Commit bd33b9c8 authored by Robert Lyon's avatar Robert Lyon

Allowing pieform error text to not be escaped if needed (Bug 1239539)

Currently if there is html in an error message used by pieforms it
escapes the html so the link becomes not usable.

I have made a change where you can tell pieforms not to escape the
error message.

So instead of using:
$form->set_error($field, $message);

you can use:
$form->set_error($field, $message, false);

Where false means do not escape the message.

As the terms and conditions are displayed on the page already I've
updated the link to jump to the terms section

Change-Id: Ia8650a9f2284fb007cbe81a4a94223f127c4f6cd
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 6ecbe067
......@@ -66,7 +66,7 @@ $string['registrationunsuccessful'] = 'Sorry, your registration attempt was unsu
$string['usernamealreadytaken'] = 'Sorry, this username is already taken.';
$string['usernameinvalidform'] = 'Usernames may contain letters, numbers and most common symbols and must be from 3 to 30 characters long. Spaces are not allowed.';
$string['usernameinvalidadminform'] = 'Usernames may contain letters, numbers and most common symbols and must be from 3 to 236 characters long. Spaces are not allowed.';
$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="terms.php">Terms and Conditions</a>.';
$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="#user_acceptterms">Terms and Conditions</a>.';
// pending institution registrations
$string['confirmcancelregistration'] = 'Are you sure you want to cancel this registration? Doing so will result in your request being removed from the system.';
......
......@@ -2117,7 +2117,7 @@ function auth_register_validate(Pieform $form, $values) {
// If the user hasn't agreed to the terms and conditions, don't bother
if ($registerterms && $values['tandc'] != 'yes') {
$form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'));
$form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'), false);
}
$institution = get_record_sql('
......
......@@ -944,9 +944,10 @@ EOF;
*
* @param string $name The name of the element to set an error on
* @param string $message The error message
* @param bool $isescaped Whether to display error string as escaped or not
* @throws PieformException If the element could not be found
*/
public function set_error($name, $message) {/*{{{*/
public function set_error($name, $message, $isescaped = true) {/*{{{*/
if (is_null($name) && !empty($message)) {
$this->error = $message;
return;
......@@ -956,6 +957,7 @@ EOF;
foreach ($element['elements'] as &$subelement) {
if ($subelement['name'] == $name) {
$subelement['error'] = $message;
$subelement['isescaped'] = ($isescaped) ? true : false;
return;
}
}
......@@ -963,6 +965,7 @@ EOF;
else {
if ($key == $name) {
$element['error'] = $message;
$element['isescaped'] = ($isescaped) ? true : false;
return;
}
}
......
......@@ -69,7 +69,7 @@ function pieform_renderer_div(Pieform $form, $element) {/*{{{*/
}
if (!empty($element['error'])) {
$result .= '<div class="errmsg">' . hsc($element['error']) . '</div>';
$result .= '<div class="errmsg">' . ((!empty($element['isescaped'])) ? hsc($element['error']) : $element['error']) . '</div>';
}
$result .= "</div>\n";
......
......@@ -109,7 +109,7 @@ function pieform_renderer_table(Pieform $form, $element) {/*{{{*/
if (!empty($element['error'])) {
$result .= "\t<tr>\n\t\t<td colspan=\"2\" class=\"errmsg\">";
$result .= hsc($element['error']);
$result .= (!empty($element['isescaped'])) ? hsc($element['error']) : $element['error'];
$result .= "</td>\n\t</tr>\n";
}
......
......@@ -218,7 +218,7 @@ $smarty = smarty();
$smarty->assign('register_form', $formhtml);
$smarty->assign('registerdescription', $registerdescription);
if ($registerterms) {
$smarty->assign('termsandconditions', get_site_page_content('termsandconditions'));
$smarty->assign('termsandconditions', '<a name="user_acceptterms"></a>' . get_site_page_content('termsandconditions'));
}
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('INLINEJAVASCRIPT', $js);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment