From 96c28738c44487660520c67cc48649baeb0a3f21 Mon Sep 17 00:00:00 2001
From: Olivier PEREZ <olivier@olivierperez.fr>
Date: Tue, 26 Apr 2016 23:16:08 +0200
Subject: [PATCH] PHP: Check if there are at most MAX_SLOTS_PER_POLL dates
before create a poll
---
app/inc/config.template.php | 3 +++
create_date_poll.php | 14 ++++++++++++++
locale/de.json | 3 ++-
locale/en.json | 3 ++-
locale/es.json | 3 ++-
locale/fr.json | 3 ++-
locale/it.json | 3 ++-
locale/oc.json | 3 ++-
tpl/create_date_poll_step_2.tpl | 6 ++++++
9 files changed, 35 insertions(+), 6 deletions(-)
diff --git a/app/inc/config.template.php b/app/inc/config.template.php
index 826c67ab..2b60ade8 100644
--- a/app/inc/config.template.php
+++ b/app/inc/config.template.php
@@ -74,6 +74,9 @@ const LOG_FILE = 'admin/stdout.log';
// Days (after expiration date) before purge a poll
const PURGE_DELAY = 60;
+// Max slots per poll
+const MAX_SLOTS_PER_POLL = 366;
+
// Config
$config = [
/* general config */
diff --git a/create_date_poll.php b/create_date_poll.php
index 14c6bdb0..71ab2d4a 100644
--- a/create_date_poll.php
+++ b/create_date_poll.php
@@ -124,6 +124,19 @@ if (!isset($_SESSION['form']->title) || !isset($_SESSION['form']->admin_name) ||
} else {
if (!empty($_POST['days'])) {
+ // Remove empty dates
+ $_POST['days'] = array_filter($_POST['days'], function($d) {return !empty($d);});
+
+ // Check if there are at most MAX_SLOTS_PER_POLL slots
+ if (count($_POST['days']) > MAX_SLOTS_PER_POLL) {
+ // Display step 2
+ $smarty->assign('title', __('Step 2 date', 'Poll dates (2 on 3)'));
+ $smarty->assign('choices', $_SESSION['form']->getChoices());
+ $smarty->assign('error', __f('Error', 'You can\'t select more than %d dates', MAX_SLOTS_PER_POLL));
+
+ $smarty->display('create_date_poll_step_2.tpl');
+ exit;
+ }
// Clear previous choices
$_SESSION['form']->clearChoices();
@@ -236,6 +249,7 @@ if (!isset($_SESSION['form']->title) || !isset($_SESSION['form']->admin_name) ||
// Display step 2
$smarty->assign('title', __('Step 2 date', 'Poll dates (2 on 3)'));
$smarty->assign('choices', $_SESSION['form']->getChoices());
+ $smarty->assign('error', null);
$smarty->display('create_date_poll_step_2.tpl');
diff --git a/locale/de.json b/locale/de.json
index e4b15fab..639b7c3b 100644
--- a/locale/de.json
+++ b/locale/de.json
@@ -368,6 +368,7 @@
"CANT_CONNECT_TO_DATABASE": "Kann nicht mit der Datenbank verbinden",
"Password is empty": "DE_Le mot de passe est vide.",
"Passwords do not match": "DE_Les mot de passes ne correspondent pas.",
- "Poll id already used": "DE_L'identifiant est déjà utilisé"
+ "Poll id already used": "DE_L'identifiant est déjà utilisé",
+ "You can't select more than %d dates": "DE_Vous ne pouvez pas choisir plus de %d dates"
}
}
diff --git a/locale/en.json b/locale/en.json
index 1e17ad72..657cf8a2 100644
--- a/locale/en.json
+++ b/locale/en.json
@@ -368,6 +368,7 @@
"CANT_CONNECT_TO_DATABASE": "Unable to connect to database",
"Password is empty": "Password is empty.",
"Passwords do not match": "Passwords do not match.",
- "Poll id already used": "Identifier is already used"
+ "Poll id already used": "Identifier is already used",
+ "You can't select more than %d dates": "You can't select more than %d dates"
}
}
\ No newline at end of file
diff --git a/locale/es.json b/locale/es.json
index d5752f50..41f9fe92 100644
--- a/locale/es.json
+++ b/locale/es.json
@@ -368,6 +368,7 @@
"CANT_CONNECT_TO_DATABASE": "No se puede conectar a la base de datos",
"Password is empty": "ES_Le mot de passe est vide.",
"Passwords do not match": "ES_Les mot de passes ne correspondent pas.",
- "Poll id already used": "ES_L'identifiant est déjà utilisé"
+ "Poll id already used": "ES_L'identifiant est déjà utilisé",
+ "You can't select more than %d dates": "ES_Vous ne pouvez pas choisir plus de %d dates"
}
}
diff --git a/locale/fr.json b/locale/fr.json
index 8fa0d82d..231de104 100644
--- a/locale/fr.json
+++ b/locale/fr.json
@@ -382,6 +382,7 @@
"CANT_CONNECT_TO_DATABASE": "Impossible de se connecter à la base de données",
"Password is empty": "Le mot de passe est vide.",
"Passwords do not match": "Les mots de passe ne correspondent pas.",
- "Poll id already used": "L'identifiant est déjà utilisé"
+ "Poll id already used": "L'identifiant est déjà utilisé",
+ "You can't select more than %d dates": "Vous ne pouvez pas choisir plus de %d dates"
}
}
\ No newline at end of file
diff --git a/locale/it.json b/locale/it.json
index 94b98dc8..3ec4d9a4 100644
--- a/locale/it.json
+++ b/locale/it.json
@@ -366,6 +366,7 @@
"The column already exists": "IT_La colonne existe déjà ",
"MISSING_VALUES": "Valori mancanti",
"CANT_CONNECT_TO_DATABASE": "Impossibile connettersi al database",
- "Poll id already used": "IT_L'identifiant est déjà utilisé"
+ "Poll id already used": "IT_L'identifiant est déjà utilisé",
+ "You can't select more than %d dates": "IT_Vous ne pouvez pas choisir plus de %d dates"
}
}
diff --git a/locale/oc.json b/locale/oc.json
index 7fb20541..cb3d208d 100644
--- a/locale/oc.json
+++ b/locale/oc.json
@@ -364,6 +364,7 @@
"Failed to delete column": "Fracàs de la supression de colomna",
"The column already exists": "La colomna existÃs ja",
"MISSING_VALUES": "Mancan de valors",
- "CANT_CONNECT_TO_DATABASE": "Impossible de se connectar a la banca de donadas"
+ "CANT_CONNECT_TO_DATABASE": "Impossible de se connectar a la banca de donadas",
+ "You can't select more than %d dates": "OC_Vous ne pouvez pas choisir plus de %d dates"
}
}
\ No newline at end of file
diff --git a/tpl/create_date_poll_step_2.tpl b/tpl/create_date_poll_step_2.tpl
index 12c68467..43c9c893 100644
--- a/tpl/create_date_poll_step_2.tpl
+++ b/tpl/create_date_poll_step_2.tpl
@@ -17,6 +17,12 @@
<div class="col-md-10 col-md-offset-1">
<h3>{__('Step 2 date', 'Choose the dates of your poll')}</h3>
+ {if $error != null}
+ <div class="alert alert-danger">
+ <p>{$error}</p>
+ </div>
+ {/if}
+
<div class="alert alert-info">
<p>{__('Step 2 date', 'To schedule an event you need to propose at least two choices (two hours for one day or two days).')}</p>
--
GitLab