Merge branch 'master' into develop

application/commands/PluginCommand.php

@@ -15,6 +15,15 @@ class PluginCommand extends CConsoleCommand
     {
         public $connection;
 
+        /**
+        * register some needed or a lot used part
+        */
+        public function init()
+        {
+            parent::init();
+            Yii::import('application.helpers.common_helper', true);
+        }
+
         /**
          * Call for cron action
          * @param int $interval Minutes for interval

application/config/version.php

@@ -16,5 +16,5 @@
 $config['buildnumber'] = '';
 $config['updatable'] = true;
 $config['templateapiversion']  = 3;
-$config['assetsversionnumber'] = '30139';
+$config['assetsversionnumber'] = '30140';
 return $config;

application/controllers/admin/themes.php

@@ -808,17 +808,11 @@ public function templatesavechanges()
             if (returnGlobal('changes')) {
                 $changedtext = returnGlobal('changes');
                 $changedtext = str_replace('<?', '', $changedtext);
-                if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
-                    $changedtext = stripslashes($changedtext);
-                }
             }
 
             if (returnGlobal('changes_cp')) {
                 $changedtext = returnGlobal('changes_cp');
                 $changedtext = str_replace('<?', '', $changedtext);
-                if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
-                    $changedtext = stripslashes($changedtext);
-                }
             }
 
             $action               = returnGlobal('action');

application/controllers/survey/index.php

@@ -142,6 +142,10 @@ public function action()
             if (empty($tokenInstance)) {
                 $oToken = Token::model($surveyid)->findByAttributes(array('token' => $token));
             }
+            if(empty($oToken)) {
+                // #16142 quick fix : unset invalid token
+                $token = null;
+            }
         }
 
         $this->_loadLimesurveyLang($surveyid);
@@ -465,44 +469,40 @@ public function action()
         // this check is done in buildsurveysession and error message
         // could be more interresting there (takes into accound captcha if used)
         if ($tokensexist == 1 && isset($token) && $token != "" && tableExists("{{tokens_".$surveyid."}}") && !$previewmode) {
-            if (empty($tokenInstance)) {
-                if ($oToken) {
-                    $now = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig("timeadjust"));
-
-                    // This can not happen (TokenInstance must fix this)
-                    if ($oToken->completed != 'N' && !empty($oToken->completed)) {
-                        $sError = gT("This invitation has already been used.");
-                    } elseif ($oToken->usesleft < 1) {
-                        $sError = gT("This invitation has no uses left.");
-                    } elseif (strtotime($now) < strtotime($oToken->validfrom)) {
-                        $sError = gT("This invitation is not valid yet.");
-                    } elseif (strtotime($now) > strtotime($oToken->validuntil)) {
-                        $sError = gT("This invitation is not valid anymore.");
-                    } else {
-                        // This can not happen
-                        $sError = gT("This is a controlled survey. You need a valid access code to participate.");
-                    }
-
-                    $aMessage = array(
-                        gT("We are sorry but you are not allowed to enter this survey."),
-                        sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])/* Maybe better to move this to a global replacement 'surveycontact' */
-                    );
-
-                    $event = new PluginEvent('onSurveyDenied');
-                    $event->set('surveyId', $surveyid);
-                    $event->set('reason', 'invalidToken');
-                    App()->getPluginManager()->dispatchEvent($event);
-
-                    App()->getController()->renderExitMessage(
-                        $surveyid,
-                        'survey-notstart',
-                        $aMessage,
-                        null,
-                        array($sError)
-                    );
+            if (empty($tokenInstance) && $oToken) {
+                $now = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig("timeadjust"));
+
+                // This can not happen (TokenInstance must fix this)
+                if ($oToken->completed != 'N' && !empty($oToken->completed)) {
+                    $sError = gT("This invitation has already been used.");
+                } elseif ($oToken->usesleft < 1) {
+                    $sError = gT("This invitation has no uses left.");
+                } elseif (strtotime($now) < strtotime($oToken->validfrom)) {
+                    $sError = gT("This invitation is not valid yet.");
+                } elseif (strtotime($now) > strtotime($oToken->validuntil)) {
+                    $sError = gT("This invitation is not valid anymore.");
                 } else {
+                    // This can not happen
                     $sError = gT("This is a controlled survey. You need a valid access code to participate.");
                 }
+
+                $aMessage = array(
+                    gT("We are sorry but you are not allowed to enter this survey."),
+                    sprintf(gT("Please contact %s ( %s ) for further assistance."), $thissurvey['adminname'], $thissurvey['adminemail'])/* Maybe better to move this to a global replacement 'surveycontact' */
+                );
+
+                $event = new PluginEvent('onSurveyDenied');
+                $event->set('surveyId', $surveyid);
+                $event->set('reason', 'invalidToken');
+                App()->getPluginManager()->dispatchEvent($event);
+
+                App()->getController()->renderExitMessage(
+                    $surveyid,
+                    'survey-notstart',
+                    $aMessage,
+                    null,
+                    array($sError)
+                );
             }
         }
 

application/core/ConsoleApplication.php

@@ -44,15 +44,27 @@ public function __construct($aApplicationConfig = null)
 
         // Set webroot alias.
         Yii::setPathOfAlias('webroot', realpath(Yii::getPathOfAlias('application').'/../'));
-
         /* Because we have app now : we have to call again the config : can be done before : no real usage of url in console, but usage of getPathOfAlias */
         $coreConfig = require(__DIR__.'/../config/config-defaults.php');
         $consoleConfig = require(__DIR__.'/../config/console.php'); // Only for console : replace some config-defaults
         $emailConfig = require(__DIR__.'/../config/email.php');
         $versionConfig = require(__DIR__.'/../config/version.php');
         $updaterVersionConfig = require(__DIR__.'/../config/updater_version.php');
-        $lsConfig = array_merge($coreConfig, $consoleConfig, $emailConfig, $versionConfig, $updaterVersionConfig);
 
+        $lsConfig = array_merge(
+            $coreConfig,
+            $consoleConfig,
+            $emailConfig,
+            $versionConfig,
+            $updaterVersionConfig
+        );
+
+        if (file_exists(__DIR__.'/../config/security.php')) {
+            $securityConfig = require(  __DIR__.'/../config/security.php');
+            if (is_array($securityConfig)) {
+                $lsConfig = array_merge($lsConfig, $securityConfig);
+            }
+        }
         /* Custom config file */
         $configdir = $coreConfig['configdir'];
         if (file_exists( $configdir .  '/security.php')) {