fix(textareafield): embedded image upload broken

Author: btry

ajax/formanswer.php

@@ -0,0 +1,130 @@
+<?php
+/**
+ * ---------------------------------------------------------------------
+ * Formcreator is a plugin which allows creation of custom forms of
+ * easy access.
+ * ---------------------------------------------------------------------
+ * LICENSE
+ *
+ * This file is part of Formcreator.
+ *
+ * Formcreator is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Formcreator is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Formcreator. If not, see <http://www.gnu.org/licenses/>.
+ * ---------------------------------------------------------------------
+ * @copyright Copyright © 2011 - 2021 Teclib'
+ * @license   http://www.gnu.org/licenses/gpl.txt GPLv3+
+ * @link      https://github.com/pluginsGLPI/formcreator/
+ * @link      https://pluginsglpi.github.io/formcreator/
+ * @link      http://plugins.glpi-project.org/#/plugin/formcreator
+ * ---------------------------------------------------------------------
+ */
+
+include ('../../../inc/includes.php');
+
+// Check if plugin is activated...
+if (!Plugin::isPluginActive('formcreator')) {
+   http_response_code(404);
+   die();
+}
+
+if (!isset($_POST['submit_formcreator']) || !isset($_POST['plugin_formcreator_forms_id'])) {
+   http_response_code(500);
+   die();
+}
+
+$form = PluginFormcreatorCommon::getForm();
+if (!$form->getFromDB($_POST['plugin_formcreator_forms_id'])) {
+   http_response_code(500);
+   die();
+}
+
+// If user is not authenticated, create temporary user
+if (!isset($_SESSION['glpiname'])) {
+   $_SESSION['glpiname'] = 'formcreator_temp_user';
+}
+
+// Save form
+$formAnswer = PluginFormcreatorCommon::getFormAnswer();
+if ($formAnswer->add($_POST) === false) {
+   http_response_code(400);
+   if ($_SESSION['glpiname'] == 'formcreator_temp_user') {
+      // Messages are for authenticated users. This is a workaround
+      ob_start();
+      Html::displayMessageAfterRedirect(filter_var(($_GET['display_container'] ?? true), FILTER_VALIDATE_BOOLEAN));
+      $messages = ob_get_clean();
+      echo json_encode([
+         'message' => $messages
+      ]);
+   }
+   die();
+}
+$form->increaseUsageCount();
+
+if ($_SESSION['glpiname'] == 'formcreator_temp_user') {
+   // Form was saved by an annymous user
+   unset($_SESSION['glpiname']);
+   // don't show notifications
+   unset($_SESSION['MESSAGE_AFTER_REDIRECT']);
+   echo json_encode(
+      [
+         'redirect' => 'formdisplay.php?answer_saved',
+      ], JSON_FORCE_OBJECT
+   );
+   die();
+}
+
+// redirect to created item
+if ($_SESSION['glpibackcreated']) {
+   if (strpos($_SERVER['HTTP_REFERER'], 'form.form.php') === false) {
+      // User was not testing the form from preview
+      if (count($formAnswer->targetList) == 1) {
+         $target = current($formAnswer->targetList);
+         echo json_encode(
+            [
+               'redirect' => $target->getFormURLWithID($target->getID()),
+            ], JSON_FORCE_OBJECT
+         );
+         die();
+      }
+      echo json_encode(
+         [
+            'redirect' => $formAnswer->getFormURLWithID($formAnswer->getID()),
+         ], JSON_FORCE_OBJECT
+      );
+   }
+   echo json_encode(
+      [
+         'redirect' => (new PluginFormcreatorForm())->getFormURLWithID($formAnswer->fields['plugin_formcreator_forms_id']),
+      ], JSON_FORCE_OBJECT
+   );
+   die();
+}
+
+if (plugin_formcreator_replaceHelpdesk()) {
+   // Form was saved from the service catalog
+   echo json_encode(
+      [
+         'redirect' => PluginFormcreatorIssue::getSearchURL(),
+      ], JSON_FORCE_OBJECT
+   );
+   die();
+}
+if (strpos($_SERVER['HTTP_REFERER'], 'formdisplay.php') !== false) {
+   // Form was saved from helpdesk (assistance > forms)
+   echo json_encode(
+      [
+         'redirect' => 'formlist.php',
+      ], JSON_FORCE_OBJECT
+   );
+   die();
+}

front/form.form.php

@@ -124,52 +124,6 @@
    $form->importJson($_REQUEST);
    Html::back();
 
