-
Notifications
You must be signed in to change notification settings - Fork 985
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' of https://github.com/LimeSurvey/LimeSurvey.git
- Loading branch information
Showing
9 changed files
with
23,088 additions
and
23,105 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,189 +1,195 @@ | ||
<?php | ||
/* | ||
* LimeSurvey | ||
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz | ||
* All rights reserved. | ||
* License: GNU/GPL License v2 or later, see LICENSE.php | ||
* LimeSurvey is free software. This version may have been modified pursuant | ||
* to the GNU General Public License, and as distributed it includes or | ||
* is derivative of works licensed under the GNU General Public License or | ||
* other free or open source software licenses. | ||
* See COPYRIGHT.php for copyright notices and details. | ||
* | ||
* $Id: htmleditor-popup.php 11607 2011-12-06 23:19:52Z tmswhite $ | ||
*/ | ||
|
||
//Ensure script is not run directly, avoid path disclosure | ||
//include_once("login_check.php"); | ||
|
||
require_once(dirname(__FILE__).'/../config-defaults.php'); | ||
require_once(dirname(__FILE__).'/../common.php'); | ||
|
||
if (!isset($_GET['lang'])) | ||
{ | ||
$clang = new limesurvey_lang("en"); | ||
} | ||
else | ||
{ | ||
$clang = new limesurvey_lang($_GET['lang']); | ||
} | ||
|
||
if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext'])) | ||
{ | ||
$output = ' | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"> | ||
<html> | ||
<head> | ||
<title>LimeSurvey '.$clang->gT("HTML Editor").'</title> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | ||
<meta name="robots" content="noindex, nofollow" /> | ||
</head>' | ||
|
||
. ' | ||
<body> | ||
<div class="maintitle"> | ||
LimeSurvey '.$clang->gT("HTML Editor").' | ||
</div> | ||
<hr /> | ||
<tr><td align="center"><br /><span style="color:red;"><strong> | ||
</strong></span><br /> | ||
</table> | ||
<form onsubmit="self.close()"> | ||
<input type="submit" value="'.$clang->gT("Close Editor").'" /> | ||
<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" /> | ||
</form> | ||
</body> | ||
</html>'; | ||
} | ||
<?php | ||
/* | ||
* LimeSurvey | ||
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz | ||
* All rights reserved. | ||
* License: GNU/GPL License v2 or later, see LICENSE.php | ||
* LimeSurvey is free software. This version may have been modified pursuant | ||
* to the GNU General Public License, and as distributed it includes or | ||
* is derivative of works licensed under the GNU General Public License or | ||
* other free or open source software licenses. | ||
* See COPYRIGHT.php for copyright notices and details. | ||
* | ||
*/ | ||
|
||
require_once(dirname(__FILE__).'/../classes/core/startup.php'); | ||
|
||
require_once(dirname(__FILE__).'/../config-defaults.php'); | ||
require_once(dirname(__FILE__).'/../common.php'); | ||
require_once('login_check.php'); | ||
|
||
if (!isset($_SESSION['loginID'])) die(); | ||
|
||
if (!isset($_GET['lang'])) | ||
{ | ||
$clang = new limesurvey_lang("en"); | ||
} | ||
else | ||
{ | ||
$clang = new limesurvey_lang($_GET['lang']); | ||
} | ||
|
||
|
||
if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext'])) | ||
{ | ||
$output = ' | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"> | ||
<html> | ||
<head> | ||
<title>LimeSurvey '.$clang->gT("HTML Editor").'</title> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | ||
<meta name="robots" content="noindex, nofollow" /> | ||
</head>' | ||
|
||
. ' | ||
<body> | ||
<div class="maintitle"> | ||
LimeSurvey '.$clang->gT("HTML Editor").' | ||
</div> | ||
<hr /> | ||
<tr><td align="center"><br /><span style="color:red;"><strong> | ||
</strong></span><br /> | ||
</table> | ||
<form onsubmit="self.close()"> | ||
<input type="submit" value="'.$clang->gT("Close Editor").'" /> | ||
<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" /> | ||
</form> | ||
</body> | ||
</html>'; | ||
} | ||
else { | ||
$fieldname=$_GET['fieldname']; | ||
$fieldtext=$_GET['fieldtext']; | ||
