Issues in UserDefinedFormController.php - New Issues - Inspection of "Merge pull request #676 from creative-commoners/pu..." - silverstripe/silverstripe-userforms - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 177bd3...57cd0b )

by Will

created 2017-10-18 23:51 UTC

code/Control/UserDefinedFormController.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace SilverStripe\UserForms\Control;

use PageController;
use SilverStripe\Assets\File;
use SilverStripe\Assets\Upload;
use SilverStripe\Control\Controller;
use SilverStripe\Control\Email\Email;
use SilverStripe\Control\HTTP;
use SilverStripe\Core\Manifest\ModuleLoader;
use SilverStripe\Forms\Form;
use SilverStripe\i18n\i18n;
use SilverStripe\ORM\ArrayList;
use SilverStripe\ORM\FieldType\DBField;
use SilverStripe\ORM\ValidationException;
use SilverStripe\Security\Security;
use SilverStripe\UserForms\Form\UserForm;
use SilverStripe\UserForms\Model\EditableFormField\EditableFileField;
use SilverStripe\UserForms\Model\Submission\SubmittedForm;
use SilverStripe\View\ArrayData;
use SilverStripe\View\Requirements;
use SilverStripe\View\SSViewer;

/**
 * Controller for the {@link UserDefinedForm} page type.
 *
 * @package userforms
 */
class UserDefinedFormController extends PageController
{
    private static $finished_anchor = '#uff';

    private static $allowed_actions = [
        'index',
        'ping',
        'Form',
        'finished'
    ];

    protected function init()
    {
        parent::init();

        $page = $this->data();

        // load the css
        if (!$page->config()->get('block_default_userforms_css')) {
            Requirements::css('silverstripe/userforms:client/dist/styles/userforms.css');
        }

        // load the jquery
        if (!$page->config()->get('block_default_userforms_js')) {
            Requirements::javascript('//code.jquery.com/jquery-1.7.2.min.js');
            Requirements::javascript(
                'silverstripe/userforms:client/thirdparty/jquery-validate/jquery.validate.min.js'
            );
            Requirements::add_i18n_javascript('silverstripe/userforms:client/lang');
            Requirements::javascript('silverstripe/userforms:client/dist/js/userforms.js');

            $this->addUserFormsValidatei18n();

            // Bind a confirmation message when navigating away from a partially completed form.
            if ($page::config()->get('enable_are_you_sure')) {
                Requirements::javascript(
                    'silverstripe/userforms:client/thirdparty/jquery.are-you-sure/jquery.are-you-sure.js'
                );
            }
        }
    }

    /**
     * Add the necessary jQuery validate i18n translation files, either by locale or by langauge,
     * e.g. 'en_NZ' or 'en'. This adds "methods_abc.min.js" as well as "messages_abc.min.js" from the
     * jQuery validate thirdparty library.
     */
    protected function addUserFormsValidatei18n()
    {
        $module = ModuleLoader::getModule('silverstripe/userforms');

        $candidates = [
            i18n::getData()->langFromLocale(i18n::config()->get('default_locale')),
            i18n::config()->get('default_locale'),
            i18n::getData()->langFromLocale(i18n::get_locale()),
            i18n::get_locale(),
        ];

        foreach ($candidates as $candidate) {
            foreach (['messages', 'methods'] as $candidateType) {
                $localisationCandidate = "client/thirdparty/jquery-validate/localization/{$candidateType}_{$candidate}.min.js";

                $resource = $module->getResource($localisationCandidate);

                if ($resource->exists()) {
                    Requirements::javascript($resource->getRelativePath());
                }
            }
        }
    }

    /**
     * Using $UserDefinedForm in the Content area of the page shows
     * where the form should be rendered into. If it does not exist
     * then default back to $Form.
     *
     * @return array
     */
    public function index()
    {
        if ($this->Content && $form = $this->Form()) {
            $hasLocation = stristr($this->Content, '$UserDefinedForm');
            if ($hasLocation) {
                /** @see Requirements_Backend::escapeReplacement */
                $formEscapedForRegex = addcslashes($form->forTemplate(), '\\$');
                $content = preg_replace(
                    '/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i',
                    $formEscapedForRegex,
                    $this->Content
                );
                return [
                    'Content' => DBField::create_field('HTMLText', $content),
                    'Form' => ''
                ];
            }
        }

        return [
            'Content' => DBField::create_field('HTMLText', $this->Content),
            'Form' => $this->Form()
        ];
    }

