Commit b4990ea6 authored by Nigel McNie's avatar Nigel McNie
Browse files

Prevent not logged in users from submitting feedback on, or reporting, public Views.

This also makes sure that users accessing the View by a token can only submit feedback.

This should prevent a lot of spam.
parent b74da627
......@@ -67,37 +67,45 @@ function objectionSuccess() {
}
addLoadEvent(function () {
hideElement('add_feedback_form');
if ($('add_feedback_link')) {
connect('add_feedback_link', 'onclick', function(e) {
if ($('add_feedback_form')) {
hideElement('add_feedback_form');
if ($('add_feedback_link')) {
connect('add_feedback_link', 'onclick', function(e) {
e.stop();
if ($('objection_form')) {
hideElement('objection_form');
}
$('add_feedback_form').reset();
showElement('add_feedback_form');
return false;
});
}
connect('cancel_add_feedback_form_submit', 'onclick', function (e) {
e.stop();
hideElement('objection_form');
$('add_feedback_form').reset();
showElement('add_feedback_form');
hideElement('add_feedback_form');
return false;
});
}
connect('cancel_add_feedback_form_submit', 'onclick', function (e) {
e.stop();
hideElement('add_feedback_form');
return false;
});
hideElement('objection_form');
if ($('objection_link')) {
connect('objection_link', 'onclick', function(e) {
if ($('objection_form')) {
hideElement('objection_form');
if ($('objection_link')) {
connect('objection_link', 'onclick', function(e) {
e.stop();
if ($('add_feedback_form')) {
hideElement('add_feedback_form');
}
$('objection_form').reset();
showElement('objection_form');
return false;
});
}
connect('cancel_objection_form_submit', 'onclick', function (e) {
e.stop();
hideElement('add_feedback_form');
$('objection_form').reset();
showElement('objection_form');
hideElement('objection_form');
return false;
});
}
connect('cancel_objection_form_submit', 'onclick', function (e) {
e.stop();
hideElement('objection_form');
return false;
});
if ($('toggle_watchlist_link')) {
connect('toggle_watchlist_link', 'onclick', function (e) {
......
......@@ -33,8 +33,8 @@
<div id="viewmenu">
{include file="view/viewmenu.tpl"}
</div>
<div>{$addfeedbackform}</div>
<div>{$objectionform}</div>
{if $addfeedbackform}<div>{$addfeedbackform}</div>{/if}
{if $objectionform}<div>{$objectionform}</div>{/if}
</div>
{include file="columnfullend.tpl"}
......
......@@ -130,14 +130,20 @@ else if ($group) {
$smarty->assign('ownerlink', 'group/view.php?id=' . $group);
}
$anonfeedback = !$USER->is_logged_in() && ($viewtoken || $viewid == get_view_from_token(get_cookie('viewaccess:'.$viewid)));
$smarty->assign('ownername', $view->formatted_owner());
$smarty->assign('streditviewbutton', ($new) ? get_string('backtocreatemyview', 'view') : get_string('editmyview', 'view'));
$smarty->assign('viewdescription', $view->get('description'));
$smarty->assign('viewcontent', $view->build_columns());
$smarty->assign('releaseform', $releaseform);
$smarty->assign('anonfeedback', !$USER->is_logged_in() && ($viewtoken || $viewid == get_view_from_token(get_cookie('viewaccess:'.$viewid))));
$smarty->assign('addfeedbackform', pieform(add_feedback_form($allowattachments)));
$smarty->assign('objectionform', pieform(objection_form()));
$smarty->assign('anonfeedback', $anonfeedback);
if ($USER->is_logged_in() || $anonfeedback) {
$smarty->assign('addfeedbackform', pieform(add_feedback_form($allowattachments)));
}
if ($USER->is_logged_in()) {
$smarty->assign('objectionform', pieform(objection_form()));
}
$smarty->assign('viewbeingwatched', $viewbeingwatched);
$smarty->display('view/view.tpl');
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment