';
}
// Prikazemo vsebino zavihka gdpr - nastavitve uporabnika
public function displayGDPRUser($error=array()){
global $site_url;
global $lang;
$user_settings = self::getUserSettings();
echo '';
echo '';
}
// Prikazemo GDPR avtoriteto za izbrano drzavo
public function displayGDPRAuthority($country){
global $lang;
if($country != ''){
$current_authorities = array();
// Dobimo vse avtoritete za drzavo
foreach(self::$authorities as $authority){
// Ce je ta avtoriteta izbrana
if($country == $authority['drzava'] || $country == $authority['country'])
$current_authorities[] = $authority;
}
echo '
'.$lang['srv_gdpr_user_settings_authority'].':
';
// Prikazemo podatke za vse avtoritete (lahko jih je vec na drzavo)
foreach ($current_authorities as $authority) {
echo '
';
}
}
// Prikazemo vsebino zavihka gdpr - VSE zahteve za izbris (samo admini)
public function displayGDPRRequestsAll(){
global $site_url;
global $lang;
$sql = sisplet_query("SELECT r.*,
a.naslov,
u.email AS u_email, u.name AS u_name, u.surname AS u_surname,
gu.type AS gu_type, gu.organization AS gu_organization, gu.dpo_firstname AS gu_dpo_firstname, gu.dpo_lastname AS gu_dpo_lastname, gu.dpo_email AS gu_dpo_email, gu.dpo_phone AS gu_dpo_phone, gu.email AS gu_email, gu.firstname AS gu_firstname, gu.lastname AS gu_lastname, gu.phone AS gu_phone, gu.address AS gu_address, gu.country AS gu_country
FROM srv_gdpr_requests AS r
LEFT JOIN srv_anketa AS a ON (r.ank_id=a.id)
LEFT JOIN users AS u ON (r.usr_id=u.id)
LEFT JOIN srv_gdpr_user AS gu ON (r.usr_id=gu.usr_id)
WHERE r.status='0'
ORDER BY date(r.datum) ASC");
if(mysqli_num_rows($sql) > 0){
echo '
';
}
// Opravljeni zahtevki
$sql = sisplet_query("SELECT r.*,
a.naslov,
u.email AS u_email, u.name AS u_name, u.surname AS u_surname,
gu.type AS gu_type, gu.organization AS gu_organization, gu.dpo_firstname AS gu_dpo_firstname, gu.dpo_lastname AS gu_dpo_lastname, gu.dpo_email AS gu_dpo_email, gu.dpo_phone AS gu_dpo_phone, gu.email AS gu_email, gu.firstname AS gu_firstname, gu.lastname AS gu_lastname, gu.phone AS gu_phone, gu.address AS gu_address, gu.country AS gu_country
FROM srv_gdpr_requests AS r
LEFT JOIN srv_anketa AS a ON (r.ank_id=a.id)
LEFT JOIN users AS u ON (r.usr_id=u.id)
LEFT JOIN srv_gdpr_user AS gu ON (r.usr_id=gu.usr_id)
WHERE r.status='1'
ORDER BY date(r.datum) DESC");
if(mysqli_num_rows($sql) > 0){
echo ' ';
echo '';
echo ' +- '.$lang['srv_gdpr_requests_done'].'';
echo '';
echo '
';
// Export - informacije dane posamezniku
echo '';
echo ' ';
// Export - evidenca dejavnosti obdelav
echo '';
}
// Prikazemo vsebino zavihka gdpr - nastavitve posamezne ankete
public function displayGDPRSurveyRequests($ank_id){
global $site_url;
global $lang;
echo '
';
}
// Pridobimo vse ankete userja in za vsako preverimo ce je GDPR
private function getUserSurveys(){
$survey_list = array();
// Pridobimo seznam vseh anket uporabnika
$SL = new SurveyList();
$surveys = $SL->getSurveysSimple();
$temp_gdpr = array();
$temp_gdpr_p = array();
$temp_naslov = array();
$temp_active = array();
$key = 0;
foreach($surveys as $anketa){
$potential_gdpr = $this->potentialGDPRSurvey($anketa['id']);
$gdpr = $this->isGDPRSurvey($anketa['id']);
$temp_gdpr[$key] = $gdpr;
$temp_gdpr_p[$key] = $potential_gdpr;
$temp_naslov[$key] = $anketa['naslov'];
$temp_active[$key] = $anketa['active'];
$survey_list[$key] = array(
'id' => $anketa['id'],
'naslov' => $anketa['naslov'],
'active' => $anketa['active'],
'potential_gdpr' => $potential_gdpr,
'gdpr' => $gdpr
);
$key++;
}
array_multisort($temp_gdpr, SORT_DESC, $temp_gdpr_p, SORT_DESC, $temp_active, SORT_DESC, $temp_naslov, SORT_DESC, $survey_list);
return $survey_list;
}
// Pridobimo vse zahteve za izbris za userja (za vse ankete ali samo za doloceno anketo)
private function getUserRequests($ank_id=0, $status=0){
global $global_user_id;
$requests = array();
$anketa_query = '';
if($ank_id != 0)
$anketa_query = " AND r.ank_id='".$ank_id."'";
$status_query = " AND r.status='".$status."'";
$order_by = ($status == 0) ? 'ASC' : 'DESC';
$sql = sisplet_query("SELECT r.*, a.naslov
FROM srv_gdpr_requests r, srv_anketa a
WHERE r.usr_id='".$global_user_id."' AND r.ank_id=a.id ".$anketa_query." ".$status_query."
