, Ghent University: cleanup, refactoring and rewriting large parts of the code * @author Julio Montoya Chamilo: cleanup, refactoring, security improvements * @version $Id: survey_invite.php 10680 2007-01-11 21:26:23Z pcool $ * * @todo checking if the additional emails are valid (or add a rule for this) * @todo check if the mailtext contains the **link** part, if not, add the link to the end * @todo add rules: title and text cannot be empty */ // Language file that needs to be included $language_file = 'survey'; // Including the global initialization file require '../inc/global.inc.php'; // Including additional libraries require_once 'survey.lib.php'; require_once api_get_path(LIBRARY_PATH).'course.lib.php'; require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php'; require_once api_get_path(LIBRARY_PATH).'mail.lib.inc.php'; $this_section = SECTION_COURSES; if (!api_is_allowed_to_edit(false, true)) { Display :: display_header(get_lang('ToolSurvey')); Display :: display_error_message(get_lang('NotAllowed'), false); Display :: display_footer(); exit; } // Database table definitions $table_survey = Database :: get_course_table(TABLE_SURVEY); $table_survey_question = Database :: get_course_table(TABLE_SURVEY_QUESTION); $table_survey_question_option = Database :: get_course_table(TABLE_SURVEY_QUESTION_OPTION); $table_course = Database :: get_main_table(TABLE_MAIN_COURSE); $table_user = Database :: get_main_table(TABLE_MAIN_USER); $user_info = Database::get_main_table(TABLE_MAIN_SURVEY_REMINDER); // TODO: To be checked. TABLE_MAIN_SURVEY_REMINDER has not been defined. // Getting the survey information $survey_id = Security::remove_XSS($_GET['survey_id']); $survey_data = survey_manager::get_survey($survey_id); if (empty($survey_data)) { Display :: display_header(get_lang('ToolSurvey')); Display :: display_error_message(get_lang('InvallidSurvey'), false); Display :: display_footer(); exit; } $urlname = strip_tags(api_substr(api_html_entity_decode($survey_data['title'], ENT_QUOTES), 0, 40)); if (api_strlen(strip_tags($survey_data['title'])) > 40) { $urlname .= '...'; } // Breadcrumbs $interbreadcrumb[] = array('url' => 'survey_list.php', 'name' => get_lang('SurveyList')); if (api_is_course_admin()) { $interbreadcrumb[] = array('url' => 'survey.php?survey_id='.$survey_id, 'name' => $urlname); } else { $interbreadcrumb[] = array('url' => 'survey_invite.php?survey_id='.$survey_id, 'name' => $urlname); } $tool_name = get_lang('SurveyPublication'); // Displaying the header Display::display_header($tool_name,'Survey'); // Checking if there is another survey with this code. // If this is the case there will be a language choice $sql = "SELECT * FROM $table_survey WHERE code='".Database::escape_string($survey_data['code'])."'"; $result = Database::query($sql); if (Database::num_rows($result) > 1) { Display::display_warning_message(get_lang('IdenticalSurveycodeWarning')); } // Invited / answered message if ($survey_data['invited'] > 0) { $message = ''.$survey_data['answered'].' '; $message .= get_lang('HaveAnswered').' '; $message .= ''.$survey_data['invited'].' '; $message .= get_lang('WereInvited'); Display::display_normal_message($message, false); } // Building the form for publishing the survey $form = new FormValidator('publish_form', 'post', api_get_self().'?survey_id='.$survey_id); $form->addElement('header', '', $tool_name); // Course users $complete_user_list = CourseManager :: get_user_list_from_course_code($_course['id'], true, $_SESSION['id_session'], '', api_sort_by_first_name() ? 'ORDER BY firstname' : 'ORDER BY lastname'); $possible_users = array(); foreach ($complete_user_list as $index => & $user) { $possible_users[$user['user_id']] = api_get_person_name($user['firstname'], $user['lastname']); } $users = $form->addElement('advmultiselect', 'course_users', get_lang('CourseUsers'), $possible_users, 'style="width: 250px; height: 200px;"'); $users->setElementTemplate(' {javascript}
{label_2} | {label_3} | |
---|---|---|
{unselected} | {add} {remove} |
{selected} |