* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/opensurvey/public/create_survey.php * \ingroup opensurvey * \brief Page to create a new survey */ define("NOLOGIN",1); // This means this output page does not require to be logged. define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require_once('../../main.inc.php'); require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php"); require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"); require_once(DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php"); $langs->load("opensurvey"); $origin=GETPOST('origin','alpha'); // On teste toutes les variables pour supprimer l'ensemble des warnings PHP // On transforme en entites html les données afin éviter les failles XSS $post_var = array('titre', 'nom', 'adresse', 'commentaires', 'canedit', 'mailsonde', 'creation_sondage_date', 'creation_sondage_date_x', 'creation_sondage_autre', 'creation_sondage_autre_x'); foreach ($post_var as $var) { $$var = GETPOST($var); } // On initialise egalement la session car sinon bonjour les warning :-) $session_var = array('titre', 'nom', 'adresse', 'commentaires', 'mailsonde', 'canedit'); foreach ($session_var as $var) { if (isset($_SESSION[$var])) $_SESSION[$var] = null; } // On initialise également les autres variables $erreur_adresse = false; $erreur_injection_titre = false; $erreur_injection_nom = false; $erreur_injection_commentaires = false; $cocheplus = ''; $cochemail = ''; // Jump to correct page if (GETPOST("creation_sondage_date") || GETPOST("creation_sondage_autre") || GETPOST("creation_sondage_date_x") || GETPOST("creation_sondage_autre_x")) { $_SESSION["titre"] = $titre; $_SESSION["nom"] = $nom; $_SESSION["adresse"] = $adresse; $_SESSION["commentaires"] = $commentaires; unset($_SESSION["canedit"]); $_SESSION["canedit"] = $canedit; unset($_SESSION["mailsonde"]); if ($mailsonde !== null) { $_SESSION["mailsonde"] = true; } else { $_SESSION["mailsonde"] = false; } if (! isValidEmail($adresse)) $erreur_adresse = true; //var_dump($titre.' - '.$nom.' - '.$adresse.' - '.!$erreur_adresse.' - '.! $erreur_injection_titre.' - '.! $erreur_injection_commentaires.' - '.! $erreur_injection_nom.' - '.$creation_sondage_date.' - '.$creation_sondage_autre); exit; if ($titre && $nom && $adresse && !$erreur_adresse && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom) { if (! empty($creation_sondage_date)) { header("Location: choix_date.php".($origin?'?origin='.$origin:'')); exit(); } if (! empty($creation_sondage_autre)) { header("Location: choix_autre.php".($origin?'?origin='.$origin:'')); exit(); } } } /* * View */ $arrayofjs=array(); $arrayofcss=array('/opensurvey/css/style.css'); llxHeaderSurvey($langs->trans("OpenSurvey"), "", 0, 0, $arrayofjs, $arrayofcss); print '

'. $langs->trans("CreatePoll").' (1 / 2)' .'

'."\n"; //debut du formulaire print '

'."\n"; print ''; print '

'."\n"; print '
'. $langs->trans("YouAreInPollCreateArea") .'

'."\n"; //Affichage des différents champs textes a remplir print ''."\n"; print ''."\n"; if (! $_SESSION["titre"] && (GETPOST('creation_sondage_date') || GETPOST('creation_sondage_autre') || GETPOST('creation_sondage_date_x') || GETPOST('creation_sondage_autre_x'))) { print ""."\n"; } print ''."\n"; print ''."\n"; print ''."\n"; print ''."\n"; if (! $_SESSION["nom"] && (GETPOST('creation_sondage_date') || GETPOST('creation_sondage_autre') || GETPOST('creation_sondage_date_x') || GETPOST('creation_sondage_autre_x'))) { print ""."\n"; } print ''."\n"; print ''."\n"; if (!$_SESSION["adresse"] && (GETPOST('creation_sondage_date') || GETPOST('creation_sondage_autre') || GETPOST('creation_sondage_date_x') || GETPOST('creation_sondage_autre_x'))) { print ""."\n"; } elseif ($erreur_adresse && (GETPOST('creation_sondage_date') || GETPOST('creation_sondage_autre') || GETPOST('creation_sondage_date_x') || GETPOST('creation_sondage_autre_x'))) { print ""."\n"; } print ''."\n"; print '

'. $langs->trans("PollTitle") .'		" . $langs->trans("FieldMandatory") . "
'. $langs->trans("Description") .'	'.$_SESSION["commentaires"].'
'. $langs->trans("OpenSurveyYourName") .'	'; print '	" . $langs->trans("FieldMandatory") . "
'. $langs->trans("OpenSurveyYourEMail") .'	'; print '	" .$langs->trans("FieldMandatory") . "	" . _("The address is not correct! (You should enter a valid email address in order to receive the link to your poll)") . "

'."\n"; //focus javascript sur le premier champ print ''."\n"; print '
'."\n"; // Check or not $cocheplus=''; if ($_SESSION["canedit"]) $cocheplus="checked"; print ' '. $langs->trans("VotersCanModify") .'
'."\n"; if ($_SESSION["mailsonde"]) $cochemail="checked"; print ' '. $langs->trans("ToReceiveEMailForEachVote") .'
'."\n"; if (GETPOST('choix_sondage')) { if (GETPOST('choix_sondage') == 'date') print ''; else print ''; print ''; print '
trans("TypeDate"):$langs->trans("TypeClassic")).')">'; } else { //affichage des boutons pour choisir sondage date ou autre print '
'."\n"; print ' '."\n"; print ''."\n"; print ' '."\n"; print ''."\n"; print '

'. _("Schedule an event") .'
'. _("Make a choice") .'

'."\n"; } print '

'."\n"; print '

'."\n"; print '

'."\n"; llxFooterSurvey(); $db->close(); ?>