From 15640a6788d6bb74499cd67debf5a67f04140e21 Mon Sep 17 00:00:00 2001
From: Olivier PEREZ <olivier@olivierperez.fr>
Date: Wed, 28 Oct 2015 22:11:00 +0100
Subject: [PATCH 1/2] Fix stupid break in adminstuds

---
 adminstuds.php                                        |  2 +-
 app/classes/Framadate/Repositories/PollRepository.php | 10 ++++++++++
 app/classes/Framadate/Services/PollService.php        |  8 ++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/adminstuds.php b/adminstuds.php
index 3f30a41..c4f3c89 100644
--- a/adminstuds.php
+++ b/adminstuds.php
@@ -91,7 +91,7 @@ if (!empty($_GET['poll'])) {
     $admin_poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
     if (strlen($admin_poll_id) === 24) {
         $poll_id = substr($admin_poll_id, 0, 16);
-        $poll = $pollService->findById($poll_id);
+        $poll = $pollService->findByAdminId($admin_poll_id);
     }
 }
 
diff --git a/app/classes/Framadate/Repositories/PollRepository.php b/app/classes/Framadate/Repositories/PollRepository.php
index 95debe4..e9ad702 100644
--- a/app/classes/Framadate/Repositories/PollRepository.php
+++ b/app/classes/Framadate/Repositories/PollRepository.php
@@ -29,6 +29,16 @@ class PollRepository extends AbstractRepository {
         return $poll;
     }
 
+    public function findByAdminId($admin_poll_id) {
+        $prepared = $this->prepare('SELECT * FROM `' . Utils::table('poll') . '` WHERE admin_id = ?');
+
+        $prepared->execute(array($admin_poll_id));
+        $poll = $prepared->fetch();
+        $prepared->closeCursor();
+
+        return $poll;
+    }
+
     public function existsById($poll_id) {
         $prepared = $this->prepare('SELECT 1 FROM `' . Utils::table('poll') . '` WHERE id = ?');
 
diff --git a/app/classes/Framadate/Services/PollService.php b/app/classes/Framadate/Services/PollService.php
index 120ae97..a666041 100644
--- a/app/classes/Framadate/Services/PollService.php
+++ b/app/classes/Framadate/Services/PollService.php
@@ -56,6 +56,14 @@ class PollService {
         return null;
     }
 
+    public function findByAdminId($admin_poll_id) {
+        if (preg_match('/^[\w\d]{24}$/i', $admin_poll_id)) {
+            return $this->pollRepository->findByAdminId($admin_poll_id);
+        }
+
+        return null;
+    }
+
     function allCommentsByPollId($poll_id) {
         return $this->commentRepository->findAllByPollId($poll_id);
     }

From 8f2c9f07d49453e444fa824451f5f2f63c33d506 Mon Sep 17 00:00:00 2001
From: Olivier PEREZ <olivier@olivierperez.fr>
Date: Wed, 28 Oct 2015 22:53:56 +0100
Subject: [PATCH 2/2] Don't split admin_poll_id as poll_id

---
 adminstuds.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/adminstuds.php b/adminstuds.php
index c4f3c89..9c7ac25 100644
--- a/adminstuds.php
+++ b/adminstuds.php
@@ -90,12 +90,13 @@ function sendUpdateNotification($poll, $mailService, $type) {
 if (!empty($_GET['poll'])) {
     $admin_poll_id = filter_input(INPUT_GET, 'poll', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
     if (strlen($admin_poll_id) === 24) {
-        $poll_id = substr($admin_poll_id, 0, 16);
         $poll = $pollService->findByAdminId($admin_poll_id);
     }
 }
 
-if (!$poll) {
+if ($poll) {
+    $poll_id = $poll->id;
+} else {
     $smarty->assign('error', __('Error', 'This poll doesn\'t exist !'));
     $smarty->display('error.tpl');
     exit;