fixing guid bugs
This commit is contained in:
JT Smith
parent
8d9760f9bf
commit
719b26d2d9
11 changed files with 105 additions and 106 deletions
|
|
@ -35,14 +35,14 @@ sub duplicate {
|
|||
my ($sth, $w, @row, $newEventId, $previousRecurringEventId);
|
||||
$w = $_[0]->SUPER::duplicate($_[1]);
|
||||
$sth = WebGUI::SQL->read("select * from EventsCalendar_event where wobjectId="
|
||||
.$_[0]->get("wobjectId")." order by EventsCalendar_recurringId");
|
||||
.quote($_[0]->get("wobjectId"))." order by EventsCalendar_recurringId");
|
||||
while (@row = $sth->array) {
|
||||
$newEventId = WebGUI::Id::generate();
|
||||
if ($row[6] > 0 && $row[6] != $previousRecurringEventId) {
|
||||
$row[6] = WebGUI::Id::generate();
|
||||
$previousRecurringEventId = $row[6];
|
||||
}
|
||||
WebGUI::SQL->write("insert into EventsCalendar_event values (".quote($newEventId).", ".$w.", ".
|
||||
WebGUI::SQL->write("insert into EventsCalendar_event values (".quote($newEventId).", ".quote($w).", ".
|
||||
quote($row[2]).", ".quote($row[3]).", ".quote($row[4]).", ".quote($row[5]).", ".quote($row[6]).")");
|
||||
}
|
||||
$sth->finish;
|
||||
|
|
@ -259,13 +259,13 @@ sub www_editEvent {
|
|||
$f = WebGUI::HTMLForm->new(1);
|
||||
$f->raw('<tr><td class="formdescription" valign="top">'.WebGUI::International::get(8,$_[0]->get("namespace")).'</td><td class="tableData">');
|
||||
$f->integer("interval","",1,"","","",3);
|
||||
$f->select("recursEvery",\%recursEvery);
|
||||
$f->selectList("recursEvery",\%recursEvery);
|
||||
$f->raw(' '.WebGUI::International::get(9,$_[0]->get("namespace")).' ');
|
||||
$f->date("until");
|
||||
$f->raw("</td><tr>");
|
||||
$special = $f->printRowsOnly;
|
||||
} else {
|
||||
%event = WebGUI::SQL->quickHash("select * from EventsCalendar_event where EventsCalendar_eventId='$session{form}{eid}'");
|
||||
%event = WebGUI::SQL->quickHash("select * from EventsCalendar_event where EventsCalendar_eventId=".quote($session{form}{eid}));
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("until");
|
||||
$special = $f->printRowsOnly;
|
||||
|
|
@ -282,14 +282,13 @@ sub www_editEvent {
|
|||
-name=>"startDate",
|
||||
-label=>WebGUI::International::get(14,$_[0]->get("namespace")),
|
||||
-value=>$event{startDate},
|
||||
-dateExtras=>'onBlur="this.form.endDate_date.value=this.form.startDate_date.value;this.form.until.value=this.form.startDate_date.value;"',
|
||||
-timeExtras=>'onBlur="this.form.endDate_time.value=this.form.startDate_time.value"'
|
||||
-extras=>'onBlur="this.form.endDate.value=this.form.startDate.value;this.form.until.value=this.form.startDate.value;"',
|
||||
);
|
||||
$f->dateTime(
|
||||
-name=>"endDate",
|
||||
-label=>WebGUI::International::get(15,$_[0]->get("namespace")),
|
||||
-value=>$event{endDate},
|
||||
-dateExtras=>'onBlur="this.form.until.value=this.form.endDate_date.value;"'
|
||||
-extras=>'onBlur="this.form.until.value=this.form.endDate.value;"'
|
||||
);
|
||||
$f->raw($special);
|
||||
if ($session{form}{eid} eq "new") {
|
||||
|
|
@ -344,7 +343,7 @@ sub www_editEventSave {
|
|||
}
|
||||
}
|
||||
$i = 0;
|
||||
while ($eventId[$i] > 0) {
|
||||
while ($eventId[$i] ne "") {
|
||||
WebGUI::SQL->write("insert into EventsCalendar_event values (".quote($eventId[$i]).",
|
||||
".quote($_[0]->get("wobjectId")).",
|
||||
".quote($session{form}{name}).",
|
||||
|
|
@ -422,7 +421,7 @@ sub www_view {
|
|||
my @thisMonthDate = WebGUI::DateTime::epochToArray($thisMonth);
|
||||
# get event information
|
||||
my $query = "select * from EventsCalendar_event where ";
|
||||
$query .= " wobjectId=".$_[0]->get("wobjectId")." and " unless ($_[0]->get("isMaster"));
|
||||
$query .= " wobjectId=".quote($_[0]->get("wobjectId"))." and " unless ($_[0]->get("isMaster"));
|
||||
$query .= " (endDate>=$monthStart and endDate<=$monthEnd) and (startDate>=$monthStart and startDate<=$monthEnd) order by startDate,endDate";
|
||||
my %events;
|
||||
my %previous;
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ sub duplicate {
|
|||
my ($file, $w, %row, $sth, $newDownloadId);
|
||||
tie %row, 'Tie::CPHash';
|
||||
$w = $_[0]->SUPER::duplicate($_[1]);
|
||||
$sth = WebGUI::SQL->read("select * from FileManager_file where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from FileManager_file where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while (%row = $sth->hash) {
|
||||
$newDownloadId = WebGUI::Id::generate();
|
||||
$file = WebGUI::Attachment->new($row{downloadFile},$_[0]->get("wobjectId"),$row{FileManager_fileId});
|
||||
|
|
@ -124,7 +124,7 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub purge {
|
||||
WebGUI::SQL->write("delete from FileManager_file where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from FileManager_file where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
$_[0]->SUPER::purge();
|
||||
}
|
||||
|
||||
|
|
@ -164,7 +164,7 @@ sub www_download {
|
|||
$_[0]->logView() if ($session{setting}{passiveProfilingEnabled});
|
||||
my (%download, $file);
|
||||
tie %download,'Tie::CPHash';
|
||||
%download = WebGUI::SQL->quickHash("select * from FileManager_file where FileManager_fileId=$session{form}{did}");
|
||||
%download = WebGUI::SQL->quickHash("select * from FileManager_file where FileManager_fileId=".quote($session{form}{did}));
|
||||
if (WebGUI::Grouping::isInGroup($download{groupToView})) {
|
||||
if ($session{form}{alternateVersion} == 1) {
|
||||
$file = WebGUI::Attachment->new($download{alternateVersion1},
|
||||
|
|
@ -350,7 +350,7 @@ sub www_view {
|
|||
$var{"search.label"} = WebGUI::International::get(364);
|
||||
$var{"addfile.url"} = WebGUI::URL::page('func=editDownload&did=new&wid='.$_[0]->get("wobjectId"));
|
||||
$var{"addfile.label"} = WebGUI::International::get(11,$_[0]->get("namespace"));
|
||||
$sql = "select * from FileManager_file where wobjectId=".$_[0]->get("wobjectId")." ";
|
||||
$sql = "select * from FileManager_file where wobjectId=".quote($_[0]->get("wobjectId"))." ";
|
||||
if ($session{scratch}{search}) {
|
||||
$numResults = $session{scratch}{numResults};
|
||||
$constraints = WebGUI::Search::buildConstraints(
|
||||
|
|
|
|||
|
|
@ -571,7 +571,7 @@ sub _getContentTypes {
|
|||
sub _getSearchablePages {
|
||||
