Mise en route du suivi.
[aidenligne_francais_universite.git] / plugins / forms_1_9_1 / inc / forms.php
1 <?php
2 /*
3 * forms
4 * version plug-in de spip_form
5 *
6 * Auteur :
7 * Antoine Pitrou
8 * adaptation en 182e puis plugin par cedric.morin@yterium.com
9 * © 2005,2006 - Distribue sous licence GNU/GPL
10 *
11 */
12 include_spip('inc/securiser_action');
13
14 function Forms_install(){
15 Form_verifier_base();
16 }
17
18 function Forms_uninstall(){
19 include_spip('base/forms');
20 include_spip('base/abstract_sql');
21 }
22
23 function Forms_verifier_base(){
24 $version_base = 0.16;
25 $current_version = 0.0;
26 if ( (isset($GLOBALS['meta']['forms_base_version']) )
27 && (($current_version = $GLOBALS['meta']['forms_base_version'])==$version_base))
28 return;
29
30 include_spip('base/forms');
31 include_spip('base/forms_temporaire');
32 if ($current_version==0.0){
33 include_spip('base/create');
34 include_spip('base/abstract_sql');
35 // attention on vient peut etre d'une table spip-forms 1.8
36 $desc = spip_abstract_showtable('spip_forms','',true);
37 if (isset($desc['field']))
38 $current_version=0.1;
39 else {
40 creer_base();
41 ecrire_meta('forms_base_version',$current_version=$version_base);
42 }
43 }
44 if ($current_version<0.11){
45 include_spip('base/create');
46 include_spip('base/abstract_sql');
47 creer_base();
48 $query = "ALTER TABLE spip_forms CHANGE `email` `email` TEXT NOT NULL ";
49 $res = spip_query($query);
50 $query = "SELECT * FROM spip_forms";
51 $res = spip_query($query);
52 while ($row = spip_fetch_array($res)){
53 $email = $row['email'];
54 $id_form = $row['id_form'];
55 if (unserialize($email)==FALSE){
56 $email=addslashes(serialize(array('defaut'=>$email)));
57 $query = "UPDATE spip_forms SET email='$email' WHERE id_form=$id_form";
58 spip_query($query);
59 }
60 }
61 ecrire_meta('forms_base_version',$current_version=0.11);
62 }
63 if ($current_version<0.12){
64 include_spip('base/create');
65 include_spip('base/abstract_sql');
66 creer_base();
67 spip_query("ALTER TABLE spip_forms CHANGE `descriptif` `descriptif` TEXT");
68 spip_query("ALTER TABLE spip_forms CHANGE `schema` `schema` TEXT");
69 spip_query("ALTER TABLE spip_forms CHANGE `email` `email` TEXT");
70 spip_query("ALTER TABLE spip_forms CHANGE `texte` `texte` TEXT");
71 ecrire_meta('forms_base_version',$current_version=0.12);
72 }
73 if ($current_version<0.13){
74 spip_query("ALTER TABLE spip_forms CHANGE `schema` `structure` TEXT");
75 ecrire_meta('forms_base_version',$current_version=0.13);
76 }
77 if ($current_version<0.14){
78 spip_query("ALTER TABLE spip_reponses ADD `id_article_export` BIGINT( 21 ) NOT NULL AFTER `id_auteur` ");
79 ecrire_meta('forms_base_version',$current_version=0.14);
80 }
81 if ($current_version<0.15){
82 spip_query("ALTER TABLE spip_reponses ADD `url` VARCHAR(255) NOT NULL AFTER `id_article_export` ");
83 ecrire_meta('forms_base_version',$current_version=0.15);
84 }
85 if ($current_version<0.16){
86 // virer les tables temporaires crees manuellement sur les serveurs ou ca foirait
87 spip_query("DROP TABLE spip_forms_champs");
88 spip_query("DROP TABLE spip_forms_champs_choix");
89 // passer les tables temporaires en permanentes
90 include_spip('base/forms_temporaire');
91 forms_creer_tables_temporaires(false);
92 ecrire_meta('forms_base_version',$current_version=0.16);
93 }
94 ecrire_metas();
95 }
96
97 function Forms_deplacer_fichier_form($source, $dest) {
98 include_spip('inc/getdocument');
99 if ($ok = deplacer_fichier_upload($source, $dest, true))
100 if (file_exists($source)) // argument move pas pris en compte avant spip 1.9.2
101 @unlink($source);
102
103 return $ok;
