diff --git a/index.php b/index.php index 29b25df..3eace78 100755 --- a/index.php +++ b/index.php @@ -69,6 +69,10 @@ switch ($mode) { $variables['imageWithElement'] = 'img/'.$phase.'-with.png'; $variables['imageWithoutElement'] = 'img/'.$phase.'-without.png'; $variables['step_count'] = $index; + // Store the participant ID with some simple validation to prevent SQL injection + if (isset($_POST['participantid'])) { + $_SESSION['participantid'] = preg_replace('/[^A-Za-z0-9\. -]/', '', $_POST['participantid']); + } break; case 'phase_next': $template = 'next.html.twig'; @@ -107,12 +111,16 @@ switch ($mode) { //Building an INSERT query: //Include userid (once collection form is added into the start page) // DB fields are listed here: - $columnstoimplode = array("uid", "datetime", "host", "phase", "xcoordinate", "ycoordinate","responsetime","score"); + $columnstoimplode = array("uid", "datetime", "host", "participantid","phase", "xcoordinate", "ycoordinate","responsetime","score"); // Note that backticks (`) go around field names... $columns = "`".implode("`, `", $columnstoimplode)."`"; // Set up timestamp so you can tell participants apart. http://alvinalexander.com/php/php-date-formatted-sql-timestamp-insert $timestamp = date('Y-m-d G:i:s'); + // Add the uid placeholder, timestamd, and host/IP $valuestoimplode = array("", $timestamp, $_SERVER['REMOTE_ADDR']); + // Add the participant ID + array_push($valuestoimplode,$_SESSION['participantid']); + // Add the results $valuestoimplode = array_merge($valuestoimplode,$ready); $values = "'".implode("', '", $valuestoimplode)."'"; //print_r($values); @@ -170,7 +178,7 @@ switch ($mode) { $stats = array(); //Skip empty results (created during debugging) - if ($record['responsetime'] > 0) { + if ($record['participantid'] != "") { //Put your results in one array $variables['data'][] = $record; } @@ -188,7 +196,6 @@ switch ($mode) { } //End while to loop through results from database. - $results->free(); break; } //End case to select page. diff --git a/views/index.html.twig b/views/index.html.twig index bd0c0ec..0c0e983 100644 --- a/views/index.html.twig +++ b/views/index.html.twig @@ -4,7 +4,12 @@

Change blindness test

We would like a few minutes of your time to help us with a test in change blindness. Your help is very much appreciated.

-

Get started »

+ +
+ Name: + +
+

diff --git a/views/results.html.twig b/views/results.html.twig index e80de42..4188a06 100644 --- a/views/results.html.twig +++ b/views/results.html.twig @@ -54,6 +54,7 @@ uid date host + participant phase x y @@ -67,6 +68,7 @@ {{record.uid}}. {{ record.datetime }} {{ record.host }} + {{ record.participantid }} {{ record.phase }} {{ record.xcoordinate }} {{ record.ycoordinate }} diff --git a/views/results.txt.twig b/views/results.txt.twig index a374d69..32b6d9d 100644 --- a/views/results.txt.twig +++ b/views/results.txt.twig @@ -1,4 +1,4 @@ -uid datetime host phase xcoordinate ycoordinate responsetime score +uid datetime host participant phase xcoordinate ycoordinate responsetime score {% for record in data %} -{{record.uid}} {{record.datetime}} {{record.host}} {{record.phase}} {{record.xcoordinate}} {{record.ycoordinate}} {{record.responsetime}} {{record.score}} +{{record.uid}} {{record.datetime}} {{record.host}} {{record.participantid}} {{record.phase}} {{record.xcoordinate}} {{record.ycoordinate}} {{record.responsetime}} {{record.score}} {% endfor %}