    /**
     * Keep the session alive for the user.
     *
     * @return int
     */
    public function ping()
    {
        return 1;
    }

    /**
     * Get the form for the page. Form can be modified by calling {@link updateForm()}
     * on a UserDefinedForm extension.
     *
     * @return Form
     */
    public function Form()
    {
        $form = UserForm::create($this, 'Form_' . $this->ID);
        /** @skipUpgrade */
        $form->setFormAction(Controller::join_links($this->Link(), 'Form'));
        $this->generateConditionalJavascript();
        return $form;
    }

    /**
     * Generate the javascript for the conditional field show / hiding logic.
     *
     * @return void
     */
    public function generateConditionalJavascript()
    {
        $default = '';
        $rules = '';

        $watch = [];

        if ($this->Fields()) {
            /** @var EditableFormField $field */
            foreach ($this->Fields() as $field) {
                if ($result = $field->formatDisplayRules()) {
                    $watch[] = $result;
                }
            }
        }
        if ($watch) {
            $rules .= $this->buildWatchJS($watch);
        }

        // Only add customScript if $default or $rules is defined
        if ($rules) {
            Requirements::customScript(<<<JS
                (function($) {
                    $(document).ready(function() {
                        {$rules}
                    });
                })(jQuery);
JS
            , 'UserFormsConditional');
        }
    }

    /**
     * Process the form that is submitted through the site
     *
     * {@see UserForm::validate()} for validation step prior to processing
     *
     * @param array $data
     * @param Form $form
     *
     * @return \SilverStripe\Control\HTTPResponse
     */
    public function process($data, $form)
    {
        $submittedForm = SubmittedForm::create();
        $submittedForm->SubmittedByID = Security::getCurrentUser() ? Security::getCurrentUser()->ID : 0;
        $submittedForm->ParentID = $this->ID;

        // if saving is not disabled save now to generate the ID
        if (!$this->DisableSaveSubmissions) {
            $submittedForm->write();
        }

        $attachments = array();
        $submittedFields = ArrayList::create();

        foreach ($this->Fields() as $field) {
            if (!$field->showInReports()) {
                continue;
            }

            $submittedField = $field->getSubmittedFormField();
            $submittedField->ParentID = $submittedForm->ID;
            $submittedField->Name = $field->Name;
            $submittedField->Title = $field->getField('Title');

            // save the value from the data
            if ($field->hasMethod('getValueFromData')) {
                $submittedField->Value = $field->getValueFromData($data);
            } else {
                if (isset($data[$field->Name])) {
                    $submittedField->Value = $data[$field->Name];
                }
            }

            if (!empty($data[$field->Name])) {
                if (in_array(EditableFileField::class, $field->getClassAncestry())) {
                    if (!empty($_FILES[$field->Name]['name'])) {
                        $foldername = $field->getFormField()->getFolderName();

                        // create the file from post data
                        $upload = Upload::create();
                        $file = File::create();
                        $file->ShowInSearch = 0;
                        try {
                            $upload->loadIntoFile($_FILES[$field->Name], $file, $foldername);
                        } catch (ValidationException $e) {
                            $validationResult = $e->getResult();
                            $form->addErrorMessage($field->Name, $validationResult->message(), 'bad');
                            Controller::curr()->redirectBack();
                            return;
                        }

                        // write file to form field
                        $submittedField->UploadedFileID = $file->ID;

                        // attach a file only if lower than 1MB
                        if ($file->getAbsoluteSize() < 1024 * 1024 * 1) {
                            $attachments[] = $file;
                        }
                    }
                }
            }

            $submittedField->extend('onPopulationFromField', $field);

            if (!$this->DisableSaveSubmissions) {
                $submittedField->write();
            }

