Don't allow black title, name or comment
This commit is contained in:
parent
e4b61ff54b
commit
6d1f0ada0e
@ -176,8 +176,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($name)) {
|
if ($name == null) {
|
||||||
$message = new Message('danger', __('Error', 'The name is invalid'));
|
$message = new Message('danger', __('Error', 'The name is invalid.'));
|
||||||
}
|
}
|
||||||
if (count($choices) != count($_POST['choices'])) {
|
if (count($choices) != count($_POST['choices'])) {
|
||||||
$message = new Message('danger', __('Error', 'There is a problem with your choices'));
|
$message = new Message('danger', __('Error', 'There is a problem with your choices'));
|
||||||
@ -234,8 +234,8 @@ if (isset($_POST['add_comment'])) {
|
|||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$comment = $inputService->filterComment($_POST['comment']);
|
$comment = $inputService->filterComment($_POST['comment']);
|
||||||
|
|
||||||
if (empty($name)) {
|
if ($name == null) {
|
||||||
$message = new Message('danger', __('Error', 'The name is invalid'));
|
$message = new Message('danger', __('Error', 'The name is invalid.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($message == null) {
|
if ($message == null) {
|
||||||
|
@ -51,11 +51,13 @@ class InputService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function filterTitle($title) {
|
public function filterTitle($title) {
|
||||||
return filter_var($title, FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => TITLE_REGEX]]);
|
$filtered = filter_var($title, FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => TITLE_REGEX]]);
|
||||||
|
return $this->returnIfNotBlank($filtered);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function filterName($name) {
|
public function filterName($name) {
|
||||||
return filter_var($name, FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
$filtered = filter_var($name, FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
|
||||||
|
return $this->returnIfNotBlank($filtered);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function filterMail($mail) {
|
public function filterMail($mail) {
|
||||||
@ -76,7 +78,22 @@ class InputService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function filterComment($comment) {
|
public function filterComment($comment) {
|
||||||
return filter_var($comment, FILTER_SANITIZE_STRING);
|
$filtered = filter_var($comment, FILTER_SANITIZE_STRING);
|
||||||
|
return $this->returnIfNotBlank($filtered);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the value if it's not blank.
|
||||||
|
*
|
||||||
|
* @param string $filtered The value
|
||||||
|
* @return string|null
|
||||||
|
*/
|
||||||
|
private function returnIfNotBlank($filtered) {
|
||||||
|
if ($filtered && !empty(str_replace(' ', '', $filtered))) {
|
||||||
|
return $filtered;
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -119,7 +119,6 @@
|
|||||||
"Votes are editable solely by their owner.": "DE_Les votes sont modifiables uniquement par leur créateur",
|
"Votes are editable solely by their owner.": "DE_Les votes sont modifiables uniquement par leur créateur",
|
||||||
"Save the new rules": "Neue Regeln speichern",
|
"Save the new rules": "Neue Regeln speichern",
|
||||||
"Cancel the rules edit": "Neue Regeln nicht speichern",
|
"Cancel the rules edit": "Neue Regeln nicht speichern",
|
||||||
"The name is invalid.": "Der Name ist ungültig.",
|
|
||||||
"Results are hidden.": "DE_Les résultats sont cachés.",
|
"Results are hidden.": "DE_Les résultats sont cachés.",
|
||||||
"Results are visible.": "DE_Les résultats sont visibles."
|
"Results are visible.": "DE_Les résultats sont visibles."
|
||||||
},
|
},
|
||||||
@ -308,7 +307,7 @@
|
|||||||
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Cookies werden auf Ihrem Browser deaktiviert. Deren Aktivierung ist erforderlich, um eine Umfrage zu erstellen.",
|
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Cookies werden auf Ihrem Browser deaktiviert. Deren Aktivierung ist erforderlich, um eine Umfrage zu erstellen.",
|
||||||
"This poll doesn't exist !": "Diese Umfrage existiert nicht!",
|
"This poll doesn't exist !": "Diese Umfrage existiert nicht!",
|
||||||
"Enter a name": "Geben Sie einen Namen ein",
|
"Enter a name": "Geben Sie einen Namen ein",
|
||||||
"Name is incorrect": "Name ist falsch",
|
"The name is invalid.": "Der Name ist ungültig.",
|
||||||
"The name you've chosen already exist in this poll!": "Der von Ihnen eingegebenen Name existiert bereits in dieser Umfrage",
|
"The name you've chosen already exist in this poll!": "Der von Ihnen eingegebenen Name existiert bereits in dieser Umfrage",
|
||||||
"Enter a name and a comment!": "Geben Sie einen Namen und ein Kommentar ein!",
|
"Enter a name and a comment!": "Geben Sie einen Namen und ein Kommentar ein!",
|
||||||
"Failed to insert the comment!": "Einfügen des Kommentars gescheitert!",
|
"Failed to insert the comment!": "Einfügen des Kommentars gescheitert!",
|
||||||
|
@ -119,7 +119,6 @@
|
|||||||
"Votes are editable solely by their owner.": "Votes are editable solely by their owner",
|
"Votes are editable solely by their owner.": "Votes are editable solely by their owner",
|
||||||
"Save the new rules": "Save the new rules",
|
"Save the new rules": "Save the new rules",
|
||||||
"Cancel the rules edit": "Cancel the rules edit",
|
"Cancel the rules edit": "Cancel the rules edit",
|
||||||
"The name is invalid.": "The name is invalid.",
|
|
||||||
"Results are hidden.": "Results are hidden.",
|
"Results are hidden.": "Results are hidden.",
|
||||||
"Results are visible.": "Results are visible."
|
"Results are visible.": "Results are visible."
|
||||||
},
|
},
|
||||||
@ -308,7 +307,7 @@
|
|||||||
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Cookies are disabled on your browser. Theirs activation is required to create a poll.",
|
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Cookies are disabled on your browser. Theirs activation is required to create a poll.",
|
||||||
"This poll doesn't exist !": "This poll doesn't exist !",
|
"This poll doesn't exist !": "This poll doesn't exist !",
|
||||||
"Enter a name": "Enter a name",
|
"Enter a name": "Enter a name",
|
||||||
"Name is incorrect": "Name is incorrect",
|
"The name is invalid.": "The name is invalid.",
|
||||||
"The name you've chosen already exist in this poll!": "The name you've chosen already exist in this poll!",
|
"The name you've chosen already exist in this poll!": "The name you've chosen already exist in this poll!",
|
||||||
"Enter a name and a comment!": "Enter a name and a comment!",
|
"Enter a name and a comment!": "Enter a name and a comment!",
|
||||||
"Failed to insert the comment!": "Failed to insert the comment!",
|
"Failed to insert the comment!": "Failed to insert the comment!",
|
||||||
|
@ -119,7 +119,6 @@
|
|||||||
"Votes are editable solely by their owner.": "ES_Les votes sont modifiables uniquement par leur créateur",
|
"Votes are editable solely by their owner.": "ES_Les votes sont modifiables uniquement par leur créateur",
|
||||||
"Save the new rules": "ES_Enregistrer les nouvelles permissions",
|
"Save the new rules": "ES_Enregistrer les nouvelles permissions",
|
||||||
"Cancel the rules edit": "ES_Annuler le changement de permissions",
|
"Cancel the rules edit": "ES_Annuler le changement de permissions",
|
||||||
"The name is invalid.": "ES_Le nom n'est pas valide.",
|
|
||||||
"Results are hidden.": "ES_Les résultats sont cachés.",
|
"Results are hidden.": "ES_Les résultats sont cachés.",
|
||||||
"Results are visible.": "ES_Les résultats sont visibles."
|
"Results are visible.": "ES_Les résultats sont visibles."
|
||||||
},
|
},
|
||||||
@ -308,7 +307,7 @@
|
|||||||
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "ES_Les cookies sont désactivés sur votre navigateur. Leur activation est requise pour la création d'un sondage.",
|
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "ES_Les cookies sont désactivés sur votre navigateur. Leur activation est requise pour la création d'un sondage.",
|
||||||
"This poll doesn't exist !": "Este encuesta no existe!",
|
"This poll doesn't exist !": "Este encuesta no existe!",
|
||||||
"Enter a name": "Introduzca un nombre",
|
"Enter a name": "Introduzca un nombre",
|
||||||
"Name is incorrect": "ES_Le nom est pas correct",
|
"The name is invalid.": "ES_Le nom n'est pas valide.",
|
||||||
"The name you've chosen already exist in this poll!": "El nombre entrado existe ya!",
|
"The name you've chosen already exist in this poll!": "El nombre entrado existe ya!",
|
||||||
"Enter a name and a comment!": "Introduzca su nombre y un comentario!",
|
"Enter a name and a comment!": "Introduzca su nombre y un comentario!",
|
||||||
"Failed to insert the comment!": "ES_Échec à l'insertion du commentaire !",
|
"Failed to insert the comment!": "ES_Échec à l'insertion du commentaire !",
|
||||||
|
@ -119,7 +119,6 @@
|
|||||||
"Votes are editable solely by their owner.": "Les votes sont modifiables uniquement par leur créateur",
|
"Votes are editable solely by their owner.": "Les votes sont modifiables uniquement par leur créateur",
|
||||||
"Save the new rules": "Enregistrer les nouvelles permissions",
|
"Save the new rules": "Enregistrer les nouvelles permissions",
|
||||||
"Cancel the rules edit": "Annuler le changement de permissions",
|
"Cancel the rules edit": "Annuler le changement de permissions",
|
||||||
"The name is invalid.": "Le nom n'est pas valide.",
|
|
||||||
"Results are hidden.": "Les résultats sont cachés.",
|
"Results are hidden.": "Les résultats sont cachés.",
|
||||||
"Results are visible.": "Les résultats sont visibles."
