_DB($zakljucek['besedilo']);
$show_concl = ($zakljucek['hide_zakljucek'] == '1') ? 0 : 1;
$sql = sisplet_query("INSERT INTO srv_anketa (id, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, introduction, conclusion, show_intro, show_concl, locked, mobile_created) " .
"VALUES ('', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '2', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '1ka', '$uvod_besedilo', '$zakljucek_besedilo', '$show_intro', '$show_concl', '1', '$mobile_created')");
$sql = sisplet_query("INSERT INTO srv_anketa (id, hash, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, introduction, conclusion, show_intro, show_concl, locked, mobile_created) " .
"VALUES ('', '".$hash."', $naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '2', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '1ka', '$uvod_besedilo', '$zakljucek_besedilo', '$show_intro', '$show_concl', '1', '$mobile_created')");
if (!$sql) {
$error = mysqli_error($GLOBALS['connect_db']);
}
@ -2228,7 +2231,8 @@ class ApiSurvey {
if ($anketa > 0) {
$url .= 'a/' . $anketa;
$url .= 'a/' . $hash;
// vnesemo tudi 1. grupo aka page
$sql = sisplet_query("INSERT INTO srv_grupa (id, ank_id, naslov, vrstni_red) VALUES ('', '$anketa', '$lang[srv_stran] 1', '1')");
@ -2267,7 +2271,8 @@ class ApiSurvey {
$json_array['id'] = $anketa;
$json_array['note'] = 'Survey created';
} else {
}
else {
$json_array['error'] = 'Error creating survey';
}
@ -3521,7 +3526,7 @@ class ApiSurvey {
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
$link = 'main/survey/uporabnost.php?anketa=' . $anketa . '&skupina=' . $vre_id;
else
$link = 'main/survey/index.php?anketa=' . $anketa . '&skupina=' . $vre_id;
$link = 'main/survey/index.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
if ($add) {
$f = @fopen($site_path . '.htaccess', 'a');
@ -3628,7 +3633,7 @@ class ApiSurvey {
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
$link = 'main/survey/uporabnost.php?anketa=' . $anketa . '&skupina=' . $vre_id;
else
$link = 'main/survey/index.php?anketa=' . $anketa . '&skupina=' . $vre_id;
$link = 'main/survey/index.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
if ($add) {
$f = @fopen($site_path . '.htaccess', 'a');

2
admin/survey/classes/class.AppSettings.php
View File

@ -93,7 +93,7 @@ class AppSettings {
private static $instance = null;
private static $settings = array();
private $settings = array();
private function __construct(){

30
admin/survey/classes/class.Common.php
View File

@ -2063,29 +2063,23 @@ class Common {
return $help_url;
}
// Nov algoritem za id ankete v url-ju (ni vec stevilka ampak string - vsako liho stevilko zamenjamo z ustrezno crko npr. 1234 -> A2C4)
public static function encryptAnketaID($anketa_id){
// Nov algoritem za id ankete v url-ju za izpolnjevanje
public static function generateSurveyHash(){
// Ali imamo vklopljeno sifriranje id-ja anket v url-ju - ZENKRAT UGASNJENO
//if(true){
if(false){
$anketa_arr = str_split($anketa_id);
$anketa_string = '';
$unique = false;
foreach($anketa_arr as $pos => $num){
while(!$unique){
// Na lihih mestih pretvorimo stevilko v crko
if($pos % 2 == 0)
$anketa_string .= chr(97 + $num);
else
$anketa_string .= $num;
// Zgeneriramo random string z 8 znaki
$hash = substr(md5(uniqid(mt_rand(), true)), 0, 8);
// Preverimo ce slucajno ze obstaja v bazi
$sql = sisplet_query("SELECT 1 FROM srv_anketa WHERE hash='".$hash."' LIMIT 1");
if (mysqli_num_rows($sql) == 0)
$unique = true;
}
//$anketa_string = strtolower($anketa_string);
}
else
$anketa_string = $anketa_id;
return $anketa_string;
return $hash;
}
// Algoritem, ki iz texta ustvari strukturo vprasanj in variabel (za uvoz anekte iz texta)

