From de7707d700d1304110eca1e12fd22b3aa1d011b7 Mon Sep 17 00:00:00 2001
From: Denis Chenu <denis@sondages.pro>
Date: Wed, 4 Sep 2019 11:11:05 +0200
Subject: [PATCH] Fixed issue #15221: unable to send mail to participants -
 apache handler error 403 Dev: security must check only user request Dev: fix
 invalid sid param in quota

---
 application/core/Survey_Common_Action.php         | 7 ++++---
 application/views/admin/quotas/newanswer_view.php | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/application/core/Survey_Common_Action.php b/application/core/Survey_Common_Action.php
index 39bebab04d1..ce4f01e9d23 100644
--- a/application/core/Survey_Common_Action.php
+++ b/application/core/Survey_Common_Action.php
@@ -121,15 +121,16 @@ private function _addPseudoParams($params)
             'browselang' => 'sBrowseLang',
             'tokenids' => 'aTokenIds',
             'tokenid' => 'iTokenId',
-            'subaction' => 'sSubAction',
+            'subaction' => 'sSubAction', // /!\ Already filled by sa : can be different (usage of subaction in quota at 2019-09-04)
         );
-
         // Foreach pseudo, take the key, if it exists,
         // Populate the values (taken as an array) as keys in params
         // with that key's value in the params
         // Chek is 2 params are equal for security issue.
         foreach ($pseudos as $key => $pseudo) {
-            if (isset($params[$key])) {
+            // We care only for user parameters, not by code parameters (see issue #15221)
+            if (Yii::app()->getRequest()->getParam($key)) {
+                $params[$key] = Yii::app()->getRequest()->getParam($key);
                 $pseudo = (array) $pseudo;
                 foreach ($pseudo as $pseud) {
                     if (empty($params[$pseud])) {
diff --git a/application/views/admin/quotas/newanswer_view.php b/application/views/admin/quotas/newanswer_view.php
index 3028c7b0923..6db83048404 100644
--- a/application/views/admin/quotas/newanswer_view.php
+++ b/application/views/admin/quotas/newanswer_view.php
@@ -4,7 +4,7 @@
 ?>
 
 <div class='side-body <?php echo getSideBodyClass(false); ?>'>
-    <div class="row">                             
+    <div class="row">
         <div class="col-lg-8 content-right">
             <h3>
                 <?php eT("Survey quota");?>: <?php eT("Add answer");?>
@@ -34,7 +34,7 @@
                                 <input name="submit" type="submit" class="submit btn btn-default" value="<?php eT("Next");?>" />
                             </div>
                         </div>
-                        <input type="hidden" name="sid" value="'.$iSurveyId.'" />
+                        <input type="hidden" name="sid" value="<?php echo $iSurveyId;?>" />
                         <input type="hidden" name="action" value="quotas" />
                         <input type="hidden" name="subaction" value="new_answer_two" />
                         <input type="hidden" name="quota_id" value="<?php echo sanitize_int($oQuota->id);?>" />