Skip to content

Commit

Permalink
fix form to always use get and add all expected parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@cedric-anne
cedric-anne committed Apr 30, 2024
1 parent bda4d29 commit 692372a
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 47 deletions.
75 changes: 33 additions & 42 deletions front/stat.graph.php
View file
Expand Up @@ -59,27 +59,16 @@
if (array_key_exists($key, $_GET) && preg_match('/\d{4}-\d{2}-\d{2}/', (string)$_GET[$key]) !== 1) {
unset($_GET[$key]);
}
if (array_key_exists($key, $_POST) && preg_match('/\d{4}-\d{2}-\d{2}/', (string)$_POST[$key]) !== 1) {
unset($_POST[$key]);
}
}
if (empty($_POST["date1"]) && empty($_POST["date2"])) {
if (isset($_GET["date1"])) {
$_POST["date1"] = $_GET["date1"];
}
if (isset($_GET["date2"])) {
$_POST["date2"] = $_GET["date2"];
}
}

if (
!empty($_POST["date1"])
&& !empty($_POST["date2"])
&& (strcmp($_POST["date2"], $_POST["date1"]) < 0)
!empty($_GET["date1"])
&& !empty($_GET["date2"])
&& (strcmp($_GET["date2"], $_GET["date1"]) < 0)
) {
$tmp = $_POST["date1"];
$_POST["date1"] = $_POST["date2"];
$_POST["date2"] = $tmp;
$tmp = $_GET["date1"];
$_GET["date1"] = $_GET["date2"];
$_GET["date2"] = $tmp;
}

$cleantarget = preg_replace("/&date[12]=[0-9-]*/", "", $_SERVER['QUERY_STRING']);
Expand All @@ -99,7 +88,7 @@
case "technician":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$link = User::canView() ? 1 : 0;
$name = $item->getAssignName($_GET["id"], 'User', $link);
$title = sprintf(
Expand All @@ -112,7 +101,7 @@
case "suppliers_id_assign":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$link = Supplier::canView() ? 1 : 0;
$name = $item->getAssignName($_GET["id"], 'Supplier', $link);
$title = sprintf(
Expand All @@ -126,7 +115,7 @@
case "user":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$link = User::canView() ? 1 : 0;
$name = getUserName($_GET["id"], $link);
$title = sprintf(
Expand All @@ -145,8 +134,8 @@
$val2 = "";
$values = Stat::getItems(
$_GET["itemtype"],
$_POST["date1"],
$_POST["date2"],
$_GET["date1"],
$_GET["date2"],
$_GET["type"],
$parent
);
Expand All @@ -167,8 +156,8 @@
$val2 = '';
$values = Stat::getItems(
$_GET['itemtype'],
$_POST['date1'],
$_POST['date2'],
$_GET['date1'],
$_GET['date2'],
$_GET['type'],
$parent
);
Expand All @@ -183,7 +172,7 @@
case "type":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(__('%1$s: %2$s'), _n('Type', 'Types', 1), Ticket::getTicketTypeName($_GET["id"]));
$title = htmlspecialchars($title);
break;
Expand All @@ -198,8 +187,8 @@
$val2 = "";
$values = Stat::getItems(
$_GET["itemtype"],
$_POST["date1"],
$_POST["date2"],
$_GET["date1"],
$_GET["date2"],
$_GET["type"],
$parent
);
Expand All @@ -214,7 +203,7 @@
case "groups_id_assign":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(
__('%1$s: %2$s'),
Group::getTypeName(1),
Expand All @@ -228,7 +217,7 @@
case "impact":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = match ($_GET['type']) {
'priority' => sprintf(__('%1$s: %2$s'), __('Priority'), $item::getPriorityName($_GET["id"])),
'urgency' => sprintf(__('%1$s: %2$s'), __('Urgency'), $item::getUrgencyName($_GET["id"])),
Expand All @@ -240,7 +229,7 @@
case "usertitles_id":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(
__('%1$s: %2$s'),
_x('person', 'Title'),
Expand All @@ -252,7 +241,7 @@
case "solutiontypes_id":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(
__('%1$s: %2$s'),
SolutionType::getTypeName(1),
Expand All @@ -264,7 +253,7 @@
case "usercategories_id":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(
__('%1$s: %2$s'),
_n('Category', 'Categories', 1),
Expand All @@ -276,7 +265,7 @@
case "requesttypes_id":
$val1 = $_GET["id"];
$val2 = "";
$values = Stat::getItems($_GET["itemtype"], $_POST["date1"], $_POST["date2"], $_GET["type"]);
$values = Stat::getItems($_GET["itemtype"], $_GET["date1"], $_GET["date2"], $_GET["type"]);
$title = sprintf(
__('%1$s: %2$s'),
RequestType::getTypeName(1),
Expand All @@ -292,8 +281,8 @@
$device_table = $item->getTable();
$values = Stat::getItems(
$_GET["itemtype"],
$_POST["date1"],
$_POST["date2"],
$_GET["date1"],
$_GET["date2"],
$_GET["champ"]
);

