Skip to content

Commit

Permalink
Merge branch 'master' of https://github.com/LimeSurvey/LimeSurvey.git
Browse files Browse the repository at this point in the history
  • Loading branch information
@TMSWhite
TMSWhite committed Mar 14, 2012
2 parents 61a4248 + e3e98c8 commit b173a33
Show file tree
Hide file tree
Showing 9 changed files with 23,088 additions and 23,105 deletions.
382 changes: 194 additions & 188 deletions admin/htmleditor-popup.php
View file
Original file line number Diff line number Diff line change
@@ -1,189 +1,195 @@
<?php
/*
* LimeSurvey
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: GNU/GPL License v2 or later, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
* $Id: htmleditor-popup.php 11607 2011-12-06 23:19:52Z tmswhite $
*/

//Ensure script is not run directly, avoid path disclosure
//include_once("login_check.php");

require_once(dirname(__FILE__).'/../config-defaults.php');
require_once(dirname(__FILE__).'/../common.php');

if (!isset($_GET['lang']))
{
$clang = new limesurvey_lang("en");
}
else
{
$clang = new limesurvey_lang($_GET['lang']);
}

if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
{
$output = '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html>
<head>
<title>LimeSurvey '.$clang->gT("HTML Editor").'</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow" />
</head>'

. '
<body>
<div class="maintitle">
LimeSurvey '.$clang->gT("HTML Editor").'
</div>
<hr />
<tr><td align="center"><br /><span style="color:red;"><strong>
</strong></span><br />
</table>
<form onsubmit="self.close()">
<input type="submit" value="'.$clang->gT("Close Editor").'" />
<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" />
</form>
</body>
</html>';
}
<?php
/*
* LimeSurvey
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: GNU/GPL License v2 or later, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
*/

require_once(dirname(__FILE__).'/../classes/core/startup.php');

require_once(dirname(__FILE__).'/../config-defaults.php');
require_once(dirname(__FILE__).'/../common.php');
require_once('login_check.php');

if (!isset($_SESSION['loginID'])) die();

if (!isset($_GET['lang']))
{
$clang = new limesurvey_lang("en");
}
else
{
$clang = new limesurvey_lang($_GET['lang']);
}


if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
{
$output = '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html>
<head>
<title>LimeSurvey '.$clang->gT("HTML Editor").'</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow" />
</head>'

. '
<body>
<div class="maintitle">
LimeSurvey '.$clang->gT("HTML Editor").'
</div>
<hr />
<tr><td align="center"><br /><span style="color:red;"><strong>
</strong></span><br />
</table>
<form onsubmit="self.close()">
<input type="submit" value="'.$clang->gT("Close Editor").'" />
<input type="hidden" name="checksessionbypost" value="'.$_SESSION['checksessionpost'].'" />
</form>
</body>
</html>';
}
else {
$fieldname=$_GET['fieldname'];
$fieldtext=$_GET['fieldtext'];
if (get_magic_quotes_gpc()) $fieldtext = stripslashes($fieldtext);
$controlidena=$_GET['fieldname'].'_popupctrlena';
$controliddis=$_GET['fieldname'].'_popupctrldis';

$sid=sanitize_int($_GET['sid']);
$gid=sanitize_int($_GET['gid']);
$qid=sanitize_int($_GET['qid']);
$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']);
$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']);

$toolbarname='popup';
$htmlformatoption='';

if ( $fieldtype == 'email-inv' ||
$fieldtype == 'email-reg' ||
$fieldtype == 'email-conf' ||
$fieldtype == 'email-rem' )
{
$htmlformatoption = ",fullPage:true";
}

$output = '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html>
<head>
<title>'.sprintf($clang->gT("Editing %s"), $fieldtext).'</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow" />
<script type="text/javascript" src="'.$rooturl.'/scripts/jquery/jquery.js"></script>
<script type="text/javascript" src="'.$sCKEditorURL.'/ckeditor.js"></script>
</head>';


$output .= "
<body>
<form method='post' onsubmit='saveChanges=true;'>
<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' />
<script type='text/javascript'>
<!--
function closeme()
{
window.onbeforeunload = new Function('var a = 1;');
self.close();
}
window.onbeforeunload= function (evt) {
close_editor();
closeme();
}
var saveChanges = false;
$(document).ready(function(){
CKEDITOR.on('instanceReady',CKeditor_OnComplete);
var oCKeditor = CKEDITOR.replace( 'MyTextarea' , { height : '350',
width : '98%',
customConfig : \"".$sCKEditorURL."/limesurvey-config.js\",
toolbarStartupExpanded : true,
ToolbarCanCollapse : false,
toolbar : '".$toolbarname."',
LimeReplacementFieldsSID : \"".$sid."\",
LimeReplacementFieldsGID : \"".$gid."\",
LimeReplacementFieldsQID : \"".$qid."\",
LimeReplacementFieldsType: \"".$fieldtype."\",
LimeReplacementFieldsAction: \"".$action."\",
smiley_path: \"".$rooturl."/upload/images/smiley/msn/\"
{$htmlformatoption} });
});
function CKeditor_OnComplete( evt )
{
var editor = evt.editor;
editor.setData(window.opener.document.getElementsByName(\"".$fieldname."\")[0].value);
editor.execCommand('maximize');
window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."';
}
function html_transfert()
{
var oEditor = CKEDITOR.instances['MyTextarea'];\n";

if ($fieldtype == 'editanswer' ||
$fieldtype == 'addanswer' ||
$fieldtype == 'editlabel' ||
$fieldtype == 'addlabel')
{
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\n\", \"g\" ),'');\n";
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\r\", \"g\" ),'');\n";
}
else
{
//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n";
$output .= "\t\tvar editedtext = oEditor.getData('no strip new line');\n"; // adding a parameter avoids stripping \n
}



