Merge branch '2.1' of github.com:LimeSurvey/LimeSurvey into 2.1

LimeSurvey · Feb 9, 2013 · 5691443 · 5691443
2 parents 5bb684c + 9580707
commit 5691443
Show file tree

Hide file tree

Showing 71 changed files with 1,631 additions and 1,318 deletions.
diff --git a/application/commands/InstallCommand.php b/application/commands/InstallCommand.php
@@ -138,7 +138,10 @@ public function run($sArgument)
             'superadmin'=>1,
             'configurator'=>1,
             'manage_template'=>1,
-            'manage_label'=>1
+            'manage_label'=>1,
+            'manage_survey'=>1,
+            'manage_model'=>1,
+            'copy_model'=>1
             ));
 
         }
@@ -194,4 +197,4 @@ function getDBConnectionStringProperty($sProperty)
         }
 
     }
-?>
+?>
diff --git a/application/config/config-defaults.php b/application/config/config-defaults.php
@@ -316,7 +316,10 @@
     'superadmin' => 0,
     'configurator' => 0,
     'manage_template' => 0,
-    'manage_label' => 0
+    'manage_label' => 0,
+    'manage_survey' => 0,
+    'manage_model' => 0,
+    'copy_model' => 0
 );
 
 /**
@@ -355,6 +358,14 @@ function hook_get_auth_webserver_profile($user_name)
 */
 $config['filterxsshtml'] = true;
 
+ /**
+ * allusercopymodel (boolean)
+ * If this option is set to true, then limesurvey operators can
+ * use/copy all survey model
+ * Otherwise they can use only model where this setting is set
+ */
+ $config['allusercopymodel'] = false;
+
 /**
 * usercontrolSameGroupPolicy (boolean)
 * If this option is set to true, then limesurvey operators will only 'see'
@@ -441,6 +452,12 @@ function hook_get_auth_webserver_profile($user_name)
 */
 $config['showsgqacode'] =  false;
 
+/**
+* When this settings is true/1 (default = false/0) then the printable survey option will show 
+* the raw relevance equation below the general fill-out instructions in case the question has conditions.
+*/
+$config['showrelevance'] =  false;
+
 /**
 *  PDF Export Settings
 *  This feature configures PDF export for Export Answers

diff --git a/application/config/version.php b/application/config/version.php
@@ -13,7 +13,7 @@
  */
 
 $config['versionnumber'] = "2.10a";
-$config['dbversionnumber'] = 169;
+$config['dbversionnumber'] = 170;
 $config['buildnumber'] = '';
 $config['updatable'] = true;
 

diff --git a/application/controllers/AdminController.php b/application/controllers/AdminController.php
@@ -237,7 +237,7 @@ public function _setSessionUserRights()
             $userrights[$right]=($oUser->$right || $oUser->superadmin);
         }
         $userrights['initialsuperadmin']=(!$oUser->parent_id);
-        // initialsuperadminare a superadmin
+        // initialsuperadmin are a superadmin
         // initialsuperadmin can have less right than superadmin in session only: like old situation
         $userrights['superadmin']=($userrights['superadmin'] || $userrights['initialsuperadmin']);
         foreach($userrights as $right=>$value)

diff --git a/application/controllers/admin/checkintegrity.php b/application/controllers/admin/checkintegrity.php
@@ -32,6 +32,7 @@ public function __construct($controller, $id)
         }
 
         Yii::app()->loadHelper('database');
+        Yii::app()->loadHelper('surveytranslator');
     }
 
     public function index()
@@ -554,21 +555,38 @@ protected function _checkintegrity()
             }
         }
 
