From 17af24cace754edef1b75c7da2e2ff8d4031c061 Mon Sep 17 00:00:00 2001
From: Denis Chenu <denis@sondages.pro>
Date: Thu, 21 Mar 2024 13:48:38 +0100
Subject: [PATCH] Fixed issue #19452 : getQuestionAttributes for
 UploaderController

* Dev: #19452 : getQuestionAttributes for UploaderController
---
 .../controllers/UploaderController.php        | 35 ++++++++++++++++---
 1 file changed, 30 insertions(+), 5 deletions(-)

diff --git a/application/controllers/UploaderController.php b/application/controllers/UploaderController.php
index c5000b98117..8c0b1a35c32 100644
--- a/application/controllers/UploaderController.php
+++ b/application/controllers/UploaderController.php
@@ -143,11 +143,13 @@ public function run($actionID)
             $filename = sanitize_filename($_FILES['uploadfile']['name'], false, false, true);
             $size = $_FILES['uploadfile']['size'] / 1024;
             $preview = Yii::app()->session['preview'];
-            $aFieldMap = createFieldMap($oSurvey, 'short', false, false, $sLanguage);
-            if (!isset($aFieldMap[$sFieldName])) {
-                throw new CHttpException(400); // See for debug > 1
+            /* Find the question by sFieldName : must be a upload question type, and id is end of sFieldName in $surveyid*/
+            $aFieldName = explode("X", $sFieldName);
+            if (empty($aFieldName[2]) || !ctype_digit($aFieldName[2])) {
+                throw new CHttpException(400);
             }
-            $aAttributes = QuestionAttribute::model()->getQuestionAttributes($aFieldMap[$sFieldName]['qid']);
+            $oQuestion = self::getQuestion($surveyid, $aFieldName[2]);
+            $aAttributes = QuestionAttribute::model()->getQuestionAttributes($oQuestion);
             $maxfilesize = min(intval($aAttributes['max_filesize']), getMaximumFileUploadSize() / 1024);
             if ($maxfilesize <= 0) {
                 $maxfilesize = getMaximumFileUploadSize() / 1024;
@@ -347,7 +349,8 @@ public function run($actionID)
 
         $fn = $sFieldName;
         $qid = (int) Yii::app()->request->getParam('qid');
-        $qidattributes = QuestionAttribute::model()->getQuestionAttributes($qid);
+        $oQuestion = self::getQuestion($surveyid, $qid);
+        $qidattributes = QuestionAttribute::model()->getQuestionAttributes($oQuestion);
         $qidattributes['max_filesize'] = floor(min(intval($qidattributes['max_filesize']), getMaximumFileUploadSize() / 1024));
         if ($qidattributes['max_filesize'] <= 0) {
             $qidattributes['max_filesize'] = getMaximumFileUploadSize() / 1024;
@@ -394,4 +397,26 @@ public function run($actionID)
         App()->getClientScript()->render($body);
         echo $body;
     }
+
+    /**
+     * Helper function to get question
+     * @param integer $surveyid the survey id
+     * @param integer $qid the question id
+     * @throw CHttpException if question is invalid
+     * @return \Question
+     */
+    private static function getQuestion($surveyid, $qid)
+    {
+        $oQuestion = Question::model()->find("sid = :sid and qid = :qid and type = :type", [":sid" => $surveyid, ":qid" => $qid, ":type" =>  Question::QT_VERTICAL_FILE_UPLOAD]);
+        if ($oQuestion) {
+            return $oQuestion;
+        }
+        /* Log as warning */
+        \Yii::log(sprintf("Invalid upload question %s in survey %s", $qid, $surveyid), 'warning', 'application.UploaderController');
+        /* Show information if user have surveycontent/update (can set question type) */
+        if (Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'update')) {
+            throw new CHttpException(400, sprintf(gT("Invalid upload question %s in survey %s"), $qid, $surveyid));
+        }
+        throw new CHttpException(400);
+    }
 }