From deb3a60dc399b299a3fd61969e68c9ab22eaa330 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Sun, 8 Jun 2008 14:43:39 +0000
Subject: [PATCH] MDL-15116 survery dml conversion

---
 mod/survey/backuplib.php |  47 +++++-------
 mod/survey/download.php  |  67 +++++++++--------
 mod/survey/graph.php     |  20 ++---
 mod/survey/lib.php       | 155 ++++++++++++++++++++-------------------
 mod/survey/report.php    |  14 ++--
 mod/survey/save.php      |   8 +-
 mod/survey/view.php      |   8 +-
 7 files changed, 158 insertions(+), 161 deletions(-)

diff --git a/mod/survey/backuplib.php b/mod/survey/backuplib.php
index 708813f09d..01cbb72159 100644
--- a/mod/survey/backuplib.php
+++ b/mod/survey/backuplib.php
@@ -23,13 +23,12 @@
     //-----------------------------------------------------------
 
     function survey_backup_mods($bf,$preferences) {
-
-        global $CFG;
+        global $DB;
 
         $status = true;
 
         //Iterate over survey table
-        $surveys = get_records ("survey","course",$preferences->backup_course,"id");
+        $surveys = $DB->get_records ("survey", array("course"=>$preferences->backup_course),"id");
         if ($surveys) {
             foreach ($surveys as $survey) {
                 if (backup_mod_selected($preferences,'survey',$survey->id)) {
@@ -41,11 +40,12 @@
     }
 
     function survey_backup_one_mod($bf,$preferences,$survey) {
+        global $DB;
         
         $status = true;
         
         if (is_numeric($survey)) {
-            $survey = get_record('survey','id',$survey);
+            $survey = $DB->get_record('survey', array('id'=>$survey));
         }
         
         //Start mod
@@ -74,12 +74,11 @@
 
     //Backup survey_answers contents (executed from survey_backup_mods)
     function backup_survey_answers ($bf,$preferences,$survey) {
-
-        global $CFG;
+        global $CFG, $DB;
 
         $status = true;
 
-        $survey_answers = get_records("survey_answers","survey",$survey,"id");
+        $survey_answers = $DB->get_records("survey_answers", array("survey"=>$survey), "id");
         //If there is answers
         if ($survey_answers) {
             //Write start tag
@@ -106,12 +105,11 @@
 
     //Backup survey_analysis contents (executed from survey_backup_mods)
     function backup_survey_analysis ($bf,$preferences,$survey) {
-
-        global $CFG;
+        global $CFG, $DB;
 
         $status = true;
 
-        $survey_analysis = get_records("survey_analysis","survey",$survey,"id");
+        $survey_analysis = $DB->get_records("survey_analysis", array("survey"=>$survey,"id"));
         //If there is analysis
         if ($survey_analysis) {
             //Write start tag
@@ -202,33 +200,28 @@
 
     //Returns an array of surveys id
     function survey_ids ($course) {
+        global $DB;
 
-        global $CFG;
-
-        return get_records_sql ("SELECT a.id, a.course
-                                 FROM {$CFG->prefix}survey a
-                                 WHERE a.course = '$course'");
+        return $DB->get_records_sql ("SELECT a.id, a.course
+                                        FROM {survey} a
+                                       WHERE a.course = ?", array($course));
     }
 
     //Returns an array of survey answer id
     function survey_answer_ids_by_course ($course) {
+        global $DB;
 
-        global $CFG;
-
-        return get_records_sql ("SELECT s.id , s.survey
-                                 FROM {$CFG->prefix}survey_answers s,
-                                      {$CFG->prefix}survey a
-                                 WHERE a.course = '$course' AND
-                                       s.survey = a.id");
+        return $DB->get_records_sql ("SELECT s.id , s.survey
+                                        FROM {survey_answers} s, {survey} a
+                                       WHERE a.course = ? AND s.survey = a.id", array($course));
     }
 
     function survey_answer_ids_by_instance ($instanceid) {
+        global $DB;
 
-        global $CFG;
-
-        return get_records_sql ("SELECT s.id , s.survey
-                                 FROM {$CFG->prefix}survey_answers s
-                                 WHERE s.survey = $instanceid");
+        return $DB->get_records_sql ("SELECT s.id , s.survey
+                                        FROM {survey_answers} s
+                                       WHERE s.survey = ?", array($instanceid));
     }
 
