2011-05-15 01:32:47 +02:00
< ? php
2014-09-04 17:52:18 +02:00
/**
* This software is governed by the CeCILL - B license . If a copy of this license
* is not distributed with this file , you can obtain one at
* http :// www . cecill . info / licences / Licence_CeCILL - B_V1 - en . txt
*
* Authors of STUdS ( initial project ) : Guilhem BORGHESI ( borghesi @ unistra . fr ) and Raphaël DROZ
* Authors of Framadate / OpenSondate : Framasoft ( https :// github . com / framasoft )
*
2014-07-04 11:21:31 +02:00
* =============================
2014-09-04 17:52:18 +02:00
*
* Ce logiciel est régi par la licence CeCILL - B . Si une copie de cette licence
* ne se trouve pas avec ce fichier vous pouvez l ' obtenir sur
* http :// www . cecill . info / licences / Licence_CeCILL - B_V1 - fr . txt
*
2014-07-04 11:21:31 +02:00
* Auteurs de STUdS ( projet initial ) : Guilhem BORGHESI ( borghesi @ unistra . fr ) et Raphaël DROZ
2014-09-04 17:52:18 +02:00
* Auteurs de Framadate / OpenSondage : Framasoft ( https :// github . com / framasoft )
*/
namespace Framadate ;
2011-05-15 01:32:47 +02:00
2014-09-04 17:52:18 +02:00
include_once __DIR__ . '/app/inc/init.php' ;
2015-01-03 17:29:57 +01:00
2014-12-03 21:08:08 +01:00
if ( ! isset ( $_SESSION [ 'form' ])) {
$_SESSION [ 'form' ] = new Form ();
}
2014-09-04 17:52:18 +02:00
2011-05-15 03:56:54 +02:00
if ( file_exists ( 'bandeaux_local.php' )) {
2014-09-04 17:52:18 +02:00
include_once ( 'bandeaux_local.php' );
2011-05-15 03:56:54 +02:00
} else {
2014-09-04 17:52:18 +02:00
include_once ( 'bandeaux.php' );
}
2014-12-03 21:08:08 +01:00
// Type de sondage : <button value="$_SESSION['form']->choix_sondage">
2014-09-04 17:52:18 +02:00
if (( isset ( $_GET [ 'choix_sondage' ]) && $_GET [ 'choix_sondage' ] == 'date' ) ||
( isset ( $_POST [ " choix_sondage " ]) && $_POST [ " choix_sondage " ] == 'creation_sondage_date' )) {
$choix_sondage = " creation_sondage_date " ;
2014-12-03 21:08:08 +01:00
$_SESSION [ 'form' ] -> choix_sondage = $choix_sondage ;
2014-09-04 17:52:18 +02:00
} else {
$choix_sondage = " creation_sondage_autre " ;
2014-12-03 21:08:08 +01:00
$_SESSION [ 'form' ] -> choix_sondage = $choix_sondage ;
2011-05-15 03:56:54 +02:00
}
2011-05-15 01:32:47 +02:00
2015-01-05 23:30:47 +01:00
// We clean the data
$poursuivre = filter_input ( INPUT_POST , 'poursuivre' , FILTER_VALIDATE_REGEXP , [ 'options' => [ 'regexp' => '/^(creation_sondage_date|creation_sondage_autre)$/' ]]);
2015-01-17 01:22:03 +01:00
$title = filter_input ( INPUT_POST , 'titre' , FILTER_SANITIZE_STRING );
$name = filter_input ( INPUT_POST , 'name' , FILTER_VALIDATE_REGEXP , [ 'options' => [ 'regexp' => NAME_REGEX ]]);
$address = filter_input ( INPUT_POST , 'adresse' , FILTER_VALIDATE_EMAIL );
$description = filter_input ( INPUT_POST , 'commentaires' , FILTER_SANITIZE_STRING );