my $searchRoot = shift;
|
||||
my %pages;
|
||||
my $sth = WebGUI::SQL->read("select pageId from page where parentId = $searchRoot");
|
||||
my $sth = WebGUI::SQL->read("select pageId from page where parentId = ".quote($searchRoot));
|
||||
while (my %data = $sth->hash) {
|
||||
$pages{$data{pageId}} = defined;
|
||||
%pages = (%pages, _getSearchablePages($data{pageId}) );
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ These methods are available from this package:
|
|||
sub _recurseCrumbTrail {
|
||||
my ($sth, %data, $output);
|
||||
tie %data, 'Tie::CPHash';
|
||||
%data = WebGUI::SQL->quickHash("select pageId,parentId,menuTitle,urlizedTitle from page where pageId=$_[0]");
|
||||
%data = WebGUI::SQL->quickHash("select pageId,parentId,menuTitle,urlizedTitle from page where pageId=".quote($_[0]));
|
||||
if ($data{pageId} > 1) {
|
||||
$output .= _recurseCrumbTrail($data{parentId});
|
||||
}
|
||||
|
|
@ -189,7 +189,7 @@ A reference to an array of CSS color identificators.
|
|||
|
||||
sub getDetails {
|
||||
my ($self, $docIdList, %options) = @_;
|
||||
my $docIds = join(',',@$docIdList);
|
||||
my $docIds = quoteAndJoin($docIdList);
|
||||
my (@searchDetails, %namespace);
|
||||
foreach my $wobject (@{$session{config}{wobjects}}){
|
||||
my $cmd = "WebGUI::Wobject::".$wobject;
|
||||
|
|
@ -443,6 +443,7 @@ of this document.
|
|||
sub indexDocument {
|
||||
my ($self, $document) = @_;
|
||||
$self->{_fts}->index_document($document->{docId} || $self->{_docId}, $document->{text});
|
||||
my $docId = ($document->{docId} || $self->{_docId});
|
||||
WebGUI::SQL->write("insert into IndexedSearch_docInfo ( docId,
|
||||
indexName,
|
||||
pageId,
|
||||
|
|
@ -459,20 +460,20 @@ sub indexDocument {
|
|||
ownerId,
|
||||
dateIndexed )
|
||||
values ( ".
|
||||
($document->{docId} || $self->{_docId}).", ".
|
||||
quote($docId).", ".
|
||||
quote($self->getIndexName).", ".
|
||||
($document->{pageId} || 0).", ".
|
||||
($document->{wobjectId} || 0).", ".
|
||||
quote($document->{pageId} || 0).", ".
|
||||
quote($document->{wobjectId} || 0).", ".
|
||||
quote($document->{languageId}).", ".
|
||||
quote($document->{namespace} || 'WebGUI')." , ".
|
||||
quote($document->{location}).", ".
|
||||
($document->{page_groupIdView} || 7).", ".
|
||||
($document->{wobject_groupIdView} || 7).", ".
|
||||
($document->{wobject_special_groupIdView} || 7).", ".
|
||||
quote($document->{page_groupIdView} || 7).", ".
|
||||
quote($document->{wobject_groupIdView} || 7).", ".
|
||||
quote($document->{wobject_special_groupIdView} || 7).", ".
|
||||
quote($document->{headerShortcut})." ,".
|
||||
quote($document->{bodyShortcut})." ,".
|
||||
quote($document->{contentType})." ,".
|
||||
($document->{ownerId} || 3).",
|
||||
quote($document->{ownerId} || 3).",
|
||||
".WebGUI::DateTime::time()." )"
|
||||
);
|
||||
$self->{_docId}++;
|
||||
|
|
@ -655,8 +656,8 @@ sub search {
|
|||
my $noFtsSearch = ($query =~ /^\s*\*\s*$/); # query = '*', no full text search
|
||||
my @fts_docIds = $self->{_fts}->search($query) unless $noFtsSearch ;
|
||||
if(@fts_docIds || $noFtsSearch) {
|
||||
my $groups = join(',',@{$self->_getGroups});
|
||||
my $docIds = join(',',@fts_docIds);
|
||||
my $groups = quoteAndJoin($self->_getGroups);
|
||||
my $docIds = quoteAndJoin(\@fts_docIds);
|
||||
my $sql = "select docId from IndexedSearch_docInfo where indexName = ".quote($self->getIndexName);
|
||||
$sql .= " and docId in ($docIds)" unless $noFtsSearch;
|
||||
$sql .= " and page_groupIdView in ($groups)";
|
||||
|
|
@ -665,7 +666,7 @@ sub search {
|
|||
$sql .= " and wobject_groupIdView in ($groups)";
|
||||
}
|
||||
foreach my $filterElement (keys %{$filter}) {
|
||||
$sql .= " AND $filterElement in (".join(',', @{$filter->{$filterElement}}).")";
|
||||
$sql .= " AND $filterElement in (".quoteAndJoin($filter->{$filterElement}).")";
|
||||
}
|
||||
# No trash or other garbage
|
||||
$sql .= " AND (pageId > 999 or pageId < 0 or pageId = 1) ";
|
||||
|
|
|
|||
|
|
@ -123,16 +123,16 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub purge {
|
||||
my $sth = WebGUI::SQL->read("select forumId from MessageBoard_forums where wobjectId=".$_[0]->get("wobjectId"));
|
||||
my $sth = WebGUI::SQL->read("select forumId from MessageBoard_forums where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while (my ($forumId) = $sth->array) {
|
||||
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".$forumId);
|
||||
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".quote($forumId));
|
||||
unless ($inUseElsewhere > 1) {
|
||||
my $forum = WebGUI::Forum->new($forumId);
|
||||
$forum->purge;
|
||||
}
|
||||
}
|
||||
$sth->finish;
|
||||
WebGUI::SQL->write("delete from MessageBoard_forums where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from MessageBoard_forums where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
$_[0]->SUPER::purge();
|
||||
}
|
||||
|
||||
|
|
@ -146,12 +146,12 @@ sub www_deleteForum {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_deleteForumConfirm {
|
||||
return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
|
||||
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".$session{form}{forumId});
|
||||
my ($inUseElsewhere) = WebGUI::SQL->quickArray("select count(*) from MessageBoard_forums where forumId=".quote($session{form}{forumId}));
|
||||
unless ($inUseElsewhere > 1) {
|
||||
my $forum = WebGUI::Forum->new($session{form}{forumId});
|
||||
$forum->purge;
|
||||
}
|
||||
WebGUI::SQL->write("delete from MessageBoard_forums where forumId=".quote($session{form}{forumId})." and wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from MessageBoard_forums where forumId=".quote($session{form}{forumId})." and wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
return "";
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ our @ISA = qw(WebGUI::Wobject);
|
|||
#-------------------------------------------------------------------
|
||||
sub _hasVoted {
|
||||
my ($hasVoted) = WebGUI::SQL->quickArray("select count(*) from Poll_answer
|
||||
where wobjectId=".$_[0]->get("wobjectId")." and ((userId=$session{user}{userId}
|
||||
where wobjectId=".quote($_[0]->get("wobjectId"))." and ((userId=".quote($session{user}{userId})."
