- 08 Mar 2013 03:35
#14188812
If a time comes when some may be interested in doing this, maybe the work Demo and I did a couple of years ago will be of help.
please excuse my "double posts".
This is a phpBB3 mod/addon. The phpBB3 system handles creating accounts, logging in, and so forth. The top part of each page has some standard code that has to go into each page of a mod. The good thing about this is that the standard security measures of phpBB3 are therefore incorporated into the mod.
IIRC by using request_var, phpBB3 checks the input.
This mod is not complete, but it was well on its way. The code is sloppy and all of the features are not implemented.
But the main features function. I'm guessing it's 2/3 complete.
First file is pfquiz.php
quizadmin.php
please excuse my "double posts".
This is a phpBB3 mod/addon. The phpBB3 system handles creating accounts, logging in, and so forth. The top part of each page has some standard code that has to go into each page of a mod. The good thing about this is that the standard security measures of phpBB3 are therefore incorporated into the mod.
IIRC by using request_var, phpBB3 checks the input.
This mod is not complete, but it was well on its way. The code is sloppy and all of the features are not implemented.
But the main features function. I'm guessing it's 2/3 complete.
First file is pfquiz.php
Code: Select all
<?php
define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$user->session_begin();
$auth->acl($user->data);
$user->setup();
$testChoices = "<option value=\"Strongly Agree\">Strongly Agree</option>
<option value=\"Agree\">Agree</option>
<option value=\"No Opinion\" selected>No Opinion</option>
<option value=\"Disagree\">Disagree</option>
<option value=\"Strongly Disagree\">Strongly Disagree</option>\n";
$template->assign_var('TESTCHOICES', $testChoices);
$welcome_user_msg = "";
$questions_per_page = 10;
if(isset($_POST['quiz_part'])){
$quiz_part = request_var('quiz_part',0);
}
else $quiz_part = 0;
$template->assign_var("QUIZ_PART", $quiz_part);
function partOne(&$template,&$db,&$user,$qp){
if($user->data['user_id'] == ANONYMOUS){
$welcome_user_msg = "You are not logged in. You are welcome to take the quiz, but the results will not be saved. Otherwise, please login or register.";
}
else{
$welcome_user_msg = "Welcome " . $user->data['username'];
}
$template->assign_var("NEXT_QUIZ_PART", $qp + 1);
$template->assign_var("WELCOME_USER_MSG", $welcome_user_msg);
$sql = "SELECT compass FROM pfquiz_compass WHERE omit = 0";
$result = $db->sql_query($sql);
while($row = mysql_fetch_row($result)){
$template->assign_block_vars('compass', array(
'COMPASS_NAME' => $row[0]
));
}
}
function getSurveyQuestions(){
//this stuff will be moved to a table
$survey_questions[0] = "Following the test, would you say your results are:<br/>
<select name=\"survey[]\">
<option value=\"good\">Good</option>
<option value=\"ok\">Just OK</option>
<option value=\"bad\">Not Good</option>
</select><br/>";
$survey_questions[1] = "How can we improve the test?<br/>
<input name=\"survey[]\" type=\"text\" size=\"100\"><br/>";
$survey_questions[2] = "Will you recommend this test to others outside the Politics Forum?<br/>
<select name=\"survey[]\">
<option value=\"yes\">Yes</option>
<option value=\"no\">No</option>
</select><br/>";
return $survey_questions;
}
function getpoints($ans, $dir){
//echo "<h1>" . $ans . " - " . $dir . "</h1>\n";
switch($ans){
case 'Strongly Agree': return $dir * 2;
case 'Agree': return $dir * 1;
case 'No Opinion': return 0;
case 'Disagree': return $dir * -1;
case 'Strongly Disagree': return $dir * -2;
default: return 0;
}
}
//this function will have to change to be more general
function gradequiz(){
$answers = request_var('answers',array(''));
$scores = request_var('scores', array(''=> 0));
for($i = 0; $i < sizeof($answers); $i+=3){
$scores["'" . $answers[$i] . "'"] += getpoints($answers[$i + 2], $answers[$i + 1]);
}
return $scores;
}
function survey(){
return 1;
}
//this will have to be changed to something more general
//and make sure to exclude the demographics and survey axis
function getAxisNames(){
$axis_names[0] = 'Protectionist vs. Free Trader';
$axis_names[1] = 'Controlled Market vs. Liberal Market';
$axis_names[2] = 'Big Government vs. Small Government';
$axis_names[3] = 'Nationalist vs. Internationalist';
$axis_names[4] = 'Marxist vs. Non-Marxist';
$axis_names[5] = 'Individual vs. Social';
$axis_names[6] = 'Moral Absolutist vs. Non-absolutist';
$axis_names[7] = 'Theist vs. Materialist';
return $axis_names;
}
//$quiz_over value used to stop duplicate quiz submimssions
//it will expire in an hour or when the user starts over at step 0
$quiz_over = request_var('QUIZ_OVER', '', false, true);
if($quiz_over == "TRUE" && $quiz_part == 0){
setcookie("QUIZ_OVER", "", time() - 3600);
}
//need to rethink the "logic" of this switch
switch($quiz_part){
case 0: $template->assign_var("NEXT_QUIZ_PART", $quiz_part + 1);
break;
case 1: partOne($template,$db,$user, $quiz_part);
//I put this section in a function in case it had to be called again in the next case.