            $submittedFields->push($submittedField);
        }

        $emailData = [
            'Sender' => Security::getCurrentUser(),
            'Fields' => $submittedFields
        ];

        $this->extend('updateEmailData', $emailData, $attachments);

        // email users on submit.
        if ($recipients = $this->FilteredEmailRecipients($data, $form)) {
            foreach ($recipients as $recipient) {
                $email = Email::create()
                    ->setHTMLTemplate('email/SubmittedFormEmail.ss')
                    ->setPlainTemplate('email/SubmittedFormEmail.ss');

                $mergeFields = $this->getMergeFieldsMap($emailData['Fields']);

                if ($attachments) {
                    foreach ($attachments as $file) {
                        if (!$file->ID != 0) {
                            continue;
                        }

                        $email->attachFile(
                            $file->Filename,
                            $file->Filename,
                            HTTP::get_mime_type($file->Filename)
                        );
                    }
                }

                $parsedBody = SSViewer::execute_string($recipient->getEmailBodyContent(), $mergeFields);

                if (!$recipient->SendPlain && $recipient->emailTemplateExists()) {
                    $email->setHTMLTemplate($recipient->EmailTemplate);
                }

                $email->setData($recipient);
                foreach ($emailData as $key => $value) {
                    $email->addData($key, $value);
                }

                $email->setFrom($recipient->EmailFrom);
                $email->setBody($parsedBody);
                $email->setTo($recipient->EmailAddress);
                $email->setSubject($recipient->EmailSubject);

                if ($recipient->EmailReplyTo) {
                    $email->setReplyTo($recipient->EmailReplyTo);
                }

                // check to see if they are a dynamic reply to. eg based on a email field a user selected
                if ($recipient->SendEmailFromField()) {
                    $submittedFormField = $submittedFields->find('Name', $recipient->SendEmailFromField()->Name);

                    if ($submittedFormField && is_string($submittedFormField->Value)) {
                        $email->setReplyTo($submittedFormField->Value);
                    }
                }
                // check to see if they are a dynamic reciever eg based on a dropdown field a user selected
                if ($recipient->SendEmailToField()) {
                    $submittedFormField = $submittedFields->find('Name', $recipient->SendEmailToField()->Name);

                    if ($submittedFormField && is_string($submittedFormField->Value)) {
                        $email->setTo($submittedFormField->Value);
                    }
                }

                // check to see if there is a dynamic subject
                if ($recipient->SendEmailSubjectField()) {
                    $submittedFormField = $submittedFields->find('Name', $recipient->SendEmailSubjectField()->Name);

                    if ($submittedFormField && trim($submittedFormField->Value)) {
                        $email->setSubject($submittedFormField->Value);
                    }
                }

                $this->extend('updateEmail', $email, $recipient, $emailData);

                if ($recipient->SendPlain) {
                    $body = strip_tags($recipient->getEmailBodyContent()) . "\n";
                    if (isset($emailData['Fields']) && !$recipient->HideFormData) {
                        foreach ($emailData['Fields'] as $Field) {
                            $body .= $Field->Title . ': ' . $Field->Value . " \n";
                        }
                    }

                    $email->setBody($body);
                    $email->sendPlain();
                } else {
                    $email->send();
                }
            }
        }

        $submittedForm->extend('updateAfterProcess');

        $session = $this->getRequest()->getSession();
        $session->clear("FormInfo.{$form->FormName()}.errors");
        $session->clear("FormInfo.{$form->FormName()}.data");

        $referrer = (isset($data['Referrer'])) ? '?referrer=' . urlencode($data['Referrer']) : "";