-        /**********************************************************************/
-        /*     Check surveys                                                  */
-        /**********************************************************************/
+        /***************************************************************************/
+        /*   Check survey languagesettings and restore them if they don't exist    */
+        /***************************************************************************/
+
         $surveys = Survey::model()->findAll();
-        if (Survey::model()->hasErrors()) safeDie(Survey::model()->getError());
         foreach ($surveys as $survey)
         {
-            $criteria = new CDbCriteria;
-            $criteria->compare('surveyls_survey_id', $survey['sid']);
-            $iSurveyLangSettingsCount = count(Surveys_languagesettings::model()->findAll($criteria));
-            if (Surveys_languagesettings::model()->hasErrors()) safeDie(Surveys_languagesettings::model()->getError());
-            if (!$iSurveyLangSettingsCount) {
-                $aDelete['surveys'][] = array('sid' => $survey['sid'], 'reason' => $clang->gT('Language specific settings missing'));
+            $aLanguages=$survey->additionalLanguages;
+            $aLanguages[]=$survey->language;
+            foreach ($aLanguages as $langname)
+            {
+                if ($langname)
+                {
+                    $oLanguageSettings = Surveys_languagesettings::model()->find('surveyls_survey_id=:surveyid AND surveyls_language=:langname', array(':surveyid'=>$survey->sid,':langname'=>$langname));
+                    if(!$oLanguageSettings)
+                    {
+                        $oLanguageSettings= new Surveys_languagesettings;
+                        $languagedetails=getLanguageDetails($langname);
+                        $insertdata = array(
+                            'surveyls_survey_id' => $survey->sid,
+                            'surveyls_language' => $langname,
+                            'surveyls_title' => '',
+                            'surveyls_dateformat' => $languagedetails['dateformat']
+                        );
+                        foreach ($insertdata as $k => $v)
+                            $oLanguageSettings->$k = $v;
+                        $usresult=$oLanguageSettings->save();
+                    }
+                }
             }
         }
+
 
         /**********************************************************************/
         /*     Check survey language settings                                 */

diff --git a/application/controllers/admin/database.php b/application/controllers/admin/database.php
@@ -825,32 +825,14 @@ function index($sa = null)
             {
                 if ($langname)
                 {
-                    $url = Yii::app()->request->getPost('url_'.$langname);
-                    if ($url == 'http://') {$url="";}
-
-                    // Clean XSS attacks
-                    if ($xssfilter)
-                    {
-                        $purifier = new CHtmlPurifier();
-                        $purifier->options = array(
-                        'HTML.Allowed' => 'p,a[href],b,i'
-                        );
-                        $short_title=$purifier->purify(Yii::app()->request->getPost('short_title_'.$langname));
-                        $description=$purifier->purify(Yii::app()->request->getPost('description_'.$langname));
-                        $welcome=$purifier->purify(Yii::app()->request->getPost('welcome_'.$langname));
-                        $endtext=$purifier->purify(Yii::app()->request->getPost('endtext_'.$langname));
-                        $sURLDescription=$purifier->purify(Yii::app()->request->getPost('urldescrip_'.$langname));
-                        $sURL=$purifier->purify(Yii::app()->request->getPost('url_'.$langname));
-                    }
-                    else
-                    {
-                        $short_title = html_entity_decode(Yii::app()->request->getPost('short_title_'.$langname), ENT_QUOTES, "UTF-8");
-                        $description = html_entity_decode(Yii::app()->request->getPost('description_'.$langname), ENT_QUOTES, "UTF-8");
-                        $welcome = html_entity_decode(Yii::app()->request->getPost('welcome_'.$langname), ENT_QUOTES, "UTF-8");
-                        $endtext = html_entity_decode(Yii::app()->request->getPost('endtext_'.$langname), ENT_QUOTES, "UTF-8");
-                        $sURLDescription = html_entity_decode(Yii::app()->request->getPost('urldescrip_'.$langname), ENT_QUOTES, "UTF-8");
-                        $sURL = html_entity_decode(Yii::app()->request->getPost('url_'.$langname), ENT_QUOTES, "UTF-8");
-                    }
+                    $title = html_entity_decode(Yii::app()->request->getPost('short_title_'.$langname), ENT_QUOTES, "UTF-8");
+                    $description = html_entity_decode(Yii::app()->request->getPost('description_'.$langname), ENT_QUOTES, "UTF-8");
+                    $welcometext = html_entity_decode(Yii::app()->request->getPost('welcome_'.$langname), ENT_QUOTES, "UTF-8");
+                    $endtext = html_entity_decode(Yii::app()->request->getPost('endtext_'.$langname), ENT_QUOTES, "UTF-8");
+                    $sURLDescription = html_entity_decode(Yii::app()->request->getPost('urldescrip_'.$langname), ENT_QUOTES, "UTF-8");
+                    $sURL = html_entity_decode(Yii::app()->request->getPost('url_'.$langname), ENT_QUOTES, "UTF-8");
+                    $dateformat= Yii::app()->request->getPost('dateformat_'.$langname);
+                    $numberformat = Yii::app()->request->getPost('numberformat_'.$langname);
 