104 }
105
106 function Forms_nommer_fichier_form($orig, $dir) {
107 include_spip("inc/charsets");
108 include_spip("inc/filtres");
109 if (ereg("^(.*)\.([^.]+)$", $orig, $match)) {
110 $ext = strtolower($match[2]);
111 $orig = $match[1];
112 }
113 $base = ereg_replace("[^.a-zA-Z0-9_=-]+", "_",
114 translitteration(supprimer_tags(basename($orig))));
115 $n = 0;
116 $fichier = $base.'.'.$ext;
117 while (@file_exists($dir . $fichier)) {
118 $fichier = $base.'-'.(++$n).'.'.$ext;
119 }
120 return $fichier;
121 }
122
123 function Forms_type_fichier_autorise($nom_fichier) {
124 if (ereg("\.([^.]+)$", $nom_fichier, $match)) {
125 $ext = addslashes(strtolower($match[1]));
126 switch ($ext) {
127 case 'htm':
128 $ext = 'html';
129 break;
130 case 'jpeg':
131 $ext = 'jpg';
132 break;
133 case 'tiff':
134 $ext = 'tif';
135 break;
136 }
137 $query = "SELECT * FROM spip_types_documents WHERE extension='$ext' AND upload='oui'";
138 $result = spip_query($query);
139 return (spip_num_rows($result) > 0);
140 }
141 return false;
142 }
143
144 // Fonction utilitaires
145 function Forms_form_editable($id_form = 0) {
146 global $connect_statut;
147 return $connect_statut == '0minirezo';
148 }
149
150 function Forms_form_administrable($id_form = 0) {
151 global $connect_statut;
152 return $connect_statut == '0minirezo';
153 }
154
155 function Forms_nom_cookie_form($id_form) {
156 return $GLOBALS['cookie_prefix'].'cookie_form_'.$id_form;
157 }
158
159 function Forms_verif_cookie_sondage_utilise($id_form) {
160 //var_dump($_COOKIE);
161 $cookie_utilise=true;
162 $nom_cookie = Forms_nom_cookie_form($id_form);
163 // Ne generer un nouveau cookie que s'il n'existe pas deja
164 if (!$cookie = addslashes($GLOBALS['cookie_form'])){
165 if (!$cookie = $_COOKIE[$nom_cookie]) {
166 $cookie_utilise=false; // pas de cookie a l'horizon donc pas de reponse presumée
167 //include_spip("inc/session");
168 //$cookie = creer_uniqid();
169 }
170 }
171 $query = "SELECT id_reponse FROM spip_reponses ".
172 "WHERE id_form=$id_form AND cookie='".addslashes($cookie)."'";
173 if (!spip_num_rows(spip_query($query)))
174 $cookie_utilise=false; // cet utilisateur n'a pas deja repondu !
175 return $cookie_utilise;
176 }
177
178 //
179 // Afficher un pave formulaires dans la colonne de gauche
180 // (edition des articles)
181
182 function Forms_afficher_insertion_formulaire($id_article) {
183 global $connect_id_auteur, $connect_statut;
184 global $couleur_foncee, $couleur_claire, $options;
185 global $spip_lang_left, $spip_lang_right;
186
187 $s = "";
188 // Ajouter un formulaire
189 $s .= "\n<p>";
190 $s .= debut_cadre_relief("../"._DIR_PLUGIN_FORMS."/img_pack/form-24.png", true);
191
192 $s .= "<div style='padding: 2px; background-color: $couleur_claire; text-align: center; color: black;'>";
193 $s .= bouton_block_invisible("ajouter_form");
194 $s .= "<strong class='verdana3' style='text-transform: uppercase;'>"
195 ._T("forms:article_inserer_un_formulaire")."</strong>";
196 $s .= "</div>\n";
197
198 $s .= debut_block_invisible("ajouter_form");
199 $s .= "<div class='verdana2'>";
200 $s .= _T("forms:article_inserer_un_formulaire_detail");
201 $s .= "</div>";
202
203 $query = "SELECT id_form, titre FROM spip_forms ORDER BY titre";
204 $result = spip_query($query);
205 if (spip_num_rows($result)) {
206 $s .= "<br />\n";
207 $s .= "<div class='bandeau_rubriques' style='z-index: 1;'>";
208 $s .= "<div class='plan-articles'>";
209 while ($row = spip_fetch_array($result)) {
210 $id_form = $row['id_form'];
211 $titre = typo($row['titre']);
212
213 $link = generer_url_ecrire('forms_edit',"id_form=$id_form&retour=".urlencode(self()));
