choix_sondage"> if ((isset($_GET['choix_sondage']) && $_GET['choix_sondage'] == 'date') || (isset($_POST["choix_sondage"]) && $_POST["choix_sondage"] == 'creation_sondage_date')) { $choix_sondage = "creation_sondage_date"; $_SESSION['form']->choix_sondage = $choix_sondage; } else { $choix_sondage = "creation_sondage_autre"; $_SESSION['form']->choix_sondage = $choix_sondage; } // We clean the data $poursuivre = filter_input(INPUT_POST, 'poursuivre', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^(creation_sondage_date|creation_sondage_autre)$/']]); $title = filter_input(INPUT_POST, 'titre', FILTER_SANITIZE_STRING); $name = filter_input(INPUT_POST, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => NAME_REGEX]]); $address = filter_input(INPUT_POST, 'adresse', FILTER_VALIDATE_EMAIL); $description = filter_input(INPUT_POST, 'commentaires', FILTER_SANITIZE_STRING); $editable = filter_input(INPUT_POST, 'editable', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]); $receiveNewVotes = filter_input(INPUT_POST, 'receiveNewVotes', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]); $receiveNewComments = filter_input(INPUT_POST, 'receiveNewComments', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => BOOLEAN_REGEX]]); // On initialise également les autres variables $erreur_adresse = false; $erreur_injection_titre = false; $erreur_injection_nom = false; $erreur_injection_commentaires = false; #tests if (!empty($_POST['poursuivre'])){ $_SESSION['form']->title = $title; $_SESSION['form']->admin_name = $name; $_SESSION['form']->admin_mail = $address; $_SESSION['form']->description = $description; $_SESSION['form']->editable = ($editable !== null) ? true : false; $_SESSION['form']->receiveNewVotes = ($receiveNewVotes !== null) ? true : false; $_SESSION['form']->receiveNewComments = ($receiveNewComments !== null) ? true : false; if ($config['use_smtp']==true){ if (Utils::isValidEmail($address) === false) { $erreur_adresse = true; } } if (preg_match(';<|>|";',$title)) { $erreur_injection_titre = true; } if (preg_match(';<|>|";',$name)) { $erreur_injection_nom = true; } if (preg_match(';<|>|";',$description)) { $erreur_injection_commentaires = true; } // Si pas d'erreur dans l'adresse alors on change de page vers date ou autre if($config['use_smtp'] == true){ $email_OK = $address && !$erreur_adresse; } else{ $email_OK = true; } if ($title && $name && $email_OK && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom) { if ( $poursuivre == 'creation_sondage_date' ) { header('Location:choix_date.php'); exit(); } if ( $poursuivre == 'creation_sondage_autre' ) { header('Location:choix_autre.php'); exit(); } } else { // Title Erreur ! Utils::print_header( _('Error!').' - '._('Poll creation (1 on 3)') ); } } else { // Title OK (formulaire pas encore rempli) Utils::print_header( _('Poll creation (1 on 3)') ); } bandeau_titre( _('Poll creation (1 on 3)') ); /* * Préparation des messages d'erreur */ $errors = array( 'title' => array ( 'msg' => '', 'aria' => '', 'class' => '' ), 'description' => array ( 'msg' => '', 'aria' => '', 'class' => '' ), 'name' => array ( 'msg' => '', 'aria' => '', 'class' => '' ), 'email' => array ( 'msg' => '', 'aria' => '', 'class' => '' ) ); if (!$_SESSION['form']->title && !empty($_POST['poursuivre'])) { $errors['title']['aria'] = 'aria-describeby="poll_title_error" '; $errors['title']['class'] = ' has-error'; $errors['title']['msg'] = '

' . _('Enter a title') . '

'; } elseif ($erreur_injection_titre) { $errors['title']['aria'] = 'aria-describeby="poll_title_error" '; $errors['title']['class'] = ' has-error'; $errors['title']['inject'] = '

' . _('Characters < > and " are not permitted') . '

'; } if ($erreur_injection_commentaires) { $errors['description']['aria'] = 'aria-describeby="poll_comment_error" '; $errors['description']['class'] = ' has-error'; $errors['description']['msg'] = '

' . _('Characters < > and " are not permitted') . '

'; } if (!$_SESSION['form']->admin_name && !empty($_POST['poursuivre'])) { $errors['name']['aria'] = 'aria-describeby="poll_name_error" '; $errors['name']['class'] = ' has-error'; $errors['name']['msg'] = '

' . _('Enter a name') . '

'; } elseif ($erreur_injection_nom) { $errors['name']['aria'] = 'aria-describeby="poll_name_error" '; $errors['name']['class'] = ' has-error'; $errors['name']['msg'] = '

' . _('Characters < > and " are not permitted') . '

'; } if (!$_SESSION['form']->admin_mail && !empty($_POST['poursuivre'])) { $errors['email']['aria'] = 'aria-describeby="poll_name_error" '; $errors['email']['class'] = ' has-error'; $errors['email']['msg'] = '

' . _('Enter an email address') . '

'; } elseif ($erreur_adresse && !empty($_POST['poursuivre'])) { $errors['email']['aria'] = 'aria-describeby="poll_email_error" '; $errors['email']['class'] = ' has-error'; $errors['email']['msg'] = '

' . _('The address is not correct! You should enter a valid email address (like r.stallman@outlock.com) in order to receive the link to your poll.') . '

'; } /* * Préparation en fonction des paramètres de session */ // REMOTE_USER ? if (USE_REMOTE_USER && isset($_SERVER['REMOTE_USER'])) { $input_name = ''.$_SESSION['form']->admin_name; } else { $input_name = ''; } if (USE_REMOTE_USER && isset($_SERVER['REMOTE_USER'])) { $input_email = ''.$_SESSION['form']->admin_mail; } else { $input_email = ''; } // Checkbox checked ? if ($_SESSION['form']->editable) { $editable = 'checked'; } if ($_SESSION['form']->receiveNewVotes) { $receiveNewVotes = 'checked'; } if ($_SESSION['form']->receiveNewComments) { $receiveNewComments = 'checked'; } // Display form echo '

'. _('You are in the poll creation section.').'
'._('Required fields cannot be left blank.') .'

'.$errors['title']['msg'].'
'.$errors['description']['msg'].'
'.$input_name.'
'.$errors['name']['msg']; if($config['use_smtp']==true){ echo '
'.$input_email.'
'.$errors['email']['msg']; } echo '
'; if($config['use_smtp']==true){ echo '
'; echo '
'; } echo '

'; bandeau_pied();