From f5e579437a0b8db7b2622a548f7f5d0ac1733bf7 Mon Sep 17 00:00:00 2001 From: Antonin Date: Fri, 14 Oct 2016 09:02:47 +0200 Subject: [PATCH] =?UTF-8?q?Probl=C3=A8mes=20d'envois=20de=20commentaire=20?= =?UTF-8?q?de=20l'administrateur=20sur=20un=20sondage=20avec=20mot=20de=20?= =?UTF-8?q?passe.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- action/add_comment.php | 10 +++++++++- tpl/part/comments.tpl | 3 +++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/action/add_comment.php b/action/add_comment.php index dd3e247..13ec5d5 100644 --- a/action/add_comment.php +++ b/action/add_comment.php @@ -34,6 +34,7 @@ $poll = null; $message = null; $result = false; $comments = array(); +$is_admin = false; /* Services */ /*----------*/ @@ -53,9 +54,16 @@ if (!empty($_POST['poll'])) { $poll = $pollService->findById($poll_id); } +if (!empty($_POST['poll_admin'])) { + $admin_poll_id = filter_input(INPUT_POST, 'poll_admin', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]); + if (strlen($admin_poll_id) === 24) { + $is_admin = ($pollService->findByAdminId($admin_poll_id) != null); + } +} + if (!$poll) { $message = new Message('error', __('Error', 'This poll doesn\'t exist !')); -} else if ($poll && !$securityService->canAccessPoll($poll)) { +} else if ($poll && !$securityService->canAccessPoll($poll) && !$is_admin) { $message = new Message('error', __('Password', 'Wrong password')); } else { $name = $inputService->filterName($_POST['name']); diff --git a/tpl/part/comments.tpl b/tpl/part/comments.tpl index 7c5e458..1eb8ee4 100644 --- a/tpl/part/comments.tpl +++ b/tpl/part/comments.tpl @@ -8,6 +8,9 @@
+ {if !empty($admin_poll_id)} + + {/if}
{__('Comments', 'Add a comment to the poll')}