/**
* Function responsible to save the changes made in CodemMirror editor.
*
* @access public
* @return void
*/
public function templatesavechanges()
{
if (!Permission::model()->hasGlobalPermission('templates', 'update')) {
die('No permission');
}
if (returnGlobal('changes')) {
$changedtext = returnGlobal('changes');
$changedtext = str_replace('<?', '', $changedtext);
if (get_magic_quotes_gpc()) {
$changedtext = stripslashes($changedtext);
}
}
if (returnGlobal('changes_cp')) {
$changedtext = returnGlobal('changes_cp');
$changedtext = str_replace('<?', '', $changedtext);
if (get_magic_quotes_gpc()) {
$changedtext = stripslashes($changedtext);
}
}
$action = returnGlobal('action');
//$editfile = sanitize_filename(returnGlobal('editfile'));
$editfile = returnGlobal('editfile');
$sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename'));
$editfileindex = App()->request->getPost('editfileindex');
$useindex = App()->request->getPost('useindex');
$screenname = returnGlobal('screenname');
global $oEditedTemplate;
$oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName);
$files = $this->_initfiles($sTemplateName);
$cssfiles = $this->_initcssfiles($oEditedTemplate);
$jsfiles = $this->_getEditableJsFiles($oEditedTemplate);
if ($action == "templatesavechanges" && $changedtext) {
Yii::app()->loadHelper('admin/template');
$changedtext = str_replace("\r\n", "\n", $changedtext);
if ($editfile) {
// Check if someone tries to submit a file other than one of the allowed filenames
if (multiarray_search($files, 'name', $editfile) === false && multiarray_search($cssfiles, 'name', $editfile) === false && multiarray_search($jsfiles, 'name', $editfile) === false) {
Yii::app()->user->setFlash('error', gT('Invalid template name'));
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
$savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile);
if (is_writable($savefilename)) {
if (!($handle = fopen($savefilename, 'w'))) {
Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename);
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
if (!fwrite($handle, $changedtext)) {
Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename);
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
fclose($handle);
} else {
Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable");
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
}
}
// 'admin/templates/sa/view/editfile/'.$_GET['editfile'].'/screenname/'.$screenname.'/templatename/'.$sTemplateName.'/useindex/'.$_GET['useindex'];
//echo "admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName;
//die("OK");
//$this->getController()->redirect(array("admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName));
$this->getController()->redirect(array('admin/templates/sa/view/editfile/' . $editfileindex . '/screenname/' . $screenname . '/templatename/' . $sTemplateName . '/useindex/' . $useindex));
}
/**
* filterTemplateSave to fix some template name
*/
public function filterTemplateSave($sTemplateName)
{
if (!Permission::model()->hasTemplatePermission($sTemplateName)) {
if (!$this->isNewRecord) {
$oSurvey = self::model()->findByPk($this->sid);
if ($oSurvey->template != $sTemplateName) {
// No need to test !is_null($oSurvey)
$sTemplateName = Yii::app()->getConfig('defaulttemplate');
}
} else {
$sTemplateName = Yii::app()->getConfig('defaulttemplate');
}
}
return Template::templateNameFilter($sTemplateName);
}
$aSettingsUpdate['updateavailable'] = array('type' => 'info', 'label' => sprintf(gT('There was an error on update check (%s)'), $updateinfo['errorcode']), 'content' => CHtml::tag('pre', array(), strip_tags($updateinfo['errorhtml'])));
} elseif ($updatable) {
$aSettingsUpdate['updateavailable'] = array('type' => 'info', 'content' => gT('There is currently no newer LimeSurvey version available.'));
} else {
$aSettingsUpdate['updateavailable'] = array('type' => 'info', 'content' => sprintf(gT('This is an unstable version and cannot be updated using ComfortUpdate. Please check %s regularly for a newer version.'), CHtml::link(gT("our website"), "http://www.limesurvey.org")));
}
$this->widget('ext.SettingsWidget.SettingsWidget', array('title' => gt("Updates"), 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => $aSettingsUpdate));
?>
</div>
<?php
// General seetings in one part
// Preparing array
$aTemplateNames = array_keys(getTemplateList());
$aAdminThemes = array_keys(getAdminThemeList());
$dateformatdata = getDateFormatData(Yii::app()->session['dateformat']);
$aGeneralSettings = array('info_general' => array(), 'sitename' => array('type' => 'string', 'label' => gT("Site name") . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'current' => getGlobalSetting('sitename'), 'htmlOptions' => array('readonly' => $bDemoMode)), 'defaulttemplate' => array('type' => 'select', 'label' => gT('Default template') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array_combine($aTemplateNames, $aTemplateNames), 'current' => Template::templateNameFilter(getGlobalSetting('defaulttemplate'))), 'admintheme' => array('type' => 'select', 'label' => gT('Administration template') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array_combine($aAdminThemes, $aAdminThemes), 'current' => getGlobalSetting('admintheme')), 'defaulthtmleditormode' => array('type' => 'select', 'label' => gT('Default HTML editor mode') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('none' => gT("No HTML editor", 'unescaped'), 'inline' => gT("Inline HTML editor (default)", 'unescaped'), 'popup' => gT("Popup HTML editor", 'unescaped')), 'current' => getGlobalSetting('defaulthtmleditormode')), 'defaultquestionselectormode' => array('type' => 'select', 'label' => gT('Question type selector') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('default' => gT("Full selector (default)", 'unescaped'), 'none' => gT("Simple selector", 'unescaped')), 'current' => getGlobalSetting('defaultquestionselectormode')), 'defaulttemplateeditormode' => array('type' => 'select', 'label' => gT('Template editor') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('default' => gT("Full template editor (default)", 'unescaped'), 'none' => gT("Simple template editor", 'unescaped')), 'current' => getGlobalSetting('defaulttemplateeditormode')), 'timeadjust' => array('type' => 'float', 'label' => gt("Time difference (in hours)"), 'current' => str_replace(array('+', ' hours', ' minutes'), array('', '', ''), getGlobalSetting('timeadjust')) / 60, 'help' => sprintf(gT("Server time: %s - Corrected time: %s"), convertDateTimeFormat(date('Y-m-d H:i:s'), 'Y-m-d H:i:s', $dateformatdata['phpdate'] . ' H:i'), convertDateTimeFormat(dateShift(date("Y-m-d H:i:s"), 'Y-m-d H:i:s', getGlobalSetting('timeadjust')), 'Y-m-d H:i:s', $dateformatdata['phpdate'] . ' H:i'))), 'iSessionExpirationTime' => array(), 'GeoNamesUsername' => array('type' => 'string', 'label' => 'GeoNames username for API', 'current' => getGlobalSetting('GeoNamesUsername'), 'htmlOptions' => array('size' => '35')), 'googleMapsAPIKey' => array('type' => 'string', 'label' => 'Google Maps API key', 'current' => getGlobalSetting('googleMapsAPIKey'), 'htmlOptions' => array('size' => '35')), 'ipInfoDbAPIKey' => array('type' => 'string', 'label' => 'IP Info DB API Key', 'current' => getGlobalSetting('ipInfoDbAPIKey'), 'htmlOptions' => array('size' => '35')), 'googleanalyticsapikey' => array('type' => 'string', 'label' => 'Google Analytics API key', 'current' => getGlobalSetting('googleanalyticsapikey'), 'htmlOptions' => array('size' => '35')), 'googletranslateapikey' => array('type' => 'string', 'label' => 'Google Translate API key', 'current' => getGlobalSetting('googletranslateapikey'), 'htmlOptions' => array('size' => '35')));
if (isset(Yii::app()->session->connectionID)) {
