Issues in legal_add.php - All Issues - Inspection of "Internal - Format code, fix set user id" - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( c9546d...95f607 )

by Julito

created 2020-09-28 09:12 UTC

public/main/admin/legal_add.php (1 issue)

Labels

Severity

Minor 1

<?php
/* For licensing terms, see /license.txt */

/**
 * Management of legal conditions.
 */
$cidReset = true;
require_once __DIR__.'/../inc/global.inc.php';
$this_section = SECTION_PLATFORM_ADMIN;

api_protect_admin_script();

if ('true' !== api_get_setting('allow_terms_conditions')) {
    api_not_allowed(true);
}

// Create the form
$form = new FormValidator('addlegal');

$defaults = [];
$term_preview = [
    'type' => 0,
    'content' => '',
    'changes' => '',
];

$extraField = new ExtraField('terms_and_condition');

$types = LegalManager::getTreatmentTypeList();

foreach ($types as $variable => $name) {
    $label = 'PersonalData'.ucfirst($name).'Title';
    $params = [
        'variable' => $variable,
        'display_text' => $label,
        'field_type' => ExtraField::FIELD_TYPE_TEXTAREA,
        'default_value' => '',
        'visible' => true,
        'changeable' => true,
        'filter' => true,
        'visible_to_self' => true,
        'visible_to_others' => true,
    ];
    $extraField->save($params);
}

if ($form->validate()) {
    $check = Security::check_token('post');
    if ($check) {
        $values = $form->getSubmitValues();
        $lang = $values['language'];
        // language id
        $lang = api_get_language_id($lang);
        $type = 0;
        if (isset($values['type'])) {
            $type = $values['type'];
        }
        $content = '';
        if (isset($values['content'])) {
            $content = $values['content'];
        }
        $changes = '';
        if (isset($values['changes'])) {
            $changes = $values['changes'];
        }

        $submit = $values['send'];

        $default['content'] = $content;
        if (isset($values['language'])) {
            if ('back' == $submit) {
                header('Location: legal_add.php');
                exit;
            } elseif ('save' === $submit) {
                $id = LegalManager::add($lang, $content, $type, $changes, $values);
                if (!empty($id)) {
                    Display::addFlash(Display::return_message(get_lang('Term and condition saved'), 'success'));
                } else {
                    Display::addFlash(Display::return_message(get_lang('Term and condition not saved'), 'warning'));
                }
                Security::clear_token();
                $tok = Security::get_token();
                header('Location: legal_list.php?sec_token='.$tok);
                exit();
            } elseif ('preview' === $submit) {
                $defaults['type'] = $type;
                $defaults['content'] = $content;
                $defaults['changes'] = $changes;
                $term_preview = $defaults;
                $term_preview['type'] = (int) $_POST['type'];
            } else {
                $my_lang = $_POST['language'];
                if (isset($_POST['language'])) {
                    $all_langs = api_get_languages();
                    if (in_array($my_lang, $all_langs['folder'])) {
                        $language = api_get_language_id($my_lang);
                        $term_preview = LegalManager::get_last_condition($language);
                        $defaults = $term_preview;
                        if (!$term_preview) {

                            // there are not terms and conditions
                            $term_preview['type'] = -1;
                            $defaults['type'] = 0;
                        }
                    }
                }
            }
        }
    }
}

$form->setDefaults($defaults);

if (isset($_POST['send'])) {
    Security::clear_token();
}
$token = Security::get_token();

$form->addElement('hidden', 'sec_token');
$defaults['sec_token'] = $token;
$form->addElement('header', get_lang('Display a Terms DisplayTermsConditions Conditions statement on the registration page, require visitor to accept the TDisplayTermsConditionsC to register.'));
$jqueryReady = '';

if (isset($_POST['language'])) {
    $form->addElement('static', Security::remove_XSS($_POST['language']));
    $form->addElement('hidden', 'language', Security::remove_XSS($_POST['language']));
    $form->addHtmlEditor(
        'content',
        get_lang('Content'),
        true,
        false,
        ['ToolbarSet' => 'terms_and_conditions', 'Width' => '100%', 'Height' => '250']
    );

    $form->addElement('radio', 'type', '', get_lang('HTML'), '0');
    $form->addElement('radio', 'type', '', get_lang('Page Link'), '1');

    $preview = LegalManager::show_last_condition($term_preview);

    if (-1 != $term_preview['type']) {
        $preview = LegalManager::replaceTags($preview);
        $form->addElement('label', get_lang('Preview'), $preview);
    }

