Skip to content

Commit

Permalink
Merge branch 'master' into master_fixDeleteResponse_urlget
Browse files Browse the repository at this point in the history 
# Conflicts:
#	application/models/SurveyDynamic.php
#	assets/packages/adminbasics/build/adminbasics.min.css
#	assets/packages/adminbasics/build/adminbasics.min.js
  • Loading branch information
@Shnoulle
Shnoulle committed Nov 12, 2018
2 parents bb3c7ce + 7cadc79 commit 6b9abcc
Show file tree
Hide file tree
Showing 32 changed files with 551 additions and 347 deletions.
4 changes: 2 additions & 2 deletions application/config/version.php
View file
Expand Up @@ -12,9 +12,9 @@
*/


$config['versionnumber'] = '3.15.2';
$config['versionnumber'] = '3.15.4';
$config['dbversionnumber'] = 355;
$config['buildnumber'] = '';
$config['updatable'] = true;
$config['assetsversionnumber'] = '30065';
$config['assetsversionnumber'] = '30067';
return $config;
2 changes: 1 addition & 1 deletion application/controllers/admin/export.php
View file
Expand Up @@ -642,7 +642,7 @@ public function vvexport()
if (count($fielddata) < 1) {
$firstline .= $field;
} else {
$firstline .= preg_replace('/\s+/', ' ', strip_tags($fielddata['question']));
$firstline .= preg_replace('/\s+/', ' ', flattenText($fielddata['question'],false,true,'UTF-8',true));
}
$firstline .= $s;
if ($vvVersion == 2) {
Expand Down
85 changes: 85 additions & 0 deletions application/controllers/admin/surveyadmin.php
View file
Expand Up @@ -2275,4 +2275,89 @@ public function applythemeoptions($iSurveyID = 0)
}
$this->getController()->redirect(array('admin/survey/sa/view/surveyid/'.$iSurveyID));
}

/**
* Upload an image in directory
* @return json
*/
public function uploadimagefile()
{
$iSurveyID = Yii::app()->request->getPost('surveyid');
$success = false;
$debug = [];
if(!Permission::model()->hasSurveyPermission($iSurveyID, 'surveycontent', 'update')) {
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => gT("You don't have suffisient right to upload image in this survey"), 'debug' => $debug]),
false,
false
);
}
$debug[] = $_FILES;
if(empty($_FILES)) {
$uploadresult = gT("No file was uploaded.");
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => $uploadresult, 'debug' => $debug]),
false,
false
);
}
if ($_FILES['file']['error'] == 1 || $_FILES['file']['error'] == 2) {
$uploadresult = sprintf(gT("Sorry, this file is too large. Only files up to %01.2f MB are allowed."), getMaximumFileUploadSize() / 1024 / 1024);
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => $uploadresult, 'debug' => $debug]),
false,
false
);
}
$checkImage = LSYii_ImageValidator::validateImage($_FILES["file"]["tmp_name"]);
if ($checkImage['check'] === false) {
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => $checkImage['uploadresult'], 'debug' => $checkImage['debug']]),
false,
false
);
}
$surveyDir = Yii::app()->getConfig('uploaddir')."/surveys/".$iSurveyID;
if (!is_dir($surveyDir)) {
@mkdir($surveyDir);
}
if (!is_dir($surveyDir."/images")) {
@mkdir($surveyDir."/images");
}
$destdir = $surveyDir."/images/";
if (!is_writeable($destdir)) {
$uploadresult = sprintf(gT("Incorrect permissions in your %s folder."), $destdir);
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => $uploadresult, 'debug' => $debug]),
false,
false
);
}

$filename = sanitize_filename($_FILES['file']['name'], false, false, false); // Don't force lowercase or alphanumeric
$fullfilepath = $destdir.$filename;
$debug[] = $destdir;
$debug[] = $filename;
$debug[] = $fullfilepath;
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $fullfilepath)) {
$uploadresult = gT("An error occurred uploading your file. This may be caused by incorrect permissions for the application /tmp folder.");
} else {
$uploadresult = sprintf(gT("File %s uploaded"), $filename);
$success = true;
};
return Yii::app()->getController()->renderPartial(
'/admin/super/_renderJson',
array('data' => ['success' => $success, 'message' => $uploadresult, 'debug' => $debug]),
false,
false
);



}
}
6 changes: 3 additions & 3 deletions application/controllers/admin/themeoptions.php
View file
Expand Up @@ -112,7 +112,6 @@ public function updatesurvey($sid)
$this->getController()->redirect(Yii::app()->getController()->createUrl("/admin/themeoptions/sa/updatesurvey", ['surveyid'=>$sid, 'sid'=>$sid]));
}
}

$this->_updateCommon($model, $sid);
} else {
Yii::app()->setFlashMessage(gT("We are sorry but you don't have permissions to do this."), 'error');
Expand Down Expand Up @@ -343,8 +342,9 @@ private function _updateCommon(TemplateConfiguration $model, $sid = null)

