1 |
<?php |
2 |
|
3 |
$conn = pg_connect("dbname=##DB_NAME## user=##DB_USER##"); |
4 |
$result=pg_Exec($conn,"set datestyle = 'german'"); |
5 |
$without_invitation=##WITHOUT_INVITATION##; |
6 |
|
7 |
set_magic_quotes_runtime(1); |
8 |
|
9 |
// return number of true answers |
10 |
|
11 |
function fix_checkboxes($var,$nr) { |
12 |
for($i=1; $i<=$nr; $i++) { |
13 |
if (isset($GLOBALS[$var."_".$i])) { |
14 |
$GLOBALS[$var."_".$i]="true"; |
15 |
$nr++; |
16 |
} else { |
17 |
$GLOBALS[$var."_".$i]="false"; |
18 |
} |
19 |
} |
20 |
return $nr; |
21 |
|
22 |
} |
23 |
|
24 |
function checked($var) { |
25 |
if ($var == "true" || $var == "t") return 1; |
26 |
return 0; |
27 |
} |
28 |
|
29 |
function id_encode($id) { |
30 |
return md5($id).strtr($id,"1234567890","abcdef1234"); |
31 |
} |
32 |
|
33 |
function id_decode($eid) { |
34 |
$id=substr(strtr($eid,"abcdef1234","1234567890"),32); |
35 |
if (md5($id) == substr($eid,0,32)) { |
36 |
return $id; |
37 |
} else { |
38 |
return 0; |
39 |
} |
40 |
} |
41 |
|
42 |
function fix_sql($sql) { |
43 |
$sql=ereg_replace(",([ \t\n\r]*),",",null\\1,",$sql); |
44 |
$sql=ereg_replace(",([ \t\n\r]*),",",null\\1,",$sql); |
45 |
$sql=ereg_replace(",([ \t\n\r]*),",",null\\1,",$sql); |
46 |
$sql=ereg_replace("=([ \t\n\r,]+)","=null\\1",$sql); |
47 |
$sql=ereg_replace("=([ \t\n\r,]*)$","=null\\1",$sql); |
48 |
return $sql; |
49 |
} |
50 |
|
51 |
function get_answer($p) { |
52 |
global $conn,$id; |
53 |
$result = pg_Exec ($conn,"select $p from ##DB## where id=$id"); |
54 |
if ($result && pg_numrows($result) > 0) { |
55 |
$row=pg_fetch_row($result,0); |
56 |
if (isset($row[0]) && $row[0] != "") { |
57 |
$GLOBALS[$p]=$row[0]; |
58 |
return $row[0]; |
59 |
} |
60 |
} |
61 |
$GLOBALS[$p]=0; |
62 |
return 0; |
63 |
} |
64 |
|
65 |
function get_answers($p) { |
66 |
global $conn,$id; |
67 |
$result = pg_Exec ($conn,"select $p from ##DB## where id=$id"); |
68 |
if ($result && pg_numrows($result) > 0) { |
69 |
$row=pg_fetch_array($result,0); |
70 |
$pit=split(",",$p); |
71 |
while(list($key,$val) = each($row)) { |
72 |
$GLOBALS[$key]=$val; |
73 |
} |
74 |
} |
75 |
} |
76 |
function get_member($pitanja,$uvjet = "true") { |
77 |
global $member_id; |
78 |
$p_conn = pg_connect("dbname=##MEMBERS_DB## user=##DB_USER##"); |
79 |
$result=@pg_Exec($p_conn,"select id,$pitanja from member |
80 |
where $uvjet and id = $member_id"); |
81 |
$numrows=@pg_numrows($result); |
82 |
if ($numrows) { |
83 |
$row=pg_fetch_array($result,0); |
84 |
$pit=split(",",$pitanja); |
85 |
while(list($key,$val) = each($row)) { |
86 |
$GLOBALS["member_".$key]=$val; |
87 |
} |
88 |
} |
89 |
} |
90 |
|
91 |
// get a and id |
92 |
if (isset($_POST["a"])) { $a = $_POST["a"]; } |
93 |
if (isset($_GET["a"])) { $a = $_GET["a"]; } |
94 |
$member_id=id_decode($a); |
95 |
|
96 |
if (!isset($a) || $member_id == 0) { |
97 |
if ($without_invitation) { |
98 |
# member_id == -1 will use id from poll table as unique ID |
99 |
$member_id=-1; |
100 |
} else { |
101 |
# dump error (404) if no ID is found |
102 |
if (!headers_sent()) header("HTTP/1.0 404 Not Found"); |
103 |
print "<b>WOPI:</b> Error in session tracking argument!"; |
104 |
exit; |
105 |
} |
106 |
} |
107 |
|
108 |
if (isset($a) && !isset($id)) { |
109 |
global $conn,$do_stranice; |
110 |
$result = pg_Exec ($conn,"select max(id) as id,max(do_stranice) as do_stranice from ##DB## where member_id=$member_id group by member_id limit 1"); |
111 |
if ($result && pg_numrows($result) > 0) { |
112 |
$row=pg_fetch_array($result,0); |
113 |
$id=$row[id]; |
114 |
$do_stranice=$row[do_stranice]; |
115 |
$do_uri="http://".$SERVER_NAME.":".$SERVER_PORT.$row[do_stranice]; |
116 |
} else { |
117 |
if ($without_invitation) { |
118 |
$member_id="(select currval('mate_id_seq'))"; |
119 |
} |
120 |
$sql="insert into ##DB## ( http_referer,remote_addr,user_agent, member_id, do_stranice ) values ('$HTTP_REFERER','$REMOTE_ADDR','$HTTP_USER_AGENT',$member_id, '$PHP_SELF')"; |
121 |
|
122 |
$result=pg_Exec($conn,fix_sql($sql)); |
123 |
$lastoid=pg_getlastoid($result); |
124 |
$result = pg_Exec($conn,fix_sql("select id,do_stranice from ##DB## where oid=$lastoid")); |
125 |
$row=pg_fetch_array($result,0); |
126 |
$id=$row[id]; |
127 |
$do_stranice=$row[do_stranice]; |
128 |
$do_uri="http://".$SERVER_NAME.":".$SERVER_PORT.$row[do_stranice]; |
129 |
} |
130 |
} |
131 |
?> |