214 $s .= "<a href='".$link."'>";
215 $s .= $titre."</a>\n";
216 $s .= "<div class='arial1' style='text-align:$spip_lang_right;color: black; padding-$spip_lang_left: 4px;' "."title=\""._T("forms:article_recopier_raccourci")."\">";
217 $s .= "<strong>&lt;form".$id_form."&gt;</strong>";
218 $s .= "</div>";
219 }
220 $s .= "</div>";
221 $s .= "</div>";
222 }
223
224 // Creer un formulaire
225 if (Forms_form_editable()) {
226 $s .= "\n<br />";
227 $link = generer_url_ecrire('forms_edit',"new=oui&retour=".urlencode(self()));
228 $s .= icone_horizontale(_T("forms:icone_creer_formulaire"),
229 $link, "../"._DIR_PLUGIN_FORMS."/img_pack/form-24.png", "creer.gif", false);
230 }
231
232 $s .= fin_block();
233
234 $s .= fin_cadre_relief(true);
235 return $s;
236 }
237
238 function Forms_nom_type_champ($type) {
239 static $noms;
240 if (!$noms) {
241 $noms = array(
242 'ligne' => _T("forms:champ_type_ligne"),
243 'texte' => _T("forms:champ_type_texte"),
244 'url' => _T("forms:champ_type_url"),
245 'email' => _T("forms:champ_type_email"),
246 'select' => _T("forms:champ_type_select"),
247 'multiple' => _T("forms:champ_type_multiple"),
248 'fichier' => _T("forms:champ_type_fichier"),
249 'mot' => _T("forms:champ_type_mot"),
250 'separateur' => _T("forms:champ_type_separateur"),
251 'textestatique' => _T("forms:champ_type_textestatique")
252 );
253 }
254 return ($s = $noms[$type]) ? $s : $type;
255 }
256
257 function Forms_types_champs_autorises($type = '') {
258 static $t;
259 if (!$t) {
260 $t = array_flip(array('ligne', 'texte', 'url', 'email', 'select', 'multiple', 'fichier', 'mot','separateur','textestatique'));
261 }
262 return $type ? isset($t[$type]) : $t;
263 }
264
265 function Forms_generer_mail_reponse_formulaire($id_form, $id_reponse, $env){
266 if (!is_array($env)) $env=array();
267 $modele_mail = 'form_reponse_email';
268 if (isset($env['modele']))
269 $modele_mail = $env['modele'];
270 $result = spip_query("SELECT * FROM spip_forms WHERE id_form=$id_form");
271 if ($row = spip_fetch_array($result)) {
272 $modele = "modeles/$modele_mail";
273 if ($f = find_in_path(($m = "$modele-$id_form").".html"))
274 $modele = $m;
275 $corps_mail = recuperer_fond($modele,array_merge($env,array('id_reponse'=>$id_reponse)));
276 $corps_mail_admin = recuperer_fond($modele,array_merge($env,array('id_reponse'=>$id_reponse,'mail_admin'=>'oui')));
277 $champconfirm = $row['champconfirm'];
278 $email = unserialize($row['email']);
279 $email_dest = $email['defaut'];
280 $mailconfirm = "";
281
282 // recuperer l'email de confirmation
283 $result2 = spip_query("SELECT * FROM spip_reponses_champs WHERE id_reponse='$id_reponse' AND champ=".spip_abstract_quote($champconfirm));
284 if ($row2 = spip_fetch_array($result2)) {
285 $mailconfirm = $row2['valeur'];
286 }
287
288 // recuperer l'email d'admin
289 $result2 = spip_query("SELECT * FROM spip_reponses_champs WHERE id_reponse='$id_reponse' AND champ=".spip_abstract_quote($email['route']));
290 if ($row2 = spip_fetch_array($result2)) {
291 if (isset($email[$row2['valeur']]))
292 $email_dest = $email[$row2['valeur']];
293 }
294
295 include_spip('inc/mail');
296 if ($mailconfirm !== '') {
297 $head="From: formulaire@".$_SERVER["HTTP_HOST"]."\n";
298 $sujet = $row['titre'];
299 $dest = $mailconfirm;
300 // mettre le texte dans un charset acceptable et sans entites
301 //$mess_iso = unicode2charset(html2unicode(charset2unicode($corps_mail)),'iso-8859-1');
302 //mail($dest, $sujet, $mess_iso, $head);
303 $headers = "";
304 if (preg_match(",<html>(.*)</html>,Uims",$corps_mail,$regs)){
305 $charset = $GLOBALS['meta']['charset'];
306 $headers .=
307 "MIME-Version: 1.0\n".
