-
Notifications
You must be signed in to change notification settings - Fork 4
/
feedback.php
133 lines (122 loc) · 3.33 KB
/
feedback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?php
if (!$included) {
exit;
}
?>
<section style="display: inline-block; width: 710px;">
<style>
h1 {
font-size: 18pt;
margin-bottom: 0;
}
.star {
cursor: pointer;
font-size: 16pt;
}
</style>
<?php
if (isset($_POST['code'])) {
$code = $_POST['code'];
}
else {
$code = $_GET['code'];
}
$result = $db->query('SELECT id, title, speaker, link FROM presentations
WHERE code = "' . $db->escape_string($code) . '"
AND `datetime` > ' . (time() - ($code_validity * 3600 * 24)))
or die(translate('dberr') . '5.');
if ($result->num_rows == 0) {
die(translate('code not found'));
}
$row = $result->fetch_row();
$presentationid = $row[0];
$title = $row[1];
$speaker = $row[2];
$link = $row[3];
echo '<h1>' . htmlspecialchars($title) . '</h1>';
echo '— <i>' . htmlspecialchars($speaker) . '</i>';
if (!empty($link)) {
if (substr($link, 0, 4) !== 'http') {
$reallink = 'http://' . $link;
$reallink = htmlspecialchars($reallink);
}
else {
$reallink = htmlspecialchars($link);
}
echo ", <a href='$reallink'>$link</a>";
}
echo "<br><br>";
if (isset($_POST['code'])) {
$db->query("INSERT INTO presentation_feedback (presentationid) VALUES($presentationid)")
or die(translate('dberr') . '762');
$feedbackid = $db->insert_id;
$i = 0;
foreach ($_POST['q'] as $answer) {
$response = $db->escape_string($answer);
$db->query("INSERT INTO presentation_question_responses
(feedbackid, response, sequenceNumber)
VALUES($feedbackid, '$response', $i)")
or die(translate('dberr') . '1525');
$i++;
}
echo '<strong>' . translate('thanks for feedback') . '</strong>';
}
else {
$result = $db->query('SELECT pq.sequenceNumber, pq.question, pq.type
FROM presentations p
INNER JOIN presentation_questions pq ON pq.presentationid = p.id
WHERE p.code = "' . $db->escape_string($code) . '"
ORDER BY pq.sequenceNumber')
or die(translate('dberr') . '7');
$questions = [];
while ($row = $result->fetch_row()) {
$questions[$row[0]] = [$row[1], $row[2]];
}
?>
<form method=post>
<input type=hidden name=code value="<?php echo htmlspecialchars($_GET['code']); ?>">
<?php
foreach ($questions as $n=>$question) {
list($question, $type) = $question;
echo '<strong>' . htmlspecialchars($question) . '</strong><br>';
if ($type == 1) {
// 5-star rating
$wstar = '☆'; // white star
$bstar = '★'; // black star
$i = 0;
while ($i < 5) {
echo "<span class='sq$n-$i star' onclick='star($n, $i);'>$wstar</span>";
$i++;
}
echo "<input type=hidden name='q[]' id='q$n' value='-1'>";
echo "<br><br>";
}
else if ($type == 2) {
// text field
echo "<textarea name='q[]' cols=75 rows=2></textarea><br><br>";
}
else {
continue;
}
}
?>
<input type=submit value="<?php echo translate('Submit'); ?>">
</form>
<script>
function $(q) {
return document.querySelector(q);
}
function star(question_n, star_n) {
for (var i = 0; i <= star_n; i++) {
$(".sq" + question_n + "-" + i).innerHTML = "★";
}
for (var i = star_n + 1; i < 5; i++) {
$(".sq" + question_n + "-" + i).innerHTML = '☆';
}
$("#q" + question_n).value = star_n + 1;
}
</script>
<?php
}
?>
</section>