moodle/mod/survey/save.php

<?php // $Id$

    require_once('../../config.php');
    require_once('lib.php');


// Make sure this is a legitimate posting

    if (!$formdata = data_submitted()) {
        print_error('cannotcallscript');
    }

    $id = required_param('id', PARAM_INT);    // Course Module ID

    if (! $cm = get_coursemodule_from_id('survey', $id)) {
        print_error('invalidcoursemodule');
    }

    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
        print_error('coursemisconf');
    }

    require_login($course->id, false, $cm);
    
    $context = get_context_instance(CONTEXT_MODULE, $cm->id);
    require_capability('mod/survey:participate', $context);
    
    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
        print_error('invalidsurveyid', 'survey');
    }

    add_to_log($course->id, "survey", "submit", "view.php?id=$cm->id", "$survey->id", "$cm->id");

    $strsurveysaved = get_string('surveysaved', 'survey');

    $navigation = build_navigation('', $cm);
    print_header_simple("$strsurveysaved", "", $navigation, "");


    if (survey_already_done($survey->id, $USER->id)) {
        notice(get_string("alreadysubmitted", "survey"), $_SERVER["HTTP_REFERER"]);
        exit;
    }


// Sort through the data and arrange it
// This is necessary because some of the questions
// may have two answers, eg Question 1 -> 1 and P1

    $answers = array();

    foreach ($formdata as $key => $val) {
        if ($key <> "userid" && $key <> "id") {
            if ( substr($key,0,1) == "q") {
                $key = clean_param(substr($key,1), PARAM_ALPHANUM);   // keep everything but the 'q', number or Pnumber
            }
            if ( substr($key,0,1) == "P") {
                $realkey = (int) substr($key,1);
                $answers[$realkey][1] = $val;
            } else {
                $answers[$key][0] = $val;
            }
        }
    }


// Now store the data.

    $timenow = time();
    foreach ($answers as $key => $val) {

        $newdata->time = $timenow;
        $newdata->userid = $USER->id;
        $newdata->survey = $survey->id;
        $newdata->question = $key;
        if (!empty($val[0])) {
            $newdata->answer1 = $val[0];
        } else {
            $newdata->answer1 = "";
        }
        if (!empty($val[1])) {
            $newdata->answer2 = $val[1];
        } else {
            $newdata->answer2 = "";
        }

        if (! $DB->insert_record("survey_answers", $newdata)) {
            print_error('cannotinsertanswer', 'survey');
        }
    }

// Print the page and finish up.

    notice(get_string("thanksforanswers","survey", $USER->firstname), "$CFG->wwwroot/course/view.php?id=$course->id");

    exit;


?>
fixed capitalization and quoting of attribute values 2004-09-12 17:34:35 +00:00			`<?php // $Id$`
Initial revision 2001-11-22 06:23:56 +00:00
All modules are now suitable for the site page. They now all follow the same rules, namely that any students enrolled in at least one course is considered to be a student on the site. All the page headers work correctly also on the site course. On the site page the modules don't require login unless necessary or required by $CFG->forcelogin. 2004-08-22 14:38:47 +00:00			`require_once('../../config.php');`
			`require_once('lib.php');`
Initial revision 2001-11-22 06:23:56 +00:00

			`// Make sure this is a legitimate posting`

MDL-15189 magic quotes finally removed 2008-06-09 16:53:30 +00:00			`if (!$formdata = data_submitted()) {`
"MDL-14129, fix print_error" 2008-06-15 09:14:55 +00:00			`print_error('cannotcallscript');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

fixed script parameters + some warnings SC#150; merged from MOODLE_15_STABLE 2005-10-29 16:45:58 +00:00			`$id = required_param('id', PARAM_INT); // Course Module ID`

new function get_coursemodule_from_id() is now used for obtaining of valid $cm from coursemodule id SC#283 2006-08-08 22:09:55 +00:00			`if (! $cm = get_coursemodule_from_id('survey', $id)) {`
"MDL-14129, fix print_error" 2008-06-15 09:14:55 +00:00			`print_error('invalidcoursemodule');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

