Applying the password restriction in studs.
This commit is contained in:
parent
bb37d16dff
commit
c6d6ad2393
@ -21,6 +21,7 @@ use Framadate\Services\PollService;
|
|||||||
use Framadate\Services\InputService;
|
use Framadate\Services\InputService;
|
||||||
use Framadate\Services\MailService;
|
use Framadate\Services\MailService;
|
||||||
use Framadate\Services\NotificationService;
|
use Framadate\Services\NotificationService;
|
||||||
|
use Framadate\Services\SecurityService;
|
||||||
use Framadate\Message;
|
use Framadate\Message;
|
||||||
use Framadate\Utils;
|
use Framadate\Utils;
|
||||||
use Framadate\Editable;
|
use Framadate\Editable;
|
||||||
@ -34,6 +35,7 @@ $poll_id = null;
|
|||||||
$poll = null;
|
$poll = null;
|
||||||
$message = null;
|
$message = null;
|
||||||
$result = false;
|
$result = false;
|
||||||
|
$comments = array();
|
||||||
|
|
||||||
/* Services */
|
/* Services */
|
||||||
/*----------*/
|
/*----------*/
|
||||||
@ -43,7 +45,7 @@ $pollService = new PollService($connect, $logService);
|
|||||||
$inputService = new InputService();
|
$inputService = new InputService();
|
||||||
$mailService = new MailService($config['use_smtp']);
|
$mailService = new MailService($config['use_smtp']);
|
||||||
$notificationService = new NotificationService($mailService);
|
$notificationService = new NotificationService($mailService);
|
||||||
|
$securityService = new SecurityService();
|
||||||
|
|
||||||
/* PAGE */
|
/* PAGE */
|
||||||
/* ---- */
|
/* ---- */
|
||||||
@ -57,7 +59,9 @@ if (!empty($_POST['poll'])) {
|
|||||||
|
|
||||||
if (!$poll) {
|
if (!$poll) {
|
||||||
$message = new Message('error', __('Error', 'This poll doesn\'t exist !'));
|
$message = new Message('error', __('Error', 'This poll doesn\'t exist !'));
|
||||||
} else {
|
} else if ($poll && !$securityService->canAccessPoll($poll)) {
|
||||||
|
$message = new Message('error', __('Password', 'Wrong password'));
|
||||||
|
} else if ($poll) {
|
||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$comment = $inputService->filterComment($_POST['comment']);
|
$comment = $inputService->filterComment($_POST['comment']);
|
||||||
|
|
||||||
@ -75,10 +79,9 @@ if (!$poll) {
|
|||||||
$message = new Message('danger', __('Error', 'Comment failed'));
|
$message = new Message('danger', __('Error', 'Comment failed'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$comments = $pollService->allCommentsByPollId($poll_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
$comments = $pollService->allCommentsByPollId($poll_id);
|
|
||||||
|
|
||||||
$smarty->error_reporting = E_ALL & ~E_NOTICE;
|
$smarty->error_reporting = E_ALL & ~E_NOTICE;
|
||||||
$smarty->assign('comments', $comments);
|
$smarty->assign('comments', $comments);
|
||||||
$comments_html = $smarty->fetch('part/comments_list.tpl');
|
$comments_html = $smarty->fetch('part/comments_list.tpl');
|
||||||
|
@ -371,5 +371,7 @@ $smarty->assign('editingVoteId', $editingVoteId);
|
|||||||
$smarty->assign('message', $message);
|
$smarty->assign('message', $message);
|
||||||
$smarty->assign('admin', true);
|
$smarty->assign('admin', true);
|
||||||
$smarty->assign('hidden', false);
|
$smarty->assign('hidden', false);
|
||||||
|
$smarty->assign('accessGranted', true);
|
||||||
|
$smarty->assign('resultPubliclyVisible', true);
|
||||||
|
|
||||||
$smarty->display('studs.tpl');
|
$smarty->display('studs.tpl');
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
namespace Framadate\Services;
|
namespace Framadate\Services;
|
||||||
|
|
||||||
use Framadate\Security\Token;
|
use Framadate\Security\Token;
|
||||||
|
use Framadate\Security\PasswordHasher;
|
||||||
|
|
||||||
class SecurityService {
|
class SecurityService {
|
||||||
|
|
||||||
@ -48,5 +49,46 @@ class SecurityService {
|
|||||||
return $checked;
|
return $checked;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Verify if the current session allows to access given poll.