        // set a session variable from the security ID to stop people accessing
        // the finished method directly.
        if (!$this->DisableAuthenicatedFinishAction) {
            if (isset($data['SecurityID'])) {
                $session->set('FormProcessed', $data['SecurityID']);
            } else {
                // if the form has had tokens disabled we still need to set FormProcessed
                // to allow us to get through the finshed method
                if (!$this->Form()->getSecurityToken()->isEnabled()) {
                    $randNum = rand(1, 1000);
                    $randHash = md5($randNum);
                    $session->set('FormProcessed', $randHash);
                    $session->set('FormProcessedNum', $randNum);
                }
            }
        }

        if (!$this->DisableSaveSubmissions) {
            $session->set('userformssubmission'. $this->ID, $submittedForm->ID);
        }

        return $this->redirect($this->Link('finished') . $referrer . $this->config()->get('finished_anchor'));
    }

    /**
     * Allows the use of field values in email body.
     *
     * @param ArrayList $fields
     * @return ArrayData
     */
    protected function getMergeFieldsMap($fields = [])
    {
        $data = ArrayData::create([]);

        foreach ($fields as $field) {
            $data->setField($field->Name, DBField::create_field('Text', $field->Value));
        }

        return $data;
    }

    /**
     * This action handles rendering the "finished" message, which is
     * customizable by editing the ReceivedFormSubmission template.
     *
     * @return ViewableData
     */
    public function finished()
    {
        $submission = $this->getRequest()->getSession()->get('userformssubmission'. $this->ID);

        if ($submission) {
            $submission = SubmittedForm::get()->byId($submission);
        }

        $referrer = isset($_GET['referrer']) ? urldecode($_GET['referrer']) : null;

        if (!$this->DisableAuthenicatedFinishAction) {
            $formProcessed = $this->getRequest()->getSession()->get('FormProcessed');

            if (!isset($formProcessed)) {
                return $this->redirect($this->Link() . $referrer);
            } else {
                $securityID = $this->getRequest()->getSession()->get('SecurityID');
                // make sure the session matches the SecurityID and is not left over from another form
                if ($formProcessed != $securityID) {
                    // they may have disabled tokens on the form
                    $securityID = md5($this->getRequest()->getSession()->get('FormProcessedNum'));
                    if ($formProcessed != $securityID) {
                        return $this->redirect($this->Link() . $referrer);
                    }
                }
            }

            $this->getRequest()->getSession()->clear('FormProcessed');
        }

        $data = [
            'Submission' => $submission,
            'Link' => $referrer
        ];

        $this->extend('updateReceivedFormSubmissionData', $data);

        return $this->customise([
            'Content' => $this->customise($data)->renderWith(__CLASS__ . '_ReceivedFormSubmission'),
            'Form' => '',
        ]);
    }

    /**
     * Outputs the required JS from the $watch input
     *
     * @param array $watch
     *
     * @return string
     */
    protected function buildWatchJS($watch)
    {
        $result = '';
        foreach ($watch as $key => $rule) {
            $events = implode(' ', $rule['events']);
            $selectors = implode(', ', $rule['selectors']);
            $conjunction = $rule['conjunction'];
            $operations = implode(" {$conjunction} ", $rule['operations']);
            $target = $rule['targetFieldID'];

            $result .= <<<EOS
\n
    $('.userform').on('{$events}',
    "{$selectors}",
    function (){
        if ({$operations}) {
            $('{$target}').{$rule['view']};
        } else {
            $('{$target}').{$rule['opposite']};
        }
    });
    $("{$target}").find('.hide').removeClass('hide');
EOS;
        }

