Merge branch 'backport-session-fix' into 'master'

backport session fix

See merge request framasoft/framadate/framadate!352
This commit is contained in:
Thomas Citharel 2018-12-04 18:08:23 +01:00
commit 15e1d1cc18
3 changed files with 107 additions and 84 deletions

View File

@ -40,8 +40,10 @@ if (is_file('bandeaux_local.php')) {
include_once('bandeaux.php');
}
$form = unserialize($_SESSION['form']);
// Step 1/4 : error if $_SESSION from info_sondage are not valid
if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (($config['use_smtp']) ? empty($_SESSION['form']->admin_mail) : false)) {
if (empty($form->title) || empty($form->admin_name) || (($config['use_smtp']) ? empty($form->admin_mail) : false)) {
$smarty->assign('title', __('Error', 'Error!'));
$smarty->assign('error', __('Error', 'You haven\'t filled the first section of the poll creation.'));
$smarty->display('error.tpl');
@ -51,10 +53,14 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
$min_expiry_time = $pollService->minExpiryDate();
$max_expiry_time = $pollService->maxExpiryDate();
// The poll format is AUTRE (other)
if ($_SESSION['form']->format !== 'A') {
$_SESSION['form']->format = 'A';
$_SESSION['form']->clearChoices();
// The poll format is other (A) if we are in this file
if (!isset($form->format)) {
$form->format = 'A';
}
// If we come from another format, we need to clear choices
if (isset($form->format) && $form->format !== 'A') {
$form->format = 'A';
$form->clearChoices();
}
// Step 4 : Data prepare before insert in DB
@ -69,22 +75,22 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
$time = mktime(0, 0, 0, $registredate[1], $registredate[0], $registredate[2]);
if ($time < $min_expiry_time) {
$_SESSION['form']->end_date = $min_expiry_time;
$form->end_date = $min_expiry_time;
} elseif ($max_expiry_time < $time) {
$_SESSION['form']->end_date = $max_expiry_time;
$form->end_date = $max_expiry_time;
} else {
$_SESSION['form']->end_date = $time;
$form->end_date = $time;
}
}
}
if (empty($_SESSION['form']->end_date)) {
if (empty($form->end_date)) {
// By default, expiration date is 6 months after last day
$_SESSION['form']->end_date = $max_expiry_time;
$form->end_date = $max_expiry_time;
}
// Insert poll in database
$ids = $pollService->createPoll($_SESSION['form']);
$ids = $pollService->createPoll($form);
$poll_id = $ids[0];
$admin_poll_id = $ids[1];
@ -92,15 +98,15 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
if ($config['use_smtp'] === true) {
$message = __('Mail', "This is the message you have to send to the people you want to poll. \nNow, you have to send this message to everyone you want to poll.");
$message .= '<br/><br/>';
$message .= Utils::htmlMailEscape($_SESSION['form']->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlMailEscape($_SESSION['form']->title) . '".<br/>';
$message .= Utils::htmlMailEscape($form->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlMailEscape($form->title) . '".<br/>';
$message .= sprintf(__('Mail', 'Thanks for filling the poll at the link above') . ' :<br/><br/><a href="%1$s">%1$s</a>', Utils::getUrlSondage($poll_id));
$message_admin = __('Mail', "This message should NOT be sent to the polled people. It is private for the poll's creator.\n\nYou can now modify it at the link above");
$message_admin .= sprintf(' :<br/><br/><a href="%1$s">%1$s</a>', Utils::getUrlSondage($admin_poll_id, true));
if ($mailService->isValidEmail($_SESSION['form']->admin_mail)) {
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . $_SESSION['form']->title, $message_admin);