break;
case 2: $tested_parts = request_var('compass', array(''));
if(sizeof($tested_parts) == 0){
//the user did not select the parts of the quiz he/she wanted to take
$template->assign_var("QUIZ_PART", $quiz_part - 1);
$template->assign_var("NEXT_QUIZ_PART", $quiz_part);
partOne($template,$db,$user,$quiz_part);
}
else{
$template->assign_var('PARTS_TAKEN', implode(",",$tested_parts));
$template->assign_var("NEXT_QUIZ_PART", $quiz_part + 1);
if($user->data['user_id'] != ANONYMOUS){
$sql = "SELECT * FROM pfquiz_tester WHERE name ='" . $db->sql_escape($user->data['username']) . "'";
$result = $db->sql_query($sql);
//obtain stored demographic information if in the DB,
//there can only be 1 or zero rows
if(mysql_num_rows($result) == 1){
$row = mysql_fetch_array($result, MYSQL_NUM);
$template->assign_vars(array(
'QLOCATION' => $row[1],
'BIRTH_YEAR' => $row[2],
'SEX' => $row[3],
'EDUCATION' => $row[4],
'IDEOLOGY' => $row[5]
));
}
else{
$template->assign_vars(array(
'QLOCATION' => "",
'NEW_TESTER' => "NEW_TESTER",
'SEX' => "Choose one",
'EDUCATION' => "Choose one",
'IDEOLOGY' => "Choose one"
));
}
}
else{
$template->assign_var('NO_DEMO_INFO', "TRUE");
}
}
break;
case 3: if(isset($_POST['new_tester'])){
//first time user has taken test
//if user is anonymous new_tester will not be set
$sql = "INSERT INTO pfquiz_tester (name, location, birth_year, sex, education, ideology) VALUES (";
$sql .= "'" . $db->sql_escape($user->data['username']) . "',";
$sql .= "'" . $db->sql_escape(request_var('qlocation', '')) . "',";
$sql .= "'" . $db->sql_escape(request_var('birth_year', 0)) . "',";
$sql .= "'" . $db->sql_escape(request_var('sex', '')) . "',";
$sql .= "'" . $db->sql_escape(request_var('education', '')) . "',";
$sql .= "'" . $db->sql_escape(request_var('ideology', '')) . "')";
$result = $db->sql_query($sql);
}
elseif(isset($_POST['update_demo'])){
//user has taken the test before but wishes to update demographic information
$sql = "UPDATE pfquiz_tester SET ";
$sql .= "location = '" . $db->sql_escape(request_var('qlocation', '')) . "',";
$sql .= "birth_year = '" . $db->sql_escape(request_var('birth_year', 0)) . "',";
$sql .= "sex = '" . $db->sql_escape(request_var('sex', '')) . "',";
$sql .= "education = '" . $db->sql_escape(request_var('education', '')) . "',";
$sql .= "ideology = '" . $db->sql_escape(request_var('ideology', '')) . "'";
$result = $db->sql_query($sql);
}
//figure out how many pages are on the quiz
//and how far along we are
//total_quiz_questions not set, so quiz has not beeb set up yet
if(!isset($_POST['total_quiz_questions'])){
//Have to know all the axis columns in order to constrcut the next query.
