Skip to content

Commit

Permalink
Merge branch 'master' of github.com:LimeSurvey/LimeSurvey
Browse files Browse the repository at this point in the history
  • Loading branch information
@SamMousa
SamMousa committed Jun 15, 2015
2 parents db0280d + 4090816 commit 7a24413
Show file tree
Hide file tree
Showing 15 changed files with 398 additions and 130 deletions.
2 changes: 1 addition & 1 deletion application/config/version.php
View file
Expand Up @@ -12,7 +12,7 @@
*
*/

$config['versionnumber'] = "2.06RC2";
$config['versionnumber'] = "2.06+";
$config['dbversionnumber'] = 181;
$config['buildnumber'] = '';
$config['updatable'] = true;
Expand Down
24 changes: 8 additions & 16 deletions application/controllers/admin/quotas.php
View file
Expand Up @@ -47,7 +47,6 @@ private function _getData($iSurveyId)
{
// Set the variables in an array
$aData['iSurveyId'] = $aData['surveyid'] = $iSurveyId;
$aData['clang'] = $this->getController()->lang;
$aData['sBaseLang'] = Survey::model()->findByPk($iSurveyId)->language;
$aData['aLangs'] = Survey::model()->findByPk($iSurveyId)->additionalLanguages;
array_unshift($aData['aLangs'], $aData['sBaseLang']);
Expand All @@ -61,23 +60,21 @@ private function _getData($iSurveyId)

private function _checkPermissions($iSurveyId, $sPermission)
{
$clang=$this->getController()->lang;
if (!empty($sPermission) && !(Permission::model()->hasSurveyPermission($iSurveyId, 'quotas', $sPermission))) {
Yii::app()->session['flashmessage'] = $clang->gT('Access denied!');
Yii::app()->session['flashmessage'] =gT('Access denied!');
$this->_redirectToIndex($iSurveyId);
}
}

function _redirectToIndex($iSurveyId)
{
$clang=$this->getController()->lang;
if(Permission::model()->hasSurveyPermission($iSurveyId, 'quotas','read'))
{
$this->getController()->redirect($this->getController()->createUrl("/admin/quotas/sa/index/surveyid/$iSurveyId"));
}
else
{
Yii::app()->session['flashmessage'] = $clang->gT('Access denied!');
Yii::app()->session['flashmessage'] =gT('Access denied!');
$this->getController()->redirect($this->getController()->createUrl("admin/survey/sa/view/surveyid/$iSurveyId"));
}
}
Expand All @@ -94,7 +91,6 @@ function index($iSurveyId, $quickreport = false)
$aViewUrls[] = 'viewquotas_view';
}

$clang = $aData['clang'];
$totalquotas = 0;
$totalcompleted = 0;
$csvoutput = array();
Expand Down Expand Up @@ -164,7 +160,7 @@ function index($iSurveyId, $quickreport = false)
header("Content-Disposition: attachment; filename=results-survey" . $iSurveyId . ".csv");
header("Content-type: text/comma-separated-values; charset=UTF-8");
header("Pragma: public");
echo $clang->gT("Quota name") . "," . $clang->gT("Limit") . "," . $clang->gT("Completed") . "," . $clang->gT("Remaining") . "\r\n";
echo gT("Quota name") . "," . gT("Limit") . "," . gT("Completed") . "," . gT("Remaining") . "\r\n";
foreach ($csvoutput as $line)
{
echo $line;
Expand Down Expand Up @@ -342,7 +338,6 @@ function editquota($iSurveyId)
$this->_checkPermissions($iSurveyId, 'update');
$aData = $this->_getData($iSurveyId);
$aLangs = $aData['aLangs'];
$clang = $aData['clang'];
$aViewUrls = array();

$aQuotaInfo = Quota::model()->findByPk(Yii::app()->request->getPost('quota_id'));
Expand All @@ -354,7 +349,7 @@ function editquota($iSurveyId)
$aTabTitles[$sLanguage] = getLanguageNameFromCode($sLanguage, false);
if ($first)
{
$aTabTitles[$sLanguage].= ' (' . $clang->gT("Base language") . ')';
$aTabTitles[$sLanguage].= ' (' . gT("Base language") . ')';
$first = false;
}
$aData['langquotainfo'] = QuotaLanguageSetting::model()->findByAttributes(array('quotals_quota_id' => Yii::app()->request->getPost('quota_id'), 'quotals_language' => $sLanguage));
Expand All @@ -375,7 +370,6 @@ function new_answer($iSurveyId, $sSubAction = 'new_answer')
$this->_checkPermissions($iSurveyId, 'update');
$aData = $this->_getData($iSurveyId);
$sBaseLang = $aData['sBaseLang'];
$clang = $aData['clang'];
$aViewUrls = array();

if (($sSubAction == "new_answer" || ($sSubAction == "new_answer_two" && !isset($_POST['quota_qid']))) && Permission::model()->hasSurveyPermission($iSurveyId, 'quotas', 'create'))
Expand Down Expand Up @@ -428,7 +422,6 @@ function newquota($iSurveyId)
$iSurveyId = sanitize_int($iSurveyId);
$this->_checkPermissions($iSurveyId, 'create');
$aData = $this->_getData($iSurveyId);
$clang = $aData['clang'];