$output .= "
window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext;
}
function close_editor()
{
html_transfert();
window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false;
window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput';
window.opener.document.getElementById('".$controlidena."').style.display='';
window.opener.document.getElementById('".$controliddis."').style.display='none';
window.opener.focus();
return true;
}
//-->
</script>";

$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>";
$output .= "
</form>
</body>
</html>";
}

echo $output;
?>
require_once("../classes/inputfilter/class.inputfilter_clean.php");
$oFilter = new InputFilter('','',1,1,1);

$fieldname=$oFilter->process($_GET['fieldname']);
$fieldtext=$oFilter->process($_GET['fieldtext']);
if (get_magic_quotes_gpc()) $fieldtext = stripslashes($fieldtext);
$controlidena=$_GET['fieldname'].'_popupctrlena';
$controliddis=$_GET['fieldname'].'_popupctrldis';

$sid=sanitize_int($_GET['sid']);
$gid=sanitize_int($_GET['gid']);
$qid=sanitize_int($_GET['qid']);
$fieldtype=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['fieldtype']);
$action=preg_replace("/[^_.a-zA-Z0-9-]/", "",$_GET['action']);

$toolbarname='popup';
$htmlformatoption='';

if ( $fieldtype == 'email-inv' ||
$fieldtype == 'email-reg' ||
$fieldtype == 'email-conf' ||
$fieldtype == 'email-rem' )
{
$htmlformatoption = ",fullPage:true";
}

$output = '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html>
<head>
<title>'.sprintf($clang->gT("Editing %s"), $fieldtext).'</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex, nofollow" />
<script type="text/javascript" src="'.$rooturl.'/scripts/jquery/jquery.js"></script>
<script type="text/javascript" src="'.$sCKEditorURL.'/ckeditor.js"></script>
</head>';


$output .= "
<body>
<form method='post' onsubmit='saveChanges=true;'>
<input type='hidden' name='checksessionbypost' value='".$_SESSION['checksessionpost']."' />
<script type='text/javascript'>
<!--
function closeme()
{
window.onbeforeunload = new Function('var a = 1;');
self.close();
}
window.onbeforeunload= function (evt) {
close_editor();
closeme();
}
var saveChanges = false;
$(document).ready(function(){
CKEDITOR.on('instanceReady',CKeditor_OnComplete);
var oCKeditor = CKEDITOR.replace( 'MyTextarea' , { height : '350',
width : '98%',
customConfig : \"".$sCKEditorURL."/limesurvey-config.js\",
toolbarStartupExpanded : true,
ToolbarCanCollapse : false,
toolbar : '".$toolbarname."',
LimeReplacementFieldsSID : \"".$sid."\",
LimeReplacementFieldsGID : \"".$gid."\",
LimeReplacementFieldsQID : \"".$qid."\",
LimeReplacementFieldsType: \"".$fieldtype."\",
LimeReplacementFieldsAction: \"".$action."\",
smiley_path: \"".$rooturl."/upload/images/smiley/msn/\"
{$htmlformatoption} });
});
function CKeditor_OnComplete( evt )
{
var editor = evt.editor;
editor.setData(window.opener.document.getElementsByName(\"".$fieldname."\")[0].value);
editor.execCommand('maximize');
window.status='LimeSurvey ".$clang->gT("Editing", "js")." ".javascript_escape($fieldtext,true)."';
}
function html_transfert()
{
var oEditor = CKEDITOR.instances['MyTextarea'];\n";

if ($fieldtype == 'editanswer' ||
$fieldtype == 'addanswer' ||
$fieldtype == 'editlabel' ||
$fieldtype == 'addlabel')
{
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\n\", \"g\" ),'');\n";
$output .= "\t\tvar editedtext = oEditor.getData().replace(new RegExp( \"\\r\", \"g\" ),'');\n";
}
else
{
//$output .= "\t\tvar editedtext = oEditor.GetXHTML();\n";
$output .= "\t\tvar editedtext = oEditor.getData('no strip new line');\n"; // adding a parameter avoids stripping \n
}



$output .= "
window.opener.document.getElementsByName('".$fieldname."')[0].value = editedtext;
}
function close_editor()
{
html_transfert();
window.opener.document.getElementsByName('".$fieldname."')[0].readOnly= false;
window.opener.document.getElementsByName('".$fieldname."')[0].className='htmlinput';
window.opener.document.getElementById('".$controlidena."').style.display='';
window.opener.document.getElementById('".$controliddis."').style.display='none';
window.opener.focus();
return true;
}
//-->
</script>";

$output .= "<textarea id='MyTextarea' name='MyTextarea'></textarea>";
$output .= "
</form>
</body>
</html>";
}

echo $output;

// Yes, closing PHP tag was intentionally left out
2 changes: 1 addition & 1 deletion common_functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4202,7 +4202,7 @@ function javascript_escape($str, $strip_tags=false, $htmldecode=false) {
// If you want to echo the header use doHeader() !
function getHeader($meta = false)
{
global $embedded, $surveyid, $rooturl,$defaultlang, $js_header_includes, $css_header_includes;
global $embedded, $surveyid, $rooturl, $defaultlang, $js_header_includes, $css_header_includes;

$js_header_includes = array_unique($js_header_includes);
$css_header_includes = array_unique($css_header_includes);
Expand Down

0 comments on commit b173a33

Please sign in to comment.