1 | <?php |
||
2 | /* For licensing terms, see /license.txt */ |
||
3 | |||
4 | /** |
||
5 | * Management of legal conditions. |
||
6 | */ |
||
7 | $cidReset = true; |
||
8 | require_once __DIR__.'/../inc/global.inc.php'; |
||
9 | $this_section = SECTION_PLATFORM_ADMIN; |
||
10 | |||
11 | api_protect_admin_script(); |
||
12 | |||
13 | if ('true' !== api_get_setting('allow_terms_conditions')) { |
||
14 | api_not_allowed(true); |
||
15 | } |
||
16 | |||
17 | // Create the form |
||
18 | $form = new FormValidator('addlegal'); |
||
19 | |||
20 | $defaults = []; |
||
21 | $term_preview = [ |
||
22 | 'type' => 0, |
||
23 | 'content' => '', |
||
24 | 'changes' => '', |
||
25 | ]; |
||
26 | |||
27 | $extraField = new ExtraField('terms_and_condition'); |
||
28 | |||
29 | $types = LegalManager::getTreatmentTypeList(); |
||
30 | |||
31 | foreach ($types as $variable => $name) { |
||
32 | $label = 'PersonalData'.ucfirst($name).'Title'; |
||
33 | $params = [ |
||
34 | 'variable' => $variable, |
||
35 | 'display_text' => $label, |
||
36 | 'field_type' => ExtraField::FIELD_TYPE_TEXTAREA, |
||
37 | 'default_value' => '', |
||
38 | 'visible' => true, |
||
39 | 'changeable' => true, |
||
40 | 'filter' => true, |
||
41 | 'visible_to_self' => true, |
||
42 | 'visible_to_others' => true, |
||
43 | ]; |
||
44 | $extraField->save($params); |
||
45 | } |
||
46 | |||
47 | if ($form->validate()) { |
||
48 | $check = Security::check_token('post'); |
||
49 | if ($check) { |
||
50 | $values = $form->getSubmitValues(); |
||
51 | $lang = $values['language']; |
||
52 | // language id |
||
53 | $lang = api_get_language_id($lang); |
||
54 | $type = 0; |
||
55 | if (isset($values['type'])) { |
||
56 | $type = $values['type']; |
||
57 | } |
||
58 | $content = ''; |
||
59 | if (isset($values['content'])) { |
||
60 | $content = $values['content']; |
||
61 | } |
||
62 | $changes = ''; |
||
63 | if (isset($values['changes'])) { |
||
64 | $changes = $values['changes']; |
||
65 | } |
||
66 | |||
67 | $submit = $values['send']; |
||
68 | |||
69 | $default['content'] = $content; |
||
70 | if (isset($values['language'])) { |
||
71 | if ('back' == $submit) { |
||
72 | header('Location: legal_add.php'); |
||
73 | exit; |
||
74 | } elseif ('save' === $submit) { |
||
75 | $id = LegalManager::add($lang, $content, $type, $changes, $values); |
||
76 | if (!empty($id)) { |
||
77 | Display::addFlash(Display::return_message(get_lang('Term and condition saved'), 'success')); |
||
78 | } else { |
||
79 | Display::addFlash(Display::return_message(get_lang('Term and condition not saved'), 'warning')); |
||
80 | } |
||
81 | Security::clear_token(); |
||
82 | $tok = Security::get_token(); |
||
83 | header('Location: legal_list.php?sec_token='.$tok); |
||
84 | exit(); |
||
85 | } elseif ('preview' === $submit) { |
||
86 | $defaults['type'] = $type; |
||
87 | $defaults['content'] = $content; |
||
88 | $defaults['changes'] = $changes; |
||
89 | $term_preview = $defaults; |
||
90 | $term_preview['type'] = (int) $_POST['type']; |
||
91 | } else { |
||
92 | $my_lang = $_POST['language']; |
||
93 | if (isset($_POST['language'])) { |
||
94 | $all_langs = api_get_languages(); |
||
95 | if (in_array($my_lang, $all_langs['folder'])) { |
||
96 | $language = api_get_language_id($my_lang); |
||
97 | $term_preview = LegalManager::get_last_condition($language); |
||
98 | $defaults = $term_preview; |
||
99 | if (!$term_preview) { |
||
0 ignored issues
–
show
|
|||
100 | // there are not terms and conditions |
||
101 | $term_preview['type'] = -1; |
||
102 | $defaults['type'] = 0; |
||
103 | } |
||
104 | } |
||
105 | } |
||
106 | } |
||
107 | } |
||
108 | } |
||
109 | } |
||
110 | |||
111 | $form->setDefaults($defaults); |
||
112 | |||
113 | if (isset($_POST['send'])) { |
||
114 | Security::clear_token(); |
||
115 | } |
||