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . $_SESSION['form']->title, $message);
if ($mailService->isValidEmail($form->admin_mail)) {
$mailService->send($form->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . $form->title, $message_admin);
$mailService->send($form->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . $form->title, $message);
}
}
@ -120,22 +126,22 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
else if (isset($_POST['fin_sondage_autre'])) {
// Store choices in $_SESSION
if (isset($_POST['choices'])) {
$_SESSION['form']->clearChoices();
$form->clearChoices();
foreach ($_POST['choices'] as $c) {
if (!empty($c)) {
$c = strip_tags($c);
$choice = new Choice($c);
$_SESSION['form']->addChoice($choice);
$form->addChoice($choice);
}
}
}
// Expiration date is initialised with config parameter. Value will be modified in step 4 if user has defined an other date
$_SESSION['form']->end_date = $max_expiry_time;
$form->end_date = $max_expiry_time;
// Summary
$summary = '<ol>';
foreach ($_SESSION['form']->getChoices() as $i=>$choice) {
foreach ($form->getChoices() as $i=>$choice) {
preg_match_all('/\[!\[(.*?)\]\((.*?)\)\]\((.*?)\)/', $choice->getName(), $md_a_img); // Markdown [![alt](src)](href)
preg_match_all('/!\[(.*?)\]\((.*?)\)/', $choice->getName(), $md_img); // Markdown ![alt](src)
preg_match_all('/\[(.*?)\]\((.*?)\)/', $choice->getName(), $md_a); // Markdown [text](href)
@ -159,6 +165,8 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
$end_date_str = utf8_encode(strftime($date_format['txt_date'], $max_expiry_time)); //textual date
$_SESSION['form'] = serialize($form);
$smarty->assign('title', __('Step 3', 'Removal date and confirmation (3 on 3)'));
$smarty->assign('summary', $summary);
$smarty->assign('end_date_str', $end_date_str);
@ -186,7 +194,7 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
echo ' </div>' . "\n";
// Fields choices : 5 by default
$choices = $_SESSION['form']->getChoices();
$choices = $form->getChoices();
$nb_choices = max(count($choices), 5);
for ($i = 0; $i < $nb_choices; $i++) {
$choice = isset($choices[$i]) ? $choices[$i] : new Choice();
@ -253,4 +261,3 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
bandeau_pied();
}

View File

@ -44,17 +44,23 @@ if (is_readable('bandeaux_local.php')) {
$min_expiry_time = $pollService->minExpiryDate();
$max_expiry_time = $pollService->maxExpiryDate();
// The poll format is DATE
if ($_SESSION['form']->format !== 'D') {
$_SESSION['form']->format = 'D';
$_SESSION['form']->clearChoices();
$form = unserialize($_SESSION['form']);
// The poll format is DATE if we are in this file
if (!isset($form->format)) {
$form->format = 'D';
}
// If we come from another format, we need to clear choices
if (isset($form->format) && $form->format !== 'D') {
$form->format = 'D';
$form->clearChoices();
}
if (!isset($_SESSION['form']->title) || !isset($_SESSION['form']->admin_name) || ($config['use_smtp'] && !isset($_SESSION['form']->admin_mail))) {
if (!isset($form->title) || !isset($form->admin_name) || ($config['use_smtp'] && !isset($form->admin_mail))) {
$step = 1;
} else if (!empty($_POST['confirmation'])) {
$step = 4;
} else if (empty($_POST['choixheures']) || isset($_SESSION['form']->totalchoixjour)) {
} else if (empty($_POST['choixheures']) || isset($form->totalchoixjour)) {
$step = 2;
} else {
$step = 3;
@ -72,25 +78,28 @@ switch ($step) {
// Step 2/4 : Select dates of the poll
// Prefill form->choices
foreach ($_SESSION['form']->getChoices() as $c) {
foreach ($form->getChoices() as $c) {
/** @var Choice $c */
$count = 3 - count($c->getSlots());
for ($i = 0; $i < $count; $i++) {
