[svn r16249] improve survey tool handling with sessions FS#2743

main/inc/lib/add_course.lib.inc.php

@@ -1448,11 +1448,14 @@ function update_Db_course($courseDbName)
 			  parent_id int unsigned NOT NULL, 
 			  survey_type int NOT NULL default 0,
 			  show_form_profile int NOT NULL default 0,
-			  form_fields TEXT NOT NULL,			  		
+			  form_fields TEXT NOT NULL,	
+			  session_id SMALLINT unsigned NOT NULL default 0,		  		
 			  PRIMARY KEY  (survey_id)
 			)";
 
 	$result = api_sql_query($sql,__FILE__,__LINE__) or die(mysql_error($sql));
+	$sql = "ALTER TABLE `".$TABLESURVEY."` ADD INDEX ( session_id )";
+	api_sql_query($sql,__FILE__,__LINE__);
 	/*
 	if(!api_sql_query($sql))
 	{

main/install/migrate-db-1.8.5-1.8.6-pre.sql

@@ -64,3 +64,5 @@ ALTER TABLE calendar_event ADD session_id SMALLINT UNSIGNED NOT NULL default 0 ;
 ALTER TABLE calendar_event ADD INDEX ( session_id ) ;
 ALTER TABLE group_info ADD session_id SMALLINT UNSIGNED NOT NULL DEFAULT 0;
 ALTER TABLE group_info ADD INDEX ( session_id ) ;
+ALTER TABLE survey ADD session_id SMALLINT UNSIGNED NOT NULL DEFAULT 0;
+ALTER TABLE survey ADD INDEX ( session_id ) ;

main/survey/create_new_survey.php

@@ -25,7 +25,7 @@
 * 	@author unknown, the initial survey that did not make it in 1.8 because of bad code
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts (if not all) of the code
 *	@author Julio Montoya Armas <gugli100@gmail.com>, Dokeos: Personality Test modification and rewriting large parts of the code
-* 	@version $Id: create_new_survey.php 16047 2008-08-21 22:52:00Z juliomontoya $
+* 	@version $Id: create_new_survey.php 16249 2008-09-05 15:46:31Z elixir_inter $
 *
 * 	@todo only the available platform languages should be used => need an api get_languages and and api_get_available_languages (or a parameter)
 */
@@ -56,7 +56,7 @@ $table_course 				= Database :: get_main_table(TABLE_MAIN_COURSE);
 $table_course_survey_rel 	= Database :: get_main_table(TABLE_MAIN_COURSE_SURVEY);
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit())
+if (!api_is_allowed_to_edit(false,true))
 {
 	Display :: display_header();
 	Display :: display_error_message(get_lang('NotAllowed'), false);

main/survey/question.php

@@ -23,7 +23,7 @@
 *	@package dokeos.survey
 * 	@author unknown, the initial survey that did not make it in 1.8 because of bad code
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
-* 	@version $Id: question.php 15880 2008-07-31 19:58:31Z yannoo $
+* 	@version $Id: question.php 16249 2008-09-05 15:46:31Z elixir_inter $
 */
 
 // name of the language file that needs to be included
@@ -37,7 +37,7 @@ require ('../inc/global.inc.php');
 require_once('survey.lib.php');
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit())
+if (!api_is_allowed_to_edit(false,true))
 {
 	Display :: display_header();
 	Display :: display_error_message(get_lang('NotAllowed'), false);

main/survey/reporting.php

@@ -24,7 +24,7 @@
 *	@package dokeos.survey
 * 	@author unknown, the initial survey that did not make it in 1.8 because of bad code
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
-* 	@version $Id: reporting.php 15556 2008-06-11 20:53:01Z juliomontoya $
+* 	@version $Id: reporting.php 16249 2008-09-05 15:46:31Z elixir_inter $
 *
 * 	@todo The question has to be more clearly indicated (same style as when filling the survey)
 */
@@ -91,7 +91,7 @@ require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 SurveyUtil::check_parameters();
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit())
+if (!api_is_allowed_to_edit(false,true))
 {
 	Display :: display_header(get_lang('Survey'));
 	Display :: display_error_message(get_lang('NotAllowed'), false);