308 "Content-Type: text/html; charset=$charset\n".
309 "Content-Transfer-Encoding: 8bit\n";
310 if (preg_match(",<h[1-6]>(.*)</h[1-6]>,Uims",$regs[1],$hs))
311 $sujet=$hs[1];
312 }
313 envoyer_mail($dest, $sujet, $corps_mail, "formulaire@".$_SERVER["HTTP_HOST"], $headers);
314 }
315 if ($email_dest != '') {
316 $head="From: formulaire_$id_form@".$_SERVER["HTTP_HOST"]."\n";
317 $sujet = $row['titre'];
318 $dest = $email_dest;
319 // mettre le texte dans un charset acceptable et sans entites
320 //$mess_iso = unicode2charset(html2unicode(charset2unicode($corps_mail_admin)),'iso-8859-1');
321 //mail($dest, $sujet, $mess_iso, $head);
322 $headers = "";
323 if (preg_match(",<html>.*</html>,Uims",$corps_mail_admin,$regs)){
324 $charset = $GLOBALS['meta']['charset'];
325 $headers .=
326 "MIME-Version: 1.0\n".
327 "Content-Type: text/html; charset=$charset\n".
328 "Content-Transfer-Encoding: 8bit\n";
329 if (preg_match(",<h[1-6]>(.*)</h[1-6]>,Uims",$regs[1],$hs))
330 $sujet=$hs[1];
331 }
332 envoyer_mail($dest, $sujet, $corps_mail_admin, "formulaire@".$_SERVER["HTTP_HOST"], $headers);
333 }
334 }
335 }
336
337 function Forms_enregistrer_reponse_formulaire($id_form, &$erreur, &$reponse, $script_validation = 'valide_form', $script_args='') {
338 $erreur = '';
339 $reponse = '';
340 $r = '';
341
342 $query = "SELECT * FROM spip_forms WHERE id_form=$id_form";
343 $result = spip_query($query);
344 if (!$row = spip_fetch_array($result)) {
345 $erreur['@'] = _T("forms:probleme_technique");
346 }
347 // Extraction des donnees pour l'envoi des mails eventuels
348 // accuse de reception et forward webmaster
349 $email = unserialize($row['email']);
350 $champconfirm = $row['champconfirm'];
351 $mailconfirm = '';
352
353 $structure = unserialize($row['structure']);
354 // Ici on parcourt les valeurs entrees pour les champs demandes
355 foreach ($structure as $index => $t) {
356 $code = $t['code'];
357 $type = $t['type'];
358 $type_ext = $t['type_ext'];
359 $val = $GLOBALS[$code];
360 if (!$val || ($type == 'fichier' && !$_FILES[$code]['tmp_name'])) {
361 if ($t['obligatoire'] == 'oui')
362 $erreur[$code] = _T("forms:champ_necessaire");
363 continue;
364 }
365 // Verifier la conformite des donnees entrees
366 if ($type == 'email') {
367 if (!strpos($val, '@') || !email_valide($val)) {
368 $erreur[$code] = _T("forms:adresse_invalide");
369 }
370 }
371 if ($type == 'url') {
372 if ($t['verif'] == 'oui') {
373 include_spip("inc/sites");
374 if (!recuperer_page($val)) {
375 $erreur[$code] = _T("forms:site_introuvable");
376 }
377 }
378 }
379 if ($type == 'fichier') {
380 if (!$taille = $_FILES[$code]['size']) {
381 $erreur[$code] = _T("forms:echec_upload");
382 }
383 else if ($type_ext['taille'] && $taille > ($type_ext['taille'] * 1024)) {
384 $erreur[$code] = _T("forms:fichier_trop_gros");
385 }
386 else if (!Forms_type_fichier_autorise($_FILES[$code]['name'])) {
387 $erreur[$code] = _T("fichier_type_interdit");
388 }
389 if ($erreur[$code]) {
390 supprimer_fichier($_FILES[$code]['tmp_name']);
391 }
392 }
393 }
394
395 // Si tout est bon, enregistrer la reponse
396 if (!$erreur) {
397 global $auteur_session;
398 $id_auteur = $auteur_session ? intval($auteur_session['id_auteur']) : 0;
399 $ip = addslashes($GLOBALS['REMOTE_ADDR']);
400 $url = parametre_url(self(),'id_form','');
401 $ok = true;
402
403 if ($row['sondage'] != 'non') {
404 $statut = 'attente';
405 $cookie = addslashes($GLOBALS['cookie_form']);
406 $nom_cookie = Forms_nom_cookie_form($id_form);
407 }
408 else {
409 $statut = 'valide';
410 $cookie = '';
411 }
412 // D'abord creer la reponse dans la base de donnees
413 if ($ok) {
414 $query = "INSERT INTO spip_reponses (id_form, id_auteur, date, ip, url, statut, cookie) ".
415 "VALUES ($id_form, '$id_auteur', NOW(), '$ip', ".spip_abstract_quote($url).", '$statut', '$cookie')";
416 spip_query($query);
417 $id_reponse = spip_insert_id();
418 if (!$id_reponse) {
419 $erreur['@'] = _T("forms:probleme_technique");
420 $ok = false;
421 }
422 }
423 // Puis enregistrer les differents champs
424 if ($ok) {
425 $inserts = array();
426 foreach ($structure as $index => $t) {
427 $type = $t['type'];
428 $code = $t['code'];
429
430 if ($type == 'fichier') {
431 if (!$val = $_FILES[$code] OR !$val['tmp_name']) continue;
432 // Fichier telecharge : deplacer dans IMG, stocker le chemin dans la base
433 $dir = sous_repertoire(_DIR_IMG, "protege");
434 $dir = sous_repertoire($dir, "form".$id_form);
435 $source = $val['tmp_name'];
436 $dest = $dir.Forms_nommer_fichier_form($val['name'], $dir);
437 if (!Forms_deplacer_fichier_form($source, $dest)) {
438 $erreur[$code] = _T("forms:probleme_technique_upload");
439 $ok = false;
440 }
441 else {
442 $inserts[] = "($id_reponse, '$code', '".addslashes($dest)."')";
443 }
444 }
445 else {
446 if (!$val = $GLOBALS[$code]) continue;
447 // Choix multiples : enregistrer chaque valeur separement
448 else if (is_array($val)) {
449 foreach ($val as $v) {
450 $inserts[] = "($id_reponse, '$code', '".addslashes($v)."')";
451 }
452 }
453 else {
454 $inserts[] = "($id_reponse, '$code', '".addslashes($val)."')";
455 if ($code == $champconfirm)
456 $mailconfirm = $val;
457 }
458 }
459 }
460
461 if (!count($inserts)) {
462 // Reponse vide => annuler
463 $erreur['@'] = _T("forms:remplir_un_champ");
464 $query = "DELETE FROM spip_reponses WHERE id_reponse=$id_reponse";
465 spip_query($query);
466 $ok = false;
467 }
468 }
469 if ($ok) {
470 $query = "INSERT INTO spip_reponses_champs (id_reponse, champ, valeur) ".
471 "VALUES ".join(',', $inserts);
472 spip_query($query);
473 if ($row['sondage'] != 'non') {
474 $hash = calculer_action_auteur("forms valide reponse sondage $id_reponse");
475 $url = generer_url_public($script_validation,"verif_cookie=oui&id_reponse=$id_reponse&hash=$hash".($script_args?"&$script_args":""));
476 $r = $url;
477 }
478 else if (($email) || ($mailconfirm)) {
479 $hash = calculer_action_auteur("forms confirme reponse $id_reponse");
480 $url = generer_url_public($script_validation,"mel_confirm=oui&id_reponse=$id_reponse&hash=$hash".($script_args?"&$script_args":""));
481 $r = $url;
482
483 $reponse = $mailconfirm;
484 }
485 }
486 }
487
488 return $r;
489 }
490
491 ?>