Skip to content

Commit

Permalink
Fixed issue #13948: Survey not opened in token langage if language no…
Browse files Browse the repository at this point in the history 
…t definrd in URL
  • Loading branch information
LouisGac committed Aug 20, 2018
1 parent 8b16a53 commit 8dcdc8a
Show file tree
Hide file tree
Showing 2 changed files with 72 additions and 70 deletions.
117 changes: 62 additions & 55 deletions application/controllers/survey/index.php
View file
Expand Up @@ -69,18 +69,77 @@ public function action()
// collect all data in this method to pass on later
$redata = compact(array_keys(get_defined_vars()));

$this->_loadLimesurveyLang($surveyid);

$previewmode = false;
if (isset($param['action']) && (in_array($param['action'], array('previewgroup', 'previewquestion')))) {

if (!$this->_canUserPreviewSurvey($surveyid)) {

// @todo : throw a 401
$aErrors = array(gT('Error'));
$message = gT("We are sorry but you don't have permissions to do this.");
if(Permission::getUserId()) {
throw new CHttpException(403, $message);
}
throw new CHttpException(401, $message);
} else {
if ((intval($param['qid']) && $param['action'] == 'previewquestion')) {
$previewmode = 'question';

This comment has been minimized.

Sign in to view

Copy link
@olleharstedt

olleharstedt Mar 31, 2022

Contributor

@Shnoulle Any idea why there's no survey-mode here, for preview whole survey? Was there ever? I want to load some custom JS only on preview. :/

This comment has been minimized.

Sign in to view

Copy link
@olleharstedt

olleharstedt Mar 31, 2022

Contributor

Meh, I'll load it when $isSurveyActive === false, should be same effect.

This comment has been minimized.

Sign in to view

Copy link
@Shnoulle

Shnoulle Mar 31, 2022

Collaborator

You mean for plugin ?

App()->getRequest()->getQuery('action');

This comment has been minimized.

Sign in to view

Copy link
@olleharstedt

olleharstedt Mar 31, 2022

Contributor

Action is same for preview as for live, it seems, but checking for survey active is enough.

This comment has been minimized.

Sign in to view

Copy link
@Shnoulle

Shnoulle Apr 1, 2022

Collaborator

You mean for preview survey ? Yes : no difference, only access :)
}
if ((intval($param['gid']) && $param['action'] == 'previewgroup')) {
$previewmode = 'group';
}
}
}

Yii::app()->setConfig('previewmode', $previewmode);


// Token Object

//SEE IF SURVEY USES TOKENS
if ($oSurvey->hasTokensTable) {
$tokensexist = 1;
} else {
$tokensexist = 0;
unset($_POST['token']);
unset($param['token']);
unset($token);
unset($clienttoken);
}

// Get token
if (!isset($token)) {
$token = $clienttoken;
}

if ($tokensexist == 1 && isset($token) && $token != "" && tableExists("{{tokens_".$surveyid."}}") && !$previewmode) {

// check also if it is allowed to change survey after completion
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$oToken = $tokenInstance = Token::model($surveyid)->editable()->findByAttributes(array('token' => $token));
} else {
$oToken = $tokenInstance = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $token));
}
if (empty($tokenInstance)) {
$oToken = Token::model($surveyid)->findByAttributes(array('token' => $token));
}
}

$this->_loadLimesurveyLang($surveyid);

// Set the language of the survey, either from POST, GET parameter of session var
// Keep the old value, because SetSurveyLanguage update $_SESSION
$sOldLang = isset($_SESSION['survey_'.$surveyid]['s_lang']) ? $_SESSION['survey_'.$surveyid]['s_lang'] : ""; // Keep the old value, because SetSurveyLanguage update $_SESSION


if (!empty($param['lang'])) {
$sDisplayLanguage = $param['lang']; // $param take lang from returnGlobal and returnGlobal sanitize langagecode
} elseif (isset($_SESSION['survey_'.$surveyid]['s_lang'])) {
$sDisplayLanguage = $_SESSION['survey_'.$surveyid]['s_lang'];
} elseif (Survey::model()->findByPk($surveyid)) {
} elseif ( !empty($clienttoken) ) {
$sDisplayLanguage = $oToken->language;
}elseif (Survey::model()->findByPk($surveyid)) {
$sDisplayLanguage = Survey::model()->findByPk($surveyid)->language;
} else {
$sDisplayLanguage = Yii::app()->getConfig('defaultlang');
Expand Down Expand Up @@ -147,38 +206,14 @@ public function action()
);
}

$previewmode = false;
if (isset($param['action']) && (in_array($param['action'], array('previewgroup', 'previewquestion')))) {

if (!$this->_canUserPreviewSurvey($surveyid)) {

// @todo : throw a 401
$aErrors = array(gT('Error'));
$message = gT("We are sorry but you don't have permissions to do this.");
if(Permission::getUserId()) {
throw new CHttpException(403, $message);
}
throw new CHttpException(401, $message);
} else {
if ((intval($param['qid']) && $param['action'] == 'previewquestion')) {
$previewmode = 'question';
}
if ((intval($param['gid']) && $param['action'] == 'previewgroup')) {
$previewmode = 'group';
}
}
}

Yii::app()->setConfig('previewmode', $previewmode);

if ($this->_surveyCantBeViewedWithCurrentPreviewAccess($surveyid, $isSurveyActive, $surveyExists)) {
$bPreviewRight = $this->_userHasPreviewAccessSession($surveyid);

if ($bPreviewRight === false) {
$event = new PluginEvent('onSurveyDenied');
$event->set('surveyId', $surveyid);
$event->set('reason', 'noPreviewPermission');

