Ver Fonte

Clean code

Laurent Destailleur há 4 anos atrás
pai
commit
e142b42f19

+ 54 - 27
htdocs/core/lib/functions.lib.php

@@ -545,6 +545,59 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
 		}
 	}
 
+	// Check rule
+	if ($check == 'array') {
+		if (!is_array($out) || empty($out)) {
+			$out = array();
+		} else {
+			foreach($out as $outkey => $outval) {
+				$out[$outkey] = checkVal($outval, 'alphanohtml', $filter, $options);
+			}
+		}
+	}
+	else {
+		$out = checkVal($out, $check, $filter, $options);
+	}
+
+	// Sanitizing for special parameters. There is no reason to allow the backtopage parameter to contains an external URL.
+	if ($paramname == 'backtopage') {
+		$out = preg_replace(array('!(\\\|/)+!', '/^[a-z]*:/'), '', $out);
+	}
+
+	// Code for search criteria persistence.
+	// Save data into session if key start with 'search_' or is 'smonth', 'syear', 'month', 'year'
+	if (empty($method) || $method == 3 || $method == 4)
+	{
+		if (preg_match('/^search_/', $paramname) || in_array($paramname, array('sortorder', 'sortfield')))
+		{
+			//var_dump($paramname.' - '.$out.' '.$user->default_values[$relativepathstring]['filters'][$paramname]);
+
+			// We save search key only if $out not empty that means:
+			// - posted value not empty, or
+			// - if posted value is empty and a default value exists that is not empty (it means we did a filter to an empty value when default was not).
+
+			if ($out != '')		// $out = '0' or 'abc', it is a search criteria to keep
+			{
+				$user->lastsearch_values_tmp[$relativepathstring][$paramname] = $out;
+			}
+		}
+	}
+
+	return $out;
+}
+
+
+/**
+ *  Return a value after checking on a rule.
+ *
+ *  @param  string  $out	     Value to get/check
+ *  @param  string  $check	     Type of check
+ *  @param  int     $filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
+ *  @param  mixed   $options     Options to pass to filter_var when $check is set to 'custom'
+ *  @return string|array         Value found (string or array), or '' if check fails
+ */
+function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = null)
+{
 	// Check is done after replacement
 	switch ($check)
 	{
@@ -580,9 +633,6 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
 				if (preg_match('/[^a-z0-9_\-\.,]+/i', $out)) $out = '';
 			}
 			break;
-		case 'array':
-			if (!is_array($out) || empty($out)) $out = array();
-			break;
 		case 'nohtml':
 			$out = dol_string_nohtmltag($out, 0);
 			break;
@@ -606,34 +656,11 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
 			break;
 	}
 
-	// Sanitizing for special parameters. There is no reason to allow the backtopage parameter to contains an external URL.
-	if ($paramname == 'backtopage') {
-		$out = preg_replace(array('!(\\\|/)+!', '/^[a-z]*:/'), '', $out);
-	}
-
-	// Code for search criteria persistence.
-	// Save data into session if key start with 'search_' or is 'smonth', 'syear', 'month', 'year'
-	if (empty($method) || $method == 3 || $method == 4)
-	{
-		if (preg_match('/^search_/', $paramname) || in_array($paramname, array('sortorder', 'sortfield')))
-		{
-			//var_dump($paramname.' - '.$out.' '.$user->default_values[$relativepathstring]['filters'][$paramname]);
-
-			// We save search key only if $out not empty that means:
-			// - posted value not empty, or
-			// - if posted value is empty and a default value exists that is not empty (it means we did a filter to an empty value when default was not).
-
-			if ($out != '')		// $out = '0' or 'abc', it is a search criteria to keep
-			{
-				$user->lastsearch_values_tmp[$relativepathstring][$paramname] = $out;
-			}
-		}
-	}
-
 	return $out;
 }
 
 
+
 if (!function_exists('dol_getprefix'))
 {
 	/**

+ 11 - 8
htdocs/opensurvey/results.php

@@ -58,7 +58,7 @@ if (GETPOST('retoursondage')) {
 $nbcolonnes = substr_count($object->sujet, ',') + 1;
 
 // Add vote
-if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x"))		// boutonp for chrom, boutonp.x for firefox
+if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x"))		// boutonp for chrome, boutonp.x for firefox
 {
 	if (GETPOST('nom'))
 	{
@@ -158,7 +158,7 @@ if (GETPOST("ajoutercolonne") && GETPOST('nouvellecolonne') && $object->format =
 
 	//on rajoute la valeur a la fin de tous les sujets deja entrés
 	$nouveauxsujets .= ',';
-	$nouveauxsujets .= str_replace(array(",", "@"), " ", $_POST["nouvellecolonne"]).(empty($_POST["typecolonne"]) ? '' : '@'.$_POST["typecolonne"]);
+	$nouveauxsujets .= str_replace(array(",", "@"), " ", GETPOST("nouvellecolonne")).(empty($_POST["typecolonne"]) ? '' : '@'.GETPOST("typecolonne"));
 
