Inicio Explorar Axuda
Iniciar sesión
Medowar
/
forms
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 3ac6137dde
Ramas Etiquetas
forms
/
submit.php

submit.php 6.7 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170 
  1. <?php
    2. 

  2. // submit.php - Handles saving an answer and displaying the result
    3. 

  3. 

  4. $answers_dir = __DIR__ . '/data/answers';
    5. 

  5. if (!is_dir($answers_dir)) {
    6. 

  6.     mkdir($answers_dir, 0755, true);
    7. 

  7. }
    8. 

  8. 

  9. $is_post = ($_SERVER['REQUEST_METHOD'] === 'POST');
    10. 

  10. $form_id = $_REQUEST['form_id'] ?? $_GET['id'] ?? '';
    11. 

  11. $answer_id = $_REQUEST['answer_id'] ?? $_POST['edit_id'] ?? '';
    12. 

  12. 

  13. $form_file = __DIR__ . '/data/forms/' . preg_replace('/[^a-zA-Z0-9_-]/', '', $form_id) . '.json';
    14. 

  14. if (empty($form_id) || !file_exists($form_file)) {
    15. 

  15.     die('<div style="font-family:sans-serif; text-align:center; padding:50px;"><h2>Formular nicht gefunden</h2></div>');
    16. 

  16. }
    17. 

  17. 

  18. $form_data = json_decode(file_get_contents($form_file), true);
    19. 

  19. $questions_map = [];
    20. 

  20. foreach ($form_data['questions'] as $q) {
    21. 

  21.     $questions_map[$q['id']] = $q['label'];
    22. 

  22. }
    23. 

  23. 

  24. $injected_js = '';
    25. 

  25. 

  26. if ($is_post) {
    27. 

  27.     // Process form submission
    28. 

  28.     $respondent_name = trim($_POST['respondent_name'] ?? 'Anonym');
    29. 

  29.     $respondent_email = trim($_POST['respondent_email'] ?? '');
    30. 

  30.     $answers = $_POST['answers'] ?? [];
    31. 

  31.     $answers_freetext = $_POST['answers_freetext'] ?? [];
    32. 

  32.     
    33. 

  33.     // Resolve free text substitutions
    34. 

  34.     foreach ($answers as $q_id => $val) {
    35. 

  35.         if (is_array($val)) {
    36. 

  36.             $idx = array_search('__freetext__', $val);
    37. 

  37.             if ($idx !== false) {
    38. 

  38.                 if (!empty($answers_freetext[$q_id])) {
    39. 

  39.                     $val[$idx] = "Sonstiges: " . ltrim($answers_freetext[$q_id]);
    40. 

  40.                 } else {
    41. 

  41.                     unset($val[$idx]); // they selected 'Sonstiges' but left it blank
    42. 

  42.                 }
    43. 

  43.                 $answers[$q_id] = array_values($val);
    44. 

  44.             }
    45. 

  45.         } else {
    46. 

  46.             if ($val === '__freetext__') {
    47. 

  47.                 if (!empty($answers_freetext[$q_id])) {
    48. 

  48.                     $answers[$q_id] = "Sonstiges: " . ltrim($answers_freetext[$q_id]);
    49. 

  49.                 } else {
    50. 

  50.                     $answers[$q_id] = ''; // blank fallback
    51. 

  51.                 }
    52. 

  52.             }
    53. 

  53.         }
    54. 

  54.     }
    55. 

  55.     
    56. 

  56.     $is_edit = !empty($answer_id);
    57. 

  57.     if (!$is_edit) {
    58. 

  58.         $answer_id = uniqid('ans_');
    59. 

  59.     }
    60. 

  60.     
    61. 

  61.     $safe_answer_id = preg_replace('/[^a-zA-Z0-9_-]/', '', $answer_id);
    62. 

  62.     
    63. 

  63.     $answer_data = [
    64. 

  64.         'answer_id' => $safe_answer_id,
    65. 

  65.         'form_id' => $form_id,
    66. 

  66.         'respondent_name' => $respondent_name,
    67. 

  67.         'respondent_email' => $respondent_email,
    68. 

  68.         'submitted_at' => date('c'),
    69. 

  69.         'answers' => $answers
    70. 

  70.     ];
    71. 

  71.     
    72. 

  72.     file_put_contents("$answers_dir/{$form_id}_{$safe_answer_id}.json", json_encode($answer_data, JSON_PRETTY_PRINT));
    73. 

  73.     
    74. 

  74.     // No longer injecting JS to prevent double-submit.
    75. 

  75.     $injected_js = "";
    76. 

  76.     
    77. 

  77.     // Email notification if provided
    78. 

  78.     if (!empty($respondent_email) && filter_var($respondent_email, FILTER_VALIDATE_EMAIL)) {
    79. 

  79.         $subject = "Deine Einsendung für: " . $form_data['title'];
    80. 

  80.         $body = "Hallo $respondent_name,\n\nVielen Dank für deine Einsendung.\nHier sind deine Antworten:\n\n";
    81. 

  81.         
    82. 

  82.         foreach ($answers as $q_id => $val) {
    83. 

  83.             $label = $questions_map[$q_id] ?? 'Frage';
    84. 

  84.             $val_str = is_array($val) ? implode(', ', $val) : $val;
    85. 

  85.             $body .= "$label:\n$val_str\n\n";
    86. 