MDL-15116 survery dml conversion 2008-06-08 14:43:39 +00:00			`if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {`
"MDL-14129, fix print_error" 2008-06-15 09:14:55 +00:00			`print_error('coursemisconf');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00			`require_login($course->id, false, $cm);`
ROLES AND PERMISSIONS - FIRST CHECK-IN ======================================= WARNING: DEV IS CURRENTLY VERY UNSTABLE. This is a mega-checkin of the new Roles system. A lot of changes have been made in core and modules. Currently there are a lot of rough edges and known problems. We are working hard on these .. .the reason for getting this into HEAD at this stage is enable us to move faster (our branch was diverging from HEAD too much). Please keep an eye on http://docs.moodle.org/en/Roles for current status and information for developers on how to use the new Roles system. 2006-08-08 05:13:06 +00:00
Removed tabs 2006-08-09 13:39:44 +00:00			`$context = get_context_instance(CONTEXT_MODULE, $cm->id);`
SWEEPING CLEANUP The API was changed slightly so that has_capability now takes the whole $context object (we almost always have it anyway) The $kill thing was removed. If you want to assert a capability then use: require_capability('capname', $context); with optional variables to modify the error message Misc bugs here and there also removed and code tidied 2006-08-14 05:55:40 +00:00			`require_capability('mod/survey:participate', $context);`
ROLES AND PERMISSIONS - FIRST CHECK-IN ======================================= WARNING: DEV IS CURRENTLY VERY UNSTABLE. This is a mega-checkin of the new Roles system. A lot of changes have been made in core and modules. Currently there are a lot of rough edges and known problems. We are working hard on these .. .the reason for getting this into HEAD at this stage is enable us to move faster (our branch was diverging from HEAD too much). Please keep an eye on http://docs.moodle.org/en/Roles for current status and information for developers on how to use the new Roles system. 2006-08-08 05:13:06 +00:00
MDL-15116 survery dml conversion 2008-06-08 14:43:39 +00:00			`if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {`
"MDL-14129, fix print_error" 2008-06-15 09:14:55 +00:00			`print_error('invalidsurveyid', 'survey');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`

Added missing cmid parameter when calling add_to_log() function. 2004-02-16 19:31:26 +00:00			`add_to_log($course->id, "survey", "submit", "view.php?id=$cm->id", "$survey->id", "$cm->id");`
Initial revision 2001-11-22 06:23:56 +00:00
MDL-14980 missing strsurveysaved when saving 2008-05-25 14:24:24 +00:00			`$strsurveysaved = get_string('surveysaved', 'survey');`

			`$navigation = build_navigation('', $cm);`
Breadcrumbs: mod/survey changes - Modified to use build_navigation() for breadcrumb generation. Author: Matt Clarkson <mattc@catalyst.net.nz> 2007-04-16 21:29:42 +00:00			`print_header_simple("$strsurveysaved", "", $navigation, "");`


Initial revision 2001-11-22 06:23:56 +00:00			`if (survey_already_done($survey->id, $USER->id)) {`
OK a number of small changes here. Firstly, I'm replacing all use of old-style global variables like $HTTY_REFERER with their new-style equivalent $_SERVER["HTTP_REFERER"] Also using $_POST instead $HTTP_POST_VARS etc Secondly, if gdversion == 0 (ie GD is not installed) then: - users are not even allowed to upload new images - graphs now just print a message instead of failing. this allows Moodle to still be used even if GD is not present 2003-01-05 06:45:20 +00:00			`notice(get_string("alreadysubmitted", "survey"), $_SERVER["HTTP_REFERER"]);`
Initial revision 2001-11-22 06:23:56 +00:00			`exit;`
			`}`


			`// Sort through the data and arrange it`
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00			`// This is necessary because some of the questions`
Initial revision 2001-11-22 06:23:56 +00:00			`// may have two answers, eg Question 1 -> 1 and P1`

