fix(form): error message when anonymous form submitted

refactor of the whole file, was too messy Signed-off-by: Thierry Bugier <tbugier@teclib.com>
pluginsGLPI · Feb 3, 2021 · a9dd24b · a9dd24b
1 parent 1689ecb
commit a9dd24b
Showing 1 changed file with 51 additions and 52 deletions.
diff --git a/front/formdisplay.php b/front/formdisplay.php
@@ -33,71 +33,70 @@
 include ('../../../inc/includes.php');
 
 // Check if plugin is activated...
-$plugin = new Plugin();
-
-if (!$plugin->isActivated('formcreator')) {
+if (!(new Plugin())->isActivated('formcreator')) {
    Html::displayNotFoundError();
 }
 
 PluginFormcreatorForm::header();
 
-if (!isset($_REQUEST['id'])
-   || !is_numeric($_REQUEST['id'])) {
-   $message = __("The form has been successfully saved!");
-   Html::displayTitle($CFG_GLPI['root_doc']."/pics/ok.png", $message, $message);
-}
+if (isset($_REQUEST['id'])
+   && is_numeric($_REQUEST['id'])) {
 
-$criteria = [
-   'id'        => (int) $_REQUEST['id'],
-   'is_active' => '1',
-   'is_deleted'=> '0',
-];
-$form = new PluginFormcreatorForm();
-if (!$form->getFromDBByCrit($criteria)) {
-   Html::displayNotFoundError();
-}
+   $criteria = [
+      'id'        => (int) $_REQUEST['id'],
+      'is_active' => '1',
+      'is_deleted'=> '0',
+   ];
+   $form = new PluginFormcreatorForm();
+   if (!$form->getFromDBByCrit($criteria)) {
+      Html::displayNotFoundError();
+   }
 
-if ($form->fields['access_rights'] != PluginFormcreatorForm::ACCESS_PUBLIC) {
-   Session::checkLoginUser();
-   if (!$form->checkEntity(true)) {
-      Html::displayRightError();
-      exit();
+   if ($form->fields['access_rights'] != PluginFormcreatorForm::ACCESS_PUBLIC) {
+      Session::checkLoginUser();
+      if (!$form->checkEntity(true)) {
+         Html::displayRightError();
+         exit();
+      }
    }
-}
 
-if ($form->fields['access_rights'] == PluginFormcreatorForm::ACCESS_RESTRICTED) {
-   $iterator = $DB->request(PluginFormcreatorForm_Profile::getTable(), [
-      'WHERE' => [
-         'profiles_id'                 => $_SESSION['glpiactiveprofile']['id'],
-         'plugin_formcreator_forms_id' => $form->getID()
-      ],
-      'LIMIT' => 1
-   ]);
-   if (count($iterator) == 0) {
-      Html::displayRightError();
-      exit();
+   if ($form->fields['access_rights'] == PluginFormcreatorForm::ACCESS_RESTRICTED) {
+      $iterator = $DB->request(PluginFormcreatorForm_Profile::getTable(), [
+         'WHERE' => [
+            'profiles_id'                 => $_SESSION['glpiactiveprofile']['id'],
+            'plugin_formcreator_forms_id' => $form->getID()
+         ],
+         'LIMIT' => 1
+      ]);
+      if (count($iterator) == 0) {
+         Html::displayRightError();
+         exit();
+      }
    }
-}
-if (($form->fields['access_rights'] == PluginFormcreatorForm::ACCESS_PUBLIC) && (!isset($_SESSION['glpiID']))) {
-   // If user is not authenticated, create temporary user
-   if (!isset($_SESSION['glpiname'])) {
-      $_SESSION['formcreator_forms_id'] = $form->getID();
-      $_SESSION['glpiname'] = 'formcreator_temp_user';
-      $_SESSION['valid_id'] = session_id();
-      $_SESSION['glpiactiveentities'] = [$form->fields['entities_id']];
-      $subentities = getSonsOf('glpi_entities', $form->fields['entities_id']);
-      $_SESSION['glpiactiveentities_string'] = (!empty($subentities))
-                                             ? "'" . implode("', '", $subentities) . "'"
-                                             : "'" . $form->fields['entities_id'] . "'";
+   if (($form->fields['access_rights'] == PluginFormcreatorForm::ACCESS_PUBLIC) && (!isset($_SESSION['glpiID']))) {
+      // If user is not authenticated, create temporary user
+      if (!isset($_SESSION['glpiname'])) {
+         $_SESSION['formcreator_forms_id'] = $form->getID();
+         $_SESSION['glpiname'] = 'formcreator_temp_user';
+         $_SESSION['valid_id'] = session_id();
+         $_SESSION['glpiactiveentities'] = [$form->fields['entities_id']];
+         $subentities = getSonsOf('glpi_entities', $form->fields['entities_id']);
+         $_SESSION['glpiactiveentities_string'] = (!empty($subentities))
+                                                ? "'" . implode("', '", $subentities) . "'"
+                                                : "'" . $form->fields['entities_id'] . "'";
+      }
    }
-}
 
-$form->displayUserForm();
+   $form->displayUserForm();
 
-// If user was not authenticated, remove temporary user
-if ($_SESSION['glpiname'] == 'formcreator_temp_user') {
-   session_write_close();
-   unset($_SESSION['glpiname']);
+   // If user was not authenticated, remove temporary user
+   if ($_SESSION['glpiname'] == 'formcreator_temp_user') {
+      session_write_close();
+      unset($_SESSION['glpiname']);
+   }
+} else if (isset($_GET['answer_saved'])) {
+   $message = __("The form has been successfully saved!");
+   Html::displayTitle($CFG_GLPI['root_doc']."/pics/ok.png", $message, $message);
 }
 
 PluginFormcreatorForm::footer();