|
||||
and userId<>1) or (userId=1 and ipAddress='$session{env}{REMOTE_ADDR}'))");
|
||||
return $hasVoted;
|
||||
}
|
||||
|
|
@ -40,7 +40,7 @@ sub _hasVoted {
|
|||
sub duplicate {
|
||||
my ($w, $f, $sth, @row);
|
||||
$w = $_[0]->SUPER::duplicate($_[1]);
|
||||
$sth = WebGUI::SQL->read("select * from Poll_answer where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Poll_answer where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while (@row = $sth->array) {
|
||||
WebGUI::SQL->write("insert into Poll_answer values (".quote($w).", ".quote($row[1]).", ".quote($row[2]).", ".quote($row[3]).")");
|
||||
}
|
||||
|
|
@ -143,7 +143,7 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub purge {
|
||||
WebGUI::SQL->write("delete from Poll_answer where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Poll_answer where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
$_[0]->SUPER::purge();
|
||||
}
|
||||
|
||||
|
|
@ -248,7 +248,7 @@ sub www_view {
|
|||
}
|
||||
$var{canVote} = $showPoll;
|
||||
my ($totalResponses) = WebGUI::SQL->quickArray("select count(*) from Poll_answer where wobjectId="
|
||||
.$_[0]->get("wobjectId"));
|
||||
.quote($_[0]->get("wobjectId")));
|
||||
$var{"responses.label"} = WebGUI::International::get(12,$_[0]->get("namespace"));
|
||||
$var{"responses.total"} = $totalResponses;
|
||||
$var{"form.start"} = WebGUI::Form::formHeader();
|
||||
|
|
@ -260,7 +260,7 @@ sub www_view {
|
|||
for (my $i=1; $i<=20; $i++) {
|
||||
if ($_[0]->get('a'.$i) =~ /\C/) {
|
||||
my ($tally) = WebGUI::SQL->quickArray("select count(*) from Poll_answer where answer='a"
|
||||
.$i."' and wobjectId=".$_[0]->get("wobjectId")." group by answer");
|
||||
.$i."' and wobjectId=".quote($_[0]->get("wobjectId"))." group by answer");
|
||||
push(@answers,{
|
||||
"answer.form"=>WebGUI::Form::radio({name=>"answer",value=>"a".$i}),
|
||||
"answer.text"=>$_[0]->get('a'.$i),
|
||||
|
|
|
|||
|
|
@ -42,31 +42,31 @@ sub duplicate {
|
|||
$file->copy($w->get("wobjectId"));
|
||||
$file = WebGUI::Attachment->new($_[0]->get("warranty"),$_[0]->get("wobjectId"));
|
||||
$file->copy($w->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_feature where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_feature where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while ($row = $sth->hashRef) {
|
||||
$row->{"Product_featureId"} = "new";
|
||||
$w->setCollateral("Product_feature","Product_featureId",$row);
|
||||
}
|
||||
$sth->finish;
|
||||
$sth = WebGUI::SQL->read("select * from Product_benefit where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_benefit where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while ($row = $sth->hashRef) {
|
||||
$row->{"Product_benefitId"} = "new";
|
||||
$w->setCollateral("Product_benefit","Product_benefitId",$row);
|
||||
}
|
||||
$sth->finish;
|
||||
$sth = WebGUI::SQL->read("select * from Product_specification where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_specification where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while ($row = $sth->hashRef) {
|
||||
$row->{"Product_specificationId"} = "new";
|
||||
$w->setCollateral("Product_specification","Product_specificationId",$row);
|
||||
}
|
||||
$sth->finish;
|
||||
$sth = WebGUI::SQL->read("select * from Product_accessory where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_accessory where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while (%data = $sth->hash) {
|
||||
WebGUI::SQL->write("insert into Product_accessory values (".quote($w->get("wobjectId")).",
|
||||
".quote($data{accessoryWobjectId}).", $data{sequenceNumber})");
|
||||
}
|
||||
$sth->finish;
|
||||
$sth = WebGUI::SQL->read("select * from Product_related where wobjectId=".$_[0]->get("wobjectId"));
|
||||
$sth = WebGUI::SQL->read("select * from Product_related where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
while (%data = $sth->hash) {
|
||||
WebGUI::SQL->write("insert into Product_related values (".quote($w->get("wobjectId")).",
|
||||
".quote($data{relatedWobjectId}).", $data{sequenceNumber})");
|
||||
|
|
@ -151,13 +151,13 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub purge {
|
||||
WebGUI::SQL->write("delete from Product_accessory where wobjectId=".$_[0]->get("wobjectId")."
|
||||
or accessoryWobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Product_related where wobjectId=".$_[0]->get("wobjectId")."
|
||||
or relatedWobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Product_benefit where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Product_feature where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Product_specification where wobjectId=".$_[0]->get("wobjectId"));
|
||||
WebGUI::SQL->write("delete from Product_accessory where wobjectId=".quote($_[0]->get("wobjectId"))."
|
||||
or accessoryWobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("delete from Product_related where wobjectId=".quote($_[0]->get("wobjectId"))."
|
||||
or relatedWobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("delete from Product_benefit where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("delete from Product_feature where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("delete from Product_specification where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
$_[0]->SUPER::purge();
|
||||
}
|
||||
|
||||
|
|
@ -173,10 +173,10 @@ sub www_addAccessory {
|
|||
$f->hidden("wid",$_[0]->get("wobjectId"));
|
||||
$f->hidden("func","addAccessorySave");
|
||||
@usedAccessories = WebGUI::SQL->quickArray("select accessoryWobjectId from Product_accessory
|
||||
where wobjectId=".$session{form}{wid});
|
||||
where wobjectId=".quote($session{form}{wid}));
|
||||
push(@usedAccessories,$session{form}{wid});
|
||||
$accessory = WebGUI::SQL->buildHashRef("select wobjectId,title from wobject where namespace='Product'
|
||||
and wobjectId not in (".join(",",@usedAccessories).")");
|
||||
and wobjectId not in (".quoteAndJoin(\@usedAccessories).")");
|
||||
$f->select("accessoryWobjectId",$accessory,WebGUI::International::get(17,$_[0]->get("namespace")));
|
||||
$f->yesNo("proceed",WebGUI::International::get(18,$_[0]->get("namespace")));
|
||||
$f->submit;
|
||||
|
|
@ -191,7 +191,7 @@ sub www_addAccessorySave {
|
|||
$session{page}{useAdminStyle} = 1;
|
||||
my ($seq);
|
||||
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_accessory
|
||||
where wobjectId=".$_[0]->get("wobjectId"));
|
||||
where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("insert into Product_accessory (wobjectId,accessoryWobjectId,sequenceNumber) values
|
||||
(".quote($_[0]->get("wobjectId")).",".quote($session{form}{accessoryWobjectId}).",".($seq+1).")");
|
||||
if ($session{form}{proceed}) {
|
||||
|
|
@ -211,10 +211,10 @@ sub www_addRelated {
|
|||
$f->hidden("wid",$_[0]->get("wobjectId"));
|
||||
$f->hidden("func","addRelatedSave");
|
||||
@usedRelated = WebGUI::SQL->quickArray("select relatedWobjectId from Product_related
|
||||
where wobjectId=".$session{form}{wid});
|
||||
where wobjectId=".quote($session{form}{wid}));
|
||||
push(@usedRelated,$session{form}{wid});
|
||||
$related = WebGUI::SQL->buildHashRef("select wobjectId,title from wobject where namespace='Product'
|
||||
and wobjectId not in (".join(",",@usedRelated).")");
|
||||
and wobjectId not in (".quoteAndJoin(\@usedRelated).")");
|
||||
$f->select("relatedWobjectId",$related,WebGUI::International::get(20,$_[0]->get("namespace")));
|
||||
$f->yesNo("proceed",WebGUI::International::get(21,$_[0]->get("namespace")));
|
||||
$f->submit;
|
||||
|
|
@ -228,7 +228,7 @@ sub www_addRelatedSave {
|
|||
return "" unless ($session{form}{relatedWobjectId});
|
||||
my ($seq);
|
||||
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_related
|
||||
where wobjectId=".$_[0]->get("wobjectId"));
|
||||
where wobjectId=".quote($_[0]->get("wobjectId")));
|
||||
WebGUI::SQL->write("insert into Product_related (wobjectId,relatedWobjectId,sequenceNumber) values
|
||||
(".quote($_[0]->get("wobjectId")).",".quote($session{form}{relatedWobjectId}).",".($seq+1).")");
|
||||
if ($session{form}{proceed}) {
|
||||
|
|
@ -250,7 +250,7 @@ sub www_deleteAccessory {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_deleteAccessoryConfirm {
|
||||
return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
|
||||
WebGUI::SQL->write("delete from Product_accessory where wobjectId=".$_[0]->get("wobjectId")." and accessoryWobjectId=".quote($session{form}{aid}));
|
||||
WebGUI::SQL->write("delete from Product_accessory where wobjectId=".quote($_[0]->get("wobjectId"))." and accessoryWobjectId=".quote($session{form}{aid}));
|
||||
$_[0]->reorderCollateral("Product_accessory","accessoryWobjectId");
|
||||
return "";
|
||||
}
|
||||
|
|
@ -301,7 +301,7 @@ sub www_deleteRelated {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_deleteRelatedConfirm {
|
||||
return WebGUI::Privilege::insufficient() unless ($_[0]->canEdit);
|
||||
WebGUI::SQL->write("delete from Product_related where wobjectId=".$_[0]->get("wobjectId")." and relatedWobjectId=".quote($session{form}{rid}));
|
||||
WebGUI::SQL->write("delete from Product_related where wobjectId=".quote($_[0]->get("wobjectId"))." and relatedWobjectId=".quote($session{form}{rid}));
|
||||
$_[0]->reorderCollateral("Product_related","relatedWobjectId");
|
||||
return "";
|
||||
}
|
||||
|
|
@ -609,7 +609,7 @@ sub www_view {
|
|||
$var{"addFeature.url"} = WebGUI::URL::page('func=editFeature&fid=new&wid='.$_[0]->get("wobjectId"));
|
||||
$var{"addFeature.label"} = WebGUI::International::get(34,$_[0]->get("namespace"));
|
||||
$sth = WebGUI::SQL->read("select feature,Product_featureId from Product_feature where wobjectId="
|
||||
.$_[0]->get("wobjectId")." order by sequenceNumber");
|
||||
.quote($_[0]->get("wobjectId"))." order by sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
$segment = deleteIcon('func=deleteFeature&wid='.$_[0]->get("wobjectId").'&fid='.$data{Product_featureId})
|
||||
.editIcon('func=editFeature&wid='.$_[0]->get("wobjectId").'&fid='.$data{Product_featureId})
|
||||
|
|
@ -627,7 +627,7 @@ sub www_view {
|
|||
$var{"addBenefit.url"} = WebGUI::URL::page('func=editBenefit&fid=new&wid='.$_[0]->get("wobjectId"));
|
||||
$var{"addBenefit.label"} = WebGUI::International::get(55,$_[0]->get("namespace"));
|
||||
$sth = WebGUI::SQL->read("select benefit,Product_benefitId from Product_benefit where wobjectId="
|
||||
.$_[0]->get("wobjectId")." order by sequenceNumber");
|
||||
.quote($_[0]->get("wobjectId"))." order by sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
$segment = deleteIcon('func=deleteBenefit&wid='.$_[0]->get("wobjectId").'&bid='.$data{Product_benefitId})
|
||||
.editIcon('func=editBenefit&wid='.$_[0]->get("wobjectId").'&bid='.$data{Product_benefitId})
|
||||
|
|
@ -645,7 +645,7 @@ sub www_view {
|
|||
$var{"addSpecification.url"} = WebGUI::URL::page('func=editSpecification&sid=new&wid='.$_[0]->get("wobjectId"));
|
||||
$var{"addSpecification.label"} = WebGUI::International::get(35,$_[0]->get("namespace"));
|
||||
$sth = WebGUI::SQL->read("select name,value,units,Product_specificationId from Product_specification
|
||||
where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber");
|
||||
where wobjectId=".quote($_[0]->get("wobjectId"))." order by sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
$segment = deleteIcon('func=deleteSpecification&wid='.$_[0]->get("wobjectId").'&sid='.$data{Product_specificationId})
|
||||
.editIcon('func=editSpecification&wid='.$_[0]->get("wobjectId").'&sid='.$data{Product_specificationId})
|
||||
|
|
@ -666,7 +666,7 @@ sub www_view {
|
|||
$var{"addaccessory.label"} = WebGUI::International::get(36,$_[0]->get("namespace"));
|
||||
$sth = WebGUI::SQL->read("select wobject.title,page.urlizedTitle,Product_accessory.accessoryWobjectId
|
||||
from Product_accessory,wobject,page
|
||||
where Product_accessory.wobjectId=".$_[0]->get("wobjectId")."
|
||||
where Product_accessory.wobjectId=".quote($_[0]->get("wobjectId"))."
|
||||
and Product_accessory.accessoryWobjectId=wobject.wobjectId
|
||||
and wobject.pageId=page.pageId order by Product_accessory.sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
|
|
@ -687,7 +687,7 @@ sub www_view {
|
|||
$var{"addrelatedproduct.label"} = WebGUI::International::get(37,$_[0]->get("namespace"));
|
||||
$sth = WebGUI::SQL->read("select wobject.title,page.urlizedTitle,Product_related.relatedWobjectId
|
||||
from Product_related,wobject,page
|
||||
where Product_related.wobjectId=".$_[0]->get("wobjectId")."
|
||||
where Product_related.wobjectId=".quote($_[0]->get("wobjectId"))."
|
||||
and Product_related.relatedWobjectId=wobject.wobjectId
|
||||
and wobject.pageId=page.pageId order by Product_related.sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ sub _traversePageTree {
|
|||
} else {
|
||||
$orderBy = 'sequenceNumber';
|
||||
}
|
||||
$sth = WebGUI::SQL->read("select urlizedTitle, menuTitle, title, pageId, synopsis from page where parentId='$parent' and hideFromNavigation = 0 order by $orderBy");
|
||||
$sth = WebGUI::SQL->read("select urlizedTitle, menuTitle, title, pageId, synopsis from page where parentId=".quote($parent)." and hideFromNavigation = 0 order by $orderBy");
|
||||
while ($data = $sth->hashRef) {
|
||||
if (($data->{pageId}<0 || $data->{pageId}>999 || $data->{pageId}==1) && WebGUI::Page::canView($data->{pageId})) {
|
||||
push(@pages,{
|
||||
|
|
|
|||
|
|
@ -184,7 +184,7 @@ sub getMenuVars {
|
|||
#-------------------------------------------------------------------
|
||||
sub getQuestionCount {
|
||||
my $self = shift;
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_question where Survey_id=".$self->get("Survey_id"));
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_question where Survey_id=".quote($self->get("Survey_id")));
|
||||
return ($count < $self->getValue("questionsPerResponse")) ? $count : $self->getValue("questionsPerResponse");
|
||||
}
|
||||
|
||||
|
|
@ -216,7 +216,7 @@ sub getQuestionsLoop {
|
|||
sub getQuestionResponseCount {
|
||||
my $self = shift;
|
||||
my $responseId = shift;
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_responseId=".$responseId);
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_responseId=".quote($responseId));
|
||||
return $count;
|
||||
}
|
||||
|
||||
|
|
@ -234,7 +234,7 @@ sub getQuestionVars {
|
|||
});
|
||||
$var{'question.comment.label'} = WebGUI::International::get(51,$self->get("namespace"));
|
||||
if ($question->{answerFieldType} eq "text") {
|
||||
my ($answer) = WebGUI::SQL->quickArray("select Survey_answerId from Survey_answer where Survey_questionId=".$question->{Survey_questionId});
|
||||
my ($answer) = WebGUI::SQL->quickArray("select Survey_answerId from Survey_answer where Survey_questionId=".quote($question->{Survey_questionId}));
|
||||
$var{'question.answer.field'} = WebGUI::Form::hidden({
|
||||
name=>'answerId_'.$questionId,
|
||||
value=>$answer
|
||||
|
|
@ -243,7 +243,7 @@ sub getQuestionVars {
|
|||
name=>'textResponse_'.$questionId
|
||||
});
|
||||
} else {
|
||||
my $answer = WebGUI::SQL->buildHashRef("select Survey_answerId,answer from Survey_answer where Survey_questionId=".$question->{Survey_questionId}." order by sequenceNumber");
|
||||
my $answer = WebGUI::SQL->buildHashRef("select Survey_answerId,answer from Survey_answer where Survey_questionId=".quote($question->{Survey_questionId})." order by sequenceNumber");
|
||||
if ($question->{randomizeAnswers}) {
|
||||
$answer = randomizeHash($answer);
|
||||
}
|
||||
|
|
@ -260,10 +260,10 @@ sub getQuestionVars {
|
|||
sub getRandomQuestionIds {
|
||||
my $self = shift;
|
||||
my $responseId = shift;
|
||||
my @usedQuestionIds = WebGUI::SQL->buildArray("select Survey_questionId from Survey_questionResponse where Survey_responseId=".$responseId);
|
||||
my $where = " where Survey_id=".$self->get("Survey_id");
|
||||
my @usedQuestionIds = WebGUI::SQL->buildArray("select Survey_questionId from Survey_questionResponse where Survey_responseId=".quote($responseId));
|
||||
my $where = " where Survey_id=".quote($self->get("Survey_id"));
|
||||
if ($#usedQuestionIds+1 > 0) {
|
||||
$where .= " and Survey_questionId not in (".join(",",@usedQuestionIds).")";
|
||||
$where .= " and Survey_questionId not in (".quoteAndJoin(\@usedQuestionIds).")";
|
||||
}
|
||||
my @questions = WebGUI::SQL->buildArray("select Survey_questionId from Survey_question".$where);
|
||||
randomizeArray(\@questions);
|
||||
|
|
@ -275,7 +275,7 @@ sub getResponseCount {
|
|||
my $self = shift;
|
||||
my $ipAddress = $self->getIp;
|
||||
my $userId = $self->getUserId;
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_response where Survey_id=".$self->get("Survey_id")." and
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey_response where Survey_id=".quote($self->get("Survey_id"))." and
|
||||
((userId<>1 and userId=".quote($userId).") or ( userId=1 and ipAddress=".quote($ipAddress)."))");
|
||||
return $count;
|
||||
}
|
||||
|
|
@ -286,22 +286,22 @@ sub getResponseDrivenQuestionIds {
|
|||
my $self = shift;
|
||||
my $responseId = shift;
|
||||
my $previousResponse = WebGUI::SQL->quickHashRef("select Survey_questionId, Survey_answerId from Survey_questionResponse
|
||||
where Survey_responseId=$responseId order by dateOfResponse desc");
|
||||
where Survey_responseId=".quote($responseId)." order by dateOfResponse desc");
|
||||
my $questionId;
|
||||
my @questions;
