-
Notifications
You must be signed in to change notification settings - Fork 0
/
feedback.php
90 lines (73 loc) · 3.25 KB
/
feedback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
include_once("includes/inc.global.php");
$member_about = new cMember;
$member_about->LoadMember($_REQUEST["about"]);
$p->site_section = SECTION_FEEDBACK;
$p->page_title = "Leave Feedback about ". $member_about->PrimaryName();
include("classes/class.feedback.php");
include("includes/inc.forms.validation.php");
//
// Define form elements
//
$member = new cMember;
if($_REQUEST["mode"] == "admin") {
$cUser->MustBeLevel(2);
$member->LoadMember($_REQUEST["author"]);
$p->page_title .= " for ". $member->PrimaryName();
} else {
$cUser->MustBeLoggedOn();
$member = $cUser;
}
$form->addElement('static', null, 'All feedback is public. Before leaving <i>negative</i> feedback, we recommend trying to address your concerns with the other community member. Often misunderstandings can be resolved to the benefit of both parties.', null);
$form->addElement('static', null, null, null);
$ratings = array(0=>"", POSITIVE=>"Positive", NEUTRAL=>"Neutral", NEGATIVE=>"Negative");
$form->addElement("select", "rating", "Feedback Rating", $ratings);
$form->addElement("hidden", "about", $member_about->member_id);
$form->addElement("hidden", "author", $_REQUEST["author"]);
$form->addElement("hidden", "mode", $_REQUEST["mode"]);
$form->addElement("hidden", "trade_id", $_REQUEST["trade_id"]);
$form->addElement('static', null, 'Comments', null);
$form->addElement('textarea', 'comments', null, array('cols'=>60, 'rows'=>4, 'wrap'=>'soft'));
$form->addElement('submit', 'btnSubmit', 'Submit');
//
// Define form rules
//
$form->registerRule('verify_selection','function','verify_selection');
$form->addRule('rating', 'Choose a rating', 'verify_selection');
//
// Then check if we are processing a submission or just displaying the form
//
if ($form->validate()) { // Form is validated so processes the data
$form->freeze();
$form->process("process_data", false);
} else {
$p->DisplayPage($form->toHtml()); // just display the form
}
function process_data ($values) {
global $p, $member_about, $member, $cErr, $cUser;
$trade = new cTrade();
$trade->LoadTrade($_REQUEST["trade_id"]);
// Decide whether member leaving feedback was buyer or seller & make sure trade members correct
if ($trade->member_from->member_id == $member->member_id and $trade->member_to->member_id == $member_about->member_id) {
$context = BUYER;
} elseif ($trade->member_to->member_id == $member->member_id and $trade->member_from->member_id == $member_about->member_id) {
$context = SELLER;
} else {
$cErr->Error("Members do not match the trade selected."); // Theoretically, must be a hacker
include("redirect.php");
}
$feedback = new cFeedback($member->member_id, $member_about->member_id, $context, $trade->category->id, htmlspecialchars($_REQUEST["trade_id"]), $values["rating"], htmlspecialchars($values["comments"]));
$success = $feedback->SaveFeedback();
if($success) {
if(LOG_LEVEL > 0 and $_REQUEST["mode"] == "admin") { // Log if enabled & entered by an admin
$cUser->MustBeLevel(2);
$log_entry = new cLogEntry (FEEDBACK, FEEDBACK_BY_ADMIN, $feedback->feedback_id);
$log_entry->SaveLogEntry();
}
$output = "Your feedback has been recorded.";
} else {
$output = "There was an error recording your feedback. Please try again later.";
}
$p->DisplayPage($output);
}
?>