git commit -m Issue
webchick
parent
04a2523997
commit
20d4ceb961
|
|
@ -77,6 +77,25 @@ function contact_site_form($form, &$form_state) {
|
|||
'#default_value' => $user->uid ? $user->mail : '',
|
||||
'#required' => TRUE,
|
||||
);
|
||||
|
||||
// Do not allow authenticated usrs to alter the name or e-mail values to
|
||||
// prevent the impersonation of other users.
|
||||
if ($user->uid){
|
||||
// Change form elements to values.
|
||||
$form['name']['#type'] = $form['mail']['#type'] = 'value';
|
||||
|
||||
// Display read-only name and e-mail address to the user.
|
||||
$form['name_display'] = array(
|
||||
'#type' => 'item',
|
||||
'#title' => t('Your name'),
|
||||
'#markup' => user_format_name($user),
|
||||
);
|
||||
$form['mail_display'] = array(
|
||||
'#type' => 'item',
|
||||
'#title' => t('Your e-mail address'),
|
||||
'#markup' => $user->mail,
|
||||
);
|
||||
}
|
||||
$form['subject'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#title' => t('Subject'),
|
||||
|
|
@ -96,8 +115,8 @@ function contact_site_form($form, &$form_state) {
|
|||
'#title' => t('Message'),
|
||||
'#required' => TRUE,
|
||||
);
|
||||
// We do not allow anonymous users to send themselves a copy
|
||||
// because it can be abused to spam people.
|
||||
// Do not allow anonymous users to send themselves a copy because it can be
|
||||
// abused to spam people.
|
||||
$form['copy'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Send yourself a copy.'),
|
||||
|
|
@ -140,6 +159,7 @@ function contact_site_form_submit($form, &$form_state) {
|
|||
|
||||
// Save the anonymous user information to a cookie for reuse.
|
||||
if (!$user->uid) {
|
||||
$values['sender']->name .= ' (' . t('Unverified') . ')';
|
||||
user_cookie_save(array_intersect_key($values, array_flip(array('name', 'mail'))));
|
||||
}
|
||||
|
||||
|
|
@ -213,6 +233,24 @@ function contact_personal_form($form, &$form_state, $recipient) {
|
|||
'#default_value' => $user->uid ? $user->mail : '',
|
||||
'#required' => TRUE,
|
||||
);
|
||||
// Do not allow authenticated users to alter the name or e-mail values to
|
||||
// prevent the impersonation of other users.
|
||||
if ($user->uid){
|
||||
// Change form elements to values.
|
||||
$form['name']['#type'] = $form['mail']['#type'] = 'value';
|
||||
|
||||
// Display read-only name and e-mail address to the user.
|
||||
$form['name_display'] = array(
|
||||
'#type' => 'item',
|
||||
'#title' => t('Your name'),
|
||||
'#markup' => user_format_name($user),
|
||||
);
|
||||
$form['mail_display'] = array(
|
||||
'#type' => 'item',
|
||||
'#title' => t('Your e-mail address'),
|
||||
'#markup' => $user->mail,
|
||||
);
|
||||
}
|
||||
$form['to'] = array(
|
||||
'#type' => 'item',
|
||||
'#title' => t('To'),
|
||||
|
|
@ -230,7 +268,7 @@ function contact_personal_form($form, &$form_state, $recipient) {
|
|||
'#rows' => 15,
|
||||
'#required' => TRUE,
|
||||
);
|
||||
// We do not allow anonymous users to send themselves a copy
|
||||
// Do not allow anonymous users to send themselves a copy
|
||||
// because it can be abused to spam people.
|
||||
$form['copy'] = array(
|
||||
'#type' => 'checkbox',
|
||||
|
|
@ -261,6 +299,7 @@ function contact_personal_form_submit($form, &$form_state) {
|
|||
|
||||
// Save the anonymous user information to a cookie for reuse.
|
||||
if (!$user->uid) {
|
||||
$values['sender']->name .= ' (' . t('Unverified') . ')';
|
||||
user_cookie_save(array_intersect_key($values, array_flip(array('name', 'mail'))));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,42 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @file
|
||||
* Definition of Drupal\contact\ContactAuthenticatedUserTest.
|
||||
*/
|
||||
|
||||
namespace Drupal\contact\Tests;
|
||||
|
||||
use Drupal\simpletest\WebTestBase;
|
||||
|
||||
/**
|
||||
* Tests the contact form for authenticated users.
|
||||
*/
|
||||
class ContactAuthenticatedUserTest extends WebTestBase {
|
||||
|
||||
public static function getInfo() {
|
||||
return array(
|
||||
'name' => 'Contact form textfields',
|
||||
'description' => 'Tests contact form textfields are present if authenticated.',
|
||||
'group' => 'Contact',
|
||||
);
|
||||
}
|
||||
|
||||
function setUp() {
|
||||
parent::setUp(array('contact'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that name and email fields are not present for authenticated users.
|
||||
*/
|
||||
function testContactSiteWideTextfieldsLoggedInTestCase() {
|
||||
$this->drupalLogin($this->drupalCreateUser(array('access site-wide contact form')));
|
||||
$this->drupalGet('contact');
|
||||
|
||||
// Ensure that there is no textfield for name.
|
||||
$this->assertFalse($this->xpath('//input[@name=:name]', array(':name' => 'name')));
|
||||
|
||||
// Ensure that there is no textfield for email.
|
||||
$this->assertFalse($this->xpath('//input[@name=:name]', array(':name' => 'mail')));
|
||||
}
|
||||
}
|
||||
|
|
@ -180,6 +180,10 @@ class ContactSitewideTest extends WebTestBase {
|
|||
$this->addCategory('bar', 'bar@example.com', $bar_autoreply, FALSE);
|
||||
$this->addCategory('no_autoreply', 'bar@example.com', '', FALSE);
|
||||
|
||||
// Log the current user out in order to test the name and e-mail fields.
|
||||
$this->drupalLogout();
|
||||
user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, array('access site-wide contact form'));
|
||||
|
||||
// Test the auto-reply for category 'foo'.
|
||||
$email = $this->randomName(32) . '@example.com';
|
||||
$subject = $this->randomName(64);
|
||||
|
|
|
|||
Loading…
Reference in New Issue