$aData['thissurvey'] = getSurveyInfo($iSurveyId);
$aData['langs'] = $aData['aLangs'];
Expand All @@ -451,7 +444,6 @@ function getQuotaAnswers($iQuestionId, $iSurveyId, $iQuotaId)
$iQuotaId = sanitize_int($iQuotaId);
$aData = $this->_getData($iSurveyId);
$sBaseLang = $aData['sBaseLang'];
$clang = $aData['clang'];
$this->_checkPermissions($iSurveyId, 'read');


Expand All @@ -471,8 +463,8 @@ function getQuotaAnswers($iQuestionId, $iSurveyId, $iQuotaId)
} elseif ($aQuestionType == 'G')
{
$aAnswerList = array(
'M' => array('Title' => $aQuestion['title'], 'Display' => $clang->gT("Male"), 'code' => 'M'),
'F' => array('Title' => $aQuestion['title'], 'Display' => $clang->gT("Female"), 'code' => 'F'));
'M' => array('Title' => $aQuestion['title'], 'Display' => gT("Male"), 'code' => 'M'),
'F' => array('Title' => $aQuestion['title'], 'Display' => gT("Female"), 'code' => 'F'));
} elseif ($aQuestionType == 'L' || $aQuestionType == 'O' || $aQuestionType == '!')
{

Expand Down Expand Up @@ -516,8 +508,8 @@ function getQuotaAnswers($iQuestionId, $iSurveyId, $iQuotaId)
} elseif ($aQuestionType == 'Y')
{
$aAnswerList = array(
'Y' => array('Title' => $aQuestion['title'], 'Display' => $clang->gT("Yes"), 'code' => 'Y'),
'N' => array('Title' => $aQuestion['title'], 'Display' => $clang->gT("No"), 'code' => 'N'));
'Y' => array('Title' => $aQuestion['title'], 'Display' => gT("Yes"), 'code' => 'Y'),
'N' => array('Title' => $aQuestion['title'], 'Display' => gT("No"), 'code' => 'N'));
} elseif ($aQuestionType == 'I')
{
$slangs = Survey::model()->findByPk($iSurveyId)->additionalLanguages;
Expand Down
2 changes: 1 addition & 1 deletion application/extensions/SettingsWidget/SettingsWidget.php
View file
Expand Up @@ -379,7 +379,7 @@ public function renderSelect($name, array $metaData, $form = null)
array(
'minimumResultsForSearch' => 1000,
'dropdownAutoWidth'=> true,
'width' => 'resolve',
'width' => "js: function(){ return Math.max.apply(null, $(this.element).find('option').map(function() { return $(this).text().length; }))+'em' }",
),(isset($metaData['selectOptions']) ? $metaData['selectOptions'] : array())
);
$properties = array(
Expand Down
2 changes: 2 additions & 0 deletions application/extensions/SettingsWidget/assets/settingswidget.css
View file
Expand Up @@ -138,3 +138,5 @@ width: 8.33333333%;
.setting-list .settings .setting:after {
clear: none;
}
.select2-container{min-width:6em}
.select2-container{max-width:100%}
63 changes: 26 additions & 37 deletions application/helpers/expressions/em_core_helper.php
View file
Expand Up @@ -1532,43 +1532,22 @@ public function GetPrettyPrintString()
$descriptor .= ': ';
}