        return $result;
    }
}


1		<?php
2
3		namespace SilverStripe\UserForms\Control;
4
5		use PageController;
6		use SilverStripe\Assets\File;
7		use SilverStripe\Assets\Upload;
8		use SilverStripe\Control\Controller;
9		use SilverStripe\Control\Email\Email;
10		use SilverStripe\Control\HTTP;
11		use SilverStripe\Core\Manifest\ModuleLoader;
12		use SilverStripe\Forms\Form;
13		use SilverStripe\i18n\i18n;
14		use SilverStripe\ORM\ArrayList;
15		use SilverStripe\ORM\FieldType\DBField;
16		use SilverStripe\ORM\ValidationException;
17		use SilverStripe\Security\Security;
18		use SilverStripe\UserForms\Form\UserForm;
19		use SilverStripe\UserForms\Model\EditableFormField\EditableFileField;
20		use SilverStripe\UserForms\Model\Submission\SubmittedForm;
21		use SilverStripe\View\ArrayData;
22		use SilverStripe\View\Requirements;
23		use SilverStripe\View\SSViewer;
24
25		/**
26		* Controller for the {@link UserDefinedForm} page type.
27		*
28		* @package userforms
29		*/
30		class UserDefinedFormController extends PageController
31		{
32		private static $finished_anchor = '#uff';
33
34		private static $allowed_actions = [
35		'index',
36		'ping',
37		'Form',
38		'finished'
39		];
40
41		protected function init()
42		{
43		parent::init();
44
45		$page = $this->data();
46
47		// load the css
48		if (!$page->config()->get('block_default_userforms_css')) {
49		Requirements::css('silverstripe/userforms:client/dist/styles/userforms.css');
50		}
51
52		// load the jquery
53		if (!$page->config()->get('block_default_userforms_js')) {
54		Requirements::javascript('//code.jquery.com/jquery-1.7.2.min.js');
55		Requirements::javascript(
56		'silverstripe/userforms:client/thirdparty/jquery-validate/jquery.validate.min.js'
57		);
58		Requirements::add_i18n_javascript('silverstripe/userforms:client/lang');
59		Requirements::javascript('silverstripe/userforms:client/dist/js/userforms.js');
60
61		$this->addUserFormsValidatei18n();
62
63		// Bind a confirmation message when navigating away from a partially completed form.
64		if ($page::config()->get('enable_are_you_sure')) {
65		Requirements::javascript(
66		'silverstripe/userforms:client/thirdparty/jquery.are-you-sure/jquery.are-you-sure.js'
67		);
68		}
69		}
70		}
71
72		/**
73		* Add the necessary jQuery validate i18n translation files, either by locale or by langauge,
74		* e.g. 'en_NZ' or 'en'. This adds "methods_abc.min.js" as well as "messages_abc.min.js" from the
75		* jQuery validate thirdparty library.
76		*/
77		protected function addUserFormsValidatei18n()
78		{
79		$module = ModuleLoader::getModule('silverstripe/userforms');
80
81		$candidates = [
82		i18n::getData()->langFromLocale(i18n::config()->get('default_locale')),
83		i18n::config()->get('default_locale'),
84		i18n::getData()->langFromLocale(i18n::get_locale()),
85		i18n::get_locale(),
86		];
87
88		foreach ($candidates as $candidate) {
89		foreach (['messages', 'methods'] as $candidateType) {
90		$localisationCandidate = "client/thirdparty/jquery-validate/localization/{$candidateType}_{$candidate}.min.js";
91
92		$resource = $module->getResource($localisationCandidate);
		0 ignored issues – show Bug introduced 2017-10-18 09:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `getResource()` does not exist on `SilverStripe\Core\Manifest\Module`. Did you maybe mean `getResourcePath()`? This check marks calls to methods that do not seem to exist on an object. This is most likely the result of a method being renamed without all references to it being renamed likewise. Loading history...
93		if ($resource->exists()) {
94		Requirements::javascript($resource->getRelativePath());
95		}
96		}
97		}
98		}
99
100		/**
101		* Using $UserDefinedForm in the Content area of the page shows
102		* where the form should be rendered into. If it does not exist
103		* then default back to $Form.
104		*
105		* @return array
106		*/
107		public function index()
108		{
