From 08677d11743398bd5acb8dcce9afd6ed7fa9e249 Mon Sep 17 00:00:00 2001 From: Dominik Vitt Date: Wed, 16 May 2018 13:24:45 +0200 Subject: [PATCH 1/3] Fixed issue #13515: Cannot have a null default value when creating custom attributes in a custom question theme --- application/controllers/admin/questions.php | 1 + 1 file changed, 1 insertion(+) diff --git a/application/controllers/admin/questions.php b/application/controllers/admin/questions.php index 650510dddc4..3c400e7da22 100644 --- a/application/controllers/admin/questions.php +++ b/application/controllers/admin/questions.php @@ -1664,6 +1664,7 @@ public function ajaxquestionattributes() // INSERTING EACH OF THIS KEYS TO THE ARRAY IF KEYS ARE MISSING if (empty($attribute['name'])){$attribute['name'] = 'default_theme_attribute_name';} if (empty($attribute['readonly'])){$attribute['readonly'] = '';} + if (empty($attribute['default'])){$attribute['default'] = '';} if (empty($attribute['readonly_when_active'])){$attribute['readonly_when_active'] = '';} if (empty($attribute['value'])){$attribute['value'] = '';} if (empty($attribute['i18n'])){$attribute['i18n'] = '';} From e8061f546942df9b26dbc6dcd6c08d3c5e3c3b8f Mon Sep 17 00:00:00 2001 From: Dominik Vitt Date: Wed, 16 May 2018 17:35:01 +0200 Subject: [PATCH 2/3] Dev: moved Question theme dropdown to General options on edit question page --- application/controllers/admin/questions.php | 23 ++++++++++++++++--- .../survey/Question/editQuestion_view.php | 23 +++++++++++++++++++ .../question_subviews/_ajax_variables.php | 1 + assets/scripts/admin/questions.js | 17 +++++++++++++- 4 files changed, 60 insertions(+), 4 deletions(-) diff --git a/application/controllers/admin/questions.php b/application/controllers/admin/questions.php index 3c400e7da22..c35b418ab1a 100644 --- a/application/controllers/admin/questions.php +++ b/application/controllers/admin/questions.php @@ -1280,6 +1280,8 @@ public function index($sa, $surveyid, $gid, $qid = null) $aData['eqrow'] = $eqrow; $aData['surveyid'] = $surveyid; $aData['gid'] = $gid; + $aData['aQuestionTemplateAttributes'] = Question::model()->getAdvancedSettingsWithValues($qid, $eqrow['type'], $surveyid)['question_template']; + $aData['aQuestionTemplateList'] = \QuestionTemplate::getQuestionTemplateList($eqrow['type']); if (!$adding) { $criteria = new CDbCriteria; @@ -1676,8 +1678,8 @@ public function ajaxquestionattributes() $aAttributesWithValues[$attribute['name']] = $attribute; } } - uasort($aAttributesWithValues, 'categorySort'); + unset($aAttributesWithValues['question_template']); $aAttributesPrepared = array(); foreach ($aAttributesWithValues as $aAttribute) { // SET QUESTION TEMPLATE FORM ATTRIBUTES WHEN $question_template VARIABLE IS SET @@ -1853,7 +1855,7 @@ public function ajaxValidate($surveyid, $qid = false) echo CJSON::encode($oQuestion->getErrors()); Yii::app()->end(); } - /** + /** * Todo : update whole view to use CActiveForm */ # protected function performAjaxValidation($model) @@ -1863,7 +1865,22 @@ public function ajaxValidate($surveyid, $qid = false) # echo CActiveForm::validate($model); # Yii::app()->end(); # } -# } +# } + + /** + * @param string $question_type + * @return string JSON data + */ + public function ajaxGetQuestionTemplateList() + { + $type = Yii::app()->request->getParam('type'); + $questionTemplateList = \QuestionTemplate::getQuestionTemplateList($type); + if (YII_DEBUG) + header('Content-type: application/json'); + echo CJSON::encode($questionTemplateList); + Yii::app()->end(); + } + /** * Renders template(s) wrapped in header and footer * diff --git a/application/views/admin/survey/Question/editQuestion_view.php b/application/views/admin/survey/Question/editQuestion_view.php index 8156505096a..3ce1c9e9d70 100644 --- a/application/views/admin/survey/Question/editQuestion_view.php +++ b/application/views/admin/survey/Question/editQuestion_view.php @@ -231,6 +231,29 @@ + +
+ +
+ + + ' /> + +
+
+