116 | $token = Security::get_token(); |
||
117 | |||
118 | $form->addElement('hidden', 'sec_token'); |
||
119 | $defaults['sec_token'] = $token; |
||
120 | $form->addElement('header', get_lang('Display a Terms DisplayTermsConditions Conditions statement on the registration page, require visitor to accept the TDisplayTermsConditionsC to register.')); |
||
121 | $jqueryReady = ''; |
||
122 | |||
123 | if (isset($_POST['language'])) { |
||
124 | $form->addElement('static', Security::remove_XSS($_POST['language'])); |
||
125 | $form->addElement('hidden', 'language', Security::remove_XSS($_POST['language'])); |
||
126 | $form->addHtmlEditor( |
||
127 | 'content', |
||
128 | get_lang('Content'), |
||
129 | true, |
||
130 | false, |
||
131 | ['ToolbarSet' => 'terms_and_conditions', 'Width' => '100%', 'Height' => '250'] |
||
132 | ); |
||
133 | |||
134 | $form->addElement('radio', 'type', '', get_lang('HTML'), '0'); |
||
135 | $form->addElement('radio', 'type', '', get_lang('Page Link'), '1'); |
||
136 | |||
137 | $preview = LegalManager::show_last_condition($term_preview); |
||
138 | |||
139 | if (-1 != $term_preview['type']) { |
||
140 | $preview = LegalManager::replaceTags($preview); |
||
141 | $form->addElement('label', get_lang('Preview'), $preview); |
||
142 | } |
||
143 | |||
144 | $termId = isset($term_preview['id']) ? $term_preview['id'] : 0; |
||
145 | $returnParams = $extraField->addElements( |
||
146 | $form, |
||
147 | $termId, |
||
148 | [], |
||
149 | false, |
||
150 | false, |
||
151 | [], |
||
152 | [], |
||
153 | [], |
||
154 | false, |
||
155 | true, |
||
156 | [], |
||
157 | [], |
||
158 | false, |
||
159 | [], |
||
160 | [], |
||
161 | false, |
||
162 | true |
||
163 | ); |
||
164 | |||
165 | $jqueryReady = $returnParams['jquery_ready_content']; |
||
166 | |||
167 | $form->addElement('textarea', 'changes', get_lang('Explain changes'), ['width' => '20']); |
||
168 | |||
169 | // Submit & preview button |
||
170 | $buttons = '<div class="row" align="center"> |
||
171 | <div class="formw"> |
||
172 | <button type="submit" class="btn btn-default back" name="send" value="back">'.get_lang('Back').'</button> |
||
173 | <button type="submit" class="btn btn-default search" name="send" value="preview">'.get_lang('Preview').'</button> |
||
174 | <button type="submit" class="btn btn-primary save" name="send" value="save">'.get_lang('Save').'</button> |
||
175 | </div> |
||
176 | </div>'; |
||
177 | $form->addElement('html', $buttons); |
||
178 | } else { |
||
179 | $form->addSelectLanguage('language', get_lang('Language'), null, []); |
||
180 | $form->addButtonSearch(get_lang('Load'), 'send'); |
||
181 | } |
||
182 | |||
183 | $tool_name = get_lang('Add terms and conditions'); |
||
184 | $interbreadcrumb[] = ['url' => 'index.php', 'name' => get_lang('Administration')]; |
||
185 | |||
186 | // the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function |
||
187 | $htmlHeadXtra[] = '<script> |
||
188 | $(function () { |
||
189 | '.$jqueryReady.' |
||
190 | }); |
||
191 | </script>'; |
||
192 | |||
193 | Display::display_header($tool_name); |
||
194 | |||
195 | echo '<script> |
||
196 | function sendlang() { |
||
197 | document.addlegal.sec_token.value=\''.$token.'\'; |
||
198 | document.addlegal.submit(); |
||
199 | } |
||
200 | </script>'; |
||
201 | |||
202 | // action menu |
||
203 | echo '<div class="actions">'; |
||
204 | echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/legal_list.php">'. |
||
205 | Display::return_icon('search.gif', get_lang('Edit terms and conditions'), ''). |
||
206 | get_lang('All versions').'</a>'; |
||
207 | echo '</div>'; |
||
208 | |||
209 | $form->setDefaults($defaults); |
||
210 | $form->display(); |
||
211 | Display::display_footer(); |
||
212 |
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)
or! empty(...)
instead.