Dev: Merge master into develop

.gitignore

@@ -64,12 +64,6 @@
 !/tmp/runtime/index.html
 !/tmp/upload/index.html
 
-# ignore plugins directory by default except LS plugin
-# if you want to add a new distributed plugin : add the directory here
-/plugins/*
-!/plugins/index.html
-!/plugins/Demo/
-
 # ignore editor contents - reserved for future use
 /editor/*
 

application/commands/TwigCommand.php

@@ -154,22 +154,27 @@ public function actionGenerateQuestionsCache($sQuestionDir = null)
     */
     public function actionGenerateAdminCache($sAdminDir = null)
     {
-
         $this->aLogs["action"] = "actionGenerateAdminCache $sAdminDir";
 
-      // Generate cache for admin area
-        $sAdminDir = $sAdminDir ?? dirname(__FILE__) . '/../views/admin';
-        $oAdminDirectory = new RecursiveDirectoryIterator($sAdminDir);
-        $oAdminIterator = new RecursiveIteratorIterator($oAdminDirectory);
-        $oAdminRegex = new RegexIterator($oAdminIterator, '/^.+\.twig$/i', RecursiveRegexIterator::GET_MATCH);
-
-        $aAdminData = array();
-        foreach ($oAdminRegex as $oTwigFile) {
-            $sTwigFile = $oTwigFile[0];
-            if (file_exists($sTwigFile)) {
-                $this->aLogs["twig"] = "$sTwigFile";
-                $line       = file_get_contents($sTwigFile);
-                $sHtml      = Yii::app()->twigRenderer->convertTwigToHtml($line);
+        // Generate cache for admin area
+        // Set directories to search for twig files
+        $directories = array(
+            dirname(__FILE__) . '/../views/admin',
+            dirname(__FILE__) . '/../views/questionAdministration',
+        );
+        foreach ($directories as $sAdminDir) {
+            $sAdminDir = $sAdminDir ?? dirname(__FILE__) . '/../views/admin';
+            $oAdminDirectory = new RecursiveDirectoryIterator($sAdminDir);
+            $oAdminIterator = new RecursiveIteratorIterator($oAdminDirectory);
+            $oAdminRegex = new RegexIterator($oAdminIterator, '/^.+\.twig$/i', RecursiveRegexIterator::GET_MATCH);
+            $aAdminData = array();
+            foreach ($oAdminRegex as $oTwigFile) {
+                $sTwigFile = $oTwigFile[0];
+                if (file_exists($sTwigFile)) {
+                    $this->aLogs["twig"] = "$sTwigFile";
+                    $line       = file_get_contents($sTwigFile);
+                    $sHtml      = Yii::app()->twigRenderer->convertTwigToHtml($line);
+                }
             }
         }
     }

application/config/config-defaults.php

@@ -82,12 +82,12 @@
 $config['deletenonvalues']           = 1; // By default, LimeSurvey does not save responses to conditional questions that haven't been answered/shown. To have LimeSurvey save these responses change this value to 0.
 $config['stringcomparizonoperators'] = 0; // By default, LimeSurvey assumes the numrical order for comparizon operators in conditions. If you need string comparizon operators, set this parameter to 1
 $config['shownoanswer']              = 2; // Show 'no answer' for non mandatory questions ( 0 = no , 1 = yes , 2 = overridden by survey settings )
-$config['blacklistallsurveys']       = 'N'; // Blacklist all current surveys for participant once the global field is set
-$config['blacklistnewsurveys']       = 'N'; // Blacklist participant for any new added survey once the global field is set
-$config['blockaddingtosurveys']      = 'Y'; // Don't allow blacklisted participants to be added to new survey
-$config['hideblacklisted']           = 'N'; // Don't show blacklisted participants
-$config['deleteblacklisted']         = 'N'; // Delete globally blacklisted participant from the database
-$config['allowunblacklist']          = 'N'; // Allow participant to unblacklist himself/herself
+$config['blacklistallsurveys']       = 'N'; // Blocklist all current surveys for participant once the global field is set
+$config['blacklistnewsurveys']       = 'N'; // Blocklist participant for any new added survey once the global field is set
+$config['blockaddingtosurveys']      = 'Y'; // Don't allow blocklisted participants to be added to new survey
+$config['hideblacklisted']           = 'N'; // Don't show blocklisted participants
+$config['deleteblacklisted']         = 'N'; // Delete globally blocklisted participant from the database
+$config['allowunblacklist']          = 'N'; // Allow participant to unblocklist himself/herself
 $config['userideditable']            = 'N'; // Allow editing of user IDs
 
