diff --git a/application/controllers/admin/database.php b/application/controllers/admin/database.php
index 38fed9dc7d4..68e87666b5b 100644
--- a/application/controllers/admin/database.php
+++ b/application/controllers/admin/database.php
@@ -36,6 +36,10 @@ function index($sa = null)
$iQuestionID=returnGlobal('qid');
$sDBOutput = '';
+ $oFixCKeditor= new LSYii_Validators;
+ $oFixCKeditor->fixCKeditor=true;
+ $oFixCKeditor->xssfilter=false;
+
if ($sAction == "updatedefaultvalues" && Permission::model()->hasSurveyPermission($iSurveyID, 'surveycontent','update'))
{
@@ -144,7 +148,7 @@ function index($sa = null)
$sAnswerText=Yii::app()->request->getPost('answer_'.$sLanguage.'_'.$iSortOrderID.'_'.$iScaleID);
// Fix bug with FCKEditor saving strange BR types
- $sAnswerText=fixCKeditorText($sAnswerText);
+ $sAnswerText=$oFixCKeditor->fixCKeditor($sAnswerText);
// Now we insert the answers
$iInsertCount=Answer::model()->insertRecords(array('code'=>$sCode,
'answer'=>$sAnswerText,
@@ -357,12 +361,11 @@ function index($sa = null)
$iQuestionOrder=(getMaxQuestionOrder($iQuestionGroupID,$iSurveyID));
$iQuestionOrder++;
}
- // é to é and & to & : really needed ? Why not for answers ? (140307)
- $sQuestionText=html_entity_decode(Yii::app()->request->getPost('question_'.$sBaseLanguage), ENT_QUOTES, "UTF-8");
- $sQuestionHelp=html_entity_decode(Yii::app()->request->getPost('help_'.$sBaseLanguage), ENT_QUOTES, "UTF-8");
+ $sQuestionText=Yii::app()->request->getPost('question_'.$sBaseLanguage,'');
+ $sQuestionHelp=Yii::app()->request->getPost('help_'.$sBaseLanguage,'');
// Fix bug with FCKEditor saving strange BR types : in rules ?
- $sQuestionText=fixCKeditorText($sQuestionText);
- $sQuestionHelp=fixCKeditorText($sQuestionHelp);
+ $sQuestionText=$oFixCKeditor->fixCKeditor($sQuestionText);
+ $sQuestionHelp=$oFixCKeditor->fixCKeditor($sQuestionHelp);
$iQuestionID=0;
$oQuestion= new Question;
@@ -734,11 +737,11 @@ function index($sa = null)
if (isset($qlang) && $qlang != "")
{
// é to é and & to & : really needed ? Why not for answers ? (130307)
- $sQuestionText=html_entity_decode(Yii::app()->request->getPost('question_'.$qlang), ENT_QUOTES, "UTF-8");
- $sQuestionHelp=html_entity_decode(Yii::app()->request->getPost('help_'.$qlang), ENT_QUOTES, "UTF-8");
+ $sQuestionText=Yii::app()->request->getPost('question_'.$qlang,'');
+ $sQuestionHelp=Yii::app()->request->getPost('help_'.$qlang,'');
// Fix bug with FCKEditor saving strange BR types : in rules ?
- $sQuestionText=fixCKeditorText($sQuestionText);
- $sQuestionHelp=fixCKeditorText($sQuestionHelp);
+ $sQuestionText=$oFixCKeditor->fixCKeditor($sQuestionText);
+ $sQuestionHelp=$oFixCKeditor->fixCKeditor($sQuestionHelp);
$udata = array(
'type' => Yii::app()->request->getPost('type'),
'title' => Yii::app()->request->getPost('title'),
@@ -904,10 +907,10 @@ function index($sa = null)
$welcome = Yii::app()->request->getPost('welcome_'.$langname);
$endtext = Yii::app()->request->getPost('endtext_'.$langname);
- $short_title=fixCKeditorText($short_title);
- $description=fixCKeditorText($description);
- $welcome=fixCKeditorText($welcome);
- $endtext=fixCKeditorText($endtext);
+ $short_title=$oFixCKeditor->fixCKeditor($short_title);
+ $description=$oFixCKeditor->fixCKeditor($description);
+ $welcome=$oFixCKeditor->fixCKeditor($welcome);
+ $endtext=$oFixCKeditor->fixCKeditor($endtext);
$data = array(
'surveyls_title' => $short_title,
diff --git a/application/core/LSYii_Validators.php b/application/core/LSYii_Validators.php
index 6aa3f5af501..c33c58748d5 100644
--- a/application/core/LSYii_Validators.php
+++ b/application/core/LSYii_Validators.php
@@ -14,6 +14,11 @@
class LSYii_Validators extends CValidator {
+ /**
+ * Filter attribute for fixCKeditor
+ * @var boolean
+ */
+ public $fixCKeditor=false;
/**
* Filter attribute for XSS
* @var boolean
@@ -60,11 +65,39 @@ protected function validateAttribute($object,$attribute)
$object->$attribute=$this->multiLanguageFilter($object->$attribute);
}
}
-
+
/**
- * Defines the customs validation rule xssfilter
+ * Remove some empty characters put by CK editor
+ * Did we need to do if user don't use inline HTML editor ?
*
- * @param mixed $value
+ * @param string $value
+ */
+ public function fixCKeditor($value)
+ {
+ // Actually don't use it in model : model apply too when import : needed or not ?
+ $value = str_replace('
','',$value);
+ if ($value == "
" || $value == " " || $value == " ")
+ {
+ $value = "";
+ }
+ if (preg_match("/^[\s]+$/",$value))
+ {
+ $value='';
+ }
+ if ($value == "\n")
+ {
+ $value = "";
+ }
+ if (trim($value) == " " || trim($value)=='')
+ { // chrome adds a single element to empty fckeditor fields
+ $value = "";
+ }
+ return $value;
+ }
+ /**
+ * Remove any script or dangerous HTML
+ *
+ * @param string $value
*/
public function xssFilter($value)
{