Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

engine/classes/Elgg/Forms/StickyForms.php (5 issues)

1
<?php
2
namespace Elgg\Forms;
3
4
/**
5
 * WARNING: API IN FLUX. DO NOT USE DIRECTLY.
6
 *
7
 * @package    Elgg.Core
8
 * @subpackage Forms
9
 * @since      1.10.0
10
 *
11
 * @access private
12
 */
13
class StickyForms {
14
	
15
	/**
16
	 * Save form submission data (all GET and POST vars) into a session cache
17
	 *
18
	 * Call this from an action when you want all your submitted variables
19
	 * available if the submission fails validation and is sent back to the form
20
	 *
21
	 * @param string $form_name Name of the sticky form
22
	 *
23
	 * @return void
24
	 */
25 6
	public function makeStickyForm($form_name) {
26 6
		$this->clearStickyForm($form_name);
27
28 6
		$banned_keys = [];
29
		// TODO make $banned_keys an argument
30 6
		if (in_array($form_name, ['register', 'useradd', 'usersettings'])) {
31
			$banned_keys = ['password', 'password2'];
32
		}
33
34 6
		$session = _elgg_services()->session;
35 6
		$data = $session->get('sticky_forms', []);
36 6
		$req = _elgg_services()->request;
37
	
38
		// will go through XSS filtering in elgg_get_sticky_value()
39 6
		$vars = array_merge($req->query->all(), $req->request->all());
40 6
		foreach ($banned_keys as $key) {
41
			unset($vars[$key]);
42
		}
43 6
		$data[$form_name] = $vars;
44
	
45 6
		$session->set('sticky_forms', $data);
46 6
	}
47
	
48
	/**
49
	 * Remove form submission data from the session
50
	 *
51
	 * Call this if validation is successful in the action handler or
52
	 * when they sticky values have been used to repopulate the form
53
	 * after a validation error.
54
	 *
55
	 * @param string $form_name Form namespace
56
	 *
57
	 * @return void
58
	 */
59 6
	function clearStickyForm($form_name) {
0 ignored issues
show
It is generally recommended to explicitly declare the visibility for methods.

Adding explicit visibility (private, protected, or public) is generally recommend to communicate to other developers how, and from where this method is intended to be used.

Loading history...
60 6
		$session = _elgg_services()->session;
61 6
		$data = $session->get('sticky_forms', []);
62 6
		unset($data[$form_name]);
63 6
		$session->set('sticky_forms', $data);
64 6
	}
65
	
66
	/**
67
	 * Does form submission data exist for this form?
68
	 *
69
	 * @param string $form_name Form namespace
70
	 *
71
	 * @return boolean
72
	 */
73
	function isStickyForm($form_name) {
0 ignored issues
show
It is generally recommended to explicitly declare the visibility for methods.

Adding explicit visibility (private, protected, or public) is generally recommend to communicate to other developers how, and from where this method is intended to be used.

Loading history...
74
		$session = _elgg_services()->session;
75
		$data = $session->get('sticky_forms', []);
76
		return isset($data[$form_name]);
77
	}
78
	
79
	/**
80
	 * Get a specific value from cached form submission data
81
	 *
82
	 * @param string  $form_name     The name of the form
83
	 * @param string  $variable      The name of the variable
84
	 * @param mixed   $default       Default value if the variable does not exist in sticky cache
85
	 * @param boolean $filter_result Filter for bad input if true
86
	 *
87
	 * @return mixed
88
	 *
89
	 * @todo should this filter the default value?
90
	 */
91
	function getStickyValue($form_name, $variable = '', $default = null, $filter_result = true) {
0 ignored issues
show
It is generally recommended to explicitly declare the visibility for methods.

Adding explicit visibility (private, protected, or public) is generally recommend to communicate to other developers how, and from where this method is intended to be used.

Loading history...
92
		$session = _elgg_services()->session;
93
		$data = $session->get('sticky_forms', []);
94
		if (isset($data[$form_name][$variable])) {
95
			$value = $data[$form_name][$variable];
96
			if ($filter_result) {
97
				// XSS filter result
98
				$value = filter_tags($value);
99
			}
100
			return $value;
101
		}
102
		return $default;
103
	}
104
	
105
	/**
106
	 * Get all submission data cached for a form
107
	 *
108
	 * @param string $form_name     The name of the form
109
	 * @param bool   $filter_result Filter for bad input if true
110
	 *
111
	 * @return array
112
	 */
113
	function getStickyValues($form_name, $filter_result = true) {
0 ignored issues
show
It is generally recommended to explicitly declare the visibility for methods.

Adding explicit visibility (private, protected, or public) is generally recommend to communicate to other developers how, and from where this method is intended to be used.

Loading history...
114
		$session = _elgg_services()->session;
115
		$data = $session->get('sticky_forms', []);
116
		if (!isset($data[$form_name])) {
117
			return [];
118
		}
119
	
120
		$values = $data[$form_name];
121
		if ($filter_result) {
122
			foreach ($values as $key => $value) {
123
				// XSS filter result
124
				$values[$key] = filter_tags($value);
125
			}
126
		}
127
		return $values;
128
	}
129
	
130
	/**
131
	 * Remove one value of form submission data from the session
132
	 *
133
	 * @param string $form_name The name of the form
134
	 * @param string $variable  The name of the variable to clear
135
	 *
136
	 * @return void
137
	 */
138
	function clearStickyValue($form_name, $variable) {
0 ignored issues
show
It is generally recommended to explicitly declare the visibility for methods.

Adding explicit visibility (private, protected, or public) is generally recommend to communicate to other developers how, and from where this method is intended to be used.

Loading history...
139
		$session = _elgg_services()->session;
140
		$data = $session->get('sticky_forms', []);
141
		unset($data[$form_name][$variable]);
142
		$session->set('sticky_forms', $data);
143
	}
144
}
145