 $config['defaulttheme']              = 'fruity_twentythree'; // This setting specifys the default theme used for the 'public list' of surveys
@@ -797,13 +797,13 @@
 $config['force_xmlsettings_for_survey_rendering'] = false;
 
 /**
- * When this setting is true, plugins that are not in the white list (see 'pluginWhitelist') cannot be installed nor loaded. This may disable
+ * When this setting is true, plugins that are not in the allowlist (see 'pluginWhitelist') cannot be installed nor loaded. This may disable
  * already installed plugins.
- * Core plugins are implicitly whitelisted, but can be excluded using the black list.
+ * Core plugins are implicitly allowlisted, but can be excluded using the blocklist.
  */
 $config['usePluginWhitelist'] = false;
 
-// List of plugin names allowed to be installed and loaded when 'usePluginWhitelist' is true. Core plugins are implicitly whitelisted.
+// List of plugin names allowed to be installed and loaded when 'usePluginWhitelist' is true. Core plugins are implicitly allowlisted.
 $config['pluginWhitelist'] = [];
 
 // List of core plugin names forbidden when 'usePluginWhitelist' is true.

application/config/version.php

@@ -12,9 +12,9 @@
  */
 
 $config['versionnumber'] = '6.5.0-dev';
-$config['dbversionnumber'] = 621;
+$config['dbversionnumber'] = 623;
 $config['buildnumber'] = '';
 $config['updatable'] = true;
 $config['templateapiversion']  = 3;
-$config['assetsversionnumber'] = '30370';
+$config['assetsversionnumber'] = '30379';
 return $config;

application/controllers/AssessmentController.php

@@ -48,7 +48,7 @@ protected function beforeRender($view)
      * Renders th view for: show the list of assessments(if assessment is activated)
      *                      or the button to activate assessment mode
      *
-     * @param int $surveyid the survey id
+     * @param int $surveyid the survey ID
      *
      */
     public function actionIndex($surveyid)

application/controllers/OptinController.php

@@ -39,7 +39,7 @@ public function actiontokens()
         $languageCode = Yii::app()->request->getQuery('langcode');
         $accessToken = Token::sanitizeToken(Yii::app()->request->getQuery('token'));
 
-        //IF there is no survey id, redirect back to the default public page
+        //IF there is no survey ID, redirect back to the default public page
         if (!$surveyId) {
             $this->redirect(['/']);
         }
@@ -91,7 +91,7 @@ public function actionparticipants()
         $languageCode = Yii::app()->request->getQuery('langcode');
         $accessToken = Token::sanitizeToken(Yii::app()->request->getQuery('token'));
 
-        //IF there is no survey id, redirect back to the default public page
+        //IF there is no survey ID, redirect back to the default public page
         if (!$surveyId) {
             $this->redirect(['/']);
         }
@@ -127,7 +127,7 @@ public function actionparticipants()
             $isBlacklisted = !empty($participant) && $participant->blacklisted == 'Y';
 
             if (!Yii::app()->getConfig('allowunblacklist') == "Y") {
-                $message = gT('Removing yourself from the blacklist is currently disabled.');
+                $message = gT('Removing yourself from the blocklist is currently disabled.');
             } elseif ($isBlacklisted) {
                 $message = gT('Please confirm that you want to be added back to the central participants list for this site.');
                 $link = Yii::app()->createUrl('optin/addtokens', ['surveyid' => $surveyId, 'langcode' => $baseLanguage, 'token' => $accessToken, 'global' => true]);
@@ -150,8 +150,8 @@ public function actionparticipants()
     }
 
     /**
-     * Add token back to the survey (remove 'OptOut' status) and/or add participant back to the CPDB (remove from blacklist).
-     * The participant is only removed from the blacklist if the 'global' URL param is true and 'allowunblacklist' is enabled.
+     * Add token back to the survey (remove 'OptOut' status) and/or add participant back to the CPDB (remove from blocklist).
+     * The participant is only removed from the blocklist if the 'global' URL param is true and 'allowunblacklist' is enabled.
      */
     public function actionaddtokens()
     {
@@ -199,7 +199,7 @@ public function actionaddtokens()
             } else {
                 $message = gT('You have been already removed from this survey.');
             }
-            // If the $global param is true and 'allowunblacklist' is enabled, remove from the blacklist
+            // If the $global param is true and 'allowunblacklist' is enabled, remove from the blocklist
             if ($global && Yii::app()->getConfig('allowunblacklist') == "Y") {
                 $blacklistHandler = new LimeSurvey\Models\Services\ParticipantBlacklistHandler();
                 $blacklistResult = $blacklistHandler->removeFromBlacklist($token);

application/controllers/OptoutController.php

@@ -37,7 +37,7 @@ public function actiontokens()
         Yii::app()->loadHelper('database');
         Yii::app()->loadHelper('sanitize');
 