main/survey/survey.lib.php

@@ -24,7 +24,7 @@
 *	@package dokeos.survey
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts (if not all) of the code
 	@author Julio Montoya Armas <gugli100@gmail.com>, Dokeos: Personality Test modification and rewriting large parts of the code
-* 	@version $Id: survey.lib.php 16101 2008-08-28 08:52:29Z elixir_julian $
+* 	@version $Id: survey.lib.php 16249 2008-09-05 15:46:31Z elixir_inter $
 *
 * 	@todo move this file to inc/lib
 * 	@todo use consistent naming for the functions (save vs store for instance)
@@ -221,7 +221,7 @@ class survey_manager
 				}
 			}
 			
-			$sql = "INSERT INTO $table_survey (code, title, subtitle, author, lang, avail_from, avail_till, is_shared, template, intro, surveythanks, creation_date, anonymous".$additional['columns'].") VALUES (
+			$sql = "INSERT INTO $table_survey (code, title, subtitle, author, lang, avail_from, avail_till, is_shared, template, intro, surveythanks, creation_date, anonymous".$additional['columns'].", session_id) VALUES (
 						'".Database::escape_string($values['survey_code'])."',
 						'".Database::escape_string($values['survey_title'])."',
 						'".Database::escape_string($values['survey_subtitle'])."',
@@ -234,7 +234,8 @@ class survey_manager
 						'".Database::escape_string($values['survey_introduction'])."',
 						'".Database::escape_string($values['survey_thanks'])."',
 						'".date('Y-m-d H:i:s')."',
-						'".Database::escape_string($values['anonymous'])."'".$additional['values']."
+						'".Database::escape_string($values['anonymous'])."'".$additional['values'].",
+						".intval($_SESSION['id_session'])."
 						)";
 			$result = api_sql_query($sql, __FILE__, __LINE__);
 			$survey_id = Database::insert_id();
@@ -4229,7 +4230,7 @@ class SurveyUtil {
 		$table->set_header(10, get_lang('Modify'), false,'width="120"');
 		$table->set_column_filter(9, 'anonymous_filter');
 		$table->set_column_filter(10, 'modify_filter');
-		if (!api_is_course_coach())
+		if (api_is_allowed_to_edit(false,true))
 			$table->set_form_actions(array ('delete' => get_lang('DeleteSurvey')));
 		$table->display();	
 	}
@@ -4248,10 +4249,10 @@ class SurveyUtil {
 	{
 		global $charset;
 		$survey_id = Security::remove_XSS($survey_id);
-		if (!api_is_course_coach())
+		if (!api_is_course_coach(false,true))
 			$return = '<a href="create_new_survey.php?'.api_get_cidreq().'&amp;action=edit&amp;survey_id='.$survey_id.'">'.Display::return_icon('edit.gif', get_lang('Edit')).'</a>';
 		
-		if (!api_is_course_coach())
+		if (!api_is_course_coach(false,true))
 			$return .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=delete&amp;survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("DeleteSurvey").'?',ENT_QUOTES,$charset)).'\')) return false;">'.Display::return_icon('delete.gif', get_lang('Delete')).'</a>';
 		//$return .= '<a href="create_survey_in_another_language.php?id_survey='.$survey_id.'">'.Display::return_icon('copy.gif', get_lang('Copy')).'</a>';
 		//$return .= '<a href="survey.php?survey_id='.$survey_id.'">'.Display::return_icon('add.gif', get_lang('Add')).'</a>';
@@ -4259,7 +4260,7 @@ class SurveyUtil {
 		$return .= '<a href="survey_invite.php?'.api_get_cidreq().'&amp;survey_id='.$survey_id.'">'.Display::return_icon('survey_publish.gif', get_lang('Publish')).'</a>';
 		$return .= '<a href="survey_list.php?'.api_get_cidreq().'&amp;action=empty&amp;survey_id='.$survey_id.'" onclick="javascript:if(!confirm(\''.addslashes(htmlentities(get_lang("EmptySurvey").'?')).'\')) return false;">'.Display::return_icon('empty.gif', get_lang('EmptySurvey')).'</a>';
 		