$editable = filter_input ( INPUT_POST , 'editable' , FILTER_VALIDATE_REGEXP , [ 'options' => [ 'regexp' => BOOLEAN_REGEX ]]);
$receiveNewVotes = filter_input ( INPUT_POST , 'receiveNewVotes' , FILTER_VALIDATE_REGEXP , [ 'options' => [ 'regexp' => BOOLEAN_REGEX ]]);
$receiveNewComments = filter_input ( INPUT_POST , 'receiveNewComments' , FILTER_VALIDATE_REGEXP , [ 'options' => [ 'regexp' => BOOLEAN_REGEX ]]);
2015-01-05 23:30:47 +01:00
2011-05-15 05:03:10 +02:00
// On initialise également les autres variables
$erreur_adresse = false ;
$erreur_injection_titre = false ;
$erreur_injection_nom = false ;
$erreur_injection_commentaires = false ;
2011-05-15 01:32:47 +02:00
#tests
2014-12-06 19:42:01 +01:00
if ( ! empty ( $_POST [ 'poursuivre' ])){
2015-01-17 01:22:03 +01:00
$_SESSION [ 'form' ] -> title = $title ;
$_SESSION [ 'form' ] -> admin_name = $name ;
$_SESSION [ 'form' ] -> admin_mail = $address ;
$_SESSION [ 'form' ] -> description = $description ;
2014-12-05 01:08:38 +01:00
$_SESSION [ 'form' ] -> editable = ( $editable !== null ) ? true : false ;
$_SESSION [ 'form' ] -> receiveNewVotes = ( $receiveNewVotes !== null ) ? true : false ;
2015-01-17 01:22:03 +01:00
$_SESSION [ 'form' ] -> receiveNewComments = ( $receiveNewComments !== null ) ? true : false ;
2014-09-04 17:52:18 +02:00
2014-11-14 17:35:22 +01:00
if ( $config [ 'use_smtp' ] == true ){
2015-01-17 01:22:03 +01:00
if ( Utils :: isValidEmail ( $address ) === false ) {
2014-11-14 17:35:22 +01:00
$erreur_adresse = true ;
}
}
2013-03-05 10:58:01 +01:00
2015-01-17 01:22:03 +01:00
if ( preg_match ( ';<|>|";' , $title )) {
2014-09-04 17:52:18 +02:00
$erreur_injection_titre = true ;
2013-03-05 10:58:01 +01:00
}
2014-09-04 17:52:18 +02:00
2015-01-17 01:22:03 +01:00
if ( preg_match ( ';<|>|";' , $name )) {
2014-09-04 17:52:18 +02:00
$erreur_injection_nom = true ;
2013-03-05 10:58:01 +01:00
}
2015-01-17 01:22:03 +01:00
if ( preg_match ( ';<|>|";' , $description )) {
2014-09-04 17:52:18 +02:00
$erreur_injection_commentaires = true ;
2013-03-05 10:58:01 +01:00
}
2014-09-04 17:52:18 +02:00
// Si pas d'erreur dans l'adresse alors on change de page vers date ou autre
2014-12-05 01:08:38 +01:00
if ( $config [ 'use_smtp' ] == true ){
2015-01-17 01:22:03 +01:00
$email_OK = $address && ! $erreur_adresse ;
2014-11-14 17:35:22 +01:00
} else {
$email_OK = true ;
}
2015-01-17 01:22:03 +01:00
if ( $title && $name && $email_OK && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom ) {
2014-09-04 17:52:18 +02:00
2015-01-17 01:22:03 +01:00
if ( $poursuivre == 'creation_sondage_date' ) {
header ( 'Location:choix_date.php' );
2014-09-04 17:52:18 +02:00
exit ();
}
2013-03-05 10:58:01 +01:00
2015-01-17 01:22:03 +01:00
if ( $poursuivre == 'creation_sondage_autre' ) {
header ( 'Location:choix_autre.php' );
2014-09-04 17:52:18 +02:00
exit ();
}
} else {
// Title Erreur !
2015-01-17 01:22:03 +01:00
Utils :: print_header ( _ ( 'Error!' ) . ' - ' . _ ( 'Poll creation (1 on 3)' ) );
2014-09-04 17:52:18 +02:00
}
2014-06-11 19:19:17 +02:00
} else {
2014-09-04 17:52:18 +02:00
// Title OK (formulaire pas encore rempli)
2015-01-17 01:22:03 +01:00
Utils :: print_header ( _ ( 'Poll creation (1 on 3)' ) );
2011-05-15 01:32:47 +02:00
}
2015-01-17 01:22:03 +01:00
bandeau_titre ( _ ( 'Poll creation (1 on 3)' ) );
2011-05-15 01:32:47 +02:00
2014-09-04 17:52:18 +02:00
/*
* Préparation des messages d ' erreur
*/
$errors = array (
'title' => array (
'msg' => '' ,
'aria' => '' ,
'class' => ''
),
'description' => array (
'msg' => '' ,
'aria' => '' ,
'class' => ''
),
'name' => array (
'msg' => '' ,
'aria' => '' ,
'class' => ''
),
'email' => array (
'msg' => '' ,
'aria' => '' ,
'class' => ''
)
);
2014-12-25 00:55:52 +01:00
if ( ! $_SESSION [ 'form' ] -> title && ! empty ( $_POST [ 'poursuivre' ])) {
2015-01-17 01:22:03 +01:00
$errors [ 'title' ][ 'aria' ] = 'aria-describeby="poll_title_error" ' ;
$errors [ 'title' ][ 'class' ] = ' has-error' ;
$errors [ 'title' ][ 'msg' ] = '<div class="alert alert-danger" ><p id="poll_title_error">' . _ ( 'Enter a title' ) . '</p></div>' ;
2011-05-15 03:56:54 +02:00
} elseif ( $erreur_injection_titre ) {
2015-01-17 01:22:03 +01:00
$errors [ 'title' ][ 'aria' ] = 'aria-describeby="poll_title_error" ' ;
$errors [ 'title' ][ 'class' ] = ' has-error' ;
$errors [ 'title' ][ 'inject' ] = '<div class="alert alert-danger"><p id="poll_title_error">' . _ ( 'Characters < > and " are not permitted' ) . '</p></div>' ;
2011-05-15 01:32:47 +02:00
}
2011-05-15 03:56:54 +02:00
if ( $erreur_injection_commentaires ) {
2015-01-17 01:22:03 +01:00
$errors [ 'description' ][ 'aria' ] = 'aria-describeby="poll_comment_error" ' ;
$errors [ 'description' ][ 'class' ] = ' has-error' ;
$errors [ 'description' ][ 'msg' ] = '<div class="alert alert-danger"><p id="poll_comment_error">' . _ ( 'Characters < > and " are not permitted' ) . '</p></div>' ;
2011-05-15 01:32:47 +02:00
}
2011-05-15 03:56:54 +02:00
2014-12-25 00:55:52 +01:00
if ( ! $_SESSION [ 'form' ] -> admin_name && ! empty ( $_POST [ 'poursuivre' ])) {
2015-01-17 01:22:03 +01:00
$errors [ 'name' ][ 'aria' ] = 'aria-describeby="poll_name_error" ' ;
$errors [ 'name' ][ 'class' ] = ' has-error' ;
$errors [ 'name' ][ 'msg' ] = '<div class="alert alert-danger"><p id="poll_name_error">' . _ ( 'Enter a name' ) . '</p></div>' ;
2014-09-04 17:52:18 +02:00
} elseif ( $erreur_injection_nom ) {
2015-01-17 01:22:03 +01:00
$errors [ 'name' ][ 'aria' ] = 'aria-describeby="poll_name_error" ' ;
$errors [ 'name' ][ 'class' ] = ' has-error' ;
$errors [ 'name' ][ 'msg' ] = '<div class="alert alert-danger"><p id="poll_name_error">' . _ ( 'Characters < > and " are not permitted' ) . '</p></div>' ;
2011-05-15 01:32:47 +02:00
}
2011-05-15 03:56:54 +02:00
2014-12-25 00:55:52 +01:00
if ( ! $_SESSION [ 'form' ] -> admin_mail && ! empty ( $_POST [ 'poursuivre' ])) {
2015-01-17 01:22:03 +01:00
$errors [ 'email' ][ 'aria' ] = 'aria-describeby="poll_name_error" ' ;
$errors [ 'email' ][ 'class' ] = ' has-error' ;
$errors [ 'email' ][ 'msg' ] = '<div class="alert alert-danger"><p id="poll_email_error">' . _ ( 'Enter an email address' ) . '</p></div>' ;
2014-12-06 19:42:01 +01:00
} elseif ( $erreur_adresse && ! empty ( $_POST [ 'poursuivre' ])) {
2015-01-17 01:22:03 +01:00
$errors [ 'email' ][ 'aria' ] = 'aria-describeby="poll_email_error" ' ;
$errors [ 'email' ][ 'class' ] = ' has-error' ;
$errors [ 'email' ][ 'msg' ] = '<div class="alert alert-danger"><p id="poll_email_error">' . _ ( 'The address is not correct! You should enter a valid email address (like r.stallman@outlock.com) in order to receive the link to your poll.' ) . '</p></div>' ;
2011-05-15 01:32:47 +02:00
}
2011-05-15 03:56:54 +02:00
2014-09-04 17:52:18 +02:00
/*
* Préparation en fonction des paramètres de session
*/
2011-05-15 03:56:54 +02:00
2014-09-04 17:52:18 +02:00
// REMOTE_USER ?