ORDER BY date(datum) ".$order_by."");
while($row = mysqli_fetch_array($sql)){
$requests[$row['id']] = $row;
}
return $requests;
}
// Pridobimo vse zahteve za izbris za userja (za vse ankete ali samo za doloceno anketo)
public static function countUserUnfinishedRequests(){
global $global_user_id;
$sql = sisplet_query("SELECT COUNT(id) FROM srv_gdpr_requests WHERE usr_id='".$global_user_id."' AND status!='1'");
$row = mysqli_fetch_array($sql);
return $row['COUNT(id)'];
}
// Pridobimo vse gdpr nastavitve userja
private static function getUserSettings(){
global $global_user_id;
global $lang;
$sql = sisplet_query("SELECT * FROM srv_gdpr_user WHERE usr_id='".$global_user_id."'");
$row = mysqli_fetch_array($sql);
if($row['country'] == ''){
$row['country'] = ($lang['id'] == '1') ? 'Slovenija' : 'Slovenia';
}
return $row;
}
// Preverimo ce je uporabnik izpolnil gdpr profil
private function checkUserSettings(){
global $global_user_id;
global $lang;
$sql = sisplet_query("SELECT * FROM srv_gdpr_user WHERE usr_id='".$global_user_id."'");
$row = mysqli_fetch_array($sql);
if($row['firstname'] == '' || $row['lastname'] == '' || $row['email'] == '')
return false;
// Ce ima dpo so obvezni ime, priimek in posta
if(($row['type'] == '1' || $row['has_dpo'] == '1') && ($row['dpo_firstname'] == '' || $row['dpo_lastname'] == '' || $row['dpo_email'] == ''))
return false;
// Za podjetje sta obvezni ime in maticna
if($row['type'] == '1' && ($row['organization'] == '' || $row['organization_maticna'] == ''))
return false;
return true;
}
// Pridobimo vse gdpr nastavitve za anketo
public static function getSurveySettings($ank_id){
$sql = sisplet_query("SELECT * FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
if(mysqli_num_rows($sql) > 0){
$row = mysqli_fetch_array($sql);
return $row;
}
else
return 0;
}
// Vrne text za gdpr preduvod glede na to kaj je oznaceno da se zbira
public static function getSurveyIntro($ank_id){
global $lang;
global $site_url;
// Poseben GDPR text za gorenje
if (Common::checkModule('gorenje')){
$naslov = '
';
return $naslov;
}
// Preverimo ce je anketa potrjena s strani urednika, da je gdpr
public static function isGDPRSurvey($ank_id){
$sql = sisplet_query("SELECT * FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
if(mysqli_num_rows($sql) > 0){
return 1;
}
else
return 0;
}
// Preverimo ce je anketa gdpr in ima vklopljen gdpr 1ka template uvod
public static function isGDPRSurveyTemplate($ank_id){
$sql = sisplet_query("SELECT * FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."' AND 1ka_template='1'");
if(mysqli_num_rows($sql) > 0){
return 1;
}
else
return 0;
}
/*
* Preverimo ce ima anketa kaksne nastavitve, ki lahko padejo pod gdpr
* - preverjamo imena spremenljivk "ime", "priimek", "firstname", "lastname", "email" (za tipe text) in tip vprasanja lokacija
* - preverjamo ce ima vklopljena vabila
* - preverjamo ce je tel. anketa
*/
public function potentialGDPRSurvey($ank_id){
$gdpr = 0;
// Preverimo ce obstaja kaksno vprasanje za ime, priimek, email, lokacijo
$gdpr_questions = $this->getGDPRSurveyQuestions($ank_id);
if(count($gdpr_questions) > 0)
$gdpr = 1;
// Preverimo ce ima vklopljena vabila
if($this->checkSurveyInvitations($ank_id))
$gdpr = 1;
// Preverimo ce je telefonska anketa
if($this->checkSurveyTelephone($ank_id))
$gdpr = 1;
return $gdpr;
}
// Preverimo ce obstaja v anketi kaksno vprasanje za ime, priimek, email, lokacijo - vrnemo array vprasanj, ki so problematicna
private function getGDPRSurveyQuestions($ank_id){
$gdpr_questions = array();
// Loop cez vsa vprasanja
$sql = sisplet_query("SELECT s.id, s.variable, s.variable_custom, s.sistem, s.tip
FROM srv_spremenljivka s, srv_grupa g
WHERE s.gru_id=g.id AND g.ank_id='".$ank_id."'
AND ((s.variable IN ('ime', 'priimek', 'email', 'firstname', 'lastname') AND s.tip='21' /*AND s.sistem='1'*/) OR s.tip='26')");
while($row = mysqli_fetch_array($sql)){
$gdpr_questions[] = $row;
}
return $gdpr_questions;
}
// Preverimo ce ima anketa vklopljena email vabila
private function checkSurveyInvitations($ank_id){
$gdpr_email = SurveyInfo::getInstance()->checkSurveyModule('email');
return $gdpr_email;
}
// Preverimo ce je telefonska anketa
private function checkSurveyTelephone($ank_id){
$gdpr_phone = SurveyInfo::getInstance()->checkSurveyModule('phone');
return $gdpr_phone;
}
// Poskrbi za vse potrebno ko respondent zahteva izbris oz. vpogled v podatke
public function sendGDPRRequest($request_data){
global $lang;
global $gdpr_admin_email;
global $app_settings;
$errors = array();
// Natavimo angleski jezik
if((!empty($_POST['drupal_lang']) && $_POST['drupal_lang'] == 2) || (!empty($_POST['lang_id']) && $_POST['lang_id'] == 2)){
$file = '../lang/2.php';
include($file);
}
// Preverimo email
if(!isset($request_data['email']) || $request_data['email'] == '')
$errors['email'] = '1';
elseif(!validEmail($request_data['email']))
$errors['email'] = $lang['srv_remind_email_hard'];
else
$email = $request_data['email'];
// Preverimo naslov ankete - naslov ni obvezen
$survey_name = (isset($request_data['srv-name'])) ? $request_data['srv-name'] : '';
// Preverimo url ankete
if(!isset($request_data['srv-url']) || $request_data['srv-url'] == '')
$errors['srv-url'] = '1';
else{
$survey_url = $request_data['srv-url'];
// Preverimo url ankete in pridobimo podatke za anketo (avtor, id...)
$survey_data = self::getSurveyFromURL($survey_url);
if(!$survey_data || empty($survey_data)) {
if((!empty($_POST['drupal_lang']) && $_POST['drupal_lang'] == 2) || (!empty($_POST['lang_id']) && $_POST['lang_id'] == 2)) {
$errors['srv-url'] = 'Invalid survey URL. Enter the correct URL for the 1KA survey. If you have any problems, please contact 1KA helpdesk (help@1ka.si).';
}
else{
$errors['srv-url'] = 'Nepravilen URL ankete. Vpišite pravilen URL 1KA ankete. V primeru težav kontaktirajte Center za pomoč uporabnikom 1KA (help@1ka.si).';
}
}
}
// Preverimo ce imamo action
if(!isset($request_data['gdpr-action']))
$errors['gdpr-action'] = '1';
else{
$action = $request_data['gdpr-action'];
// Nastavimo jezik vmesnika
if(!empty($_POST['drupal_lang']))
$jezik = $_POST['drupal_lang'];
elseif(!empty($_POST['lang_id']))
$jezik = $_POST['lang_id'];
else
$jezik = $survey_data['usr_lang'];
if($jezik == '2'){
if($action == '1')
$action_text = 'Delete personal and survey data for a specific survey.';
elseif($action == '2')
$action_text = 'Gain insight into personal and survey data for a specific survey.';
elseif($action == '3')
$action_text = 'Change personal data in a specific survey.';
elseif($action == '4')
$action_text = 'Transmission of personal data from a specific survey.';
elseif($action == '5')
$action_text = 'Restriction of processing of personal data in a specific survey.';
elseif($action == '6')
$action_text = 'Withdrawal of consent of processing of personal data in a specific survey.';
else
$errors['gdpr-action'] = '1';
}
else{
if($action == '1')
$action_text = 'izbris osebnih in anketnih podatkov iz omenjene ankete.';
elseif($action == '2')
$action_text = 'vpogled v osebne in anketne podatke iz omenjene ankete.';
elseif($action == '3')
$action_text = 'spremembo osebnih in anketnih podatkov iz omenjene ankete.';
elseif($action == '4')
$action_text = 'Prenos osebnih podatkov iz omenjene ankete.';
elseif($action == '5')
$action_text = 'Omejitev obdelave osebnih podatkov v omenjeni anketi.';
elseif($action == '6')
$action_text = 'Preklic privolitve v obdelavo osebnih podatkov v omenjeni anketi.';
else
$errors['gdpr-action'] = '1';
}
}
// Preverimo opis
//$note = (isset($request_data['gdpr-note'])) ? $request_data['gdpr-note'] : '';
if(!isset($request_data['gdpr-note']) || $request_data['gdpr-note'] == '')
$errors['gdpr-note'] = '1';
else
$note = $request_data['gdpr-note'];
// Ce imamo vse potrebne podatke posredujemo zahtevo
if(empty($errors)){
// Zabelezimo zahtevo v bazo
$sql = sisplet_query("INSERT INTO srv_gdpr_requests
(usr_id, ank_id, email, url, datum, text, type)
VALUES
('".$survey_data['usr_id']."', '".$survey_data['ank_id']."', '".$email."', '".$survey_url."', NOW(), '".$note."', '".$action."')");
// Nastavimo podatke maila (text)
// ANG
if($jezik == '2'){
$subject = 'Request for deletion/insight or change of personal survey data';
$content = 'Dear 1KA user, ';
$content .= '
As an author of the survey '.$survey_data['title'].' ('.$survey_data['url'].'), in which you collected personal data (GDPR), we would like to inform you that the respondent with e-mail '.$email.' submitted a request for: ';
$content .= ' - '.$action_text.'
';
$content .= '
';
$content .= 'Respondent’s email: '.$email.'
';
$content .= 'Survey URL: '.$survey_url.'
';
$content .= 'The submitted request relates to the following personal data: '.$note.'';
$content .= '
';
$content .= '
Please process the request within one month and inform the respondent to the above email address of the (Article 19 of the GDPR Regulation).
';
$content .= '
If you do not execute the request after one month, we will notify you again. If the request is not executed, we reserve the right to delete this survey.
';
// Podpis
$signature = Common::getEmailSignature();
$content .= $signature;
}
// SLO
else{
$subject = 'Obvestilo o zahtevi za izbris/vpogled ali spremembo osebnih oziroma anketnih podatkov';
$content = 'Pozdravljeni, ';
$content .= '
Kot avtorja ankete '.$survey_data['title'].' ('.$survey_data['url'].'), v kateri ste zbirali osebne podatke (GDPR), vas želimo obvestiti, da je respondent z elektronskim naslovom '.$email.' oddal prošnjo za: ';
$content .= ' - '.$action_text.'
';
$content .= '
';
$content .= 'Email respondenta: '.$email.'
';
$content .= 'URL ankete: '.$survey_url.'
';
$content .= 'Oddana prošnja se nanaša na naslednje osebne podatke: '.$note.'';
$content .= '
';
$content .= '
Prosimo, da v roku enega meseca izvršite zahtevo in o tem obvestite respondenta na zgoraj navedeni elektronski naslov respondenta (Člen 19 uredbe GDPR).
';
$content .= '
V primeru, da tega po enem mesecu ne boste izvršili, vas bomo ponovno obvestili. Če se zahteva ne izvrši, si pridružujemo pravico, da anketo izbrišemo.
';
// Podpis
$signature = Common::getEmailSignature();
$content .= $signature;
}
// Posljemo mail avtorju ankete in na help@1ka.si za obvestilo adminu
try{
$MA = new MailAdapter();
$MA->addRecipients($survey_data['author_email']);
if(Common::checkModule('gorenje')){
//$MA->addRecipients('dusan.rutnik@gorenje.com');
$MA->addRecipients('gdpr@gorenje.com');
}
elseif(isset($gdpr_admin_email) && $gdpr_admin_email != ''){
$MA->addRecipients($gdpr_admin_email);
}
else{
$MA->addRecipients('help@1ka.si');
$MA->addRecipients('enklikanketa@gmail.com');
}
$resultX = $MA->sendMail($content, $subject);
}
catch (Exception $e){
}
// Vrnemo vse ok
if($jezik == '2'){
$success_text = 'Your request for the deletion, change or insight into your personal information for a particular survey is submitted to
the author of the survey. The author of the survey must, within a month since you submitted the request, execute your
request and inform you about it. If the author fails to do so within 30 days, we will delete the survey, including your information.';
}else {
$success_text = 'Prošnja za izbris, spremembo ali vpogled do vaših osebnih podatkov iz določene ankete je posredovana avtorju ankete.
Avtor ankete mora v roku meseca dni od oddane zahteve urediti vašo zahtevo in vas o tem obvestiti.
Če v roku 30 dni avtor tega ne izvede, bomo anketo izbrisali, vključno z vašimi podatki.';
}
$response = json_encode(array('success' => $success_text), true);
}
else{
// Vrnemo errorje
//$response = json_encode(array('error' => $errors), true);
$response = json_encode(array('error' => $errors, 'posted' => $request_data), true);
}
echo $response;
}
// Poiscemo anketo na podlagi vnesenega url-ja
private function getSurveyFromURL($url){
global $site_url;
$data = array();
$url_data = parse_url($url);
$path = $url_data['path'];
$host = $url_data['host'];
// Preverimo ce gre za pravo domeno
if($host == parse_url($site_url, PHP_URL_HOST)){
$arr = explode("/", $path);
// Pridobimo id ankete iz url-ja
if($arr[1] == 'a'){
$data['ank_id'] = $arr[2];
}
else{
// Preverimo ce imamo mogoce lep url
$nice_url = $arr[1];
$sqlN = sisplet_query("SELECT ank_id, link FROM srv_nice_links WHERE link='".$nice_url."'");
if(mysqli_num_rows($sqlN) > 0){
$rowN = mysqli_fetch_array($sqlN);
$data['ank_id'] = $rowN['ank_id'];
}
else
return false;
}
// Nastavimo url ankete
$data['url'] = $site_url.'a/'.$data['ank_id'];
// Pridobimo avtorja in naslov ankete
$sql = sisplet_query("SELECT a.naslov, u.id, u.lang, u.email
FROM srv_anketa a, users u
WHERE a.id='".$data['ank_id']."' AND u.id=a.insert_uid");
if(mysqli_num_rows($sql) == 1){
$row = mysqli_fetch_array($sql);
$data['title'] = $row['naslov'];
$data['usr_id'] = $row['id'];
$data['usr_lang'] = $row['lang'];
$data['author_email'] = $row['email'];
}
else
return false;
}
else
return false;
if(isset($data['ank_id']) && isset($data['usr_id']) && isset($data['title']) && isset($data['url']) && isset($data['author_email']))
return $data;
else
return false;
}
// Prikaze obrazec za zahteve za izbris (v simple frontend)
public static function displayGDPRRequestForm($status=array()){
global $lang;
global $site_url;
// Uspesno poslan zahtevek
if(isset($status['success'])){
echo $status['success'];
}
else{
// Ce imamo errorje
$error = (isset($status['error'])) ? $status['error'] : array();
// Kar smo predhodno poslali
$posted = (isset($status['posted'])) ? $status['posted'] : array();
// Nastavimo se jezik ob napakah
if(isset($posted['lang_id'])){
$file = '../../lang/'.$posted['lang_id'].'.php';
include($file);
}
echo '
'.$lang['srv_gdpr_drupal_title'].'