-		if (!api_is_course_coach())
+		if (!api_is_course_coach(false,true))
 			$return .= '<a href="reporting.php?'.api_get_cidreq().'&amp;survey_id='.$survey_id.'">'.Display::return_icon('statistics.gif', get_lang('Reporting')).'</a>';
 		return $return;
 	}
@@ -4363,6 +4364,9 @@ class SurveyUtil {
 		{
 			$search_restriction = ' AND '.$search_restriction;
 		}
+		
+		$session_condition = intval($_SESSION['id_session'])==0 ? '' : ' AND survey.session_id IN(0,'.intval($_SESSION['id_session']).') '; 
+		
 		//IF(is_shared<>0,'V','-')	 					AS col6,
 		$sql = "SELECT
 					survey.survey_id							AS col0,
@@ -4380,6 +4384,7 @@ class SurveyUtil {
 				 LEFT JOIN $table_survey_question survey_question ON survey.survey_id = survey_question.survey_id
 	             , $table_user user
 	             WHERE survey.author = user.user_id
+				$session_condition
 	             $search_restriction
 	             ";
 		$sql .= " GROUP BY survey.survey_id";

main/survey/survey.php

@@ -24,7 +24,7 @@
 *	@package dokeos.survey
 * 	@author unknown
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
-* 	@version $Id: survey.php 15880 2008-07-31 19:58:31Z yannoo $
+* 	@version $Id: survey.php 16249 2008-09-05 15:46:31Z elixir_inter $
 *
 * 	@todo use quickforms for the forms
 */
@@ -41,7 +41,7 @@ require_once('survey.lib.php');
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit())
+if (!api_is_allowed_to_edit(false,true))
 {
 	Display :: display_header(get_lang('Survey'));
 	Display :: display_error_message(get_lang('NotAllowed'), false);

main/survey/survey_invitation.php

@@ -39,7 +39,7 @@ require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'
 require_once (api_get_path(LIBRARY_PATH)."mail.lib.inc.php");
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit())
+if (!api_is_allowed_to_edit(false,true))
 {
 	Display :: display_header(get_lang('Survey'));
 	Display :: display_error_message(get_lang('NotAllowed'), false);

main/survey/survey_list.php

@@ -26,7 +26,7 @@
 * 	@author unknown, the initial survey that did not make it in 1.8 because of bad code
 * 	@author Patrick Cool <patrick.cool@UGent.be>, Ghent University: cleanup, refactoring and rewriting large parts of the code
 *	@author Julio Montoya Armas <gugli100@gmail.com>, Dokeos: Personality Test modification and rewriting large parts of the code
-* 	@version $Id: survey_list.php 16046 2008-08-21 22:24:17Z juliomontoya $
+* 	@version $Id: survey_list.php 16249 2008-09-05 15:46:31Z elixir_inter $
 *
 * 	@todo use quickforms for the forms
 */
@@ -43,7 +43,7 @@ require_once('survey.lib.php');
 require_once (api_get_path(LIBRARY_PATH)."/course.lib.php");
 
 /** @todo this has to be moved to a more appropriate place (after the display_header of the code)*/
-if (!api_is_allowed_to_edit(false,true)) //coach can see this 
+if (!api_is_allowed_to_edit(false,true)) //users only see a list of surveys
 {
 	Display :: display_header(get_lang('SurveyList'));
 	SurveyUtil::survey_list_user($_user['user_id']);
@@ -137,7 +137,7 @@ if ($_POST['action'])
 	}
 }
 
-if (!api_is_course_coach())
+if (api_is_allowed_to_edit(false,true))
 {
 	// Action links
 	echo '<a href="create_new_survey.php?'.api_get_cidreq().'&amp;action=add">'.get_lang('CreateNewSurvey').'</a> | ';