You are here

Home » API reference » Security.txt 7 » securitytxt.admin.inc

function securitytxt_file_form_submit in Security.txt 7

Security.txt file form submit.

File

./securitytxt.admin.inc, line 143

Code

function securitytxt_file_form_submit($form, &$form_state) {
  $old_settings = variable_get('securitytxt');
  $submitted_settings = array();
  $submitted_settings['enabled'] = $form_state['values']['enabled'];
  $submitted_settings['contact_email'] = $form_state['values']['contact_email'];
  $submitted_settings['contact_phone'] = $form_state['values']['contact_phone'];
  $submitted_settings['contact_url'] = $form_state['values']['contact_url'];
  $submitted_settings['encryption_key_url'] = $form_state['values']['encryption_key_url'];
  $submitted_settings['policy_url'] = $form_state['values']['policy_url'];
  $submitted_settings['acknowledgement_url'] = $form_state['values']['acknowledgement_url'];
  $updated_settings = array_merge($old_settings, $submitted_settings);
  variable_set('securitytxt', $updated_settings);

  /* Warn if contact URL is not loaded over HTTPS */
  if ($updated_settings['contact_url'] != '' && substr($updated_settings['contact_url'], 0, 8) !== 'https://') {
    drupal_set_message(t('Your contact URL should really be loaded over HTTPS.'), 'warning');
  }

  /* Warn if encryption URL is not loaded over HTTPS */
  if ($updated_settings['encryption_key_url'] != '' && substr($updated_settings['encryption_key_url'], 0, 8) !== 'https://') {
    drupal_set_message(t('Your public key URL should really be loaded over HTTPS.'), 'warning');
  }

  /* Message the user to proceed to the sign page if they have enabled security.txt */
  if ($updated_settings['enabled']) {
    drupal_set_message(t('You should now <a href="@sign">sign your security.txt file</a>.', array(
      '@sign' => url('admin/config/system/securitytxt/sign'),
    )));
  }
}