if (get_magic_quotes_gpc()) $fieldtext = stripslashes($fieldtext); | ||
$controlidena=$_GET['fieldname'].'_popupctrlena'; | ||
$controliddis=$_GET['fieldname'].'_popupctrldis'; | ||
|
||
$sid=sanitize_int($_GET['sid']); | ||
$gid=sanitize_int($_GET['gid']); | ||
$qid=sanitize_int($_GET['qid']); | ||
$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']); | ||
$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']); | ||
|
||
$toolbarname='popup'; | ||
$htmlformatoption=''; | ||
|
||
if ( $fieldtype == 'email-inv' || | ||
$fieldtype == 'email-reg' || | ||
$fieldtype == 'email-conf' || | ||
$fieldtype == 'email-rem' ) | ||
{ | ||
$htmlformatoption = ",fullPage:true"; | ||
} | ||
|
||
$output = ' | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"> | ||
<html> | ||
<head> | ||
<title>'.sprintf($clang->gT("Editing %s"), $fieldtext).'</title> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | ||
<meta name="robots" content="noindex, nofollow" /> | ||
<script type="text/javascript" src="'.$rooturl.'/scripts/jquery/jquery.js"></script> | ||
<script type="text/javascript" src="'.$sCKEditorURL.'/ckeditor.js"></script> | ||
</head>'; | ||
|
||
|
||
$output .= " | ||
<body> | ||
<form method='post' onsubmit='saveChanges=true;'> | ||
<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' /> | ||
<script type='text/javascript'> | ||
<!-- | ||
function closeme() | ||
{ | ||
window.onbeforeunload = new Function('var a = 1;'); | ||
self.close(); | ||
} | ||
window.onbeforeunload= function (evt) { | ||
close_editor(); | ||
closeme(); | ||
} | ||
var saveChanges = false; | ||
$(document).ready(function(){ | ||
CKEDITOR.on('instanceReady',CKeditor_OnComplete); | ||
var oCKeditor = CKEDITOR.replace( 'MyTextarea' , { height : '350', | ||
width : '98%', | ||
customConfig : \"".$sCKEditorURL."/limesurvey-config.js\", | ||
toolbarStartupExpanded : true, | ||
ToolbarCanCollapse : false, | ||
toolbar : '".$toolbarname."', | ||
LimeReplacementFieldsSID : \"".$sid."\", | ||
LimeReplacementFieldsGID : \"".$gid."\", | ||
LimeReplacementFieldsQID : \"".$qid."\", | ||
LimeReplacementFieldsType: \"".$fieldtype."\", | ||
LimeReplacementFieldsAction: \"".$action."\", | ||
smiley_path: \"".$rooturl."/upload/images/smiley/msn/\" | ||
{$htmlformatoption} }); | ||
}); | ||
function CKeditor_OnComplete( evt ) | ||
{ | ||
var editor = evt.editor; | ||
editor.setData(window.opener.document.getElementsByName(\"".$fieldname."\")[0].value); | ||
editor.execCommand('maximize'); | ||
window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."'; | ||
} | ||
function html_transfert() | ||
{ | ||
var oEditor = CKEDITOR.instances['MyTextarea'];\n"; | ||
|
||
if ($fieldtype == 'editanswer' || | ||
$fieldtype == 'addanswer' || | ||
$fieldtype == 'editlabel' || | ||
$fieldtype == 'addlabel') | ||
{ | ||
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\n\", \"g\" ),'');\n"; | ||
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\r\", \"g\" ),'');\n"; | ||
} | ||
else | ||
{ | ||
//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n"; | ||
$output .= "\t\tvar editedtext = oEditor.getData('no strip new line');\n"; // adding a parameter avoids stripping \n | ||
} | ||
|
||
|
||
|
||
$output .= " | ||
window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext; | ||
} | ||
function close_editor() | ||
{ | ||
html_transfert(); | ||
window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false; | ||
window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput'; | ||
window.opener.document.getElementById('".$controlidena."').style.display=''; | ||
window.opener.document.getElementById('".$controliddis."').style.display='none'; | ||
window.opener.focus(); | ||
return true; | ||
} | ||
//--> | ||
</script>"; | ||
|
||
$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>"; | ||
$output .= " | ||
</form> | ||
</body> | ||
</html>"; | ||
} | ||
|
||
echo $output; | ||
?> | ||
require_once("../classes/inputfilter/class.inputfilter_clean.php"); | ||
$oFilter = new InputFilter('','',1,1,1); | ||
|
||
$fieldname=$oFilter->process($_GET['fieldname']); | ||