 ?>
diff --git a/mod/survey/download.php b/mod/survey/download.php
index 130c7ee0ad..5b3ac438d1 100644
--- a/mod/survey/download.php
+++ b/mod/survey/download.php
@@ -8,11 +8,11 @@
     $type  = optional_param('type', 'xls', PARAM_ALPHA);
     $group = optional_param('group', 0, PARAM_INT);
 
-    if (! $cm = get_record("course_modules", "id", $id)) {
+    if (! $cm = $DB->get_record("course_modules", array("id"=>$id))) {
         print_error("Course Module ID was incorrect");
     }
 
-    if (! $course = get_record("course", "id", $cm->course)) {
+    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
         print_error("Course is misconfigured");
     }
 
@@ -21,7 +21,7 @@
     require_login($course->id, false, $cm);
     require_capability('mod/survey:download', $context) ;
 
-    if (! $survey = get_record("survey", "id", $cm->instance)) {
+    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
         print_error("Survey ID was incorrect");
     }
 
@@ -84,7 +84,6 @@
         }
     }
 
-    $order     = explode(",", $fullorderlist);
     $questions = $fullquestions;
 
 //  Translate all the question texts
@@ -96,21 +95,21 @@
 
 // Get and collate all the results in one big array
 
-    if (! $aaa = get_records("survey_answers", "survey", "$survey->id", "time ASC")) {
+    if (! $aaa = $DB->get_records("survey_answers", array("survey"=>$survey->id), "time ASC")) {
         print_error("There are no answers for this survey yet.");
     }
 
     foreach ($aaa as $a) {
         if (!$group or isset($users[$a->userid])) {
-            if (empty($results["$a->userid"])) { // init new array
-                $results["$a->userid"]["time"] = $a->time;
-                foreach ($order as $key => $qid) {
-                    $results["$a->userid"]["$qid"]["answer1"] = "";
-                    $results["$a->userid"]["$qid"]["answer2"] = "";
+            if (empty($results[$a->userid])) { // init new array
+                $results[$a->userid]["time"] = $a->time;
+                foreach ($fullorderlist as $qid) {
+                    $results[$a->userid][$qid]["answer1"] = "";
+                    $results[$a->userid][$qid]["answer2"] = "";
                 }
             }
-            $results["$a->userid"]["$a->question"]["answer1"] = $a->answer1;
-            $results["$a->userid"]["$a->question"]["answer2"] = $a->answer2;
+            $results[$a->userid][$a->question]["answer1"] = $a->answer1;
+            $results[$a->userid][$a->question]["answer2"] = $a->answer2;
         }
     }
 
@@ -134,7 +133,7 @@
             $myxls->write_string(0,$col++,$item);
         }
         foreach ($order as $key => $qid) {
-            $question = $questions["$qid"];
+            $question = $questions[$qid];
             if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
                 $myxls->write_string(0,$col++,"$question->text");
             }
@@ -150,10 +149,10 @@
         foreach ($results as $user => $rest) {
             $col = 0;
             $row++;
-            if (! $u = get_record("user", "id", $user)) {
+            if (! $u = $DB->get_record("user", array("id"=>$user))) {
                 print_error("Error finding student # $user");
             }
-            if ($n = get_record("survey_analysis", "survey", $survey->id, "userid", $user)) {
+            if ($n = $DB->get_record("survey_analysis", array("survey"=>$survey->id, "userid"=>$user))) {
                 $notes = $n->notes;
             } else {
                 $notes = "No notes made";
@@ -165,17 +164,17 @@
             $myxls->write_string($row,$col++,$u->lastname);
             $myxls->write_string($row,$col++,$u->email);
             $myxls->write_string($row,$col++,$u->idnumber);
-            $myxls->write_string($row,$col++, userdate($results["$user"]["time"], "%d-%b-%Y %I:%M:%S %p") );
-//          $myxls->write_number($row,$col++,$results["$user"]["time"],$date);
+            $myxls->write_string($row,$col++, userdate($results[$user]["time"], "%d-%b-%Y %I:%M:%S %p") );
+//          $myxls->write_number($row,$col++,$results[$user]["time"],$date);
             $myxls->write_string($row,$col++,$notes);
 
