Problèmes d'envois de commentaire de l'administrateur sur un sondage avec mot de passe.

f5e57943 · Antonin · df8bbf3f · f5e57943 · f5e57943
Commit f5e57943 authored 8 years ago by Antonin
--- a/action/add_comment.php
+++ b/action/add_comment.php
@@ -34,6 +34,7 @@ $poll = null;
 $message = null;
 $result = false;
 $comments = array();
+$is_admin = false;

 /* Services */
 /*----------*/
@@ -53,9 +54,16 @@ if (!empty($_POST['poll'])) {
    $poll = $pollService->findById($poll_id);
 }

+if (!empty($_POST['poll_admin'])) {
+    $admin_poll_id = filter_input(INPUT_POST, 'poll_admin', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
+    if (strlen($admin_poll_id) === 24) {
+        $is_admin = ($pollService->findByAdminId($admin_poll_id) != null);
+    }
+}
+
 if (!$poll) {
    $message = new Message('error',  __('Error', 'This poll doesn\'t exist !'));
-} else if ($poll && !$securityService->canAccessPoll($poll)) {
+} else if ($poll && !$securityService->canAccessPoll($poll) && !$is_admin) {
    $message = new Message('error',  __('Password', 'Wrong password'));
 } else {
    $name = $inputService->filterName($_POST['name']);

--- a/tpl/part/comments.tpl
+++ b/tpl/part/comments.tpl
@@ -8,6 +8,9 @@
    <form action="{'action/add_comment.php'|resource}" method="POST" id="comment_form">

        <input type="hidden" name="poll" value="{$poll_id}"/>
+        {if !empty($admin_poll_id)}
+            <input type="hidden" name="poll_admin" value="{$admin_poll_id}"/>
+        {/if}
        <div class="hidden-print jumbotron">
            <div class="col-md-6 col-md-offset-3">
                <fieldset id="add-comment"><legend>{__('Comments', 'Add a comment to the poll')}</legend>