Actually enforce the length limitation on the poll creator name

Show a nice error message if it's too long (not on the edit page because
there's no support for this right now)

mbstring is now a required extension

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2021-03-22 19:04:44 +01:00
parent a5c7df64b2
commit 36cef8cc39
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
6 changed files with 22 additions and 3 deletions

View File

@ -99,6 +99,13 @@ if (extension_loaded('intl')) {
$messages[] = new Message('danger', __('Check','You need to enable the PHP Intl extension.'));
}
// mbstring extension
if (extension_loaded('mbstring')) {
$messages[] = new Message('info', __('Check','PHP mbstring extension is enabled.'));
} else {
$messages[] = new Message('danger', __('Check','You need to enable the PHP mbstring extension.'));
}
// Is template compile dir exists and writable ?
if (!file_exists(ROOT_DIR . COMPILE_DIR)) {
$messages[] = new Message('danger', __f('Check','The template compile directory (%s) doesn\'t exist in "%s". Retry the installation process.', COMPILE_DIR, realpath(ROOT_DIR)));

View File

@ -143,7 +143,9 @@ if (isset($_POST['update_poll_info'])) {
$updated = true;
}
} elseif ($field === 'name') {
$admin_name = $inputService->filterName($_POST['name']);
$admin_name = $_POST['name'];
$admin_name = mb_substr($admin_name, 0, 32);
$admin_name = $inputService->filterName($admin_name);
if ($admin_name) {
$poll->admin_name = $admin_name;
$updated = true;

View File

@ -62,7 +62,7 @@ if ($goToStep2) {
$use_customized_url = isset($_POST['use_customized_url']) ? $inputService->filterBoolean($_POST['use_customized_url']) : false;
$customized_url = $use_customized_url === true ? $inputService->filterId($_POST['customized_url']) : null;
$name = $inputService->filterName($_POST['name']);
$name = mb_substr($inputService->filterName($_POST['name']), 0, 32);
$mail = $config['use_smtp'] === true ? $inputService->filterMail($_POST['mail']) : null;
$description = $inputService->filterDescription($_POST['description']);
$editable = $inputService->filterEditable($_POST['editable']);
@ -248,6 +248,10 @@ if (!empty($_POST[GO_TO_STEP_2])) {
$errors['name']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['name']['class'] = ' has-error';
$errors['name']['msg'] = __('Error', 'Enter a name');
} elseif (mb_strlen($inputService->filterName($_POST['name'])) > 32) {
$errors['name']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['name']['class'] = ' has-error';
$errors['name']['msg'] = __('Error', "Name is limited to 32 characters");
} elseif ($error_on_name) {
$errors['name']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['name']['class'] = ' has-error';

View File

@ -66,6 +66,7 @@
"Installation checking": "Installation checking",
"OpenSSL extension loaded.": "OpenSSL extension loaded.",
"PHP Intl extension is enabled.": "PHP Intl extension is enabled.",
"PHP mbstring extension is enabled.": "PHP mbstring extension is enabled.",
"PHP version %s is enough (needed at least PHP %s).": "PHP version %s is enough (needed at least PHP %s).",
"The config file directory (%s) is not writable and the config file (%s) does not exists.": "The config file directory (%s) is not writable and the config file (%s) does not exists.",
"The config file directory (%s) is writable.": "The config file directory (%s) is writable.",
@ -74,6 +75,7 @@
"The template compile directory (%s) is not writable.": "The template compile directory (%s) is not writable.",
"The template compile directory (%s) is writable.": "The template compile directory (%s) is writable.",
"You need to enable the PHP Intl extension.": "You need to enable the PHP Intl extension.",
"You need to enable the PHP mbstring extension.": "You need to enable the PHP mbstring extension.",
"Your PHP version (%s) is too old. This application needs at least PHP %s.": "Your PHP version (%s) is too old. This application needs at least PHP %s.",
"date.timezone is set.": "date.timezone is set."
},
@ -136,6 +138,7 @@
"Framadate is not properly installed, please check the \"INSTALL\" to setup the database before continuing.": "Framadate is not properly installed, please see the 'INSTALL' file for instructions on setting up the database before continuing.",
"Javascript is disabled on your browser. Its activation is required to create a poll.": "JavaScript is disabled on your browser. It is required to create a poll.",
"MISSING_VALUES": "Missing values",
"Name is limited to 32 characters": "Name is limited to 32 characters",
"No polls found": "No polls found",
"Password is empty": "Password is empty.",
"Passwords do not match": "Passwords do not match.",

View File

@ -66,6 +66,7 @@
"Installation checking": "Vérifications de l'installation",
"OpenSSL extension loaded.": "L'extension PHP OpenSSL est chargée.",
"PHP Intl extension is enabled.": "L'extension PHP Intl est activée.",
"PHP mbstring extension is enabled.": "L'extension PHP mbstring est activée.",
"PHP version %s is enough (needed at least PHP %s).": "Version de PHP %s suffisante (nécessite au moins PHP %s).",
"The config file directory (%s) is not writable and the config file (%s) does not exists.": "Le dossier du fichier de configuration (%s) n'est pas accessible en écriture et le fichier de configuration (%s) n'existe pas.",
"The config file directory (%s) is writable.": "Le dossier du fichier de configuration (%s) est accessible en écriture.",
@ -74,6 +75,7 @@
"The template compile directory (%s) is not writable.": "Le dossier de compilation des templates (%s) n'est pas accessible en écriture.",
"The template compile directory (%s) is writable.": "Le dossier de compilation des templates (%s) est accessible en écriture.",
"You need to enable the PHP Intl extension.": "Vous devez activer l'extension PHP Intl.",
"You need to enable the PHP mbstring extension.": "Vous devez activer l'extension PHP mbstring.",
"Your PHP version (%s) is too old. This application needs at least PHP %s.": "Votre version de PHP (%s) est trop vieille. Cette application a besoin de PHP %s au moins.",
"date.timezone is set.": "date.timezone est défini."
},
@ -136,6 +138,7 @@
"Framadate is not properly installed, please check the \"INSTALL\" to setup the database before continuing.": "Framadate n'est pas installé correctement, lisez le fichier INSTALL pour configurer la base de données avant de continuer.",
"Javascript is disabled on your browser. Its activation is required to create a poll.": "JavaScript est désactivé sur votre navigateur. Son activation est requise pour la création d'un sondage.",
"MISSING_VALUES": "Il manque des valeurs",
"Name is limited to 32 characters": "Le nom est limité à 32 caractères",
"No polls found": "Aucun sondage n'a été trouvé",
"Password is empty": "Le mot de passe est vide.",
"Passwords do not match": "Les mots de passe ne correspondent pas.",

View File

@ -58,7 +58,7 @@
<div class="hidden js-name">
<label class="sr-only" for="newname">{__('PollInfo', 'Initiator of the poll')}</label>
<div class="input-group">
<input type="text" class="form-control" id="newname" name="name" size="40" value="{$poll->admin_name|html}" />
<input type="text" class="form-control" id="newname" name="name" size="40" maxlength="32" value="{$poll->admin_name|html}" />
<span class="input-group-btn">
<button type="submit" class="btn btn-success" name="update_poll_info" value="name" title="{__('PollInfo', 'Save the new name')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{__('Generic', 'Save')}</span></button>
<button class="btn btn-link btn-cancel" title="{__('PollInfo', 'Cancel the name edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{__('Generic', 'Cancel')}</span></button>