             foreach ($order as $key => $qid) {
-                $question = $questions["$qid"];
+                $question = $questions[$qid];
                 if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
-                    $myxls->write_string($row,$col++, $results["$user"]["$qid"]["answer1"] );
+                    $myxls->write_string($row,$col++, $results[$user][$qid]["answer1"] );
                 }
                 if ($question->type == "2" || $question->type == "3")  {
-                    $myxls->write_string($row, $col++, $results["$user"]["$qid"]["answer2"] );
+                    $myxls->write_string($row, $col++, $results[$user][$qid]["answer2"] );
                 }
             }
         }
@@ -204,7 +203,7 @@
             $myxls->write_string(0,$col++,$item);
         }
         foreach ($order as $key => $qid) {
-            $question = $questions["$qid"];
+            $question = $questions[$qid];
             if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
                 $myxls->write_string(0,$col++,"$question->text");
             }
@@ -220,10 +219,10 @@
         foreach ($results as $user => $rest) {
             $col = 0;
             $row++;
-            if (! $u = get_record("user", "id", $user)) {
+            if (! $u = $DB->get_record("user", array("id"=>$user))) {
                 print_error("Error finding student # $user");
             }
-            if ($n = get_record("survey_analysis", "survey", $survey->id, "userid", $user)) {
+            if ($n = $DB->get_record("survey_analysis", array("survey"=>$survey->id, "userid"=>$user))) {
                 $notes = $n->notes;
             } else {
                 $notes = "No notes made";
@@ -235,17 +234,17 @@
             $myxls->write_string($row,$col++,$u->lastname);
             $myxls->write_string($row,$col++,$u->email);
             $myxls->write_string($row,$col++,$u->idnumber);
-            $myxls->write_string($row,$col++, userdate($results["$user"]["time"], "%d-%b-%Y %I:%M:%S %p") );
-//          $myxls->write_number($row,$col++,$results["$user"]["time"],$date);
+            $myxls->write_string($row,$col++, userdate($results[$user]["time"], "%d-%b-%Y %I:%M:%S %p") );
+//          $myxls->write_number($row,$col++,$results[$user]["time"],$date);
             $myxls->write_string($row,$col++,$notes);
 
             foreach ($order as $key => $qid) {
-                $question = $questions["$qid"];
+                $question = $questions[$qid];
                 if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
-                    $myxls->write_string($row,$col++, $results["$user"]["$qid"]["answer1"] );
+                    $myxls->write_string($row,$col++, $results[$user][$qid]["answer1"] );
                 }
                 if ($question->type == "2" || $question->type == "3")  {
-                    $myxls->write_string($row, $col++, $results["$user"]["$qid"]["answer2"] );
+                    $myxls->write_string($row, $col++, $results[$user][$qid]["answer2"] );
                 }
             }
         }
@@ -267,7 +266,7 @@
 
     echo "surveyid    surveyname    userid    firstname    lastname    email    idnumber    time    ";
     foreach ($order as $key => $qid) {
-        $question = $questions["$qid"];
+        $question = $questions[$qid];
         if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
             echo "$question->text    ";
         }
@@ -280,7 +279,7 @@
 // Print all the lines of data.
 
     foreach ($results as $user => $rest) {
-        if (! $u = get_record("user", "id", $user)) {
+        if (! $u = $DB->get_record("user", array("id"=>$user))) {
             print_error("Error finding student # $user");
         }
         echo $survey->id."\t";
@@ -290,15 +289,15 @@
         echo $u->lastname."\t";
         echo $u->email."\t";
         echo $u->idnumber."\t";
-        echo userdate($results["$user"]["time"], "%d-%b-%Y %I:%M:%S %p")."\t";
+        echo userdate($results[$user]["time"], "%d-%b-%Y %I:%M:%S %p")."\t";
 
         foreach ($order as $key => $qid) {
-            $question = $questions["$qid"];
+            $question = $questions[$qid];
             if ($question->type == "0" || $question->type == "1" || $question->type == "3" || $question->type == "-1")  {
-                echo $results["$user"]["$qid"]["answer1"]."    ";
+                echo $results[$user][$qid]["answer1"]."    ";
             }
             if ($question->type == "2" || $question->type == "3")  {
-                echo $results["$user"]["$qid"]["answer2"]."    ";
+                echo $results[$user][$qid]["answer2"]."    ";
             }
         }
         echo "\n";
diff --git a/mod/survey/graph.php b/mod/survey/graph.php
index b839281179..c7ad83ed8e 100644
--- a/mod/survey/graph.php
+++ b/mod/survey/graph.php
@@ -14,7 +14,7 @@
         print_error("Course Module ID was incorrect");
     }
 
