From 3e9afbdc2a11f7668cdded539b850b0447a14e00 Mon Sep 17 00:00:00 2001 From: Olle Haerstedt Date: Tue, 20 Dec 2016 17:22:16 +0100 Subject: [PATCH] Fixed issue #12012: Partcipant with invlaid email are silently deleted Dev: Use AjaxHelper to show confirmation when updating token --- application/controllers/admin/tokens.php | 85 ++++++++++++------------ scripts/admin/tokens.js | 35 +++++----- 2 files changed, 61 insertions(+), 59 deletions(-) diff --git a/application/controllers/admin/tokens.php b/application/controllers/admin/tokens.php index 51a6f9b9a38..e11644e8b9f 100644 --- a/application/controllers/admin/tokens.php +++ b/application/controllers/admin/tokens.php @@ -645,7 +645,8 @@ public function addnew($iSurveyId) * @param int $iSurveyID * @param int $iTokenId * @param boolean $ajax - * @return boolean|null + * @return void + * @todo When is this function used without Ajax? */ public function edit($iSurveyId, $iTokenId, $ajax = false) { @@ -674,73 +675,72 @@ public function edit($iSurveyId, $iTokenId, $ajax = false) Yii::app()->loadHelper("surveytranslator"); $dateformatdetails = getDateFormatData(Yii::app()->session['dateformat']); - if (Yii::app()->request->getPost('subaction')) { + $request = Yii::app()->request; + + if ($request->getPost('subaction')) { + Yii::import('application.helpers.admin.ajax_helper', true); Yii::import('application.libraries.Date_Time_Converter', true); - if (trim(Yii::app()->request->getPost('validfrom')) == '') { + if (trim($request->getPost('validfrom')) == '') { $_POST['validfrom'] = null; } else { - $datetimeobj = new Date_Time_Converter(trim(Yii::app()->request->getPost('validfrom')), $dateformatdetails['phpdate'] . ' H:i'); + $datetimeobj = new Date_Time_Converter(trim($request->getPost('validfrom')), $dateformatdetails['phpdate'] . ' H:i'); $_POST['validfrom'] = $datetimeobj->convert('Y-m-d H:i:s'); } - if (trim(Yii::app()->request->getPost('validuntil')) == '') { + if (trim($request->getPost('validuntil')) == '') { $_POST['validuntil'] = null; } else { - $datetimeobj = new Date_Time_Converter(trim(Yii::app()->request->getPost('validuntil')), $dateformatdetails['phpdate'] . ' H:i'); + $datetimeobj = new Date_Time_Converter(trim($request->getPost('validuntil')), $dateformatdetails['phpdate'] . ' H:i'); $_POST['validuntil'] = $datetimeobj->convert('Y-m-d H:i:s'); } - $aData['thissurvey'] = getSurveyInfo($iSurveyId); - $aData['surveyid'] = $iSurveyId; - - $aTokenData['firstname'] = flattenText(Yii::app()->request->getPost('firstname')); - $aTokenData['lastname'] = flattenText(Yii::app()->request->getPost('lastname')); - $aTokenData['email'] = flattenText(Yii::app()->request->getPost('email')); - $aTokenData['emailstatus'] = flattenText(Yii::app()->request->getPost('emailstatus')); - $sSanitizedToken = sanitize_token(Yii::app()->request->getPost('token')); + $aTokenData['firstname'] = flattenText($request->getPost('firstname')); + $aTokenData['lastname'] = flattenText($request->getPost('lastname')); + $aTokenData['email'] = flattenText($request->getPost('email')); + $aTokenData['emailstatus'] = flattenText($request->getPost('emailstatus')); + $sSanitizedToken = sanitize_token($request->getPost('token')); $aTokenData['token'] = $sSanitizedToken; - $aTokenData['language'] = sanitize_languagecode(Yii::app()->request->getPost('language')); - $aTokenData['sent'] = flattenText(Yii::app()->request->getPost('sent')); - $aTokenData['completed'] = flattenText(Yii::app()->request->getPost('completed')); - $aTokenData['usesleft'] = flattenText(Yii::app()->request->getPost('usesleft')); - $aTokenData['validfrom'] = Yii::app()->request->getPost('validfrom'); - $aTokenData['validuntil'] = Yii::app()->request->getPost('validuntil'); - $aTokenData['remindersent'] = flattenText(Yii::app()->request->getPost('remindersent')); - $aTokenData['remindercount'] = intval(flattenText(Yii::app()->request->getPost('remindercount'))); + $aTokenData['language'] = sanitize_languagecode($request->getPost('language')); + $aTokenData['sent'] = flattenText($request->getPost('sent')); + $aTokenData['completed'] = flattenText($request->getPost('completed')); + $aTokenData['usesleft'] = flattenText($request->getPost('usesleft')); + $aTokenData['validfrom'] = $request->getPost('validfrom'); + $aTokenData['validuntil'] = $request->getPost('validuntil'); + $aTokenData['remindersent'] = flattenText($request->getPost('remindersent')); + $aTokenData['remindercount'] = intval(flattenText($request->getPost('remindercount'))); $udresult = Token::model($iSurveyId)->findAll("tid <> '$iTokenId' and token <> '' and token = '$sSanitizedToken'"); if (count($udresult) == 0) { $attrfieldnames = Survey::model()->findByPk($iSurveyId)->tokenAttributes; foreach ($attrfieldnames as $attr_name => $desc) { - - $value = Yii::app()->request->getPost($attr_name); - if ($desc['mandatory'] == 'Y' && trim($value) == '') { Yii::app()->setFlashMessage(sprintf(gT('%s cannot be left empty'), $desc['description']), 'error'); + $value = $request->getPost($attr_name); + if ($desc['mandatory'] == 'Y' && trim($value) == '') { + Yii::app()->setFlashMessage(sprintf(gT('%s cannot be left empty'), $desc['description']), 'error'); $this->getController()->refresh(); } - $aTokenData[$attr_name] = Yii::app()->request->getPost($attr_name); + $aTokenData[$attr_name] = $request->getPost($attr_name); } $token = Token::model($iSurveyId)->findByPk($iTokenId); - foreach ($aTokenData as $k => $v) + foreach ($aTokenData as $k => $v) { $token->$k = $v; - $token->save(); + } - $aData['sidemenu']['state'] = false; - $this->_renderWrappedTemplate('token', array( 'message' => array( - 'title' => gT("Success"), - 'message' => gT("The survey participant was successfully updated.") . "

\n" - . "\t\tgetController()->createUrl("admin/tokens/sa/browse/surveyid/$iSurveyId/") . "', '_top')\" />\n" - )), $aData); + $result = $token->save(); + + if ($result) { + \ls\ajax\AjaxHelper::outputSuccess(gT('The survey participant was successfully updated.')); + } + else { + $errors = $token->getErrors(); + $firstError = reset($errors); + \ls\ajax\AjaxHelper::outputError($firstError[0]); + } } else { - $aData['sidemenu']['state'] = false; - $this->_renderWrappedTemplate('token', array( 'message' => array( - 'title' => gT("Failed"), - 'message' => gT("There is already an entry with that exact token in the table. The same token cannot be used in multiple entries.") . "

\n" - . "\t\tgetController()->createUrl("admin/tokens/sa/edit/surveyid/$iSurveyId/tokenid/$iTokenId") . "', '_top')\" />\n" - ))); + \ls\ajax\AjaxHelper::outputError(gT('There is already an entry with that exact token in the table. The same token cannot be used in multiple entries.')); } } else { @@ -749,8 +749,9 @@ public function edit($iSurveyId, $iTokenId, $ajax = false) } /** - * Delete tokens - */ + * Delete tokens + * @param int $iSurveyID + */ public function delete($iSurveyID) { $this->registerScriptFile( 'ADMIN_SCRIPT_PATH', 'tokens.js'); diff --git a/scripts/admin/tokens.js b/scripts/admin/tokens.js index 1dcaa4f5515..8d0e8f0d0fa 100644 --- a/scripts/admin/tokens.js +++ b/scripts/admin/tokens.js @@ -106,44 +106,45 @@ $.fn.textWidth = function(text, font) { return $.fn.textWidth.fakeEl.width(); }; - +/** + * Used when user clicks "Save" in token edit modal + */ function submitEditToken(){ var $form = $('#edittoken'); var $datas = $form.serialize(); var $actionUrl = $form.attr('action'); - var $gridid = $('.listActions').data('grid-id'); var $modal = $('#editTokenModal'); - $ajaxLoader = $('#ajaxContainerLoading2'); - $('#modal-content').empty(); - $ajaxLoader.show(); // Show the ajax loader // Ajax request - $.ajax({ + LS.ajax({ url : $actionUrl, type : 'POST', data : $datas, - // html contains the buttons - success : function(html, statut){ - $ajaxLoader.hide(); - //Using Try/Catch here to catch errors if there is no grid + success : function(result, stat) { + if (result.success) { + $modal.modal('hide'); + } + else { + } - try{ + // Using Try/Catch here to catch errors if there is no grid + try { $.fn.yiiGridView.update('token-grid', { complete: function(s){ $modal.modal('hide'); } // Update the surveys list }); - } catch(e){ - if(e){console.log(e); $modal.modal('hide');} - }finally{ - $ajaxLoader.hide(); + } + catch (e){ + if (e) { + console.log(e); + $modal.modal('hide'); + } } }, error : function(html, statut){ - $ajaxLoader.hide(); $('#modal-content').empty().append(html); - console.log(html); } }); }