-} else if (isset($_POST['submit_formcreator'])) {
-   // Save form to target
-   if (!$form->getFromDB($_POST['plugin_formcreator_forms_id'])) {
-      Html::back();
-   }
-
-   // If user is not authenticated, create temporary user
-   if (!isset($_SESSION['glpiname'])) {
-      $_SESSION['glpiname'] = 'formcreator_temp_user';
-   }
-
-   // Save form
-   $formAnswer = PluginFormcreatorCommon::getFormAnswer();
-   if ($formAnswer->add($_POST) === false) {
-      Html::back();
-   }
-   $form->increaseUsageCount();
-
-   if ($_SESSION['glpiname'] == 'formcreator_temp_user') {
-      // Form was saved by an annymous user
-      unset($_SESSION['glpiname']);
-      // don't show notifications
-      unset($_SESSION['MESSAGE_AFTER_REDIRECT']);
-      Html::redirect('formdisplay.php?answer_saved');
-   }
-
-   // redirect to created item
-   if ($_SESSION['glpibackcreated']) {
-      if (count($formAnswer->targetList) == 1) {
-         $target = current($formAnswer->targetList);
-         Html::redirect($target->getFormURLWithID($target->getID()));
-      }
-      Html::redirect(PluginFormcreatorFormAnswer::getFormURLWithID($formAnswer->getID()));
-   }
-
-   if (plugin_formcreator_replaceHelpdesk()) {
-      // Form was saved from the service catalog
-      Html::redirect('issue.php');
-   }
-   if (strpos($_SERVER['HTTP_REFERER'], 'formdisplay.php') !== false) {
-      // Form was saved from helpdesk (assistance > forms)
-      Html::redirect('formlist.php');
-   }
-   // Form was saved from preview tab, go back to the preview
-   Html::back();
-
 } else {
    // Show forms form
    Session::checkRight('entity', UPDATE);

inc/abstractitiltarget.class.php

@@ -29,9 +29,8 @@
  * ---------------------------------------------------------------------
  */
 
-use Glpi\Application\View\TemplateRenderer;
 use Glpi\Toolbox\Sanitizer;
-use GlpiPlugin\Formcreator\Field\FileField;
+use GlpiPlugin\Formcreator\Field\TextareaField;
 
 if (!defined('GLPI_ROOT')) {
    die("Sorry. You can't access this file directly");
@@ -2264,28 +2263,21 @@ public function getDefaultData(PluginFormcreatorFormAnswer $formanswer): array {
       return $data;
    }
 
-   /**
-    * Emulate file uploads for documents provided to file questions
-    *
-    * @param array $data
-    * @param PluginFormcreatorFormAnswer $formanswer a form answer
-    * @return array input $data updated with (fake) file uploads
-    */
-   protected function prepareUploadedFiles(array $data, $formanswer): array {
+   protected function prepareUploadsFromTextarea(array $data, PluginFormcreatorFormAnswer $formanswer): array {
       $saved_documents = $formanswer->getFileProperties();
 
       if ($saved_documents) {
          foreach ($formanswer->getForm()->getFields() as $questionId => $field) {
-            if (!($field instanceOf FileField)) {
+            if (!($field instanceOf TextareaField)) {
                continue;
             }
-            if (!isset($saved_documents["_filename"][$questionId])) {
+            if (!isset($saved_documents["_content"][$questionId])) {
                continue;
             }
-            $data["_filename"] = array_merge($data["_filename"], $saved_documents["_filename"][$questionId] ?? []);
-            $data["_tag_filename"] = array_merge($data["_tag_filename"], $saved_documents["_tag_filename"][$questionId] ?? []);
+            $data["_content"] = array_merge($data["_content"], $saved_documents["_content"][$questionId] ?? []);
+            $data["_tag_content"] = array_merge($data["_tag_content"], $saved_documents["_tag_content"][$questionId] ?? []);
 