|
||||||
|
*
|
||||||
|
* @param $poll \stdClass The poll which we seek access
|
||||||
|
* @return bool true if the current session can access this poll
|
||||||
|
*/
|
||||||
|
public function canAccessPoll($poll) {
|
||||||
|
if (is_null($poll->password_hash)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->ensureSessionPollSecurityIsCreated();
|
||||||
|
|
||||||
|
$currentPassword = isset($_SESSION['poll_security'][$poll->id]) ? $_SESSION['poll_security'][$poll->id] : null;
|
||||||
|
if (!empty($currentPassword) && PasswordHasher::verify($currentPassword, $poll->password_hash)) {
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
unset($_SESSION['poll_security'][$poll->id]);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Submit to the session a poll password
|
||||||
|
*
|
||||||
|
* @param $poll \stdClass The poll which we seek access
|
||||||
|
* @param $password string the password to compare
|
||||||
|
*/
|
||||||
|
public function submitPollAccess($poll, $password) {
|
||||||
|
if (!empty($password)) {
|
||||||
|
$this->ensureSessionPollSecurityIsCreated();
|
||||||
|
$_SESSION['poll_security'][$poll->id] = $password;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private function ensureSessionPollSecurityIsCreated() {
|
||||||
|
if (!isset($_SESSION['poll_security'])) {
|
||||||
|
$_SESSION['poll_security'] = array();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -489,3 +489,9 @@ table.results > tbody > tr:hover > td .glyphicon {
|
|||||||
#poll_search {
|
#poll_search {
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Studs */
|
||||||
|
.password_request {
|
||||||
|
padding-top: 15px;
|
||||||
|
padding-bottom: 15px;
|
||||||
|
}
|
@ -156,6 +156,13 @@
|
|||||||
"anonyme": "anonym",
|
"anonyme": "anonym",
|
||||||
"Comment added": "Kommentar hinzugefügt"
|
"Comment added": "Kommentar hinzugefügt"
|
||||||
},
|
},
|
||||||
|
"Password": {
|
||||||
|
"Password": "DE_Mot de passe",
|
||||||
|
"Wrong password": "DE_Mot de passe incorrect.",
|
||||||
|
"Submit access": "DE_Accèder",
|
||||||
|
"You have to provide a password to access the poll.": "DE_Vous devez donner le mot de passe pour avoir accès à ce sondage.",
|
||||||
|
"You have to provide a password so you can participate to the poll.": "DE_Vous devez donner le mot de passe pour pouvoir participer à ce sondage."
|
||||||
|
},
|
||||||
"studs": {
|
"studs": {
|
||||||
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Wenn Sie an dieser Umfrage teilnehmen möchten, müssen Sie ihren Namen angeben, die Auswahl treffen, die Ihnen am ehesten zusagt und mit dem Plus-Button am Ende der Zeile bestätigen.",
|
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Wenn Sie an dieser Umfrage teilnehmen möchten, müssen Sie ihren Namen angeben, die Auswahl treffen, die Ihnen am ehesten zusagt und mit dem Plus-Button am Ende der Zeile bestätigen.",
|
||||||
"POLL_LOCKED_WARNING": "Die Abstimmung wurde vom Administrator gesperrt. Bewertungen und Kommentare werden eingefroren; es ist nicht mehr möglich, teilzunehmen",
|
"POLL_LOCKED_WARNING": "Die Abstimmung wurde vom Administrator gesperrt. Bewertungen und Kommentare werden eingefroren; es ist nicht mehr möglich, teilzunehmen",
|
||||||
|
@ -156,6 +156,13 @@
|
|||||||
"anonyme": "anonyme",
|
"anonyme": "anonyme",
|
||||||
"Comment added": "Comment saved"
|
"Comment added": "Comment saved"
|
||||||
},
|
},
|
||||||
|
"Password": {
|
||||||
|
"Password": "Password",
|
||||||
|
"Wrong password": "Wrong password",
|
||||||
|
"Submit access": "Submit access",
|
||||||
|
"You have to provide a password to access the poll.": "You have to provide a password to access the poll.",
|
||||||
|
"You have to provide a password so you can participate to the poll.": "You have to provide a password so you can participate to the poll."
