{
$id = htmlspecialchars($_REQUEST['ank_del']);
$query ="DELETE FROM `quest` WHERE `idank` = '$id'";
mysql_query($query);
$query ="DELETE FROM `ank` WHERE `idank` = '$id'";
mysql_query($query);
die("<p><a href='index.php'>Анкета удалена</a>");
}
if(isset($_REQUEST['save_new']))
{
if(!isset($_REQUEST['name']) || !isset($_REQUEST['newquest']))
die("<p><a href='index.php'>Ошибка</a>");
$newq = $_REQUEST['newquest']['text'];
$query = "SELECT COUNT(*) FROM ank WHERE `title` ='".$newq ."'";
$name = $_REQUEST['name'];
$type = $_REQUEST['newquest']['type'];
$result = @mysql_query($query);
if(mysql_result($result,0)>0)
return;
$query = "INSERT INTO `ank` ( `idank` , `title` , `votes` )
VALUES (
'', '$name', '0'
)";
$result = @mysql_query($query);
$query = "SELECT idank FROM ank WHERE `title` = '$name'";
$result = @mysql_query($query);
$idank = @mysql_result($result,0);
$query = "INSERT INTO `quest` ( `id` , `idank` , `text`,`type`) VALUES (
'', '$idank', '$newq','$type')";
$result = @mysql_query($query);
echo "<script>document.location.href='index.php?ank_edit=edit&ankID=$idank'</script>\n";
}
if(isset($_REQUEST['del']) &&isset($_REQUEST['ankID']))
{
$id = $_REQUEST['del'];
$query = "DELETE FROM `quest` WHERE id = $id LIMIT 1";
$result = @mysql_query($query);
}
if(isset($_REQUEST['saveank']))
{
@$name = $_REQUEST['name'];
@$ankID = $_REQUEST['ankID'];
@$quest=$_REQUEST['quest'];
if($name!='')
$query = "UPDATE `ank` SET `title` = '$name' WHERE `idank` =$ankID";
mysql_query($query);
if(!is_array($quest))
return;
foreach($quest as $k => $v)
{
$sql ="UPDATE `quest` SET `text` ='". $v['text'] ."',`type`='". $v['type']."' WHERE `id` =$k";
mysql_query($sql);
}
echo "<script>document.location.href='index.php?ank_edit=edit&ankID=$ankID'</script>\n";
}
if(isset($_REQUEST['newquest'])&& isset($_REQUEST['ankID'])&& $_REQUEST['newquest']['text']!="")
if($_REQUEST['newquest']!='')
{
$id = htmlspecialchars($_REQUEST['ankID']);
$text = htmlspecialchars($_REQUEST['newquest']['text']);
$type = $_REQUEST['newquest']['type'];
if(!is_numeric($id) && !is_null($id)) die("<p><a href='index.php'>Ошибка</a>");
$query = "INSERT INTO `quest` (`id`, `idank`, `text`,`type`) VALUES ('', '"
.$id ."', '"
.$text ."','"
.$type ."')";
mysql_query($query);
echo "<script>document.location.href='index.php?ankID=$id&&ank_edit=edit'</script>\n";
}
if(isset($_REQUEST['ankID']))
{
$id = $_REQUEST['ankID'];
if(is_numeric($id) && !is_null($id))
EditAnk($id);
else
die("<p><a href='index.php'>Ошибка</a>");
}elseif(isset($_REQUEST['addank']))
{
NewAnk();
}
else
ListAnk();
function NewAnk()
{
?>
<form name="form1" method="post" action="">
<input name="ank_edit" type="hidden" value="go">
<input name="save_new" type="hidden" value="go">
<palign="center">Добавление анкеты </p>
<table width="100%" border="0" style="border:double; border-color:#FF33cc; background-color:#FF33cc; color:#0000CC; font-weight: 500; border-width: 20;">
<tr >
<td width="79%"><font color="#000033"><strong>Название анкеты: </strong></font></td>
</tr>
<tr >
<td ><font color="#000033"><strong>
<input type="text" name="name" size="70" />
</strong></font></td>
</tr><tr>
<td><font color="#000033"><strong>Вопрос:</strong></font></td>
</tr>
<tr>
<td><font color="#000033"><strong>
<input name="newquest[text]" type="text" size="80" />
Тип вопроса
<select name="newquest[type]">
<option value="1">Текстовое поле</option>
<option value="2">Радио группа</option>
<option value="3">Флажок</option>
<option value="4">Список</option>
</select>
</strong></font></td>
</tr>
<tr>
<td><font color="#000033"><strong>
<input type="submit" name="addquest" value="Добавить вопрос" />
<input name="saveank" type="submit" value="Сохранить анкету" />
</strong></font></td>
</tr>
</table>
</form>
<p align="center">
<? }
function ListAnk(){
$query = "SELECT * FROM `ank`";
$result = @mysql_query($query);
?>
</p><divalign="center">
<p>Управление анкетами</p>
<table border="0" style="border:double; border-color:#FF33cc; background-color:#FF33cc; color:#0000CC; font-weight: 500; border-width: 20;">
<tr >
<td width="100"><font color="#000033"> </font></td>
<td width="100"><font color="#000033"><strong>Анкета: </strong></font></td>
<td width="100"><font color="#000033"><strong>Ответов:</strong></font></td>
<td width="100"><font color="#000033"> </font></td>
<td width="100"><font color="#000033"> </font></td>
</tr>
<? if(@mysql_num_rows($result)) {
while($ank=mysql_fetch_assoc($result))
{ ?>
<tr>
<form action="index.php" method="post">
<td> </td>
<td><?=$ank['title']?><input name="ankID" type="hidden" value="<?=$ank['idank']?>"></td>
<td><?=$ank['votes']?></td>
<td><input name="ank_edit" type="submit" value="Изменить" ></td>
<td><a href="index.php?ankID=<?=$ank['idank']?>&&ank_edit=edit&ank_del=<?=$ank['idank']?>">Удалить</a></td
></tr>
</form>
<? }
}else
echo "В БД нет анкет";
?>
</table>
<br />
<form action="index.php" method="post" name="form">
<input name="addank" type="hidden">
<input name="ank_edit" type="submit" value="Добавить анкету">
</form>
</div>
<?
}
function EditAnk($ankID)
{
$query = "SELECT * FROM `ank` WHERE idank=".$ankID;
$result = @mysql_query($query);
$ank = mysql_fetch_assoc($result);
$query = "SELECT * FROM `quest` WHERE idank=".$ankID;
$result = @mysql_query($query);
?>
<form name="form1" method="post" action="">
<input name="ank_edit" type="hidden" value="<?=$ank['idank']?>">
<input name="ankID" type="hidden" value="<?=$ank['idank']?>">
<p> </p>
<table border="0" style="border:double; border-color:#FF33cc; background-color:#FF33cc; color:#0000CC; font-weight: 500; border-width: 20;">
<tr >
<td ><font color="#000033">Название анкеты: </font></td>
<td ><font color="#000033">
<input name="name2" type="text" value="<?=$ank['title']?>" size="50" />
</font></td>
<td><font color="#000033"> </font></td>
</tr>
<tr >
<td><font color="#000033"> </font></td>
<td><font color="#000033"> </font></td>
<td><font color="#000033"> </font></td>
</tr>
<tr>
<? while($quest = mysql_fetch_assoc($result)) { ?>
</tr>
<tr >
<td><font color="#000033"> </font></td>
<td><font color="#000033">
<input name="quest[<?=$quest['id']?>][text]" type="text" value="<?=$quest['text']?>" size="80" />
<select name="quest[<?=$quest['id']?>][type]">
<option value="1" <? if($quest['type'] == 1) echo 'selected="selected"'; ?>>Текстовое поле</option>
<option value="2" <? if($quest['type'] == 2) echo 'selected="selected"'; ?>>Радио группа</option>
<option value="3" <? if($quest['type'] == 3) echo 'selected="selected"'; ?>>Флажок</option>
<option value="4" <? if($quest['type'] == 4) echo 'selected="selected"'; ?>>Список</option>
</select>
</font></td>