17
admin/survey/classes/class.Library.php
View File

@ -301,7 +301,10 @@ class Library {
// nova anketa kot template iz knjiznice
echo '<a href="/" onclick="anketa_copy(\''.$row1['id'].'\'); return false;" title="'.$lang['srv_library_use_survey'].'"><span class="faicon copy"></span> <span class="library_item_setting_text">'.$lang['srv_anketacopy'].'</span></a> ';
echo '<a href="'.$site_url.'main/survey/'.(!SurveyInfo::getInstance()->checkSurveyModule('uporabnost') ? 'index' : 'uporabnost').'.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> <span class="library_item_setting_text">'.$lang['srv_poglejanketo2'].'</span></a> ';
if(SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
echo '<a href="'.$site_url.'main/survey/uporabnost.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> <span class="library_item_setting_text">'.$lang['srv_poglejanketo2'].'</span></a> ';
else
echo '<a href="'.$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> <span class="library_item_setting_text">'.$lang['srv_poglejanketo2'].'</span></a> ';
// brisi iz knjiznice
if ($admin_type == 0) {
@ -317,7 +320,11 @@ class Library {
}
}
else {
echo '<a href="'.$site_url.'main/survey/'.(!SurveyInfo::getInstance()->checkSurveyModule('uporabnost') ? 'index' : 'uporabnost').'.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span></a>';
if(SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
echo '<a href="'.$site_url.'main/survey/uporabnost.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span></a>';
else
echo '<a href="'.$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span></a>';
// moznost da povozi anketo z anketo iz knjiznice
//TEGA NE DOVOLIMO KER NI OK DA SE KAR PREPISE OBSTOJECO ANKETO - anketo iz knjiznice se lahko po novem dodaja samo iz mojih anket oz. pri ustvarjanju
echo ' <a href="/" onclick="alert_copy_anketa(\''.$row1['id'].'\'); return false;"><span class="sprites copy_small" title="'.$lang['srv_copy_srv'].'"></span></a>';
@ -484,7 +491,11 @@ class Library {
echo '<a href="/" onclick="anketa_copy(\''.$row1['id'].'\'); return false;" title="'.$lang['srv_library_use_survey'].'"><span class="faicon copy"></span> '.$lang['srv_anketacopy'].'</a> ';
// Preview
echo '<a href="'.$site_url.'main/survey/'.(!SurveyInfo::getInstance()->checkSurveyModule('uporabnost') ? 'index' : 'uporabnost').'.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> '.$lang['srv_poglejanketo2'].'</a> ';
if(SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
echo '<a href="'.$site_url.'main/survey/uporabnost.php?anketa='.$row1['id'].'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> '.$lang['srv_poglejanketo2'].'</a> ';
else
echo '<a href="'.$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&preview=on" target="_blank" title="'.$lang['srv_poglejanketo'].'"><span class="faicon preview"></span> '.$lang['srv_poglejanketo2'].'</a> ';
// Urejanje - admin
if ($admin_type == 0)

11
admin/survey/classes/class.SurveyCopy.php
View File

@ -215,13 +215,6 @@ class SurveyCopy {
$arr_src = array();
// subqueryji mysql cist ubijejo zato sem razbil v 2 locena queryja... v bistvu si zakesiramo seznam spremenljivk in ifov
// TODO ko se MySQL upgrada na 5.6 mogoce prestavit nazaj na navaden subquery, ali pa tut ne - bo za sprobat
$qry_src_survey = sisplet_query("SELECT * FROM srv_anketa WHERE id = '".self :: $src_survey."'", self :: $src_connect_db);
$anketa_array = self::sql2array($qry_src_survey);
//Če imamo vklopljeno hierarhijo, potem vrednosti spremenljivk od hierarhije ne kopiramo
// V kolikor imamo vklopljeno hierarhijo potem ne kopiramo spremenljivke od hierarhije
$hierarhija_sql = null;
@ -491,8 +484,12 @@ class SurveyCopy {
// iz izvorne ankete preberemo vsa polja
if ( count($arr_src['srv_anketa']) > 0) {
// Nastavimo se hash nove ankete
$hash = Common::generateSurveyHash();
// predefinirana polja (vsilimo vrednosti)
$pre_set = array('id' => "NULL",
'hash' => "'".$hash."'",
'backup' => "'0'",
'active' => "'0'",
'locked' => "'0'",

3
admin/survey/classes/class.SurveyCustomReport.php
View File

@ -1989,10 +1989,11 @@ class SurveyCustomReport {
$row = mysqli_fetch_array($sql);
$titleString = $row['value'];
}
//echo '<h2>'.$lang['srv_publc_creport_title_for'] .$titleString.'</h2>';
echo '<h2>'.$titleString.'</h2>';
echo '<input type="hidden" name="anketa_id" id="srv_meta_anketa_id" value="' . $anketa . '" />';
echo '<input type="hidden" name="anketa_hash" id="srv_meta_anketa_hash" value="' . SurveyInfo::getInstance()->getSurveyHash() . '" />';
echo '<div id="analiza_data">';
# ponastavimo nastavitve- filter

6
admin/survey/classes/class.SurveyInfo.php
View File

@ -159,6 +159,7 @@ class SurveyInfo
// te funkcije ohranimo, da se obdrzi kompatibilnost za nazaj. Za naprej se lahko uporabi kar direktno getSurveyColumn (v primerih kjer se lahko)
static function getSurveyId() { return self::$surveyId; }
static function getSurveyHash() { return self::getSurveyColumn('hash'); }
static function getSurveyTitle() { return strip_tags(self::getSurveyColumn('naslov')); }
static function getSurveyAkronim() { return strip_tags(self::getSurveyColumn('akronim')); }
static function getSurveyActive() { return self::getSurveyColumn('active'); }
@ -654,8 +655,7 @@ class SurveyInfo
if ($anketa == false)
$anketa = self::$surveyId;
// V get-u ni vec id ankete ampak string (zaradi zascite, da en more kdorkoli dostopati do vseh anket)
$anketa_string = Common::encryptAnketaID($anketa);
$anketa_string = self::getSurveyHash();
if ( ! isset( self::$surveyLink[$anketa_string] ) ) {
@ -667,7 +667,7 @@ class SurveyInfo
}
else {
if (self::checkSurveyModule('uporabnost') && $uporabnost == true) // na redirectih pa v form action ne sme it na uporabnost (ker se odpira znotraj frama)
$link = $site_url.'main/survey/uporabnost.php?anketa=' . $anketa_string ;
$link = $site_url.'main/survey/uporabnost.php?anketa=' . $anketa ;
else
$link = $site_url.'a/' . $anketa_string ;
}