diff --git a/application/views/admin/survey/Question/question_subviews/_ajax_variables.php b/application/views/admin/survey/Question/question_subviews/_ajax_variables.php index 8b8fa9444c9..cb326ec42de 100644 --- a/application/views/admin/survey/Question/question_subviews/_ajax_variables.php +++ b/application/views/admin/survey/Question/question_subviews/_ajax_variables.php @@ -5,6 +5,7 @@ App()->getClientScript()->registerScript("EditQuestionView_basic_variables" ," var attr_url = '".$this->createUrl('admin/questions', array('sa' => 'ajaxquestionattributes'))."'; + var get_question_template_options_url = '".$this->createUrl('admin/questions', array('sa' => 'ajaxGetQuestionTemplateList'))."'; var imgurl = '".Yii::app()->getConfig('imageurl')."'; var validateUrl = '".$sValidateUrl."'; var questionTypeArray = ".$qTypeOutput."; diff --git a/assets/scripts/admin/questions.js b/assets/scripts/admin/questions.js index 576c51bb461..7e5fe0283ab 100644 --- a/assets/scripts/admin/questions.js +++ b/assets/scripts/admin/questions.js @@ -110,7 +110,7 @@ var QuestionFunctions = function () { if(selectormodeclass == 'default' || selectormodeclass == 'full'){ //bind advanced selector - $('#selector__modal_select-question-type').on('hide.bs.modal', updatequestionattributes); + $('#selector__modal_select-question-type').on('hide.bs.modal', function(){updatequestionattributes(''); updateQuestionTemplateOptions();}); $('#selector__modal_select-question-type').on('show.bs.modal', function () { var question_class = questionTypeArray[$('#question_type').val()].class; $('#selector__question-type-select-modal_question-type-' + question_class).addClass('mark-as-selected').trigger('click').closest('div.panel-collapse').addClass('in'); @@ -222,6 +222,21 @@ function updatequestionattributes(question_template_name) { }); } +function updateQuestionTemplateOptions() { + var type = $('#question_type').val(); + $.ajax({ + url: get_question_template_options_url, + data: {'type': type}, + method: 'POST', + success: function (data) { + $("#question_template").html(""); + $.each(data, function (key, title) { + $("#question_template").append(""); + }); + } + }); +} + var qtypes = new Array(); var qnames = new Array(); var qhelp = new Array(); From ff0ff76c30b696b2ae53fb5551069ec4abe7eaec Mon Sep 17 00:00:00 2001 From: Dominik Vitt Date: Thu, 17 May 2018 11:36:20 +0200 Subject: [PATCH 3/3] Fixed issue #13559: [security] CSRF -> Stored XSS in template installation --- application/controllers/admin/themeoptions.php | 4 ++-- application/models/TemplateManifest.php | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/application/controllers/admin/themeoptions.php b/application/controllers/admin/themeoptions.php index 5b7d35d9829..842f37ad913 100644 --- a/application/controllers/admin/themeoptions.php +++ b/application/controllers/admin/themeoptions.php @@ -242,9 +242,9 @@ public function loadModel($id) } - public function importManifest($templatename) + public function importManifest() { - $templatename = sanitize_paranoid_string($templatename); + $templatename = Yii::app()->request->getPost('templatename'); if (Permission::model()->hasGlobalPermission('templates', 'update')) { TemplateManifest::importManifest($templatename); $this->getController()->redirect(array("admin/themeoptions")); diff --git a/application/models/TemplateManifest.php b/application/models/TemplateManifest.php index 240122056f9..cb83b6a2156 100755 --- a/application/models/TemplateManifest.php +++ b/application/models/TemplateManifest.php @@ -259,7 +259,6 @@ public function getTemplateURL() public function getButtons() { $sEditorUrl = Yii::app()->getController()->createUrl('admin/themes/sa/view', array("templatename"=>$this->sTemplateName)); - $sLoadUrl = Yii::app()->getController()->createUrl('admin/themeoptions/sa/importmanifest/', array("templatename"=>$this->sTemplateName)); $sDeleteUrl = Yii::app()->getController()->createUrl('admin/themeoptions/sa/deleteTemplate/', array("templatename"=>$this->sTemplateName)); // TODO: load to DB @@ -275,13 +274,14 @@ class='btn btn-default btn-block'> $sLoadLink = ''; - $sLoadLink .= "'frmínstalltheme','name'=>'frmínstalltheme')) . + " + + "; $sDeleteLink = "