|
||||||
|
},
|
||||||
"studs": {
|
"studs": {
|
||||||
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "If you want to vote in this poll, you have to give your name, make your choice, and submit it with the plus button at the end of the line.",
|
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "If you want to vote in this poll, you have to give your name, make your choice, and submit it with the plus button at the end of the line.",
|
||||||
"POLL_LOCKED_WARNING": "The administrator locked this poll. Votes and comments are frozen, it is no longer possible to participate",
|
"POLL_LOCKED_WARNING": "The administrator locked this poll. Votes and comments are frozen, it is no longer possible to participate",
|
||||||
|
@ -156,6 +156,13 @@
|
|||||||
"anonyme": "ES_anonyme",
|
"anonyme": "ES_anonyme",
|
||||||
"Comment added": "ES_Commentaire ajouté"
|
"Comment added": "ES_Commentaire ajouté"
|
||||||
},
|
},
|
||||||
|
"Password": {
|
||||||
|
"Password": "ES_Mot de passe",
|
||||||
|
"Wrong password": "ES_Mot de passe incorrect.",
|
||||||
|
"Submit access": "ES_Accèder",
|
||||||
|
"You have to provide a password to access the poll.": "ES_Vous devez donner le mot de passe pour avoir accès à ce sondage.",
|
||||||
|
"You have to provide a password so you can participate to the poll.": "ES_Vous devez donner le mot de passe pour pouvoir participer à ce sondage."
|
||||||
|
},
|
||||||
"studs": {
|
"studs": {
|
||||||
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Para participar a esta encuesta, introduzca su nombre, elige todas las valores que son apriopriadas y validar su seleccion con el botón verde a la fin de línea.",
|
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Para participar a esta encuesta, introduzca su nombre, elige todas las valores que son apriopriadas y validar su seleccion con el botón verde a la fin de línea.",
|
||||||
"POLL_LOCKED_WARNING": "ES_L'administrateur a verrouillé ce sondage. Les votes et commentaires sont gelés, il n'est plus possible de participer",
|
"POLL_LOCKED_WARNING": "ES_L'administrateur a verrouillé ce sondage. Les votes et commentaires sont gelés, il n'est plus possible de participer",
|
||||||
|
@ -156,6 +156,13 @@
|
|||||||
"anonyme": "anonyme",
|
"anonyme": "anonyme",
|
||||||
"Comment added": "Commentaire ajouté"
|
"Comment added": "Commentaire ajouté"
|
||||||
},
|
},
|
||||||
|
"Password": {
|
||||||
|
"Password": "Mot de passe",
|
||||||
|
"Wrong password": "Mot de passe incorrect.",
|
||||||
|
"Submit access": "Accèder",
|
||||||
|
"You have to provide a password to access the poll.": "Vous devez donner le mot de passe pour avoir accès à ce sondage.",
|
||||||
|
"You have to provide a password so you can participate to the poll.": "Vous devez donner le mot de passe pour pouvoir participer à ce sondage."
|
||||||
|
},
|
||||||
"studs": {
|
"studs": {
|
||||||
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Pour participer à ce sondage, veuillez entrer votre nom, choisir toutes les valeurs qui vous conviennent et valider votre choix avec le bouton en bout de ligne.",
|
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Pour participer à ce sondage, veuillez entrer votre nom, choisir toutes les valeurs qui vous conviennent et valider votre choix avec le bouton en bout de ligne.",
|
||||||
"POLL_LOCKED_WARNING": "L'administrateur a verrouillé ce sondage. Les votes et commentaires sont gelés, il n'est plus possible de participer",
|
"POLL_LOCKED_WARNING": "L'administrateur a verrouillé ce sondage. Les votes et commentaires sont gelés, il n'est plus possible de participer",
|
||||||
|
@ -156,6 +156,13 @@
|
|||||||
"anonyme": "anonimo",
|
"anonyme": "anonimo",
|
||||||
"Comment added": "Commento aggiunto"
|
"Comment added": "Commento aggiunto"
|
||||||
},
|
},
|
||||||
|
"Password": {
|
||||||
|
"Password": "IT_Mot de passe",
|
||||||
|
"Wrong password": "IT_Mot de passe incorrect.",
|
||||||
|
"Submit access": "IT_Accèder",
|
||||||
|
"You have to provide a password to access the poll.": "IT_Vous devez donner le mot de passe pour avoir accès à ce sondage.",
|
||||||
|
"You have to provide a password so you can participate to the poll.": "IT_Vous devez donner le mot de passe pour pouvoir participer à ce sondage."