Yii::app()->clientScript->registerPackage('bootstrap-switch', LSYii_ClientScript::POS_BEGIN);
$aData = array(
'model'=>$model,
'templateOptionPage' => $templateOptionPage
'model' => $model,
'templateOptionPage' => $templateOptionPage,
'sid' => $sid
);

if ($sid !== null) {
Expand Down
7 changes: 5 additions & 2 deletions application/controllers/admin/themes.php
View file
Expand Up @@ -172,14 +172,17 @@ public function tmp($id)
*/
public function upload()
{
$action = returnGlobal('action');
if ($action == 'templateuploadimagefile' && Yii::app()->request->getPost('surveyid') ) {
Yii::app()->getController()->forward("/admin/survey/sa/uploadimagefile/");
Yii::app()->end();
}
if (Permission::model()->hasGlobalPermission('templates', 'import')) {
Yii::app()->loadHelper('admin/template');
$lid = returnGlobal('lid');
$action = returnGlobal('action');
$uploadresult = "";
$success = false;
$debug = [];

if ($action == 'templateuploadimagefile') {
// $iTemplateConfigurationId = Yii::app()->request->getPost('templateconfig');
// $oTemplateConfiguration = TemplateConfiguration::getInstanceFromConfigurationId($iTemplateConfigurationId);
Expand Down
1 change: 1 addition & 0 deletions application/core/plugins/GroupSpecificActivation
Submodule GroupSpecificActivation added at 0dd28d
4 changes: 2 additions & 2 deletions application/helpers/admin/import_helper.php
View file
Expand Up @@ -2024,11 +2024,11 @@ function CSVImportResponses($sFullFilePath, $iSurveyId, $aOptions = array())
}

//Check if datestamp is set => throws no default error on importing
if(!isset($oSurvey->datestamp)){
if($oSurvey->hasAttribute('datestamp') && !isset($oSurvey->datestamp)){
$oSurvey->datestamp = '1980-01-01 00:00:01';
}
//Check if startdate is set => throws no default error on importing
if(!isset($oSurvey->startdate)){
if($oSurvey->hasAttribute('startdate') && !isset($oSurvey->startdate)){
$oSurvey->startdate = '1980-01-01 00:00:01';
}

Expand Down
21 changes: 16 additions & 5 deletions application/helpers/common_helper.php
View file
Expand Up @@ -331,16 +331,27 @@ function convertGETtoPOST($url)
$query = array_shift($stack);
$aqueryitems = explode('&', $query);
$postArray = [];

$getArray = [];
foreach ($aqueryitems as $queryitem) {
$stack = explode('=', $queryitem);
$paramname = array_shift($stack);
$value = array_shift($stack);
$postArray[$paramname] = $value;
if(in_array($paramname,array(Yii::app()->getComponent('urlManager')->routeVar))) {
$getArray[$paramname] = $value;
} else {
$postArray[$paramname] = $value;
}
}
if(!empty($getArray)) {
$calledscript = $calledscript."?".implode('&', array_map(
function ($v, $k) {
return $k.'='.$v;
},
$getArray,
array_keys($getArray)
));
}

$callscript = "window.LS.sendPost(\"".$calledscript."\",\"\",".json_encode($postArray).");";

return $callscript;
}

Expand Down Expand Up @@ -5085,4 +5096,4 @@ function safecount($element)
return count($element);
}
return 0;
}
}
2 changes: 1 addition & 1 deletion application/helpers/update/updatedb_helper.php
View file
Expand Up @@ -2289,7 +2289,7 @@ function db_upgrade_all($iOldDBVersion, $bSilent = false)
$oDB->createCommand()->delete('{{surveymenu}}', 'name=:name', [':name' => $aSurveymenu['name']]);
$oDB->createCommand()->delete('{{surveymenu}}', 'id=:id', [':id' => $aSurveymenu['id']]);
$oDB->createCommand()->insert('{{surveymenu}}', $aSurveymenu);
$aIdMap[$aSurveymenu['name']] = $oDB->getCommandBuilder()->getLastInsertID('{{surveymenu}}');
$aIdMap[$aSurveymenu['name']] = $aSurveymenu['id'];
}

$aDefaultSurveyMenuEntries = LsDefaultDataSets::getSurveyMenuEntryData();
Expand Down
6 changes: 6 additions & 0 deletions application/libraries/MersenneTwister.php
View file
Expand Up @@ -15,6 +15,12 @@ function setSeed($surveyid)
if (isset($_SESSION['survey_'.$surveyid]['srid'])) {
$oResponse = \Response::model($surveyid)->findByPk($_SESSION['survey_'.$surveyid]['srid']);
$seed = $oResponse->seed;
/* fix empty seed, this allow broken seed (not number) */
if(empty($seed)) {
$seed = mt_rand();
$oResponse->seed = $seed;
$oResponse->save();
}
} else {
$seed = mt_rand();

