Fix back links to create_poll.php + Use values in session if _post is not present

This commit is contained in:
Olivier Perez 2015-03-31 00:02:37 +02:00
parent 6d34631fbf
commit d8c70a5f77
7 changed files with 15 additions and 353 deletions

View File

@ -183,7 +183,7 @@ class Utils {
return $cleaned;
}
public static function fromPostOrEmpty($postKey) {
return !empty($_POST[$postKey]) ? Utils::htmlEscape($_POST[$postKey]) : '';
public static function fromPostOrDefault($postKey, $default = '') {
return !empty($_POST[$postKey]) ? Utils::htmlEscape($_POST[$postKey]) : $default;
}
}

View File

@ -262,7 +262,7 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
</div>
</div>
<div class="col-md-8 text-right">
<a class="btn btn-default" href="' . Utils::get_server_name() . 'infos_sondage.php?choix_sondage=autre" title="' . __('Step 2', 'Back to step 1') . '">' . __('Generic', 'Back') . '</a>
<a class="btn btn-default" href="' . Utils::get_server_name() . 'create_poll.php?type=classic" title="' . __('Step 2', 'Back to step 1') . '">' . __('Generic', 'Back') . '</a>
<button name="fin_sondage_autre" value="' . __('Generic', 'Next') . '" type="submit" class="btn btn-success disabled" title="' . __('Step 2', 'Go to step 3') . '">' . __('Generic', 'Next') . '</button>
</div>
</div>

View File

@ -284,7 +284,7 @@ if (!isset($_SESSION['form']->title) || !isset($_SESSION['form']->admin_name) ||
<li><a id="resethours" href="javascript:void(0)">'. __('Step 2 date', 'Remove all hours') .'</a></li>
</ul>
</div>
<a class="btn btn-default" href="'.Utils::get_server_name().'infos_sondage.php?choix_sondage=date" title="'. __('Step 2', 'Back to step 1') . '">'. __('Generic', 'Back') . '</a>
<a class="btn btn-default" href="'.Utils::get_server_name().'create_poll.php?type=date" title="'. __('Step 2', 'Back to step 1') . '">'. __('Generic', 'Back') . '</a>
<button name="choixheures" value="'. __('Generic', 'Next') .'" type="submit" class="btn btn-success disabled" title="'. __('Step 2', 'Go to step 3') . '">'. __('Generic', 'Next') .'</button>
</div>
</div>

View File

@ -136,7 +136,6 @@ $errors = array(
)
);
// TODO Move it to TPL
if (!empty($_POST[GO_TO_STEP_2])) {
if (empty($_POST['title'])) {
$errors['title']['aria'] = 'aria-describeby="poll_title_error" ';
@ -198,13 +197,13 @@ $smarty->assign('use_smtp', $config['use_smtp']);
$smarty->assign('goToStep2', GO_TO_STEP_2);
$smarty->assign('poll_type', $poll_type);
$smarty->assign('poll_title', Utils::fromPostOrEmpty('title'));
$smarty->assign('poll_description', Utils::fromPostOrEmpty('description'));
$smarty->assign('poll_name', Utils::fromPostOrEmpty('name'));
$smarty->assign('poll_mail', Utils::fromPostOrEmpty('mail'));
$smarty->assign('poll_editable', Utils::fromPostOrEmpty('editable'));
$smarty->assign('poll_receiveNewVotes', Utils::fromPostOrEmpty('receiveNewVotes'));
$smarty->assign('poll_receiveNewComments', Utils::fromPostOrEmpty('receiveNewComments'));
$smarty->assign('poll_title', Utils::fromPostOrDefault('title', $_SESSION['form']->title));
$smarty->assign('poll_description', Utils::fromPostOrDefault('description', $_SESSION['form']->description));
$smarty->assign('poll_name', Utils::fromPostOrDefault('name', $_SESSION['form']->admin_name));
$smarty->assign('poll_mail', Utils::fromPostOrDefault('mail', $_SESSION['form']->admin_mail));
$smarty->assign('poll_editable', Utils::fromPostOrDefault('editable', $_SESSION['form']->editable));
$smarty->assign('poll_receiveNewVotes', Utils::fromPostOrDefault('receiveNewVotes', $_SESSION['form']->receiveNewVotes));
$smarty->assign('poll_receiveNewComments', Utils::fromPostOrDefault('receiveNewComments', $_SESSION['form']->receiveNewComments));
$smarty->assign('form', $_SESSION['form']);
$smarty->display('create_poll.tpl');