$c->addSlot('');
}
}
$count = 3 - count($_SESSION['form']->getChoices());
$count = 3 - count($form->getChoices());
for ($i = 0; $i < $count; $i++) {
$c = new Choice('');
$c->addSlot('');
$c->addSlot('');
$c->addSlot('');
$_SESSION['form']->addChoice($c);
$form->addChoice($c);
}
$_SESSION['form'] = serialize($form);
// Display step 2
$smarty->assign('title', __('Step 2 date', 'Poll dates (2 on 3)'));
$smarty->assign('choices', $_SESSION['form']->getChoices());
$smarty->assign('choices', $form->getChoices());
$smarty->assign('error', null);
$smarty->display('create_date_poll_step_2.tpl');
@ -110,7 +119,7 @@ switch ($step) {
if (count($_POST['days']) > MAX_SLOTS_PER_POLL) {
// Display step 2
$smarty->assign('title', __('Step 2 date', 'Poll dates (2 on 3)'));
$smarty->assign('choices', $_SESSION['form']->getChoices());
$smarty->assign('choices', $form->getChoices());
$smarty->assign('error', __f('Error', 'You can\'t select more than %d dates', MAX_SLOTS_PER_POLL));
$smarty->display('create_date_poll_step_2.tpl');
@ -118,7 +127,7 @@ switch ($step) {
}
// Clear previous choices
$_SESSION['form']->clearChoices();
$form->clearChoices();
// Reorder moments to deal with suppressed dates
$moments = [];
@ -138,7 +147,7 @@ switch ($step) {
$date = DateTime::createFromFormat(__('Date', 'datetime_parseformat'), $_POST['days'][$i])->setTime(0, 0, 0);
$time = $date->getTimestamp();
$choice = new Choice($time);
$_SESSION['form']->addChoice($choice);
$form->addChoice($choice);
$schedules = $inputService->filterArray($moments[$i], FILTER_DEFAULT);
for ($j = 0; $j < count($schedules); $j++) {
@ -148,12 +157,12 @@ switch ($step) {
}
}
}
$_SESSION['form']->sortChoices();
$form->sortChoices();
}
// Display step 3
$summary = '<ul>';
$choices = $_SESSION['form']->getChoices();
$choices = $form->getChoices();
foreach ($choices as $choice) {
$summary .= '<li>' . strftime($date_format['txt_full'], $choice->getName());
$first = true;
@ -168,6 +177,8 @@ switch ($step) {
$end_date_str = utf8_encode(strftime($date_format['txt_date'], $max_expiry_time)); // textual date
$_SESSION['form'] = serialize($form);
$smarty->assign('title', __('Step 3', 'Removal date and confirmation (3 on 3)'));
$smarty->assign('summary', $summary);
$smarty->assign('end_date_str', $end_date_str);
@ -190,22 +201,22 @@ switch ($step) {
$time = mktime(0, 0, 0, $registredate[1], $registredate[0], $registredate[2]);
if ($time < $min_expiry_time) {
$_SESSION['form']->end_date = $min_expiry_time;
$form->end_date = $min_expiry_time;
} elseif ($max_expiry_time < $time) {
$_SESSION['form']->end_date = $max_expiry_time;
$form->end_date = $max_expiry_time;
} else {
$_SESSION['form']->end_date = $time;
$form->end_date = $time;
}
}
}
if (empty($_SESSION['form']->end_date)) {
if (empty($form->end_date)) {
// By default, expiration date is 6 months after last day
$_SESSION['form']->end_date = $max_expiry_time;
$form->end_date = $max_expiry_time;
}
// Insert poll in database
$ids = $pollService->createPoll($_SESSION['form']);
$ids = $pollService->createPoll($form);
$poll_id = $ids[0];
$admin_poll_id = $ids[1];
@ -213,7 +224,7 @@ switch ($step) {
if ($config['use_smtp'] === true) {
$message = __('Mail', "This is the message you have to send to the people you want to poll. \nNow, you have to send this message to everyone you want to poll.");
$message .= '<br/><br/>';
$message .= Utils::htmlEscape($_SESSION['form']->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlEscape($_SESSION['form']->title) . '".<br/>';
$message .= Utils::htmlEscape($form->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlEscape($form->title) . '".<br/>';
