diff options
author | Anton Luka Šijanec <anton@sijanec.eu> | 2024-05-27 13:08:29 +0200 |
---|---|---|
committer | Anton Luka Šijanec <anton@sijanec.eu> | 2024-05-27 13:08:29 +0200 |
commit | 75160b12821f7f4299cce7f0b69c83c1502ae071 (patch) | |
tree | 27e25e4ccaef45f0c58b22831164050d1af1d4db /admin/survey/api/class.ApiSurvey.php | |
parent | prvi-commit (diff) | |
download | 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.gz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.bz2 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.lz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.xz 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.tar.zst 1ka-75160b12821f7f4299cce7f0b69c83c1502ae071.zip |
Diffstat (limited to 'admin/survey/api/class.ApiSurvey.php')
-rw-r--r-- | admin/survey/api/class.ApiSurvey.php | 122 |
1 files changed, 98 insertions, 24 deletions
diff --git a/admin/survey/api/class.ApiSurvey.php b/admin/survey/api/class.ApiSurvey.php index 36b8d85..a589358 100644 --- a/admin/survey/api/class.ApiSurvey.php +++ b/admin/survey/api/class.ApiSurvey.php @@ -363,6 +363,65 @@ class ApiSurvey { break;
+ // SAMO ZA GORANA - PLACILA
+ case 'getNarocilo':
+
+ // Klic dovolimo samo Goranu
+ if($global_user_id == '112696'){
+
+ if (isset($params['narocilo_id'])){
+ $narocilo = new UserNarocila();
+ $json_array = $narocilo->getNarocilo($params['narocilo_id']);
+ }
+ else{
+ $json_array['error'] = 'Narocilo ID is missing';
+ }
+ }
+ else{
+ $json_array['error'] = 'Denied for user '.$global_user_id;
+ }
+
+ break;
+
+ case 'placajNarocilo':
+
+ // Klic dovolimo samo Goranu
+ if($global_user_id == '112696'){
+
+ if (isset($params['narocilo_id'])){
+ $narocilo = new UserNarocila();
+ $json_array = $narocilo->payNarocilo($params['narocilo_id']);
+ }
+ else{
+ $json_array['error'] = 'Narocilo ID is missing';
+ }
+ }
+ else{
+ $json_array['error'] = 'Denied for user '.$global_user_id;
+ }
+
+ break;
+
+ case 'placajNarociloEracun':
+
+ // Klic dovolimo samo Goranu
+ if($global_user_id == '112696'){
+
+ if (isset($params['narocilo_id'])){
+ $narocilo = new UserNarocila();
+ $json_array = $narocilo->payNarociloEracun($params['narocilo_id']);
+ }
+ else{
+ $json_array['error'] = 'Narocilo ID is missing';
+ }
+ }
+ else{
+ $json_array['error'] = 'Denied for user '.$global_user_id;
+ }
+
+ break;
+
+
// MOBILE APP ONLY
case 'getMobileAppVersion':
$json_array = $this->getMobileAppVersion();
@@ -2144,21 +2203,25 @@ class ApiSurvey { $res = sisplet_query("SELECT value FROM misc WHERE what='SurveyCookie'");
list ($SurveyCookie) = mysqli_fetch_row($res);
+ // Nastavimo se hash
+ $hash = Common::generateSurveyHash();
// GLASOVANJE
if ($survey_type == 0) {
- $sql = sisplet_query("INSERT INTO srv_anketa (id, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, show_intro, show_concl, locked, mobile_created) " .
- "VALUES ('', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '0', '$lang_admin', '$lang_resp', '0', '1kaBlue', '0', '0', '0', '$mobile_created')");
+ $sql = sisplet_query("INSERT INTO srv_anketa
+ (id, hash, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, show_intro, show_concl, locked, mobile_created)
+ VALUES
+ ('', '".$hash."', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '0', '$lang_admin', '$lang_resp', '0', '1kaBlue', '0', '0', '0', '$mobile_created')");
if (!$sql) {
$error = mysqli_error($GLOBALS['connect_db']);
}
$anketa = mysqli_insert_id($GLOBALS['connect_db']);
-
if ($anketa > 0) {
- $url .= 'a/' . $anketa;
+
+ $url .= 'a/' . $hash;
// vnesemo tudi 1. grupo aka page
$sql = sisplet_query("INSERT INTO srv_grupa (id, ank_id, naslov, vrstni_red) VALUES ('', '$anketa', '$lang[srv_stran] 1', '1')");
@@ -2219,8 +2282,8 @@ class ApiSurvey { $zakljucek_besedilo = $purifier->purify_DB($zakljucek['besedilo']);
$show_concl = ($zakljucek['hide_zakljucek'] == '1') ? 0 : 1;
- $sql = sisplet_query("INSERT INTO srv_anketa (id, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, introduction, conclusion, show_intro, show_concl, locked, mobile_created) " .
