Merge pull request #15 from LimeSurvey/master

Synch with Upstream
LimeSurvey · Jul 12, 2014 · 7d639e0 · 7d639e0
2 parents 1868ee1 + c5a7d5b
commit 7d639e0
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 24 deletions.
diff --git a/application/controllers/PrintanswersController.php b/application/controllers/PrintanswersController.php
@@ -141,8 +141,6 @@ function actionView($surveyid,$printableexport=FALSE)
             {
                 if (substr($sFieldname,0,4) == 'gid_')
                 {
-
-
                         $sOutput .= "\t<tr class='printanswersgroup'><td colspan='2'>{$fname[0]}</td></tr>\n";
                 }
                 elseif (substr($sFieldname,0,4)=='qid_')
@@ -162,6 +160,8 @@ function actionView($surveyid,$printableexport=FALSE)
                 }
             }
             $sOutput .= "</table>\n";
+            $sData['thissurvey']=$aSurveyInfo;
+            $sOutput=templatereplace($sOutput, array() , $sData, '', $aSurveyInfo['anonymized']=="Y",NULL, array(), true);// Do a static replacement
             if($sExportType == 'pdf')
             {
                 $oPDF->writeHTML($sOutput);
@@ -181,7 +181,6 @@ function actionView($surveyid,$printableexport=FALSE)
 
                 sendCacheHeaders();
                 doHeader();
-                $sData['thissurvey']=$aSurveyInfo;
                 echo templatereplace(file_get_contents(getTemplatePath($sTemplate).'/startpage.pstpl'),array(),$sData);
                 echo templatereplace(file_get_contents(getTemplatePath($sTemplate).'/printanswers.pstpl'),array('ANSWERTABLE'=>$sOutput),$sData);
                 echo templatereplace(file_get_contents(getTemplatePath($sTemplate).'/endpage.pstpl'),array(),$sData);

diff --git a/application/controllers/survey/index.php b/application/controllers/survey/index.php
@@ -313,9 +313,6 @@ function action()
                 }
             }
 
-            $_SESSION['survey_'.$surveyid]['holdname'] = $sLoadName;
-            $_SESSION['survey_'.$surveyid]['holdpass'] = $sLoadPass;
-
             if ($errormsg == "") {
                 LimeExpressionManager::SetDirtyFlag();  
                 buildsurveysession($surveyid);

diff --git a/application/helpers/frontend_helper.php b/application/helpers/frontend_helper.php
@@ -18,39 +18,47 @@ function loadanswers()
     global $clienttoken;
     $clang = Yii::app()->lang;
 
-    $scid=returnGlobal('scid',true);
+    $scid=Yii::app()->request->getQuery('scid');
     if (Yii::app()->request->getParam('loadall') == "reload")
     {
-        $query = "SELECT * FROM {{saved_control}} INNER JOIN {$thissurvey['tablename']}
-        ON {{saved_control}}.srid = {$thissurvey['tablename']}.id
-        WHERE {{saved_control}}.sid=$surveyid\n";
-        if (isset($scid)) //Would only come from email
-
+        $sLoadName=Yii::app()->request->getParam('loadname');
+        $sLoadPass=Yii::app()->request->getParam('loadpass');
+        $oCriteria= new CDbCriteria;
+        $oCriteria->join="LEFT JOIN {{saved_control}} ON t.id={{saved_control}}.srid";
+        $oCriteria->condition="{{saved_control}}.sid=:sid";
+        $aParams=array(':sid'=>$surveyid);
+        if (isset($scid)) //Would only come from email : we don't need it ....
         {
-            $query .= "AND {{saved_control}}.scid={$scid}\n";
+            $oCriteria->addCondition("{{saved_control}}.scid=:scid");
+            $aParams[':scid']=$scid;
         }
-        $query .="AND {{saved_control}}.identifier = '".Yii::app()->db->quoteValue($_SESSION['survey_'.$surveyid]['holdname'])."' ";
+        $oCriteria->addCondition("{{saved_control}}.identifier=:identifier");
+        $aParams[':identifier']=$sLoadName;
 
         if (in_array(Yii::app()->db->getDriverName(), array('mssql', 'sqlsrv', 'dblib')))
         {
-            $query .="AND CAST({{saved_control}}.access_code as varchar(32))= '".md5($_SESSION['survey_'.$surveyid]['holdpass'])."'\n";
+            // To be validated with mssql, think it's not needed
+            $oCriteria->addCondition(" CAST({{saved_control}}.access_code as varchar(32))=:access_code");
         }
         else
         {
-            $query .="AND {{saved_control}}.access_code = '".md5($_SESSION['survey_'.$surveyid]['holdpass'])."'\n";// md5 don't need to be escaped
+            $oCriteria->addCondition("{{saved_control}}.access_code=:access_code");
         }
+        $aParams[':access_code']=md5($sLoadPass);
     }
     elseif (isset($_SESSION['survey_'.$surveyid]['srid']))
     {
-        $query = "SELECT * FROM {$thissurvey['tablename']}
-        WHERE {$thissurvey['tablename']}.id=".$_SESSION['survey_'.$surveyid]['srid']."\n";
+        $oCriteria= new CDbCriteria;
+        $oCriteria->condition="id=:id";
+        $aParams=array(':id'=>$_SESSION['survey_'.$surveyid]['srid']);
     }
     else
     {
         return;
     }
-    $aRow = Yii::app()->db->createCommand($query)->queryRow();// TODO : use Yii for query
-    if (!$aRow)
+    $oCriteria->params=$aParams;
+    $oResponses=SurveyDynamic::model($surveyid)->find($oCriteria);
+    if (!$oResponses)
     {
         return false;
     }
@@ -60,7 +68,8 @@ function loadanswers()
         //If this is from an email, build surveysession first
         $_SESSION['survey_'.$surveyid]['LEMtokenResume']=true;
         // Get if survey is been answered
-        $submitdate=$aRow['submitdate'];
+        $submitdate=$oResponses->submitdate;
+        $aRow=$oResponses->attributes;
         foreach ($aRow as $column => $value)
         {
             if ($column == "token")
@@ -133,8 +142,8 @@ function loadanswers()
                 }  // if (in_array(
             }  // else
         } // foreach
+        return true;
     }
-    return true;
 }
 
 function makegraph($currentstep, $total)

diff --git a/scripts/admin/admin_core.js b/scripts/admin/admin_core.js
@@ -253,6 +253,7 @@ function doToolTip()
                     at: "top right"
                 }
             });
+            $(this).children("a").children("img").removeAttr('title');
         }
     });
     $(".sf-menu a > img[alt]").data("hasqtip", true ).parent("a").data("hasqtip", true );
@@ -277,7 +278,7 @@ function doToolTip()
             }
         }
     });
-    $("a > img[alt]").data("hasqtip", true );
+    $("a > img[alt]").data("hasqtip", true ).removeAttr('title');
 
     // Call the popuptip hover rel attribute
     $('.popuptip').each(function(){
@@ -302,7 +303,7 @@ function doToolTip()
                     event: "mouseout"
                 }
             });
-            $("#"+$(this).attr('rel')).find("img").data("hasqtip", true );
+            $("#"+$(this).attr('rel')).find("img").data("hasqtip", true ).removeAttr('title');
         }
     });
     // On label