2
admin/survey/classes/class.SurveySkupine.php
View File

@ -286,7 +286,7 @@ class SurveySkupine {
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
$link = 'main/survey/uporabnost.php?anketa='.$anketa.'&skupina='.$vre_id;
else
$link = 'main/survey/index.php?anketa='.$anketa.'&skupina='.$vre_id;
$link = 'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&skupina='.$vre_id;
if ($add) {
$f = @fopen($site_path.'.htaccess', 'a');

5
admin/survey/classes/class.SurveyTelephone.php
View File

@ -3401,6 +3401,7 @@ class SurveyTelephone {
$return = array('error'=>'1', 'msg'=>'Napaka','reloadUrl'=>'','surveyUrl'=>'');
if ((int)$_POST['usr_id'] > 0) {
$usr_id = (int)$_POST['usr_id'];
# nastavimo url za nastavitev statusa in reload strani
@ -3421,7 +3422,7 @@ class SurveyTelephone {
$user_data = mysqli_fetch_assoc($chk_query);
# sestavimo še url za odpiranje izpolnjevanja ankete
$return['surveyUrl'] = $site_url.'a/'.Common::encryptAnketaID($this->sid).'&survey-'.$this->sid.'&code='.$user_data['pass'];
$return['surveyUrl'] = $site_url.'a/'.SurveyInfo::getInstance()->getSurveyHash().'&survey-'.$this->sid.'&code='.$user_data['pass'];
$return['error'] = '';
}
else {
@ -3479,7 +3480,7 @@ class SurveyTelephone {
sisplet_query("COMMIT");
# sestavimo še url za odpiranje izpolnjevanja ankete
$return['surveyUrl'] = $site_url.'a/'.Common::encryptAnketaID($this->sid).'&survey-'.$this->sid.'&code='.$res_row[password];
$return['surveyUrl'] = $site_url.'a/'.SurveyInfo::getInstance()->getSurveyHash().'&survey-'.$this->sid.'&code='.$res_row[password];
$return['error'] = '';
}
}

12
admin/survey/classes/surveyEmails/class.SurveyAlert.php
View File

@ -163,7 +163,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',
@ -185,7 +185,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',
@ -306,7 +306,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',
@ -325,7 +325,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',
@ -426,7 +426,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',
@ -445,7 +445,7 @@ class SurveyAlert
array(
self::$data['survey_naslov'],
date('r'),
$site_url.'main/survey/index.php?anketa='.self::getSurveyId(),
$site_url.'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash(),
self::$data['expire_days'],
'<a href="'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'">'.$site_url.'admin/survey/index.php?anketa='.self::getSurveyId().'</a>',
'<a href="'.$pdf_url.'">'.$pdf_url.'</a>',

4
admin/survey/classes/surveyEmails/class.SurveyInvitationsNew.php
View File

@ -1770,7 +1770,7 @@ class SurveyInvitationsNew {
// Skoci na urejanje odgovorov - ce imamo identifikatorje povezane s podatki
if($this->surveySettings['show_email'] == 1)
echo '<td class="tbl_inv_left"><span class="icon-grey_dark_link" onclick="window.open(\''.$site_url.'/main/survey/edit_anketa.php?anketa='.$this->sid.'&usr_id='.$sql_row['id'].'&code='.$sql_row['password'].'\', \'blank\')" title="'.$lang['srv_edit_data_row'].'"></span></td>';
echo '<td class="tbl_inv_left"><span class="icon-grey_dark_link" onclick="window.open(\''.$site_url.'/main/survey/edit_anketa.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&usr_id='.$sql_row['id'].'&code='.$sql_row['password'].'\', \'blank\')" title="'.$lang['srv_edit_data_row'].'"></span></td>';
foreach ($fields AS $fkey =>$field) {
if ($field == 1) {
@ -8757,7 +8757,7 @@ class SurveyInvitationsNew {
}
}
$link1 = $site_url.'a/'.Common::encryptAnketaID($this->sid);
$link1 = $site_url.'a/'.SurveyInfo::getInstance()->getSurveyHash();
# normalen link
$result[$cnt] = array('url'=>$link1, 'name'=>$link1.(count($lang_array) > 0 ? ' - '.$lang['language'] : ''));
if ($default_checked == false) {

2
admin/survey/modules/mod_EVOLI/class.EvoliForm.php
View File

@ -825,7 +825,7 @@ class EvoliForm {
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
$link = 'main/survey/uporabnost.php?anketa='.$anketa.'&skupina='.$vre_id;
else
$link = 'main/survey/index.php?anketa='.$anketa.'&skupina='.$vre_id;
$link = 'main/survey/index.php?anketa='.SurveyInfo::getInstance()->getSurveyHash().'&skupina='.$vre_id;
if ($add) {
$f = @fopen($site_path.'.htaccess', 'a');

20
admin/survey/modules/mod_advanced_paradata/class.SurveyAdvancedParadataLog.php
View File