//need regex here and can avoid loop
$compass = explode(",", request_var('compass', ''));
$sql = "SELECT axis FROM pfquiz_axis WHERE compass IN (";
$numcompass = sizeof($compass);
for($i=0;$i<$numcompass;$i++){
if($i+1 == $numcompass){$sql .= "'" . $db->sql_escape($compass[$i]) . "')";}
else $sql .= "'" . $db->sql_escape($compass[$i]) . "',";
}
$result = $db->sql_query($sql);
$num_results = mysql_num_rows($result);
$sql ="";
for($i = 0; $i < $num_results; $i++){
$row = mysql_fetch_row($result);
//will need axis names later
$axis_names[$i] = $row[0];
if(($i + 1) == $num_results){
$sql .= "(SELECT id FROM pfquiz_questions WHERE axis = '" . $db->sql_escape($row[0]) . "' ORDER BY RAND() LIMIT 10) ORDER BY RAND()";
}
else{
$sql .= "(SELECT id FROM pfquiz_questions WHERE axis = '" . $db->sql_escape($row[0]) . "' ORDER BY RAND() LIMIT 10) UNION ";
}
}
//this query should take 10 randomnly from each axis and order all the questions randomnly
//and should look something like this if printed out
/**********************************************************************************************************
(SELECT id FROM pfquiz_questions WHERE axis ="Protectionist vs. Free Trader" ORDER BY RAND() LIMIT 10)
UNION
(SELECT id FROM pfquiz_questions WHERE axis ="Controlled Market vs. Liberal Market" ORDER BY RAND() LIMIT 10)
ORDER BY RAND()
************************************************************************************************************/
$result = $db->sql_query($sql);
$num_rows = mysql_num_rows($result);
$total_quiz_questions = $num_rows;
//integer division
$num_quiz_pages = $total_quiz_questions/$questions_per_page;
/***** check math here *****************/
if($total_quiz_questions % $questions_per_page > 0) $num_quiz_pages++;
$current_quiz_page = 1;
for($i = 0; $i < $num_rows ; $i++){
$row = mysql_fetch_row($result);
if($i + 1 == $num_rows) $question_nums .= $row[0];
else $question_nums .= $row[0] . ",";
}
//first time through
//echo "axis names size " . sizeof($axis_names);
for($i = 0; $i < sizeof($axis_names); $i++){
$template->assign_block_vars('scores', array(
'AXIS_NAMES' => "'" . $axis_names[$i] . "'",
'VALUE' => 0
));
}
mysql_free_result($result);
}
else{
$total_quiz_questions = request_var('total_quiz_questions',0);
$num_quiz_pages = request_var('num_quiz_pages',0);
$current_quiz_page = request_var('current_quiz_page',0) + 1;
$question_nums = request_var('question_nums',"");
$scores = gradequiz();
foreach($scores as $key => $value){
$template->assign_block_vars('scores', array(
'AXIS_NAMES' => $key,
'VALUE' => $value
));
}
}
$sql = "SELECT * FROM pfquiz_questions WHERE (";
//question_nums contains the id nums we want for our next query
//we need a certain number at a time
$qz_nums = explode(",", $question_nums);
if(sizeof($qz_nums) >= $questions_per_page){
for($i = 0; $i < $questions_per_page; $i++){
if($i + 1 == $questions_per_page) $sql .= "id = '" . $db->sql_escape($qz_nums[$i]) . "')";
else $sql .= "id = '" . $db->sql_escape($qz_nums[$i]) . "' OR ";
unset($qz_nums[$i]);
}
}
else{
for($i = 0, $length = sizeof($qz_nums); $i < $length; $i++){
if($i + 1 == $length) $sql .= "id = '" . $db->sql_escape($qz_nums[$i]) . "')";
else $sql .= "id = '" . $db->sql_escape($qz_nums[$i]) . "' OR ";
unset($qz_nums[$i]);
}
//also, we know this is the last page
}
$question_nums = implode(",",$qz_nums);
$result = $db->sql_query($sql);
$num = ($current_quiz_page - 1) * $questions_per_page;
while ($row = mysql_fetch_array($result, MYSQL_NUM)){