View File

@ -27,11 +27,11 @@ Here are the main files and directories you need to know in order to develop on
* La page de présentation de sondage
* adminstuds.php
* La page d'administration réservée à l'auteur du sondage
* infos_sondage.php
* create_poll.php
* La page (1/2) de création de sondage récupérant les informations générales
* choix_date.php
* create_date_poll.php
* La page de création (2/2) pour un sondage pour déterminer une date
* choix_autre.php
* crete_classic_poll.php
* La page de création (2/2) pour un sondage sur un sujet quelconque
* creation_sondage.php
* Le fichier qui récupérent les informations des pages précédentes pour procéder à l'insertion du nouveau sondage dans la base PostgreSQL

View File

@ -1,337 +0,0 @@
<?php
/**
* This software is governed by the CeCILL-B license. If a copy of this license
* is not distributed with this file, you can obtain one at
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
*
* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
*
* =============================
*
* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
*
* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
*/
namespace Framadate;
include_once __DIR__ . '/app/inc/init.php';
function fromPostOrEmpty($postKey) {
return isset($_POST[$postKey]) ? Utils::htmlEscape($_POST[$postKey]) : '';
}
if (!isset($_SESSION['form'])) {
$_SESSION['form'] = new Form();
}
if (file_exists('bandeaux_local.php')) {
include_once('bandeaux_local.php');
} else {
include_once('bandeaux.php');
}
// Type de sondage : <button value="$_SESSION['form']->choix_sondage">
if ((isset($_GET['choix_sondage']) && $_GET['choix_sondage'] == 'date') ||
(isset($_POST["choix_sondage"]) && $_POST["choix_sondage"] == 'creation_sondage_date')) {
$choix_sondage = "creation_sondage_date";
$_SESSION['form']->choix_sondage = $choix_sondage;
} else {
$choix_sondage = "creation_sondage_autre";
$_SESSION['form']->choix_sondage = $choix_sondage;
}
// We clean the data
$poursuivre = filter_input(INPUT_POST, 'poursuivre', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^(creation_sondage_date|creation_sondage_autre)$/']]);
$title = filter_input(INPUT_POST, 'title', FILTER_SANITIZE_STRING);
$name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]);
$mail = filter_input(INPUT_POST, 'mail', FILTER_VALIDATE_EMAIL);
$description = filter_input(INPUT_POST, 'description', FILTER_SANITIZE_STRING);
$editable = filter_input(INPUT_POST, 'editable', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]);
$receiveNewVotes = filter_input(INPUT_POST, 'receiveNewVotes', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]);
$receiveNewComments = filter_input(INPUT_POST, 'receiveNewComments', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]);
// On initialise également les autres variables
$error_on_mail = false;
$error_on_title = false;
$error_on_name = false;
$error_on_description = false;
#tests
if (!empty($_POST['poursuivre'])) {
$_SESSION['form']->title = $title;
$_SESSION['form']->admin_name = $name;
$_SESSION['form']->admin_mail = $mail;
$_SESSION['form']->description = $description;
$_SESSION['form']->editable = ($editable !== null) ? true : false;
$_SESSION['form']->receiveNewVotes = ($receiveNewVotes !== null) ? true : false;
$_SESSION['form']->receiveNewComments = ($receiveNewComments !== null) ? true : false;
if ($config['use_smtp']==true) {
if (empty($mail)) {
$error_on_mail = true;
}
}
if ($title !== $_POST['title']) {
$error_on_title = true;
}
if ($name !== $_POST['name']) {
$error_on_name = true;
}
if ($description !== $_POST['description']) {
$error_on_description = true;
}
// Si pas d'erreur dans l'adresse alors on change de page vers date ou autre
if ($config['use_smtp'] == true) {
$email_OK = $mail && !$error_on_mail;
} else {
$email_OK = true;
}
if ($title && $name && $email_OK && ! $error_on_title && ! $error_on_description && ! $error_on_name) {
if ( $poursuivre == 'creation_sondage_date' ) {
header('Location:create_date_poll.php');
exit();
}
if ( $poursuivre == 'creation_sondage_autre' ) {
header('Location:create_classic_poll.php');
exit();
}
} else {
// Title Erreur !
Utils::print_header( __('Generic', 'Error!').' - '.__('Step 1', 'Poll creation (1 on 3)') );
}
} else {
// Title OK (formulaire pas encore rempli)
Utils::print_header( __('Step 1', 'Poll creation (1 on 3)') );
}
bandeau_titre( __('Step 1', 'Poll creation (1 on 3)') );
/*
* Préparation des messages d'erreur
*/
$errors = array (
'title' => array (
'msg' => '',
'aria' => '',
'class' => ''
),
'description' => array (
'msg' => '',
'aria' => '',
'class' => ''
),
'name' => array (
'msg' => '',
'aria' => '',
'class' => ''
),
'email' => array (
'msg' => '',
'aria' => '',
'class' => ''
)
);
if (!empty($_POST['poursuivre'])) {
if (empty($_POST['title'])) {
$errors['title']['aria'] = 'aria-describeby="poll_title_error" ';
$errors['title']['class'] = ' has-error';
$errors['title']['msg'] = '<div class="alert alert-danger" ><p id="poll_title_error">' . __('Error', 'Enter a title') . '</p></div>';
} elseif ($error_on_title) {
$errors['title']['aria'] = 'aria-describeby="poll_title_error" ';
$errors['title']['class'] = ' has-error';
$errors['title']['msg'] = '<div class="alert alert-danger"><p id="poll_title_error">' . __('Error', 'Something is wrong with the format') . '</p></div>';
}
if ($error_on_description) {
$errors['description']['aria'] = 'aria-describeby="poll_comment_error" ';
$errors['description']['class'] = ' has-error';
$errors['description']['msg'] = '<div class="alert alert-danger"><p id="poll_comment_error">' . __('Error', 'Something is wrong with the format') . '</p></div>';
}
if (empty($_POST['name'])) {
$errors['name']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['name']['class'] = ' has-error';
$errors['name']['msg'] = '<div class="alert alert-danger"><p id="poll_name_error">' . __('Error', 'Enter a name') . '</p></div>';
} elseif ($error_on_name) {
$errors['name']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['name']['class'] = ' has-error';
$errors['name']['msg'] = '<div class="alert alert-danger"><p id="poll_name_error">' . __('Error', 'Something is wrong with the format') . '</p></div>';
}
if (empty($_POST['mail'])) {
$errors['email']['aria'] = 'aria-describeby="poll_name_error" ';
$errors['email']['class'] = ' has-error';
$errors['email']['msg'] = '<div class="alert alert-danger"><p id="poll_email_error">' . __('Error', 'Enter an email address') . '</p></div>';
} elseif ($error_on_mail) {
$errors['email']['aria'] = 'aria-describeby="poll_email_error" ';
$errors['email']['class'] = ' has-error';
$errors['email']['msg'] = '<div class="alert alert-danger"><p id="poll_email_error">' . __('Error', 'The address is not correct! You should enter a valid email address (like r.stallman@outlock.com) in order to receive the link to your poll.') . '</p></div>';
}
}
/*
* Préparation en fonction des paramètres de session
*/
// REMOTE_USER ?
/**
* @return string
*/
if (USE_REMOTE_USER && isset($_SERVER['REMOTE_USER'])) {
$input_name = '<input type="hidden" name="name" value="'.Utils::htmlEscape($_POST['name']).'" />'.$_SESSION['form']->admin_name;
$input_email = '<input type="hidden" name="mail" value="'.Utils::htmlEscape($_POST['mail']).'">'.$_SESSION['form']->admin_mail;
} else {
$input_name = '<input id="yourname" type="text" name="name" class="form-control" '.$errors['name']['aria'].' value="'. fromPostOrEmpty('name') .'" />';
$input_email = '<input id="email" type="text" name="mail" class="form-control" '.$errors['email']['aria'].' value="'. fromPostOrEmpty('mail') .'" />';
}
// Checkbox checked ?
if ($_SESSION['form']->editable) {
$editable = 'checked';
}
if ($_SESSION['form']->receiveNewVotes) {
$receiveNewVotes = 'checked';
}
if ($_SESSION['form']->receiveNewComments) {
$receiveNewComments = 'checked';
}
// Display form
echo '
<div class="row" style="display:none" id="form-block">
<div class="col-md-8 col-md-offset-2" >
<form name="formulaire" id="formulaire" action="' . Utils::get_server_name() . 'infos_sondage.php" method="POST" class="form-horizontal" role="form">
<div class="alert alert-info">
<p>'. __('Step 1', 'You are in the poll creation section.').' <br /> '.__('Step 1', 'Required fields cannot be left blank.') .'</p>
</div>
<div class="form-group'.$errors['title']['class'].'">
<label for="poll_title" class="col-sm-4 control-label">' . __('Step 1', 'Poll title') . ' *</label>
<div class="col-sm-8">
<input id="poll_title" type="text" name="title" class="form-control" '.$errors['title']['aria'].' value="'. fromPostOrEmpty('title') .'" />
</div>
</div>
'.$errors['title']['msg'].'
<div class="form-group'.$errors['description']['class'].'">
<label for="poll_comments" class="col-sm-4 control-label">'. __('Generic', 'Description') .'</label>
<div class="col-sm-8">
<textarea id="poll_comments" name="description" class="form-control" '.$errors['description']['aria'].' rows="5">'. fromPostOrEmpty('description') .'</textarea>
</div>
</div>
'.$errors['description']['msg'].'
<div class="form-group'.$errors['name']['class'].'">
<label for="yourname" class="col-sm-4 control-label">'. __('Generic', 'Your name') .' *</label>
<div class="col-sm-8">
'.$input_name.'
</div>
</div>
'.$errors['name']['msg'];
if ($config['use_smtp']==true) {
echo '
<div class="form-group'.$errors['email']['class'].'">
<label for="email" class="col-sm-4 control-label">'. __('Generic', 'Your email address') .' *<br /><span class="small">'. __('Generic', '(in the format name@mail.com)') .'</span></label>
<div class="col-sm-8">
'.$input_email.'
</div>
</div>
'.$errors['email']['msg'];
}
echo '
<div class="form-group">
<div class="col-sm-offset-4 col-sm-8">
<div class="checkbox">
<label>
<input type=checkbox name="editable" '.$editable.' id="editable">'. __('Step 1', 'Voters can modify their vote themselves.') .'
</label>
</div>
</div>
</div>';
if ($config['use_smtp']==true) {
echo '<div class="form-group">
<div class="col-sm-offset-4 col-sm-8">
<div class="checkbox">
<label>
<input type=checkbox name="receiveNewVotes" '.$receiveNewVotes.' id="receiveNewVotes">'. __('Step 1', 'To receive an email for each new vote.') .'
</label>
</div>
</div>
</div>';
echo '<div class="form-group">
<div class="col-sm-offset-4 col-sm-8">
<div class="checkbox">
<label>
<input type=checkbox name="receiveNewComments" '.$receiveNewComments.' id="receiveNewComments">'. __('Step 1', 'To receive an email for each new comment.') .'
</label>
</div>
</div>
</div>';
}
echo '
<p class="text-right">
<input type="hidden" name="choix_sondage" value="'. $choix_sondage .'"/>
<button name="poursuivre" value="'. $choix_sondage .'" type="submit" class="btn btn-success" title="'. __('Step 1', 'Go to step 2') . '">'. __('Generic', 'Next') . '</button>
</p>
<script type="text/javascript">document.formulaire.title.focus();</script>
</form>
</div>
</div>
<noscript>
<div class="alert alert-danger">'.
__('Step 1', 'Javascript is disabled on your browser. Its activation is required to create a poll.')
.'</div>
</noscript>
<div id="cookie-warning" class="alert alert-danger" style="display:none">'.
__('Step 1', 'Cookies are disabled on your browser. Theirs activation is required to create a poll.')
.'</div>
';
echo '
<script>
// Check Javascript is enabled, if it is it will execute this script
(function() {
// Check cookies are enabled too
var cookieEnabled = function() {
var cookieEnabled = navigator.cookieEnabled;
// if not IE4+ nor NS6+
if (!cookieEnabled && typeof navigator.cookieEnabled === "undefined"){
document.cookie = "testcookie"
cookieEnabled = document.cookie.indexOf("testcookie") != -1;
}
return cookieEnabled;
}
if (cookieEnabled()) {
// Show the form block
document.getElementById("form-block").setAttribute("style", "");
} else {
// Show the warning about cookies
document.getElementById("cookie-warning").setAttribute("style", "");
}
})();
</script>
';
bandeau_pied();

View File

@ -3,5 +3,5 @@ Allow: /
Allow: /index.php
Allow: /apropos.php
Allow: /contacts.php
Allow: /infos_sondage.php
Allow: /create_poll.php
Disallow: /*