|
||||||
|
},
|
||||||
"studs": {
|
"studs": {
|
||||||
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Per partecipare a questo sondaggio, è necessario inserire vostro nome, scegliere tutti i parametri che preferite e confermare la vostra scelta con il pulsante alla fine della riga.",
|
"If you want to vote in this poll, you have to give your name, choose the values that fit best for you and validate with the plus button at the end of the line.": "Per partecipare a questo sondaggio, è necessario inserire vostro nome, scegliere tutti i parametri che preferite e confermare la vostra scelta con il pulsante alla fine della riga.",
|
||||||
"POLL_LOCKED_WARNING": "L'amministratore ha bloccato questa indagine. Voti e commenti sono congelati, non è più possibile partecipare",
|
"POLL_LOCKED_WARNING": "L'amministratore ha bloccato questa indagine. Voti e commenti sono congelati, non è più possibile partecipare",
|
||||||
|
69
studs.php
69
studs.php
@ -21,6 +21,7 @@ use Framadate\Services\PollService;
|
|||||||
use Framadate\Services\InputService;
|
use Framadate\Services\InputService;
|
||||||
use Framadate\Services\MailService;
|
use Framadate\Services\MailService;
|
||||||
use Framadate\Services\NotificationService;
|
use Framadate\Services\NotificationService;
|
||||||
|
use Framadate\Services\SecurityService;
|
||||||
use Framadate\Message;
|
use Framadate\Message;
|
||||||
use Framadate\Utils;
|
use Framadate\Utils;
|
||||||
use Framadate\Editable;
|
use Framadate\Editable;
|
||||||
@ -34,6 +35,11 @@ $poll_id = null;
|
|||||||
$poll = null;
|
$poll = null;
|
||||||
$message = null;
|
$message = null;
|
||||||
$editingVoteId = 0;
|
$editingVoteId = 0;
|
||||||
|
$accessGranted = true;
|
||||||
|
$resultPubliclyVisible = true;
|
||||||
|
$slots = array();
|
||||||
|
$votes = array();
|
||||||
|
$comments = array();
|
||||||
|
|
||||||
/* Services */
|
/* Services */
|
||||||
/*----------*/
|
/*----------*/
|
||||||
@ -43,6 +49,7 @@ $pollService = new PollService($connect, $logService);
|
|||||||
$inputService = new InputService();
|
$inputService = new InputService();
|
||||||
$mailService = new MailService($config['use_smtp']);
|
$mailService = new MailService($config['use_smtp']);
|
||||||
$notificationService = new NotificationService($mailService);
|
$notificationService = new NotificationService($mailService);
|
||||||
|
$securityService = new SecurityService();
|
||||||
|
|
||||||
|
|
||||||
/* PAGE */
|
/* PAGE */
|
||||||
@ -62,18 +69,52 @@ if (!$poll) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
// A vote is going to be edited
|
// Password verification
|
||||||
// -------------------------------
|
// -------------------------------
|
||||||
|
|
||||||
if (!empty($_GET['vote'])) {
|
// TEMP, for testing purpose
|
||||||
$editingVoteId = filter_input(INPUT_GET, 'vote', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
if (isset($_GET['reset']) && $_GET['reset']) {
|
||||||
|
unset($_SESSION['poll_security']);
|
||||||
}
|
}
|
||||||
|
|
||||||
// -------------------------------
|
if (!is_null($poll->password_hash)) {
|
||||||
// Something to save (edit or add)
|
|
||||||
// -------------------------------
|
|
||||||
|
|
||||||
if (!empty($_POST['save'])) { // Save edition of an old vote
|
// If we came from password submission
|
||||||
|
$password = isset($_POST['password']) ? $_POST['password'] : null;
|
||||||
|
if (!empty($password)) {
|
||||||
|
$securityService->submitPollAccess($poll, $password);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$securityService->canAccessPoll($poll)) {
|
||||||
|