109		if ($this->Content && $form = $this->Form()) {
110		$hasLocation = stristr($this->Content, '$UserDefinedForm');
111		if ($hasLocation) {
112		/** @see Requirements_Backend::escapeReplacement */
113		$formEscapedForRegex = addcslashes($form->forTemplate(), '\\$');
114		$content = preg_replace(
115		'/(<p[^>]*>)?\\$UserDefinedForm(<\\/p>)?/i',
116		$formEscapedForRegex,
117		$this->Content
118		);
119		return [
120		'Content' => DBField::create_field('HTMLText', $content),
121		'Form' => ''
122		];
123		}
124		}
125
126		return [
127		'Content' => DBField::create_field('HTMLText', $this->Content),
128		'Form' => $this->Form()
129		];
130		}
131
132		/**
133		* Keep the session alive for the user.
134		*
135		* @return int
136		*/
137		public function ping()
138		{
139		return 1;
140		}
141
142		/**
143		* Get the form for the page. Form can be modified by calling {@link updateForm()}
144		* on a UserDefinedForm extension.
145		*
146		* @return Form
147		*/
148		public function Form()
149		{
150		$form = UserForm::create($this, 'Form_' . $this->ID);
151		/** @skipUpgrade */
152		$form->setFormAction(Controller::join_links($this->Link(), 'Form'));
153		$this->generateConditionalJavascript();
154		return $form;
155		}
156
157		/**
158		* Generate the javascript for the conditional field show / hiding logic.
159		*
160		* @return void
161		*/
162		public function generateConditionalJavascript()
163		{
164		$default = '';
165		$rules = '';
166
167		$watch = [];
168
169		if ($this->Fields()) {
170		/** @var EditableFormField $field */
171		foreach ($this->Fields() as $field) {
172		if ($result = $field->formatDisplayRules()) {
173		$watch[] = $result;
174		}
175		}
176		}
177		if ($watch) {
178		$rules .= $this->buildWatchJS($watch);
179		}
180
181		// Only add customScript if $default or $rules is defined
182		if ($rules) {
183		Requirements::customScript(<<<JS
184		(function($) {
185		$(document).ready(function() {
186		{$rules}
187		});
188		})(jQuery);
189		JS
190		, 'UserFormsConditional');
191		}
192		}
193
194		/**
195		* Process the form that is submitted through the site
196		*
197		* {@see UserForm::validate()} for validation step prior to processing
198		*
199		* @param array $data
200		* @param Form $form
201		*
202		* @return \SilverStripe\Control\HTTPResponse
203		*/
204		public function process($data, $form)
205		{
206		$submittedForm = SubmittedForm::create();
207		$submittedForm->SubmittedByID = Security::getCurrentUser() ? Security::getCurrentUser()->ID : 0;
208		$submittedForm->ParentID = $this->ID;
209
210		// if saving is not disabled save now to generate the ID
211		if (!$this->DisableSaveSubmissions) {
212		$submittedForm->write();
213		}
214
215		$attachments = array();
216		$submittedFields = ArrayList::create();
217
218		foreach ($this->Fields() as $field) {
219		if (!$field->showInReports()) {
220		continue;
221		}
222
223		$submittedField = $field->getSubmittedFormField();
224		$submittedField->ParentID = $submittedForm->ID;
225		$submittedField->Name = $field->Name;
226		$submittedField->Title = $field->getField('Title');
227
228		// save the value from the data
229		if ($field->hasMethod('getValueFromData')) {
230		$submittedField->Value = $field->getValueFromData($data);
231		} else {
232		if (isset($data[$field->Name])) {
233		$submittedField->Value = $data[$field->Name];
234		}
235		}
236
237		if (!empty($data[$field->Name])) {
238		if (in_array(EditableFileField::class, $field->getClassAncestry())) {
239		if (!empty($_FILES[$field->Name]['name'])) {
240		$foldername = $field->getFormField()->getFolderName();
241
242		// create the file from post data
243		$upload = Upload::create();
244		$file = File::create();
245		$file->ShowInSearch = 0;
246		try {
247		$upload->loadIntoFile($_FILES[$field->Name], $file, $foldername);
248		} catch (ValidationException $e) {
249		$validationResult = $e->getResult();
250		$form->addErrorMessage($field->Name, $validationResult->message(), 'bad');