$message .= __('Mail', 'Thanks for filling the poll at the link above') . ' :<br/><br/><a href="%1$s">%1$s</a>';
$message_admin = __('Mail', "This message should NOT be sent to the polled people. It is private for the poll's creator.\n\nYou can now modify it at the link above");
@ -222,9 +233,9 @@ switch ($step) {
$message = sprintf($message, Utils::getUrlSondage($poll_id));
$message_admin = sprintf($message_admin, Utils::getUrlSondage($admin_poll_id, true));
if ($mailService->isValidEmail($_SESSION['form']->admin_mail)) {
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($_SESSION['form']->title), $message_admin);
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($_SESSION['form']->title), $message);
if ($mailService->isValidEmail($form->admin_mail)) {
$mailService->send($form->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($form->title), $message_admin);
$mailService->send($form->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($form->title), $message);
}
}

View File

@ -35,9 +35,10 @@ $pollRepository = RepositoryFactory::pollRepository();
/* PAGE */
/* ---- */
$form = isset($_SESSION['form']) ? unserialize($_SESSION['form']) : null;
if (!isset($_SESSION['form'])) {
$_SESSION['form'] = new Form();
if ($form === null && !($form instanceof Form)) {
$form = new Form();
}
// Type de sondage
@ -45,10 +46,10 @@ if (isset($_GET['type']) && $_GET['type'] === 'date' ||
isset($_POST['type']) && $_POST['type'] === 'date'
) {
$poll_type = 'date';
$_SESSION['form']->choix_sondage = $poll_type;
$form->choix_sondage = $poll_type;
} else {
$poll_type = 'classic';
$_SESSION['form']->choix_sondage = $poll_type;
$form->choix_sondage = $poll_type;
}
// We clean the data
@ -83,20 +84,21 @@ if ($goToStep2) {
$error_on_customized_url = false;
$error_on_ValueMax = false;
$_SESSION['form']->title = $title;
$_SESSION['form']->id = $customized_url;
$_SESSION['form']->use_customized_url = $use_customized_url;
$_SESSION['form']->use_ValueMax = $use_ValueMax;
$_SESSION['form']->ValueMax = $ValueMax;
$_SESSION['form']->admin_name = $name;
$_SESSION['form']->admin_mail = $mail;
$_SESSION['form']->description = $description;
$_SESSION['form']->editable = $editable;
$_SESSION['form']->receiveNewVotes = $receiveNewVotes;
$_SESSION['form']->receiveNewComments = $receiveNewComments;
$_SESSION['form']->hidden = $hidden;
$_SESSION['form']->use_password = ($use_password !== null);
$_SESSION['form']->results_publicly_visible = ($results_publicly_visible !== null);
$form->title = $title;
$form->id = $customized_url;
$form->use_customized_url = $use_customized_url;
$form->use_ValueMax = $use_ValueMax;
$form->ValueMax = $ValueMax;
$form->admin_name = $name;
$form->admin_mail = $mail;
$form->description = $description;
$form->editable = $editable;
$form->receiveNewVotes = $receiveNewVotes;
$form->receiveNewComments = $receiveNewComments;
$form->hidden = $hidden;
$form->collect_users_mail = $collect_users_mail;
$form->use_password = ($use_password !== null);
$form->results_publicly_visible = ($results_publicly_visible !== null);
if ($config['use_smtp'] === true && empty($mail)) {
$error_on_mail = true;
@ -149,13 +151,15 @@ if ($goToStep2) {
&& !$error_on_password && !$error_on_password_repeat &&!$error_on_ValueMax
) {
// If no errors, we hash the password if needed
if ($_SESSION['form']->use_password) {
$_SESSION['form']->password_hash = PasswordHasher::hash($password);
if ($form->use_password) {
$form->password_hash = PasswordHasher::hash($password);
} else {
$_SESSION['form']->password_hash = null;
