Chapril/date.chapril.org-framadate
Chapril/date.chapril.org-framadate
23
1
Fork 0
Code Issues Pull Requests Releases Activity

Make add vote working

Browse Source
This commit is contained in:
Olivier PEREZ 2014-12-07 23:12:08 +01:00
parent 3d0e167e77
commit 3743ad55f1
3 changed files with 90 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
app/classes/Framadate/FramaDB.php
View File

@ -37,11 +37,53 @@ class FramaDB
function query($sql) {
return $this->pdo->query($sql);
}
function allComments($poll_id) {
$prepared = $this->prepare('SELECT * FROM comments WHERE id_sondage=? ORDER BY id_comment');
function findPollById($poll_id)
{
// Open database
if (preg_match(';^[\w\d]{16}$;i', $poll_id)) {
$prepared = $this->prepare('SELECT * FROM sondage WHERE sondage.poll_id = ?');
$prepared->execute([$poll_id]);
$poll = $prepared->fetch();
$prepared->closeCursor();
return $poll;
}
return null;
}
function allCommentsByPollId($poll_id) {
$prepared = $this->prepare('SELECT * FROM comments WHERE id_sondage = ? ORDER BY id_comment');
$prepared->execute(array($poll_id));
return $prepared->fetchAll();
}
function allUsersByPollId($poll_id) {
$prepared = $this->prepare('SELECT * FROM user_studs WHERE id_sondage = ? ORDER BY id_users');
$prepared->execute(array($poll_id));
return $prepared->fetchAll();
}
function allSujetsByPollId($poll_id) {
$prepared = $this->prepare('SELECT * FROM sujet_studs WHERE id_sondage = ? ORDER BY sujet');
$prepared->execute(array($poll_id));
return $prepared->fetchAll();
}
function insertVote($name, $poll_id, $choice) {
$prepared = $this->prepare('INSERT INTO user_studs (nom,id_sondage,reponses) VALUES (?,?,?)');
$prepared->execute([$name, $poll_id, $choice]);
$newVote = new \stdClass();
$newVote->id_sondage = $poll_id;
$newVote->id_users = $this->pdo->lastInsertId();
$newVote->nom = $name;
$newVote->reponse = $choice;
return $newVote;
}
}

26
app/classes/Framadate/Utils.php
View File

@ -30,32 +30,6 @@ class Utils
return $scheme . '://' . str_replace('/admin','',str_replace('//','/',str_replace('///','/',$server_name)));
}
public static function get_sondage_from_id($id)
{
global $connect;
// Open database
if (preg_match(';^[\w\d]{16}$;i', $id)) {
$sql = 'SELECT sondage.*,sujet_studs.sujet FROM sondage
LEFT OUTER JOIN sujet_studs ON sondage.id_sondage = sujet_studs.id_sondage
WHERE sondage.id_sondage = ' . $connect->Param('id_sondage');
$sql = $connect->Prepare($sql);
$sondage = $connect->Execute($sql, [$id]);
if ($sondage === false) {
return false;
}
$psondage = $sondage->FetchObject(false);
$psondage->date_fin = strtotime($psondage->date_fin);
return $psondage;
}
return false;
}
public static function is_error($cerr)
{
global $err;

104
studs.php
View File

@ -33,22 +33,25 @@ include_once __DIR__ . '/app/inc/init.php';
$numsondage = false;
//On récupère le numéro de sondage par le lien web.
if(Utils::issetAndNoEmpty('sondage', $_GET) === true) {
if(!empty($_GET['sondage'])) {
$numsondage = $_GET["sondage"];
$_SESSION["numsondage"] = $numsondage;
}
if(Utils::issetAndNoEmpty('sondage') === true) {
if(!empty($_POST['sondage'])) {
$numsondage = $_POST["sondage"];
$_SESSION["numsondage"] = $numsondage;
} elseif(Utils::issetAndNoEmpty('sondage', $_COOKIE) === true) {
} elseif(!empty($_COOKIE['sondage'])) {
$numsondage = $_COOKIE["sondage"];
} elseif(Utils::issetAndNoEmpty('numsondage', $_SESSION) === true) {
} elseif(!empty($_SESSION['sondage'])) {
$numsondage = $_SESSION["numsondage"];
}
$dsondage = ($numsondage != false) ? Utils::get_sondage_from_id($numsondage) : false;
if (!$dsondage || $dsondage->id_sondage == ''){
$dsondage = $connect->findPollById($numsondage);
if ($dsondage){
$sujets = $connect->allSujetsByPollId($numsondage);
$users = $connect->allUsersByPollId($numsondage);
} else {
Utils::print_header( _("Error!"));
bandeau_titre(_("Error!"));
@ -65,7 +68,7 @@ if (!$dsondage || $dsondage->id_sondage == ''){
}
//output a CSV and die()
if(Utils::issetAndNoEmpty('export', $_GET) && $dsondage !== false) {
if(!empty($_GET['export']) && $dsondage) {
if($_GET['export'] == 'csv') {
require_once('exportcsv.php');
}
@ -125,14 +128,12 @@ if(isset($_POST['ajoutcomment'])) {
// Action quand on clique le bouton participer
$sql = 'SELECT * FROM user_studs WHERE id_sondage='.$connect->Param('numsondage').' ORDER BY id_users';
$sql = $connect->Prepare($sql);
$user_studs = $connect->Execute($sql, array($numsondage));
$user_studs = $connect->allUsersByPollId($numsondage);
$nbcolonnes = substr_count($dsondage->sujet, ',') + 1;
$nbcolonnes = count($sujets);
if (!Utils::is_error(NO_POLL) && (isset($_POST["boutonp"]))) {
//Si le nom est bien entré
if (Utils::issetAndNoEmpty('nom') === false) {
if (empty($_POST['nom'])) {
$err |= NAME_EMPTY;
}
@ -154,7 +155,7 @@ if (!Utils::is_error(NO_POLL) && (isset($_POST["boutonp"]))) {
// protection contre les XSS : htmlentities
$nom = htmlentities($nom, ENT_QUOTES, 'UTF-8');
while($user = $user_studs->FetchNextObject(false)) {
foreach ($users as $user) {
if ($nom == $user->nom) {
$err |= NAME_TAKEN;
}
@ -163,20 +164,15 @@ if (!Utils::is_error(NO_POLL) && (isset($_POST["boutonp"]))) {
// Ecriture des choix de l'utilisateur dans la base
if (!Utils::is_error(NAME_TAKEN) && !Utils::is_error(NAME_EMPTY)) {
$sql = 'INSERT INTO user_studs (nom,id_sondage,reponses) VALUES ('.
$connect->Param('nom').', '.
$connect->Param('numsondage').', '.
$connect->Param('nouveauchoix').')';
$sql = $connect->Prepare($sql);
// Todo : Il faudrait lever une erreur en cas d'erreur d'insertion
$newVote = $connect->insertVote($nom, $numsondage, $nouveauchoix);
$user_studs[] = $newVote;
// Todo : Il faudrait lever une erreur en cas d'erreur d'insertion
$connect->Execute($sql, array($nom, $numsondage, $nouveauchoix));
if ($dsondage->mailsonde || /* compatibility for non boolean DB */ $dsondage->mailsonde=="yes" || $dsondage->mailsonde=="true") {
if ($dsondage->receiveNewVotes || /* compatibility for non boolean DB */ $dsondage->receiveNewVotes==="yes" || $dsondage->receiveNewVotes==="true") {
if($config['use_smtp']==true){
Utils::sendEmail( "$dsondage->mail_admin",
"[".NOMAPPLICATION."] "._("Poll's participation")." : ".html_entity_decode($dsondage->titre, ENT_QUOTES, 'UTF-8')."",