|
"Results are visible.": "Les résultats sont visibles."
|
||||||
},
|
},
|
||||||
@ -308,7 +307,7 @@
|
|||||||
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Les cookies sont désactivés sur votre navigateur. Leur activation est requise pour la création d'un sondage.",
|
"Cookies are disabled on your browser. Theirs activation is required to create a poll.": "Les cookies sont désactivés sur votre navigateur. Leur activation est requise pour la création d'un sondage.",
|
||||||
"This poll doesn't exist !": "Ce sondage n'existe pas !",
|
"This poll doesn't exist !": "Ce sondage n'existe pas !",
|
||||||
"Enter a name": "Vous n'avez pas saisi de nom !",
|
"Enter a name": "Vous n'avez pas saisi de nom !",
|
||||||
"Name is incorrect": "Le nom est pas correct",
|
"The name is invalid.": "Le nom n'est pas valide.",
|
||||||
"The name you've chosen already exist in this poll!": "Le nom que vous avez choisi existe déjà !",
|
"The name you've chosen already exist in this poll!": "Le nom que vous avez choisi existe déjà !",
|
||||||
"Enter a name and a comment!": "Merci de remplir les deux champs !",
|
"Enter a name and a comment!": "Merci de remplir les deux champs !",
|
||||||
"Failed to insert the comment!": "Échec à l'insertion du commentaire !",
|
"Failed to insert the comment!": "Échec à l'insertion du commentaire !",
|
||||||
|
@ -149,8 +149,8 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
if (empty($name)) {
|
if ($name == null) {
|
||||||
$message = new Message('danger', __('Error', 'Name is incorrect'));
|
$message = new Message('danger', __('Error', 'The name is invalid.'));
|
||||||
}
|
}
|
||||||
if (count($choices) != count($_POST['choices'])) {
|
if (count($choices) != count($_POST['choices'])) {
|
||||||
$message = new Message('danger', __('There is a problem with your choices'));
|
$message = new Message('danger', __('There is a problem with your choices'));
|
||||||
@ -181,8 +181,8 @@ if (isset($_POST['add_comment'])) {
|
|||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$comment = $inputService->filterComment($_POST['comment']);
|
$comment = $inputService->filterComment($_POST['comment']);
|
||||||
|
|
||||||
if (empty($name)) {
|
if ($name == null) {
|
||||||
$message = new Message('danger', __('Error', 'Name is incorrect'));
|
$message = new Message('danger', __('Error', 'The name is invalid.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($message == null) {
|
if ($message == null) {
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
<div class="alert alert-dismissible alert-{$message->type|html}" role="alert">{$message->message|html}{if $message->link != null}<br/><a href="{$message->link}">{$message->link}</a>{/if}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button></div>
|
<div class="alert alert-dismissible alert-{$message->type|html}" role="alert">{$message->message|html}{if $message->link != null}<br/><a href="{$message->link}">{$message->link}</a>{/if}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button></div>
|
||||||
{/if}
|
{/if}
|
||||||
</div>
|
</div>
|
||||||
<div id="nameErrorMessage" class="hidden alert alert-dismissible alert-danger" role="alert">{__('PollInfo', 'The name is invalid.')}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button></div>
|
<div id="nameErrorMessage" class="hidden alert alert-dismissible alert-danger" role="alert">{__('Error', 'The name is invalid.')}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button></div>
|
||||||
|
|
||||||
|
|
||||||
{* Global informations about the current poll *}
|
{* Global informations about the current poll *}
|
||||||
|
Loading…
Reference in New Issue
Block a user