$_SESSION['form']->results_publicly_visible = null;
$form->password_hash = null;
$form->results_publicly_visible = null;
}
$_SESSION['form'] = serialize($form);
if ($goToStep2 === 'date') {
header('Location:create_date_poll.php');
exit();
@ -289,20 +293,21 @@ $smarty->assign('default_to_marldown_editor', $config['markdown_editor_by_defaul
$smarty->assign('goToStep2', GO_TO_STEP_2);
$smarty->assign('poll_type', $poll_type);
$smarty->assign('poll_title', Utils::fromPostOrDefault('title', $_SESSION['form']->title));
$smarty->assign('customized_url', Utils::fromPostOrDefault('customized_url', $_SESSION['form']->id));
$smarty->assign('use_customized_url', Utils::fromPostOrDefault('use_customized_url', $_SESSION['form']->use_customized_url));
$smarty->assign('ValueMax', Utils::fromPostOrDefault('ValueMax', $_SESSION['form']->ValueMax));
$smarty->assign('use_ValueMax', Utils::fromPostOrDefault('use_ValueMax', $_SESSION['form']->use_ValueMax));
$smarty->assign('poll_description', !empty($_POST['description']) ? $_POST['description'] : $_SESSION['form']->description);
$smarty->assign('poll_name', Utils::fromPostOrDefault('name', $_SESSION['form']->admin_name));
$smarty->assign('poll_mail', Utils::fromPostOrDefault('mail', $_SESSION['form']->admin_mail));
$smarty->assign('poll_editable', Utils::fromPostOrDefault('editable', $_SESSION['form']->editable));
$smarty->assign('poll_receiveNewVotes', Utils::fromPostOrDefault('receiveNewVotes', $_SESSION['form']->receiveNewVotes));
$smarty->assign('poll_receiveNewComments', Utils::fromPostOrDefault('receiveNewComments', $_SESSION['form']->receiveNewComments));
$smarty->assign('poll_hidden', Utils::fromPostOrDefault('hidden', $_SESSION['form']->hidden));
$smarty->assign('poll_use_password', Utils::fromPostOrDefault('use_password', $_SESSION['form']->use_password));
$smarty->assign('poll_results_publicly_visible', Utils::fromPostOrDefault('results_publicly_visible', $_SESSION['form']->results_publicly_visible));
$smarty->assign('form', $_SESSION['form']);
$smarty->assign('poll_title', Utils::fromPostOrDefault('title', $form->title));
$smarty->assign('customized_url', Utils::fromPostOrDefault('customized_url', $form->id));
$smarty->assign('use_customized_url', Utils::fromPostOrDefault('use_customized_url', $form->use_customized_url));
$smarty->assign('ValueMax', Utils::fromPostOrDefault('ValueMax', $form->ValueMax));
$smarty->assign('use_ValueMax', Utils::fromPostOrDefault('use_ValueMax', $form->use_ValueMax));
$smarty->assign('collect_users_mail', Utils::fromPostOrDefault('collect_users_mail', $form->collect_users_mail));
$smarty->assign('poll_description', !empty($_POST['description']) ? $_POST['description'] : $form->description);
$smarty->assign('poll_name', Utils::fromPostOrDefault('name', $form->admin_name));
$smarty->assign('poll_mail', Utils::fromPostOrDefault('mail', $form->admin_mail));
$smarty->assign('poll_editable', Utils::fromPostOrDefault('editable', $form->editable));
$smarty->assign('poll_receiveNewVotes', Utils::fromPostOrDefault('receiveNewVotes', $form->receiveNewVotes));
$smarty->assign('poll_receiveNewComments', Utils::fromPostOrDefault('receiveNewComments', $form->receiveNewComments));
$smarty->assign('poll_hidden', Utils::fromPostOrDefault('hidden', $form->hidden));
$smarty->assign('poll_use_password', Utils::fromPostOrDefault('use_password', $form->use_password));
$smarty->assign('poll_results_publicly_visible', Utils::fromPostOrDefault('results_publicly_visible', $form->results_publicly_visible));
$smarty->assign('form', $form);
$smarty->display('create_poll.tpl');