From 75160b12821f7f4299cce7f0b69c83c1502ae071 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anton=20Luka=20=C5=A0ijanec?= <anton@sijanec.eu>
Date: Mon, 27 May 2024 13:08:29 +0200
Subject: 2024-02-19 upstream

---
 admin/survey/index.php | 71 ++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 51 insertions(+), 20 deletions(-)

(limited to 'admin/survey/index.php')

diff --git a/admin/survey/index.php b/admin/survey/index.php
index 27fc206..1132b41 100644
--- a/admin/survey/index.php
+++ b/admin/survey/index.php
@@ -5,6 +5,10 @@
     header('Cache-Control: no-cache');
     header('Pragma: no-cache');
 
+    // Preprecimo vkljucevanje v iframe
+    header('X-Frame-Options: SAMEORIGIN');
+    
+
     include_once 'definition.php';
     include_once '../../function.php';
     include_once '../../vendor/autoload.php';
@@ -21,7 +25,7 @@
     }
 
 
-    global $site_url, $global_user_id, $app_settings;
+    global $site_url, $global_user_id;
 
     $surveySkin = 0;
 
@@ -85,8 +89,8 @@
     $rowv = mysqli_fetch_array($sqlv);
 
     // Custom head title
-    if(isset($app_settings['head_title_custom']) && $app_settings['head_title_custom'] == 1){
-        echo '<title>'.$app_settings['head_title_text'].'</title>' . "\n";
+    if(AppSettings::getInstance()->getSetting('app_settings-head_title_custom')){
+        echo '<title>'.AppSettings::getInstance()->getSetting('app_settings-head_title_text').'</title>' . "\n";
     }
     // Default head title
     else{
@@ -103,6 +107,7 @@
     // ZAMENJAMO UREJEVALNIK ZA CKEDITOR
     echo '<script type="text/javascript" src="'.$site_url.'editors/ckeditor_4_4/ckeditor.js"></script>';
     echo '<script>';
+    echo '    CKEDITOR.timestamp=\'28092023\';';
     echo '    CKEDITOR.disableAutoInline = true;';
     echo '    CKEDITOR.config.contentsCss = \'css/modules/themes.css\';';
     echo '    CKEDITOR.config.language = '.($lang_admin == 2 ? '\'en\'' : '\'sl\'').';';
@@ -120,7 +125,7 @@
         if(isset($_GET['a']) && ($_GET['a'] == 'hierarhija_superadmin' || $_GET['a'] == 'hierarhija')){
             echo '<script type="text/javascript" src="minify/g=jshierarhija?v='.$rowv['value'].'"></script>';
         }
-        elseif($_GET['a'] == 'narocila' || $_GET['t'] == 'uporabniki'){
+        elseif((isset($_GET['a']) && $_GET['a'] == 'narocila') || (isset($_GET['t']) && $_GET['t'] == 'uporabniki')){
             echo '<script type="text/javascript" src="minify/g=jsLastLib?v='.$rowv['value'].'"></script>';
         }
         else{
@@ -137,7 +142,8 @@
     }
 
     // Fonts
-    echo '<link type="text/css" href="https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,600,600i,700,700i&amp;subset=latin-ext" rel="stylesheet" />';
+    echo '<link type="text/css" href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,500,500i,600,600i,700,700i&subset=latin-ext" rel="stylesheet">';
+
 
     ?>
     <!--[if lt IE 7]>
@@ -171,20 +177,43 @@
     }
 
 
-    // za css - barve ozadja
-    if (isset($_GET['anketa']))
-        $cssBodyClass = ' body_anketa';
-    else if (isset($_GET['a']) && $_GET['a'] == 'knjiznica' )
-        $cssBodyClass = ' body_library';
-    else
-        $cssBodyClass = ' body_folders';
-            
-    $sql = sisplet_query("SELECT email FROM users WHERE id='$global_user_id'");
-    $row = mysqli_fetch_assoc($sql);
+    /**************** BODY ****************/
 
+    // za css - barve ozadja
+    $cssBodyClass = '';
+    if(isset($_GET['anketa'])){
+        $cssBodyClass = 'body_anketa';
+    }
+    elseif(isset($_GET['a']) && $_GET['a'] == 'knjiznica'){
+        $cssBodyClass = 'body_library';
+    }
+    elseif(!isset($_GET['a']) || $_GET['a'] == 'pregledovanje'){
+        
+        // Pogled s folderji
+        if(SurveyList::hasFolders()){
+            $cssBodyClass = 'body_mySurveys_folders';
+        }
+        // Klasicne moje ankete
+        else{
+            $cssBodyClass = 'body_mySurveys';
+        }
+    }
+    
+    // Class za jezik
+    $langBodyClass = ($lang['id'] != "1") ? 'eng' : 'slo';
+
+    // Class za fullscreen tabelo s podatki
+    session_start();
+    $dataFullscreen = '';
+    if($anketa > 0){
+        //ali imamo full screen za podatke?
+        //naredi full screen samo na strani pregleda podatkov (v nasprotnem primeru laho uporabnik klikne browser nazaj in meniji niso prikazani)
+        $dataFullscreen = (isset($_SESSION['sid_'.$anketa]['data_fullscreen']) && $_SESSION['sid_'.$anketa]['data_fullscreen'] == true
+            && isset($_GET['a']) && $_GET['a'] == 'data' && !isset($_GET['m'])) 
+            ? 'data_fullscreen' : '';
+    }
 
-    /**************** BODY ****************/
-    echo '<body class="mainBody'.$cssBodyClass.'">'."\n";
+    echo '<body class="mainBody '.$cssBodyClass.' '.$langBodyClass.' '.$dataFullscreen.'">'."\n";
 
     // Google analytics
     if($site_domain == 'www.1ka.si'){
@@ -200,11 +229,13 @@
     <![endif]-->
     <?php
 
-    // preverimo dostop
+
+    // preverimo dostop - do demo ankete lahko dostopa tudi neprijavljen
     $result = sisplet_query ("SELECT value FROM misc WHERE what='SurveyDostop'");
     list ($SurveyDostop) = mysqli_fetch_row ($result);
-
-    if ( ( ($admin_type <= $SurveyDostop && $SurveyDostop<3) || ($SurveyDostop==3) ) && ($admin_type>=0) ) {
+    if ( ((($admin_type <= $SurveyDostop && $SurveyDostop<3) || ($SurveyDostop==3)) && ($admin_type>=0))
+            || isDemoSurvey($anketa)
+        ) {
         $s = new SurveyAdmin();
         $s->display();
     } 
-- 
cgit v1.2.3