link.php 1.3 KB

123456789101112131415161718192021222324252627282930313233343536373839
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. require_once '../inc/global.inc.php';
  4. $survey_id = isset($_REQUEST['i']) ? intval($_REQUEST['i']) : null;
  5. if (empty($survey_id)) {
  6. api_not_allowed(true);
  7. }
  8. if (!survey_manager::survey_generation_hash_available()) {
  9. api_not_allowed(true);
  10. }
  11. $course_info = api_get_course_info_by_id($_REQUEST['c']);
  12. $hash_is_valid = survey_manager::validate_survey_hash($survey_id, $_REQUEST['c'], $_REQUEST['s'], $_REQUEST['g'], $_REQUEST['h']);
  13. if ($hash_is_valid && $course_info) {
  14. $survey_data = survey_manager::get_survey($survey_id, null, $course_info['code']);
  15. $invitation_code = api_get_unique_id();
  16. $params = array(
  17. 'c_id' => $_REQUEST['c'],
  18. 'session_id' => $_REQUEST['s'],
  19. 'user' => $invitation_code,
  20. 'survey_code' => $survey_data['code'],
  21. 'invitation_code' => $invitation_code,
  22. 'invitation_date' => api_get_utc_datetime()
  23. );
  24. $invitation_id = SurveyUtil::save_invitation($params);
  25. if ($invitation_id) {
  26. $link = api_get_path(WEB_CODE_PATH).'survey/fillsurvey.php?invitationcode='.$invitation_code.'&course='.$course_info['code'];
  27. header('Location: '.$link);
  28. exit;
  29. }
  30. } else {
  31. api_not_allowed(true);
  32. }