Expand Down Expand Up @@ -322,8 +311,8 @@
$table = $item::getTable();
$values = Stat::getItems(
$_GET["itemtype"],
$_POST["date1"],
$_POST["date2"],
$_GET["date1"],
$_GET["date2"],
$_GET["champ"]
);
$title = sprintf(
Expand Down Expand Up @@ -364,17 +353,19 @@
]);

TemplateRenderer::getInstance()->display('pages/assistance/stats/form.html.twig', [
'target' => $_SERVER["REQUEST_URI"],
'target' => 'stat.graph.php',
'itemtype' => $_GET['itemtype'],
'id' => $_GET["id"],
'type' => $_GET['type'],
'date1' => $_POST["date1"],
'date2' => $_POST["date2"],
'date1' => $_GET["date1"],
'date2' => $_GET["date2"],
'champ' => $_GET["champ"] ?? 0,
]);

$stat_params = [
'itemtype' => $_GET['itemtype'],
'date1' => $_POST['date1'],
'date2' => $_POST['date2'],
'date1' => $_GET['date1'],
'date2' => $_GET['date2'],
'type' => $_GET['type'],
'val1' => $val1,
'val2' => $val2,
Expand Down
3 changes: 2 additions & 1 deletion front/stat.tracking.php
View file
Expand Up @@ -105,7 +105,8 @@
);

TemplateRenderer::getInstance()->display('pages/assistance/stats/form.html.twig', [
'target' => 'stat.tracking.php?itemtype=' . $params["itemtype"],
'target' => 'stat.tracking.php',
'itemtype' => $params["itemtype"],
'type_params' => [
'field' => 'type',
'value' => $params["type"],
Expand Down
16 changes: 12 additions & 4 deletions templates/pages/assistance/stats/form.html.twig
View file
Expand Up @@ -33,19 +33,27 @@

{% import 'components/form/fields_macros.html.twig' as fields %}

<form method="POST" name="form" action="{{ target }}">
<input type="hidden" name="_glpi_csrf_token" value="{{ csrf_token() }}" />
<form method="GET" name="form" action="{{ target }}">
<input type="hidden" name="itemtype" value="{{ itemtype }}">
{% if id is defined %}
<input type="hidden" name="id" value="{{ id }}">
{% endif %}
{% if value2 is defined %}
<input type="hidden" name="value2" value="{{ value2 }}">
{% endif %}
{% if champ is defined %}
<input type="hidden" name="champ" value="{{ champ }}">
{% endif %}
{% if type is defined %}
<input type="hidden" name="type" value="{{ type }}">
{% endif %}

<div class="card mx-auto mb-3">
<div class="card-body">
<div class="d-flex align-items-center">
{% set total_cols = 4 - (type_params is defined ? 0 : 1) - (showgraph is defined ? 0 : 1) %}
{% set field_class = 'col-12 col-sm-' ~ (12 / total_cols) %}
{% set has_type = type_params is defined %}
{% if has_type %}
{% if type_params is defined %}
{{ fields.dropdownArrayField(
type_params.field,
type_params.value,
Expand Down

0 comments on commit 692372a

Please sign in to comment.