                     // Fix bug with FCKEditor saving strange BR types
                     $short_title = Yii::app()->request->getPost('short_title_'.$langname);
@@ -860,21 +842,19 @@ function index($sa = null)
 
                     $short_title=fixCKeditorText($short_title);
                     $description=fixCKeditorText($description);
-                    $welcome=fixCKeditorText($welcome);
+                    $welcometext=fixCKeditorText($welcometext);
                     $endtext=fixCKeditorText($endtext);
 
-                    $data = array(
-                    'surveyls_title' => $short_title,
-                    'surveyls_description' => $description,
-                    'surveyls_welcometext' => $welcome,
-                    'surveyls_endtext' => $endtext,
-                    'surveyls_url' => $sURL,
-                    'surveyls_urldescription' => $sURLDescription,
-                    'surveyls_dateformat' => Yii::app()->request->getPost('dateformat_'.$langname),
-                    'surveyls_numberformat' => Yii::app()->request->getPost('numberformat_'.$langname)
-                    );
-
-                    Surveys_languagesettings::model()->updateByPk(array('surveyls_survey_id'=>$surveyid, 'surveyls_language'=>$langname), $data);
+                    $oSurveysLanguagesettings=Surveys_languagesettings::model()->findByPk(array('surveyls_survey_id'=>$surveyid, 'surveyls_language'=>$langname));
+                    $oSurveysLanguagesettings->surveyls_title= $title;
+                    $oSurveysLanguagesettings->surveyls_description= $description;
+                    $oSurveysLanguagesettings->surveyls_welcometext= $welcome;
+                    $oSurveysLanguagesettings->surveyls_endtext= $endtext;
+                    $oSurveysLanguagesettings->surveyls_url= $sURL;
+                    $oSurveysLanguagesettings->surveyls_urldescription= $sURLDescription;
+                    $oSurveysLanguagesettings->surveyls_dateformat= $dateformat;
+                    $oSurveysLanguagesettings->surveyls_numberformat= $numberformat;
+                    $oSurveysLanguagesettings->save();
                 }
             }
             Yii::app()->session['flashmessage'] = $clang->gT("Survey text elements successfully saved.");
@@ -963,6 +943,7 @@ function index($sa = null)
             'bounce_email'=> Yii::app()->request->getPost('bounce_email'),
             'anonymized'=> Yii::app()->request->getPost('anonymized'),
             'faxto'=> Yii::app()->request->getPost('faxto'),
+            'type'=> Yii::app()->request->getPost('type'),
             'format'=> Yii::app()->request->getPost('format'),
             'savetimings'=> Yii::app()->request->getPost('savetimings'),
             'template'=>$template,
@@ -1002,6 +983,7 @@ function index($sa = null)
             'googleanalyticsstyle'=>trim(Yii::app()->request->getPost('googleanalyticsstyle')),
             'tokenlength'=>$tokenlength
             );
+            if(!User::GetUserRights('manage_model')) unset($updatearray['type']);
             // use model
             $Survey=Survey::model()->findByPk($surveyid);
             foreach ($updatearray as $k => $v)
@@ -1029,22 +1011,20 @@ function index($sa = null)
             {
                 if ($langname)
                 {
-                    $usresult = Surveys_languagesettings::model()->findAllByPk(array('surveyls_survey_id'=>$surveyid, 'surveyls_language'=>$langname));
-                    if (count($usresult)==0)
+                    $oLanguageSettings = Surveys_languagesettings::model()->find('surveyls_survey_id=:surveyid AND surveyls_language=:langname', array(':surveyid'=>$surveyid,':langname'=>$langname));
+                    if(!$oLanguageSettings)
                     {
-
+                        $oLanguageSettings= new Surveys_languagesettings;
                         $languagedetails=getLanguageDetails($langname);
-
                         $insertdata = array(
-                        'surveyls_survey_id' => $surveyid,
-                        'surveyls_language' => $langname,
-                        'surveyls_title' => '',
-                        'surveyls_dateformat' => $languagedetails['dateformat']
+                            'surveyls_survey_id' => $surveyid,
+                            'surveyls_language' => $langname,
+                            'surveyls_title' => '',
+                            'surveyls_dateformat' => $languagedetails['dateformat']
                         );
-                        $setting= new Surveys_languagesettings;
                         foreach ($insertdata as $k => $v)
-                            $setting->$k = $v;
-                        $setting->save();
+                            $oLanguageSettings->$k = $v;
+                        $usresult=$oLanguageSettings->save();
                     }
                 }
             }

diff --git a/application/controllers/admin/dataentry.php b/application/controllers/admin/dataentry.php
@@ -791,8 +791,8 @@ public function update()
             $updateqr .= " WHERE id=$id";
             $updateres = dbExecuteAssoc($updateqr) or safeDie("Update failed:<br />\n<br />$updateqr");
 
-            $onerecord_link = $this->getController()->createUrl('/').'/admin/responses/view/surveyid/'.$surveyid.'/id/'.$id;
-            $allrecords_link = $this->getController()->createUrl('/').'/admin/responses/index/surveyid/'.$surveyid;
+            $onerecord_link = $this->getController()->createUrl('/admin/responses/sa/view/surveyid/'.$surveyid.'/id/'.$id);
+            $allrecords_link = $this->getController()->createUrl('/admin/responses/sa/index/surveyid/'.$surveyid);
             $aDataentryoutput .= "<div class='messagebox ui-corner-all'><div class='successheader'>".$clang->gT("Success")."</div>\n"
             .$clang->gT("Record has been updated.")."<br /><br />\n"
             ."<input type='submit' value='".$clang->gT("View This Record")."' onclick=\"window.open('$onerecord_link', '_top')\" /><br /><br />\n"
@@ -822,7 +822,7 @@ public function insert()
         'clang' => $clang
         );
 
-        if (hasSurveyPermission($surveyid, 'responses','read'))
+        if (hasSurveyPermission($surveyid, 'responses','create'))
         {
             if ($subaction == "insert" && hasSurveyPermission($surveyid,'responses','create'))
             {
@@ -1152,7 +1152,7 @@ public function view($surveyid, $lang=NULL)
         if(isset($lang)) $lang=sanitize_languagecode($lang);
         $aViewUrls = array();
 
-        if (hasSurveyPermission($surveyid, 'responses', 'read'))
+        if (hasSurveyPermission($surveyid, 'responses', 'create'))
         {
             $clang = Yii::app()->lang;
 
@@ -1390,7 +1390,7 @@ private function _prepFieldValues($fieldnames, $field, $fieldcount, $donotimport
         // Make this safe for DB (*after* we undo first excel's
         // and then our escaping).
         $fieldvalues = array_map( 'dbQuoteAll', $fieldvalues );
-        $fieldvalues = str_replace( dbQuoteAll('{question_not_shown}'), 'NULL', $fieldvalues );
+        $fieldvalues = str_replace( dbQuoteAll('{question_not_shown}'), null, $fieldvalues );
 
         return $fieldvalues;
     }

diff --git a/application/controllers/admin/expressions.php b/application/controllers/admin/expressions.php
@@ -27,7 +27,7 @@ function index()
             $aData['surveyid'] = (int)$_REQUEST['sid'];
             $this->getController()->_css_admin_includes(Yii::app()->getConfig('adminstyleurl')."superfish.css");
             $message['title']= $clang->gT('Access denied!');
-            $message['message']= $clang->gT('You do not have sufficient rights to access this page');
+            $message['message']= $clang->gT('You do not have sufficient rights to access this page.');
             $message['class']= "error";
             $this->_renderWrappedTemplate('survey', array("message"=>$message), $aData);
         }

diff --git a/application/controllers/admin/globalsettings.php b/application/controllers/admin/globalsettings.php
@@ -159,6 +159,7 @@ private function _saveSettings()
         setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug','0')));
         setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser')));
         setGlobalSetting('filterxsshtml', strip_tags($_POST['filterxsshtml']));
+        setGlobalSetting('allusercopymodel', strip_tags($_POST['allusercopymodel']));
         setGlobalSetting('siteadminbounce', strip_tags($_POST['siteadminbounce']));
         setGlobalSetting('siteadminemail', strip_tags($_POST['siteadminemail']));
         setGlobalSetting('siteadminname', strip_tags($_POST['siteadminname']));