@ -17,19 +17,13 @@ class SurveyAdvancedParadataLog {
// Privatni construct, ki ga 1x poklice getInstance
private function __construct (/*$anketa*/) {
private function __construct () {
/*ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);*/
if(isset($_GET['m']) && $_GET['m'] == 'quick_edit')
return false;
// Ce imamo anketo
/*if ((int)$anketa > 0){
$this->anketa = $anketa;
}*/
$this->anketa = (int)$_REQUEST['anketa'];
//$this->anketa = $anketa_id;
$anketa_hash = $_REQUEST['anketa'];
$this->anketa = getSurveyIdFromHash($anketa_hash);
if($this->anketa > 0){
SurveyInfo::getInstance()->SurveyInit($this->anketa);
@ -50,6 +44,10 @@ class SurveyAdvancedParadataLog {
// Vrne ce zbiramo napredne parapodatke
public function paradataEnabled(){
if(isset($_GET['m']) && $_GET['m'] == 'quick_edit')
return false;
return $this->collectParadata;
}

8
admin/survey/modules/mod_hierarhija/class/HierarhijaAjaxClass.php
View File

@ -936,14 +936,14 @@ class HierarhijaAjax
if (is_array($ankete_v_knjiznici) && empty($ankete_v_knjiznici->ank_id)) {
foreach ($ankete_v_knjiznici as $anketa) {
$srv_anketa = sisplet_query("SELECT id, naslov FROM srv_anketa WHERE id='" . $anketa->ank_id . "'", "obj");
$srv_anketa = sisplet_query("SELECT id, naslov, hash FROM srv_anketa WHERE id='" . $anketa->ank_id . "'", "obj");
if(!empty($srv_anketa->naslov)) {
echo '<li>';
echo '<input type="radio" name="knjiznica_izbira" id="ank_'.$anketa->ank_id.'" value="'.$anketa->ank_id.'" /> ';
echo '<span class="enka-checkbox-radio"></span>';
echo '<span>
<a href="'.$this->site_url.'/main/survey/index.php?anketa='.$anketa->ank_id.'&amp;preview=on" target="_blank" title="Predogled ankete">
<a href="'.$this->site_url.'/main/survey/index.php?anketa='.$srv_anketa->hash.'&amp;preview=on" target="_blank" title="Predogled ankete">
<span class="faicon preview"></span>
</a>
</span>';
@ -952,13 +952,13 @@ class HierarhijaAjax
}
}
} elseif (is_object($ankete_v_knjiznici)) {
$srv_anketa = sisplet_query("SELECT id, naslov FROM srv_anketa WHERE id='" . $ankete_v_knjiznici->ank_id . "'", "obj");
$srv_anketa = sisplet_query("SELECT id, naslov, hash FROM srv_anketa WHERE id='" . $ankete_v_knjiznici->ank_id . "'", "obj");
if(!empty($srv_anketa->naslov)) {
echo '<li>';
echo '<input type="radio" name="knjiznica_izbira" id="ank_'.$ankete_v_knjiznici->ank_id.'" value="'.$ankete_v_knjiznici->ank_id.'" /> ';
echo '<span>
<a href="'.$this->site_url.'main/survey/index.php?anketa='.$ankete_v_knjiznici->ank_id.'&amp;preview=on" target="_blank" title="Predogled ankete">
<a href="'.$this->site_url.'main/survey/index.php?anketa='.$srv_anketa->hash.'&amp;preview=on" target="_blank" title="Predogled ankete">
<span class="faicon preview"></span>
</a>
</span>';

14
admin/survey/script/postProcess.js
View File

@ -678,23 +678,13 @@ function postProcessAddRelevanceTitles() {
}
function showSurveyAnswers(event) {
/*
var srv_site_url = $("#srv_site_url").val();
var target = $(event.target);
var uid = $(target).parent().find('.data_uid').html();
var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_id+'&usr_id='+uid+'&quick_view=1';
//alert(href);
//return false;
if (uid > 0 ){
window.open(href, '_blank');
}
*/
// polovimo user id
var srv_site_url = $("#srv_site_url").val();
var target = $(event.target);
var uid = $(target).parent().parent().find('.data_uid').html();
// var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_id+'&usr_id='+uid+'&quick_view=1';
var href = srv_site_url+'admin/survey/index.php?anketa='+srv_meta_anketa_id+'&a=data&m=quick_edit&usr_id='+uid+'&quick_view=1';
if (uid > 0 ){
window.location = href;
}

5
admin/survey/script/script.js
View File

@ -24,11 +24,13 @@ var __tabele = 0; // pove ce smo v analizi v krostabulacijah(1)
// poklice se v onload.js
function load_meta_variables () {
srv_meta_anketa_id = $("#srv_meta_anketa_id").val();
srv_meta_anketa_hash = $("#srv_meta_anketa_hash").val();
srv_meta_podstran = $("#srv_meta_podstran").val();
srv_meta_akcija = $("#srv_meta_akcija").val();
srv_meta_grupa = $("#srv_meta_grupa").val();
srv_meta_branching = $("#srv_meta_branching").val();
srv_meta_full_screen_edit = ($("#srv_meta_full_screen_edit").val() == 1 ? true : false);
loaded = true;
};
@ -5189,9 +5191,6 @@ function evoli_tm_settings_add_oddelek(tm_id) {
}
// Zakaj je to tukaj?? - ne sme biti tako, ker drugače povozi funkcijo z istim imenom v main/survey (ce se kdaj klice iz tam - recimo pri komentarjih)
//function checkBranching(){}
// Popravimo crte med vprasanji ce imamo blok s horizontalnim izrisom vprasanj
function blockHorizontalLine(spr_id){

4
admin/survey/script/script_analiza.js
View File

@ -83,7 +83,7 @@ function analiza_init () {
$('#dataTable td .edit_square').live('click', function(event) {
// polovimo user id
var uid = $(this).parent().parent().find('.data_uid').html();
var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_id+'&usr_id='+uid+'';
var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_hash+'&usr_id='+uid+'';
if (uid > 0 ){
window.open(href, '_blank');
}
@ -1250,7 +1250,7 @@ function quickEditAction(action, usr_id){
// editiranje starega vnosa
if(action == 'edit'){
var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_id+'&usr_id='+usr_id+'';
var href = srv_site_url+'main/survey/edit_anketa.php?anketa='+srv_meta_anketa_hash+'&usr_id='+usr_id+'';
if (usr_id > 0 ){
window.open(href, '_blank');
}

14
function.php
View File

@ -690,6 +690,20 @@ function isVirtual(){
return (AppSettings::getInstance()->getSetting('installation_type') === '3') ? true : false;
}
// Dobimo id ankete iz hash-a
function getSurveyIdFromHash($hash){
$ank_id = 0;
$sql = sisplet_query("SELECT id FROM srv_anketa WHERE hash='".$hash."'");
if (mysqli_num_rows($sql) > 0) {
$row = mysqli_fetch_array($sql);
$ank_id = $row['id'];
}
return $ank_id;
}
/**
* Počasno nalaganje polja iz baze
*

20
main/survey/app/Controllers/AjaxController.php
View File

@ -344,30 +344,22 @@ class AjaxController extends Controller
}
//asinhrono pobiranje podatkov za ureditev missing
public function ajax_get_dragdrop1_data()
{
public function ajax_get_dragdrop1_data(){
Model::user_not_lurker();
$anketa = $_GET['anketa'];
$spremenljivka = $_GET['spremenljivka'];
$vre_id = array();
//echo 'Spremenljivka: '.$spremenljivka;
//echo 'Anketa: '.$anketa;
//$sql1 = sisplet_query("SELECT id FROM srv_vrednost WHERE spr_id='$spremenljivka' AND other!=0 ");
$sql1 = sisplet_query("SELECT id FROM srv_vrednost WHERE spr_id='$spremenljivka'");
$num = mysqli_num_rows($sql1);
/* echo '
<script>
console.log('.$num.');
</script>
'; */
while ($row1 = mysqli_fetch_array($sql1)) {
//$vre_id[$i] = $row1['id'];
array_push($vre_id, $row1['id']);
}
//echo 'Podatek je: '.$num;
//echo $vre_id;
echo json_encode($vre_id);
}

