';
}
}
// Prikazemo vsebino zavihka gdpr - VSE zahteve za izbris (samo admini)
public function displayGDPRRequestsAll(){
global $site_url;
global $lang;
$sql = sisplet_query("SELECT r.*,
a.naslov,
u.email AS u_email, u.name AS u_name, u.surname AS u_surname,
gu.type AS gu_type, gu.organization AS gu_organization, gu.dpo_firstname AS gu_dpo_firstname, gu.dpo_lastname AS gu_dpo_lastname, gu.dpo_email AS gu_dpo_email, gu.dpo_phone AS gu_dpo_phone, gu.email AS gu_email, gu.firstname AS gu_firstname, gu.lastname AS gu_lastname, gu.phone AS gu_phone, gu.address AS gu_address, gu.country AS gu_country
FROM srv_gdpr_requests AS r
LEFT JOIN srv_anketa AS a ON (r.ank_id=a.id)
LEFT JOIN users AS u ON (r.usr_id=u.id)
LEFT JOIN srv_gdpr_user AS gu ON (r.usr_id=gu.usr_id)
WHERE r.status='0'
ORDER BY date(r.datum) ASC");
if(mysqli_num_rows($sql) > 0){
echo '
';
}
// Opravljeni zahtevki
$sql = sisplet_query("SELECT r.*,
a.naslov,
u.email AS u_email, u.name AS u_name, u.surname AS u_surname,
gu.type AS gu_type, gu.organization AS gu_organization, gu.dpo_firstname AS gu_dpo_firstname, gu.dpo_lastname AS gu_dpo_lastname, gu.dpo_email AS gu_dpo_email, gu.dpo_phone AS gu_dpo_phone, gu.email AS gu_email, gu.firstname AS gu_firstname, gu.lastname AS gu_lastname, gu.phone AS gu_phone, gu.address AS gu_address, gu.country AS gu_country
FROM srv_gdpr_requests AS r
LEFT JOIN srv_anketa AS a ON (r.ank_id=a.id)
LEFT JOIN users AS u ON (r.usr_id=u.id)
LEFT JOIN srv_gdpr_user AS gu ON (r.usr_id=gu.usr_id)
WHERE r.status='1'
ORDER BY date(r.datum) DESC");
if(mysqli_num_rows($sql) > 0){
echo ' ';
echo ' ';
echo '
'; #wrap
}
// Prikazemo vsebino zavihka gdpr - nastavitve posamezne ankete
public function displayGDPRSurveyRequests($ank_id){
global $site_url;
global $lang;
echo '
';
return $naslov;
}
// Preverimo ce je anketa potrjena s strani urednika, da je gdpr
public static function isGDPRSurvey($ank_id){
$sql = sisplet_query("SELECT * FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
if(mysqli_num_rows($sql) > 0){
return 1;
}
else
return 0;
}
// Preverimo ce je anketa gdpr in ima vklopljen gdpr 1ka template uvod
public static function isGDPRSurveyTemplate($ank_id){
$sql = sisplet_query("SELECT * FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."' AND 1ka_template='1'");
if(mysqli_num_rows($sql) > 0){
return 1;
}
else
return 0;
}
/*
* Preverimo ce ima anketa kaksne nastavitve, ki lahko padejo pod gdpr
* - preverjamo imena spremenljivk "ime", "priimek", "firstname", "lastname", "email" (za tipe text) in tip vprasanja lokacija
* - preverjamo ce ima vklopljena vabila
* - preverjamo ce je tel. anketa
*/
public function potentialGDPRSurvey($ank_id){
$gdpr = 0;
// Preverimo ce obstaja kaksno vprasanje za ime, priimek, email, lokacijo
$gdpr_questions = $this->getGDPRSurveyQuestions($ank_id);
if(count($gdpr_questions) > 0)
$gdpr = 1;
// Preverimo ce ima vklopljena vabila
if($this->checkSurveyInvitations($ank_id))
$gdpr = 1;
// Preverimo ce je telefonska anketa
if($this->checkSurveyTelephone($ank_id))
$gdpr = 1;
return $gdpr;
}
// Preverimo ce obstaja v anketi kaksno vprasanje za ime, priimek, email, lokacijo - vrnemo array vprasanj, ki so problematicna
private function getGDPRSurveyQuestions($ank_id){
$gdpr_questions = array();
// Loop cez vsa vprasanja
$sql = sisplet_query("SELECT s.id, s.variable, s.variable_custom, s.sistem, s.tip
FROM srv_spremenljivka s, srv_grupa g
WHERE s.gru_id=g.id AND g.ank_id='".$ank_id."'
