add protection by month on public
This commit is contained in:
hystepik
parent
71090cbdd8
commit
da5a65019a
@ -384,3 +384,5 @@ ALTER TABLE llx_prelevement_demande ADD COLUMN fk_salary INTEGER NULL AFTER fk_f
|
||||
|
||||
|
||||
ALTER TABLE llx_user ADD COLUMN birth_place varchar(64);
|
||||
ALTER TABLE llx_opensurvey_user_studs ADD COLUMN date_creation datetime NOT NULL;
|
||||
ALTER TABLE llx_opensurvey_comments ADD COLUMN date_creation datetime NOT NULL;
|
||||
@ -21,5 +21,6 @@ CREATE TABLE llx_opensurvey_comments (
|
||||
comment text NOT NULL,
|
||||
tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
||||
usercomment text
|
||||
date_creation datetime NOT NULL,
|
||||
) ENGINE=innodb;
|
||||
|
||||
|
||||
@ -21,4 +21,5 @@ CREATE TABLE llx_opensurvey_user_studs (
|
||||
id_sondage VARCHAR(16) NOT NULL,
|
||||
reponses VARCHAR(100) NOT NULL, -- Not used for 'F' surveys
|
||||
tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
|
||||
date_creation datetime NOT NULL,
|
||||
) ENGINE=innodb;
|
||||
|
||||
@ -576,8 +576,9 @@ class Opensurveysondage extends CommonObject
|
||||
*/
|
||||
public function addComment($comment, $comment_user, $user_ip = '')
|
||||
{
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX."opensurvey_comments (id_sondage, comment, usercomment, ip)";
|
||||
$sql .= " VALUES ('".$this->db->escape($this->id_sondage)."','".$this->db->escape($comment)."','".$this->db->escape($comment_user)."'".($user_ip ? ",'".$this->db->escape($user_ip)."'" : '').")";
|
||||
$now = dol_now();
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX."opensurvey_comments (id_sondage, comment, usercomment, date_creation, ip)";
|
||||
$sql .= " VALUES ('".$this->db->escape($this->id_sondage)."','".$this->db->escape($comment)."','".$this->db->escape($comment_user)."','".$this->db->idate($now)."'".($user_ip ? ",'".$this->db->escape($user_ip)."'" : '').")";
|
||||
$resql = $this->db->query($sql);
|
||||
|
||||
if (!$resql) {
|
||||
|
||||
@ -108,7 +108,7 @@ if (GETPOST('ajoutcomment', 'alpha')) {
|
||||
$sql = "SELECT COUNT(id_comment) as nb_comments";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_comments";
|
||||
$sql .= " WHERE ip = '".$db->escape($user_ip)."'";
|
||||
//$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'";
|
||||
$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
@ -164,7 +164,7 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo
|
||||
$sql = "SELECT COUNT(id_users) as nb_records";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_user_studs";
|
||||
$sql .= " WHERE ip = '".$db->escape($user_ip)."'";
|
||||
//$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'";
|
||||
$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
@ -198,8 +198,9 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo
|
||||
setEventMessages($langs->trans("AlreadyTooMuchPostOnThisIPAdress"), null, 'errors');
|
||||
$error++;
|
||||
} else {
|
||||
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'opensurvey_user_studs (nom, id_sondage, reponses, ip)';
|
||||
$sql .= " VALUES ('".$db->escape($nom)."', '".$db->escape($numsondage)."','".$db->escape($nouveauchoix)."', '".$db->escape($user_ip)."')";
|
||||
$now = dol_now();
|
||||
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'opensurvey_user_studs (nom, id_sondage, reponses, ip, date_creation)';
|
||||
$sql .= " VALUES ('".$db->escape($nom)."', '".$db->escape($numsondage)."','".$db->escape($nouveauchoix)."', '".$db->escape($user_ip)."', '".$db->idate($now)."')";
|
||||
$resql = $db->query($sql);
|
||||
|
||||
if ($resql) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user