search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add STATUS.txt file
[framadate-sandstorm.git] / infos_sondage.php
blob59d58481ddc89b7ced172e2a0d6e73edfd5be395
1 <?php
2 /**
3 * This software is governed by the CeCILL-B license. If a copy of this license
4 * is not distributed with this file, you can obtain one at
5 * http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
6 *
7 * Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
8 * Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
9 *
10 * =============================
11 *
12 * Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
13 * ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
14 * http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
15 *
16 * Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
17 * Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
18 */
19 namespace Framadate;
20
21 session_start();
22 include_once __DIR__ . '/app/inc/init.php';
23
24 if (file_exists('bandeaux_local.php')) {
25 include_once('bandeaux_local.php');
26 } else {
27 include_once('bandeaux.php');
28 }
29
30 // Type de sondage : <button value="$_SESSION["choix_sondage"]">
31 if ((isset($_GET['choix_sondage']) && $_GET['choix_sondage'] == 'date') ||
32 (isset($_POST["choix_sondage"]) && $_POST["choix_sondage"] == 'creation_sondage_date')) {
33 $choix_sondage = "creation_sondage_date";
34 $_SESSION["choix_sondage"] = $choix_sondage;
35 } else {
36 $choix_sondage = "creation_sondage_autre";
37 $_SESSION["choix_sondage"] = $choix_sondage;
38 }
39
40 // On teste toutes les variables pour supprimer l'ensemble des warnings PHP
41 // On transforme en entites html les données afin éviter les failles XSS
42 $post_var = array('poursuivre', 'titre', 'nom', 'adresse', 'commentaires', 'studsplus', 'mailsonde', 'creation_sondage_date', 'creation_sondage_autre');
43 foreach ($post_var as $var) {
44 if (isset($_POST[$var]) === true) {
45 $$var = htmlentities($_POST[$var], ENT_QUOTES, 'UTF-8');
46 } else {
47 $$var = null;
48 }
49 }
50
51 // On initialise egalement la session car sinon bonjour les warning :-)
52 $session_var = array('titre', 'nom', 'adresse', 'commentaires', 'mailsonde', 'studsplus', );
53 foreach ($session_var as $var) {
54 if (Utils::issetAndNoEmpty($var, $_SESSION) === false) {
55 $_SESSION[$var] = null;
56 }
57 }
58
59 // On initialise également les autres variables
60 $erreur_adresse = false;
61 $erreur_injection_titre = false;
62 $erreur_injection_nom = false;
63 $erreur_injection_commentaires = false;
64 $cocheplus = '';
65 $cochemail = '';
66
67 #tests
68 if (Utils::issetAndNoEmpty("poursuivre")){
69 $_SESSION["titre"] = $titre;
70 $_SESSION["nom"] = $nom;
71 $_SESSION["adresse"] = $adresse;
72 $_SESSION["commentaires"] = $commentaires;
73
74 unset($_SESSION["studsplus"]);
75 $_SESSION["studsplus"] = ($studsplus !== null) ? '+' : $_SESSION["studsplus"] = '';
76
77 unset($_SESSION["mailsonde"]);
78 $_SESSION["mailsonde"] = ($mailsonde !== null) ? true : false;
79
80 if ($config['use_smtp']==true){
81 if (Utils::isValidEmail($adresse) === false) {
82 $erreur_adresse = true;
83 }
84 }
85
86 if (preg_match(';<|>|";',$titre)) {
87 $erreur_injection_titre = true;
88 }
89
90 if (preg_match(';<|>|";',$nom)) {
91 $erreur_injection_nom = true;
92 }
93
94 if (preg_match(';<|>|";',$commentaires)) {
95 $erreur_injection_commentaires = true;
96 }
97
98 // Si pas d'erreur dans l'adresse alors on change de page vers date ou autre
99 if($config['use_smtp']==true){
100 $email_OK = $adresse && !$erreur_adresse;
101 } else{
102 $email_OK = true;
103 }
104
105 if ($titre && $nom && $email_OK && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom) {
106
107 if ( $poursuivre == "creation_sondage_date" ) {
108 header("Location:choix_date.php");
109 exit();
110 }
111
112 if ( $poursuivre == "creation_sondage_autre" ) {
113 header("Location:choix_autre.php");
114 exit();
115 }
116
117 } else {
118 // Title Erreur !