|
||||
if ($previousResponse->{Survey_answerId}) {
|
||||
($questionId) = WebGUI::SQL->quickArray("select gotoQuestion from Survey_answer where
|
||||
Survey_answerId=".$previousResponse->{Survey_answerId});
|
||||
Survey_answerId=".quote($previousResponse->{Survey_answerId}));
|
||||
unless ($questionId > 0) {
|
||||
($questionId) = WebGUI::SQL->quickArray("select gotoQuestion from Survey_question where
|
||||
Survey_questionId=".$previousResponse->{Survey_questionId});
|
||||
Survey_questionId=".quote($previousResponse->{Survey_questionId}));
|
||||
}
|
||||
unless ($questionId > 0) { # terminate survey
|
||||
$self->completeResponse($responseId);
|
||||
return ();
|
||||
}
|
||||
} else {
|
||||
($questionId) = WebGUI::SQL->quickArray("select Survey_questionId from Survey_question where Survey_id=".$self->getValue("Survey_id")."
|
||||
($questionId) = WebGUI::SQL->quickArray("select Survey_questionId from Survey_question where Survey_id=".quote($self->getValue("Survey_id"))."
|
||||
order by sequenceNumber");
|
||||
}
|
||||
push(@questions,$questionId);
|
||||
|
|
@ -325,10 +325,10 @@ sub getResponseIdString {
|
|||
sub getSequentialQuestionIds {
|
||||
my $self = shift;
|
||||
my $responseId = shift;
|
||||
my @usedQuestionIds = WebGUI::SQL->buildArray("select Survey_questionId from Survey_questionResponse where Survey_responseId=".$responseId);
|
||||
my $where = " where Survey_id=".$self->get("Survey_id");
|
||||
my @usedQuestionIds = WebGUI::SQL->buildArray("select Survey_questionId from Survey_questionResponse where Survey_responseId=".quote($responseId));
|
||||
my $where = " where Survey_id=".quote($self->get("Survey_id"));
|
||||
if ($#usedQuestionIds+1 > 0) {
|
||||
$where .= " and Survey_questionId not in (".join(",",@usedQuestionIds).")";
|
||||
$where .= " and Survey_questionId not in (".quoteAndJoin(\@usedQuestionIds).")";
|
||||
}
|
||||
my @questions = WebGUI::SQL->buildArray("select Survey_questionId from Survey_question $where order by sequenceNumber");
|
||||
return @questions;
|
||||
|
|
@ -396,11 +396,11 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub purge {
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey where Survey_id=".$_[0]->get("Survey_id"));
|
||||
my ($count) = WebGUI::SQL->quickArray("select count(*) from Survey where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
if ($count < 2) { ### Check for other wobjects using this survey.
|
||||
WebGUI::SQL->write("delete from Survey_question where Survey_id=".$_[0]->get("Survey_id"));
|
||||
WebGUI::SQL->write("delete from Survey_answer where Survey_id=".$_[0]->get("Survey_id"));
|
||||
WebGUI::SQL->write("delete from Survey_response where Survey_id=".$_[0]->get("Survey_id"));
|
||||
WebGUI::SQL->write("delete from Survey_question where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
WebGUI::SQL->write("delete from Survey_answer where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
WebGUI::SQL->write("delete from Survey_response where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
}
|
||||
$_[0]->SUPER::purge();
|
||||
}
|
||||
|
|
@ -488,8 +488,8 @@ sub www_deleteAllResponses {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_deleteAllResponsesConfirm {
|
||||
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
|
||||
WebGUI::SQL->write("delete from Survey_response where Survey_id=".$_[0]->get("Survey_id"));
|
||||
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_id=".$_[0]->get("Survey_id"));
|
||||
WebGUI::SQL->write("delete from Survey_response where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
WebGUI::SQL->write("delete from Survey_questionResponse where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
return "";
|
||||
}
|
||||
|
||||
|
|
@ -608,7 +608,7 @@ sub www_editAnswer {
|
|||
}
|
||||
if ($_[0]->get("questionOrder") eq "response") {
|
||||
$question = WebGUI::SQL->buildHashRef("select Survey_questionId,question
|
||||
from Survey_question where Survey_id=".$_[0]->get("Survey_id")." order by sequenceNumber");
|
||||
from Survey_question where Survey_id=".quote($_[0]->get("Survey_id"))." order by sequenceNumber");
|
||||
$question = { ('-1' => WebGUI::International::get(82,$_[0]->get("namespace")),%$question) };
|
||||
$f->select(
|
||||
-name=>"gotoQuestion",
|
||||
|
|
@ -689,7 +689,7 @@ sub www_editQuestion {
|
|||
);
|
||||
if ($_[0]->get("questionOrder") eq "response") {
|
||||
my $ql = WebGUI::SQL->buildHashRef("select Survey_questionId,question
|
||||
from Survey_question where Survey_id=".$_[0]->get("Survey_id")." order by sequenceNumber");
|
||||
from Survey_question where Survey_id=".quote($_[0]->get("Survey_id"))." order by sequenceNumber");
|
||||
$ql = { ('-1' => WebGUI::International::get(82,$_[0]->get("namespace")),%$ql) };
|
||||
$f->select(
|
||||
-name=>"gotoQuestion",
|
||||
|
|
@ -721,7 +721,7 @@ sub www_editQuestion {
|
|||
$output .= '<a href="'.WebGUI::URL::page('wid='.$_[0]->get("wobjectId").'&func=editAnswer&aid=new&qid='
|
||||
.$question->{Survey_questionId}).'">'.WebGUI::International::get(23,$_[0]->get("namespace")).'</a><p>';
|
||||
$sth = WebGUI::SQL->read("select Survey_answerId,answer from Survey_answer
|
||||
where Survey_questionId=".$question->{Survey_questionId}." order by sequenceNumber");
|
||||
where Survey_questionId=".quote($question->{Survey_questionId})." order by sequenceNumber");
|
||||
while (%data = $sth->hash) {
|
||||
$output .= deleteIcon('func=deleteAnswer&wid='.$_[0]->get("wobjectId")
|
||||
