mirror of
https://github.com/typemill/typemill.git
synced 2025-08-01 11:50:28 +02:00
Fix Captcha and Plugin Validation
This commit is contained in:
trendschau
@@ -11,9 +11,15 @@ class TwigCaptchaExtension extends AbstractExtension
|
||||
public function getFunctions()
|
||||
{
|
||||
return [
|
||||
new TwigFunction('captcha', array($this, 'captchaImage' ))
|
||||
new TwigFunction('captcha', array($this, 'captchaImage' )),
|
||||
new TwigFunction('clearcaptcha', array($this, 'captchaClear' ))
|
||||
];
|
||||
}
|
||||
|
||||
public function captchaClear()
|
||||
{
|
||||
unset($_SESSION['captcha']);
|
||||
}
|
||||
|
||||
public function captchaImage($initialize = false)
|
||||
{
|
||||
@@ -24,10 +30,10 @@ class TwigCaptchaExtension extends AbstractExtension
|
||||
|
||||
if(isset($_SESSION['captcha']) && $_SESSION['captcha'] === 'error')
|
||||
{
|
||||
$template = '<div class="my-2 error">' .
|
||||
$template = '<div class="my-2 errorfield">' .
|
||||
'<label for="captcha">Captcha</label>' .
|
||||
'<input type="text" name="captcha" class="form-control block w-full px-3 py-1.5 text-base font-normal text-gray-700 bg-white bg-clip-padding border border-solid border-red-500 bg-red-100 transition ease-in-out m-0 focus:text-gray-700 focus:bg-white focus:border-blue-600 focus:outline-none">' .
|
||||
'<span class="text-xs">The captcha was wrong.</span>' .
|
||||
'<div class="text-xs error">The captcha was wrong.</div>' .
|
||||
'<img class="captcha my-2" src="' . $builder->inline() . '" />' .
|
||||
'</div>';
|
||||
}
|
||||
|
||||
@@ -342,7 +342,6 @@ class Navigation extends Folder
|
||||
|
||||
public function getItemWithKeyPath($navigation, array $searchArray, $baseUrl = null)
|
||||
{
|
||||
|
||||
$item = false;
|
||||
|
||||
# if it is the homepage
|
||||
|
||||
@@ -10,6 +10,7 @@ use Typemill\Models\Validation;
|
||||
use Typemill\Models\Fields;
|
||||
use Typemill\Extensions\ParsedownExtension;
|
||||
|
||||
|
||||
abstract class Plugin implements EventSubscriberInterface
|
||||
{
|
||||
protected $container;
|
||||
@@ -141,7 +142,7 @@ abstract class Plugin implements EventSubscriberInterface
|
||||
return $storage->getError();
|
||||
}
|
||||
|
||||
private function getPluginName($pluginname)
|
||||
private function getPluginName($pluginname = NULL)
|
||||
{
|
||||
if(!$pluginname)
|
||||
{
|
||||
@@ -340,75 +341,40 @@ abstract class Plugin implements EventSubscriberInterface
|
||||
|
||||
protected function validateParams($params)
|
||||
{
|
||||
$pluginName = key($params);
|
||||
$pluginname = $this->getPluginName();
|
||||
$userinput = $params[$pluginname] ?? false;
|
||||
|
||||
if(isset($params[$pluginName]))
|
||||
if(!$userinput)
|
||||
{
|
||||
$userInput = $params[$pluginName];
|
||||
$settings = $this->getSettings();
|
||||
|
||||
# get settings and start validation
|
||||
$originalSettings = \Typemill\Settings::getObjectSettings('plugins', $pluginName);
|
||||
if(isset($settings['plugins'][$pluginName]['publicformdefinitions']) && $settings['plugins'][$pluginName]['publicformdefinitions'] != '')
|
||||
{
|
||||
$arrayFromYaml = \Symfony\Component\Yaml\Yaml::parse($settings['plugins'][$pluginName]['publicformdefinitions']);
|
||||
$originalSettings['public']['fields'] = $arrayFromYaml;
|