Expand Down
2 changes: 1 addition & 1 deletion application/models/Permission.php
View file
Expand Up @@ -744,7 +744,7 @@ protected function getOwnerId($iEntityID, $sEntityName)
}

public static function getPermissionList(){
$aPermissions = self::getSurveyBasePermissions();
$aPermissions = array_merge(self::getSurveyBasePermissions(),self::getGlobalBasePermissions());
return array_map(function($aPermission){
return $aPermission['title'];
}, $aPermissions);
Expand Down
15 changes: 11 additions & 4 deletions application/models/Survey.php
View file
Expand Up @@ -799,10 +799,17 @@ private function _createSurveymenuArray($oSurveyMenuObjects, $collapsed=false)
}

//Skip menu if no permission
if ((!empty($aEntry['permission']) && !empty($aEntry['permission_grade'])
&& !Permission::model()->hasSurveyPermission($this->sid, $aEntry['permission'], $aEntry['permission_grade']))
) {
continue;
if (!empty($aEntry['permission']) && !empty($aEntry['permission_grade'])){
$inArray = array_search($aEntry['permission'],array_keys(Permission::getGlobalBasePermissions()));
if($inArray) {
$hasPermission = Permission::model()->hasGlobalPermission($aEntry['permission'], $aEntry['permission_grade']);
} else {
$hasPermission = Permission::model()->hasSurveyPermission($this->sid, $aEntry['permission'], $aEntry['permission_grade']);
}

if(!$hasPermission) {
continue;
}
}

// Check if a specific user owns this menu.
Expand Down
50 changes: 31 additions & 19 deletions application/models/TemplateConfiguration.php
View file
Expand Up @@ -785,20 +785,24 @@ private function _getRelativePath($from, $to) {
return str_repeat('..'.DIRECTORY_SEPARATOR, count($dir)) . implode(DIRECTORY_SEPARATOR, $file);
}

private function _filterImages($file)
/**
* Return image information
* @param string $file with Path
* @return array|null
*/
private function _getImageInfo($file)
{
$imagePath = (file_exists($this->filesPath.$file['name']))
? $this->filesPath.$file['name']
: $this->generalFilesPath.$file['name'] ;

$filePath = $this->_getRelativePath(Yii::app()->getConfig('rootdir'), $imagePath);

$previewFilePath = App()->getAssetManager()->publish($imagePath);

$checkImage = LSYii_ImageValidator::validateImage($imagePath);
if (!$checkImage['check'] === false) {
return ['preview' => $previewFilePath, 'filepath' => $filePath, 'filepathOptions' => $filePath ,'filename'=>$file['name']];
if(!file_exists($file)) {
return;
}
// Currently it's private and only used one time, before put this function in twig : must validate directory is inside rootdir
$checkImage = LSYii_ImageValidator::validateImage($file);
if (!$checkImage['check']) {
return;
}
$filePath = $this->_getRelativePath(Yii::app()->getConfig('rootdir'), $file);
$previewFilePath = App()->getAssetManager()->publish($file);
return ['preview' => $previewFilePath, 'filepath' => $filePath, 'filepathOptions' => $filePath ,'filename'=>basename($file)];
}

protected function getOptionPageAttributes()
Expand All @@ -807,13 +811,21 @@ protected function getOptionPageAttributes()
$fileList = array_merge(Template::getOtherFiles($this->filesPath), Template::getOtherFiles($this->generalFilesPath));
$aData['maxFileSize'] = getMaximumFileUploadSize();
$aData['imageFileList'] = [];
foreach ($fileList as $file) {
$isImage = $this->_filterImages($file);

if ($isImage) {
$aData['imageFileList'][] = $isImage;
}
};
$categoryList = []; // Array with optgroup label and path
$categoryList[] = ['group' => gT("Global"),'path' => $this->generalFilesPath];
$categoryList[] = ['group' => gT("Theme"),'path' => $this->filesPath];
if($this->sid) {
$categoryList[] = ['group' => gT("Survey"),'path' => Yii::app()->getConfig('uploaddir').'/surveys/'.$this->sid.'/images/'];
}
foreach($categoryList as $category) {
$fileList = Template::getOtherFiles($category['path']);
foreach ($fileList as $file) {
$imageInfo = $this->_getImageInfo($category['path'].$file['name']);
if ($imageInfo) {
$aData['imageFileList'][] = array_merge($category,$imageInfo);
}
};
}

return $aData;
}
Expand Down
2 changes: 1 addition & 1 deletion application/views/admin/token/managetokenattributes.php
View file
Expand Up @@ -149,7 +149,7 @@
<p>
<label for="deleteattribute"><?php eT('Delete this attribute:'); ?></label>
<div class=''>
<?php echo CHtml::dropDownList('deleteattribute',"",CHtml::listData($tokenfieldlist,'id','descrition'),array('empty' => gT('(None)','unescaped'), 'class'=>'form-control')); ?>
<?php echo CHtml::dropDownList('deleteattribute',"",CHtml::listData($tokenfieldlist,'id','description'),array('empty' => gT('(None)','unescaped'), 'class'=>'form-control')); ?>
</div>
</p>
<p>
Expand Down

0 comments on commit 6b9abcc

Please sign in to comment.