.'&qid='.$question->{Survey_questionId}.'&aid='.$data{Survey_answerId})
|
||||
|
|
@ -784,7 +784,7 @@ sub www_editQuestionSave {
|
|||
sub www_exportAnswers {
|
||||
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
|
||||
WebGUI::HTTP::setFilename(WebGUI::URL::escape($_[0]->get("title")."_answers.tab"),"text/tab");
|
||||
return WebGUI::SQL->quickTab("select * from Survey_answer where Survey_id=".$_[0]->get("Survey_id"));
|
||||
return WebGUI::SQL->quickTab("select * from Survey_answer where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -794,21 +794,21 @@ sub www_exportComposite {
|
|||
return WebGUI::SQL->quickTab("select b.question, c.response, a.userId, a.username, a.ipAddress, c.comment, c.dateOfResponse from Survey_response a
|
||||
left join Survey_questionResponse c on a.Survey_responseId=c.Survey_responseId
|
||||
left join Survey_question b on c.Survey_questionId=b.Survey_questionId
|
||||
where a.Survey_id=".$_[0]->get("Survey_id")." order by a.userId, a.ipAddress, b.sequenceNumber");
|
||||
where a.Survey_id=".quote($_[0]->get("Survey_id"))." order by a.userId, a.ipAddress, b.sequenceNumber");
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_exportQuestions {
|
||||
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
|
||||
WebGUI::HTTP::setFilename(WebGUI::URL::escape($_[0]->get("title")."_questions.tab"),"text/tab");
|
||||
return WebGUI::SQL->quickTab("select * from Survey_question where Survey_id=".$_[0]->get("Survey_id"));
|
||||
return WebGUI::SQL->quickTab("select * from Survey_question where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_exportResponses {
|
||||
return "" unless (WebGUI::Grouping::isInGroup($_[0]->get("groupToViewReports")));
|
||||
WebGUI::HTTP::setFilename(WebGUI::URL::escape($_[0]->get("title")."_responses.tab"),"text/tab");
|
||||
return WebGUI::SQL->quickTab("select * from Survey_response where Survey_id=".$_[0]->get("Survey_id"));
|
||||
return WebGUI::SQL->quickTab("select * from Survey_response where Survey_id=".quote($_[0]->get("Survey_id")));
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -850,9 +850,9 @@ sub www_respond {
|
|||
if ($key =~ /answerId_(\d+)/) {
|
||||
my $id = $1;
|
||||
my ($previousResponse) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse
|
||||
where Survey_answerId=".$session{form}{"answerId_".$id}." and Survey_responseId=".$session{scratch}{$varname});
|
||||
where Survey_answerId=".quote($session{form}{"answerId_".$id})." and Survey_responseId=".quote($session{scratch}{$varname}));
|
||||
next if ($previousResponse);
|
||||
my $answer = $self->getCollateral("Survey_answer","Survey_answerId",$session{form}{"answerId_".$id});
|
||||
my $answer = $self->getCollateral("Survey_answer","Survey_answerId",quote($session{form}{"answerId_".$id}));
|
||||
my $response = $session{form}{"textResponse_".$id} || $answer->{answer};
|
||||
WebGUI::SQL->write("insert into Survey_questionResponse (Survey_answerId,Survey_questionId,Survey_responseId,Survey_id,comment,response,dateOfResponse) values (
|
||||
".quote($answer->{Survey_answerId}).", ".quote($answer->{Survey_questionId}).", ".quote($session{scratch}{$varname}).", ".quote($answer->{Survey_id}).",
|
||||
|
|
@ -879,7 +879,7 @@ sub www_view {
|
|||
$var->{'question.add.url'} = WebGUI::URL::page('wid='.$self->get("wobjectId").'&func=editQuestion&qid=new');
|
||||
$var->{'question.add.label'} = WebGUI::International::get(30,$self->get("namespace"));
|
||||
my @edit;
|
||||
my $sth = WebGUI::SQL->read("select Survey_questionId,question from Survey_question where Survey_id=".$self->get("Survey_id")." order by sequenceNumber");
|
||||
my $sth = WebGUI::SQL->read("select Survey_questionId,question from Survey_question where Survey_id=".quote($self->get("Survey_id"))." order by sequenceNumber");
|
||||
while (my %data = $sth->hash) {
|
||||
push(@edit,{
|
||||
'question.edit.controls'=>deleteIcon('func=deleteQuestion&wid='.$self->get("wobjectId").'&qid='.$data{Survey_questionId})
|
||||
|
|
@ -904,7 +904,7 @@ sub www_view {
|
|||
if ($var->{'response.Id'}) {
|
||||
$var->{'questions.soFar.count'} = $self->getQuestionResponseCount($var->{'response.Id'});
|
||||
($var->{'questions.correct.count'}) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse a, Survey_answer b where a.Survey_responseId="
|
||||
.$var->{'response.Id'}." and a.Survey_answerId=b.Survey_answerId and b.isCorrect=1");
|
||||
.quote($var->{'response.Id'})." and a.Survey_answerId=b.Survey_answerId and b.isCorrect=1");
|
||||
if ($var->{'questions.soFar.count'} > 0) {
|
||||
$var->{'questions.correct.percent'} = round(($var->{'questions.correct.count'}/$var->{'questions.soFar.count'})*100)
|
||||
}
|
||||
|
|
@ -950,7 +950,7 @@ sub www_viewGradebook {
|
|||
$p->setDataByQuery("select userId,username,ipAddress,Survey_responseId,startDate,endDate from Survey_response
|
||||
where isComplete=1 and Survey_id=".$self->get("Survey_id")." order by username,ipAddress,startDate");
|
||||
my $users = $p->getPageData;
|
||||
($var->{'question.count'}) = WebGUI::SQL->quickArray("select count(*) from Survey_question where Survey_id=".$self->get("Survey_id"));
|
||||
($var->{'question.count'}) = WebGUI::SQL->quickArray("select count(*) from Survey_question where Survey_id=".quote($self->get("Survey_id")));
|
||||
if ($var->{'question.count'} > $self->get("questionsPerResponse")) {
|
||||
$var->{'question.count'} = $self->get("questionsPerResponse");
|
||||
}
|
||||
|
|
@ -960,7 +960,7 @@ sub www_viewGradebook {
|
|||