15
main/survey/app/Controllers/BodyController.php
View File

@ -900,10 +900,10 @@ class BodyController extends Controller
// Glede na vrednost
$naslednja = array_search($resevanje->koda, $kode) + 1;
$url = sisplet_query("SELECT url FROM srv_hierarhija_koda WHERE koda='".$kode[$naslednja]."'", "obj");
$url = sisplet_query("SELECT h.url, a.hash FROM srv_hierarhija_koda h, srv_anketa a WHERE h.koda='".$kode[$naslednja]."' AND h.anketa_id=a.id", "obj");
$url_encode_spremenljivke = urlencode(base64_encode($url->url . '&supersifra=' . $resevanje->supersifra.'&resujem='.$naslednja));
$redirect = $site_url .'a/'.get('anketa').'?enc='.$url_encode_spremenljivke;
$redirect = $site_url .'a/'.$url->hash.'?enc='.$url_encode_spremenljivke;
header("Location: $redirect");
}
@ -1023,7 +1023,6 @@ class BodyController extends Controller
echo '</div>' . "\n"; //-grupa
if ($row['user_from_cms'] == 2) {
//echo '<p style="text-align:center"><a href="'.$site_url.'a/'.$this->anketa.'">'.$lang['srv_nextins'].'</a></p>';
echo '<p style="text-align:center"><a href="' . SurveyInfo::getSurveyLink() . '">' . $lang['srv_nextins'] . '</a></p>';
}
@ -1116,7 +1115,7 @@ class BodyController extends Controller
if ($row['user_from_cms'] == 2 && $row['user_from_cms_email'] == 1 && $admin_type <= 2) { // vnosos
$sqlg = sisplet_query("SELECT id FROM srv_grupa WHERE ank_id='" . get('anketa') . "'ORDER BY vrstni_red ASC LIMIT 1");
$rowg = mysqli_fetch_array($sqlg);
//echo '<p class="vnos"><a href="'.$site_url.'a/'.$this->anketa.'&grupa='.$rowg['id'].'">'.$lang['srv_nextins'].'</a> | <a href="'.$site_url.'admin/survey/index.php?anketa='.$this->anketa.'">'.$lang['srv_insend'].'</a></p>';
echo '<p class="vnos"><a href="' . SurveyInfo::getSurveyLink() . '&grupa=' . $rowg['id'] . '">' . $lang['srv_nextins'] . '</a> | <a href="' . $site_url . 'admin/survey/index.php?anketa=' . get('anketa') . '">' . $lang['srv_insend'] . '</a></p>';
}
@ -1404,9 +1403,9 @@ class BodyController extends Controller
//ce statistike ne prikazujemo skocimo na zakljucek (ce imammo izklopljeno ali nastavleno na samo urednike in ni urednik)
if ($rows['stat'] == 0 || ($rows['stat'] == 2 && self::$admin_type != 0 && self::$admin_type != 1)) {
//header('Location: '.self::$site_url.'a/'.get('anketa').'&grupa='.get('grupa').'&glas_end=1'.get('cookie_url').'');
header('Location: ' . SurveyInfo::getSurveyLink() . '&grupa=' . get('grupa') . (isset($_GET['language']) ? '&language=' . $_GET['language'] : '') . '&glas_end=1' . get('cookie_url') . '');
} else {
}
else {
echo '<div class="outercontainer_holder concl_statistika">';
echo '<div class="outercontainer_holder_top"></div>';
@ -1427,7 +1426,7 @@ class BodyController extends Controller
echo '</div>' . "\n";
echo '<div class="buttons">';
//$url_stat = ''.self::$site_url.'a/'.get('anketa').'&grupa='.get('grupa').'&glas_end=1'.get('cookie_url');
$url_stat = '' . SurveyInfo::getSurveyLink() . '&grupa=' . get('grupa') . (isset($_GET['language']) ? '&language=' . $_GET['language'] : '') . '&glas_end=1' . get('cookie_url');
$js = 'document.location.href=\'' . $url_stat . '\';';
@ -1636,7 +1635,7 @@ class BodyController extends Controller
if ($row['user_from_cms'] == 2 && $row['user_from_cms_email'] == 1 && $admin_type <= 2) { // vnosos
$sqlg = sisplet_query("SELECT id FROM srv_grupa WHERE ank_id='" . get('anketa') . "'ORDER BY vrstni_red ASC LIMIT 1");
$rowg = mysqli_fetch_array($sqlg);
//echo '<p class="vnos"><a href="'.$site_url.'a/'.$this->anketa.'&grupa='.$rowg['id'].'">'.$lang['srv_nextins'].'</a> | <a href="'.$site_url.'admin/survey/index.php?anketa='.$this->anketa.'">'.$lang['srv_insend'].'</a></p>';
echo '<p class="vnos"><a href="' . SurveyInfo::getSurveyLink() . '&grupa=' . $rowg['id'] . '">' . $lang['srv_nextins'] . '</a> | <a href="' . $site_url . 'admin/survey/index.php?anketa=' . get('anketa') . '">' . $lang['srv_insend'] . '</a></p>';
}

29
main/survey/app/Controllers/DisplayController.php
View File

@ -807,35 +807,6 @@ class DisplayController extends Controller
}
}
/**
* @desc konstruktor
*/
public function PrintSurvey()
{
if (isset($_GET['anketa'])) {
save('anketa', $_GET['anketa']);
$rowa = SurveyInfo::getInstance()->getSurveyRow();
// uvodni nagovor
if ($rowa['show_intro'] != 0) {
Body::getInstance()->displayIntroduction();
}
// prikažemo ankete
do {
save('grupa', Find::getInstance()->findNextGrupa());
Body::getInstance()->displayAnketa();
} while (get('grupa') != Find::getInstance()->findNextGrupa() && Find::getInstance()->findNextGrupa() > 0);
// prikažemo konec
Body::getInstance()->displayKonec();
} else
echo 'Ni podatkov o anketi!';
}
/**
* @desc prikaze chat okno za tawk chat, ce je modul vklopljen (js koda)

4
main/survey/app/Controllers/HeaderController.php
View File

@ -117,9 +117,11 @@ class HeaderController extends Controller
return header('Location: ' . self::$site_url);
die("Missing anketa id!");
}
$anketa = (($get->anketa) ? $get->anketa : $_POST['anketa']);
$anketa_hash = (($get->anketa) ? $get->anketa : $_POST['anketa']);
$anketa = getSurveyIdFromHash($anketa_hash);
// Shranimo vse spremenljivke iz get parametrov v classu VariableClass
save('anketa_hash', $anketa_hash);
save('anketa', $anketa);
save('get', $get);

2
main/survey/app/Controllers/HelperController.php
View File

@ -532,7 +532,6 @@ class HelperController extends Controller
array($ime,
$row['akronim'], #$row['naslov'],
date("d.m.Y, H:i:s"),
//'<a href="'.self::$site_url.'a/'.get('anketa').'">'.self::$site_url.'a/'.get('anketa').'</a>',
'<a href="' . SurveyInfo::getSurveyLink() . '">' . SurveyInfo::getSurveyLink() . '</a>',
'<a href="' . self::$site_url . 'admin/survey/index.php?anketa=' . get('anketa') . '">' . self::$site_url . 'admin/survey/index.php?anketa=' . get('anketa') . '</a>',
'<a href="' . $pdf_url . '">' . self::$lang['srv_alert_link_pdf'] . '</a>',
@ -554,7 +553,6 @@ class HelperController extends Controller
array($ime,
$row['naslov'],
date("d.m.Y, H:i:s"),
//self::$site_url.'a/'.get('anketa'),
SurveyInfo::getSurveyLink(),
self::$site_url . 'admin/survey/index.php?anketa=' . get('anketa'),
'<a href="' . $pdf_url . '">' . self::$lang['srv_alert_link_pdf'] . '</a>',