AND ((s.variable IN ('ime', 'priimek', 'email', 'firstname', 'lastname') AND s.tip='21' /*AND s.sistem='1'*/) OR s.tip='26')");
while($row = mysqli_fetch_array($sql)){
$gdpr_questions[] = $row;
}
return $gdpr_questions;
}
// Preverimo ce ima anketa vklopljena email vabila
private function checkSurveyInvitations($ank_id){
$gdpr_email = SurveyInfo::getInstance()->checkSurveyModule('email');
return $gdpr_email;
}
// Preverimo ce je telefonska anketa
private function checkSurveyTelephone($ank_id){
$gdpr_phone = SurveyInfo::getInstance()->checkSurveyModule('phone');
return $gdpr_phone;
}
// Poskrbi za vse potrebno ko respondent zahteva izbris oz. vpogled v podatke
public function sendGDPRRequest($request_data){
global $lang;
$errors = array();
// Natavimo angleski jezik
if((!empty($_POST['drupal_lang']) && $_POST['drupal_lang'] == 2) || (!empty($_POST['lang_id']) && $_POST['lang_id'] == 2)){
$file = '../lang/2.php';
include($file);
}
// Preverimo email
if(!isset($request_data['email']) || $request_data['email'] == '')
$errors['email'] = '1';
elseif(!validEmail($request_data['email']))
$errors['email'] = $lang['srv_remind_email_hard'];
else
$email = $request_data['email'];
// Preverimo naslov ankete - naslov ni obvezen
$survey_name = (isset($request_data['srv-name'])) ? $request_data['srv-name'] : '';
// Preverimo url ankete
if(!isset($request_data['srv-url']) || $request_data['srv-url'] == '')
$errors['srv-url'] = '1';
else{
$survey_url = $request_data['srv-url'];
// Preverimo url ankete in pridobimo podatke za anketo (avtor, id...)
$survey_data = self::getSurveyFromURL($survey_url);
if(!$survey_data || empty($survey_data)) {
if((!empty($_POST['drupal_lang']) && $_POST['drupal_lang'] == 2) || (!empty($_POST['lang_id']) && $_POST['lang_id'] == 2)) {
$errors['srv-url'] = 'Invalid survey URL. Enter the correct URL for the 1KA survey. If you have any problems, please contact 1KA helpdesk (help@1ka.si).';
}
else{
$errors['srv-url'] = 'Nepravilen URL ankete. Vpišite pravilen URL 1KA ankete. V primeru težav kontaktirajte Center za pomoč uporabnikom 1KA (help@1ka.si).';
}
}
}
// Preverimo ce imamo action
if(!isset($request_data['gdpr-action']))
$errors['gdpr-action'] = '1';
else{
$action = $request_data['gdpr-action'];
// Nastavimo jezik vmesnika
if(!empty($_POST['drupal_lang']))
$jezik = $_POST['drupal_lang'];
elseif(!empty($_POST['lang_id']))
$jezik = $_POST['lang_id'];
else
$jezik = $survey_data['usr_lang'];
if($jezik == '2'){
if($action == '1')
$action_text = 'Delete personal and survey data for a specific survey.';
elseif($action == '2')
$action_text = 'Gain insight into personal and survey data for a specific survey.';
elseif($action == '3')
$action_text = 'Change personal data in a specific survey.';
elseif($action == '4')
$action_text = 'Transmission of personal data from a specific survey.';
elseif($action == '5')
$action_text = 'Restriction of processing of personal data in a specific survey.';
elseif($action == '6')
$action_text = 'Withdrawal of consent of processing of personal data in a specific survey.';
else
$errors['gdpr-action'] = '1';
}
else{
if($action == '1')
$action_text = 'izbris osebnih in anketnih podatkov iz omenjene ankete.';
elseif($action == '2')
$action_text = 'vpogled v osebne in anketne podatke iz omenjene ankete.';
elseif($action == '3')
$action_text = 'spremembo osebnih in anketnih podatkov iz omenjene ankete.';
elseif($action == '4')
$action_text = 'Prenos osebnih podatkov iz omenjene ankete.';
elseif($action == '5')
$action_text = 'Omejitev obdelave osebnih podatkov v omenjeni anketi.';
elseif($action == '6')
$action_text = 'Preklic privolitve v obdelavo osebnih podatkov v omenjeni anketi.';
else
$errors['gdpr-action'] = '1';
}
}
// Preverimo opis
//$note = (isset($request_data['gdpr-note'])) ? $request_data['gdpr-note'] : '';
if(!isset($request_data['gdpr-note']) || $request_data['gdpr-note'] == '')
$errors['gdpr-note'] = '1';
else
$note = $request_data['gdpr-note'];
// Ce imamo vse potrebne podatke posredujemo zahtevo
if(empty($errors)){
// Zabelezimo zahtevo v bazo
$sql = sisplet_query("INSERT INTO srv_gdpr_requests
(usr_id, ank_id, email, url, datum, text, type)
VALUES
('".$survey_data['usr_id']."', '".$survey_data['ank_id']."', '".$email."', '".$survey_url."', NOW(), '".$note."', '".$action."')");
// Nastavimo podatke maila (text)
// ANG
if($jezik == '2'){
$subject = 'Request for deletion/insight or change of personal survey data';
$content = 'Dear 1KA user, ';
$content .= '
As an author of the survey '.$survey_data['title'].' ('.$survey_data['url'].'), in which you collected personal data (GDPR), we would like to inform you that the respondent with e-mail '.$email.' submitted a request for: ';
$content .= ' - '.$action_text.'