119 Utils::print_header( _("Error!").' - '._("Poll creation (1 on 3)") );
120 }
121 } else {
122 // Title OK (formulaire pas encore rempli)
123 Utils::print_header( _("Poll creation (1 on 3)") );
124 }
125
126 bandeau_titre( _("Poll creation (1 on 3)") );
127
128 // premier sondage ? test l'existence des schémas SQL avant d'aller plus loin
129 if(!Utils::check_table_sondage()) {
130 echo '<div class="alert alert-danger text-center">' . _("Framadate is not properly installed, please check the 'INSTALL' to setup the database before continuing.") . "</div>"."\n";
131
132 bandeau_pied();
133
134 die();
135 }
136
137 /*
138 * Préparation des messages d'erreur
139 */
140
141 $errors = array(
142 'title' => array (
143 'msg' => '',
144 'aria' => '',
145 'class' => ''
146 ),
147 'description' => array (
148 'msg' => '',
149 'aria' => '',
150 'class' => ''
151 ),
152 'name' => array (
153 'msg' => '',
154 'aria' => '',
155 'class' => ''
156 ),
157 'email' => array (
158 'msg' => '',
159 'aria' => '',
160 'class' => ''
161 )
162 );
163
164 if (!$_SESSION["titre"] && Utils::issetAndNoEmpty("poursuivre") ) {
165 $errors['title']['aria'] = 'aria-describeby="poll_title_error" '; $errors['title']['class'] = ' has-error';
166 $errors['title']['msg'] = '<div class="alert alert-danger" ><p id="poll_title_error">' . _("Enter a title") . '</p></div>';
167 } elseif ($erreur_injection_titre) {
168 $errors['title']['aria'] = 'aria-describeby="poll_title_error" '; $errors['title']['class'] = ' has-error';
169 $errors['title']['inject'] = '<div class="alert alert-danger"><p id="poll_title_error">' . _("Characters < > and \" are not permitted") . '</p></div>';
170 }
171
172 if ($erreur_injection_commentaires) {
173 $errors['description']['aria'] = 'aria-describeby="poll_comment_error" '; $errors['description']['class'] = ' has-error';
174 $errors['description']['msg'] = '<div class="alert alert-danger"><p id="poll_comment_error">' . _("Characters < > and \" are not permitted") . '</p></div>';
175 }
176
177 if (!$_SESSION["nom"] && Utils::issetAndNoEmpty("poursuivre")) {
178 $errors['name']['aria'] = 'aria-describeby="poll_name_error" '; $errors['name']['class'] = ' has-error';
179 $errors['name']['msg'] = '<div class="alert alert-danger"><p id="poll_name_error">' . _("Enter a name") . '</p></div>';
180 } elseif ($erreur_injection_nom) {
181 $errors['name']['aria'] = 'aria-describeby="poll_name_error" '; $errors['name']['class'] = ' has-error';
182 $errors['name']['msg'] = '<div class="alert alert-danger"><p id="poll_name_error">' . _("Characters < > and \" are not permitted") . '</p></div>';
183 }
184
185 if (!$_SESSION["adresse"] && Utils::issetAndNoEmpty("poursuivre")) {
186 $errors['email']['aria'] = 'aria-describeby="poll_name_error" '; $errors['email']['class'] = ' has-error';
187 $errors['email']['msg'] = '<div class="alert alert-danger"><p id="poll_email_error">' . _("Enter an email address") . '</p></div>';
188 } elseif ($erreur_adresse && Utils::issetAndNoEmpty("poursuivre")) {
189 $errors['email']['aria'] = 'aria-describeby="poll_email_error" '; $errors['email']['class'] = ' has-error';
190 $errors['email']['msg'] = '<div class="alert alert-danger"><p id="poll_email_error">' . _("The address is not correct! You should enter a valid email address (like r.stallman@outlock.com) in order to receive the link to your poll.") . '</p></div>';
191 }
192
193 /*
194 * Préparation en fonction des paramètres de session
195 */
196
197 // REMOTE_USER ?