    $termId = isset($term_preview['id']) ? $term_preview['id'] : 0;
    $returnParams = $extraField->addElements(
        $form,
        $termId,
        [],
        false,
        false,
        [],
        [],
        [],
        false,
        true,
        [],
        [],
        false,
        [],
        [],
        false,
        true
    );

    $jqueryReady = $returnParams['jquery_ready_content'];

    $form->addElement('textarea', 'changes', get_lang('Explain changes'), ['width' => '20']);

    // Submit & preview button
    $buttons = '<div class="row" align="center">
                <div class="formw">
                <button type="submit" class="btn btn-default back" 	 name="send" value="back">'.get_lang('Back').'</button>
                <button type="submit" class="btn btn-default search" name="send" value="preview">'.get_lang('Preview').'</button>
                <button type="submit" class="btn btn-primary save" 	 name="send" value="save">'.get_lang('Save').'</button>
                </div>
            </div>';
    $form->addElement('html', $buttons);
} else {
    $form->addSelectLanguage('language', get_lang('Language'), null, []);
    $form->addButtonSearch(get_lang('Load'), 'send');
}

$tool_name = get_lang('Add terms and conditions');
$interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('Administration')];

// the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function
$htmlHeadXtra[] = '<script>
$(function () {
    '.$jqueryReady.'
});
</script>';

Display::display_header($tool_name);

echo '<script>
function sendlang() {
	document.addlegal.sec_token.value=\''.$token.'\';
	document.addlegal.submit();
}
</script>';

// action menu
echo '<div class="actions">';
echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/legal_list.php">'.
    Display::return_icon('search.gif', get_lang('Edit terms and conditions'), '').
    get_lang('All versions').'</a>';
echo '</div>';

$form->setDefaults($defaults);
$form->display();
Display::display_footer();