  86.         }
    87. 

  87.         
    88. 

  88.         $host = $_SERVER['HTTP_HOST'];
    89. 

  89.         $headers = "From: no-reply@" . $host . "\r\n";
    90. 

  90.         @mail($respondent_email, $subject, $body, $headers);
    91. 

  91.     }
    92. 

  92.     
    93. 

  93.     // Redirect to self as GET to prevent duplicate POSTs on refresh
    94. 

  94.     header("Location: submit.php?id=" . urlencode($form_id) . "&answer_id=" . urlencode($safe_answer_id) . "&success=1");
    95. 

  95.     exit;
    96. 

  96. }
    97. 

  97. 

  98. // Display Mode (GET)
    99. 

  99. $success = isset($_GET['success']);
    100. 

  100. $safe_answer_id = preg_replace('/[^a-zA-Z0-9_-]/', '', $answer_id);
    101. 

  101. $answer_file = "$answers_dir/{$form_id}_{$safe_answer_id}.json";
    102. 

  102. 

  103. if (empty($safe_answer_id) || !file_exists($answer_file)) {
    104. 

  104.     die('<div style="font-family:sans-serif; text-align:center; padding:50px;"><h2>Einsendung nicht gefunden</h2></div>');
    105. 

  105. }
    106. 

  106. 

  107. $answer_data = json_decode(file_get_contents($answer_file), true);
    108. 

  108. ?>
    109. 

  109. <!DOCTYPE html>
    110. 

  110. <html lang="de">
    111. 

  111. <head>
    112. 

  112.     <meta charset="UTF-8">
    113. 

  113.     <meta name="viewport" content="width=device-width, initial-scale=1.0">
    114. 

  114.     <title>Einsendung erfolgreich</title>
    115. 

  115.     <link rel="stylesheet" href="assets/css/style.css">
    116. 

  116.     <script>
    117. 

  117.         <?= $injected_js ?> // Output any localstorage writes if we didn't redirect (e.g. if we chose to drop the header(Location))
    118. 

  118.         
    119. 

  119.         function clearAndAnswerNew() {
    120. 

  120.             // we don't need to clear submissions here anymore since we allow doubles
    121. 

  121.             window.location.href = 'answer.php?id=<?= htmlspecialchars($form_id) ?>';
    122. 

  122.         }
    123. 

  123.     </script>
    124. 

  124. </head>
    125. 

  125. <body>
    126. 

  126.     <header class="site-header">
    127. 

  127.         <div class="container header-inner">
    128. 

  128.             <div class="brand">
    129. 

  129.                 <span class="brand-title"><?= htmlspecialchars($form_data['title']) ?></span>
    130. 

  130.             </div>
    131. 

  131.         </div>
    132. 

  132.     </header>
    133. 

  133. 

  134.     <main class="container">
    135. 

  135.         <?php if ($success): ?>
    136. 

  136.             <div class="alert alert-success mt-3 mb-3">
    137. 

  137.                 Deine Antwort wurde erfolgreich gespeichert.
    138. 

  138.                 <?php if (!empty($answer_data['respondent_email'])): ?>
    139. 

  139.                     <br><small>Eine Kopie deiner Antworten wurde gesendet an <?= htmlspecialchars($answer_data['respondent_email']) ?>.</small>
    140. 

  140.                 <?php endif; ?>
    141. 

  141.             </div>
    142. 

  142.         <?php endif; ?>
    143. 

  143. 

  144.         <div class="panel">
    145. 

  145.             <h2 class="card-title">Eingereichte Antworten</h2>
    146. 

  146.             <br>
    147. 

  147.             <table class="table-compact responsive-table">
    148. 

  148.                 <tbody>
    149. 

  149.                     <tr>
    150. 

  150.                         <td data-label="Antwortender"><strong><?= htmlspecialchars($answer_data['respondent_name']) ?></strong></td>
    151. 

  151.                     </tr>
    152. 

  152.                     <?php foreach ($answer_data['answers'] as $q_id => $val): ?>
    153. 

  153.                         <tr>
    154. 

  154.                             <td data-label="<?= htmlspecialchars($questions_map[$q_id] ?? 'Frage') ?>">
    155. 

  155.                                 <div><strong style="color:var(--brand-muted); font-size:0.85rem;"><?= htmlspecialchars($questions_map[$q_id] ?? 'Frage') ?></strong></div>
    156. 

  156.                                 <div><?= nl2br(htmlspecialchars(is_array($val) ? implode(', ', $val) : $val)) ?></div>
    157. 

  157.                             </td>
    158. 

  158.                         </tr>
    159. 

  159.                     <?php endforeach; ?>
    160. 

  160.                 </tbody>
    161. 

  161.             </table>
    162. 

  162.         </div>
    163. 

  163. 

  164.         <div class="panel text-center" style="background:transparent; border:none; box-shadow:none;">
    165. 

  165.             <a href="answer.php?id=<?= htmlspecialchars($form_id) ?>&edit=<?= htmlspecialchars($answer_data['answer_id']) ?>" class="btn mt-2">Antwort bearbeiten</a>
    166. 

  166.             <button onclick="clearAndAnswerNew()" class="btn btn-secondary mt-2">Weitere Antwort hinzufügen</button>
    167. 

  167.         </div>
    168. 

  168.     </main>
    169. 

  169. </body>
    170. 

  170. </html>
    171.