Merge branch 'master' into develop

application/config/config-defaults.php

@@ -727,8 +727,8 @@
 $config['userthemerootdir']         = $config['uploaddir'].DIRECTORY_SEPARATOR."themes".DIRECTORY_SEPARATOR."survey"; // The directory path of the user themes
 $config['usertwigextensionrootdir'] = $config['uploaddir'].DIRECTORY_SEPARATOR."twig".DIRECTORY_SEPARATOR."extensions"; // The directory path of the user custom twig extensions
 $config['userquestionthemedir']     = "themes".DIRECTORY_SEPARATOR."question"; // The directory containing the user's question themes.
-$config['userquestionthemerootdir'] = $config['uploaddir'].DIRECTORY_SEPARATOR.$config['userquestionthemedir']; // The directory containing the user's question themes.
-$config['userfontsrootdir']         = $config['uploaddir'].DIRECTORY_SEPARATOR.'fonts'; // The directory containing the user's fonts.
+$config['userquestionthemerootdir'] = "upload".DIRECTORY_SEPARATOR.$config['userquestionthemedir']; // The directory containing the user's question themes.
+$config['userfontsrootdir']          = $config['uploaddir'].DIRECTORY_SEPARATOR.'fonts'; // The directory containing the user's fonts.
 
 $config['lsadminmodulesrootdir']    = $config['rootdir'].DIRECTORY_SEPARATOR."modules".DIRECTORY_SEPARATOR."admin";
 //Overwrite files with the same name on upload?

application/controllers/UserManagementController.php

@@ -416,6 +416,9 @@ public function actionSaveUserPermissions()
         }
         $userId = Yii::app()->request->getPost('userid');
         $aPermissions = Yii::app()->request->getPost('Permission', []);
+
+        Permissiontemplates::model()->clearUser($userId);
+
         $results = $this->applyPermissionFromArray($userId, $aPermissions);
 
         $oUser = User::model()->findByPk($userId);

application/controllers/admin/checkintegrity.php

@@ -597,14 +597,17 @@ protected function _checkintegrity()
                             // QID field can be more than just QID, like: 886other or 886A1
                             // So we clean it by finding the first alphabetical character
                             $sDirtyQid = $aFields[2];
-                            preg_match('~[a-zA-Z_]~i', $sDirtyQid, $match, PREG_OFFSET_CAPTURE);
+                            preg_match('~[a-zA-Z_#]~i', $sDirtyQid, $match, PREG_OFFSET_CAPTURE);
 
                             if (isset($match[0][1])) {
                                 $sQID      =  substr($sDirtyQid, 0, $match[0][1]);
                             } else {
                                 // It was just the QID....
                                 $sQID      =  $sDirtyQid;
                             }
+                            if ((string) intval($sQID) !== $sQID) {
+                                throw new \Exception('sQID is not an integer: ' . $sQID);
+                            }
 
                             // Here, we get the question as defined in backend
                             $oQuestion = Question::model()->findByAttributes([ 'qid' => $sQID , 'sid' => $oSurvey->sid ]);

application/helpers/expressions/em_manager_helper.php

@@ -6234,7 +6234,14 @@ function ($sqRankAnwsers) {
                     }
                     // what about optional vs. mandatory comment and 'other' fields?
                     break;
-
+                case Question::QT_O_LIST_WITH_COMMENT:
+                    foreach ($unansweredSQs as $sq) {
+                        if (!preg_match("/comment$/", $sq)) {
+                            $anyUnanswered = true;
+                            break;
+                        }
+                    }
+                    break;
                 case Question::QT_COLON_ARRAY_MULTI_FLEX_NUMBERS:
                     $anyUnanswered = false;
                     $qattr = isset($LEM->qattr[$qid]) ? $LEM->qattr[$qid] : array();

application/models/Survey.php

@@ -1083,13 +1083,13 @@ public function getState()
             $sStop   = ($this->expires != '') ? date("Y-m-d H:i:s", strtotime(Yii::app()->getConfig('timeadjust'), strtotime($this->expires))) : null;
             $sStart  = ($this->startdate != '') ? date("Y-m-d H:i:s", strtotime(Yii::app()->getConfig('timeadjust'), strtotime($this->startdate))) : null;
 
-            // Time comparaison
+            // Time comparison
             $oNow   = new DateTime($sNow);
             $oStop  = new DateTime($sStop);
             $oStart = new DateTime($sStart);
 
             $bExpired = (!is_null($sStop) && $oStop < $oNow);
-            $bWillRun = (!is_null($oStart) && $oStart > $oNow);
+            $bWillRun = (!is_null($sStart) && $oStart > $oNow);
 
             if ($bExpired) {
                 return 'expired';

application/views/userManagement/partial/editpermissions.php

@@ -66,6 +66,13 @@
                     <?php endforeach; ?>
 
                 </table>
+            <div class="row ls-space margin top-25">
+                <?php if (safecount(Permission::model()->getUserRole($oUser->uid)) > 0 ): ?>
+                    <div class="col-xs-12 alert alert-warning">
+                        <?= gT("Warning: The user has at least one role assigned. Setting individual user permissions will remove all roles from this user!") ?>
+                    </div>
+                <?php endif; ?>
+            </div>
             <div class="row ls-space margin top-25">
                 <button class="btn btn-success col-sm-3 col-xs-5 col-xs-offset-1 selector--submitForm" id="permission-modal-submitForm"><?=gT('Save')?></button>
                 <button class="btn btn-error col-sm-3 col-xs-5 col-xs-offset-1 selector--exitForm" id="permission-modal-exitForm"><?=gT('Cancel')?></button>