$num++;
$template->assign_block_vars('qloop', array(
'QUESTIONS' => $row[1],
'TYPE' => $row[3],
'NUMBER' => $row[0],
'ORDER' => $num,
'WEIGHT' => $row[2]
));
}
if($current_quiz_page >= $num_quiz_pages){
$template->assign_var("NEXT_QUIZ_PART", 4);
}
else $template->assign_var("NEXT_QUIZ_PART", 3);
$template->assign_var("QUESTION_NUMS", $question_nums);
$template->assign_var("TOTAL_QUIZ_QUESTIONS", $total_quiz_questions);
$template->assign_var("NUM_QUIZ_PAGES", $num_quiz_pages);
$template->assign_var("CURRENT_QUIZ_PAGE", $current_quiz_page);
$template->assign_var("FIRST_QUESTION", ($current_quiz_page * $questions_per_page) - ($questions_per_page - 1));
if($current_quiz_page * $questions_per_page <= $total_quiz_questions){
$template->assign_var("LAST_QUESTION", ($current_quiz_page * $questions_per_page));
}
else{
$template->assign_var("LAST_QUESTION", ((($current_quiz_page - 1) * $questions_per_page) + ($total_quiz_questions % $questions_per_page)));
}
break;
case 4: $scores = gradequiz();
$template->assign_var("NEXT_QUIZ_PART", 5);
$tv = "1.0.0"; //test version, this will have to be moved to a table
foreach($scores as $key => $value){
$sql = "INSERT INTO pfquiz_results (name, score, test_stamp,test_ver, axis) VALUES (";
$sql .= "'" . $db->sql_escape($user->data['username']) . "',";
$sql .= "'" . $db->sql_escape($value) . "',";
$sql .= "NOW(),";
$sql .= "'" . $db->sql_escape($tv) . "',";
$sql .= "'" . $db->sql_escape($key) . "')";
$template -> assign_block_vars('final_score', array(
'AXIS_NAME' => $key,
'SCORE' => $value
));
if($user->data['user_id'] != ANONYMOUS && $quiz_over != "TRUE"){
$result = $db->sql_query($sql);
}
}
setcookie("QUIZ_OVER", "TRUE", time() + 3600);
$s_q = getSurveyQuestions();
for($i = 0; $i < sizeof($s_q); $i++){
$template->assign_block_vars('survey_questions', array(
'S_Q' => $s_q[$i]
));
}
break;
case 5: $tv = "1.0.0"; //test version, this will have to be moved to a table
$sql = "INSERT INTO pfquiz_survey (test_ver, time_stamp, qanda) ";
// In the pfquiz_survey table, I'm just going to splice together
// the survey questions and answers and stick them in the qanda field.
// I'm doing this because the survey questions may change over time and
// attempting to handle it in other ways adds a good bit of complexity.
//these two arrays will always be of the same length
$s_a = request_var('survey', array(0)); //get the answers from the survey
$s_q = getSurveyQuestions();
$qanda = "";
for($i = 0; $i < sizeof($s_q); $i++){
$qanda .= $s_q[$i] . " ANSWER = " . $db->sql_escape($s_a[$i]) . "<br/>";
}
$sql .= "VALUES ('" . $tv . "',NOW(),'" . $qanda . "')";
$result = $db->sql_query($sql);
meta_refresh("3", $phpbb_root_path . "pfquiz.php");
break;
}
page_header("Politics Forum Quiz");
$template->set_filenames(array(
'body' => 'quiz_tmpl.html')
);
page_footer();
?>
quizadmin.php
Code: Select all
<?php
define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$user->session_begin();
$auth->acl($user->data);
$user->setup();
/*******
Check all inputs
****************/
function query_info($sql, $msg){
return $msg . " " . $sql . "<br/>" . mysql_info() . mysql_error() . "<br/>";
}
include("quiz_moderator.php");
$template->assign_var('QUIZ_ADMIN_NAME', $quiz_admin_name);
if($user->data['username'] != $quiz_admin_name){
//then we don't do anything
//no reason to do any of the queries if the user is not the quiz admin
}
else{
//we do stuff
$sql = "SELECT COUNT(*) from pfquiz_questions";