';
echo '
'.$lang['srv_gdpr_drupal_intro1'].'
';
echo '
'.$lang['srv_gdpr_drupal_intro2'].'
';
echo ' ';
}
}
// Vrnemo celoten gdpr text za respondenta (pravice...) v obliki array-a
public static function getGDPRInfoArray($ank_id){
global $global_user_id;
global $lang;
$gdpr_settings = self::getUserSettings();
$gdpr_survey_settings = self::getSurveySettings($ank_id);
$result = array();
// OSEBNI PODATKI
$result[0]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text1_1'];
$result[0]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text1_2'];
// Avtor raziskave
$research_author = self::getResearchAuthor($ank_id, $gdpr_settings, $gdpr_survey_settings);
if($research_author != '')
$result[0]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text1_3'].' '.$research_author.'';
$result[0]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text1_4'].':';
$temp_text = '';
if($gdpr_survey_settings['name'])
$temp_text .= $lang['srv_gdpr_intro_name'].', ';
if($gdpr_survey_settings['email'])
$temp_text .= $lang['srv_gdpr_intro_email'].', ';
if($gdpr_survey_settings['location'])
$temp_text .= $lang['srv_gdpr_intro_location'].', ';
if($gdpr_survey_settings['phone'])
$temp_text .= $lang['srv_gdpr_intro_phone'].', ';
if($gdpr_survey_settings['web'])
$temp_text .= $lang['srv_gdpr_intro_web'].', ';
if($gdpr_survey_settings['other'])
$temp_text .= $lang['srv_gdpr_intro_other'].' - '.$gdpr_survey_settings['other_text'].', ';
$result[0]['text'][2] .= ' '.substr(ucfirst(strtolower($temp_text)), 0,-2).'';
// UPORABA IN HRAMBA PODATKOV
$result[1]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text2_1'];
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text2_2'];
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text2_3'];
$result[1]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text2_4'];
if($gdpr_survey_settings['expire'] == '1' && $gdpr_survey_settings['expire_text'] != '')
$result[1]['text'][2] .= ' '.$gdpr_survey_settings['expire_text'].'.';
else
$result[1]['text'][2] .= ' '.$lang['srv_gdpr_survey_gdpr_about_text2_5'].'';
// UPORABNIKI OSEBNI PODATKOV
$result[2]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text3_1'];
$result[2]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text3_2'];
if($gdpr_survey_settings['other_users'] == '1' && $gdpr_survey_settings['other_users_text'] != '')
$result[2]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text3_32'].' '.$gdpr_survey_settings['other_users_text'].'. ';
else
$result[2]['text'][1] = ''.$lang['srv_gdpr_survey_gdpr_about_text3_31'].'.';
$result[2]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text3_4'];
// IZNOS PODATKOV V TRETJE DRŽAVE
$result[3]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text4_1'];
if($gdpr_survey_settings['export'] == '1'){
$result[3]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text4_22'].' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_2'].' '.$gdpr_survey_settings['export_country'].' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_3'];
$result[3]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text4_22_4'].' '.$gdpr_survey_settings['export_user'].'';
$result[3]['text'][1] = ' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_5'].' '.$gdpr_survey_settings['export_legal'].'.';
}
else{
$result[3]['text'][0] = ''.$lang['srv_gdpr_survey_gdpr_about_text4_21'].'';
}
// PODATKI O POOBLAŠČENI OSEBI ZA VARSTVO OSEBNIH PODATKOV
$result[4]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text5_1'];
if($gdpr_survey_settings['authorized'] == ''){
// Zasebnik brez DPO
if($gdpr_settings['type'] == '0' && $gdpr_settings['has_dpo'] == '0'){
// DPO mail je enak navadnemu mailu, ki ga je vnesel v splosnih nastavitvah
if($gdpr_settings['email'] != ''){
$gdpr_authorized = $gdpr_settings['email'];
}
// Ce ga ni vnesel, je DPO mail enak mailu avtorja ankete
else{
$gdpr_authorized = User::getInstance()->primaryEmail();
}
}
// Zasebnik z DPO ali organizacija
else{
// DPO mail je enak DPO mailu, ki ga je vnesel v splosnih nastavitvah
if($gdpr_settings['dpo_email'] != ''){
$gdpr_authorized = $gdpr_settings['dpo_email'];
}
// Ce ga ni vnesel, je DPO mail enak splosnemu mailu oz. mailu avtorja ankete
else{
if($gdpr_settings['email'] != '')
$gdpr_authorized = $gdpr_settings['email'];
else
$gdpr_authorized = User::getInstance()->primaryEmail();
}
}
}
else{
$gdpr_authorized = $gdpr_survey_settings['authorized'];
}
