1
|
|
|
<?php |
2
|
|
|
namespace Elgg\Forms; |
3
|
|
|
|
4
|
|
|
/** |
5
|
|
|
* WARNING: API IN FLUX. DO NOT USE DIRECTLY. |
6
|
|
|
* |
7
|
|
|
* @package Elgg.Core |
8
|
|
|
* @subpackage Forms |
9
|
|
|
* @since 1.10.0 |
10
|
|
|
* |
11
|
|
|
* @access private |
12
|
|
|
*/ |
13
|
|
|
class StickyForms { |
14
|
|
|
|
15
|
|
|
/** |
16
|
|
|
* Save form submission data (all GET and POST vars) into a session cache |
17
|
|
|
* |
18
|
|
|
* Call this from an action when you want all your submitted variables |
19
|
|
|
* available if the submission fails validation and is sent back to the form |
20
|
|
|
* |
21
|
|
|
* @param string $form_name Name of the sticky form |
22
|
|
|
* |
23
|
|
|
* @return void |
24
|
|
|
*/ |
25
|
6 |
|
public function makeStickyForm($form_name) { |
26
|
6 |
|
$this->clearStickyForm($form_name); |
27
|
|
|
|
28
|
6 |
|
$banned_keys = []; |
29
|
|
|
// TODO make $banned_keys an argument |
30
|
6 |
|
if (in_array($form_name, ['register', 'useradd', 'usersettings'])) { |
31
|
|
|
$banned_keys = ['password', 'password2']; |
32
|
|
|
} |
33
|
|
|
|
34
|
6 |
|
$session = _elgg_services()->session; |
35
|
6 |
|
$data = $session->get('sticky_forms', []); |
36
|
6 |
|
$req = _elgg_services()->request; |
37
|
|
|
|
38
|
|
|
// will go through XSS filtering in elgg_get_sticky_value() |
39
|
6 |
|
$vars = array_merge($req->query->all(), $req->request->all()); |
40
|
6 |
|
foreach ($banned_keys as $key) { |
41
|
|
|
unset($vars[$key]); |
42
|
|
|
} |
43
|
6 |
|
$data[$form_name] = $vars; |
44
|
|
|
|
45
|
6 |
|
$session->set('sticky_forms', $data); |
46
|
6 |
|
} |
47
|
|
|
|
48
|
|
|
/** |
49
|
|
|
* Remove form submission data from the session |
50
|
|
|
* |
51
|
|
|
* Call this if validation is successful in the action handler or |
52
|
|
|
* when they sticky values have been used to repopulate the form |
53
|
|
|
* after a validation error. |
54
|
|
|
* |
55
|
|
|
* @param string $form_name Form namespace |
56
|
|
|
* |
57
|
|
|
* @return void |
58
|
|
|
*/ |
59
|
6 |
|
function clearStickyForm($form_name) { |
|
|
|
|
60
|
6 |
|
$session = _elgg_services()->session; |
61
|
6 |
|
$data = $session->get('sticky_forms', []); |
62
|
6 |
|
unset($data[$form_name]); |
63
|
6 |
|
$session->set('sticky_forms', $data); |
64
|
6 |
|
} |
65
|
|
|
|
66
|
|
|
/** |
67
|
|
|
* Does form submission data exist for this form? |
68
|
|
|
* |
69
|
|
|
* @param string $form_name Form namespace |
70
|
|
|
* |
71
|
|
|
* @return boolean |
72
|
|
|
*/ |
73
|
|
|
function isStickyForm($form_name) { |
|
|
|
|
74
|
|
|
$session = _elgg_services()->session; |
75
|
|
|
$data = $session->get('sticky_forms', []); |
76
|
|
|
return isset($data[$form_name]); |
77
|
|
|
} |
78
|
|
|
|
79
|
|
|
/** |
80
|
|
|
* Get a specific value from cached form submission data |
81
|
|
|
* |
82
|
|
|
* @param string $form_name The name of the form |
83
|
|
|
* @param string $variable The name of the variable |
84
|
|
|
* @param mixed $default Default value if the variable does not exist in sticky cache |
85
|
|
|
* @param boolean $filter_result Filter for bad input if true |
86
|
|
|
* |
87
|
|
|
* @return mixed |
88
|
|
|
* |
89
|
|
|
* @todo should this filter the default value? |
90
|
|
|
*/ |
91
|
|
|
function getStickyValue($form_name, $variable = '', $default = null, $filter_result = true) { |
|
|
|
|
92
|
|
|
$session = _elgg_services()->session; |
93
|
|
|
$data = $session->get('sticky_forms', []); |
94
|
|
|
if (isset($data[$form_name][$variable])) { |
95
|
|
|
$value = $data[$form_name][$variable]; |
96
|
|
|
if ($filter_result) { |
97
|
|
|
// XSS filter result |
98
|
|
|
$value = filter_tags($value); |
99
|
|
|
} |
100
|
|
|
return $value; |
101
|
|
|
} |
102
|
|
|
return $default; |
103
|
|
|
} |
104
|
|
|
|
105
|
|
|
/** |
106
|
|
|
* Get all submission data cached for a form |
107
|
|
|
* |
108
|
|
|
* @param string $form_name The name of the form |
109
|
|
|
* @param bool $filter_result Filter for bad input if true |
110
|
|
|
* |
111
|
|
|
* @return array |
112
|
|
|
*/ |
113
|
|
|
function getStickyValues($form_name, $filter_result = true) { |
|
|
|
|
114
|
|
|
$session = _elgg_services()->session; |
115
|
|
|
$data = $session->get('sticky_forms', []); |
116
|
|
|
if (!isset($data[$form_name])) { |
117
|
|
|
return []; |
118
|
|
|
} |
119
|
|
|
|
120
|
|
|
$values = $data[$form_name]; |
121
|
|
|
if ($filter_result) { |
122
|
|
|
foreach ($values as $key => $value) { |
123
|
|
|
// XSS filter result |
124
|
|
|
$values[$key] = filter_tags($value); |
125
|
|
|
} |
126
|
|
|
} |
127
|
|
|
return $values; |
128
|
|
|
} |
129
|
|
|
|
130
|
|
|
/** |
131
|
|
|
* Remove one value of form submission data from the session |
132
|
|
|
* |
133
|
|
|
* @param string $form_name The name of the form |
134
|
|
|
* @param string $variable The name of the variable to clear |
135
|
|
|
* |
136
|
|
|
* @return void |
137
|
|
|
*/ |
138
|
|
|
function clearStickyValue($form_name, $variable) { |
|
|
|
|
139
|
|
|
$session = _elgg_services()->session; |
140
|
|
|
$data = $session->get('sticky_forms', []); |
141
|
|
|
unset($data[$form_name][$variable]); |
142
|
|
|
$session->set('sticky_forms', $data); |
143
|
|
|
} |
144
|
|
|
} |
145
|
|
|
|
Adding explicit visibility (
private
,protected
, orpublic
) is generally recommend to communicate to other developers how, and from where this method is intended to be used.