my @responseloop;
|
||||
foreach my $user (@$users) {
|
||||
my ($correctCount) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse a left join
|
||||
Survey_answer b on a.Survey_answerId=b.Survey_answerId where a.Survey_responseId=".$user->{Survey_responseId}
|
||||
Survey_answer b on a.Survey_answerId=b.Survey_answerId where a.Survey_responseId=".quote($user->{Survey_responseId})
|
||||
." and b.isCorrect=1");
|
||||
push(@responseloop, {
|
||||
'response.url'=>WebGUI::URL::page('func=viewIndividualSurvey&wid='.$self->get("wobjectId")
|
||||
|
|
@ -1003,14 +1003,14 @@ sub www_viewIndividualSurvey {
|
|||
$var->{'response.label'} = WebGUI::International::get(66,$self->get("namespace"));
|
||||
$var->{'comment.label'} = WebGUI::International::get(57,$self->get("namespace"));
|
||||
my $a = WebGUI::SQL->read("select Survey_questionId,question,answerFieldType from Survey_question
|
||||
where Survey_id=".$self->get("Survey_id")." order by sequenceNumber");
|
||||
where Survey_id=".quote($self->get("Survey_id"))." order by sequenceNumber");
|
||||
my @questionloop;
|
||||
while (my $qdata = $a->hashRef) {
|
||||
my @aid;
|
||||
my @answer;
|
||||
if ($qdata->{answerFieldType} eq "radioList") {
|
||||
my $sth = WebGUI::SQL->read("select Survey_answerId,answer from Survey_answer
|
||||
where Survey_questionId=".$qdata->{Survey_questionId}." and isCorrect=1 order by sequenceNumber");
|
||||
where Survey_questionId=".quote($qdata->{Survey_questionId})." and isCorrect=1 order by sequenceNumber");
|
||||
while (my $adata = $sth->hashRef) {
|
||||
push(@aid,$adata->{Survey_answerId});
|
||||
push(@answer,$adata->{answer});
|
||||
|
|
@ -1018,7 +1018,7 @@ sub www_viewIndividualSurvey {
|
|||
$sth->finish;
|
||||
}
|
||||
my $rdata = WebGUI::SQL->quickHashRef("select Survey_answerId,response,comment from Survey_questionResponse
|
||||
where Survey_questionId=".$qdata->{Survey_questionId}." and Survey_responseId=".$session{form}{responseId});
|
||||
where Survey_questionId=".quote($qdata->{Survey_questionId})." and Survey_responseId=".quote($session{form}{responseId}));
|
||||
push(@questionloop,{
|
||||
question => $qdata->{question},
|
||||
'question.id'=>$qdata->{Survey_questionId},
|
||||
|
|
@ -1053,12 +1053,12 @@ sub www_viewStatisticalOverview {
|
|||
$var->{'show.comments.label'} = WebGUI::International::get(56,$self->get("namespace"));
|
||||
foreach my $question (@$questions) {
|
||||
my @answerloop;
|
||||
my ($totalResponses) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_questionId=".$question->{Survey_questionId});
|
||||
my ($totalResponses) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_questionId=".quote($question->{Survey_questionId}));
|
||||
if ($question->{answerFieldType} eq "radioList") {
|
||||
my $sth = WebGUI::SQL->read("select Survey_answerId,answer,isCorrect from Survey_answer where
|
||||
Survey_questionId=".$question->{Survey_questionId}." order by sequenceNumber");
|
||||
Survey_questionId=".quote($question->{Survey_questionId})." order by sequenceNumber");
|
||||
while (my $answer = $sth->hashRef) {
|
||||
my ($numResponses) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_answerId=".$answer->{Survey_answerId});
|
||||
my ($numResponses) = WebGUI::SQL->quickArray("select count(*) from Survey_questionResponse where Survey_answerId=".quote($answer->{Survey_answerId}));
|
||||
my $responsePercent;
|
||||
if ($totalResponses) {
|
||||
$responsePercent = round(($numResponses/$totalResponses)*100);
|
||||
|
|
@ -1066,7 +1066,7 @@ sub www_viewStatisticalOverview {
|
|||
$responsePercent = 0;
|
||||
}
|
||||
my @commentloop;
|
||||
my $sth2 = WebGUI::SQL->read("select comment from Survey_questionResponse where Survey_answerId=".$answer->{Survey_answerId});
|
||||
my $sth2 = WebGUI::SQL->read("select comment from Survey_questionResponse where Survey_answerId=".quote($answer->{Survey_answerId}));
|
||||
while (my ($comment) = $sth2->array) {
|
||||
push(@commentloop,{
|
||||
'answer.comment'=>$comment
|
||||
|
|
@ -1083,7 +1083,7 @@ sub www_viewStatisticalOverview {
|
|||
}
|
||||
$sth->finish;
|
||||
} else {
|
||||
my $sth = WebGUI::SQL->read("select response,comment from Survey_questionResponse where Survey_questionId=".$question->{Survey_questionId});
|
||||
my $sth = WebGUI::SQL->read("select response,comment from Survey_questionResponse where Survey_questionId=".quote($question->{Survey_questionId}));
|
||||
while (my $response = $sth->hashRef) {
|
||||
push(@answerloop,{
|
||||
'answer.response'=>$response->{response},
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ use WebGUI::Icon;
|
|||
use WebGUI::International;
|
||||
use WebGUI::Privilege;
|
||||
use WebGUI::Session;
|
||||
use WebGUI::SQL;
|
||||
use WebGUI::Wobject;
|
||||
use XML::RSSLite;
|
||||
use LWP::UserAgent;
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ sub www_edit {
|
|||
-label=>WebGUI::International::get(10,$_[0]->get("namespace"))
|
||||
);
|
||||
my @data = WebGUI::SQL->quickArray("select page.urlizedTitle,wobject.title from wobject left join page on wobject.pageId=page.pageId
|
||||
where wobject.wobjectId=".$_[0]->get("proxiedWobjectId"));
|
||||
where wobject.wobjectId=".quote($_[0]->get("proxiedWobjectId")));
|
||||
$properties->readOnly(
|
||||
-label=>WebGUI::International::get(1,$_[0]->get("namespace")),
|
||||
-value=>'<a href="'.WebGUI::URL::gateway($data[0]).'">'.$data[1].'</a> ('.$_[0]->get("proxiedWobjectId").')'
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue