date.chapril.org-framadate/app/inc/smarty.php
Antonin 4c137748b4 Editing vote by link with unique id
- Changed the smarty modifier poll_url to a function and added the vote_id parameter
	- Modified accordingly all poll_url occurence in templates
	- Added htaccess.txt to be sure to keep poll's URL changes up to date
	- Escaped some templates output in order to avoid to broke HTML
	- Using vote's uniqId instead of vote's id when it's needed
2015-04-02 16:56:52 +02:00

69 lines
2.5 KiB
PHP

<?php
/**
* This software is governed by the CeCILL-B license. If a copy of this license
* is not distributed with this file, you can obtain one at
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
*
* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
*
* =============================
*
* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
*
* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
*/
use Framadate\Utils;
require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';
$smarty = new \Smarty();
$smarty->setTemplateDir(ROOT_DIR . '/tpl/');
$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');
$smarty->setCacheDir(ROOT_DIR . '/cache/');
$smarty->caching = false;
$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);
$smarty->assign('SERVER_URL', Utils::get_server_name());
$smarty->assign('SCRIPT_NAME', $_SERVER['SCRIPT_NAME']);
$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);
$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));
$smarty->assign('html_lang', $html_lang);
$smarty->assign('langs', $ALLOWED_LANGUAGES);
$smarty->assign('date_format', $date_format);
// Dev Mode
if ($_SERVER['FRAMADATE_DEVMODE']) {
$smarty->force_compile = true;
$smarty->compile_check = true;
} else {
$smarty->force_compile = false;
$smarty->compile_check = false;
}
function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
$admin = $params['admin']?true:false;
$vote_unique_id = filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id);
}
function smarty_modifier_markdown($md, $clear = false) {
return Utils::markdown($md, $clear);
}
function smarty_modifier_resource($link) {
return Utils::get_server_name() . $link;
}
function smarty_modifier_html($html) {
return Utils::htmlEscape($html);
}