In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00			`$answers = array();`
Initial revision 2001-11-22 06:23:56 +00:00
OK a number of small changes here. Firstly, I'm replacing all use of old-style global variables like $HTTY_REFERER with their new-style equivalent $_SERVER["HTTP_REFERER"] Also using $_POST instead $HTTP_POST_VARS etc Secondly, if gdversion == 0 (ie GD is not installed) then: - users are not even allowed to upload new images - graphs now just print a message instead of failing. this allows Moodle to still be used even if GD is not present 2003-01-05 06:45:20 +00:00			`foreach ($formdata as $key => $val) {`
Initial revision 2001-11-22 06:23:56 +00:00			`if ($key <> "userid" && $key <> "id") {`
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00			`if ( substr($key,0,1) == "q") {`
fixed some long standing and some new problems and SC#249, please consider backporting into STABLE 2006-04-27 21:30:18 +00:00			`$key = clean_param(substr($key,1), PARAM_ALPHANUM); // keep everything but the 'q', number or Pnumber`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
			`if ( substr($key,0,1) == "P") {`
fixed some long standing and some new problems and SC#249, please consider backporting into STABLE 2006-04-27 21:30:18 +00:00			`$realkey = (int) substr($key,1);`
Initial revision 2001-11-22 06:23:56 +00:00			`$answers[$realkey][1] = $val;`
			`} else {`
			`$answers[$key][0] = $val;`
			`}`
			`}`
			`}`
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00
Initial revision 2001-11-22 06:23:56 +00:00
			`// Now store the data.`

			`$timenow = time();`
			`foreach ($answers as $key => $val) {`
Changes to use new database stuff 2002-12-23 05:57:05 +00:00
			`$newdata->time = $timenow;`
Changes throughout Moodle to remove any reserved words from the Moodle tables. ie user -> userid in many tables, plus in user_students start -> starttime and end -> endtime I've just done all this as carefully as I could ... I don't think I missed anything but it's pretty intensive work and I'd be fooling myself if I didn't think I'd missed a couple. Note that this version should pretty much be able to bootstrap itself using PostgreSQL now ... but this is untested 2002-12-23 09:39:26 +00:00			`$newdata->userid = $USER->id;`
Changes to use new database stuff 2002-12-23 05:57:05 +00:00			`$newdata->survey = $survey->id;`
			`$newdata->question = $key;`
Robustness fixes 2003-01-06 14:01:56 +00:00			`if (!empty($val[0])) {`
			`$newdata->answer1 = $val[0];`
			`} else {`
			`$newdata->answer1 = "";`
			`}`
			`if (!empty($val[1])) {`
			`$newdata->answer2 = $val[1];`
			`} else {`
			`$newdata->answer2 = "";`
			`}`
Changes to use new database stuff 2002-12-23 05:57:05 +00:00
MDL-15116 survery dml conversion 2008-06-08 14:43:39 +00:00			`if (! $DB->insert_record("survey_answers", $newdata)) {`
"MDL-14129, fix print_error" 2008-06-15 09:14:55 +00:00			`print_error('cannotinsertanswer', 'survey');`
Initial revision 2001-11-22 06:23:56 +00:00			`}`
			`}`

			`// Print the page and finish up.`

Language fixes 2002-08-12 17:54:13 +00:00			`notice(get_string("thanksforanswers","survey", $USER->firstname), "$CFG->wwwroot/course/view.php?id=$course->id");`
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00
Initial revision 2001-11-22 06:23:56 +00:00			`exit;`
In order to ensure that when a teacher hides a resource or an activity that students really can't get at it, even if they know the direct links to its pages, I have given an optional third argument $cm to the functions require_login() and require_course_login(). Pages showing information about a particular course module now pass the course module object in this third argument. The login functions will then test if either the course module is visible or the user is a teacher. If neither is the case then the user is redirected to the course homepage after being shown a message "Sorry, this activity is currently hidden". (While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests) 2005-02-16 10:40:48 +00:00
Initial revision 2001-11-22 06:23:56 +00:00
			`?>`