webform_submissions.inc in Webform 5.2
Same filename and directory in other branches
This file is loaded when handling submissions, either submitting new, editing, or viewing. It also contains all CRUD functions for submissions.
@author Nathan Haug <nate@lullabot.com>
File
webform_submissions.incView source
<?php
/**
* @file
* This file is loaded when handling submissions, either submitting new,
* editing, or viewing. It also contains all CRUD functions for submissions.
*
* @author Nathan Haug <nate@lullabot.com>
*/
function webform_submission_access($node, $submission, $op = 'view', $account = NULL) {
global $user;
$account = !isset($account) ? $user : $account;
switch ($op) {
case 'view':
return user_access('access webform results') || user_access('access own webform submissions') && $account->uid == $submission->uid;
case 'edit':
return user_access('edit webform submissions') || user_access('edit own webform submissions') && $account->uid == $submission->uid;
case 'delete':
return user_access('edit webform submissions') || user_access('edit own webform submissions') && $account->uid == $submission->uid || user_access('clear webform results');
}
}
function webform_submission_update($node, $sid, $submitted) {
// Update the submission data by first removing all this submissions data.
db_query('DELETE FROM {webform_submitted_data} WHERE sid = %d', $sid);
// Then re-add it to the database.
foreach ($submitted as $cid => $value) {
// Don't save pagebreaks as submitted data.
if ($node->webform['components'][$cid]['type'] == 'pagebreak') {
continue;
}
if (is_array($value)) {
$delta = 0;
foreach ($value as $k => $v) {
db_query("INSERT INTO {webform_submitted_data} (nid, sid, cid, no, data) VALUES (%d, %d, %d, %d, '%s')", $node->nid, $sid, $cid, $delta, $v);
$delta++;
}
}
else {
db_query("INSERT INTO {webform_submitted_data} (nid, sid, cid, no, data) VALUES (%d, %d, %d, %d, '%s')", $node->nid, $sid, $cid, 0, $value);
}
}
return $sid;
}
function webform_submission_insert($node, $submitted) {
global $user;
$sid = db_next_id('{webform_submissions}_sid');
$ip_address = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
db_query("INSERT INTO {webform_submissions} (nid, sid, uid, submitted, remote_addr) VALUES (%d, %d, %d, %d, '%s')", $node->nid, $sid, $user->uid, time(), $ip_address);
foreach ($submitted as $cid => $value) {
// Don't save pagebreaks as submitted data.
if ($node->webform['components'][$cid]['type'] == 'pagebreak') {
continue;
}
if (is_array($value)) {
$delta = 0;
foreach ($value as $k => $v) {
db_query("INSERT INTO {webform_submitted_data} (nid, sid, cid, no, data) VALUES (%d, %d, %d, %d, '%s')", $node->nid, $sid, $cid, $delta, $v);
$delta++;
}
}
else {
db_query("INSERT INTO {webform_submitted_data} (nid, sid, cid, no, data) VALUES (%d, %d, %d, %d, '%s')", $node->nid, $sid, $cid, 0, $value);
}
}
return $sid;
}
/**
* Delete a single submission.
*
* @param $nid
* ID of node for which this webform was submitted.
* @param $sid
* ID of submission to be deleted (from webform_submitted_data).
*/
function webform_submission_delete($node, $submission) {
// Iterate through all components and let each do cleanup if necessary.
webform_load_components();
foreach ($node->webform['components'] as $cid => $component) {
$delete_function = '_webform_delete_' . $component['type'];
if (function_exists($delete_function) && isset($submission->data[$cid])) {
$delete_function($submission->data[$cid], $component);
}
}
db_query('DELETE FROM {webform_submitted_data} WHERE nid = %d AND sid = %d', $node->nid, $submission->sid);
db_query('DELETE FROM {webform_submissions} WHERE nid = %d AND sid = %d', $node->nid, $submission->sid);
}
/**
* Confirm form to delete a single form submission.
*
* @param $node
* The node for which this webform was submitted.
* @param $submission
* The submission to be deleted (from webform_submitted_data).
*/
function webform_submission_delete_form($node, $submission) {
drupal_set_title(t('Delete Form Submission'));
$form = array();
$form['node'] = array(
'#type' => 'value',
'#value' => $node,
);
$form['submission'] = array(
'#type' => 'value',
'#value' => $submission,
);
$question = t('Are you sure you want to delete this submission?');
if (isset($_GET['destination'])) {
$destination = $_GET['destination'];
}
elseif (user_access('access webform results')) {
$destination = 'node/' . $node->nid . '/webform-results';
}
else {
$destination = 'node/' . $node->nid . '/submissions';
}
return confirm_form($form, $question, $destination, NULL, t('Delete'), t('Cancel'));
}
function webform_submission_delete_form_submit($form_id, $form_values) {
webform_submission_delete($form_values['node'], $form_values['submission']);
drupal_set_message(t('Submission deleted.'));
return 'node/' . $form_values['node']->nid . '/results';
}
/**
* Return all the submissions for a particular node.
*
* @param $nid
* The node ID for which submissions are being fetched.
* @param $header
* If the results of this fetch will be used in a sortable
* table, pass the array header of the table.
* @param $uid
* Optional; the user ID to filter the submissions by.
* @return $submissions
* An array of submissions matching your filters.
*/
function webform_get_submissions($nid, $header = NULL, $uid = NULL, $pager_count = 0) {
$sids = NULL;
if ($pager_count) {
$pager_query = 'SELECT * FROM {webform_submissions} WHERE nid = %d';
if ($uid) {
$pager_query .= ' AND uid = %d';
}
$res = pager_query($pager_query, $pager_count, 0, NULL, $nid, $uid);
$sids = array();
while ($row = db_fetch_object($res)) {
$sids[] = $row->sid;
}
$sids = implode($sids, ',');
}
$query = 'SELECT s.*, sd.cid, sd.no, sd.data, u.name, u.mail, u.status ' . 'FROM {webform_submissions} s ' . 'LEFT JOIN {webform_submitted_data} sd ON sd.sid = s.sid ' . 'LEFT JOIN {users} u ON u.uid = s.uid ' . 'WHERE sd.nid = %d';
if ($pager_count && !empty($sids)) {
$query .= ' AND s.sid IN (%s)';
}
if ($uid) {
$query .= ' AND u.uid = %d';
}
if (is_array($header)) {
$query .= tablesort_sql($header);
if (!isset($header[0]['sort'])) {
$query .= ', sid ASC';
}
$query .= ', cid ASC, no ASC';
}
else {
$query .= ' ORDER BY sid ASC, cid ASC, no ASC';
}
$res = $pager_count ? db_query($query, $nid, $sids, $uid) : db_query($query, $nid, $uid);
$submissions = array();
$previous = array();
// Outer loop: iterate for each submission.
while ($row = db_fetch_object($res)) {
if ($row->sid != $previous) {
$submissions[$row->sid] = new stdClass();
$submissions[$row->sid]->sid = $row->sid;
$submissions[$row->sid]->submitted = $row->submitted;
$submissions[$row->sid]->remote_addr = $row->remote_addr;
$submissions[$row->sid]->uid = $row->uid;
$submissions[$row->sid]->name = $row->name;
$submissions[$row->sid]->status = $row->status;
}
$submissions[$row->sid]->data[$row->cid]['value'][$row->no] = $row->data;
$previous = $row->sid;
}
return $submissions;
}
/**
* Return a count of the total number of submissions for a node.
*
* @param $nid
* The node ID for which submissions are being fetched.
* @param $uid
* Optional; the user ID to filter the submissions by.
* @return
* An integer value of the number of submissions.
*/
function webform_get_submission_count($nid, $uid = NULL) {
$query = 'SELECT count(*) FROM {webform_submissions} WHERE nid = %d';
if ($uid) {
$query .= ' AND uid = %d';
}
return db_result(db_query($query, $nid, $uid));
}
/**
* Fetch a specified submission for a webform node.