-        //IF there is no survey id, redirect back to the default public page
+        //IF there is no survey ID, redirect back to the default public page
         if (!$iSurveyID) {
             $this->redirect(array('/'));
         }
@@ -85,7 +85,7 @@ public function actionparticipants()
         Yii::app()->loadHelper('database');
         Yii::app()->loadHelper('sanitize');
 
-        //IF there is no survey id, redirect back to the default public page
+        //IF there is no survey ID, redirect back to the default public page
         if (!$surveyId) {
             $this->redirect(array('/'));
         }
@@ -149,7 +149,7 @@ public function actionremovetokens()
         Yii::app()->loadHelper('database');
         Yii::app()->loadHelper('sanitize');
 
-        // If there is no survey id, redirect back to the default public page
+        // If there is no survey ID, redirect back to the default public page
         if (!$surveyId) {
             $this->redirect(['/']);
         }

application/controllers/QuestionAdministrationController.php

@@ -316,7 +316,7 @@ public function actionListQuestions($surveyid, $landOnSideMenuTab = 'settings')
         if (!in_array($landOnSideMenuTab, ['settings', 'structure', ''])) {
             $landOnSideMenuTab = 'settings';
         }
-        // Reinit LEMlang and LEMsid: ensure LEMlang are set to default lang, surveyid are set to this survey id
+        // Reinit LEMlang and LEMsid: ensure LEMlang are set to default lang, surveyid are set to this survey ID
         // Ensure Last GetLastPrettyPrintExpression get info from this sid and default lang
         LimeExpressionManager::SetEMLanguage(Survey::model()->findByPk($iSurveyID)->language);
         LimeExpressionManager::SetSurveyId($iSurveyID);
@@ -358,7 +358,7 @@ public function actionListQuestions($surveyid, $landOnSideMenuTab = 'settings')
             App()->user->setState('pageSize', (int) $_GET['pageSize']);
         }
         $aData['pageSize'] = App()->user->getState('pageSize', App()->params['defaultPageSize']);
-        // We filter the current survey id
+        // We filter the current survey ID
         $questionModel->sid = $oSurvey->sid;
         $aData['questionModel'] = $questionModel;
 
@@ -712,7 +712,7 @@ public function actionGetSubquestionRowForAllLanguages($surveyid, $gid, $codes,
     {
         $oSurvey = Survey::model()->findByPk($surveyid);
         if (empty($oSurvey)) {
-            throw new CHttpException(404, gT("Invalid survey id"));
+            throw new CHttpException(404, gT("Invalid survey ID"));
         }
         if (!Permission::model()->hasSurveyPermission($oSurvey->sid, 'surveycontent', 'update')) {
             throw new CHttpException(403, gT("No permission"));
@@ -784,7 +784,7 @@ public function actionGetAnswerOptionRowForAllLanguages($surveyid, $gid, $codes,
     {
         $oSurvey = Survey::model()->findByPk($surveyid);
         if (empty($oSurvey)) {
-            throw new CHttpException(404, gT("Invalid survey id"));
+            throw new CHttpException(404, gT("Invalid survey ID"));
         }
         if (!Permission::model()->hasSurveyPermission($oSurvey->sid, 'surveycontent', 'update')) {
             throw new CHttpException(403, gT("No permission"));
@@ -1189,6 +1189,13 @@ public function actionImport()
             return;
         }
 
+        // If there are warnings, we don't jump to the question.
+        // We need to show the warnings to the user, and they may be too important
+        // and/or too many to be shown in a flash message.
+        if (!empty($aImportResults['importwarnings'])) {
+            $jumptoquestion = false;
+        }
+
         unlink($sFullFilepath);
 
         $aData['aImportResults'] = $aImportResults;
@@ -1374,8 +1381,8 @@ public function actionDelete($qid = null, $massAction = false, $redirectTo = nul
             $qid = Yii::app()->getRequest()->getPost('qid');
         }
 
-        // @todo: request should specify the survey id of the question to be deleted
-        // - survey id is verified before deletion
+        // @todo: request should specify the survey ID of the question to be deleted
+        // - survey ID is verified before deletion
         $oQuestion = Question::model()->findByPk($qid);
         $surveyid = $oQuestion->sid;
 