$result[4]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text5_2'].' '.$gdpr_authorized.'';
// ZAVAROVANJE PODATKOV
$result[5]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text6_1'];
$result[5]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text6_2'];
// IZBRIS, SPREMEMBA ALI VPOGLED DO OSEBNIH ANKETNIH PODATKOV
$result[6]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text7_1'];
$result[6]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text7_2'];
$result[6]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text7_3'];
if($gdpr_survey_settings['contact_email'] != ''){
$result[6]['text'][1] .= ' '.$gdpr_survey_settings['contact_email'].'. ';
}
elseif($gdpr_settings['email'] != ''){
$result[6]['text'][1] .= ' '.$gdpr_settings['email'].'. ';
}
else{
$sql = sisplet_query("SELECT email FROM users WHERE id = '$global_user_id'");
$row = mysqli_fetch_array($sql);
$result[6]['text'][1] .= ' '.$row['email'].'. ';
}
$result[6]['text'][1] .= $lang['srv_gdpr_survey_gdpr_about_text7_3_2'];
$result[6]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text7_4'];
// OPOMBA
if($gdpr_survey_settings['note'] != ''){
$result[7]['heading'] = $lang['note'];
$result[7]['text'][0] = ''.$gdpr_survey_settings['note'].'';
}
return $result;
}
// Vrnemo celoten gdpr text za evidencov obliki array-a
public static function getGDPREvidencaArray($ank_id){
global $global_user_id;
global $lang;
$gdpr_settings = self::getUserSettings();
$gdpr_survey_settings = self::getSurveySettings($ank_id);
$result = array();
$result[0]['heading'] = 'I. '.$lang['srv_gdpr_survey_gdpr_evidenca_text1'];
$result[0]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text1_1'];
$result[1]['heading'] = 'II. '.$lang['srv_gdpr_survey_gdpr_evidenca_text2'];
if($gdpr_settings['type'] == '1'){
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_1'].': ';
$result[1]['text'][0] .= ''.$gdpr_settings['organization'].'';
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_2'].': ';
$result[1]['text'][1] .= ''.$gdpr_settings['address'].'';
$result[1]['text'][2] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_3'].': ';
$result[1]['text'][2] .= ''.$gdpr_settings['organization_maticna'].'';
}
else{
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_1'].': ';
$result[1]['text'][0] .= ''.$gdpr_settings['firstname'].' '.$gdpr_settings['lastname'].'';
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_2'].': ';
$result[1]['text'][1] .= ''.$gdpr_settings['address'].'';
}
$result[2]['heading'] = 'III.'.$lang['srv_gdpr_survey_gdpr_evidenca_text3'];
$result[2]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text3_1'];
$result[3]['heading'] = 'IV. '.$lang['srv_gdpr_survey_gdpr_evidenca_text4'];
$result[3]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text4_1'];
$result[4]['heading'] = 'V. '.$lang['srv_gdpr_survey_gdpr_evidenca_text5'];
$temp_text = '';
if($gdpr_survey_settings['name'])
$temp_text .= $lang['srv_gdpr_intro_name'].', ';
if($gdpr_survey_settings['email'])
$temp_text .= $lang['srv_gdpr_intro_email'].', ';
if($gdpr_survey_settings['location'])
$temp_text .= $lang['srv_gdpr_intro_location'].', ';
if($gdpr_survey_settings['phone'])
$temp_text .= $lang['srv_gdpr_intro_phone'].', ';
if($gdpr_survey_settings['web'])
$temp_text .= $lang['srv_gdpr_intro_web'].', ';
if($gdpr_survey_settings['other'])
$temp_text .= $lang['srv_gdpr_intro_other'].' - '.$gdpr_survey_settings['other_text'].', ';
$result[4]['text'][0] = ''.substr(ucfirst(strtolower($temp_text)), 0,-2).'';
$result[5]['heading'] = 'VI. '.$lang['srv_gdpr_survey_gdpr_evidenca_text6'];
$result[5]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text6_1'];
$result[5]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text6_2'];
$result[6]['heading'] = 'VII. '.$lang['srv_gdpr_survey_gdpr_evidenca_text7'];
$result[6]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text7_1'].' ';
if($gdpr_survey_settings['expire'] != '1')
$result[6]['text'][0] .= ''.$lang['srv_gdpr_survey_gdpr_evidenca_text7_2'].'';
else
$result[6]['text'][0] .= ''.$gdpr_survey_settings['expire_text'].'.';
$result[7]['heading'] = 'VIII. '.$lang['srv_gdpr_survey_gdpr_evidenca_text8'];
$result[7]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text8_1'];
$result[7]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text8_2'];
if($gdpr_survey_settings['other_users'] == '1')
$result[7]['text'][2] = ''.ucfirst($gdpr_survey_settings['other_users_text']).'';
