From 86a89abf4297fedac031d25fa52322d1446807c0 Mon Sep 17 00:00:00 2001
From: Antonin <zepcome@gmail.com>
Date: Thu, 2 Apr 2015 11:58:47 +0200
Subject: [PATCH] Added unique id to vote.
---
admin/migration.php | 4 +-
app/classes/Framadate/FramaDB.php | 7 +-
.../AddColumn_uniqId_In_vote_For_0_9.php | 79 +++++++++++++++++++
.../Framadate/Services/PollService.php | 18 ++---
app/inc/constants.php | 2 +-
5 files changed, 93 insertions(+), 17 deletions(-)
create mode 100644 app/classes/Framadate/Migration/AddColumn_uniqId_In_vote_For_0_9.php
diff --git a/admin/migration.php b/admin/migration.php
index 1551e9df..f60d9ceb 100644
--- a/admin/migration.php
+++ b/admin/migration.php
@@ -20,6 +20,7 @@
use Framadate\Migration\From_0_0_to_0_8_Migration;
use Framadate\Migration\From_0_8_to_0_9_Migration;
use Framadate\Migration\AddColumn_receiveNewComments_For_0_9;
+use Framadate\Migration\AddColumn_uniqId_In_vote_For_0_9;
use Framadate\Migration\Migration;
use Framadate\Utils;
@@ -31,7 +32,8 @@ set_time_limit(300);
$migrations = [
new From_0_0_to_0_8_Migration(),
new From_0_8_to_0_9_Migration(),
- new AddColumn_receiveNewComments_For_0_9()
+ new AddColumn_receiveNewComments_For_0_9(),
+ new AddColumn_uniqId_In_vote_For_0_9()
];
// ---------------------------------------
diff --git a/app/classes/Framadate/FramaDB.php b/app/classes/Framadate/FramaDB.php
index d9743be4..ba1b2500 100644
--- a/app/classes/Framadate/FramaDB.php
+++ b/app/classes/Framadate/FramaDB.php
@@ -122,15 +122,16 @@ class FramaDB {
return $prepared->execute([$insert_position, $insert_position + 1, $poll_id]);
}
- function insertVote($poll_id, $name, $choices) {
- $prepared = $this->prepare('INSERT INTO `' . Utils::table('vote') . '` (poll_id, name, choices) VALUES (?,?,?)');
- $prepared->execute([$poll_id, $name, $choices]);
+ function insertVote($poll_id, $name, $choices, $token) {
+ $prepared = $this->prepare('INSERT INTO `' . Utils::table('vote') . '` (poll_id, name, choices, uniqId) VALUES (?,?,?,?)');
+ $prepared->execute([$poll_id, $name, $choices, $token]);
$newVote = new \stdClass();
$newVote->poll_id = $poll_id;
$newVote->id = $this->pdo->lastInsertId();
$newVote->name = $name;
$newVote->choices = $choices;
+ $newVote->token = $token;
return $newVote;
}
diff --git a/app/classes/Framadate/Migration/AddColumn_uniqId_In_vote_For_0_9.php b/app/classes/Framadate/Migration/AddColumn_uniqId_In_vote_For_0_9.php
new file mode 100644
index 00000000..9f50e4a4
--- /dev/null
+++ b/app/classes/Framadate/Migration/AddColumn_uniqId_In_vote_For_0_9.php
@@ -0,0 +1,79 @@
+<?php
+/**
+ * This software is governed by the CeCILL-B license. If a copy of this license
+ * is not distributed with this file, you can obtain one at
+ * http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
+ *
+ * Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
+ * Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
+ *
+ * =============================
+ *
+ * Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
+ * ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
+ * http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
+ *
+ * Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
+ * Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
+ */
+namespace Framadate\Migration;
+
+use Framadate\Utils;
+
+/**
+ * This migration adds the field uniqId on the vote table.
+ *
+ * @package Framadate\Migration
+ * @version 0.9
+ */
+class AddColumn_uniqId_In_vote_For_0_9 implements Migration {
+
+ function __construct() {
+ }
+
+ /**
+ * This method should describe in english what is the purpose of the migration class.
+ *
+ * @return string The description of the migration class
+ */
+ function description() {
+ return "Add column \"uniqId\" in table \"vote\" for version 0.9";
+ }
+
+ /**
+ * This method could check if the execute method should be called.
+ * It is called before the execute method.
+ *
+ * @param \PDO $pdo The connection to database
+ * @return bool true is the Migration should be executed.
+ */
+ function preCondition(\PDO $pdo) {
+ $stmt = $pdo->query('SHOW TABLES');
+ $tables = $stmt->fetchAll(\PDO::FETCH_COLUMN);
+
+ // Check if tables of v0.9 are presents
+ $diff = array_diff([Utils::table('poll'), Utils::table('slot'), Utils::table('vote'), Utils::table('comment')], $tables);
+ return count($diff) === 0;
+ }
+
+ /**
+ * This methode is called only one time in the migration page.
+ *
+ * @param \PDO $pdo The connection to database
+ * @return bool true is the execution succeeded
+ */
+ function execute(\PDO $pdo) {
+ $this->alterPollTable($pdo);
+
+ return true;
+ }
+
+ private function alterPollTable(\PDO $pdo) {
+ $pdo->exec('
+ ALTER TABLE `' . Utils::table('vote') . '`
+ ADD `uniqId` CHAR(16) NOT NULL
+ AFTER `id`,
+ ADD INDEX (`uniqId`) ;');
+ }
+
+}
diff --git a/app/classes/Framadate/Services/PollService.php b/app/classes/Framadate/Services/PollService.php
index cf327131..0fd397fa 100644
--- a/app/classes/Framadate/Services/PollService.php
+++ b/app/classes/Framadate/Services/PollService.php
@@ -21,6 +21,7 @@ namespace Framadate\Services;
use Framadate\Form;
use Framadate\FramaDB;
use Framadate\Utils;
+use Framadate\Security\Token;
class PollService {
@@ -66,8 +67,8 @@ class PollService {
function addVote($poll_id, $name, $choices) {
$choices = implode($choices);
-
- return $this->connect->insertVote($poll_id, $name, $choices);
+ $token = $this->random(16);
+ return $this->connect->insertVote($poll_id, $name, $choices, $token);
}
function addComment($poll_id, $name, $comment) {
@@ -176,15 +177,8 @@ class PollService {
return [$poll_id, $admin_poll_id];
}
- private function random($car) {
- // TODO Better random ?
- $string = '';
- $chaine = 'abcdefghijklmnopqrstuvwxyz123456789';
- mt_srand();
- for ($i = 0; $i < $car; $i++) {
- $string .= $chaine[mt_rand() % strlen($chaine)];
- }
-
- return $string;
+ private function random($length) {
+ return Token::getToken($length);
}
+
}
diff --git a/app/inc/constants.php b/app/inc/constants.php
index 60bab3c3..fb5b618d 100644
--- a/app/inc/constants.php
+++ b/app/inc/constants.php
@@ -21,7 +21,7 @@
const VERSION = '0.9';
// Regex
-const POLL_REGEX = '/^[a-z0-9]+$/';
+const POLL_REGEX = '/^[a-zA-Z0-9]+$/';
const CHOICE_REGEX = '/^[012]$/';
const NAME_REGEX = '/^[áà âäãåçéèêëÃìîïñóòôöõúùûüýÿæœa-z0-9_ -]+$/i';
const BOOLEAN_REGEX = '/^(on|off|true|false|1|0)$/';
--
GitLab