Allowing pieform error text to not be escaped if needed (Bug 1239539)

Currently if there is html in an error message used by pieforms it escapes the html so the link becomes not usable. I have made a change where you can tell pieforms not to escape the error message. So instead of using: $form->set_error($field, $message); you can use: $form->set_error($field, $message, false); Where false means do not escape the message. As the terms and conditions are displayed on the page already I've updated the link to jump to the terms section Change-Id: Ia8650a9f2284fb007cbe81a4a94223f127c4f6cd Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Allowing pieform error text to not be escaped if needed (Bug 1239539)
Currently if there is html in an error message used by pieforms it escapes the html so the link becomes not usable. I have made a change where you can tell pieforms not to escape the error message. So instead of using: $form->set_error($field, $message); you can use: $form->set_error($field, $message, false); Where false means do not escape the message. As the terms and conditions are displayed on the page already I've updated the link to jump to the terms section Change-Id: Ia8650a9f2284fb007cbe81a4a94223f127c4f6cd Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
bd33b9c8 · Robert Lyon · 6ecbe067 · bd33b9c8 · bd33b9c8 · bd33b9c8
Commit bd33b9c8 authored Oct 15, 2013 by Robert Lyon
6 changed files
--- a/htdocs/auth/internal/lang/en.utf8/auth.internal.php
+++ b/htdocs/auth/internal/lang/en.utf8/auth.internal.php
@@ -66,7 +66,7 @@ $string['registrationunsuccessful'] = 'Sorry, your registration attempt was unsu
 $string['usernamealreadytaken'] = 'Sorry, this username is already taken.';
 $string['usernameinvalidform'] = 'Usernames may contain letters, numbers and most common symbols and must be from 3 to 30 characters long. Spaces are not allowed.';
 $string['usernameinvalidadminform'] = 'Usernames may contain letters, numbers and most common symbols and must be from 3 to 236 characters long. Spaces are not allowed.';
-$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="terms.php">Terms and Conditions</a>.';
+$string['youmaynotregisterwithouttandc'] = 'You may not register unless you agree to abide by the <a href="#user_acceptterms">Terms and Conditions</a>.';

 // pending institution registrations
 $string['confirmcancelregistration'] = 'Are you sure you want to cancel this registration? Doing so will result in your request being removed from the system.';

--- a/htdocs/auth/lib.php
+++ b/htdocs/auth/lib.php
@@ -2117,7 +2117,7 @@ function auth_register_validate(Pieform $form, $values) {

    // If the user hasn't agreed to the terms and conditions, don't bother
    if ($registerterms && $values['tandc'] != 'yes') {
-        $form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'));
+        $form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'), false);
    }

    $institution = get_record_sql('

--- a/htdocs/lib/pieforms/pieform.php
+++ b/htdocs/lib/pieforms/pieform.php
@@ -944,9 +944,10 @@ EOF;
     *
     * @param string $name      The name of the element to set an error on
     * @param string $message   The error message
+     * @param bool   $isescaped Whether to display error string as escaped or not
     * @throws PieformException  If the element could not be found
     */
-    public function set_error($name, $message) {/*{{{*/
+    public function set_error($name, $message, $isescaped = true) {/*{{{*/
        if (is_null($name) && !empty($message)) {
            $this->error = $message;
            return;
@@ -956,6 +957,7 @@ EOF;
                foreach ($element['elements'] as &$subelement) {
                    if ($subelement['name'] == $name) {
                        $subelement['error'] = $message;
+                        $subelement['isescaped'] = ($isescaped) ? true : false;
                        return;
                    }
                }
@@ -963,6 +965,7 @@ EOF;
            else {
                if ($key == $name) {
                    $element['error'] = $message;
+                    $element['isescaped'] = ($isescaped) ? true : false;
                    return;
                }
            }

--- a/htdocs/lib/pieforms/pieform/renderers/div.php
+++ b/htdocs/lib/pieforms/pieform/renderers/div.php
@@ -69,7 +69,7 @@ function pieform_renderer_div(Pieform $form, $element) {/*{{{*/
    }

    if (!empty($element['error'])) {
-        $result .= '<div class="errmsg">' . hsc($element['error']) . '</div>';
+        $result .= '<div class="errmsg">' . ((!empty($element['isescaped'])) ? hsc($element['error']) : $element['error']) . '</div>';
    }

    $result .= "</div>\n";

--- a/htdocs/lib/pieforms/pieform/renderers/table.php
+++ b/htdocs/lib/pieforms/pieform/renderers/table.php
@@ -109,7 +109,7 @@ function pieform_renderer_table(Pieform $form, $element) {/*{{{*/

    if (!empty($element['error'])) {
        $result .= "\t<tr>\n\t\t<td colspan=\"2\" class=\"errmsg\">";
-        $result .= hsc($element['error']);
+        $result .= (!empty($element['isescaped'])) ? hsc($element['error']) : $element['error'];
        $result .= "</td>\n\t</tr>\n";
    }


--- a/htdocs/register.php
+++ b/htdocs/register.php
@@ -218,7 +218,7 @@ $smarty = smarty();
 $smarty->assign('register_form', $formhtml);
 $smarty->assign('registerdescription', $registerdescription);
 if ($registerterms) {
-    $smarty->assign('termsandconditions', get_site_page_content('termsandconditions'));
+    $smarty->assign('termsandconditions', '<a name="user_acceptterms"></a>' . get_site_page_content('termsandconditions'));
 }
 $smarty->assign('PAGEHEADING', TITLE);
 $smarty->assign('INLINEJAVASCRIPT', $js);