<td><a href="index.php?ankID=<?=$ankID?>&&ank_edit=edit&del=<?=$quest['id']?>">Удалить</a></td>
</tr>
<?} ?>
<tr >
<td><font color="#000033"> </font></td>
<td><font color="#000033"> </font></td>
<td><font color="#000033"> </font></td>
</tr>
<tr >
<td><font color="#000033">Новый вопрос</font></td>
<td><font color="#000033">
<input name="newquest[text]" type="text" size="60" />
Тип
<select name="newquest[type]">
<option value="1">Текстовое поле</option>
<option value="2">Радио группа</option>
<option value="3">Флажок</option>
<option value="4">Список</option>
</select>
</font></td>
<td><font color="#000033"> </font></td>
</tr>
<tr >
<td><font color="#000033"> </font></td>
<td><font color="#000033">
<input type="submit" name="addquest2" value="Добавить вопрос" />
</font></td>
<td><font color="#000033">
<input name="saveank2" type="submit" value="Сохранить анкету" />
</font></td>
</tr>
</table>
<p> </p>
<p> </p>
</form>
<?} ?>
Result_view.php
<?php
if(!isset($_SESSION['admin']) && $_SESSION['admin']!=md5("Admin"."pass")) die("Доступ запрещен");
?>
<divalign="center">Просмотр результатов
<?
if(isset($_REQUEST['showank'])) {
if(is_numeric($_REQUEST['showank']))
show_ank($_REQUEST['showank']);
}elseif(isset($_REQUEST['fs']))
{
$idf = $_REQUEST['ank'];
$idu = $_REQUEST['u'];
if($idf=='' && $idu =='')
die("Ошибка!!! <p><a href='index.php'>Назад</a>");
show_answer($idu,$idf);
}else
listank();
function show_ank($id) {
$sql = "SELECT `title` FROM `ank` WHERE `idank` = '$id'";
$result = @mysql_query($sql);
$title = @mysql_result($result,0);
$sql = "SELECT DISTINCT(`iduser`) FROM `ans` WHERE `idank` =$id";
mysql_free_result($result);
$result= @mysql_query($sql);
?>
<br>
</div>
<br>
<table width="100%" border="0" style="border:double; border-color:#00ffff; background-color:#00ffff; color:#0000CC; font-weight: 500; border-width: 20;">
<tr>
<td width="30%"><div align="right"><font color="#000033"><strong>Анкета: </strong></font></div></td>
<td width="30%"><font color="#000033"><strong>
<?=$title?>
</strong></font></td> </tr> <tr>
<td><font color="#000033"> </font></td>
<td><font color="#000033"> </font></td>
</tr> <tr>
<td colspan="2"><div align="center"><font color="#000033"><strong>Ответившие пользователи</strong></font></div> <div align="center"></div></td>
</tr> <tr>
<td><div align="right"><font color="#000033">Имя пользователя: </font></div></td>
<td> <font color="#000033"> <?
while($user = mysql_fetch_array($result)) {
$sql = "SELECT `name`, `id` FROM `user` WHERE `id` = " .$user[0];
$rez = @mysql_query($sql);
$rez = @mysql_fetch_array($rez);
echo '<a href="index.php?answers&fs&u=' .$rez[1] .'&ank=' .$id .'">' .$rez['name'] .'</a><br>'; } ?>
</font></td> </tr></table>
<? }
function show_answer($idu,$idf){
$sql = "SELECT `name` FROM `user` WHERE `id` = $idu";
$result = @mysql_query($sql);
$name = @mysql_result($result,0);
$sql = "SELECT `title` FROM `ank` WHERE `idank` = '$idf'";
$result = @mysql_query($sql);
$title = @mysql_result($result,0);
$sql = "SELECT `idquest`, `answer` FROM `ans` WHERE `iduser`= $idu AND `idank` = $idf";
$result = @mysql_query($sql); ?>
<br>
<table width="100%" border="0" style="border:ridge; border-color:#00ffcc; background-color:#00ffcc; color:#0000CC; font-weight: 500; border-width: 20;">
<tr >
<td width="30%"><div align="right"><font color="#000033" size="+2"><strong>Анкета: </strong></font></div></td>