survey_seahorse

Software Engineering Project - Fall 2018
Log | Files | Refs | README

new-survey.php (2229B)

      1 <?php
      2 if (isset($_POST['submit'])) {
      3     include_once 'session.php';
      4     include_once '../config.php';
      5 
      6     $title = mysqli_real_escape_string($connect, $_POST['title']);
      7     $description = mysqli_real_escape_string($connect, $_POST['description']);
      8     $type = mysqli_real_escape_string($connect, $_POST['type']);
      9     $number_questions = mysqli_real_escape_string($connect, $_POST['number']);
     10     $expire_date = mysqli_real_escape_string($connect, $_POST['expire']);
     11     $one_shot = mysqli_real_escape_string($connect, $_POST['once']);
     12 
     13     $uid = $_SESSION['uid'];
     14     $user = $_SESSION['username'];
     15 
     16     if (empty($title)) {
     17         header("Location: ../createsurvey.php?item=empty");
     18         exit();
     19     } elseif (date("Y-m-d", strtotime($expire_date)) <= date("Y-m-d")) {
     20         header("Location: ../createsurvey.php?date=expired");
     21         exit();
     22     } else {
     23         $adj_file = file("txt/adjectives.txt");
     24         $adj_name = $adj_file[array_rand($adj_file)];
     25         $adj = str_replace("\n", "", $adj_name);
     26         $creature_file = file("txt/creatures.txt");
     27         $creature_name = $creature_file[array_rand($creature_file)];
     28         $creature = str_replace("\n", "", $creature_name);
     29         $code = $adj." ".$creature;
     30         $sql_expire = date("Y-m-d", strtotime($expire_date));
     31         $date = date("Y-m-d");
     32         $sql = "INSERT INTO survey (user_id, access_code, title, author, description, 
     33             type, number_questions, creation_date, expiration_date, 
     34             one_shot)
     35             VALUES ($uid, '$code', '$title', '$user', '$description', 
     36             b'$type', '$number_questions', '$date', '$sql_expire', 
     37             b'$one_shot');";
     38 
     39         mysqli_query($connect, $sql) or die(mysqli_error($connect));
     40 
     41         $sql ="SELECT * FROM survey WHERE access_code='$code'";
     42         $result = mysqli_query($connect, $sql);
     43         $row = mysqli_fetch_assoc($result);
     44 
     45         $_SESSION['sid'] = $row['survey_id'];
     46         $_SESSION['code'] = $row['access_code'];
     47         $_SESSION['title'] = $row['title'];
     48         $_SESSION['description'] = $row['description'];
     49         $_SESSION['questions'] = $row['number_questions'];
     50         header("Location: ../questions.php");
     51         exit();
     52     }
     53 }
     54 ?>