html_entity_decode("\"$nom\" ", ENT_QUOTES, 'UTF-8').
Utils::sendEmail( $dsondage->admin_mail,
"[".NOMAPPLICATION."] "._("Poll's participation")." : ".html_entity_decode($dsondage->title, ENT_QUOTES, 'UTF-8') . ' ',
html_entity_decode($nom, ENT_QUOTES, 'UTF-8'). ' ' .
_("has filled a line.\nYou can find your poll at the link") . " :\n\n".
Utils::getUrlSondage($numsondage) . " \n\n" .
_("Thanks for your confidence.") . "\n". NOMAPPLICATION );
@ -186,10 +182,11 @@ if (!Utils::is_error(NO_POLL) && (isset($_POST["boutonp"]))) {
} else {
$err |= NAME_EMPTY;
}
}
if($err != 0) {
Utils::print_header(_("Error!").' - '.$dsondage->titre);
Utils::print_header(_("Error!").' - '.$dsondage->title);
bandeau_titre(_("Error!"));
echo '<div class="alert alert-danger"><ul class="list-unstyled">'."\n";
@ -210,11 +207,11 @@ if($err != 0) {
echo '</ul></div>';
} else {
Utils::print_header(_('Poll').' - '.$dsondage->titre);
bandeau_titre(_('Poll').' - '.$dsondage->titre);
Utils::print_header(_('Poll').' - '.$dsondage->title);
bandeau_titre(_('Poll').' - '.$dsondage->title);
}
$title=stripslashes(str_replace("\\","",$dsondage->titre));
$title=stripslashes(str_replace("\\","",$dsondage->title));
echo '
<div class="jumbotron">
<div class="row">
@ -232,18 +229,18 @@ echo '
<div class="col-md-5">
<div class="form-group">
<h4 class="control-label">'. _("Initiator of the poll") .'</h4>
<p class="form-control-static"> '.stripslashes($dsondage->nom_admin).'</p>
<p class="form-control-static"> '.stripslashes($dsondage->admin_name).'</p>
</div>
<div class="form-group">
<label for="public-link"><a class="public-link" href="' . Utils::getUrlSondage($dsondage->id_sondage) . '">'._("Public link of the poll") .' <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<input class="form-control" id="public-link" type="text" readonly="readonly" value="' . Utils::getUrlSondage($dsondage->id_sondage) . '" />
<label for="public-link"><a class="public-link" href="' . Utils::getUrlSondage($dsondage->poll_id) . '">'._("Public link of the poll") .' <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<input class="form-control" id="public-link" type="text" readonly="readonly" value="' . Utils::getUrlSondage($dsondage->poll_id) . '" />
</div>
</div>'."\n";
//affichage de la description du sondage
if ($dsondage->commentaires) {
$commentaires = $dsondage->commentaires;
$commentaires=nl2br(str_replace("\\","",$commentaires));
if ($dsondage->comment) {
$commentaires = $dsondage->comment;
$commentaires=nl2br(str_replace("\\","",$comment));
echo '
<div class="form-group col-md-7">
<h4 class="control-label">'._("Description") .'</h4><br />
@ -255,7 +252,7 @@ echo '
</div>'."\n"; // .jumbotron
//On récupere les données et les sujets du sondage
$nblignes = $user_studs->RecordCount();
$nblignes = count($users);
//on teste pour voir si une ligne doit etre modifiée
$testmodifier = false;
@ -295,21 +292,13 @@ if ($testmodifier) {
$connect->Execute($sql, array($nouveauchoix, $data->nom, $data->id_users));
if ($dsondage->mailsonde=="yes") {
Utils::sendEmail( "$dsondage->mail_admin", "[".NOMAPPLICATION."] " . _("Poll's participation") . " : ".html_entity_decode($dsondage->titre, ENT_QUOTES, 'UTF-8'), "\"".html_entity_decode($data->nom, ENT_QUOTES, 'UTF-8')."\""."" . _("has filled a line.\nYou can find your poll at the link") . " :\n\n" . Utils::getUrlSondage($numsondage) . " \n\n" . _("Thanks for your confidence.") . "\n".NOMAPPLICATION );
