diff --git a/htdocs/opensurvey/public/studs.php b/htdocs/opensurvey/public/studs.php index 3467988f99a..f59a9d6e572 100644 --- a/htdocs/opensurvey/public/studs.php +++ b/htdocs/opensurvey/public/studs.php @@ -61,7 +61,7 @@ $listofvoters=explode(',',$_SESSION["savevoter"]); if (GETPOST('ajoutcomment')) { if (!$canbemodified) accessforbidden(); - + $error=0; if (! GETPOST('comment')) @@ -81,16 +81,16 @@ if (GETPOST('ajoutcomment')) $comment_user = GETPOST('commentuser'); $resql = $object->addComment($comment, $comment_user); - + if (! $resql) dol_print_error($db); } } // Add vote -if (isset($_POST["boutonp"])) +if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) // boutonp for chrom, boutonp_x for firefox { if (!$canbemodified) accessforbidden(); - + //Si le nom est bien entré if (GETPOST('nom')) { @@ -110,7 +110,7 @@ if (isset($_POST["boutonp"])) } } - $nom=substr($_POST["nom"],0,64); + $nom=substr(GETPOST("nom"),0,64); // Check if vote already exists $sql = 'SELECT id_users, nom FROM '.MAIN_DB_PREFIX."opensurvey_user_studs WHERE id_sondage='".$db->escape($numsondage)."' AND nom = '".$db->escape($nom)."' ORDER BY id_users"; @@ -138,18 +138,18 @@ if (isset($_POST["boutonp"])) if ($object->fk_user_creat) { $userstatic = new User($db); $userstatic->fetch($object->fk_user_creat); - + $email = $userstatic->email; } else { $email = $object->mail_admin; } - + //Linked user may not have an email set if ($email) { include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; - + $body = $langs->trans('EmailSomeoneVoted', $nom, getUrlSondage($numsondage, true)); - + $cmailfile=new CMailFile("[".MAIN_APPLICATION_TITLE."] ".$langs->trans("Poll").': '.$object->titre, $email, $conf->global->MAIN_MAIL_EMAIL_FROM, $body); $result=$cmailfile->sendfile(); } @@ -204,7 +204,7 @@ if ($testmodifier) $nouveauchoix.="0"; } } - + if (!$canbemodified) accessforbidden(); $idtomodify=$_POST["idtomodify".$modifier]; @@ -222,7 +222,7 @@ $idcomment=GETPOST('deletecomment','int'); if ($idcomment) { if (!$canbemodified) accessforbidden(); - + $resql = $object->deleteComment($idcomment); } @@ -271,7 +271,7 @@ print ''."\n"; //The survey has expired, users can't vote or do any action if (!$canbemodified) { - + print '

'.$langs->trans('SurveyExpiredInfo').'

'; llxFooterSurvey(); @@ -714,7 +714,7 @@ $comments = $object->getComments(); if ($comments) { print "
" . $langs->trans("CommentsOfVoters") . ":
\n"; - + foreach ($comments as $obj) { print '
'; if (in_array($obj->usercomment, $listofvoters)) print ' '.img_picto('', 'delete.png').' '; diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php index 365ea3cd9e3..434280d439a 100644 --- a/htdocs/opensurvey/results.php +++ b/htdocs/opensurvey/results.php @@ -52,13 +52,13 @@ $nblignes=count($object->fetch_lines()); //Return to the results if (GETPOST('retoursondage')) { header('Location: results.php?id='.$_GET['id']); - die; + exit; } $nbcolonnes = substr_count($object->sujet, ',') + 1; // Add vote -if (isset($_POST["boutonp"])) +if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) // boutonp for chrom, boutonp.x for firefox { if (GETPOST('nom')) { @@ -128,7 +128,7 @@ if ($testmodifier) // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + $nouveauchoix = ''; for ($i = 0; $i < $nbcolonnes; $i++) { @@ -161,7 +161,7 @@ if (GETPOST("ajoutercolonne") && GETPOST('nouvellecolonne') && ($object->format { // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + $nouveauxsujets=$object->sujet; //on rajoute la valeur a la fin de tous les sujets deja entrés @@ -185,7 +185,7 @@ if (isset($_POST["ajoutercolonne"]) && ($object->format == "D")) { // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + $nouveauxsujets=$object->sujet; if (isset($_POST["nouveaujour"]) && $_POST["nouveaujour"] != "vide" && @@ -280,7 +280,7 @@ for ($i = 0; $i < $nblignes; $i++) { // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + $compteur=0; // Loop on each answer @@ -315,7 +315,7 @@ for ($i = 0; $i < $nbcolonnes; $i++) { // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + $db->begin(); $toutsujet = explode(",",$object->sujet); @@ -473,7 +473,7 @@ if (GETPOST('ajoutsujet')) { // Security check if (!$user->rights->opensurvey->write) accessforbidden(); - + //on recupere les données et les sujets du sondage print '
'."\n"; print ''; @@ -496,7 +496,7 @@ if (GETPOST('ajoutsujet')) else { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php'; - + $formother=new FormOther($db); //ajout d'une date avec creneau horaire print $langs->trans("AddADate") .':

'."\n"; @@ -508,9 +508,9 @@ if (GETPOST('ajoutsujet')) print ''."\n"; print $formother->select_month('', 'nouveaumois', 1); - + print ' '; - + print $formother->select_year('', 'nouvelleannee', 1, 0, 5, 0, 1); print '

'. $langs->trans("AddStartHour") .':

'."\n"; @@ -624,7 +624,7 @@ if ($object->format=="D") print ''; print 'id_sondage.'">'.$langs->trans("Add").''."\n"; } - + print ''."\n"; print ''."\n"; print ''."\n"; @@ -653,7 +653,7 @@ if ($object->format=="D") if ($user->rights->opensurvey->write) { print 'id_sondage.'">'.$langs->trans("Add").''."\n"; } - + print ''."\n"; print ''."\n"; print ''."\n"; @@ -700,7 +700,7 @@ if ($object->format=="D") if ($user->rights->opensurvey->write) { print 'id_sondage.'">'.$langs->trans("Add").''."\n"; } - + print ''."\n"; } } @@ -744,11 +744,11 @@ while ($compteur < $num) $ensemblereponses = $obj->reponses; print ''."\n"; - + if ($user->rights->opensurvey->write) { print ''."\n"; } - + // Name print ''.dol_htmlentities($obj->nom).''."\n";