251		Controller::curr()->redirectBack();
252		return;
253		}
254
255		// write file to form field
256		$submittedField->UploadedFileID = $file->ID;
257
258		// attach a file only if lower than 1MB
259		if ($file->getAbsoluteSize() < 1024 * 1024 * 1) {
260		$attachments[] = $file;
261		}
262		}
263		}
264		}
265
266		$submittedField->extend('onPopulationFromField', $field);
267
268		if (!$this->DisableSaveSubmissions) {
269		$submittedField->write();
270		}
271
272		$submittedFields->push($submittedField);
273		}
274
275		$emailData = [
276		'Sender' => Security::getCurrentUser(),
277		'Fields' => $submittedFields
278		];
279
280		$this->extend('updateEmailData', $emailData, $attachments);
281
282		// email users on submit.
283		if ($recipients = $this->FilteredEmailRecipients($data, $form)) {
284		foreach ($recipients as $recipient) {
285		$email = Email::create()
286		->setHTMLTemplate('email/SubmittedFormEmail.ss')
287		->setPlainTemplate('email/SubmittedFormEmail.ss');
288
289		$mergeFields = $this->getMergeFieldsMap($emailData['Fields']);
290
291		if ($attachments) {
292		foreach ($attachments as $file) {
293		if (!$file->ID != 0) {
294		continue;
295		}
296
297		$email->attachFile(
298		$file->Filename,
299		$file->Filename,
300		HTTP::get_mime_type($file->Filename)
301		);
302		}
303		}
304
305		$parsedBody = SSViewer::execute_string($recipient->getEmailBodyContent(), $mergeFields);
306
307		if (!$recipient->SendPlain && $recipient->emailTemplateExists()) {
308		$email->setHTMLTemplate($recipient->EmailTemplate);
309		}
310
311		$email->setData($recipient);
312		foreach ($emailData as $key => $value) {
313		$email->addData($key, $value);
314		}
315
316		$email->setFrom($recipient->EmailFrom);
317		$email->setBody($parsedBody);
318		$email->setTo($recipient->EmailAddress);
319		$email->setSubject($recipient->EmailSubject);
320
321		if ($recipient->EmailReplyTo) {
322		$email->setReplyTo($recipient->EmailReplyTo);
323		}
324
325		// check to see if they are a dynamic reply to. eg based on a email field a user selected
326	View Code Duplication	if ($recipient->SendEmailFromField()) {
327		$submittedFormField = $submittedFields->find('Name', $recipient->SendEmailFromField()->Name);
328
329		if ($submittedFormField && is_string($submittedFormField->Value)) {
330		$email->setReplyTo($submittedFormField->Value);
331		}
332		}
333		// check to see if they are a dynamic reciever eg based on a dropdown field a user selected
334	View Code Duplication	if ($recipient->SendEmailToField()) {
335		$submittedFormField = $submittedFields->find('Name', $recipient->SendEmailToField()->Name);
336
337		if ($submittedFormField && is_string($submittedFormField->Value)) {
338		$email->setTo($submittedFormField->Value);
339		}
340		}
341
342		// check to see if there is a dynamic subject
343	View Code Duplication	if ($recipient->SendEmailSubjectField()) {
344		$submittedFormField = $submittedFields->find('Name', $recipient->SendEmailSubjectField()->Name);
345
346		if ($submittedFormField && trim($submittedFormField->Value)) {
347		$email->setSubject($submittedFormField->Value);
348		}
349		}
350
351		$this->extend('updateEmail', $email, $recipient, $emailData);
352
353		if ($recipient->SendPlain) {
354		$body = strip_tags($recipient->getEmailBodyContent()) . "\n";
355		if (isset($emailData['Fields']) && !$recipient->HideFormData) {
356		foreach ($emailData['Fields'] as $Field) {
357		$body .= $Field->Title . ': ' . $Field->Value . " \n";
358		}
359		}
360
361		$email->setBody($body);
362		$email->sendPlain();
363		} else {
364		$email->send();
365		}
366		}
367		}
368
369		$submittedForm->extend('updateAfterProcess');
370
371		$session = $this->getRequest()->getSession();
372		$session->clear("FormInfo.{$form->FormName()}.errors");
373		$session->clear("FormInfo.{$form->FormName()}.data");
374
375		$referrer = (isset($data['Referrer'])) ? '?referrer=' . urlencode($data['Referrer']) : "";
376
377		// set a session variable from the security ID to stop people accessing
378		// the finished method directly.
379		if (!$this->DisableAuthenicatedFinishAction) {
380		if (isset($data['SecurityID'])) {
381		$session->set('FormProcessed', $data['SecurityID']);
382		} else {
383		// if the form has had tokens disabled we still need to set FormProcessed
384		// to allow us to get through the finshed method
385		if (!$this->Form()->getSecurityToken()->isEnabled()) {
386		$randNum = rand(1, 1000);
387		$randHash = md5($randNum);
388		$session->set('FormProcessed', $randHash);
389		$session->set('FormProcessedNum', $randNum);
390		}
391		}
392		}
393
394		if (!$this->DisableSaveSubmissions) {
395		$session->set('userformssubmission'. $this->ID, $submittedForm->ID);
396		}
397
398		return $this->redirect($this->Link('finished') . $referrer . $this->config()->get('finished_anchor'));
399		}
400
401		/**
402		* Allows the use of field values in email body.
403		*
404		* @param ArrayList $fields
405		* @return ArrayData
406		*/
407		protected function getMergeFieldsMap($fields = [])
408		{
409		$data = ArrayData::create([]);
410
411		foreach ($fields as $field) {
412		$data->setField($field->Name, DBField::create_field('Text', $field->Value));
413		}
414
415		return $data;
416		}
417
418		/**
419		* This action handles rendering the "finished" message, which is
420		* customizable by editing the ReceivedFormSubmission template.
421		*
422		* @return ViewableData
423		*/
424		public function finished()
425		{
426		$submission = $this->getRequest()->getSession()->get('userformssubmission'. $this->ID);
427
428		if ($submission) {
429		$submission = SubmittedForm::get()->byId($submission);
430		}
431
432		$referrer = isset($_GET['referrer']) ? urldecode($_GET['referrer']) : null;
433
434		if (!$this->DisableAuthenicatedFinishAction) {
435		$formProcessed = $this->getRequest()->getSession()->get('FormProcessed');
436
437		if (!isset($formProcessed)) {
438		return $this->redirect($this->Link() . $referrer);
439		} else {
440		$securityID = $this->getRequest()->getSession()->get('SecurityID');
441		// make sure the session matches the SecurityID and is not left over from another form
442		if ($formProcessed != $securityID) {
443		// they may have disabled tokens on the form
444		$securityID = md5($this->getRequest()->getSession()->get('FormProcessedNum'));
445		if ($formProcessed != $securityID) {
446		return $this->redirect($this->Link() . $referrer);
447		}
448		}
449		}
450
451		$this->getRequest()->getSession()->clear('FormProcessed');
452		}
453
454		$data = [
455		'Submission' => $submission,
456		'Link' => $referrer
457		];
458
459		$this->extend('updateReceivedFormSubmissionData', $data);
460
461		return $this->customise([
462		'Content' => $this->customise($data)->renderWith(__CLASS__ . '_ReceivedFormSubmission'),
463		'Form' => '',
464		]);
465		}
466
467		/**
468		* Outputs the required JS from the $watch input
469		*
470		* @param array $watch
471		*
472		* @return string
473		*/
474		protected function buildWatchJS($watch)
475		{
476		$result = '';
477		foreach ($watch as $key => $rule) {
478		$events = implode(' ', $rule['events']);
479		$selectors = implode(', ', $rule['selectors']);
480		$conjunction = $rule['conjunction'];
481		$operations = implode(" {$conjunction} ", $rule['operations']);
482		$target = $rule['targetFieldID'];
483
484		$result .= <<<EOS
485		\n
486		$('.userform').on('{$events}',
487		"{$selectors}",
488		function (){
489		if ({$operations}) {
490		$('{$target}').{$rule['view']};
491		} else {
492		$('{$target}').{$rule['opposite']};
493		}
494		});
495		$("{$target}").find('.hide').removeClass('hide');
496		EOS;
497		}
498
499		return $result;
500		}
501		}
502

silverstripe / silverstripe-userforms

Push — master ( 177bd3...57cd0b )

code/Control/UserDefinedFormController.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like