';
$content .= '
';
$content .= 'Respondent’s email: '.$email.'
';
$content .= 'Survey URL: '.$survey_url.'
';
$content .= 'The submitted request relates to the following personal data: '.$note.'';
$content .= '
';
$content .= '
Please process the request within one month and inform the respondent to the above email address of the (Article 19 of the GDPR Regulation).
';
$content .= '
If you do not execute the request after one month, we will notify you again. If the request is not executed, we reserve the right to delete this survey.
';
// Podpis
$signature = Common::getEmailSignature();
$content .= $signature;
}
// SLO
else{
$subject = 'Obvestilo o zahtevi za izbris/vpogled ali spremembo osebnih oziroma anketnih podatkov';
$content = 'Pozdravljeni, ';
$content .= '
Kot avtorja ankete '.$survey_data['title'].' ('.$survey_data['url'].'), v kateri ste zbirali osebne podatke (GDPR), vas želimo obvestiti, da je respondent z elektronskim naslovom '.$email.' oddal prošnjo za: ';
$content .= ' - '.$action_text.'
';
$content .= '
';
$content .= 'Email respondenta: '.$email.'
';
$content .= 'URL ankete: '.$survey_url.'
';
$content .= 'Oddana prošnja se nanaša na naslednje osebne podatke: '.$note.'';
$content .= '
';
$content .= '
Prosimo, da v roku enega meseca izvršite zahtevo in o tem obvestite respondenta na zgoraj navedeni elektronski naslov respondenta (Člen 19 uredbe GDPR).
';
$content .= '
V primeru, da tega po enem mesecu ne boste izvršili, vas bomo ponovno obvestili. Če se zahteva ne izvrši, si pridržujemo pravico, da anketo izbrišemo.
';
// Podpis
$signature = Common::getEmailSignature();
$content .= $signature;
}
// Posljemo mail avtorju ankete in na help@1ka.si za obvestilo adminu
try{
$MA = new MailAdapter();
$MA->addRecipients($survey_data['author_email']);
if(Common::checkModule('gorenje')){
//$MA->addRecipients('dusan.rutnik@gorenje.com');
$MA->addRecipients('gdpr@gorenje.com');
}
elseif(AppSettings::getInstance()->getSetting('gdpr_admin_email') !== false){
$MA->addRecipients($gdpr_admin_email);
}
else{
$MA->addRecipients('help@1ka.si');
$MA->addRecipients('enklikanketa@gmail.com');
}
$resultX = $MA->sendMail($content, $subject);
}
catch (Exception $e){
}
// Vrnemo vse ok
if($jezik == '2'){
$success_text = 'Your request for the deletion, change or insight into your personal information for a particular survey is submitted to the author of the survey. The author of the survey must, within a month since you submitted the request, execute your request and inform you about it. If the author fails to do so within 30 days, we will delete the survey, including your information.';
}
else {
$success_text = 'Prošnja za izbris, spremembo ali vpogled do vaših osebnih podatkov iz določene ankete je posredovana avtorju ankete. Avtor ankete mora v roku meseca dni od oddane zahteve urediti vašo zahtevo in vas o tem obvestiti. Če v roku 30 dni avtor tega ne izvede, bomo anketo izbrisali, vključno z vašimi podatki.';
}
$response = json_encode(array('success' => $success_text), true);
}
else{
// Vrnemo errorje
//$response = json_encode(array('error' => $errors), true);
$response = json_encode(array('error' => $errors, 'posted' => $request_data), true);
}
echo $response;
}
// Poiscemo anketo na podlagi vnesenega url-ja
private function getSurveyFromURL($url){
global $site_url;
$data = array();
$url_data = parse_url($url);
$path = $url_data['path'];
$host = $url_data['host'];
// Preverimo ce gre za pravo domeno
if($host == parse_url($site_url, PHP_URL_HOST)){
$arr = explode("/", $path);
// Pridobimo id ankete iz url-ja
if($arr[1] == 'a'){
$data['hash'] = $arr[2];
// Dobimo id ankete iz hasha
$sql = sisplet_query("SELECT a.id AS ank_id, a.naslov, u.id AS usr_id, u.lang, u.email
FROM srv_anketa a, users u
WHERE a.hash='".$data['hash']."' AND u.id=a.insert_uid
");
// Anekta ne obstaja - nepravilen url
if(mysqli_num_rows($sql) == 0)
return false;
$row = mysqli_fetch_array($sql);
$data['url'] = $site_url.'a/'.$data['hash'];
$data['ank_id'] = $row['ank_id'];
$data['title'] = $row['naslov'];
$data['usr_id'] = $row['usr_id'];
$data['usr_lang'] = $row['lang'];
$data['author_email'] = $row['email'];
}
else{
// Preverimo ce imamo mogoce lep url
$nice_url = $arr[1];
$sql = sisplet_query("SELECT a.id AS ank_id, a.hash, a.naslov, u.id AS usr_id, u.lang, u.email
FROM srv_anketa a, srv_nice_links nl, users u
WHERE nl.link='".$nice_url."' AND nl.ank_id=a.id AND u.id=a.insert_uid
");
// Anekta ne obstaja - nepravilen url
if(mysqli_num_rows($sql) == 0)
return false;
$row = mysqli_fetch_array($sql);
$data['url'] = $site_url.'/'.$nice_url;
$data['ank_id'] = $row['ank_id'];
$data['hash'] = $row['hash'];
$data['title'] = $row['naslov'];
$data['usr_id'] = $row['usr_id'];
$data['usr_lang'] = $row['lang'];
$data['author_email'] = $row['email'];
}
}
else
return false;
if(isset($data['ank_id']) && isset($data['usr_id']) && isset($data['title']) && isset($data['url']) && isset($data['author_email']))
return $data;
else
return false;
}
// Prikaze obrazec za zahteve za izbris (v simple frontend)
public static function displayGDPRRequestForm($status=array()){
global $lang;
global $site_url;
// Uspesno poslan zahtevek
if(isset($status['success'])){
echo $status['success'];
}
else{
// Ce imamo errorje
$error = (isset($status['error'])) ? $status['error'] : array();
// Kar smo predhodno poslali
$posted = (isset($status['posted'])) ? $status['posted'] : array();
// Nastavimo se jezik ob napakah
if(isset($posted['lang_id'])){
$file = '../../lang/'.$posted['lang_id'].'.php';
include($file);
}
echo '
'.$lang['srv_gdpr_drupal_title'].'
';
echo '
'.$lang['srv_gdpr_drupal_intro1'].'
';
echo '
'.$lang['srv_gdpr_drupal_intro2'].'
';
echo ' ';
}
}
// Vrnemo celoten gdpr text za respondenta (pravice...) v obliki array-a
public static function getGDPRInfoArray($ank_id, $language_id=''){
global $global_user_id;
global $lang;
$gdpr_settings = self::getUserSettings();
$gdpr_survey_settings = self::getSurveySettings($ank_id);
// Force language
$language_id_bck = '';
if($language_id != '' && $lang['id'] != $language_id){
// Shranimo star jezik da lahko preklopimo nazaj
$language_id_bck = $lang['id'];
$file = '../../lang/'.$language_id.'.php';
include($file);
$translation = ($language_id == '1') ? '_slo' : '_eng';
}
else{
$translation = ($lang['id'] == '1') ? '_slo' : '_eng';
}
$result = array();
// OSEBNI PODATKI
$result[0]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text1_1'];
$result[0]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text1_2'];
// Avtor raziskave
$research_author = self::getResearchAuthor($ank_id, $gdpr_settings, $gdpr_survey_settings);
if($research_author != '')
$result[0]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text1_3'].' '.$research_author.'';
$result[0]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text1_4'].':';
$temp_text = '';
if($gdpr_survey_settings['name'])
$temp_text .= $lang['srv_gdpr_intro_name'].', ';
if($gdpr_survey_settings['email'])
$temp_text .= $lang['srv_gdpr_intro_email'].', ';
if($gdpr_survey_settings['location'])
$temp_text .= $lang['srv_gdpr_intro_location'].', ';
if($gdpr_survey_settings['phone'])
$temp_text .= $lang['srv_gdpr_intro_phone'].', ';
if($gdpr_survey_settings['web'])
$temp_text .= $lang['srv_gdpr_intro_web'].', ';
if($gdpr_survey_settings['other'])
$temp_text .= $lang['srv_gdpr_intro_other'].' - '.$gdpr_survey_settings['other_text'.$translation].', ';
$result[0]['text'][2] .= ' '.substr(ucfirst(strtolower($temp_text)), 0,-2).'';
// UPORABA IN HRAMBA PODATKOV
$result[1]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text2_1'];
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text2_2'];
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text2_3'];
$result[1]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text2_4'];
if($gdpr_survey_settings['expire'] == '1' && $gdpr_survey_settings['expire_text'.$translation] != '')
$result[1]['text'][2] .= ' '.$gdpr_survey_settings['expire_text'.$translation].'.';
//text already included in srv_gdpr_survey_gdpr_evidenca_text7_2, so it can duplicate
/* else
$result[1]['text'][2] .= ' '.$lang['srv_gdpr_survey_gdpr_about_text2_5'].''; */
// UPORABNIKI OSEBNI PODATKOV
$result[2]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text3_1'];
$result[2]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text3_2'];
if($gdpr_survey_settings['other_users'] == '1' && $gdpr_survey_settings['other_users_text'.$translation] != '')
$result[2]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text3_32'].' '.$gdpr_survey_settings['other_users_text'.$translation].'. ';
else
$result[2]['text'][1] = ''.$lang['srv_gdpr_survey_gdpr_about_text3_31'].'.';
$result[2]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text3_4'];
// IZNOS PODATKOV V TRETJE DRŽAVE
$result[3]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text4_1'];
if($gdpr_survey_settings['export'] == '1'){
$result[3]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text4_22'].' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_2'].' '.$gdpr_survey_settings['export_country'.$translation].' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_3'];
$result[3]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text4_22_4'].' '.$gdpr_survey_settings['export_user'.$translation].'';
$result[3]['text'][1] = ' '.$lang['srv_gdpr_survey_gdpr_about_text4_22_5'].' '.$gdpr_survey_settings['export_legal'.$translation].'.';
}
else{
$result[3]['text'][0] = ''.$lang['srv_gdpr_survey_gdpr_about_text4_21'].'';
}
// PODATKI O POOBLAŠČENI OSEBI ZA VARSTVO OSEBNIH PODATKOV
$result[4]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text5_1'];
// DPO
if($gdpr_survey_settings['authorized'] == ''){
// Zasebnik brez DPO
if($gdpr_settings['type'] == '0' && $gdpr_settings['has_dpo'] == '0'){
// DPO mail je enak navadnemu mailu, ki ga je vnesel v splosnih nastavitvah
if($gdpr_settings['email'] != ''){
$gdpr_authorized = $gdpr_settings['email'];
}
// Ce ga ni vnesel, je DPO mail enak mailu avtorja ankete
else{
$gdpr_authorized = User::getInstance()->primaryEmail();
}
}
// Zasebnik z DPO ali organizacija
else{
// DPO mail je enak DPO mailu, ki ga je vnesel v splosnih nastavitvah
if($gdpr_settings['dpo_email'] != ''){
$gdpr_authorized = $gdpr_settings['dpo_email'];
}
// Ce ga ni vnesel, je DPO mail enak splosnemu mailu oz. mailu avtorja ankete
else{
if($gdpr_settings['email'] != ''){
$gdpr_authorized = $gdpr_settings['email'];
}
else{
$gdpr_authorized = User::getInstance()->primaryEmail();
}
}
}
}
else{
$gdpr_authorized = $gdpr_survey_settings['authorized'];
}
// Kontaktni email
if($gdpr_survey_settings['contact_email'] == ''){
$user_settings = self::getUserSettings();
// Kontaktni mail je enak mailu, ki ga je vnesel v splosnih nastavitvah
if($user_settings['email'] != ''){
$gdpr_contact_email = $user_settings['email'];
}
// Ce ga ni vnesel, je kontaktni mail enak mailu avtorja ankete
else{
$gdpr_contact_email = User::getInstance()->primaryEmail();
}
}
else{
$gdpr_contact_email = $gdpr_survey_settings['contact_email'];
}
$result[4]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text5_2'].' '.$gdpr_authorized.'';
// Ce mail ni isti izpisemo se avtorja
if($gdpr_authorized != $gdpr_contact_email)
$result[4]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text5_2_2'].' '.$gdpr_contact_email.'';
// ZAVAROVANJE PODATKOV
$result[5]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text6_1'];
$result[5]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text6_2'];
// IZBRIS, SPREMEMBA ALI VPOGLED DO OSEBNIH ANKETNIH PODATKOV
$result[6]['heading'] = $lang['srv_gdpr_survey_gdpr_about_text7_1'];
$result[6]['text'][0] = $lang['srv_gdpr_survey_gdpr_about_text7_2'];
$result[6]['text'][1] = $lang['srv_gdpr_survey_gdpr_about_text7_3'];
if($gdpr_survey_settings['contact_email'] != ''){
$result[6]['text'][1] .= ' '.$gdpr_survey_settings['contact_email'].'. ';
}
elseif($gdpr_settings['email'] != ''){
$result[6]['text'][1] .= ' '.$gdpr_settings['email'].'. ';
}
else{
$sql = sisplet_query("SELECT email FROM users WHERE id = '$global_user_id'");
$row = mysqli_fetch_array($sql);
$result[6]['text'][1] .= ' '.$row['email'].'. ';
}
$result[6]['text'][1] .= $lang['srv_gdpr_survey_gdpr_about_text7_3_2'];
$result[6]['text'][2] = $lang['srv_gdpr_survey_gdpr_about_text7_4'];
// OPOMBA
if($gdpr_survey_settings['note'.$translation] != ''){
$result[7]['heading'] = $lang['note'];
$result[7]['text'][0] = ''.$gdpr_survey_settings['note'.$translation].'';
}
// Preklopimo nazaj jezik
if($language_id_bck != '' && $language_id_bck != $lang['id']){
$file = '../../lang/'.$language_id_bck.'.php';
include($file);
}
return $result;
}
// Vrnemo celoten gdpr text za evidencov obliki array-a
public static function getGDPREvidencaArray($ank_id){
global $global_user_id;
global $lang;
$gdpr_settings = self::getUserSettings();
$gdpr_survey_settings = self::getSurveySettings($ank_id);
$translation = ($lang['id'] == '1') ? '_slo' : '_eng';
$result = array();
$result[0]['heading'] = 'I. '.$lang['srv_gdpr_survey_gdpr_evidenca_text1'];
$result[0]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text1_1'];
$result[1]['heading'] = 'II. '.$lang['srv_gdpr_survey_gdpr_evidenca_text2'];
if($gdpr_settings['type'] == '1'){
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_1'].': ';
$result[1]['text'][0] .= ''.$gdpr_settings['organization'].'';
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_2'].': ';
$result[1]['text'][1] .= ''.$gdpr_settings['address'].'';
$result[1]['text'][2] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_3'].': ';
$result[1]['text'][2] .= ''.$gdpr_settings['organization_maticna'].'';
}
else{
$result[1]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_1'].': ';
$result[1]['text'][0] .= ''.$gdpr_settings['firstname'].' '.$gdpr_settings['lastname'].'';
$result[1]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text2_2'].': ';
$result[1]['text'][1] .= ''.$gdpr_settings['address'].'';
}
$result[2]['heading'] = 'III.'.$lang['srv_gdpr_survey_gdpr_evidenca_text3'];
$result[2]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text3_1'];
$result[3]['heading'] = 'IV. '.$lang['srv_gdpr_survey_gdpr_evidenca_text4'];
$result[3]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text4_1'];
$result[4]['heading'] = 'V. '.$lang['srv_gdpr_survey_gdpr_evidenca_text5'];
$temp_text = '';
if($gdpr_survey_settings['name'])
$temp_text .= $lang['srv_gdpr_intro_name'].', ';
if($gdpr_survey_settings['email'])
$temp_text .= $lang['srv_gdpr_intro_email'].', ';
if($gdpr_survey_settings['location'])
$temp_text .= $lang['srv_gdpr_intro_location'].', ';
if($gdpr_survey_settings['phone'])
$temp_text .= $lang['srv_gdpr_intro_phone'].', ';
if($gdpr_survey_settings['web'])
$temp_text .= $lang['srv_gdpr_intro_web'].', ';
if($gdpr_survey_settings['other'])
$temp_text .= $lang['srv_gdpr_intro_other'].' - '.$gdpr_survey_settings['other_text'.$translation].', ';
$result[4]['text'][0] = ''.substr(ucfirst(strtolower($temp_text)), 0,-2).'';
$result[5]['heading'] = 'VI. '.$lang['srv_gdpr_survey_gdpr_evidenca_text6'];
$result[5]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text6_1'];
$result[5]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text6_2'];
$result[6]['heading'] = 'VII. '.$lang['srv_gdpr_survey_gdpr_evidenca_text7'];
$result[6]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text7_1'].' ';
if($gdpr_survey_settings['expire'] != '1')
$result[6]['text'][0] .= ''.$lang['srv_gdpr_survey_gdpr_evidenca_text7_2'].'';
else
$result[6]['text'][0] .= ''.$gdpr_survey_settings['expire_text'.$translation].'.';
$result[7]['heading'] = 'VIII. '.$lang['srv_gdpr_survey_gdpr_evidenca_text8'];
$result[7]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text8_1'];
$result[7]['text'][1] = $lang['srv_gdpr_survey_gdpr_evidenca_text8_2'];
if($gdpr_survey_settings['other_users'] == '1')
$result[7]['text'][2] = ''.ucfirst($gdpr_survey_settings['other_users_text'.$translation]).'';
$result[8]['heading'] = 'IX. '.$lang['srv_gdpr_survey_gdpr_evidenca_text9'];
if($gdpr_survey_settings['export'] == '1'){
$result[8]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text9_22'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_country'.$translation].'';
$result[8]['text'][0] .= $lang['srv_gdpr_survey_gdpr_evidenca_text9_23'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_user'.$translation].'';
$result[8]['text'][0] .= $lang['srv_gdpr_survey_gdpr_evidenca_text9_24'].' ';
$result[8]['text'][0] .= ''.$gdpr_survey_settings['export_legal'.$translation].'.';
}
else{
$result[8]['text'][0] = ''.$lang['srv_gdpr_survey_gdpr_evidenca_text9_21'].'';
}
$result[9]['heading'] = 'X. '.$lang['srv_gdpr_survey_gdpr_evidenca_text10'];
$result[9]['text'][0] = $lang['srv_gdpr_survey_gdpr_evidenca_text10_1'];
// OPOMBA
if($gdpr_survey_settings['note'.$translation] != ''){
$result[10]['heading'] = 'XI. '.$lang['note'];
$result[10]['text'][0] = ''.$gdpr_survey_settings['note'.$translation].'.';
}
return $result;
}
// Pretvorimo array v text za info oz. evidenco (html popup, textarea)
public static function getGDPRTextFromArray($text_array, $type='html'){
// Dolocimo line break glede na tip (html, pdf ali textarea)
if($type == 'textarea')
$br = '
';
else
$br = ' ';
$text = '';
// Loop po posameznih sklopih
foreach($text_array as $sklop){
// Naslov sklopa
$text .= ''.$sklop['heading'].''.$br;
// Loop po posameznih vrsticah
foreach($sklop['text'] as $vrstica){
$text .= $br.$vrstica.$br;
}
$text .= $br.$br;
}
if($type == 'textarea'){
$text = str_replace('', '', $text);
$text = str_replace('', '', $text);
}
return $text;
}
// Pridobimo avtorja raziskave
public static function getResearchAuthor($ank_id, $gdpr_settings, $gdpr_survey_settings){
global $global_user_id;
$author = '';
// Email avtorja - najprej se pogleda ce je nastavljen GDPR na anketi, potem se povlece splosnega iz GDPR na koncu pa avtor maila
if($gdpr_survey_settings['contact_email'] != ''){
$author = ' '.$gdpr_survey_settings['contact_email'];
}
elseif($gdpr_settings['email'] != ''){
$author = ' '.$gdpr_settings['email'];
}
else{
$sql = sisplet_query("SELECT email FROM users WHERE id = '$global_user_id'");
$row = mysqli_fetch_array($sql);
$author = ' '.$row['email'];
}
// Podjetje ce je nastavljeno v GDPR nastavitvah
if($gdpr_settings['type'] == '1' && $gdpr_settings['organization'] != ''){
$author .= ' ('.$gdpr_settings['organization'].').';
}
else{
$author .= '.';
}
return $author;
}
// Funkcije ajaxa
public function ajax() {
global $lang;
global $global_user_id;
global $site_url;
if (isset ($_POST['ank_id']))
$ank_id = $_POST['ank_id'];
if (isset ($_POST['what']))
$what = $_POST['what'];
if (isset ($_POST['value']))
$value = $_POST['value'];
// Urejanje gdpr nastavitve za userja
if($_GET['a'] == 'gdpr_edit_user'){
$error = array();
$firstname = isset($_POST['firstname']) ? $_POST['firstname'] : '';
$lastname = isset($_POST['lastname']) ? $_POST['lastname'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$type = isset($_POST['type']) ? $_POST['type'] : '0';
$has_dpo = isset($_POST['has_dpo']) ? $_POST['has_dpo'] : '0';
$organization = isset($_POST['organization']) ? $_POST['organization'] : '';
$organization_maticna = isset($_POST['organization_maticna']) ? $_POST['organization_maticna'] : '';
//$organization_davcna = isset($_POST['organization_davcna']) ? $_POST['organization_davcna'] : '';
$dpo_firstname = isset($_POST['dpo_firstname']) ? $_POST['dpo_firstname'] : '';
$dpo_lastname = isset($_POST['dpo_lastname']) ? $_POST['dpo_lastname'] : '';
$dpo_email = isset($_POST['dpo_email']) ? $_POST['dpo_email'] : '';
$dpo_phone = isset($_POST['dpo_phone']) ? $_POST['dpo_phone'] : '';
$address = isset($_POST['address']) ? $_POST['address'] : '';
$country = isset($_POST['country']) ? $_POST['country'] : '';
// Dodatno preverimo ce gre za veljavna maila
if($email != '' && !validEmail($email)){
$email = '';
$error['email'] = 1;
}
if($dpo_email != '' && !validEmail($dpo_email)){
$dpo_email = '';
$error['dpo_email'] = 1;
}
$sql = sisplet_query("INSERT INTO srv_gdpr_user
(usr_id,
type,
has_dpo,
organization,
organization_maticna,
dpo_firstname,
dpo_lastname,
dpo_email,
dpo_phone,
firstname,
lastname,
email,
phone,
address,
country)
VALUES
('".$global_user_id."',
'".$type."',
'".$has_dpo."',
'".$organization."',
'".$organization_maticna."',
'".$dpo_firstname."',
'".$dpo_lastname."',
'".$dpo_email."',
'".$dpo_phone."',
'".$firstname."',
'".$lastname."',
'".$email."',
'".$phone."',
'".$address."',
'".$country."')
ON DUPLICATE KEY UPDATE
type='".$type."',
has_dpo='".$has_dpo."',
organization='".$organization."',
organization_maticna='".$organization_maticna."',
dpo_firstname='".$dpo_firstname."',
dpo_lastname='".$dpo_lastname."',
dpo_email='".$dpo_email."',
dpo_phone='".$dpo_phone."',
firstname='".$firstname."',
lastname='".$lastname."',
email='".$email."',
phone='".$phone."',
address='".$address."',
country='".$country."'");
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
self::displayGDPRUser($error);
}
// Prikaz ustrezne gdpr avtoritetec
if($_GET['a'] == 'gdpr_edit_authority'){
$country = isset($_POST['country']) ? $_POST['country'] : '';
self::displayGDPRAuthority($country);
}
// Nastavljanje ankete da je gdpr
elseif($_GET['a'] == 'gdpr_add_anketa'){
if($ank_id != '' && $ank_id != '0'){
if($value == '1')
$sql = sisplet_query("INSERT INTO srv_gdpr_anketa (ank_id) VALUES ('".$ank_id."')");
else
$sql = sisplet_query("DELETE FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
}
self::displayGDPRSurveyList();
}
// Urejanje gdpr nastavitve za userja
if($_GET['a'] == 'gdpr_edit_anketa'){
if($ank_id != '' && $ank_id != '0'){
$is_gdpr = isset($_POST['is_gdpr']) ? $_POST['is_gdpr'] : '0';
// Vklopimo gdpr
if($is_gdpr == '1'){
$name = isset($_POST['name']) ? $_POST['name'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$location = isset($_POST['location']) ? $_POST['location'] : '';
$phone = isset($_POST['phone']) ? $_POST['phone'] : '';
$web = isset($_POST['web']) ? $_POST['web'] : '';
$other = isset($_POST['other']) ? $_POST['other'] : '';