- "VALUES ('', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '2', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '1ka', '$uvod_besedilo', '$zakljucek_besedilo', '$show_intro', '$show_concl', '1', '$mobile_created')");
+ $sql = sisplet_query("INSERT INTO srv_anketa (id, hash, naslov, akronim, db_table, starts, expire, dostop, insert_uid, insert_time, edit_uid, edit_time, cookie, text, url, intro_opomba, survey_type, lang_admin, lang_resp, active, skin, introduction, conclusion, show_intro, show_concl, locked, mobile_created) " .
+ "VALUES ('', '".$hash."', '$naslov', '$akronim', '1', $starts, $expire, '0', '$global_user_id', NOW(), '$global_user_id', NOW(), '$SurveyCookie', '', '$url', '', '2', '$lang_admin', '$lang_resp', '$autoActiveSurvey', '1ka', '$uvod_besedilo', '$zakljucek_besedilo', '$show_intro', '$show_concl', '1', '$mobile_created')");
if (!$sql) {
$error = mysqli_error($GLOBALS['connect_db']);
}
@@ -2228,7 +2291,8 @@ class ApiSurvey { if ($anketa > 0) {
- $url .= 'a/' . $anketa;
+
+ $url .= 'a/' . $hash;
// vnesemo tudi 1. grupo aka page
$sql = sisplet_query("INSERT INTO srv_grupa (id, ank_id, naslov, vrstni_red) VALUES ('', '$anketa', '$lang[srv_stran] 1', '1')");
@@ -2267,7 +2331,8 @@ class ApiSurvey { $json_array['id'] = $anketa;
$json_array['note'] = 'Survey created';
- } else {
+ }
+ else {
$json_array['error'] = 'Error creating survey';
}
@@ -3117,11 +3182,19 @@ class ApiSurvey { $updateActiveTime = ", starts=$starts, expire=$expire";
if ($active == 1) {
- $activity_insert_string = "INSERT INTO srv_activity (sid, starts, expire, uid) VALUES('" . $ank_id . "', $starts, $expire, '" . $global_user_id . "' )";
- $sql_insert = sisplet_query($activity_insert_string);
- //ignoriraj erorror, ce ze obstaja identicna vrstica
- /* if (!$sql_insert)
- $json_array['error'] = mysqli_error($GLOBALS['connect_db']); */
+ $sql_insert = sisplet_query("INSERT INTO srv_activity
+ (sid, starts, expire)
+ VALUES
+ ('".$ank_id."', ".$starts.", ".$expire.")
+ ON DUPLICATE KEY UPDATE
+ SET expire=".$expire."
+ ");
+ }
+ else{
+ $sql_insert = sisplet_query("UPDATE srv_activity
+ SET expire=".$expire."
+ WHERE sid='".$ank_id."'
