<?
define(TEMPDIR,"../../");
@include(TEMPDIR."coreclass.php");
@include("coreclass.php");
$ae=new CSurveys();
$ae->EngineInitialize();
$ae->RequestVariables(1);
$ae->UserVerifySession();
$ae->UserVerifyLevel(2);

if ($ae->command==1) // adds new survey
   {
   $ae->UserVerifyLevel(2);
   if (!$ae->title OR !$ae->ans1 OR !$ae->ans2) $ae->DisplayError(24,"","","surveys");
   $ae->DBQuery("INSERT INTO ".$ae->tablesurveys[1]." VALUES (NULL,'".$ae->title."','".$ae->number."',1,'".$ae->ans1."','".$ae->ans2."','".$ae->ans3."','".$ae->ans4."','".$ae->ans5."',0,0,0,0,0)");
   }
if ($ae->command==2) // stops polling for the running survey
   {
   $ae->UserVerifyLevel(2);
   $ae->DBQuery("SELECT * FROM ".$ae->tablesurveys[1]." WHERE status=1");
   $ae->DBGetRow();
   $surveyID=$ae->access["ID"];
   $ae->DBQuery("UPDATE ".$ae->tablesurveys[1]." SET status=0 WHERE ID='$surveyID'");
   }
if ($ae->command==3) // deletes the survey
   {
   $ae->UserVerifyLevel(2);
   $ae->DBQuery("DELETE FROM ".$ae->tablesurveys[1]." WHERE ID='".$ae->surveyID."'");
   }
if ($ae->command==4) // updates the survey, admin can also change the number of votes
   {
   $ae->UserVerifyLevel(2);
   if ($ae->status==1)
   {
   $ae->DBQuery("SELECT * FROM ".$ae->tablesurveys[1]." WHERE status=1");
   $ae->DBGetRow();
   if ($ae->access["ID"] AND $ae->access["ID"]<>$ae->surveyID) $ae->DisplayError(25,"","","surveys");
   }
   $ae->DBQuery("UPDATE ".$ae->tablesurveys[1]." SET title='".$ae->title."',number='".$ae->number."',status='".$ae->status."',ans1='".$ae->ans1."',ans2='".$ae->ans2."',ans3='".$ae->ans3."',ans4='".$ae->ans4."',ans5='".$ae->ans5."' WHERE ID='".$ae->surveyID."'");
   if ($ae->currentuserposition==1) $ae->DBQuery("UPDATE ".$ae->tablesurveys[1]." SET vote1='".$ae->vote1."',vote2='".$ae->vote2."',vote3='".$ae->vote3."',vote4='".$ae->vote4."',vote5='".$ae->vote5."' WHERE ID='".$ae->surveyID."'");
   }

header("location: http://".$ae->server."/".$ae->path."admin/modules/surveys/managersurvey.php?username=".$ae->username."&session=".$ae->session);
?>