-            foreach ($saved_documents["_filename"][$questionId] as $key => $filename) {
+            foreach ($saved_documents["_content"][$questionId] as $key => $filename) {
                $uploaded_filename = $formanswer->getFileName($questionId, $key);
                if ($uploaded_filename != '') {
                   copy(GLPI_DOC_DIR . '/' . $uploaded_filename, GLPI_TMP_DIR . '/' . $filename);
@@ -2294,12 +2286,12 @@ protected function prepareUploadedFiles(array $data, $formanswer): array {
          }
       } else {
          foreach ($formanswer->getForm()->getFields() as $questionId => $field) {
-            if (!($field instanceOf FileField)) {
+            if (!($field instanceOf TextareaField)) {
                continue;
             }
-            $data["_filename"] = array_merge($data["_filename"], $formanswer->input["_formcreator_field_" . $questionId]);
-            $data["_prefix_filename"] = array_merge($data["_prefix_filename"], $formanswer->input["_prefix_formcreator_field_" . $questionId]);
-            $data["_tag_filename"] = array_merge($data["_tag_filename"], $formanswer->input["_tag_formcreator_field_" . $questionId]);
+            $data["_content"] = array_merge($data["_content"], $formanswer->input["_formcreator_field_" . $questionId]);
+            $data["_prefix_content"] = array_merge($data["_prefix_content"], $formanswer->input["_prefix_formcreator_field_" . $questionId]);
+            $data["_tag_content"] = array_merge($data["_tag_content"], $formanswer->input["_tag_formcreator_field_" . $questionId]);
             foreach ($formanswer->input["_formcreator_field_" . $questionId] as $key => $filename) {
                $uploaded_filename = $formanswer->getFileName($questionId, $key);
                if ($uploaded_filename != '') {
@@ -2312,6 +2304,65 @@ protected function prepareUploadedFiles(array $data, $formanswer): array {
       return $data;
    }
 
+   /**
+    * Emulate file uploads for documents provided to file questions
+    *
+    * @param array $data
+    * @return array input $data updated with (fake) file uploads
+    */
+   protected function prepareUploadedFiles(array $data): array {
+      $data['_filename'] = [];
+      $data['_prefix_filename'] = [];
+      $data['_tag_filename'] = [];
+
+      // emulate file uploads of inline images
+      // TODO: replace PluginFormcreatorCommon::getDocumentsFromTag by Toolbox::getDocumentsFromTag
+      // when is merged https://github.com/glpi-project/glpi/pull/9335
+      foreach (PluginFormcreatorCommon::getDocumentsFromTag($data['content']) as $document) {
+         $prefix = uniqid('', true);
+         $filename = $prefix . 'image_paste.' . pathinfo($document['filename'], PATHINFO_EXTENSION);
+         if (!copy(GLPI_DOC_DIR . '/' . $document['filepath'], GLPI_TMP_DIR . '/' . $filename)) {
+            continue;
+         }
+
+         // Formanswers answers contains document tags to allow
+         // Replace them with a IMG tag similar to those found after pasting an
+         // image in a textarea
+         // <img id="..." src="blob:http://..." data-upload_id=".." />
+         // the attribute id is requires to let GLPI process the upload properly
+         $img = "<img id='" . $document['tag'] . "' src='' />";
+         $data['content'] = preg_replace(
+            '/' . Document::getImageTag($document['tag']) . '/',
+            Sanitizer::sanitize($img),
+            $data['content']
+         );
+
+         $data['_filename'][] = $filename;
+         $data['_prefix_filename'][] = $prefix;
+         $data['_tag_filename'][] = $document['tag'];
+      }
+
+      // emulate file upload
+      foreach (array_keys($this->attachedDocuments) as $documentId) {
+         $document = new Document();
+         if (!$document->getFromDB($documentId)) {
+            continue;
+         }
+
+         $prefix = uniqid('', true);
+         $filename = $prefix . $document->fields['filename'];
+         if (!copy(GLPI_DOC_DIR . '/' . $document->fields['filepath'], GLPI_TMP_DIR . '/' . $filename)) {
+            continue;
+         }
+
+         $data['_filename'][] = $filename;
+         $data['_prefix_filename'][] = $prefix;
+         $data['_tag_filename'][] = $document->fields['tag'];
+      }
+
+      return $data;
+   }
+
    public static function getTargetType(): int {
       return self::TARGET_TYPE_OBJECT;
    }

inc/common.class.php

@@ -593,8 +593,11 @@ public static function checkRegex($regex) {
     * @return array data from documents having tags found
     */
    public static function getDocumentsFromTag(string $content_text): array {
-      preg_match_all('/'.Document::getImageTag('(([a-z0-9]+|[\.\-]?)+)').'/', $content_text,
-                     $matches, PREG_PATTERN_ORDER);
+      preg_match_all(
+         '/'.Document::getImageTag('(([a-z0-9]+|[\.\-]?)+)').'/',
+         $content_text,
+         $matches, PREG_PATTERN_ORDER
+      );
       if (!isset($matches[1]) || count($matches[1]) == 0) {
          return [];
       }

inc/field/actorfield.class.php

@@ -36,6 +36,7 @@
 use Html;
 use User;
 use Session;
+use PluginFormcreatorFormAnswer;
 use GlpiPlugin\Formcreator\Exception\ComparisonException;
 use Glpi\Application\View\TemplateRenderer;
 
@@ -125,7 +126,7 @@ public function getRenderedHtml($domain, $canEdit = true): string {
       return $html;
    }
 
-   public function serializeValue(): string {
+   public function serializeValue(PluginFormcreatorFormAnswer $formanswer): string {
       if ($this->value === null || $this->value === '') {
          return '';
       }
@@ -306,7 +307,10 @@ public function prepareQuestionInputForSave($input) {
       }
 
       $this->value = $parsed;
-      $input['default_values'] = $this->serializeValue();
+      $input['default_values'] = '';
+      if ($this->value !== null && $this->value != '') {
+         $input['default_value'] = json_encode($this->value);
+      }
 
       return $input;
    }

inc/field/checkboxesfield.class.php

@@ -37,6 +37,7 @@
 use Toolbox;
 use Session;
 use PluginFormcreatorQuestionRange;
+use PluginFormcreatorFormAnswer;
 use Glpi\Application\View\TemplateRenderer;
 
 class CheckboxesField extends PluginFormcreatorAbstractField
@@ -116,7 +117,7 @@ public static function getName(): string {
       return __('Checkboxes', 'formcreator');
    }
 
-   public function serializeValue(): string {
+   public function serializeValue(PluginFormcreatorFormAnswer $formanswer): string {
       if ($this->value === null || $this->value === '') {
          return '';
       }

inc/field/datefield.class.php

@@ -36,6 +36,7 @@
 use Html;
 use DateTime;
 use Session;
+use PluginFormcreatorFormAnswer;
 use GlpiPlugin\Formcreator\Exception\ComparisonException;
 use Glpi\Application\View\TemplateRenderer;
 
@@ -80,7 +81,7 @@ public function getRenderedHtml($domain, $canEdit = true): string {
       return $html;
    }
 
-   public function serializeValue(): string {
+   public function serializeValue(PluginFormcreatorFormAnswer $formanswer): string {
       return $this->value;
    }