You are here

Home » API reference » Webform 7.4 » webform.submissions.inc

function webform_submission_user_limit_check in Webform 7.4

Check if the current user has exceeded the limit on this form.

Parameters

$node: The webform node to be checked.

$account: Optional parameter. Specify the account you want to check the limit against.

Return value

bool Boolean TRUE if the user has exceeded their limit. FALSE otherwise.

2 calls to webform_submission_user_limit_check()
webform_client_form_prevalidate in ./webform.module
Validates that the form can still be submitted, saved as draft, or edited.
webform_node_view in ./webform.module
Implements hook_node_view().

File

includes/webform.submissions.inc, line 1032
Submission handling functions.

Code

function webform_submission_user_limit_check($node, $account = NULL) {
  global $user;
  $tracking_mode = webform_variable_get('webform_tracking_mode');
  if (!isset($account)) {
    $account = $user;
  }

  // We can only check access for anonymous users through their cookies.
  if ($user->uid !== 0 && $account->uid === 0) {
    watchdog('webform', 'Unable to check anonymous user submission limit when logged in as user @uid.', array(
      '@uid' => $user->uid,
    ), WATCHDOG_WARNING);
    return FALSE;
  }

  // Check if submission limiting is enabled.
  if ($node->webform['submit_limit'] == '-1') {

    // No check enabled.
    return FALSE;
  }

  // Fetch all the entries from the database within the submit interval with
  // this username and IP.
  $num_submissions_database = 0;
  if (!$node->webform['confidential'] && ($account->uid !== 0 || $tracking_mode === 'ip_address' || $tracking_mode === 'strict')) {
    $query = db_select('webform_submissions')
      ->addTag('webform_submission_user_limit_check')
      ->condition('nid', $node->nid)
      ->condition('is_draft', 0);
    if ($node->webform['submit_interval'] != -1) {
      $query
        ->condition('submitted', REQUEST_TIME - $node->webform['submit_interval'], '>');
    }
    if ($account->uid) {
      $query
        ->condition('uid', $account->uid);
    }
    else {
      $query
        ->condition('remote_addr', ip_address());
    }
    $num_submissions_database = $query
      ->countQuery()
      ->execute()
      ->fetchField();
  }

  // Double check the submission history from the users machine using cookies.
  $num_submissions_cookie = 0;
  if ($account->uid === 0 && ($tracking_mode === 'cookie' || $tracking_mode === 'strict')) {
    $cookie_name = 'webform-' . $node->nid;
    if (isset($_COOKIE[$cookie_name]) && is_array($_COOKIE[$cookie_name])) {
      foreach ($_COOKIE[$cookie_name] as $key => $timestamp) {
        if ($node->webform['submit_interval'] != -1 && $timestamp <= REQUEST_TIME - $node->webform['submit_interval']) {

          // Remove the cookie if past the required time interval.
          $params = session_get_cookie_params();
          setcookie($cookie_name . '[' . $key . ']', '', 0, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
        }
      }

      // Count the number of submissions recorded in cookies.
      $num_submissions_cookie = count($_COOKIE[$cookie_name]);
    }
  }
  if ($num_submissions_database >= $node->webform['submit_limit'] || $num_submissions_cookie >= $node->webform['submit_limit']) {

    // Limit exceeded.
    return TRUE;
  }

  // Limit not exceeded.
  return FALSE;
}