$accessGranted = false;
|
||||||
|
}
|
||||||
|
$resultPubliclyVisible = $poll->results_publicly_visible;
|
||||||
|
|
||||||
|
if (!$accessGranted && !empty($password)) {
|
||||||
|
$message = new Message('danger', __('Password', 'Wrong password'));
|
||||||
|
} else if (!$accessGranted && !$resultPubliclyVisible) {
|
||||||
|
$message = new Message('danger', __('Password', 'You have to provide a password to access the poll.'));
|
||||||
|
} else if (!$accessGranted && $resultPubliclyVisible) {
|
||||||
|
$message = new Message('danger', __('Password', 'You have to provide a password so you can participate to the poll.'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// We allow actions only if access is granted
|
||||||
|
if ($accessGranted) {
|
||||||
|
|
||||||
|
// -------------------------------
|
||||||
|
// A vote is going to be edited
|
||||||
|
// -------------------------------
|
||||||
|
|
||||||
|
if (!empty($_GET['vote'])) {
|
||||||
|
$editingVoteId = filter_input(INPUT_GET, 'vote', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// -------------------------------
|
||||||
|
// Something to save (edit or add)
|
||||||
|
// -------------------------------
|
||||||
|
|
||||||
|
if (!empty($_POST['save'])) { // Save edition of an old vote
|
||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
$editedVote = filter_input(INPUT_POST, 'save', FILTER_VALIDATE_INT);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
@ -101,7 +142,7 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
$message = new Message('danger', __('Error', 'Update vote failed'));
|
$message = new Message('danger', __('Error', 'Update vote failed'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} elseif (isset($_POST['save'])) { // Add a new vote
|
} elseif (isset($_POST['save'])) { // Add a new vote
|
||||||
$name = $inputService->filterName($_POST['name']);
|
$name = $inputService->filterName($_POST['name']);
|
||||||
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
$choices = $inputService->filterArray($_POST['choices'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => CHOICE_REGEX]]);
|
||||||
|
|
||||||
@ -127,13 +168,15 @@ if (!empty($_POST['save'])) { // Save edition of an old vote
|
|||||||
$message = new Message('danger', __('Error', 'Adding vote failed'));
|
$message = new Message('danger', __('Error', 'Adding vote failed'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Retrieve data
|
// Retrieve data
|
||||||
$slots = $pollService->allSlotsByPoll($poll);
|
if ($resultPubliclyVisible) {
|
||||||
$votes = $pollService->allVotesByPollId($poll_id);
|
$slots = $pollService->allSlotsByPoll($poll);
|
||||||
$comments = $pollService->allCommentsByPollId($poll_id);
|
$votes = $pollService->allVotesByPollId($poll_id);
|
||||||
|
$comments = $pollService->allCommentsByPollId($poll_id);
|
||||||
|
}
|
||||||
|
|
||||||
// Assign data to template
|
// Assign data to template
|
||||||
$smarty->assign('poll_id', $poll_id);
|
$smarty->assign('poll_id', $poll_id);
|
||||||
@ -149,5 +192,7 @@ $smarty->assign('editingVoteId', $editingVoteId);
|
|||||||
$smarty->assign('message', $message);
|
$smarty->assign('message', $message);
|
||||||
$smarty->assign('admin', false);
|
$smarty->assign('admin', false);
|
||||||
$smarty->assign('hidden', $poll->hidden);
|
$smarty->assign('hidden', $poll->hidden);
|
||||||
|
$smarty->assign('accessGranted', $accessGranted);
|
||||||
|
$smarty->assign('resultPubliclyVisible', $resultPubliclyVisible);
|
||||||
|
|
||||||
$smarty->display('studs.tpl');
|
$smarty->display('studs.tpl');
|
||||||
|