$fieldtext=$oFilter->process($_GET['fieldtext']); | ||
if (get_magic_quotes_gpc()) $fieldtext = stripslashes($fieldtext); | ||
$controlidena=$_GET['fieldname'].'_popupctrlena'; | ||
$controliddis=$_GET['fieldname'].'_popupctrldis'; | ||
|
||
$sid=sanitize_int($_GET['sid']); | ||
$gid=sanitize_int($_GET['gid']); | ||
$qid=sanitize_int($_GET['qid']); | ||
$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']); | ||
$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']); | ||
|
||
$toolbarname='popup'; | ||
$htmlformatoption=''; | ||
|
||
if ( $fieldtype == 'email-inv' || | ||
$fieldtype == 'email-reg' || | ||
$fieldtype == 'email-conf' || | ||
$fieldtype == 'email-rem' ) | ||
{ | ||
$htmlformatoption = ",fullPage:true"; | ||
} | ||
|
||
$output = ' | ||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"> | ||
<html> | ||
<head> | ||
<title>'.sprintf($clang->gT("Editing %s"), $fieldtext).'</title> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | ||
<meta name="robots" content="noindex, nofollow" /> | ||
<script type="text/javascript" src="'.$rooturl.'/scripts/jquery/jquery.js"></script> | ||
<script type="text/javascript" src="'.$sCKEditorURL.'/ckeditor.js"></script> | ||
</head>'; | ||
|
||
|
||
$output .= " | ||
<body> | ||
<form method='post' onsubmit='saveChanges=true;'> | ||
<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' /> | ||
<script type='text/javascript'> | ||
<!-- | ||
function closeme() | ||
{ | ||
window.onbeforeunload = new Function('var a = 1;'); | ||
self.close(); | ||
} | ||
window.onbeforeunload= function (evt) { | ||
close_editor(); | ||
closeme(); | ||
} | ||
var saveChanges = false; | ||
$(document).ready(function(){ | ||
CKEDITOR.on('instanceReady',CKeditor_OnComplete); | ||
var oCKeditor = CKEDITOR.replace( 'MyTextarea' , { height : '350', | ||
width : '98%', | ||
customConfig : \"".$sCKEditorURL."/limesurvey-config.js\", | ||
toolbarStartupExpanded : true, | ||
ToolbarCanCollapse : false, | ||
toolbar : '".$toolbarname."', | ||
LimeReplacementFieldsSID : \"".$sid."\", | ||
LimeReplacementFieldsGID : \"".$gid."\", | ||
LimeReplacementFieldsQID : \"".$qid."\", | ||
LimeReplacementFieldsType: \"".$fieldtype."\", | ||
LimeReplacementFieldsAction: \"".$action."\", | ||
smiley_path: \"".$rooturl."/upload/images/smiley/msn/\" | ||
{$htmlformatoption} }); | ||
}); | ||
function CKeditor_OnComplete( evt ) | ||
{ | ||
var editor = evt.editor; | ||
editor.setData(window.opener.document.getElementsByName(\"".$fieldname."\")[0].value); | ||
editor.execCommand('maximize'); | ||
window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."'; | ||
} | ||
function html_transfert() | ||
{ | ||
var oEditor = CKEDITOR.instances['MyTextarea'];\n"; | ||
|
||
if ($fieldtype == 'editanswer' || | ||
$fieldtype == 'addanswer' || | ||
$fieldtype == 'editlabel' || | ||
$fieldtype == 'addlabel') | ||
{ | ||
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\n\", \"g\" ),'');\n"; | ||
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\r\", \"g\" ),'');\n"; | ||
} | ||
else | ||
{ | ||
//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n"; | ||
$output .= "\t\tvar editedtext = oEditor.getData('no strip new line');\n"; // adding a parameter avoids stripping \n | ||
} | ||
|
||
|
||
|
||
$output .= " | ||
window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext; | ||
} | ||
function close_editor() | ||
{ | ||
html_transfert(); | ||
window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false; | ||
window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput'; | ||
window.opener.document.getElementById('".$controlidena."').style.display=''; | ||
window.opener.document.getElementById('".$controliddis."').style.display='none'; | ||
window.opener.focus(); | ||
return true; | ||
} | ||
//--> | ||
</script>"; | ||
|
||
$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>"; | ||
$output .= " | ||
</form> | ||
</body> | ||
</html>"; | ||
} | ||
|
||
echo $output; | ||
|
||
// Yes, closing PHP tag was intentionally left out |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.