||||
}
|
||||
elseif(isset($originalSettings['settings']['publicformdefinitions']))
|
||||
{
|
||||
$arrayFromYaml = \Symfony\Component\Yaml\Yaml::parse($originalSettings['settings']['publicformdefinitions']);
|
||||
$originalSettings['public']['fields'] = $arrayFromYaml;
|
||||
}
|
||||
|
||||
$validate = new Validation();
|
||||
|
||||
if(isset($originalSettings['public']['fields']))
|
||||
{
|
||||
# flaten the multi-dimensional array with fieldsets to a one-dimensional array
|
||||
$originalFields = array();
|
||||
foreach($originalSettings['public']['fields'] as $fieldName => $fieldValue)
|
||||
{
|
||||
if(isset($fieldValue['fields']))
|
||||
{
|
||||
foreach($fieldValue['fields'] as $subFieldName => $subFieldValue)
|
||||
{
|
||||
$originalFields[$subFieldName] = $subFieldValue;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$originalFields[$fieldName] = $fieldValue;
|
||||
}
|
||||
}
|
||||
|
||||
# take the user input data and iterate over all fields and values
|
||||
foreach($userInput as $fieldName => $fieldValue)
|
||||
{
|
||||
# get the corresponding field definition from original plugin settings
|
||||
$fieldDefinition = isset($originalFields[$fieldName]) ? $originalFields[$fieldName] : false;
|
||||
|
||||
if($fieldDefinition)
|
||||
{
|
||||
# validate user input for this field
|
||||
$validate->objectField($fieldName, $fieldValue, $pluginName, $fieldDefinition);
|
||||
}
|
||||
if(!$fieldDefinition && $fieldName != 'active')
|
||||
{
|
||||
$_SESSION['errors'][$pluginName][$fieldName] = array('This field is not defined!');
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($_SESSION['errors']))
|
||||
{
|
||||
$this->container->flash->addMessage('error', 'Please correct the errors');
|
||||
return false;
|
||||
}
|
||||
|
||||
return $params[$pluginName];
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->container->flash->addMessage('error', 'The data from the form was invalid (missing or not defined)');
|
||||
return false;
|
||||
$pluginsettings = $this->getPluginSettings($pluginname);
|
||||
$extension = new Extension();
|
||||
$formdefinitions = $extension->getPluginDefinition($pluginname);
|
||||
|
||||
# if there are public form definitions, add them to the formdefinitions
|
||||
if(isset($pluginsettings['publicformdefinitions']) && $pluginsettings['publicformdefinitions'] != '')
|
||||
{
|
||||
$arrayFromYaml = \Symfony\Component\Yaml\Yaml::parse($pluginsettings['publicformdefinitions']);
|
||||
$formdefinitions['public']['fields'] = $arrayFromYaml;
|
||||
}
|
||||
elseif(isset($formdefinitions['settings']['publicformdefinitions']))
|
||||
{
|
||||
$arrayFromYaml = \Symfony\Component\Yaml\Yaml::parse($formdefinitions['settings']['publicformdefinitions']);
|
||||
$formdefinitions['public']['fields'] = $arrayFromYaml;
|
||||
}
|
||||
|
||||
$validate = new Validation();
|
||||
$validatedOutput = $validate->recursiveValidation($formdefinitions['public']['fields'], $userinput);
|
||||
|
||||
if(!empty($validate->errors))
|
||||
{
|
||||
$_SESSION['errors'] = $validate->errors;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return $validatedOutput;
|
||||
}
|
||||
}
|
||||
@@ -54,8 +54,12 @@
|
||||
|
||||
{{ captcha(old) }}
|
||||
|
||||
{% endif %}
|
||||
{% else %}