@ -3,12 +3,11 @@
|
|||||||
{* Comment list *}
|
{* Comment list *}
|
||||||
{include 'part/comments_list.tpl'}
|
{include 'part/comments_list.tpl'}
|
||||||
|
|
||||||
<form action="action/add_comment.php" method="POST" id="comment_form">
|
{* Add comment form *}
|
||||||
|
{if $active && !$expired && $accessGranted}
|
||||||
|
<form action="action/add_comment.php" method="POST" id="comment_form">
|
||||||
|
|
||||||
<input type="hidden" name="poll" value="{$poll_id}"/>
|
<input type="hidden" name="poll" value="{$poll_id}"/>
|
||||||
|
|
||||||
{* Add comment form *}
|
|
||||||
{if $active && !$expired}
|
|
||||||
<div class="hidden-print jumbotron">
|
<div class="hidden-print jumbotron">
|
||||||
<div class="col-md-6 col-md-offset-3">
|
<div class="col-md-6 col-md-offset-3">
|
||||||
<fieldset id="add-comment"><legend>{__('Comments', 'Add a comment to the poll')}</legend>
|
<fieldset id="add-comment"><legend>{__('Comments', 'Add a comment to the poll')}</legend>
|
||||||
@ -21,11 +20,11 @@
|
|||||||
<textarea name="comment" id="comment" class="form-control" rows="2" cols="40"></textarea>
|
<textarea name="comment" id="comment" class="form-control" rows="2" cols="40"></textarea>
|
||||||
</div>
|
</div>
|
||||||
<div class="pull-right">
|
<div class="pull-right">
|
||||||
<input type="submit" name="add_comment" value="{__('Comments', 'Send the comment')}" class="btn btn-success">
|
<input type="submit" id="add_comment" name="add_comment" value="{__('Comments', 'Send the comment')}" class="btn btn-success">
|
||||||
</div>
|
</div>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
</div>
|
</div>
|
||||||
<div class="clearfix"></div>
|
<div class="clearfix"></div>
|
||||||
</div>
|
</div>
|
||||||
{/if}
|
</form>
|
||||||
</form>
|
{/if}
|
18
tpl/part/password_request.tpl
Normal file
18
tpl/part/password_request.tpl
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{if !$expired && ($active || $resultPubliclyVisible)}
|
||||||
|
<hr role="presentation" id="password_request" class="hidden-print"/>
|
||||||
|
|
||||||
|
<div class="panel panel-danger password_request alert-danger">
|
||||||
|
<div class="col-md-6 col-md-offset-3">
|
||||||
|
<form action="" method="POST" class="form-inline">
|
||||||
|
<input type="hidden" name="poll" value="{$poll_id}"/>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="password" class="control-label">{__('Password', 'Password')}</label>
|
||||||
|
<input type="password" name="password" id="password" class="form-control" />
|
||||||
|
<input type="submit" value="{__('Password', 'Submit access')}" class="btn btn-success">
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<div class="clearfix"></div>
|
||||||
|
</div>
|
||||||
|
{/if}
|
||||||
|
|
@ -97,7 +97,7 @@
|
|||||||
|
|
||||||
{/foreach}
|
{/foreach}
|
||||||
|
|
||||||
{if $active && !$expired && ($poll->editable == constant('Framadate\Editable::EDITABLE_BY_ALL') or $admin)}
|
{if $active && !$expired && ($poll->editable == constant('Framadate\Editable::EDITABLE_BY_ALL') or $admin) && $accessGranted}
|
||||||
<td class="hidden-print">
|
<td class="hidden-print">
|
||||||
<a href="{if $admin}{poll_url id=$poll->admin_id vote_id=$vote->uniqId admin=true}{else}{poll_url id=$poll->id vote_id=$vote->uniqId}{/if}" class="btn btn-default btn-sm" title="{__('Poll results', 'Edit the line:')|html} {$vote->name|html}">
|
<a href="{if $admin}{poll_url id=$poll->admin_id vote_id=$vote->uniqId admin=true}{else}{poll_url id=$poll->id vote_id=$vote->uniqId}{/if}" class="btn btn-default btn-sm" title="{__('Poll results', 'Edit the line:')|html} {$vote->name|html}">