Utils::sendEmail( "$dsondage->mail_admin", "[".NOMAPPLICATION."] " . _("Poll's participation") . " : ".html_entity_decode($dsondage->title, ENT_QUOTES, 'UTF-8'), "\"".html_entity_decode($data->nom, ENT_QUOTES, 'UTF-8')."\""."" . _("has filled a line.\nYou can find your poll at the link") . " :\n\n" . Utils::getUrlSondage($numsondage) . " \n\n" . _("Thanks for your confidence.") . "\n".NOMAPPLICATION );
}
}
$compteur++;
}
}
//recuperation des utilisateurs du sondage
$sql = 'SELECT * FROM user_studs WHERE id_sondage='.$connect->Param('numsondage').' ORDER BY id_users';
$sql = $connect->Prepare($sql);
$user_studs = $connect->Execute($sql, array($numsondage));
//reformatage des données des sujets du sondage
$toutsujet = explode(",",$dsondage->sujet);
// Table headers
$thead = '<thead>';
@ -385,18 +374,17 @@ if ($dsondage->format=="D"||$dsondage->format=="D+"||$dsondage->format=="D-") {
// Subjects poll
} else {
$toutsujet=str_replace("@","<br />",$toutsujet);
$tr_subjects = '<tr><th role="presentation"></th>';
for ($i = 0; isset($toutsujet[$i]); $i++) {
foreach ($sujets as $i=>$sujet) {
$td_headers[$i]='';$radio_title[$i]=''; // init before concatenate
// Subjects
preg_match_all('/\[!\[(.*?)\]\((.*?)\)\]\((.*?)\)/',$toutsujet[$i],$md_a_img); // Markdown [![alt](src)](href)
preg_match_all('/!\[(.*?)\]\((.*?)\)/',$toutsujet[$i],$md_img); // Markdown ![alt](src)
preg_match_all('/\[(.*?)\]\((.*?)\)/',$toutsujet[$i],$md_a); // Markdown [text](href)
preg_match_all('/\[!\[(.*?)\]\((.*?)\)\]\((.*?)\)/',$sujet->sujet,$md_a_img); // Markdown [![alt](src)](href)
preg_match_all('/!\[(.*?)\]\((.*?)\)/',$sujet->sujet,$md_img); // Markdown ![alt](src)
preg_match_all('/\[(.*?)\]\((.*?)\)/',$sujet->sujet,$md_a); // Markdown [text](href)
if (isset($md_a_img[2][0]) && $md_a_img[2][0]!='' && isset($md_a_img[3][0]) && $md_a_img[3][0]!='') { // [![alt](src)](href)
$th_subject_text = (isset($md_a_img[1][0]) && $md_a_img[1][0]!='') ? stripslashes($md_a_img[1][0]) : _("Choice") .' '.($i+1);
@ -414,7 +402,7 @@ if ($dsondage->format=="D"||$dsondage->format=="D+"||$dsondage->format=="D-") {
} else { // text only
$th_subject_text = stripslashes($toutsujet[$i]);
$th_subject_text = stripslashes($sujet->sujet);
$th_subject_html = $th_subject_text;
}
@ -431,7 +419,7 @@ if ($dsondage->format=="D"||$dsondage->format=="D+"||$dsondage->format=="D-") {
// Print headers
echo '
<form name="formulaire" action="' . Utils::getUrlSondage($dsondage->id_sondage) . '" method="POST">
<form name="formulaire" action="' . Utils::getUrlSondage($dsondage->poll_id) . '" method="POST">
<input type="hidden" name="sondage" value="' . $numsondage . '"/>
';
if ($dsondage->format=="A-" || $dsondage->format=="D-") {
@ -475,12 +463,12 @@ $user_mod = false;
$somme[] = 0;
$compteur = 0;
while ($data = $user_studs->FetchNextObject(false)) {
foreach ($users as $user) {
$ensemblereponses = $data->reponses;
$ensemblereponses = $user->reponses;
//affichage du nom
$nombase=str_replace("°","'",$data->nom);
$nombase=str_replace("°","'",$user->nom);
echo '<tr>
<th class="bg-info">'.stripslashes($nombase).'</th>'."\n";
@ -666,11 +654,9 @@ echo '
<hr role="presentation" />';
// Comments
$sql = 'select * from comments where id_sondage='.$connect->Param('numsondage').' order by id_comment';
$sql = $connect->Prepare($sql);
$comment_user=$connect->Execute($sql, array($numsondage));
$comments = $connect->allCommentsByPollId($numsondage);
if ($comment_user->RecordCount() != 0) {
if (count($comments) != 0) {
echo '<div><h3>' . _("Comments of polled people") . '</h3>'."\n";
while($dcomment = $comment_user->FetchNextObject(false)) {