if (version_compare(phpversion(), "5.2.3")>=0)
$messages[] = $descriptor . htmlspecialchars($question,ENT_QUOTES,'UTF-8',false);
if ($ansList != '')
{
// 4th parameter to htmlspecialchars only became available in PHP version 5.2.3
$messages[] = $descriptor . htmlspecialchars($question,ENT_QUOTES,'UTF-8',false);
if ($ansList != '')
{
$messages[] = htmlspecialchars($ansList,ENT_QUOTES,'UTF-8',false);
}
if ($code != '') {
if ($token[2] == 'SGQA' && preg_match('/^INSERTANS:/',$token[0])) {
$shown = $this->GetVarAttribute($token[0], 'shown', '');
$messages[] = 'value=[' . htmlspecialchars($code,ENT_QUOTES,'UTF-8',false) . '] '
. htmlspecialchars($shown,ENT_QUOTES,'UTF-8',false);
}
else {
$messages[] = 'value=' . htmlspecialchars($code,ENT_QUOTES,'UTF-8',false);
}
}
$messages[] = htmlspecialchars($ansList,ENT_QUOTES,'UTF-8',false);
}
else
{
$messages[] = $descriptor . htmlspecialchars($question,ENT_QUOTES,'UTF-8');
if ($ansList != '')
{
$messages[] = htmlspecialchars($ansList,ENT_QUOTES,'UTF-8');
if ($code != '') {
if ($token[2] == 'SGQA' && preg_match('/^INSERTANS:/',$token[0])) {
$shown = $this->GetVarAttribute($token[0], 'shown', '');
$messages[] = 'value=[' . htmlspecialchars($code,ENT_QUOTES,'UTF-8',false) . '] '
. htmlspecialchars($shown,ENT_QUOTES,'UTF-8',false);
}
if ($code != '') {
if ($token[2] == 'SGQA' && preg_match('/^INSERTANS:/',$token[0])) {
$shown = $this->GetVarAttribute($token[0], 'shown', '');
$messages[] = 'value=[' . htmlspecialchars($code,ENT_QUOTES,'UTF-8') . '] '
. htmlspecialchars($shown,ENT_QUOTES,'UTF-8');
}
else {
$messages[] = 'value=' . htmlspecialchars($code,ENT_QUOTES,'UTF-8');
}
else {
$messages[] = 'value=' . htmlspecialchars($code,ENT_QUOTES,'UTF-8',false);
}
}

if ($this->groupSeq == -1 || $groupSeq == -1 || $questionSeq == -1 || $this->questionSeq == -1) {
$class = 'em-var-static';
}
Expand All @@ -1589,12 +1568,15 @@ public function GetPrettyPrintString()
$message = implode('; ',$messages);
$message = str_replace(array('{','}'), array('{ ', ' }'), $message);

$stringParts[] = "<span title='" . $message . "' class='em-var {$class}'";
if ($this->hyperlinkSyntaxHighlighting && isset($gid) && isset($qid) && $qid>0) {
if ($this->hyperlinkSyntaxHighlighting && isset($gid) && isset($qid) && $qid>0)
{
$editlink = Yii::app()->getController()->createUrl('admin/survey/sa/view/surveyid/' . $this->sid . '/gid/' . $gid . '/qid/' . $qid);
$stringParts[] = " data-link='{$editlink}'";
$stringParts[] = "<a title='{$message}' class='em-var {$class}' href='{$editlink}' >";
}
else
{
$stringParts[] = "<span title='" . $message . "' class='em-var {$class}' >";
}
$stringParts[] = ">";
if ($this->sgqaNaming)
{
$sgqa = substr($jsName,4);
Expand All @@ -1609,7 +1591,14 @@ public function GetPrettyPrintString()
{
$stringParts[] = $displayName;
}
$stringParts[] = "</span>";
if ($this->hyperlinkSyntaxHighlighting && isset($gid) && isset($qid) && $qid>0)
{
$stringParts[] = "</a>";
}
else
{
$stringParts[] = "</span>";
}
}
break;
case 'ASSIGN':
Expand Down
4 changes: 2 additions & 2 deletions application/helpers/frontend_helper.php
View file
Expand Up @@ -73,7 +73,7 @@ function loadanswers()
// If survey come from reload (GET or POST); some value need to be found on saved_control, not on survey
if (Yii::app()->request->getParam('loadall') == "reload")
{
$oSavedSurvey=SavedControl::model()->find("identifier=:identifier AND access_code=:access_code",array(":identifier"=>$sLoadName,":access_code"=>md5($sLoadPass)));
$oSavedSurvey=SavedControl::model()->find("identifier=:identifier AND (access_code=:access_code OR access_code=:sha256_code)",array(':identifier'=>$sLoadName,':access_code'=>md5($sLoadPass),':sha256_code'=>hash('sha256',$sLoadPass)));
// We don't need to control if we have one, because we do the test before
$_SESSION['survey_'.$surveyid]['scid'] = $oSavedSurvey->scid;
$_SESSION['survey_'.$surveyid]['step'] = ($oSavedSurvey->saved_thisstep>1)?$oSavedSurvey->saved_thisstep:1;
Expand Down Expand Up @@ -1204,7 +1204,7 @@ function buildsurveysession($surveyid,$preview=false)