$aGeneralSettings["iSessionExpirationTime"] = array('type' => 'int', 'label' => 'Session lifetime for surveys (seconds)', 'current' => getGlobalSetting('iSessionExpirationTime'), 'htmlOptions' => array('style' => 'width:10em', 'min' => 1));
}
if ($bDemoMode) {
$aGeneralSettings['info_general'] = array('type' => 'info', 'class' => 'alert', 'label' => gt("Note"), 'content' => gt("Demo mode is activated. Some settings can't be changed."));
}
$this->widget('ext.SettingsWidget.SettingsWidget', array('id' => 'general', 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => $aGeneralSettings));
?>
<div id='email'>
<?php
// Email in 2 part : User and SMTP
$this->widget('ext.SettingsWidget.SettingsWidget', array('form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => array('siteadminemail' => array('type' => 'email', 'label' => gt("Default site admin email"), 'current' => getGlobalSetting('siteadminemail'), 'htmlOptions' => array('size' => '50')), 'siteadminname' => array('type' => 'string', 'label' => gt("Administrator name"), 'current' => getGlobalSetting('siteadminname'), 'htmlOptions' => array('size' => '50')))));
$this->widget('ext.SettingsWidget.SettingsWidget', array('title' => gt("SMTP configuration"), 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => array('emailmethod' => array('type' => 'select', 'label' => gt("Email method"), 'options' => array('mail' => gT("PHP (default)", 'unescaped'), 'smtp' => gT("SMTP", 'unescaped'), 'sendmail' => gT("Sendmail", 'unescaped'), 'qmail' => gT("Qmail", 'unescaped')), 'current' => getGlobalSetting('emailmethod')), 'emailsmtphost' => array('type' => 'string', 'class' => array('smtp-on'), 'label' => gt("SMTP host"), 'current' => getGlobalSetting('emailsmtphost'), 'htmlOptions' => array('size' => '50'), 'help' => gT("Enter your hostname and port, e.g.: my.smtp.com:25")), 'emailsmtpuser' => array('type' => 'string', 'class' => array('smtp-on'), 'label' => gt("SMTP username"), 'current' => getGlobalSetting('emailsmtpuser'), 'htmlOptions' => array('size' => '50')), 'emailsmtppassword' => array('type' => 'password', 'class' => array('smtp-on'), 'label' => gt("SMTP password"), 'current' => getGlobalSetting('emailsmtppassword'), 'htmlOptions' => array('size' => '50')), 'emailsmtpssl' => array('type' => 'select', 'class' => array('smtp-on'), 'label' => gt("SMTP SSL/TLS"), 'options' => array('' => gT("Off", 'unescaped'), 'ssl' => gT("SSL", 'unescaped'), 'tls' => gT("TLS", 'unescaped')), 'current' => getGlobalSetting('emailsmtpssl'), 'htmlOptions' => array('size' => '50')), 'emailsmtpdebug' => array('type' => 'select', 'label' => gt("SMTP debug mode"), 'options' => array('0' => gT("Off", 'unescaped'), '1' => gT("On errors", 'unescaped'), '2' => gT("Always", 'unescaped')), 'current' => getGlobalSetting('emailsmtpdebug'), 'htmlOptions' => array('size' => '50')), 'maxemails' => array('type' => 'int', 'label' => gt("Email batch size"), 'current' => getGlobalSetting('maxemails'), 'htmlOptions' => array('min' => '1', 'style' => 'width:5em')))));
?>
'current'=>getGlobalSetting('sitename'),
'htmlOptions'=>array(
'readonly'=>$bDemoMode,
),
),
'defaulttemplate'=>array(
'type'=>'select',
'label'=>gT('Default template').$sStringDemoMode,
'labelOptions'=>array(
'class'=>$sClassDemoMode,
),
'htmlOptions'=>array(
'readonly'=>$bDemoMode,
),
'options'=>array_combine($aTemplateNames,$aTemplateNames),
'current'=>Template::templateNameFilter(getGlobalSetting('defaulttemplate')),
),
'admintheme'=>array(
'type'=>'select',
'label'=>gT('Administration template').$sStringDemoMode,
'labelOptions'=>array(
'class'=>$sClassDemoMode,
),
'htmlOptions'=>array(
'readonly'=>$bDemoMode,
),
'options'=>array_combine($aAdminThemes,$aAdminThemes),
'current'=>getGlobalSetting('admintheme'),
),
'defaulthtmleditormode'=>array(
'type'=>'select',
/**
* Function responsible to save the changes made in CodemMirror editor.
