0) {
return '' . _('There are unanswered questions!') . '';
}
}
}
return null;
}
/**
* @return string
*/
function admin_questions()
{
global $user;
if (!isset($_REQUEST['action'])) {
$unanswered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
$unanswered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", '
', $question['Question']),
'answer' => form([
form_textarea('answer', '', ''),
form_submit('submit', _('Save'))
], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']),
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
_('delete'),
'btn-xs'
)
];
}
$answered_questions_table = [];
$questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL");
foreach ($questions as $question) {
$user_source = User($question['UID']);
$answer_user_source = User($question['AID']);
$answered_questions_table[] = [
'from' => User_Nick_render($user_source),
'question' => str_replace("\n", '
', $question['Question']),
'answered_by' => User_Nick_render($answer_user_source),
'answer' => str_replace("\n", '
', $question['Answer']),
'actions' => button(
page_link_to('admin_questions') . '&action=delete&id=' . $question['QID'],
_('delete'),
'btn-xs'
)
];
}
return page_with_title(admin_questions_title(), [
'' . _('Unanswered questions') . '
',
table([
'from' => _('From'),
'question' => _('Question'),
'answer' => _('Answer'),
'actions' => ''
], $unanswered_questions_table),
'' . _('Answered questions') . '
',
table([
'from' => _('From'),
'question' => _('Question'),
'answered_by' => _('Answered by'),
'answer' => _('Answer'),
'actions' => ''
], $answered_questions_table)
]);
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Question ID.', true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
'',
strip_tags($_REQUEST['answer'])
));
if ($answer != '') {
sql_query("
UPDATE `Questions`
SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "'
WHERE `QID`='" . sql_escape($question_id) . "'
LIMIT 1
");
engelsystem_log('Question ' . $question[0]['Question'] . ' answered: ' . $answer);
redirect(page_link_to('admin_questions'));
} else {
return error('Enter an answer!', true);
}
} else {
return error('No question found.', true);
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Question ID.', true);
}
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1");
engelsystem_log('Question deleted: ' . $question[0]['Question']);
redirect(page_link_to('admin_questions'));
} else {
return error('No question found.', true);
}
break;
}
}
return '';
}