4c137748b4
- Changed the smarty modifier poll_url to a function and added the vote_id parameter - Modified accordingly all poll_url occurence in templates - Added htaccess.txt to be sure to keep poll's URL changes up to date - Escaped some templates output in order to avoid to broke HTML - Using vote's uniqId instead of vote's id when it's needed
69 lines
2.5 KiB
PHP
69 lines
2.5 KiB
PHP
<?php
|
|
/**
|
|
* This software is governed by the CeCILL-B license. If a copy of this license
|
|
* is not distributed with this file, you can obtain one at
|
|
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
|
|
*
|
|
* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
|
|
* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
|
|
*
|
|
* =============================
|
|
*
|
|
* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
|
|
* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
|
|
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
|
|
*
|
|
* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
|
|
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
|
|
*/
|
|
use Framadate\Utils;
|
|
|
|
require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';
|
|
$smarty = new \Smarty();
|
|
$smarty->setTemplateDir(ROOT_DIR . '/tpl/');
|
|
$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');
|
|
$smarty->setCacheDir(ROOT_DIR . '/cache/');
|
|
$smarty->caching = false;
|
|
|
|
$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);
|
|
$smarty->assign('SERVER_URL', Utils::get_server_name());
|
|
$smarty->assign('SCRIPT_NAME', $_SERVER['SCRIPT_NAME']);
|
|
$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);
|
|
$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));
|
|
$smarty->assign('html_lang', $html_lang);
|
|
$smarty->assign('langs', $ALLOWED_LANGUAGES);
|
|
$smarty->assign('date_format', $date_format);
|
|
|
|
// Dev Mode
|
|
if ($_SERVER['FRAMADATE_DEVMODE']) {
|
|
$smarty->force_compile = true;
|
|
$smarty->compile_check = true;
|
|
|
|
} else {
|
|
$smarty->force_compile = false;
|
|
$smarty->compile_check = false;
|
|
}
|
|
|
|
|
|
function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
|
|
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
|
$admin = $params['admin']?true:false;
|
|
$vote_unique_id = filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
|
|
|
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
|
|
|
|
return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id);
|
|
}
|
|
|
|
function smarty_modifier_markdown($md, $clear = false) {
|
|
return Utils::markdown($md, $clear);
|
|
}
|
|
|
|
function smarty_modifier_resource($link) {
|
|
return Utils::get_server_name() . $link;
|
|
}
|
|
|
|
function smarty_modifier_html($html) {
|
|
return Utils::htmlEscape($html);
|
|
}
|