*/
function webform_get_submission($nid, $sid, $reset = FALSE) {
static $submissions = array();
if (!isset($submissions[$nid][$sid]) || $reset) {
$query = 'SELECT s.*, sd.cid, sd.no, sd.data ' . 'FROM {webform_submitted_data} as sd ' . 'LEFT JOIN {webform_submissions} as s on (sd.sid = s.sid) ' . 'WHERE sd.sid = %d AND s.nid = %d';
$result = db_query($query, $sid, $nid);
if ($row = db_fetch_object($result)) {
$submission = new stdClass();
$submission->nid = $row->nid;
$submission->sid = $row->sid;
$submission->uid = $row->uid;
$submission->remote_addr = $row->remote_addr;
$submission->submitted = $row->submitted;
while ($row) {
$submission->data[$row->cid]['value'][$row->no] = $row->data;
$row = db_fetch_object($result);
}
}
$submissions[$nid][$sid] = isset($submission) ? $submission : NULL;
}
return $submissions[$nid][$sid];
}
function _webform_submission_spam_check($to, $subject, $from, $headers = array()) {
$headers = implode('\\n', (array) $headers);
// Check if they are attempting to spam using a bcc or content type hack.
if (preg_match('/(b?cc\\s?:)|(content\\-type:)/i', $to . "\n" . $subject . "\n" . $from . "\n" . $headers)) {
return TRUE;
// Possible spam attempt.
}
return FALSE;
// Not spam.
}
/**
* Check if the current user has exceeded the limit on this form.
*
* @param $node
* The webform node to be checked.
* @return
* Boolean TRUE if the user has exceeded their limit. FALSE otherwise.
*/
function _webform_submission_limit_check($node) {
global $user;
// Check if submission limiting is enabled.
if ($node->webform['submit_limit'] == '-1') {
return FALSE;
// No check enabled.
}
// Retrieve submission data for this IP address or username from the database.
$query = 'SELECT submitted, uid, remote_addr ' . 'FROM {webform_submissions} ' . "WHERE (( 0 = %d AND remote_addr = '%s') OR (uid > 0 AND uid = %d)) " . 'AND submitted > %d AND nid = %d';
// Fetch all the entries from the database within the submit interval with this username and IP.
$ip_address = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
$result = db_query($query, $user->uid, $ip_address, $user->uid, $node->webform['submit_interval'] != -1 ? time() - $node->webform['submit_interval'] : $node->webform['submit_interval'], $node->nid);
$num_submissions_database = db_num_rows($result);
// Double check the submission history from the users machine using cookies.
$num_submissions_cookie = 0;
if ($user->uid == 0 && variable_get('webform_use_cookies', 0)) {
$cookie_name = 'webform-' . $node->nid;
if (isset($_COOKIE[$cookie_name]) && is_array($_COOKIE[$cookie_name])) {
foreach ($_COOKIE[$cookie_name] as $key => $timestamp) {
if ($node->webform['submit_interval'] != -1 && $timestamp <= time() - $node->webform['submit_interval']) {
// Remove the cookie if past the required time interval.
setcookie($cookie_name . '[' . $key . ']', '', 0);
}
}
// Count the number of submissions recorded in cookies.
$num_submissions_cookie = count($_COOKIE[$cookie_name]);
}
else {
$num_submissions_cookie = 0;
}
}
if ($num_submissions_database >= $node->webform['submit_limit'] || $num_submissions_cookie >= $node->webform['submit_limit']) {
// Limit exceeded.
return TRUE;
}
// Limit not exceeded.
return FALSE;
}Functions
Name |
Description |
|---|---|
| webform_get_submission | Fetch a specified submission for a webform node. |
| webform_get_submissions | Return all the submissions for a particular node. |
| webform_get_submission_count | Return a count of the total number of submissions for a node. |
| webform_submission_access | @file This file is loaded when handling submissions, either submitting new, editing, or viewing. It also contains all CRUD functions for submissions. |
| webform_submission_delete | Delete a single submission. |
| webform_submission_delete_form | Confirm form to delete a single form submission. |
| webform_submission_delete_form_submit | |
| webform_submission_insert | |
| webform_submission_update | |
| _webform_submission_limit_check | Check if the current user has exceeded the limit on this form. |
| _webform_submission_spam_check |