2011-12-29 20:32:33 +01:00
if ( USE_REMOTE_USER && isset ( $_SERVER [ 'REMOTE_USER' ])) {
2015-01-17 01:22:03 +01:00
$input_name = '<input type="hidden" name="name" value="' . $_SESSION [ 'form' ] -> admin_name . '" />' . $_SESSION [ 'form' ] -> admin_name ;
2011-05-15 03:56:54 +02:00
} else {
2015-01-17 01:22:03 +01:00
$input_name = '<input id="yourname" type="text" name="name" class="form-control" ' . $errors [ 'name' ][ 'aria' ] . ' value="' . $_SESSION [ 'form' ] -> admin_name . '" />' ;
2011-05-15 01:32:47 +02:00
}
2011-05-15 03:56:54 +02:00
2014-09-04 17:52:18 +02:00
if ( USE_REMOTE_USER && isset ( $_SERVER [ 'REMOTE_USER' ])) {
2014-12-25 00:55:52 +01:00
$input_email = '<input type="hidden" name="adresse" value="' . $_SESSION [ 'form' ] -> admin_mail . '">' . $_SESSION [ 'form' ] -> admin_mail ;
2014-09-04 17:52:18 +02:00
} else {
2014-12-25 00:55:52 +01:00
$input_email = '<input id="email" type="text" name="adresse" class="form-control" ' . $errors [ 'email' ][ 'aria' ] . ' value="' . $_SESSION [ 'form' ] -> admin_mail . '" />' ;
2011-05-15 01:32:47 +02:00
}
2014-09-04 17:52:18 +02:00
// Checkbox checked ?
2014-12-05 01:08:38 +01:00
if ( $_SESSION [ 'form' ] -> editable ) {
$editable = 'checked' ;
2011-05-15 03:56:54 +02:00
}
2014-12-05 01:08:38 +01:00
if ( $_SESSION [ 'form' ] -> receiveNewVotes ) {
$receiveNewVotes = 'checked' ;
2011-05-15 03:56:54 +02:00
}
2011-05-15 01:32:47 +02:00
2015-01-17 01:22:03 +01:00
if ( $_SESSION [ 'form' ] -> receiveNewComments ) {
$receiveNewComments = 'checked' ;
}
2014-12-05 01:08:38 +01:00
// Display form
2014-09-04 17:52:18 +02:00
echo '
< div class = " row " >
2014-11-06 15:20:03 +01:00
< div class = " col-md-8 col-md-offset-2 " >
2014-09-04 17:52:18 +02:00
< form name = " formulaire " id = " formulaire " action = " ' . Utils::get_server_name() . 'infos_sondage.php " method = " POST " class = " form-horizontal " role = " form " >
< div class = " alert alert-info " >
2015-01-17 01:22:03 +01:00
< p > '. _(' You are in the poll creation section . ').' < br /> '._(' Required fields cannot be left blank . ') .' </ p >
2014-09-04 17:52:18 +02:00
</ div >
< div class = " form-group'. $errors['title'] ['class'].' " >
2015-01-17 01:22:03 +01:00
< label for = " poll_title " class = " col-sm-4 control-label " > ' . _(' Poll title ') . ' *</ label >
2014-11-06 15:20:03 +01:00
< div class = " col-sm-8 " >
2015-01-17 01:22:03 +01:00
< input id = " poll_title " type = " text " name = " titre " class = " form-control " '.$errors[' title '][' aria '].' value = " '. $_SESSION['form'] ->title.' " />
2014-09-04 17:52:18 +02:00
</ div >
</ div >
'.$errors[' title '][' msg '].'
< div class = " form-group'. $errors['description'] ['class'].' " >
2015-01-17 01:22:03 +01:00
< label for = " poll_comments " class = " col-sm-4 control-label " > '. _(' Description ') .' </ label >
2014-11-06 15:20:03 +01:00
< div class = " col-sm-8 " >
2015-01-17 01:22:03 +01:00
< textarea id = " poll_comments " name = " commentaires " class = " form-control " '.$errors[' description '][' aria '].' rows = " 5 " > '.$_SESSION[' form ']->description.' </ textarea >
2014-09-04 17:52:18 +02:00
</ div >
</ div >
'.$errors[' description '][' msg '].'
< div class = " form-group'. $errors['name'] ['class'].' " >
2015-01-17 01:22:03 +01:00
< label for = " yourname " class = " col-sm-4 control-label " > '. _(' Your name ') .' *</ label >
2014-11-06 15:20:03 +01:00
< div class = " col-sm-8 " >
2014-09-04 17:52:18 +02:00
'.$input_name.'
</ div >
</ div >
2014-11-12 17:49:52 +01:00
'.$errors[' name '][' msg ' ];
2014-11-14 17:35:22 +01:00
if ( $config [ 'use_smtp' ] == true ){
echo '
< div class = " form-group'. $errors['email'] ['class'].' " >
2015-01-17 01:22:03 +01:00
< label for = " email " class = " col-sm-4 control-label " > '. _(' Your email address ') .' *< br />< span class = " small " > '. _(' ( in the format name @ mail . com ) ') .' </ span ></ label >
2014-11-14 17:35:22 +01:00
< div class = " col-sm-8 " >
'.$input_email.'
</ div >
</ div >
'.$errors[' email '][' msg ' ];
}
echo '
< div class = " form-group " >
2015-01-17 01:22:03 +01:00
< div class = " col-sm-offset-4 col-sm-8 " >
2014-09-04 17:52:18 +02:00
< div class = " checkbox " >
< label >
2015-01-17 01:22:03 +01:00
< input type = checkbox name = " editable " '.$editable.' id = " editable " > '. _(' Voters can modify their vote themselves . ') .'
2014-09-04 17:52:18 +02:00
</ label >
</ div >
</ div >
2014-11-12 17:49:52 +01:00
</ div > ' ;
2014-11-14 17:35:22 +01:00
if ( $config [ 'use_smtp' ] == true ){
echo ' < div class = " form-group " >
2015-01-17 01:22:03 +01:00
< div class = " col-sm-offset-4 col-sm-8 " >
< div class = " checkbox " >
< label >
< input type = checkbox name = " receiveNewVotes " '.$receiveNewVotes.' id = " receiveNewVotes " > '. _(' To receive an email for each new vote . ') .'
</ label >
</ div >
</ div >
</ div > ' ;
echo ' < div class = " form-group " >
< div class = " col-sm-offset-4 col-sm-8 " >
2014-11-14 17:35:22 +01:00
< div class = " checkbox " >
< label >
2015-01-17 01:22:03 +01:00
< input type = checkbox name = " receiveNewComments " '.$receiveNewComments.' id = " receiveNewComments " > '. _(' To receive an email for each new comment . ') .'
2014-11-14 17:35:22 +01:00
</ label >
</ div >
</ div >
</ div > ' ;
}
echo '
< p class = " text-right " >
2014-09-04 17:52:18 +02:00
< input type = " hidden " name = " choix_sondage " value = " '. $choix_sondage .' " />
2014-10-21 01:31:26 +02:00
< button name = " poursuivre " value = " '. $choix_sondage .' " type = " submit " class = " btn btn-success " title = " '. _('Go to step 2') . ' " > '. _(' Next ') . ' </ button >
2014-09-04 17:52:18 +02:00
</ p >
2015-01-17 01:22:03 +01:00
< script type = " text/javascript " > document . formulaire . title . focus (); </ script >
2014-09-04 17:52:18 +02:00
</ form >
</ div >
</ div > ' ;
2011-06-23 01:21:56 +02:00
2011-05-15 01:32:47 +02:00
bandeau_pied ();