-    if (! $course = get_record("course", "id", $cm->course)) {
+    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
         print_error("Course is misconfigured");
     }
 
@@ -31,7 +31,7 @@
         }
     }
 
-    if (! $survey = get_record("survey", "id", $cm->instance)) {
+    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
         print_error("Survey ID was incorrect");
     }
 
@@ -61,7 +61,7 @@
 
      case "question.png":
 
-       $question = get_record("survey_questions", "id", $qid);
+       $question = $DB->get_record("survey_questions", array("id"=>$qid));
        $question->text = get_string($question->text, "survey");
        $question->options = get_string($question->options, "survey");
 
@@ -72,7 +72,7 @@
            $buckets2[$key] = 0;
        }
 
-       if ($aaa = get_records_select("survey_answers", "survey = '$cm->instance' AND question = '$qid'")) {
+       if ($aaa = $DB->get_records('survey_answers', array('survey'=>$cm->instance, 'question'=>$qid))) {
            foreach ($aaa as $aa) {
                if (!$group or isset($users[$aa->userid])) {
                    if ($a1 = $aa->answer1) {
@@ -129,7 +129,7 @@
 
      case "multiquestion.png":
 
-       $question  = get_record("survey_questions", "id", $qid);
+       $question  = $DB->get_record("survey_questions", array("id"=>$qid));
        $question->text = get_string($question->text, "survey");
        $question->options = get_string($question->options, "survey");
 
@@ -149,7 +149,7 @@
            $stdev2[$i] = 0;
        }
 
-       $aaa = get_records_select("survey_answers", "((survey = $cm->instance) AND (question in ($question->multi)))");
+       $aaa = $DB->get_records_select("survey_answers", "((survey = ?) AND (question in ($question->multi)))", array($cm->instance));
 
        if ($aaa) {
            foreach ($aaa as $a) {
@@ -293,7 +293,7 @@
            $count1[$i] = 0;
            $count2[$i] = 0;
            $subquestions = $question[$i]->multi;   // otherwise next line doesn't work
-           $aaa = get_records_select("survey_answers", "((survey = $cm->instance) AND (question in ($subquestions)))");
+           $aaa = $DB->get_records_select("survey_answers", "((survey = ?) AND (question in ($subquestions)))", array($cm->instance));
 
            if ($aaa) {
                foreach ($aaa as $a) {
@@ -438,7 +438,7 @@
            $stdev2[$i] = 0.0;
 
            $subquestions = $question[$i]->multi;   // otherwise next line doesn't work
-           $aaa = get_records_select("survey_answers","((survey = $cm->instance) AND (question in ($subquestions)))");
+           $aaa = $DB->get_records_select("survey_answers","((survey = ?) AND (question in ($subquestions)))", array($cm->instance));
 
            if ($aaa) {
                foreach ($aaa as $a) {
@@ -565,7 +565,7 @@
 
      case "studentmultiquestion.png":
 
-       $question  = get_record("survey_questions", "id", $qid);
+       $question  = $DB->get_record("survey_questions", array("id"=>$qid));
        $question->text = get_string($question->text, "survey");
        $question->options = get_string($question->options, "survey");
 
@@ -589,7 +589,7 @@
            $stdev2[$i] = 0.0;
        }
 
-       $aaa = get_records_select("survey_answers", "((survey = $cm->instance) AND (question in ($question->multi)))");
+       $aaa = $DB->get_records_select("survey_answers", "((survey = ?) AND (question in ($question->multi)))", array($cm->instance));
 
        if ($aaa) {
            foreach ($aaa as $a) {
diff --git a/mod/survey/lib.php b/mod/survey/lib.php
index d5158f54f4..9a88fb92a7 100644
--- a/mod/survey/lib.php
+++ b/mod/survey/lib.php
@@ -89,10 +89,12 @@ function survey_delete_instance($id) {
 }
 
 function survey_user_outline($course, $user, $mod, $survey) {
-    if ($answers = get_records_select("survey_answers", "survey='$survey->id' AND userid='$user->id'")) {
+    global $DB;
 
