You are here

Home » API reference » GDPR Consent 7 » gdpr_consent.module

function gdpr_consent_redirect_to_consent in GDPR Consent 7

Custom function to handle redirects.

Parameters

string $destination: Destination URL of consent.

1 call to gdpr_consent_redirect_to_consent()
gdpr_consent_preprocess_page in ./gdpr_consent.module
Implements hook_preprocess_page().

File

./gdpr_consent.module, line 66
Module file for GDPR Consent.

Code

function gdpr_consent_redirect_to_consent($destination) {

  // Should not happen if user is anonymous.
  if (!user_is_anonymous()) {
    global $user;
    $path = current_path();
    if (stristr($path, 'admin/config/people/gdpr_consent')) {
      $_SESSION['no_consent_on_login'] = FALSE;
      return;
    }

    // TODO: Add admin form?
    $safe_paths = array(
      'user/logout',
      'user/register',
      'gdpr_consent',
    );

    // Handle password reset.
    // TODO: Add consent check before editing password.
    $is_reset = FALSE;
    $accepted = FALSE;
    if (empty($_SESSION['reset_token'])) {
      $_SESSION['reset_token'] = '';
    }
    if (!empty($_SESSION['pass_reset_' . $user->uid])) {
      $is_reset = TRUE;
      if (!empty($_GET['pass-reset-token'])) {

        // Store token for the session.
        $_SESSION['reset_token'] = check_plain($_GET['pass-reset-token']);
      }
      if ($path != 'user/' . $user->uid . '/edit') {
        drupal_goto('user/' . $user->uid . '/edit', array(
          'query' => array(
            'pass-reset-token' => $_SESSION['reset_token'],
          ),
        ));
      }
    }
    $gdpr_consent_account = gdpr_consent_get_accept($user->uid);
    if (!empty($gdpr_consent_account)) {
      $conditions = gdpr_consent_get_conditions($gdpr_consent_account['language']);
      $accepted = gdpr_consent_version_check($user->uid, $conditions['version'], $conditions['revision'], $gdpr_consent_account);
    }
    else {
      $conditions = gdpr_consent_get_conditions();
    }
    if (!$is_reset && !$accepted && (!in_array($path, $safe_paths) || $_SESSION['no_consent_on_login'] == TRUE)) {
      $forced = variable_get('gdpr_consent_disallow_without');
      if ($forced) {
        $message = $forced = variable_get('gdpr_consent_nag_message');
        drupal_set_message(t('@message', array(
          '@message' => $message,
        )), 'error');
      }
      else {
        drupal_set_message(t('We recommend you to give your consent to process your data.'), 'warning');
      }

      // See if we have query target and no destination was passed.
      if (!empty($_GET['q']) && empty($destination)) {
        $destination = check_plain($_GET['q']);
      }
      $options = array();
      if (!empty($destination)) {
        $options = array(
          'query' => array(
            'destination' => $destination,
          ),
        );
      }

      // Single use, reset.
      $_SESSION['no_consent_on_login'] = FALSE;
      drupal_goto('gdpr_consent', $options);
    }
  }
}