Location: PHPKode > projects > Convener > answer/answer.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
	<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
	<title>Answer</title>
	<style type="text/css" media="screen">@import "answer.css";</style>
</head>
<body>
<div id="wrapper">		
	<div id="content"> 

<?php 

require('../config.php');
require('../dbfunc.php');
$conveners_id = 1; // now for testing, set by authentication when it's ready

$meetings_id = escape_smart($_GET['m']);
$participants_id = escape_smart($_GET['p']);
$hash = escape_smart($_GET['h']);

// --- form sent
if ($_POST['ok']) {
	$result_answers = mysql_query("SELECT answer FROM answers WHERE meetings_id = $meetings_id 
	AND participants_id = $participants_id", $link);
	if (mysql_num_rows($result_answers) > 0) $update = TRUE; // if old answers returned update these rows, otherwise insert new rows 
	foreach ($_POST['answ'] as $key => $value) { // loop through every answer
		$message = escape_smart($_POST['msg'][$key]);
		if ($update == TRUE) { 
			$sql = "UPDATE answers SET answer = '$value', message= '$message' WHERE meetings_id = $meetings_id 
			AND participants_id = $participants_id AND suggestions_id = '$key'";
			mysql_query($sql, $link) or die(MYSQL_ERROR());
		} else {
			$sql = "INSERT INTO answers (meetings_id, participants_id, suggestions_id, answer, message)
			VALUES ('$meetings_id', '$participants_id', '$key', '$value', '$message')";
			mysql_query($sql, $link) or die(MYSQL_ERROR());
		}
	}
	echo '<h2>Thank you for answering!</h2><p>Your answers were saved. You can follow the email link again to change your answers.</p>
	<p><a href="answer.php?m=' . $meetings_id . '&amp;p=' . $participants_id . '&amp;e=' . $email . '&amp;h=' . $hash . 
	'">Change answers now</a></p>';
	
	// --- display quick link to view meeting if in testing mode (not sending e-mails)
	$result = mysql_query("SELECT sendmails FROM settings LIMIT 1", $link) or die(MYSQL_ERROR());
	$sm = mysql_fetch_row($result);
	if ($sm[0] == 0) echo "<p><br><br><i><a href=\"../manage/viewmeeting.php&#63;m=$meetings_id\">View meeting $meetings_id </a> 
	(Quick link for testing purposes)</i></p>";
		