$sQuery= "select count(*) from {{groups}}
left join {{questions}} on {{groups}}.gid={{questions}}.gid
where qid is null";
where {{groups}}.sid={$surveyid} and qid is null";
$iTotalGroupsWithoutQuestions = Yii::app()->db->createCommand($sQuery)->queryScalar();


Expand Down
30 changes: 30 additions & 0 deletions application/helpers/viewHelper.php
View file
Expand Up @@ -225,4 +225,34 @@ public static function purified($sHtml){
$oPurifier = new CHtmlPurifier();
return $oPurifier->purify($sHtml);
}
/**
* Show clean string, leaving ONLY tag for Expression
* @param string : Html to clean
* @return string
*/
public static function stripTagsEM($sHtml)
{
$oPurifier = new CHtmlPurifier();
$oPurifier->options = array(
'HTML.Allowed'=>'span[title|class],a[class|title|href]',
'Attr.AllowedClasses'=>array(
'em-expression',
'em-haveerror',
'em-var-string',
'em-function',
'em-var-static',
'em-var-before',
'em-var-after',
'em-var-inpage',
'em-var-error',
'em-assign',
'em-error',
),
'URI.AllowedSchemes'=>array( // Maybe only local ?
'http' => true,
'https' => true,
)
);
return $oPurifier->purify($sHtml);
}
}
2 changes: 1 addition & 1 deletion application/views/admin/globalSettings_view.php
View file
Expand Up @@ -512,7 +512,7 @@
),
'filterxsshtml'=>array(
'type'=>'select',
'label'=>gt("Survey preview only for administration users").$sStringDemoMode,
'label'=>gt("Filter HTML for XSS").$sStringDemoMode,
'labelOptions'=>array(
'class'=>$sClassDemoMode,
),
Expand Down
2 changes: 1 addition & 1 deletion application/views/admin/survey/Question/answerOptions_view.php
View file
Expand Up @@ -200,7 +200,7 @@
</p>
</div>

<div id="dialog-confirm-replace" title="<?php $clang->eT('Replace label set?'); ?>" style='display:none;'>
<div id="dialog-confirm-replace" title="<?php eT('Replace label set?'); ?>" style='display:none;'>
<p><span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span><span id='strReplaceMessage'></span></p>
</div>

Expand Down
8 changes: 4 additions & 4 deletions application/views/admin/survey/Question/questionbar_view.php
View file
Expand Up @@ -163,15 +163,15 @@
<tr><td><strong>
<?php eT("Question:"); ?></strong></td><td>
<?php
templatereplace(FlattenText($qrrow['question']),array(),$aReplacementData,'Unspecified', false ,$qid);
echo LimeExpressionManager::GetLastPrettyPrintExpression();
templatereplace($qrrow['question'],array(),$aReplacementData,'Unspecified', false ,$qid);
echo viewHelper::stripTagsEM(LimeExpressionManager::GetLastPrettyPrintExpression());
?></td></tr>
<tr><td><strong>
<?php eT("Help:"); ?></strong></td><td>
<?php
if (trim($qrrow['help'])!=''){
templatereplace(FlattenText($qrrow['help']),array(),$aReplacementData,'Unspecified', false ,$qid);
echo LimeExpressionManager::GetLastPrettyPrintExpression();
templatereplace($qrrow['help'],array(),$aReplacementData,'Unspecified', false ,$qid);
echo viewHelper::stripTagsEM(LimeExpressionManager::GetLastPrettyPrintExpression());
} ?>
</td></tr>
<?php if ($qrrow['preg'])
Expand Down
2 changes: 1 addition & 1 deletion application/views/admin/survey/Question/subQuestion_view.php
View file
Expand Up @@ -221,7 +221,7 @@ class="highlight"
<button id='btnlacancel' type='button'><?php eT('Cancel'); ?></button>
</p>
</div>
<div id="dialog-confirm-replace" title="<?php $clang->eT('Replace label set?'); ?>" style='display:none;'>
<div id="dialog-confirm-replace" title="<?php eT('Replace label set?'); ?>" style='display:none;'>
<p><span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span><span id='strReplaceMessage'></span></p>
</div>

Expand Down
2 changes: 1 addition & 1 deletion application/views/installer/precheck_view.php
View file
Expand Up @@ -36,7 +36,7 @@ function dirReport($dir, $write)
?>
<div class="row">
<div class="span3">
<?php $this->renderPartial('/installer/sidebar_view', compact('progressValue', 'classesForStep', 'clang')); ?>
<?php $this->renderPartial('/installer/sidebar_view', compact('progressValue', 'classesForStep')); ?>
</div>
<div class="span9">
<h2><?php echo $title; ?></h2>
Expand Down

0 comments on commit 7a24413

Please sign in to comment.