*
* @access public
* @return void
*/
public function templatesavechanges()
{
if (!Permission::model()->hasGlobalPermission('templates', 'update')) {
die('No permission');
}
if (returnGlobal('changes')) {
$changedtext = returnGlobal('changes');
$changedtext = str_replace('<?', '', $changedtext);
if (get_magic_quotes_gpc()) {
$changedtext = stripslashes($changedtext);
}
}
if (returnGlobal('changes_cp')) {
$changedtext = returnGlobal('changes_cp');
$changedtext = str_replace('<?', '', $changedtext);
if (get_magic_quotes_gpc()) {
$changedtext = stripslashes($changedtext);
}
}
$action = returnGlobal('action');
$editfile = returnGlobal('editfile');
$sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename'));
$screenname = returnGlobal('screenname');
$oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName);
$aScreenFiles = $this->getValidScreenFiles($sTemplateName);
$cssfiles = $this->_initcssfiles($oEditedTemplate);
$jsfiles = $this->_getEditableJsFiles($oEditedTemplate);
if ($action == "templatesavechanges" && $changedtext) {
Yii::app()->loadHelper('admin/template');
$changedtext = str_replace("\r\n", "\n", $changedtext);
if ($editfile) {
// Check if someone tries to submit a file other than one of the allowed filenames
if (in_array($editfile, $aScreenFiles) === false && in_array($editfile, $cssfiles) === false && in_array($editfile, $jsfiles) === false) {
Yii::app()->user->setFlash('error', gT('Invalid template name'));
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
$savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile);
if (is_writable($savefilename)) {
if (!($handle = fopen($savefilename, 'w'))) {
Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename);
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
if (!fwrite($handle, $changedtext)) {
Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename);
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
$oEditedTemplate->actualizeLastUpdate();
fclose($handle);
} else {
Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable");
$this->getController()->redirect(array("admin/templates/sa/upload"));
}
}
}
$this->getController()->redirect(array('admin/templates/', 'sa' => 'view', 'editfile' => $editfile, 'screenname' => $screenname, 'templatename' => $sTemplateName));
}
private function _saveSettings()
{
if (App()->request->getPost('action') !== "save" && App()->request->getPost('action') !== "savequit") {
return;
}
if (!Permission::model()->hasGlobalPermission('settings', 'update')) {
$this->getController()->redirect(array('/admin'));
}
Yii::app()->loadHelper('surveytranslator');
$iPDFFontSize = sanitize_int(App()->request->getPost('pdffontsize'));
if ($iPDFFontSize < 1) {
$iPDFFontSize = 9;
}
$iPDFLogoWidth = sanitize_int(App()->request->getPost('pdflogowidth'));
if ($iPDFLogoWidth < 1) {
$iPDFLogoWidth = 50;
}
$maxemails = (int) App()->request->getPost('maxemails');
if ($maxemails < 1) {
$maxemails = 1;
}
$defaultlang = sanitize_languagecode(App()->request->getPost('defaultlang'));
$aRestrictToLanguages = App()->request->getPost('restrictToLanguages', array());
if (!in_array($defaultlang, $aRestrictToLanguages)) {
// Force default language in restrictToLanguages
$aRestrictToLanguages[] = $defaultlang;
}
if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) {
$aRestrictToLanguages = '';
} else {
$aRestrictToLanguages = implode(' ', $aRestrictToLanguages);
}
setGlobalSetting('defaultlang', $defaultlang);
setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages));
setGlobalSetting('sitename', strip_tags(App()->request->getPost('sitename')));
setGlobalSetting('updatecheckperiod', (int) App()->request->getPost('updatecheckperiod'));
setGlobalSetting('updatenotification', strip_tags(App()->request->getPost('updatenotification')));
setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string(App()->request->getPost('defaulthtmleditormode')));
setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string(App()->request->getPost('defaultquestionselectormode')));
setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string(App()->request->getPost('defaulttemplateeditormode')));
if (!Yii::app()->getConfig('demoMode')) {
setGlobalSetting('defaulttemplate', Template::templateNameFilter(App()->request->getPost('defaulttemplate')));
}
$sAdminTheme = sanitize_paranoid_string(App()->request->getPost('admintheme'));
setGlobalSetting('admintheme', $sAdminTheme);
setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . $sAdminTheme . DIRECTORY_SEPARATOR . 'iconsize')));
setGlobalSetting('emailmethod', strip_tags(App()->request->getPost('emailmethod')));
setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost')));
if (returnGlobal('emailsmtppassword') != 'somepassword') {
setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword')));
}
setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost')));
setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype')));
setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption')));
setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser')));
if (returnGlobal('bounceaccountpass') != 'enteredpassword') {
setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass')));
}
setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', '')));
setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0')));
setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser')));
setGlobalSetting('filterxsshtml', strip_tags(App()->request->getPost('filterxsshtml')));
// make sure emails are valid before saving them
if (Yii::app()->request->getPost('siteadminbounce', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminbounce'))) {
setGlobalSetting('siteadminbounce', strip_tags(Yii::app()->request->getPost('siteadminbounce')));
} else {
Yii::app()->setFlashMessage(gT("Warning! Admin bounce email was not saved because it was not valid."), 'error');
}
if (Yii::app()->request->getPost('siteadminemail', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminemail'))) {
setGlobalSetting('siteadminemail', strip_tags(Yii::app()->request->getPost('siteadminemail')));
} else {
Yii::app()->setFlashMessage(gT("Warning! Admin email was not saved because it was not valid."), 'error');
}
setGlobalSetting('siteadminname', strip_tags(App()->request->getPost('siteadminname')));
setGlobalSetting('shownoanswer', sanitize_int(App()->request->getPost('shownoanswer')));
setGlobalSetting('showxquestions', App()->request->getPost('showxquestions'));
setGlobalSetting('showgroupinfo', App()->request->getPost('showgroupinfo'));
setGlobalSetting('showqnumcode', App()->request->getPost('showqnumcode'));
$repeatheadingstemp = (int) App()->request->getPost('repeatheadings');
if ($repeatheadingstemp <= 0) {
$repeatheadingstemp = 25;
}
setGlobalSetting('repeatheadings', $repeatheadingstemp);
setGlobalSetting('maxemails', sanitize_int($maxemails));
$iSessionExpirationTime = (int) App()->request->getPost('iSessionExpirationTime', getGlobalSetting('iSessionExpirationTime'));
// If not in post : don't replace it
if ($iSessionExpirationTime <= 0) {
$iSessionExpirationTime = 7200;
}
setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime);
setGlobalSetting('GeoNamesUsername', App()->request->getPost('GeoNamesUsername'));
setGlobalSetting('googleMapsAPIKey', App()->request->getPost('googleMapsAPIKey'));
setGlobalSetting('ipInfoDbAPIKey', App()->request->getPost('ipInfoDbAPIKey'));
setGlobalSetting('pdffontsize', $iPDFFontSize);
setGlobalSetting('pdfshowheader', App()->request->getPost('pdfshowheader'));
setGlobalSetting('pdflogowidth', $iPDFLogoWidth);
setGlobalSetting('pdfheadertitle', App()->request->getPost('pdfheadertitle'));
setGlobalSetting('pdfheaderstring', App()->request->getPost('pdfheaderstring'));
setGlobalSetting('googleanalyticsapikey', App()->request->getPost('googleanalyticsapikey'));
setGlobalSetting('googletranslateapikey', App()->request->getPost('googletranslateapikey'));
setGlobalSetting('force_ssl', App()->request->getPost('force_ssl'));
setGlobalSetting('surveyPreview_require_Auth', App()->request->getPost('surveyPreview_require_Auth'));
setGlobalSetting('RPCInterface', App()->request->getPost('RPCInterface'));
setGlobalSetting('rpc_publish_api', (bool) App()->request->getPost('rpc_publish_api'));
$savetime = (double) App()->request->getPost('timeadjust') * 60 . ' minutes';
//makes sure it is a number, at least 0
if (substr($savetime, 0, 1) != '-' && substr($savetime, 0, 1) != '+') {
$savetime = '+' . $savetime;
}
setGlobalSetting('timeadjust', $savetime);
setGlobalSetting('usercontrolSameGroupPolicy', strip_tags(App()->request->getPost('usercontrolSameGroupPolicy')));
Yii::app()->setFlashMessage(gT("Global settings were saved."));
if (App()->request->getPost('action') == "savequit") {
$url = htmlspecialchars_decode(Yii::app()->session['refurl']);
if ($url) {
Yii::app()->getController()->redirect($url);
}
}
}