// --- form not yet sent
} else {
	if ($hash == md5($participants_id . $meetings_id . $salt)) { // participant followed a valid link	
		// --- query meeting title, description and answering deadline
 		$result = mysql_query("SELECT description, title, deadline FROM meetings WHERE meetings_id = $meetings_id", $link);
		$meetings = mysql_fetch_row($result);
		if (date("Y-m-d H:i:s") >= $meetings[2]) { // no need to mktime(), since meetings.deadline datetimes are in valid form
			die("<h2>Answering deadline passed!</h2><p>Sorry, deadline for giving answers was $meetings[2].</p>");
		} else { // deadline not passed, still time to answer
			echo '<h2>' . $meetings[1] . '</h2><p class="box">' . (nl2br($meetings[0])) .'</p><p>' . 
			'<form action="answer.php?m=' . $meetings_id . '&amp;p=' . $participants_id . '&amp;e=' . $email . '&amp;h=' 
			. $hash .'" method="post">';
			$result = mysql_query("SELECT * FROM suggestions WHERE meetings_id = $meetings_id 
			ORDER BY suggestions_id ASC", $link);
			$sn = 1; // to display "suggestion number" to users
			$result_answers = mysql_query("SELECT answer FROM answers WHERE meetings_id = $meetings_id AND participants_id = 
			$participants_id", $link);
			if (mysql_num_rows($result_answers) > 0) {
			// --- participant has already answered, offer a chance to change these answers 
				echo '<p class="notice">You have already answered but you can still change your answers: </p><table border="1">';
				if (suggformat($meetings_id)== 0) { // date+location suggestions
					echo '<tr><th>No.</th><th class="leftalign">Starting</th><th class="leftalign">Ending</th><th class="leftalign">
					Location</th><th>Very good</th><th>Good</th><th>Average</th><th>Bad</th><th>Very bad</th>
					<th class="leftalign">Comment</th></tr>';
					while ($row = mysql_fetch_assoc($result)) {
						$result_suggestions_id = mysql_query("SELECT answer, message FROM answers 
						WHERE suggestions_id = " . $row['suggestions_id'] . " AND meetings_id = $meetings_id 
						AND participants_id = $participants_id", $link);
						$old_answ = mysql_fetch_row($result_suggestions_id);	
						echo "<tr><td>$sn</td><td class=\"leftalign\">" . $row['starttime'] . '</td><td class="leftalign">' . $row['endtime'] . 
						'</td><td class="leftalign">' . $row['location'] . '</td>';
						for ($i = 2; $i >= -2; $i--) { // loop through 5 radio buttons
							if($i == $old_answ[0]) // make button checked if answered so previously
								echo '<td width="5%"><input type="radio" name="answ[' . $row['suggestions_id'] . ']" value="' . $i . '" checked /></td>';
							else // display un-checked button
								echo '<td width="5%"><input type="radio" name="answ[' . $row['suggestions_id'] . ']" value="' . $i . '" /></td>';
						}
						echo '<td><input type="text" name="msg[' . $row['suggestions_id'] 
						. ']" size="30" maxlength="255" value="' . $old_answ[1] . '" /></td></tr>';
						$sn++;
					}
				} else { // freetext suggestions
					echo '<tr><th>No.</th><th class="leftalign">Suggestion</th><th>Very good</th><th>Good</th><th>Average</th>
					<th>Bad</th><th>Very bad</th><th class="leftalign">Comment</th></tr>';
					while ($row = mysql_fetch_assoc($result)) {
						$result_suggestions_id = mysql_query("SELECT answer, message FROM answers 
						WHERE suggestions_id = " . $row['suggestions_id'] . " AND meetings_id = $meetings_id 
						AND participants_id = $participants_id", $link);
						$old_answ = mysql_fetch_row($result_suggestions_id);	
						echo "<tr><td>$sn</td><td class=\"leftalign\">" . $row['freetext'] . '</td>';
						for ($i = 2; $i >= -2; $i--) { // loop through 5 radio buttons
							if($i == $old_answ[0]) // make button checked if answered so previously
								echo '<td width="5%"><input type="radio" name="answ[' . $row['suggestions_id'] . ']" value="' . $i . '" checked /></td>';
							else // display un-checked button
								echo '<td width="5%"><input type="radio" name="answ[' . $row['suggestions_id'] . ']" value="' . $i . '" /></td>';
						}
						echo '<td><input type="text" name="msg[' . $row['suggestions_id'] 
						. ']" size="30" maxlength="255 " value="' . $old_answ[1] . '" /></td></tr>';
						$sn++;
					}
				}
			} else {
			// --- participant has not answered yet
				echo '<p class="notice">Please enter your answers:</p><table border="1">';
				if (suggformat($meetings_id)== 0) { // date+location suggestions
					echo '<tr><th>No.</th><th class="leftalign">Starting</th><th class="leftalign">Ending</th><th class="leftalign">
					Location</th><th>Very good</th><th>Good</th><th>Average</th><th>Bad</th><th>Very bad</th><th class="leftalign">
					Comment</th></tr>';
				} else { // freetext suggestions
					echo '<tr><th>No.</th><th class="leftalign">Suggestion</th><th>Very good</th>
					<th>Good</th><th>Average</th><th>Bad</th><th>Very bad</th><th class="leftalign">Comment</th></tr>';
				}
								
				while ($row = mysql_fetch_assoc($result)) {
					if (suggformat($meetings_id)== 0) 
						echo "<tr><td>$sn</td><td>" . $row['starttime'] . '</td><td>' . $row['endtime'] . '</td><td class="leftalign">' . 
						$row['location'] . '</td>';
					else
						echo "<tr><td>$sn</td><td class=\"leftalign\">" . $row['freetext'] . '</td>';
					
					for ($i = 2; $i >= -2; $i--) { // echo the 5 answering radiobutton cells in the table
						echo '<td width="5%"><input type="radio" name="answ[' . $row['suggestions_id'] . ']" value="' . 
						$i . '"' . ($i==0 ? 'checked' : '') . ' /></td>';
					}
					
					echo '<td><input type="text" name="msg[' . $row['suggestions_id'] . ']" size="30" maxlength="255" /></td></tr>';
					$sn++;
				}
			}
			echo '</table><p><input type="submit" name="ok" value="Send answers" /></p></form>';
		}
	} else { // participant didn't follow a valid link
		echo "<h2>The meeting you requested was not found!</h2><p>If you believe this is an error, please contact 
		<a href=\"mailto:$webmaster\">$webmaster</a> for further instructions.</p>"; // TODO: contact convener of the meeting
	}
}
?>
</div>
</div>
</body>
</html>
Return current item: Convener