date.chapril.org-framadate/studs.php

250 lines
11 KiB
PHP
Raw Normal View History

2011-05-15 01:32:47 +02:00
<?php
/**
* This software is governed by the CeCILL-B license. If a copy of this license
* is not distributed with this file, you can obtain one at
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
*
* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
*
* =============================
*
* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
*
* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
*/
2016-03-05 16:05:37 +01:00
use Framadate\Exception\AlreadyExistsException;
use Framadate\Exception\ConcurrentEditionException;
2014-12-25 00:55:52 +01:00
use Framadate\Services\LogService;
use Framadate\Services\PollService;
2014-12-17 13:17:08 +01:00
use Framadate\Services\InputService;
use Framadate\Services\MailService;
2015-10-13 01:03:41 +02:00
use Framadate\Services\NotificationService;
use Framadate\Services\SecurityService;
2015-11-30 22:23:26 +01:00
use Framadate\Services\SessionService;
2014-12-17 13:17:08 +01:00
use Framadate\Message;
2014-12-17 13:47:14 +01:00
use Framadate\Utils;
use Framadate\Editable;
use Framadate\Security\Token;
include_once __DIR__ . '/app/inc/init.php';
2015-11-30 22:23:26 +01:00
/* Constantes */
/* ---------- */
const USER_REMEMBER_VOTES_KEY = 'UserVotes';
2014-12-17 13:17:08 +01:00
/* Variables */
/* --------- */
2014-12-17 13:47:14 +01:00
$poll_id = null;
$poll = null;
2014-12-17 13:17:08 +01:00
$message = null;
$editingVoteId = 0;
$accessGranted = true;
$resultPubliclyVisible = true;
$slots = array();
$votes = array();
$comments = array();
/* Services */
/*----------*/
2015-01-06 23:52:52 +01:00
$logService = new LogService();
2014-12-25 00:55:52 +01:00
$pollService = new PollService($connect, $logService);
2014-12-17 13:17:08 +01:00
$inputService = new InputService();
$mailService = new MailService($config['use_smtp']);
2015-10-13 01:03:41 +02:00
$notificationService = new NotificationService($mailService);
$securityService = new SecurityService();
2015-11-30 22:23:26 +01:00
$sessionService = new SessionService();
/* PAGE */
/* ---- */
2011-05-15 03:56:54 +02:00
2015-04-07 17:09:18 +02:00
if (!empty($_GET['poll'])) {
$poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
$poll = $pollService->findById($poll_id);
}
if (!$poll) {
2015-04-07 20:06:24 +02:00
$smarty->assign('error', __('Error', 'This poll doesn\'t exist !'));
$smarty->display('error.tpl');
exit;
2011-05-15 03:56:54 +02:00
}
2015-11-30 22:23:26 +01:00
$editedVoteUniqueId = $sessionService->get(USER_REMEMBER_VOTES_KEY, $poll_id, '');
// -------------------------------
// Password verification
// -------------------------------
if (!is_null($poll->password_hash)) {
// If we came from password submission
$password = isset($_POST['password']) ? $_POST['password'] : null;
if (!empty($password)) {
$securityService->submitPollAccess($poll, $password);
}
2014-12-17 13:17:08 +01:00
if (!$securityService->canAccessPoll($poll)) {
$accessGranted = false;
2014-12-17 13:17:08 +01:00
}
$resultPubliclyVisible = $poll->results_publicly_visible;
if (!$accessGranted && !empty($password)) {
$message = new Message('danger', __('Password', 'Wrong password'));
} else if (!$accessGranted && !$resultPubliclyVisible) {
$message = new Message('danger', __('Password', 'You have to provide a password to access the poll.'));
} else if (!$accessGranted && $resultPubliclyVisible) {
$message = new Message('danger', __('Password', 'You have to provide a password so you can participate to the poll.'));
}
}
// We allow actions only if access is granted
if ($accessGranted) {
// -------------------------------
// A vote is going to be edited
// -------------------------------
if (!empty($_GET['vote'])) {
$editingVoteId = filter_input(INPUT_GET, 'vote', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
2014-12-17 13:17:08 +01:00
}
2014-12-16 00:45:16 +01:00
// -------------------------------
// Something to save (edit or add)
// -------------------------------
if (!empty($_POST['save'])) { // Save edition of an old vote
$name = $inputService->filterName($_POST['name']);
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
2016-03-05 16:05:37 +01:00
$slots_hash = $inputService->filterMD5($_POST['control']);
if (empty($editedVote)) {
$message = new Message('danger', __('Error', 'Something is going wrong...'));
}
if (count($choices) != count($_POST['choices'])) {
$message = new Message('danger', __('Error', 'There is a problem with your choices'));
}
if ($message == null) {
// Update vote
2016-03-05 16:05:37 +01:00
try {
$result = $pollService->updateVote($poll_id, $editedVote, $name, $choices, $slots_hash);
if ($result) {
if ($poll->editable == Editable::EDITABLE_BY_OWN) {
$editedVoteUniqueId = filter_input(INPUT_POST, 'edited_vote', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
$sessionService->set(USER_REMEMBER_VOTES_KEY, $poll_id, $editedVoteUniqueId);
$urlEditVote = Utils::getUrlSondage($poll_id, false, $editedVoteUniqueId);
2016-04-27 00:12:21 +02:00
$message = new Message(
'success',
__('studs', 'Your vote has been registered successfully, but be careful: regarding this poll options, you need to keep this personal link to edit your own vote:'),
$urlEditVote,
__('Poll results', 'Edit the line:').' '.$name,
'glyphicon-pencil');
if ($config['use_smtp']) {
$token = new Token();
$sessionService->set("Common", SESSION_EDIT_LINK_TOKEN, $token);
$smarty->assign('editedVoteUniqueId', $editedVoteUniqueId);
$smarty->assign('token', $token->getValue());
$smarty->assign('poll_id', $poll_id);
$message->includeTemplate = $smarty->fetch('part/form_remember_edit_link.tpl');
$smarty->clearAssign('token');
}
2016-03-05 16:05:37 +01:00
} else {
$message = new Message('success', __('studs', 'Update vote succeeded'));
}
$notificationService->sendUpdateNotification($poll, NotificationService::UPDATE_VOTE, $name);
} else {
2016-03-05 16:05:37 +01:00
$message = new Message('danger', __('Error', 'Update vote failed'));
}
2016-03-05 16:05:37 +01:00
} catch (ConcurrentEditionException $cee) {
$message = new Message('danger', __('Error', 'Poll has been updated before you vote'));
2015-04-07 17:58:45 +02:00
}
2014-12-16 00:45:16 +01:00
}
} elseif (isset($_POST['save'])) { // Add a new vote
$name = $inputService->filterName($_POST['name']);
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
2016-03-05 16:05:37 +01:00
$slots_hash = $inputService->filterMD5($_POST['control']);
2014-12-17 13:17:08 +01:00
if ($name == null) {
$message = new Message('danger', __('Error', 'The name is invalid.'));
}
if (count($choices) != count($_POST['choices'])) {
$message = new Message('danger', __('Error', 'There is a problem with your choices'));
}
2014-12-16 00:45:16 +01:00
if ($message == null) {
// Add vote
2016-03-05 16:05:37 +01:00
try {
$result = $pollService->addVote($poll_id, $name, $choices, $slots_hash);
if ($result) {
if ($poll->editable == Editable::EDITABLE_BY_OWN) {
$editedVoteUniqueId = $result->uniqId;
$sessionService->set(USER_REMEMBER_VOTES_KEY, $poll_id, $editedVoteUniqueId);
$urlEditVote = Utils::getUrlSondage($poll_id, false, $editedVoteUniqueId);
$message = new Message(
'success',
__('studs', 'Your vote has been registered successfully, but be careful: regarding this poll options, you need to keep this personal link to edit your own vote:'),
$urlEditVote,
__('Poll results', 'Edit the line:').' '.$name,
'glyphicon-pencil');
if ($config['use_smtp']) {
$token = new Token();
$sessionService->set("Common", SESSION_EDIT_LINK_TOKEN, $token);
$smarty->assign('editedVoteUniqueId', $editedVoteUniqueId);
$smarty->assign('token', $token->getValue());
$smarty->assign('poll_id', $poll_id);
$message->includeTemplate = $smarty->fetch('part/form_remember_edit_link.tpl');
$smarty->clearAssign('token');
}
2016-03-05 16:05:37 +01:00
} else {
$message = new Message('success', __('studs', 'Adding the vote succeeded'));
}
$notificationService->sendUpdateNotification($poll, NotificationService::ADD_VOTE, $name);
} else {
2016-03-05 16:05:37 +01:00
$message = new Message('danger', __('Error', 'Adding vote failed'));
}
2016-03-05 16:05:37 +01:00
} catch (AlreadyExistsException $aee) {
$message = new Message('danger', __('Error', 'You already voted'));
} catch (ConcurrentEditionException $cee) {
$message = new Message('danger', __('Error', 'Poll has been updated before you vote'));
}
2014-12-16 00:45:16 +01:00
}
}
}
2014-12-17 13:47:14 +01:00
// Retrieve data
if ($resultPubliclyVisible || $accessGranted) {
$slots = $pollService->allSlotsByPoll($poll);
$votes = $pollService->allVotesByPollId($poll_id);
$comments = $pollService->allCommentsByPollId($poll_id);
}
2014-10-21 01:31:26 +02:00
// Assign data to template
$smarty->assign('poll_id', $poll_id);
$smarty->assign('poll', $poll);
2015-04-07 20:06:24 +02:00
$smarty->assign('title', __('Generic', 'Poll') . ' - ' . $poll->title);
2015-03-13 12:56:45 +01:00
$smarty->assign('expired', strtotime($poll->end_date) < time());
2015-05-29 17:46:29 +02:00
$smarty->assign('deletion_date', strtotime($poll->end_date) + PURGE_DELAY * 86400);
$smarty->assign('slots', $poll->format === 'D' ? $pollService->splitSlots($slots) : $slots);
2016-03-05 16:05:37 +01:00
$smarty->assign('slots_hash', $pollService->hashSlots($slots));
2014-12-17 13:17:08 +01:00
$smarty->assign('votes', $pollService->splitVotes($votes));
$smarty->assign('best_choices', $pollService->computeBestChoices($votes));
$smarty->assign('comments', $comments);
2014-12-16 00:45:16 +01:00
$smarty->assign('editingVoteId', $editingVoteId);
2014-12-17 13:17:08 +01:00
$smarty->assign('message', $message);
$smarty->assign('admin', false);
$smarty->assign('hidden', $poll->hidden);
$smarty->assign('accessGranted', $accessGranted);
$smarty->assign('resultPubliclyVisible', $resultPubliclyVisible);
$smarty->assign('editedVoteUniqueId', $editedVoteUniqueId);
$smarty->display('studs.tpl');