11
main/survey/app/Controllers/InitClass.php
View File

@ -52,7 +52,10 @@ class InitClass extends Controller
// cist na zacetku preverimo referer. Ce je prisel od kje drugje (napacno skopiran link itd...) ga preusmerimo na prvo stran ankete
if (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], self::$site_url) === false && !isset($_GET['code']) && !isset($_GET['return']) && !isset($_GET['params'])) {
$anketa = (isset($_GET['anketa'])) ? $_GET['anketa'] : ((isset($_POST['anketa'])) ? $_POST['anketa'] : die("Missing anketa id!"));
$anketa_hash = (isset($_GET['anketa'])) ? $_GET['anketa'] : ((isset($_POST['anketa'])) ? $_POST['anketa'] : die("Missing anketa id!"));
save('anketa_hash', $anketa_hash);
$anketa = getSurveyIdFromHash($anketa_hash);
save('anketa', $anketa);
// Pri ul evalvaciji tega ne pustimo, ker drugace narobe preusmeri
@ -69,7 +72,6 @@ class InitClass extends Controller
$g .= Header::getSurveyParams();
//$redirect_url = self::$site_url."a/".get('anketa').$g;
$redirect_url = SurveyInfo::getSurveyLink(false, false) . $g;
$request_url = 'http' . ($_SERVER['HTTPS'] ? 's' : null) . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
@ -89,8 +91,10 @@ class InitClass extends Controller
}
if (isset($_GET['anketa']) || isset($_POST['anketa'])) {
$anketa_hash = (isset($_GET['anketa'])) ? $_GET['anketa'] : ((isset($_POST['anketa'])) ? $_POST['anketa'] : die("Missing anketa id!"));
save('anketa_hash', $anketa_hash);
$anketa = (isset($_GET['anketa'])) ? $_GET['anketa'] : ((isset($_POST['anketa'])) ? $_POST['anketa'] : die("Missing anketa id!"));
$anketa = getSurveyIdFromHash($anketa_hash);
save('anketa', $anketa);
// Preverimo, ce gre za deaktivirano phishing anketo - vrnemo 404
@ -412,7 +416,6 @@ class InitClass extends Controller
header('Location: ' . SurveyInfo::getSurveyLink(false, false) . '&grupa=' . get('grupa') . '&ime=' . get('ime_AW') . Header::getSurveyParams() . get('cookie_url') . '');
elseif (get('loop_id') != null)
header('Location: ' . SurveyInfo::getSurveyLink(false, false) . '&grupa=' . get('grupa') . '&loop_id=' . get('loop_id') . Header::getSurveyParams() . get('cookie_url') . '');
}
else {

4
main/survey/app/Controllers/StatisticController.php
View File

@ -263,13 +263,13 @@ class StatisticController extends Controller
echo '<ul>';
while ($rowArchive = mysqli_fetch_array($sqlArchive)) {
$sql4 = sisplet_query("SELECT naslov, starts, insert_uid FROM srv_anketa WHERE id = '$rowArchive[ank_id]'");
$sql4 = sisplet_query("SELECT naslov, starts, insert_uid, hash FROM srv_anketa WHERE id = '$rowArchive[ank_id]'");
$row4 = mysqli_fetch_array($sql4);
if($row4['insert_uid'] == $global_user_id){
echo '<li>';
echo '<a href="' . $site_url . 'a/' . $rowArchive['ank_id'] . '&glas_end=0' . get('cookie_url') . '">' . $row4['naslov'] . '</a>';
echo '<a href="' . $site_url . 'a/' . $row4['hash'] . '&glas_end=0' . get('cookie_url') . '">' . $row4['naslov'] . '</a>';
echo ' (' . $row4['starts'] . ')';
echo '</li>';

6
main/survey/class.EvalvacijaMain.php
View File

@ -485,8 +485,12 @@ class EvalvacijaMain {
// Encodamo z base64
$request_encoded = urlencode(base64_encode($request));
// Dobimo hash ankete
$sqlHash = sisplet_query("SELECT hash FROM srv_anketa WHERE id='".$ank_id."'");
$rowHash = mysqli_fetch_array($sqlHash);
// Redirectamo na ustrezeno anketo
header('Location: https://anketa.uni-lj.si/student/a/'.$ank_id.'?enc='.$request_encoded);
header('Location: https://anketa.uni-lj.si/student/a/'.$rowHash['hash'].'?enc='.$request_encoded);
}