1			<?php
2			/* For licensing terms, see /license.txt */
3
4			/**
5			* Management of legal conditions.
6			*/
7			$cidReset = true;
8			require_once __DIR__.'/../inc/global.inc.php';
9			$this_section = SECTION_PLATFORM_ADMIN;
10
11			api_protect_admin_script();
12
13			if ('true' !== api_get_setting('allow_terms_conditions')) {
14			api_not_allowed(true);
15			}
16
17			// Create the form
18			$form = new FormValidator('addlegal');
19
20			$defaults = [];
21			$term_preview = [
22			'type' => 0,
23			'content' => '',
24			'changes' => '',
25			];
26
27			$extraField = new ExtraField('terms_and_condition');
28
29			$types = LegalManager::getTreatmentTypeList();
30
31			foreach ($types as $variable => $name) {
32			$label = 'PersonalData'.ucfirst($name).'Title';
33			$params = [
34			'variable' => $variable,
35			'display_text' => $label,
36			'field_type' => ExtraField::FIELD_TYPE_TEXTAREA,
37			'default_value' => '',
38			'visible' => true,
39			'changeable' => true,
40			'filter' => true,
41			'visible_to_self' => true,
42			'visible_to_others' => true,
43			];
44			$extraField->save($params);
45			}
46
47			if ($form->validate()) {
48			$check = Security::check_token('post');
49			if ($check) {
50			$values = $form->getSubmitValues();
51			$lang = $values['language'];
52			// language id
53			$lang = api_get_language_id($lang);
54			$type = 0;
55			if (isset($values['type'])) {
56			$type = $values['type'];
57			}
58			$content = '';
59			if (isset($values['content'])) {
60			$content = $values['content'];
61			}
62			$changes = '';
63			if (isset($values['changes'])) {
64			$changes = $values['changes'];
65			}
66
67			$submit = $values['send'];
68
69			$default['content'] = $content;
70			if (isset($values['language'])) {
71			if ('back' == $submit) {
72			header('Location: legal_add.php');
73			exit;
74			} elseif ('save' === $submit) {
75			$id = LegalManager::add($lang, $content, $type, $changes, $values);
76			if (!empty($id)) {
77			Display::addFlash(Display::return_message(get_lang('Term and condition saved'), 'success'));
78			} else {
79			Display::addFlash(Display::return_message(get_lang('Term and condition not saved'), 'warning'));
80			}
81			Security::clear_token();
82			$tok = Security::get_token();
83			header('Location: legal_list.php?sec_token='.$tok);
84			exit();
85			} elseif ('preview' === $submit) {
86			$defaults['type'] = $type;
87			$defaults['content'] = $content;
88			$defaults['changes'] = $changes;
89			$term_preview = $defaults;
90			$term_preview['type'] = (int) $_POST['type'];
91			} else {
92			$my_lang = $_POST['language'];
93			if (isset($_POST['language'])) {
94			$all_langs = api_get_languages();
95			if (in_array($my_lang, $all_langs['folder'])) {
96			$language = api_get_language_id($my_lang);
97			$term_preview = LegalManager::get_last_condition($language);
98			$defaults = $term_preview;
99			if (!$term_preview) {
			0 ignored issues – show Bug Best Practice introduced 2018-01-05 13:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$term_preview` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
100			// there are not terms and conditions
101			$term_preview['type'] = -1;
102			$defaults['type'] = 0;
103			}
104			}
105			}
106			}
107			}
108			}
109			}
110
111			$form->setDefaults($defaults);
112
113			if (isset($_POST['send'])) {
114			Security::clear_token();
115			}
116			$token = Security::get_token();
117
118			$form->addElement('hidden', 'sec_token');
119			$defaults['sec_token'] = $token;
120			$form->addElement('header', get_lang('Display a Terms DisplayTermsConditions Conditions statement on the registration page, require visitor to accept the TDisplayTermsConditionsC to register.'));
121			$jqueryReady = '';
122
123			if (isset($_POST['language'])) {
124			$form->addElement('static', Security::remove_XSS($_POST['language']));
125			$form->addElement('hidden', 'language', Security::remove_XSS($_POST['language']));
126			$form->addHtmlEditor(
127			'content',
128			get_lang('Content'),
129			true,
130			false,
131			['ToolbarSet' => 'terms_and_conditions', 'Width' => '100%', 'Height' => '250']
132			);
133
134			$form->addElement('radio', 'type', '', get_lang('HTML'), '0');
135			$form->addElement('radio', 'type', '', get_lang('Page Link'), '1');
136
137			$preview = LegalManager::show_last_condition($term_preview);
138
139			if (-1 != $term_preview['type']) {
140			$preview = LegalManager::replaceTags($preview);
141			$form->addElement('label', get_lang('Preview'), $preview);
142			}
143
144			$termId = isset($term_preview['id']) ? $term_preview['id'] : 0;
145			$returnParams = $extraField->addElements(
146			$form,
147			$termId,
148			[],
149			false,
150			false,
151			[],
152			[],
153			[],
154			false,
155			true,
156			[],
157			[],
158			false,
159			[],
160			[],
161			false,
162			true
163			);
164
165			$jqueryReady = $returnParams['jquery_ready_content'];
166
167			$form->addElement('textarea', 'changes', get_lang('Explain changes'), ['width' => '20']);
168
169			// Submit & preview button
170			$buttons = '<div class="row" align="center">
171			<div class="formw">
172			<button type="submit" class="btn btn-default back" name="send" value="back">'.get_lang('Back').'</button>
173			<button type="submit" class="btn btn-default search" name="send" value="preview">'.get_lang('Preview').'</button>
174			<button type="submit" class="btn btn-primary save" name="send" value="save">'.get_lang('Save').'</button>
175			</div>
176			</div>';
177			$form->addElement('html', $buttons);
178			} else {
179			$form->addSelectLanguage('language', get_lang('Language'), null, []);
180			$form->addButtonSearch(get_lang('Load'), 'send');
181			}
182
183			$tool_name = get_lang('Add terms and conditions');
184			$interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('Administration')];
185
186			// the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function
187			$htmlHeadXtra[] = '<script>
188			$(function () {
189			'.$jqueryReady.'
190			});
191			</script>';
192
193			Display::display_header($tool_name);
194
195			echo '<script>
196			function sendlang() {
197			document.addlegal.sec_token.value=\''.$token.'\';
198			document.addlegal.submit();
199			}
200			</script>';
201
202			// action menu
203			echo '<div class="actions">';
204			echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/legal_list.php">'.
205			Display::return_icon('search.gif', get_lang('Edit terms and conditions'), '').
206			get_lang('All versions').'</a>';
207			echo '</div>';
208
209			$form->setDefaults($defaults);
210			$form->display();
211			Display::display_footer();
212

chamilo / chamilo-lms

Push — master ( c9546d...95f607 )

public/main/admin/legal_add.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like