App()->getPluginManager()->dispatchEvent($event);
if(Permission::getUserId()) {
throw new CHttpException(403, gT("We are sorry but you don't have permissions to do this."));
Expand Down Expand Up @@ -259,12 +294,7 @@ public function action()

//~ ),
//~ )), false);

}

// Get token
if (!isset($token)) {
$token = $clienttoken;
}

//GET BASIC INFORMATION ABOUT THIS SURVEY
Expand All @@ -274,17 +304,6 @@ public function action()
$thissurvey['templatedir'] = $beforeSurveyPageEvent->get('template');
}

//SEE IF SURVEY USES TOKENS
if ($oSurvey->hasTokensTable) {
$tokensexist = 1;
} else {
$tokensexist = 0;
unset($_POST['token']);
unset($param['token']);
unset($token);
unset($clienttoken);
}

//SET THE TEMPLATE DIRECTORY
$oTemplate = Template::model()->getInstance('', $surveyid);
$timeadjust = Yii::app()->getConfig("timeadjust");
Expand Down Expand Up @@ -435,20 +454,8 @@ public function action()
// this check is done in buildsurveysession and error message
// could be more interresting there (takes into accound captcha if used)
if ($tokensexist == 1 && isset($token) && $token != "" && tableExists("{{tokens_".$surveyid."}}") && !$previewmode) {

// check also if it is allowed to change survey after completion
if ($thissurvey['alloweditaftercompletion'] == 'Y') {
$tokenInstance = Token::model($surveyid)->editable()->findByAttributes(array('token' => $token));
} else {
$tokenInstance = Token::model($surveyid)->usable()->incomplete()->findByAttributes(array('token' => $token));
}

if (empty($tokenInstance)) {

$oToken = Token::model($surveyid)->findByAttributes(array('token' => $token));

if ($oToken) {

$now = dateShift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", Yii::app()->getConfig("timeadjust"));

// This can not happen (TokenInstance must fix this)
Expand Down
25 changes: 10 additions & 15 deletions application/helpers/frontend_helper.php
View file
Expand Up @@ -749,20 +749,6 @@ function buildsurveysession($surveyid, $preview = false)

// Reset all the session variables and start again
resetAllSessionVariables($surveyid);

// Multi lingual support order : by REQUEST, if not by Token->language else by survey default language
if (returnGlobal('lang', true)) {
$language_to_set = returnGlobal('lang', true);
} elseif (isset($oTokenEntry) && $oTokenEntry) {
// If survey have token : we have a $oTokenEntry
// Can use $oTokenEntry = Token::model($surveyid)->findByAttributes(array('token'=>$clienttoken)); if we move on another function : this par don't validate the token validity
$language_to_set = $oTokenEntry->language;
} else {
$language_to_set = $thissurvey['language'];
}

// Always SetSurveyLanguage : surveys controller SetSurveyLanguage too, if different : broke survey (#09769)
SetSurveyLanguage($surveyid, $language_to_set);
UpdateGroupList($surveyid, $_SESSION['survey_'.$surveyid]['s_lang']);

$totalquestions = $survey->countTotalQuestions;
Expand Down Expand Up @@ -1296,6 +1282,7 @@ function renderRenderWayForm($renderWay, array $scenarios, $sTemplateViewPath, $
Yii::app()->getController()->createAction('captcha');
}
$oSurvey = Survey::model()->findByPk($surveyid);

// Rendering layout_user_forms.twig
$thissurvey = $oSurvey->attributes;
$thissurvey["aForm"] = $aForm;
Expand Down Expand Up @@ -1667,6 +1654,14 @@ function doAssessment($surveyid)

$assessment['subtotal_score'] = (isset($subtotal)) ? $subtotal : '';
$assessment['total_score'] = (isset($total)) ? $total : '';
// token data for placeholder replacements
$token = Token::model($surveyid)->findByAttributes(array('token' => $_SESSION['survey_'.$surveyid]['token']));
if ($token !== null){
$assessment['token']['email'] = $survey->anonymized === 'N'?$token->email:'';
$assessment['token']['firstname'] = $survey->anonymized === 'N'?$token->firstname:'';
$assessment['token']['lastname'] = $survey->anonymized === 'N'?$token->lastname:'';
$assessment['token']['token'] = $survey->anonymized === 'N'?$token->token:'';
}
//$aDatas = array('total' => $total, 'assessment' => $assessment, 'subtotal' => $subtotal, );

This comment has been minimized.

Sign in to view

Copy link
@LouisGac

LouisGac Aug 20, 2018

Contributor

that last chunck of code is here by mistake. It has been reverted in the previous commit.
return array('show'=>($assessment['subtotal']['show'] || $assessment['total']['show']), 'datas' => $assessment);

Expand Down Expand Up @@ -1897,7 +1892,7 @@ function checkCompletedQuota($surveyid, $return = false)
$thissurvey['aQuotas']['sUrlDescription'] = $sUrlDescription;
$thissurvey['aQuotas']['sUrl'] = $sUrl;
$thissurvey['active'] = 'Y';


$thissurvey['aQuotas']['hiddeninputs'] = '<input type="hidden" name="sid" value="'.$surveyid.'" />
<input type="hidden" name="token" value="'.$thissurvey['aQuotas']['sClientToken'].'" />
Expand Down

0 comments on commit 8dcdc8a

Please sign in to comment.