8
main/survey/edit_anketa.php
View File

@ -2,7 +2,9 @@
include_once('../../function.php');
$anketa = $_GET['anketa'];
$anketa_hash = $_GET['anketa'];
$anketa = getSurveyIdFromHash($anketa_hash);
$usr_id = $_GET['usr_id'];
$preview = $_GET['preview'];
$code = isset($_GET['code']) ? '&code='.$_GET['code'] : '';
@ -21,9 +23,9 @@ if ($_GET['quick_view'] == 1) {
if ($row1['cookie'] == -1) {
header("Location: ".$site_url."main/survey/index.php?anketa=$anketa&survey-".$anketa."=".$row['cookie'].$urejanje.$code);
header("Location: ".$site_url."main/survey/index.php?anketa=".$anketa_hash."&survey-".$anketa."=".$row['cookie'].$urejanje.$code);
} else {
setcookie('survey-'.$anketa, $row['cookie'], 0);
header("Location: ".$site_url."main/survey/index.php?anketa=$anketa".$urejanje.$code);
header("Location: ".$site_url."main/survey/index.php?anketa=".$anketa_hash.$urejanje.$code);
}
?>

5
main/survey/embed_out.php
View File

@ -1,9 +1,10 @@
<?php
include_once('../../function.php');
$anketa = $_GET['anketa'];
$anketa_hash = $_GET['anketa'];
$grupa = $_GET['grupa'];
echo 'URI = '.$site_url.'main/survey/index.php?anketa='.$anketa.'&grupa='.$grupa;
echo 'URI = '.$site_url.'main/survey/index.php?anketa='.$anketa_hash.'&grupa='.$grupa;
?>

6
main/survey/sa_koda.php
View File

@ -10,7 +10,7 @@ include_once('../../function.php');
if (!empty($_POST['koda'])) {
$koda = strtolower($_POST['koda']);
$sql = sisplet_query("SELECT url, anketa_id FROM srv_hierarhija_koda WHERE koda='" . $koda . "'");
$sql = sisplet_query("SELECT h.url, h.anketa_id, a.hash FROM srv_hierarhija_koda h, srv_anketa a WHERE h.koda='".$koda."' AND h.anketa_id=a.id");
if ($sql->num_rows > 0) {
$row = $sql->fetch_object();
@ -19,7 +19,7 @@ if (!empty($_POST['koda'])) {
$url_encode_spremenljivke = urlencode(base64_encode($row->url));
//celotni url do ankete
header("Location: " . $site_url . "a/" . $row->anketa_id . "?enc=" . $url_encode_spremenljivke);
header("Location: " . $site_url . "a/" . $row->hash . "?enc=" . $url_encode_spremenljivke);
die();
}
@ -35,7 +35,7 @@ if (!empty($_POST['koda'])) {
$url_encode_spremenljivke = urlencode(base64_encode($koda_resevanje->url . '&supersifra=' . $koda.'&resujem=0'));
//celotni url do ankete
header("Location: " . $site_url . "a/" . $row->anketa_id . "?enc=" . $url_encode_spremenljivke);
header("Location: " . $site_url . "a/" . $row->hash . "?enc=" . $url_encode_spremenljivke);
die();
}

4
main/survey/uporabnost.php
View File

@ -26,13 +26,13 @@ if (true || ($row['uporabnost_link'] != null && $row['uporabnost_link'] != ""))
echo '
<frameset '.($uporabnost_razdeli!=1?'rows':'cols').'="50%,50%">
<frame name="link" src="'.(strlen($row['uporabnost_link'])>7?$row['uporabnost_link']:'').'">
<frame name="survey" src="'.$site_url.'main/survey/index.php?anketa='.$anketa.''.($_GET['preview']=='on'?'&preview=on':'').''.(isset($_GET['sist_link'])?'&sist_link='.$_GET['sist_link']:'').(isset($_GET['code'])?'&code='.$_GET['code']:'').'">
<frame name="survey" src="'.$site_url.'main/survey/index.php?anketa='.$anketa_hash.''.($_GET['preview']=='on'?'&preview=on':'').''.(isset($_GET['sist_link'])?'&sist_link='.$_GET['sist_link']:'').(isset($_GET['code'])?'&code='.$_GET['code']:'').'">
</frameset>
';
} else {
echo '
<frameset>
<frame name="survey" src="'.$site_url.'main/survey/index.php?anketa='.$anketa.''.($_GET['preview']=='on'?'&preview=on':'').''.(isset($_GET['sist_link'])?'&sist_link='.$_GET['sist_link']:'').(isset($_GET['code'])?'&code='.$_GET['code']:'').'">
<frame name="survey" src="'.$site_url.'main/survey/index.php?anketa='.$anketa_hash.''.($_GET['preview']=='on'?'&preview=on':'').''.(isset($_GET['sist_link'])?'&sist_link='.$_GET['sist_link']:'').(isset($_GET['code'])?'&code='.$_GET['code']:'').'">
</frameset>
';
}

8
sql/update2.sql
View File

@ -9569,3 +9569,11 @@ CREATE TABLE app_settings(
UPDATE misc SET value='21.09.21' WHERE what="version";
## Ankete vec ne stevilcimo ampak jih identificiramo po hashu
ALTER TABLE srv_anketa ADD hash VARCHAR(8) CHARACTER SET utf8 NOT NULL DEFAULT '' AFTER id;
ALTER TABLE srv_anketa ADD UNIQUE (hash);
## Stare ankete imajo za hash kar id (da je kompatibilno za nazaj ker so ze objavljene)
UPDATE srv_anketa SET hash=id;
UPDATE misc SET value='22.09.30' WHERE what="version";