<?php
/*********************************************************************************************************
  "Ensemble" is the proprietary property of The Regents of the University of California ("The Regents.")

  Copyright (c) 2005-10 The Regents of the University of California, Davis campus. All Rights Reserved.

  Redistribution and use in source and binary forms, with or without modification, are permitted by
  nonprofit, research institutions for research use only, provided the conditions in the included
  license agreement are met.

  Refer to the file "ensemble_license.txt" for the license agreement,
  located in the top level directory of this distribution.

**********************************************************************************************************/
//Author: Stefan Tomic
//Janata Lab
//Center for Mind and Brain
//Developed for the Ensemble Project

require_once('../include/variables.php');
session_name($QPI_SESSION_NAME);
session_start();

$this_file = 'initialize_session.php';
$this_function = '';


require_once('../include/functions.php');
require_once($SUBJECT_MYSQL_LOGIN_FILE);
mysql_query("SET NAMES 'utf8'") or report_error_form(mysql_error());

//nocls is used if there are certain session variables that we want to pass to the session
//note that even if $_SESSION is not cleared, certain session variables are still set to their defaults
//it is highly recommended that any script using nocls clears the $_SESSION superglobal array at some stage
if(!isset($_GET['nocls']) || (isset($_GET['nocls']) && ($_GET['nocls'] == 0))) {
  //clear out SESSION superglobal array.
  $_SESSION = array();
 }

$_SESSION['loop_incr_trial'] = FALSE; //if in a loop, tells the form not to reset the trial num until the loop is exited
$_SESSION['looping'] = FALSE;
$_SESSION['num_skip_forms'] = 0;
$_SESSION['trial_order'] = 1;
$_SESSION['response_order'] = 1; //initialize to 1. submit_response.php will increment after submitting the responses for a given form.
$_SESSION['submit_stimulus_id'] = FALSE;
$_SESSION['check_consent'] = FALSE; //flag whether to use check_consent code for any given form.
$_SESSION['submit_lock'] = FALSE; //locks the submit script so that double-click doesn't result in multiple submits
$_SESSION['stimulus_completed'] = FALSE; //toggles to TRUE after a stimulus has presented in order to present associated questions
$_SESSION['uses_matrpc'] = FALSE;
$_SESSION['play_question_audio'] = FALSE;
$_SESSION['num_questions_answered'] = 0; //this is used to increment the display of question numbers across the survey. 
                                         //Even if this number is not displayed for the survey, it is incremented.

//get experiment info from ticket info

$sql_get_experiment_info = "select *, ".
								   "date_format(expiration_datetime,'%H') as hour, ".
	   							   "date_format(expiration_datetime,'%i') as minute, ".
	   							   "date_format(expiration_datetime,'%s') as seconds, ".
	   							   "date_format(expiration_datetime,'%c') as month, ".
    							   "date_format(expiration_datetime,'%d') as day, ".
	   							   "date_format(expiration_datetime,'%Y') as year, ".
								   "play_question_audio, ".
								   "encrypted_response_table ".
								   "from experiment join ticket on (ticket.experiment_id = experiment.experiment_id) ".
					       		   sprintf("where ticket.ticket_code = '%s'",$_GET['tc']);

$get_experiment_info = mysql_query($sql_get_experiment_info) or report_error_form(mysql_error());
$result_experiment_info = mysql_fetch_assoc($get_experiment_info);

//get language info
$_SESSION['language'] = $result_experiment_info['language'];

//read the language string constants
//if no language is set, use english.
//The only case in which language is not set should be when previewing forms in the Form Editor
if(isset($_SESSION['language']))
	require_once(sprintf('../include/languages/%s.php',$_SESSION['language']));
else
	require_once('../include/languages/english.php');

if(!$result_experiment_info) {
	include_once('../form_processing/htmlhead.php');
	kill_session(sprintf('%s<br>%s<br>%s: %s',LANGUAGE_TEXT_ERROR_REPORT1,LANGUAGE_TEXT_ERROR_REPORT2,LANGUAGE_TEXT_QUOTE_ERROR_MESSAGE,LANGUAGE_TEXT_ERROR_INVALID_TICKET));
}

if($result_experiment_info['play_question_audio'] == 'T')
	$_SESSION['play_question_audio'] = TRUE;
else
	$_SESSION['play_question_audio'] = FALSE;

if($result_experiment_info['encrypted_response_table'] == 'T')
	$_SESSION['encrypted_response_table'] = TRUE;
else
	$_SESSION['encrypted_response_table'] = FALSE;
	
$expiration_timestamp = mktime($result_experiment_info['hour'],$result_experiment_info['minute'],$result_experiment_info['seconds'],
							   $result_experiment_info['month'],$result_experiment_info['day'],$result_experiment_info['year']);

//see if the current time is past the expiration time of the ticket. If expiration_datetime is NULL, then there is no expiration.
if($result_experiment_info['expiration_datetime'] != NULL && mktime() > $expiration_timestamp) {
	include_once('../form_processing/htmlhead.php');
	kill_session(sprintf('%s<br>%s<br>%s: %s',LANGUAGE_TEXT_ERROR_REPORT1,LANGUAGE_TEXT_ERROR_REPORT2,LANGUAGE_TEXT_QUOTE_ERROR_MESSAGE,LANGUAGE_TEXT_ERROR_EXPIRED_TICKET));
}


if(($result_experiment_info['used'] == 'T') && ($result_experiment_info['type'] == 'user')) {
	include_once('../form_processing/htmlhead.php');
	kill_session(sprintf('%s<br>%s<br>%s: %s',LANGUAGE_TEXT_ERROR_REPORT1,LANGUAGE_TEXT_ERROR_REPORT2,LANGUAGE_TEXT_QUOTE_ERROR_MESSAGE,LANGUAGE_TEXT_ERROR_USED_TICKET));
}


//set ticket_id in SESSION variable
$_SESSION['ticket_id'] = $result_experiment_info['ticket_id'];
//set response table SESSION variable
$_SESSION['response_table'] = $result_experiment_info['response_table'];
//set experiment_id SESSION variable
$_SESSION['experiment_id'] = $result_experiment_info['experiment_id'];

$_SESSION['exp_params'] = get_experiment_params($_SESSION['experiment_id']);


if(isset($_SESSION['language']))
	include_once(sprintf('../include/languages/%s.php',$_SESSION['language']));
else
	kill_session("ERROR: Experiment language not set. Please notify experiment administrator");


$createNewSession = TRUE;

if(isset($_GET['sid'])) {
    //if 'sid' was passed in as a $_GET variable, then decrypt this subject ID and use it as the subject ID for this session
    //this provides the means to specify a subject ID when linking from a utility (such as scheduler.php)
    $enc_key = subinfo_encryption_key();
    $subjectID = mysql_aes_decrypt($_GET['sid'],$enc_key);

    //make sure the specified subject ID exists in the subject table
    $sql_check_subID = sprintf("select subject_id from subject where subject_id = '%s'",$subjectID);
    $check_subID = mysql_query($sql_check_subID) or report_error_form(mysql_error());
    if(mysql_num_rows($check_subID) == 0)
	kill_session(sprintf("%s<br>%s",LANGUAGE_TEXT_QUOTE_ERROR_MESSAGE,LANGUAGE_TEXT_ERROR_SUBJECT_ID_DOESNT_EXIST));
    $_SESSION['subject_id'] = $subjectID;


    if(isset($_GET['resume_sess']) && ($_GET['resume_sess'] == 1) && responses_exist_for_sub($_SESSION['subject_id'],$_SESSION['response_table'])) {
      $sess_status = find_old_session($_SESSION['subject_id'],TRUE);
      $createNewSession = FALSE;
      if($sess_status == "not_found") {
	report_error_form("Error resuming session","subidgen_passcode_initials_dob.php");
      }
      
    }

}
 else {
     //set temporary subject_id based on users ip address and current timestamp
     //this information is hashed (encrypted w/unique code) so it's impossible
     //to get user's ip address from this info.
     $user_ip_addr = $_SERVER['REMOTE_ADDR'];
     $micro_timestamp = microtime();
     $tmp_subid = "tmp_".md5($user_ip_addr.$micro_timestamp);
     $_SESSION['subject_id'] = $tmp_subid;
 }

//create a new session_id
if($createNewSession) {
  $date = getdate();
  $formatted_dt = sprintf("%4d-%02d-%02d %02d:%02d:%02d",$date['year'],$date['mon'],$date['mday'],$date['hours'],
			  $date['minutes'],$date['seconds']);
  
  $sql_create_session = sprintf("INSERT INTO session (date_time,experiment_id,subject_id,ticket_id) VALUES(%s, %s, %s,%s)",
				GetSQLValueString($formatted_dt,"date"),
				GetSQLValueString($_SESSION['experiment_id'],"int"),
				GetSQLValueString($_SESSION['subject_id'],"text"),
				GetSQLValueString($_SESSION['ticket_id'],"text"));

  $_SESSION['session_id'] = mysql_insert($sql_create_session);
  if(!isset($_SESSION['session_id']) || !isset($_SESSION['ticket_id']) || !isset($_SESSION['response_table']) || !isset($_SESSION['experiment_id']) || !isset($_SESSION['subject_id'])) { 
    kill_session(sprintf('%s<br>%s<br>%s: %s',LANGUAGE_TEXT_ERROR_REPORT1,LANGUAGE_TEXT_ERROR_REPORT2,LANGUAGE_TEXT_QUOTE_ERROR_MESSAGE,LANGAUAGE_TEXT_ERROR_CREATE_SESSION));
  }

  else {
    $_SESSION['last_visited'] = 1;
  }
 }

//store the number of total forms in the experiment. This is used to calculate percentage completion (if reported)
$sql_get_num_forms = sprintf('SELECT * FROM `experiment` left join experiment_x_form using (experiment_id) left join `form` using (form_id) where experiment_id = %d',$_SESSION['experiment_id']);
$get_num_forms= mysql_query($sql_get_num_forms) or report_error_form($sql_get_num_forms. "\n" .mysql_error(),$this_file,$this_fn);
$_SESSION['num_total_forms'] = mysql_num_rows($get_num_forms);

?>