 	//mise a jour avec les nouveaux sujets dans la base
 	$sql = 'UPDATE '.MAIN_DB_PREFIX."opensurvey_sondage";
@@ -186,21 +186,21 @@ if (isset($_POST["ajoutercolonne"]) && $object->format == "D")
 
 		if (isset($_POST["nouvelleheuredebut"]) && $_POST["nouvelleheuredebut"] != "vide") {
 			$nouvelledate .= "@";
-			$nouvelledate .= $_POST["nouvelleheuredebut"];
+			$nouvelledate .= GETPOST("nouvelleheuredebut");
 			$nouvelledate .= "h";
 
 			if ($_POST["nouvelleminutedebut"] != "vide") {
-				$nouvelledate .= $_POST["nouvelleminutedebut"];
+				$nouvelledate .= GETPOST("nouvelleminutedebut");
 			}
 		}
 
 		if (isset($_POST["nouvelleheurefin"]) && $_POST["nouvelleheurefin"] != "vide") {
 			$nouvelledate .= "-";
-			$nouvelledate .= $_POST["nouvelleheurefin"];
+			$nouvelledate .= GETPOST("nouvelleheurefin");
 			$nouvelledate .= "h";
 
 			if ($_POST["nouvelleminutefin"] != "vide") {
-				$nouvelledate .= $_POST["nouvelleminutefin"];
+				$nouvelledate .= GETPOST("nouvelleminutefin");
 			}
 		}
 
@@ -451,7 +451,10 @@ print '</td></tr>';
 // Expire date
 print '<tr><td>'.$langs->trans('ExpireDate').'</td><td colspan="2">';
 if ($action == 'edit') print $form->selectDate($expiredate ? $expiredate : $object->date_fin, 'expire', 0, 0, 0, '', 1, 0);
-else print dol_print_date($object->date_fin, 'day');
+else {
+	print dol_print_date($object->date_fin, 'day');
+	if ($object->date_fin && $object->date_fin < dol_now() && $object->status == Opensurveysondage::STATUS_VALIDATED) print img_warning($langs->trans("Expired"));
+}
 print '</td></tr>';
 
 // Author
@@ -1015,7 +1018,7 @@ if ($nbofcheckbox >= 2)
 }
 
 // S'il a oublié de remplir un nom
-if (isset($_POST["boutonp"]) && $_POST["nom"] == "") {
+if (GETPOSTISSET("boutonp") && GETPOST("nom") == "") {
 	setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Name")), null, 'errors');
 }
 

+ 12 - 9
htdocs/opensurvey/wizard/choix_autre.php

@@ -36,14 +36,17 @@ if (!$user->rights->opensurvey->write) accessforbidden();
  * Action
  */
 
+$arrayofchoices = GETPOST('choix', 'array');
+$arrayoftypecolumn = GETPOST('typecolonne', 'array');
+
 // Set session vars
 if (isset($_SESSION["nbrecases"])) {
 	for ($i = 0; $i < $_SESSION["nbrecases"]; $i++) {
-		if (isset($_POST["choix"][$i])) {
-			$_SESSION["choix$i"] = $_POST["choix"][$i];
+		if (isset($arrayofchoices[$i])) {
+			$_SESSION["choix$i"] = $arrayofchoices[$i];
 		}
-		if (isset($_POST["typecolonne"][$i])) {
-			$_SESSION["typecolonne$i"] = $_POST["typecolonne"][$i];
+		if (isset($arrayoftypecolumn[$i])) {
+			$_SESSION["typecolonne$i"] = $arrayoftypecolumn[$i];
 		}
 	}
 } else { //nombre de cases par défaut
@@ -56,16 +59,16 @@ if (GETPOST("ajoutcases") || GETPOST("ajoutcases_x"))
 }
 
 // Create survey into database
-if (isset($_POST["confirmecreation"]))
+if (GETPOSTISSET("confirmecreation"))
 {
 	//recuperation des données de champs textes
 	$toutchoix = '';
 	for ($i = 0; $i < $_SESSION["nbrecases"] + 1; $i++)
 	{
-		if (!empty($_POST["choix"][$i]))
+		if (!empty($arrayofchoices[$i]))
 		{
 			$toutchoix .= ',';
-			$toutchoix .= str_replace(array(",", "@"), " ", $_POST["choix"][$i]).(empty($_POST["typecolonne"][$i]) ? '' : '@'.$_POST["typecolonne"][$i]);
+			$toutchoix .= str_replace(array(",", "@"), " ", $arrayofchoices[$i]).(empty($arrayoftypecolumn[$i]) ? '' : '@'.$arrayoftypecolumn[$i]);
 		}
 	}
 
@@ -76,7 +79,7 @@ if (isset($_POST["confirmecreation"]))
 	$testremplissage = '';
 	for ($i = 0; $i < $_SESSION["nbrecases"]; $i++)
 	{
-		if (isset($_POST["choix"][$i]))
+		if (isset($arrayofchoices[$i]))
 		{
 			$testremplissage = "ok";
 		}
@@ -94,7 +97,7 @@ if (isset($_POST["confirmecreation"]))
 	}
 }
 
-
+var_dump($_SESSION);exit;
 
 
 /*