+ ");
}
$sql = sisplet_query("UPDATE srv_anketa SET active=" . $active
@@ -3129,7 +3202,8 @@ class ApiSurvey { if (!$sql) {
$json_array['error'] = mysqli_error($GLOBALS['connect_db']);
- } else {
+ }
+ else {
if (!isset($json_array['error']))
$json_array['note'] = 'Survey activity changed';
}
@@ -3377,7 +3451,7 @@ class ApiSurvey { // vstavimo v srv_data_text (email, ime, priimek)
SurveyInfo::getInstance()->SurveyInit($ank_id);
- $db_table = (SurveyInfo::getInstance()->getSurveyColumn('db_table') == 1) ? '_active' : '';
+ $db_table = SurveyInfo::getInstance()->getSurveyArchiveDBString();
foreach ($sys_vars AS $sid => $spremenljivka) {
if ($spremenljivka['variable'] == 'email')
sisplet_query("INSERT INTO srv_data_text" . $db_table . " (spr_id, vre_id, text, usr_id) VALUES ('" . $sid . "', '" . $spremenljivka['vre_id'] . "', '" . $email . "', '" . $usr_id . "')");
@@ -3424,7 +3498,7 @@ class ApiSurvey { // vstavimo v srv_data_text (email, ime, priimek)
SurveyInfo::getInstance()->SurveyInit($ank_id);
- $db_table = (SurveyInfo::getInstance()->getSurveyColumn('db_table') == 1) ? '_active' : '';
+ $db_table = SurveyInfo::getInstance()->getSurveyArchiveDBString();
foreach ($sys_vars AS $sid => $spremenljivka) {
if ($spremenljivka['variable'] == 'email') {
$data_insert = sisplet_query("INSERT INTO srv_data_text" . $db_table . " (spr_id, vre_id, text, usr_id) VALUES ('" . $sid . "', '" . $spremenljivka['vre_id'] . "', '" . $email . "', '" . $usr_id . "')");
@@ -3519,14 +3593,14 @@ class ApiSurvey { $add = false;
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
- $link = 'main/survey/uporabnost.php?anketa=' . $anketa . '&skupina=' . $vre_id;
+ $link = 'main/survey/uporabnost.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
else
- $link = 'main/survey/index.php?anketa=' . $anketa . '&skupina=' . $vre_id;
+ $link = 'main/survey/index.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
if ($add) {
$f = @fopen($site_path . '.htaccess', 'a');
if ($f !== false) {
- fwrite($f, "\nRewriteRule ^" . $nice_url . '\b(.*) ' . $link . "&foo=\$1&%{QUERY_STRING}");
+ fwrite($f, "\nRewriteRule ^" . $nice_url . '\b(?!-)(.*) ' . $link . "&foo=\$1&%{QUERY_STRING}");
fclose($f);
$sqlI = sisplet_query("INSERT INTO srv_nice_links_skupine (id,ank_id,nice_link_id,vre_id,link) VALUES ('','$ank_id','$row[id]','$vre_id','$nice_url')");
@@ -3626,14 +3700,14 @@ class ApiSurvey { $add = false;
if (SurveyInfo::getInstance()->checkSurveyModule('uporabnost'))
- $link = 'main/survey/uporabnost.php?anketa=' . $anketa . '&skupina=' . $vre_id;
+ $link = 'main/survey/uporabnost.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
else
- $link = 'main/survey/index.php?anketa=' . $anketa . '&skupina=' . $vre_id;
+ $link = 'main/survey/index.php?anketa=' . SurveyInfo::getInstance()->getSurveyHash() . '&skupina=' . $vre_id;
if ($add) {
$f = @fopen($site_path . '.htaccess', 'a');
if ($f !== false) {
- fwrite($f, "\nRewriteRule ^" . $nice_url . '\b(.*) ' . $link . "&foo=\$1&%{QUERY_STRING}");
+ fwrite($f, "\nRewriteRule ^" . $nice_url . '\b(?!-)(.*) ' . $link . "&foo=\$1&%{QUERY_STRING}");
fclose($f);
$sqlI = sisplet_query("INSERT INTO srv_nice_links_skupine (id,ank_id,nice_link_id,vre_id,link) VALUES ('','$ank_id','$row[id]','$vre_id','$nice_url')");
@@ -3887,7 +3961,7 @@ class ApiSurvey { // vstavimo v srv_data_text (email, ime, priimek)
SurveyInfo::getInstance()->SurveyInit($ank_id);
- $db_table = (SurveyInfo::getInstance()->getSurveyColumn('db_table') == 1) ? '_active' : '';
+ $db_table = SurveyInfo::getInstance()->getSurveyArchiveDBString();
foreach ($sys_vars AS $sid => $spremenljivka) {
if ($spremenljivka['variable'] == 'email')
sisplet_query("INSERT INTO srv_data_text" . $db_table . " (spr_id, vre_id, text, usr_id) VALUES ('" . $sid . "', '" . $spremenljivka['vre_id'] . "', '" . $email . "', '" . $usr_id . "')");
@@ -3934,7 +4008,7 @@ class ApiSurvey { // vstavimo v srv_data_text (email, ime, priimek)
SurveyInfo::getInstance()->SurveyInit($ank_id);
- $db_table = (SurveyInfo::getInstance()->getSurveyColumn('db_table') == 1) ? '_active' : '';
+ $db_table = SurveyInfo::getInstance()->getSurveyArchiveDBString();
foreach ($sys_vars AS $sid => $spremenljivka) {
if ($spremenljivka['variable'] == 'email') {
$data_insert = sisplet_query("INSERT INTO srv_data_text" . $db_table . " (spr_id, vre_id, text, usr_id) VALUES ('" . $sid . "', '" . $spremenljivka['vre_id'] . "', '" . $email . "', '" . $usr_id . "')");
|