|
||||||
<i class="glyphicon glyphicon-pencil"></i><span class="sr-only">{__('Generic', 'Edit')}</span>
|
<i class="glyphicon glyphicon-pencil"></i><span class="sr-only">{__('Generic', 'Edit')}</span>
|
||||||
@ -119,7 +119,7 @@
|
|||||||
|
|
||||||
{* Line to add a new vote *}
|
{* Line to add a new vote *}
|
||||||
|
|
||||||
{if $active && $editingVoteId === 0 && !$expired}
|
{if $active && $editingVoteId === 0 && !$expired && $accessGranted}
|
||||||
<tr id="vote-form" class="hidden-print">
|
<tr id="vote-form" class="hidden-print">
|
||||||
<td class="bg-info" style="padding:5px">
|
<td class="bg-info" style="padding:5px">
|
||||||
<div class="input-group input-group-sm">
|
<div class="input-group input-group-sm">
|
||||||
|
@ -148,7 +148,7 @@
|
|||||||
|
|
||||||
{/foreach}
|
{/foreach}
|
||||||
|
|
||||||
{if $active && !$expired && ($poll->editable == constant('Framadate\Editable::EDITABLE_BY_ALL') or $admin)}
|
{if $active && !$expired && ($poll->editable == constant('Framadate\Editable::EDITABLE_BY_ALL') or $admin) && $accessGranted}
|
||||||
<td class="hidden-print">
|
<td class="hidden-print">
|
||||||
<a href="{if $admin}{poll_url id=$poll->admin_id vote_id=$vote->uniqId admin=true}{else}{poll_url id=$poll->id vote_id=$vote->uniqId}{/if}" class="btn btn-default btn-sm" title="{__('Poll results', 'Edit the line:')|escape} {$vote->name|html}">
|
<a href="{if $admin}{poll_url id=$poll->admin_id vote_id=$vote->uniqId admin=true}{else}{poll_url id=$poll->id vote_id=$vote->uniqId}{/if}" class="btn btn-default btn-sm" title="{__('Poll results', 'Edit the line:')|escape} {$vote->name|html}">
|
||||||
<i class="glyphicon glyphicon-pencil"></i><span class="sr-only">{__('Generic', 'Edit')}</span>
|
<i class="glyphicon glyphicon-pencil"></i><span class="sr-only">{__('Generic', 'Edit')}</span>
|
||||||
@ -170,7 +170,7 @@
|
|||||||
|
|
||||||
{* Line to add a new vote *}
|
{* Line to add a new vote *}
|
||||||
|
|
||||||
{if $active && $editingVoteId === 0 && !$expired}
|
{if $active && $editingVoteId === 0 && !$expired && $accessGranted}
|
||||||
<tr id="vote-form" class="hidden-print">
|
<tr id="vote-form" class="hidden-print">
|
||||||
<td class="bg-info" style="padding:5px">
|
<td class="bg-info" style="padding:5px">
|
||||||
<div class="input-group input-group-sm">
|
<div class="input-group input-group-sm">
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
{block name=main}
|
{block name=main}
|
||||||
|
|
||||||
|
|
||||||
|
{* Messages *}
|
||||||
<div id="message-container">
|
<div id="message-container">
|
||||||
{if !empty($message)}
|
{if !empty($message)}
|
||||||
<div class="alert alert-dismissible alert-{$message->type|html} hidden-print" role="alert">{$message->message|html}{if $message->link != null}<br/><a href="{$message->link}">{$message->link}</a>{/if}<button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
<div class="alert alert-dismissible alert-{$message->type|html} hidden-print" role="alert">{$message->message|html}{if $message->link != null}<br/><a href="{$message->link}">{$message->link}</a>{/if}<button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
||||||
@ -20,28 +21,31 @@
|
|||||||
<div id="nameErrorMessage" class="hidden alert alert-dismissible alert-danger hidden-print" role="alert">{__('Error', 'The name is invalid.')}<button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
<div id="nameErrorMessage" class="hidden alert alert-dismissible alert-danger hidden-print" role="alert">{__('Error', 'The name is invalid.')}<button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