@@ -2015,7 +2022,7 @@ protected function isValidCSSClass($class)
      *
      * @param array $aQids All question id's affected
      * @param string $sOther the "other" value 'Y' or 'N'
-     * @param int $iSid survey id
+     * @param int $iSid survey ID
      */
     public static function setMultipleQuestionOtherState($aQids, $sOther, $iSid)
     {
@@ -2035,7 +2042,7 @@ public static function setMultipleQuestionOtherState($aQids, $sOther, $iSid)
      *
      * @param array $aQids All question id's affected
      * @param string $sMandatory The mandatory va
-     * @param int $iSid survey id
+     * @param int $iSid survey ID
      */
     public static function setMultipleQuestionMandatoryState($aQids, $sMandatory, $iSid)
     {
@@ -2602,7 +2609,7 @@ public function actionCheckQuestionValidateTitle($sid, int $qid, string $code)
 
         $survey = Survey::model()->findByPk($sid);
         if (empty($survey)) {
-            throw new CHttpException(404, gT("Invalid survey id"));
+            throw new CHttpException(404, gT("Invalid survey ID"));
         }
         if ($qid) {
             $oQuestion = Question::model()->findByAttributes(['qid' => $qid, 'sid' => $sid]);

application/controllers/QuestionGroupsAdministrationController.php

@@ -80,7 +80,7 @@ protected function beforeRender($view)
     /**
      * Renders the html for the question group view.
      *
-     * @param int $surveyid    survey id is important here for new questiongroups without groupid
+     * @param int $surveyid    survey ID is important here for new questiongroups without groupid
      * @param int $gid
      * @param string $landOnSideMenuTab
      * @param string $mode  either 'overview' or 'auto'. The 'overview' mode ignores the 'noViewMode' user setting
@@ -150,7 +150,7 @@ public function actionView(int $surveyid, int $gid, $landOnSideMenuTab = 'struct
     /**
      * Renders the html for the question group edit.
      *
-     * @param int $surveyid    survey id is important here if group does not exist
+     * @param int $surveyid    survey ID is important here if group does not exist
      * @param int $gid
      * @param string $landOnSideMenuTab
      *
@@ -720,7 +720,7 @@ private function getQuestionGroupServiceClass()
     }
 
     /**
-     * Sets survey id and object into passed array
+     * Sets survey ID and object into passed array
      * @param array $aData
      * @return array
      */

application/controllers/QuotasController.php

@@ -116,7 +116,7 @@ public function actionQuickCSVReport($surveyid)
         if (!empty($oSurvey->quotas)) {
             foreach ($oSurvey->quotas as $oQuota) {
                 $completed = $oQuota->completeCount;
-                echo $oQuota->name . "," . $oQuota->qlimit . "," .
+                echo csvEscape($oQuota->name) . "," . $oQuota->qlimit . "," .
                     $completed . "," . ($oQuota->qlimit - $completed) . "\r\n";
             }
         }

application/controllers/RegisterController.php

@@ -187,7 +187,7 @@ public function getRegisterErrors($iSurveyId)
     /**
      * Creates the array for the registration success page
      *
-     * @param Integer $iSurveyId The survey id
+     * @param Integer $iSurveyId The survey ID
      * @param Integer $iTokenId The token id
      *
      * @return array The rendereable array
@@ -325,7 +325,7 @@ public function getTokenId($iSurveyId)
             if ($oToken->usesleft < 1 && $aSurveyInfo['alloweditaftercompletion'] != 'Y') {
                 $this->aRegisterErrors[] = gT("The email address you have entered is already registered and the survey has been completed.");
             } elseif (strtolower(substr(trim((string) $oToken->emailstatus), 0, 6)) === "optout") {
-                // And global blacklisting ?
+                // And global blocklisting ?
                 {
                 $this->aRegisterErrors[] = gT("This email address cannot be used because it was opted out of this survey.");
                 }
@@ -432,7 +432,7 @@ private function display($iSurveyId, $iTokenId, $registerContent)
         $this->aReplacementData['sMessage'] = $this->sMessage;
 
         $oTemplate = Template::model()->getInstance('', $iSurveyId);
-        $aSurveyInfo  =  getsurveyinfo($iSurveyId);
+        $aSurveyInfo  =  getsurveyinfo($iSurveyId, $sLanguage);
 
         if ($iTokenId !== null) {
             $aData['aSurveyInfo'] = self::getRegisterSuccess($iSurveyId, $iTokenId);