$result[8]['heading'] = 'IX. '.$lang['srv_gdpr_survey_gdpr_evidenca_text9'];
if($gdpr_survey_settings['export'] == '1'){
$result[8]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text9_22'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_country'].'';
$result[8]['text'][0] .= $lang['srv_gdpr_survey_gdpr_evidenca_text9_23'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_user'].'';
$result[8]['text'][0] .= $lang['srv_gdpr_survey_gdpr_evidenca_text9_24'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_legal'].'.';
}
else{
$result[8]['text'][0] = ''.$lang['srv_gdpr_survey_gdpr_evidenca_text9_21'].'';
}
$result[9]['heading'] = 'X. '.$lang['srv_gdpr_survey_gdpr_evidenca_text10'];
$result[9]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text10_1'];
// OPOMBA
if($gdpr_survey_settings['note'] != ''){
$result[10]['heading'] = 'XI. '.$lang['note'];
$result[10]['text'][0] = $gdpr_survey_settings['note'];
}
return $result;
}
// Pretvorimo array v text za info oz. evidenco (html popup, textarea)
public static function getGDPRTextFromArray($text_array, $type='html'){
// Dolocimo line break glede na tip (html, pdf ali textarea)
if($type == 'textarea')
$br = '
';
else
$br = ' ';
// Loop po posameznih sklopih
foreach($text_array as $sklop){
// Naslov sklopa
$text .= ''.$sklop['heading'].''.$br;
// Loop po posameznih vrsticah
foreach($sklop['text'] as $vrstica){
$text .= $br.$vrstica.$br;
}
$text .= $br.$br;
}
if($type == 'textarea'){
$text = str_replace('', '', $text);
$text = str_replace('', '', $text);
}
return $text;
}
// Pridobimo avtorja raziskave
public static function getResearchAuthor($ank_id, $gdpr_settings, $gdpr_survey_settings){
global $global_user_id;
$author = '';
// Email avtorja - najprej se pogleda ce je nastavljen GDPR na anketi, potem se povlece splosnega iz GDPR na koncu pa avtor maila
if($gdpr_survey_settings['contact_email'] != ''){
$author = ' '.$gdpr_survey_settings['contact_email'];
}
elseif($gdpr_settings['email'] != ''){
$author = ' '.$gdpr_settings['email'];
}
else{
$sql = sisplet_query("SELECT email FROM users WHERE id = '$global_user_id'");
$row = mysqli_fetch_array($sql);
$author = ' '.$row['email'];
}
// Podjetje ce je nastavljeno v GDPR nastavitvah
if($gdpr_settings['type'] == '1' && $gdpr_settings['organization'] != ''){
$author .= ' ('.$gdpr_settings['organization'].').';
}
else{
$author .= '.';
}
return $author;
}
// Funkcije ajaxa
public function ajax() {
global $lang;
global $global_user_id;
global $site_url;
if (isset ($_POST['ank_id']))
$ank_id = $_POST['ank_id'];
if (isset ($_POST['what']))
$what = $_POST['what'];
if (isset ($_POST['value']))
$value = $_POST['value'];
// Urejanje gdpr nastavitve za userja
if($_GET['a'] == 'gdpr_edit_user'){
$error = array();
$firstname = isset($_POST['firstname']) ? $_POST['firstname'] : '';
$lastname = isset($_POST['lastname']) ? $_POST['lastname'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$type = isset($_POST['type']) ? $_POST['type'] : '0';
$has_dpo = isset($_POST['has_dpo']) ? $_POST['has_dpo'] : '0';
$organization = isset($_POST['organization']) ? $_POST['organization'] : '';
$organization_maticna = isset($_POST['organization_maticna']) ? $_POST['organization_maticna'] : '';
//$organization_davcna = isset($_POST['organization_davcna']) ? $_POST['organization_davcna'] : '';
$dpo_firstname = isset($_POST['dpo_firstname']) ? $_POST['dpo_firstname'] : '';
$dpo_lastname = isset($_POST['dpo_lastname']) ? $_POST['dpo_lastname'] : '';
$dpo_email = isset($_POST['dpo_email']) ? $_POST['dpo_email'] : '';
$dpo_phone = isset($_POST['dpo_phone']) ? $_POST['dpo_phone'] : '';
$address = isset($_POST['address']) ? $_POST['address'] : '';
$country = isset($_POST['country']) ? $_POST['country'] : '';
// Dodatno preverimo ce gre za veljavna maila
if($email != '' && !validEmail($email)){
$email = '';
$error['email'] = 1;
}
if($dpo_email != '' && !validEmail($dpo_email)){
$dpo_email = '';
$error['dpo_email'] = 1;
}
$sql = sisplet_query("INSERT INTO srv_gdpr_user
(usr_id,
type,
has_dpo,
organization,
organization_maticna,
dpo_firstname,
dpo_lastname,
dpo_email,
dpo_phone,
firstname,
lastname,
email,
phone,
address,
country)
VALUES
('".$global_user_id."',
'".$type."',
'".$has_dpo."',
'".$organization."',
'".$organization_maticna."',
'".$dpo_firstname."',
'".$dpo_lastname."',
'".$dpo_email."',
'".$dpo_phone."',
'".$firstname."',
'".$lastname."',
'".$email."',
'".$phone."',
'".$address."',
'".$country."')