|
||||
|
||||
{{ clearcaptcha() }}
|
||||
|
||||
{% endif %}
|
||||
|
||||
<input
|
||||
type="submit"
|
||||
value="{{ translate('Login') }}"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
<div class="{{ class ? class : 'cardField' }}{{ errors[itemName][field.name] ? ' error' : '' }}{{field.fieldsize ? ' ' ~ field.fieldsize : ''}}">
|
||||
<div class="{{ class ? class : 'cardField' }}{{ errors[field.name] ? ' errorfield' : '' }}{{field.fieldsize ? ' ' ~ field.fieldsize : ''}}">
|
||||
|
||||
<label for="{{ itemName }}[{{ field.name }}]">{{ translate( field.getLabel() ) }}
|
||||
{% if field.getAttribute('required') %}<strong><abbr title="{{ translate('required') }}">*</abbr></strong>{% endif %}
|
||||
@@ -24,8 +24,8 @@
|
||||
<input class="function-img-url w-90 mbfix" type="text" name="{{ itemName }}[{{ field.name }}]" value="{{ settings[object][itemName][field.name] }}" readonly>
|
||||
</div>
|
||||
</div>
|
||||
{% if errors[itemName][field.name] %}
|
||||
<div class="error f6">{{ errors[itemName][field.name] | first }}</div>
|
||||
{% if errors[field.name] %}
|
||||
<div class="error f6">{{ errors[field.name] }}</div>
|
||||
{% endif %}
|
||||
|
||||
{% if field.description %}<div class="description pv3">{{ translate(field.description) }}</div>{% endif %}
|
||||
@@ -94,8 +94,8 @@
|
||||
|
||||
{% if field.description %}<div class="description">{{ translate(field.description) }}</div>{% endif %}
|
||||
|
||||
{% if errors[itemName][field.name] %}
|
||||
<span class="error">{{ errors[itemName][field.name] | first }}</span>
|
||||
{% if errors[field.name] %}
|
||||
<div class="error">{{ errors[field.name] }}</div>
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
{% endif %}
|
||||
<form method="POST" action="{{ url_for(routename) }}" enctype="multipart/form-data">
|
||||
|
||||
<fieldset class="card{{ errors[itemName] ? ' errors' : '' }}">
|
||||
<fieldset class="card{{ errors ? ' errors' : '' }}">
|
||||
|
||||
{% for field in fields %}
|
||||
|
||||
@@ -22,7 +22,7 @@
|
||||
|
||||
{% else %}
|
||||
|
||||
{% include '/partials/fields.twig' with {'itemName' : itemName, 'object' : object } %}
|
||||
{% include '/partials/fields.twig' with {'itemName' : itemName, 'object' : object} %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -33,16 +33,18 @@
|
||||
<input type="text" name="personal-honey-mail">
|
||||
</div>
|
||||
|
||||
{% if captchaoptions == 'disabled' %}
|
||||
{% if captchaoptions == 'standard' %}
|
||||
|
||||
{{ captcha(true) }}
|
||||
|
||||
{% elseif captchaoptions == 'aftererror' %}
|
||||
|
||||
{{ captcha(old) }}
|
||||
|
||||
{% else %}
|
||||
|
||||
{{ captcha(true) }}
|
||||
|
||||
{{ clearcaptcha() }}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% if recaptcha_webkey %}
|
||||
@@ -51,6 +53,11 @@
|
||||
|
||||
<input type="submit" value="{{ buttonlabel ? buttonlabel : 'send' }}" />
|
||||
|
||||
<style>.personal-mail{display:none}</style>
|
||||
<style>
|
||||
.personal-mail{ display:none }
|
||||
.error{ margin-top:4px; background:red; color:#FFF; padding: 2px; font-size:.9rem;}
|
||||
.errorfield label{ color:red; }
|
||||
.errorfield input{ outline: 1px solid red; }
|
||||
</style>
|
||||
</fieldset>
|
||||
</form>
|
||||
Reference in New Issue
Block a user