||||||
<div id="genericErrorTemplate" class="hidden alert alert-dismissible alert-danger hidden-print" role="alert"><span class="contents"></span><button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
<div id="genericErrorTemplate" class="hidden alert alert-dismissible alert-danger hidden-print" role="alert"><span class="contents"></span><button type="button" class="close" data-dismiss="alert" aria-label="{__('Generic', 'CLose')}"><span aria-hidden="true">×</span></button></div>
|
||||||
|
|
||||||
|
{if !$accessGranted && !$resultPubliclyVisible}
|
||||||
|
|
||||||
|
{include 'part/password_request.tpl' active=$poll->active}
|
||||||
|
|
||||||
|
{else}
|
||||||
|
|
||||||
{* Global informations about the current poll *}
|
{* Global informations about the current poll *}
|
||||||
|
{include 'part/poll_info.tpl' admin=$admin}
|
||||||
|
|
||||||
{include 'part/poll_info.tpl' admin=$admin}
|
{* Information about voting *}
|
||||||
|
{if $expired}
|
||||||
{* Information about voting *}
|
|
||||||
{if $expired}
|
|
||||||
<div class="alert alert-danger">
|
<div class="alert alert-danger">
|
||||||
<p>{__('studs', 'The poll is expired, it will be deleted soon.')}</p>
|
<p>{__('studs', 'The poll is expired, it will be deleted soon.')}</p>
|
||||||
<p>{__('studs', 'Deletion date:')} {$deletion_date|date_format:$date_format['txt_short']|html}</p>
|
<p>{__('studs', 'Deletion date:')} {$deletion_date|date_format:$date_format['txt_short']|html}</p>
|
||||||
</div>
|
</div>
|
||||||
{else}
|
{else}
|
||||||
{if $admin}
|
{if $admin}
|
||||||
{include 'part/poll_hint_admin.tpl'}
|
{include 'part/poll_hint_admin.tpl'}
|
||||||
{else}
|
{else}
|
||||||
{include 'part/poll_hint.tpl' active=$poll->active}
|
{include 'part/poll_hint.tpl' active=$poll->active}
|
||||||
{/if}
|
{/if}
|
||||||
{/if}
|
{/if}
|
||||||
|
|
||||||
{* Scroll left and right *}
|
{* Scroll left and right *}
|
||||||
|
<div class="hidden row scroll-buttons" aria-hidden="true">
|
||||||
<div class="hidden row scroll-buttons" aria-hidden="true">
|
|
||||||
<div class="btn-group pull-right">
|
<div class="btn-group pull-right">
|
||||||
<button class="btn btn-sm btn-link scroll-left" title="{__('Poll results', 'Scroll to the left')}">
|
<button class="btn btn-sm btn-link scroll-left" title="{__('Poll results', 'Scroll to the left')}">
|
||||||
<span class="glyphicon glyphicon-chevron-left"></span>
|
<span class="glyphicon glyphicon-chevron-left"></span>
|
||||||
@ -50,19 +54,22 @@
|
|||||||
<span class="glyphicon glyphicon-chevron-right"></span>
|
<span class="glyphicon glyphicon-chevron-right"></span>
|
||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
{if !$accessGranted && $resultPubliclyVisible}
|
||||||
|
{include 'part/password_request.tpl' active=$poll->active}
|
||||||
|
{/if}
|
||||||
|
|
||||||
{* Vote table *}
|
{* Vote table *}
|
||||||
|
{if $poll->format === 'D'}
|
||||||
{if $poll->format === 'D'}
|
|
||||||
{include 'part/vote_table_date.tpl' active=$poll->active}
|
{include 'part/vote_table_date.tpl' active=$poll->active}
|
||||||
{else}
|
{else}
|
||||||
{include 'part/vote_table_classic.tpl' active=$poll->active}
|
{include 'part/vote_table_classic.tpl' active=$poll->active}
|
||||||
{/if}
|
{/if}
|
||||||
|
|
||||||
{* Comments *}
|
{* Comments *}
|
||||||
|
{include 'part/comments.tpl' active=$poll->active comments=$comments}
|
||||||
|
|
||||||
{include 'part/comments.tpl' active=$poll->active comments=$comments}
|
{/if}
|
||||||
|
|
||||||
{/block}
|
{/block}
|
||||||
|
Loading…
Reference in New Issue
Block a user