198 if (USE_REMOTE_USER && isset($_SERVER['REMOTE_USER'])) {
199 $input_name = '<input type="hidden" name="nom" value="'.$_SESSION["nom"].'" />'.stripslashes($_SESSION["nom"]);
200 } else {
201 $input_name = '<input id="yourname" type="text" name="nom" class="form-control" '.$errors['name']['aria'].' value="'.stripslashes($_SESSION["nom"]).'" />';
202 }
203
204 if (USE_REMOTE_USER && isset($_SERVER['REMOTE_USER'])) {
205 $input_email = '<input type="hidden" name="adresse" value="'.$_SESSION["adresse"].'">'.$_SESSION["adresse"];
206 } else {
207 $input_email = '<input id="email" type="text" name="adresse" class="form-control" '.$errors['email']['aria'].' value="'.$_SESSION["adresse"].'" />';
208 }
209
210 // Checkbox checked ?
211 if (!$_SESSION["studsplus"] && !Utils::issetAndNoEmpty('creation_sondage_date') && !Utils::issetAndNoEmpty('creation_sondage_autre')) {
212 $_SESSION["studsplus"]="+";
213 }
214
215 if ($_SESSION["studsplus"]=="+") {
216 $cocheplus="checked";
217 }
218
219 if ($_SESSION["mailsonde"]) {
220 $cochemail="checked";
221 }
222
223 // Affichage du formulaire
224 echo '
225 <div class="row">
226 <div class="col-md-8 col-md-offset-2" >
227 <form name="formulaire" id="formulaire" action="' . Utils::get_server_name() . 'infos_sondage.php" method="POST" class="form-horizontal" role="form">
228
229 <div class="alert alert-info">
230 <p>'. _("You are in the poll creation section.").' <br /> '._("Required fields cannot be left blank.") .'</p>
231 </div>
232
233 <div class="form-group'.$errors['title']['class'].'">
234 <label for="poll_title" class="col-sm-4 control-label">' . _("Poll title") . ' *</label>
235 <div class="col-sm-8">
236 <input id="poll_title" type="text" name="titre" class="form-control" '.$errors['title']['aria'].' value="'.stripslashes($_SESSION["titre"]).'" />
237 </div>
238 </div>
239 '.$errors['title']['msg'].'
240 <div class="form-group'.$errors['description']['class'].'">
241 <label for="poll_comments" class="col-sm-4 control-label">'. _("Description") .'</label>
242 <div class="col-sm-8">
243 <textarea id="poll_comments" name="commentaires" class="form-control" '.$errors['description']['aria'].' rows="5">'.stripslashes($_SESSION["commentaires"]).'</textarea>
244 </div>
245 </div>
246 '.$errors['description']['msg'].'
247 <div class="form-group'.$errors['name']['class'].'">
248 <label for="yourname" class="col-sm-4 control-label">'. _("Your name") .' *</label>
249 <div class="col-sm-8">
250 '.$input_name.'
251 </div>
252 </div>
253 '.$errors['name']['msg'];
254 if($config['use_smtp']==true){
255 echo '
256 <div class="form-group'.$errors['email']['class'].'">
257 <label for="email" class="col-sm-4 control-label">'. _("Your email address") .' *<br /><span class="small">'. _("(in the format name@mail.com)") .'</span></label>
258 <div class="col-sm-8">
259 '.$input_email.'
260 </div>
261 </div>
262 '.$errors['email']['msg'];
263 }
264 echo '
265 <div class="form-group">
266 <div class="col-sm-offset-1 col-sm-11">
267 <div class="checkbox">
268 <label>
269 <input type=checkbox name=studsplus '.$cocheplus.' id="studsplus">'. _("Voters can modify their vote themselves.") .'
270 </label>
271 </div>
272 </div>
273 </div>';
274 if($config['use_smtp']==true){
275 echo '<div class="form-group">
276 <div class="col-sm-offset-1 col-sm-11">
277 <div class="checkbox">
278 <label>
279 <input type=checkbox name=mailsonde '.$cochemail.' id="mailsonde">'. _("To receive an email for each new vote.") .'
280 </label>
281 </div>
282 </div>
283 </div>';
284 }
285 echo '
286 <p class="text-right">
287 <input type="hidden" name="choix_sondage" value="'. $choix_sondage .'"/>
288 <button name="poursuivre" value="'. $choix_sondage .'" type="submit" class="btn btn-success" title="'. _('Go to step 2') . '">'. _('Next') . '</button>
289 </p>
290
291 <script type="text/javascript"> document.formulaire.titre.focus(); </script>
292
293 </form>
294 </div>
295 </div>';
296
297 bandeau_pied();
Sandstorm.io package for Framadate (schedule/poll web app)