Added unique id to vote.

admin/migration.php

@@ -20,6 +20,7 @@
 use Framadate\Migration\From_0_0_to_0_8_Migration;
 use Framadate\Migration\From_0_8_to_0_9_Migration;
 use Framadate\Migration\AddColumn_receiveNewComments_For_0_9;
+use Framadate\Migration\AddColumn_uniqId_In_vote_For_0_9;
 use Framadate\Migration\Migration;
 use Framadate\Utils;
 
@@ -31,7 +32,8 @@ set_time_limit(300);
 $migrations = [
     new From_0_0_to_0_8_Migration(),
     new From_0_8_to_0_9_Migration(),
-    new AddColumn_receiveNewComments_For_0_9()
+    new AddColumn_receiveNewComments_For_0_9(),
+    new AddColumn_uniqId_In_vote_For_0_9()
 ];
 // ---------------------------------------
 

app/classes/Framadate/FramaDB.php

@@ -122,15 +122,16 @@ class FramaDB {
         return $prepared->execute([$insert_position, $insert_position + 1, $poll_id]);
     }
 
-    function insertVote($poll_id, $name, $choices) {
+    function insertVote($poll_id, $name, $choices, $token) {
-        $prepared = $this->prepare('INSERT INTO `' . Utils::table('vote') . '` (poll_id, name, choices) VALUES (?,?,?)');
+        $prepared = $this->prepare('INSERT INTO `' . Utils::table('vote') . '` (poll_id, name, choices, uniqId) VALUES (?,?,?,?)');
-        $prepared->execute([$poll_id, $name, $choices]);
+        $prepared->execute([$poll_id, $name, $choices, $token]);
 
         $newVote = new \stdClass();
         $newVote->poll_id = $poll_id;
         $newVote->id = $this->pdo->lastInsertId();
         $newVote->name = $name;
         $newVote->choices = $choices;
+        $newVote->token = $token;
 
         return $newVote;
     }

app/classes/Framadate/Migration/AddColumn_uniqId_In_vote_For_0_9.php

@@ -0,0 +1,79 @@
+<?php
+/**
+ * This software is governed by the CeCILL-B license. If a copy of this license
+ * is not distributed with this file, you can obtain one at
+ * http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
+ *
+ * Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
+ * Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
+ *
+ * =============================
+ *
+ * Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
+ * ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
+ * http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
+ *
+ * Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
+ * Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
+ */
+namespace Framadate\Migration;
+
+use Framadate\Utils;
+
+/**
+ * This migration adds the field uniqId on the vote table.
+ *
+ * @package Framadate\Migration
+ * @version 0.9
+ */
+class AddColumn_uniqId_In_vote_For_0_9 implements Migration {
+
+    function __construct() {
+    }
+
+    /**
+     * This method should describe in english what is the purpose of the migration class.
+     *
+     * @return string The description of the migration class
+     */
+    function description() {
+        return "Add column \"uniqId\" in table \"vote\" for version 0.9";
+    }
+
+    /**
+     * This method could check if the execute method should be called.
+     * It is called before the execute method.
+     *
+     * @param \PDO $pdo The connection to database
+     * @return bool true is the Migration should be executed.
+     */
+    function preCondition(\PDO $pdo) {
+        $stmt = $pdo->query('SHOW TABLES');
+        $tables = $stmt->fetchAll(\PDO::FETCH_COLUMN);
+
+        // Check if tables of v0.9 are presents
+        $diff = array_diff([Utils::table('poll'), Utils::table('slot'), Utils::table('vote'), Utils::table('comment')], $tables);
+        return count($diff) === 0;
+    }
+
+    /**
+     * This methode is called only one time in the migration page.
+     *
+     * @param \PDO $pdo The connection to database
+     * @return bool true is the execution succeeded
+     */
+    function execute(\PDO $pdo) {
+        $this->alterPollTable($pdo);
+
+        return true;
+    }
+
+    private function alterPollTable(\PDO $pdo) {
+        $pdo->exec('
+        ALTER TABLE `' . Utils::table('vote') . '`
+        ADD `uniqId` CHAR(16) NOT NULL
+        AFTER `id`,
+        ADD INDEX (`uniqId`) ;');
+    }
+
+}

app/classes/Framadate/Services/PollService.php

@@ -21,6 +21,7 @@ namespace Framadate\Services;
 use Framadate\Form;
 use Framadate\FramaDB;
 use Framadate\Utils;
+use Framadate\Security\Token;
 
 class PollService {
 
@@ -66,8 +67,8 @@ class PollService {
 
     function addVote($poll_id, $name, $choices) {
         $choices = implode($choices);
-
+        $token = $this->random(16);
-        return $this->connect->insertVote($poll_id, $name, $choices);
+        return $this->connect->insertVote($poll_id, $name, $choices, $token);
     }
 
     function addComment($poll_id, $name, $comment) {
@@ -176,15 +177,8 @@ class PollService {
         return [$poll_id, $admin_poll_id];
     }
 
-    private function random($car) {
+    private function random($length) {
-        // TODO Better random ?
+        return Token::getToken($length);
-        $string = '';
-        $chaine = 'abcdefghijklmnopqrstuvwxyz123456789';
-        mt_srand();
-        for ($i = 0; $i < $car; $i++) {
-            $string .= $chaine[mt_rand() % strlen($chaine)];
     }
 
-        return $string;
-    }
 }

app/inc/constants.php

@@ -21,7 +21,7 @@
 const VERSION = '0.9';
 
 // Regex
-const POLL_REGEX = '/^[a-z0-9]+$/';
+const POLL_REGEX = '/^[a-zA-Z0-9]+$/';
 const CHOICE_REGEX = '/^[012]$/';
 const NAME_REGEX = '/^[áàâäãåçéèêëíìîïñóòôöõúùûüýÿæœa-z0-9_ -]+$/i';
 const BOOLEAN_REGEX = '/^(on|off|true|false|1|0)$/';