+    if ($answers = $DB->get_records("survey_answers", array('survey'=>$survey->id, 'userid'=>$user->id))) {
         $lastanswer = array_pop($answers);
 
+        $result = new object();
         $result->info = get_string("done", "survey");
         $result->time = $lastanswer->time;
         return $result;
@@ -136,7 +138,7 @@ function survey_user_complete($course, $user, $mod, $survey) {
 }
 
 function survey_print_recent_activity($course, $viewfullnames, $timestart) {
-    global $CFG;
+    global $CFG, $DB;
 
     $modinfo = get_fast_modinfo($course);
     $ids = array();
@@ -156,25 +158,25 @@ function survey_print_recent_activity($course, $viewfullnames, $timestart) {
 
     $slist = implode(',', $ids); // there should not be hundreds of glossaries in one course, right?
 
-    if (!$rs = get_recordset_sql("SELECT sa.userid, sa.survey, MAX(sa.time) AS time,
-                                         u.firstname, u.lastname, u.email, u.picture
-                                    FROM {$CFG->prefix}survey_answers sa
-                                         JOIN {$CFG->prefix}user u ON u.id = sa.userid
-                                   WHERE sa.survey IN ($slist) AND sa.time > $timestart
-                                   GROUP BY sa.userid, sa.survey, u.firstname, u.lastname, u.email, u.picture
-                                   ORDER BY time ASC")) {
+    if (!$rs = $DB->get_recordset_sql("SELECT sa.userid, sa.survey, MAX(sa.time) AS time,
+                                              u.firstname, u.lastname, u.email, u.picture
+                                         FROM {survey_answers} sa
+                                         JOIN {user} u ON u.id = sa.userid
+                                        WHERE sa.survey IN ($slist) AND sa.time > ?
+                                     GROUP BY sa.userid, sa.survey, u.firstname, u.lastname, u.email, u.picture
+                                     ORDER BY time ASC", array($timestart))) {
         return false;
     }
 
     $surveys = array();
 
-    while ($survey = rs_fetch_next_record($rs)) {
+    foreach ($rs as $survey) {
         $cm = $modinfo->instances['survey'][$survey->survey];
         $survey->name = $cm->name;
         $survey->cmid = $cm->id;
         $surveys[] = $survey;
     } 
-    rs_close($rs);
+    $rs->close();
 
     if (!$surveys) {
         return false;
@@ -192,21 +194,18 @@ function survey_print_recent_activity($course, $viewfullnames, $timestart) {
 function survey_get_participants($surveyid) {
 //Returns the users with data in one survey
 //(users with records in survey_analysis and survey_answers, students)
-
-    global $CFG;
+    global $DB;
 
     //Get students from survey_analysis
-    $st_analysis = get_records_sql("SELECT DISTINCT u.id, u.id
-                                    FROM {$CFG->prefix}user u,
-                                         {$CFG->prefix}survey_analysis a
-                                    WHERE a.survey = '$surveyid' and
-                                          u.id = a.userid");
+    $st_analysis = $DB->get_records_sql("SELECT DISTINCT u.id, u.id
+                                           FROM {user} u, {survey_analysis} a
+                                          WHERE a.survey = ? AND
+                                                u.id = a.userid", array($surveyid));
     //Get students from survey_answers
-    $st_answers = get_records_sql("SELECT DISTINCT u.id, u.id
-                                   FROM {$CFG->prefix}user u,
-                                        {$CFG->prefix}survey_answers a
-                                   WHERE a.survey = '$surveyid' and
-                                         u.id = a.userid");
+    $st_answers = $DB->get_records_sql("SELECT DISTINCT u.id, u.id
+                                          FROM {user} u, {survey_answers} a
+                                         WHERE a.survey = ? AND
+                                               u.id = a.userid", array($surveyid));
 
     //Add st_answers to st_analysis
     if ($st_answers) {
@@ -222,98 +221,100 @@ function survey_get_participants($surveyid) {
 
 
 function survey_log_info($log) {
-    global $CFG;
-    return get_record_sql("SELECT s.name, u.firstname, u.lastname, u.picture
-                             FROM {$CFG->prefix}survey s, 
-                                  {$CFG->prefix}user u
-                            WHERE s.id = '$log->info' 
-                              AND u.id = '$log->userid'");
+    global $DB;
+    return $DB->get_record_sql("SELECT s.name, u.firstname, u.lastname, u.picture
+                                  FROM {survey} s, {user} u
+                                 WHERE s.id = ?  AND u.id = ?", array($log->info, $log->userid));
 }
 
 function survey_get_responses($surveyid, $groupid, $groupingid) {
-    global $CFG;
+    global $DB;
+
+    $params = array('surveyid'=>$surveyid, 'groupid'=>$groupid, 'groupingid'=>$groupingid); 
 
     if ($groupid) {
-        $groupsjoin = "INNER JOIN {$CFG->prefix}groups_members gm ON u.id = gm.userid AND gm.groupid = '$groupid' ";
+        $groupsjoin = "JOIN {groups_members} gm ON u.id = gm.userid AND gm.groupid = :groupid ";
 
     } else if ($groupingid) {
-        $groupsjoin = "INNER JOIN {$CFG->prefix}groups_members gm ON u.id = gm.userid
-                       INNER JOIN {$CFG->prefix}groupings_groups gg ON gm.groupid = gg.groupid AND gg.groupingid = $groupingid ";
+        $groupsjoin = "JOIN {groups_members} gm ON u.id = gm.userid
+                       JOIN {groupings_groups} gg ON gm.groupid = gg.groupid AND gg.groupingid = :groupingid ";
     } else {
         $groupsjoin = "";
     }
 
-    return get_records_sql("SELECT u.id, u.firstname, u.lastname, u.picture, MAX(a.time) as time
-                            FROM {$CFG->prefix}survey_answers a
-                                INNER JOIN {$CFG->prefix}user u ON a.userid = u.id
-                                $groupsjoin
-                            WHERE a.survey = $surveyid
-                            GROUP BY u.id, u.firstname, u.lastname, u.picture
-                            ORDER BY time ASC");
+    return $DB->get_records_sql("SELECT u.id, u.firstname, u.lastname, u.picture, MAX(a.time) as time
+                                   FROM {survey_answers} a
+                                   JOIN {user} u ON a.userid = u.id
+                            $groupsjoin
+                                  WHERE a.survey = :surveyid
+                               GROUP BY u.id, u.firstname, u.lastname, u.picture
+                               ORDER BY time ASC", $params);
 }
 
 function survey_get_analysis($survey, $user) {
-    global $CFG;
+    global $DB;
 
-    return get_record_sql("SELECT notes 
-                             FROM {$CFG->prefix}survey_analysis 
-                            WHERE survey='$survey' 
-                              AND userid='$user'");
+    return $DB->get_record_sql("SELECT notes 
+                                  FROM {survey_analysis}
+                                 WHERE survey=? AND userid=?", array($survey, $user));
 }
 
 function survey_update_analysis($survey, $user, $notes) {
-    global $CFG;
+    global $DB;
 
-    return execute_sql("UPDATE {$CFG->prefix}survey_analysis 
-                            SET notes='$notes' 
-                          WHERE survey='$survey' 
-                            AND userid='$user'");
+    return $DB->execute("UPDATE {survey_analysis}
+                            SET notes=? 
+                          WHERE survey=? 
+                            AND userid=?", array($notes, $survey, $user));
 }
 
 
 function survey_get_user_answers($surveyid, $questionid, $groupid, $sort="sa.answer1,sa.answer2 ASC") {
-    global $CFG;
+    global $DB;
+
+    $params = array('surveyid'=>$surveyid, 'questionid'=>$questionid, 'groupid'=>$groupid);
 
     if ($groupid) {
-        $groupsql = "AND gm.groupid = $groupid AND u.id = gm.userid";
+        $groupsql = "AND gm.groupid = :groupid AND u.id = gm.userid";
     } else {
         $groupsql = "";
     }
 
-    return get_records_sql("SELECT sa.*,u.firstname,u.lastname,u.picture 
-                              FROM {$CFG->prefix}survey_answers sa, 
-                                   {$CFG->prefix}user u,
-                                   {$CFG->prefix}groups_members gm 
-                             WHERE sa.survey = '$surveyid' 
-                               AND sa.question = $questionid 
-                               AND u.id = sa.userid $groupsql
-                          ORDER BY $sort");
+    return $DB->get_records_sql("SELECT sa.*,u.firstname,u.lastname,u.picture 
+                                   FROM {survey_answers} sa,  {user} u, {groups_members} gm 
+                                  WHERE sa.survey = :surveyid 
+                                        AND sa.question = :questionid 
+                                        AND u.id = sa.userid $groupsql
+                               ORDER BY $sort", $params);
 }
 
 function survey_get_user_answer($surveyid, $questionid, $userid) {
-    global $CFG;
+    global $DB;
 
-    return get_record_sql("SELECT sa.* 
-                              FROM {$CFG->prefix}survey_answers sa
-                             WHERE sa.survey = '$surveyid' 
-                               AND sa.question = '$questionid' 
-                               AND sa.userid = '$userid'");
+    return $DB->get_record_sql("SELECT sa.* 
+                                  FROM {survey_answers} sa
+                                 WHERE sa.survey = ? 
+                                       AND sa.question = ? 
+                                       AND sa.userid = ?", array($surveyid, $questionid, $userid));
 }
 
 // MODULE FUNCTIONS ////////////////////////////////////////////////////////
 
 function survey_add_analysis($survey, $user, $notes) {
-    global $CFG;
+    global $DB;
 
+    $record = new object();
     $record->survey = $survey;
     $record->userid = $user;
     $record->notes = $notes;
 
-    return insert_record("survey_analysis", $record, false);
+    return $DB->insert_record("survey_analysis", $record, false);
 }
 
 function survey_already_done($survey, $user) {
-   return record_exists("survey_answers", "survey", $survey, "userid", $user);
+    global $DB;
+
+    return $DB->record_exists("survey_answers", array("survey"=>$survey, "userid"=>$user));
 }
 
 function survey_count_responses($surveyid, $groupid, $groupingid) {
@@ -327,6 +328,7 @@ function survey_count_responses($surveyid, $groupid, $groupingid) {
 
 function survey_print_all_responses($cmid, $results, $courseid) {
 
+    $table = new object();
     $table->head  = array ("", get_string("name"),  get_string("time"));
     $table->align = array ("", "left", "left");
     $table->size = array (35, "", "" );
@@ -345,7 +347,7 @@ function survey_get_template_name($templateid) {
     global $DB;
 
     if ($templateid) {
-        if ($ss = get_record("surveys", "id", $templateid)) {
+        if ($ss = $DB->get_record("surveys", array("id"=>$templateid))) {
             return $ss->name;
         }
     } else {
@@ -554,23 +556,24 @@ function survey_reset_course_form_defaults($course) {
  * @return array status array
  */
 function survey_reset_userdata($data) {
-    global $CFG;
+    global $DB;
 
     $componentstr = get_string('modulenameplural', 'survey');
     $status = array();
 
     $surveyssql = "SELECT ch.id
-                     FROM {$CFG->prefix}survey ch
-                    WHERE ch.course={$data->courseid}";
+                     FROM {survey} ch
+                    WHERE ch.course=?";
+    $params = array($data->courseid);
 
     if (!empty($data->reset_survey_answers)) {
-        delete_records_select('survey_answers', "survey IN ($surveyssql)");
-        delete_records_select('survey_analysis', "survey IN ($surveyssql)");
+        $DB->delete_records_select('survey_answers', "survey IN ($surveyssql)", $params);
+        $DB->delete_records_select('survey_analysis', "survey IN ($surveyssql)", $params);
         $status[] = array('component'=>$componentstr, 'item'=>get_string('deleteallanswers', 'survey'), 'error'=>false);
     }
 
     if (!empty($data->reset_survey_analysis)) {
-        delete_records_select('survey_analysis', "survey IN ($surveyssql)");
+        $DB->delete_records_select('survey_analysis', "survey IN ($surveyssql)", $params);
         $status[] = array('component'=>$componentstr, 'item'=>get_string('deleteallanswers', 'survey'), 'error'=>false);
     }
 
diff --git a/mod/survey/report.php b/mod/survey/report.php
index 753e20f8c9..4e6675fa5f 100644
--- a/mod/survey/report.php
+++ b/mod/survey/report.php
@@ -11,6 +11,8 @@
     $student = optional_param('student', 0, PARAM_INT);   // Student ID
     $notes   = optional_param('notes', '', PARAM_RAW);    // Save teachers notes
 
+    $notes = stripslashes($notes); // TODO: remove soon
+
     $qids = explode(',', $qid);
     $qids = clean_param($qids, PARAM_INT);
     $qid = implode (',', $qids);
@@ -19,7 +21,7 @@
         print_error("Course Module ID was incorrect");
     }
 
-    if (! $course = get_record("course", "id", $cm->course)) {
+    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
         print_error("Course is misconfigured");
     }
 
@@ -29,11 +31,11 @@
 
     require_capability('mod/survey:readresponses', $context);
 
-    if (! $survey = get_record("survey", "id", $cm->instance)) {
+    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
         print_error("Survey ID was incorrect");
     }
 
-    if (! $template = get_record("survey", "id", $survey->template)) {
+    if (! $template = $DB->get_record("survey", array("id"=>$survey->template))) {
         print_error("Template ID was incorrect");
     }
 
@@ -177,7 +179,7 @@
             $questions = $DB->get_record("survey_questions", "id", $qid);
             $questionorder = explode(",", $qid);
 
-            if ($scale = get_records("survey_questions", "multi", "$qid")) {
+            if ($scale = $DB->get_records("survey_questions", array("multi"=>$qid))) {
                 $scale = array_pop($scale);
                 print_heading("$scale->text - $strselectedquestions");
             } else {
@@ -260,7 +262,7 @@
         break;
 
       case "question":
-        if (!$question = get_record("survey_questions", "id", $qid)) {
+        if (!$question = $DB->get_record("survey_questions", array("id"=>$qid))) {
             print_error("Question doesn't exist");
         }
         $question->text = get_string($question->text, "survey");
@@ -320,7 +322,7 @@
         break;
 
       case "student":
-         if (!$user = get_record("user", "id", $student)) {
+         if (!$user = $DB->get_record("user", array("id"=>$student))) {
              print_error("Student doesn't exist");
          }
 
diff --git a/mod/survey/save.php b/mod/survey/save.php
index 227677b6ec..18296556cc 100644
--- a/mod/survey/save.php
+++ b/mod/survey/save.php
@@ -6,7 +6,7 @@
 
 // Make sure this is a legitimate posting
 
-    if (!$formdata = data_submitted("$CFG->wwwroot/mod/survey/view.php")) {
+    if (!$formdata = data_submitted(false)) {
         print_error("You are not supposed to use this script like that.");
     }
 
@@ -16,7 +16,7 @@
         print_error("Course Module ID was incorrect");
     }
 
-    if (! $course = get_record("course", "id", $cm->course)) {
+    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
         print_error("Course is misconfigured");
     }
 
@@ -25,7 +25,7 @@
     $context = get_context_instance(CONTEXT_MODULE, $cm->id);
     require_capability('mod/survey:participate', $context);
     
-    if (! $survey = get_record("survey", "id", $cm->instance)) {
+    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
         print_error("Survey ID was incorrect");
     }
 
@@ -84,7 +84,7 @@
             $newdata->answer2 = "";
         }
 
-        if (! insert_record("survey_answers", $newdata)) {
+        if (! $DB->insert_record("survey_answers", $newdata)) {
             print_error("Encountered a problem trying to store your results. Sorry.");
         }
     }
diff --git a/mod/survey/view.php b/mod/survey/view.php
index 1ae335a8e2..0cc346c65a 100644
--- a/mod/survey/view.php
+++ b/mod/survey/view.php
@@ -9,7 +9,7 @@
         print_error("Course Module ID was incorrect");
     }
 
-    if (! $course = get_record("course", "id", $cm->course)) {
+    if (! $course = $DB->get_record("course", array("id"=>$cm->course))) {
         print_error("Course is misconfigured");
     }
 
@@ -19,16 +19,16 @@
 
     require_capability('mod/survey:participate', $context);
 
-    if (! $survey = get_record("survey", "id", $cm->instance)) {
+    if (! $survey = $DB->get_record("survey", array("id"=>$cm->instance))) {
         print_error("Survey ID was incorrect");
     }
     $trimmedintro = trim($survey->intro);
     if (empty($trimmedintro)) {
-        $tempo = get_field("survey", "intro", "id", $survey->template);
+        $tempo = $DB->get_field("survey", "intro", array("id"=>$survey->template));
         $survey->intro = get_string($tempo, "survey");
     }
 
-    if (! $template = get_record("survey", "id", $survey->template)) {
+    if (! $template = $DB->get_record("survey", array("id"=>$survey->template))) {
         print_error("Template ID was incorrect");
     }
 
-- 
2.39.5