$result = $db->sql_query($sql);
$count = mysql_result($result, 0);
$numupdated = 0;
$updated ="";
if(isset($_POST["update_questions"])){
$ckbxs = request_var('qzck', array(0));
for($i=0;$i<sizeof($ckbxs);$i++){
$qzq = request_var('q' . $ckbxs[$i], array(""));
$sql = "UPDATE pfquiz_questions SET question = '" . $db->sql_escape($qzq[2]) . "', axis = '" . $db->sql_escape($qzq[0]) . "', weight = '" . $db->sql_escape($qzq[1]) . "' WHERE id = '" . $ckbxs[$i] . "'";
$result = $db->sql_query($sql);
$updated .= query_info($sql, "");
}
$template->assign_var('UPDATED', $updated);
}
elseif(isset($_POST["delete_questions"])){
$ckbxs = request_var('qzck', array(0));
for($i=0;$i<sizeof($ckbxs);$i++){
$sql = "DELETE from pfquiz_questions WHERE id = '" . $db->sql_escape($ckbxs[$i]) . "'";
$result = $db->sql_query($sql);
$updated .= query_info($sql, "");
}
$template->assign_var('UPDATED', $updated);
}
elseif(isset($_POST["add_question"])){
$addq = request_var('addq', array(""));
if($addq[0] == "" || $addq[1] == "" || $addq[2] == ""){
$updated .= query_info("", "Need values for question, axis, and weight");
}
else{
$sql = "INSERT INTO pfquiz_questions (axis, weight, question) VALUES('". $db->sql_escape($addq[0]) . "','" . $db->sql_escape($addq[1]) . "','" . $db->sql_escape($addq[2]) . "')";
$result = $db->sql_query($sql);
if($result){$updated .= query_info($sql, "");}
}
$template->assign_var('UPDATED', $updated);
}
elseif(isset($_POST["add_compass"])){
$addC = request_var('addC','');
if($addC == ''){
$updated .= query_info("", "Please enter a compass name in the text box to create a new compass");
}
else{
$sql = "INSERT INTO pfquiz_compass (compass, omit) VALUES ('" . $db->sql_escape($addC) . "', 0)";
$result = $db->sql_query($sql);
$updated .= query_info($sql,"");
}
$template->assign_var('UPDATED', $updated);
}
elseif(isset($_POST["add_axis"])){
$addX = request_var('addX', array(""));
if($addX[0] == "" || $addX[1] == ""){
$updated .= query_info("", "Enter a value for the new axis and select a compass from the drop down box.");
}
else{
$sql = "INSERT INTO pfquiz_axis (axis, compass) VALUES ('" . $db->sql_escape($addX[0]) . "','" . $db->sql_escape($addX[1]) . "')";
$result = $db->sql_query($sql);
$updated .= query_info($sql, "");
}
$template->assign_var('UPDATED', $updated);
}
$sql = "SELECT * from pfquiz_questions ORDER BY axis";
$result = $db->sql_query($sql);
$temp = '';
while ($row = mysql_fetch_array($result, MYSQL_NUM)){
switch($temp){
case '': $divstart = TRUE;
$divend = FALSE;
$temp = $row[3];
break;
case $row[3]: $divstart = FALSE;
$divend = FALSE;
break;
default: $divend = TRUE;
$divstart = TRUE;
$temp = $row[3];
}
$template->assign_block_vars('qloop', array(
'QUESTIONS' => $row[1],
'TYPE' => $row[3],
'NUMBER' => $row[0],
'DIVSTART' => $divstart,
'DIVEND' => $divend,
'WEIGHT' => $row[2]
));
}
$sql = "SELECT DISTINCT axis from pfquiz_axis";
$result = $db->sql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_NUM)){
$template->assign_block_vars('axis_choices', array(
'AXIS' => $row[0]
));
}
$sql = "SELECT DISTINCT compass from pfquiz_compass";
$result = $db->sql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_NUM)){
$template->assign_block_vars('compass_choices', array(
'COMPASS' => $row[0]
));
}
} //end of doing stuff
page_header("Quiz Admin");
$template->set_filenames(array(
'body' => 'quiz_admin_tmpl.html')
);
page_footer();
?>
Last edited by dgun on 08 Mar 2013 04:26, edited 4 times in total.