ON DUPLICATE KEY UPDATE
type='".$type."',
has_dpo='".$has_dpo."',
organization='".$organization."',
organization_maticna='".$organization_maticna."',
dpo_firstname='".$dpo_firstname."',
dpo_lastname='".$dpo_lastname."',
dpo_email='".$dpo_email."',
dpo_phone='".$dpo_phone."',
firstname='".$firstname."',
lastname='".$lastname."',
email='".$email."',
phone='".$phone."',
address='".$address."',
country='".$country."'");
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
self::displayGDPRUser($error);
}
// Prikaz ustrezne gdpr avtoritetec
if($_GET['a'] == 'gdpr_edit_authority'){
$country = isset($_POST['country']) ? $_POST['country'] : '';
self::displayGDPRAuthority($country);
}
// Nastavljanje ankete da je gdpr
elseif($_GET['a'] == 'gdpr_add_anketa'){
if($ank_id != '' && $ank_id != '0'){
if($value == '1')
$sql = sisplet_query("INSERT INTO srv_gdpr_anketa (ank_id) VALUES ('".$ank_id."')");
else
$sql = sisplet_query("DELETE FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
}
self::displayGDPRSurveyList();
}
// Urejanje gdpr nastavitve za userja
if($_GET['a'] == 'gdpr_edit_anketa'){
if($ank_id != '' && $ank_id != '0'){
$is_gdpr = isset($_POST['is_gdpr']) ? $_POST['is_gdpr'] : '0';
// Vklopimo gdpr
if($is_gdpr == '1'){
$name = isset($_POST['name']) ? $_POST['name'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$location = isset($_POST['location']) ? $_POST['location'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$web = isset($_POST['web']) ? $_POST['web'] : '';
$other = isset($_POST['other']) ? $_POST['other'] : '';
$other_text = isset($_POST['other_text']) ? $_POST['other_text'] : '';
$template_1ka = isset($_POST['1ka_template']) ? $_POST['1ka_template'] : '';
$about = (isset($_POST['about'])) ? $_POST['about'] : '';
$expire = isset($_POST['expire']) ? $_POST['expire'] : '';
$expire_text = isset($_POST['expire_text']) ? $_POST['expire_text'] : '';
$other_users = isset($_POST['other_users']) ? $_POST['other_users'] : '';
$other_users_text = isset($_POST['other_users_text']) ? $_POST['other_users_text'] : '';
$export = isset($_POST['export']) ? $_POST['export'] : '';
$export_country = isset($_POST['export_country']) ? $_POST['export_country'] : '';
$export_user = isset($_POST['export_user']) ? $_POST['export_user'] : '';
$export_legal = isset($_POST['export_legal']) ? $_POST['export_legal'] : '';
$authorized = isset($_POST['authorized']) ? $_POST['authorized'] : '';
$contact_email = isset($_POST['contact_email']) ? $_POST['contact_email'] : '';
$note = isset($_POST['note']) ? $_POST['note'] : '';
$sql = sisplet_query("INSERT INTO srv_gdpr_anketa (
ank_id,
1ka_template,
name,
email,
location,
phone,
web,
other,
other_text,
about,
expire,
expire_text,
other_users,
other_users_text,
export,
export_user,
export_country,
export_legal,
authorized,
contact_email,
note
)
VALUES (
'".$ank_id."',
'".$template_1ka."',
'".$name."',
'".$email."',
'".$location."',
'".$phone."',
'".$web."',
'".$other."',
'".$other_text."',
'".$about."',
'".$expire."',
'".$expire_text."',
'".$other_users."',
'".$other_users_text."',
'".$export."',
'".$export_user."',
'".$export_country."',
'".$export_legal."',
'".$authorized."',
'".$contact_email."',
'".$note."'
)
ON DUPLICATE KEY UPDATE
1ka_template='".$template_1ka."',
name='".$name."',
email='".$email."',
location='".$location."',
phone='".$phone."',
web='".$web."',
other='".$other."',
other_text='".$other_text."',
about='".$about."',
expire='".$expire."',
expire_text='".$expire_text."',
other_users='".$other_users."',
other_users_text='".$other_users_text."',
export='".$export."',
export_user='".$export_user."',
export_country='".$export_country."',
export_legal='".$export_legal."',
authorized='".$authorized."',
contact_email='".$contact_email."',
note='".$note."'"
);
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
// Dodatno prikazemo uvod in zakljucek ce se uporablja 1ka template
if($template_1ka == '1'){
$sqlA = sisplet_query("UPDATE srv_anketa SET show_intro='1', show_concl='1' WHERE id='".$ank_id."'");
}
}
// Izklopimo gdpr - pobrisemo nastavitve
else{
$sql = sisplet_query("DELETE FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
}
}
}
// Prikaz preview-ja gdpr uvoda
if($_GET['a'] == 'gdpr_preview_intro'){
if($ank_id != '' && $ank_id != '0'){
echo '