$other_text_slo = isset($_POST['other_text_slo']) ? $_POST['other_text_slo'] : '';
$other_text_eng = isset($_POST['other_text_eng']) ? $_POST['other_text_eng'] : '';
$template_1ka = isset($_POST['1ka_template']) ? $_POST['1ka_template'] : '';
$about = (isset($_POST['about'])) ? $_POST['about'] : '';
$expire = isset($_POST['expire']) ? $_POST['expire'] : '';
$expire_text_slo = isset($_POST['expire_text_slo']) ? $_POST['expire_text_slo'] : '';
$expire_text_eng = isset($_POST['expire_text_eng']) ? $_POST['expire_text_eng'] : '';
$other_users = isset($_POST['other_users']) ? $_POST['other_users'] : '';
$other_users_text_slo = isset($_POST['other_users_text_slo']) ? $_POST['other_users_text_slo'] : '';
$other_users_text_eng = isset($_POST['other_users_text_eng']) ? $_POST['other_users_text_eng'] : '';
$export = isset($_POST['export']) ? $_POST['export'] : '';
$export_country_slo = isset($_POST['export_country_slo']) ? $_POST['export_country_slo'] : '';
$export_country_eng = isset($_POST['export_country_eng']) ? $_POST['export_country_eng'] : '';
$export_user_slo = isset($_POST['export_user_slo']) ? $_POST['export_user_slo'] : '';
$export_user_eng = isset($_POST['export_user_eng']) ? $_POST['export_user_eng'] : '';
$export_legal_slo = isset($_POST['export_legal_slo']) ? $_POST['export_legal_slo'] : '';
$export_legal_eng = isset($_POST['export_legal_eng']) ? $_POST['export_legal_eng'] : '';
$authorized = isset($_POST['authorized']) ? $_POST['authorized'] : '';
$contact_email = isset($_POST['contact_email']) ? $_POST['contact_email'] : '';
$note_slo = isset($_POST['note_slo']) ? $_POST['note_slo'] : '';
$note_eng = isset($_POST['note_eng']) ? $_POST['note_eng'] : '';
$sql = sisplet_query("INSERT INTO srv_gdpr_anketa (
ank_id,
1ka_template,
name,
email,
location,
phone,
web,
other,
other_text_slo,
other_text_eng,
about,
expire,
expire_text_slo,
expire_text_eng,
other_users,
other_users_text_slo,
other_users_text_eng,
export,
export_user_slo,
export_user_eng,
export_country_slo,
export_country_eng,
export_legal_slo,
export_legal_eng,
authorized,
contact_email,
note_slo,
note_eng
)
VALUES (
'".$ank_id."',
'".$template_1ka."',
'".$name."',
'".$email."',
'".$location."',
'".$phone."',
'".$web."',
'".$other."',
'".$other_text_slo."',
'".$other_text_eng."',
'".$about."',
'".$expire."',
'".$expire_text_slo."',
'".$expire_text_eng."',
'".$other_users."',
'".$other_users_text_slo."',
'".$other_users_text_eng."',
'".$export."',
'".$export_user_slo."',
'".$export_user_eng."',
'".$export_country_slo."',
'".$export_country_eng."',
'".$export_legal_slo."',
'".$export_legal_eng."',
'".$authorized."',
'".$contact_email."',
'".$note_slo."',
'".$note_eng."'
)
ON DUPLICATE KEY UPDATE
1ka_template='".$template_1ka."',
name='".$name."',
email='".$email."',
location='".$location."',
phone='".$phone."',
web='".$web."',
other='".$other."',
other_text_slo='".$other_text_slo."',
other_text_eng='".$other_text_eng."',
about='".$about."',
expire='".$expire."',
expire_text_slo='".$expire_text_slo."',
expire_text_eng='".$expire_text_eng."',
other_users='".$other_users."',
other_users_text_slo='".$other_users_text_slo."',
other_users_text_eng='".$other_users_text_eng."',
export='".$export."',
export_user_slo='".$export_user_slo."',
export_user_eng='".$export_user_eng."',
export_country_slo='".$export_country_slo."',
export_country_eng='".$export_country_eng."',
export_legal_slo='".$export_legal_slo."',
export_legal_eng='".$export_legal_eng."',
authorized='".$authorized."',
contact_email='".$contact_email."',
note_slo='".$note_slo."',
note_eng='".$note_eng."'"
);
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
// Dodatno prikazemo uvod in zakljucek ce se uporablja 1ka template
if($template_1ka == '1'){
$sqlA = sisplet_query("UPDATE srv_anketa SET show_intro='1', show_concl='1' WHERE id='".$ank_id."'");
}
}
// Izklopimo gdpr - pobrisemo nastavitve
else{
$sql = sisplet_query("DELETE FROM srv_gdpr_anketa WHERE ank_id='".$ank_id."'");
if (!$sql)
echo mysqli_error($GLOBALS['connect_db']);
}
}
}
// Prikaz preview-ja gdpr uvoda
if($_GET['a'] == 'gdpr_preview_intro'){
if($ank_id != '' && $ank_id != '0'){
echo '