/** * Function responsible to save the changes made in CodemMirror editor. * * @access public * @return void */ public function templatesavechanges() { if (!Permission::model()->hasGlobalPermission('templates', 'update')) { die('No permission'); } if (returnGlobal('changes')) { $changedtext = returnGlobal('changes'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } if (returnGlobal('changes_cp')) { $changedtext = returnGlobal('changes_cp'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } $action = returnGlobal('action'); //$editfile = sanitize_filename(returnGlobal('editfile')); $editfile = returnGlobal('editfile'); $sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename')); $editfileindex = App()->request->getPost('editfileindex'); $useindex = App()->request->getPost('useindex'); $screenname = returnGlobal('screenname'); global $oEditedTemplate; $oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName); $files = $this->_initfiles($sTemplateName); $cssfiles = $this->_initcssfiles($oEditedTemplate); $jsfiles = $this->_getEditableJsFiles($oEditedTemplate); if ($action == "templatesavechanges" && $changedtext) { Yii::app()->loadHelper('admin/template'); $changedtext = str_replace("\r\n", "\n", $changedtext); if ($editfile) { // Check if someone tries to submit a file other than one of the allowed filenames if (multiarray_search($files, 'name', $editfile) === false && multiarray_search($cssfiles, 'name', $editfile) === false && multiarray_search($jsfiles, 'name', $editfile) === false) { Yii::app()->user->setFlash('error', gT('Invalid template name')); $this->getController()->redirect(array("admin/templates/sa/upload")); } $savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile); if (is_writable($savefilename)) { if (!($handle = fopen($savefilename, 'w'))) { Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } if (!fwrite($handle, $changedtext)) { Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } fclose($handle); } else { Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable"); $this->getController()->redirect(array("admin/templates/sa/upload")); } } } // 'admin/templates/sa/view/editfile/'.$_GET['editfile'].'/screenname/'.$screenname.'/templatename/'.$sTemplateName.'/useindex/'.$_GET['useindex']; //echo "admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName; //die("OK"); //$this->getController()->redirect(array("admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName)); $this->getController()->redirect(array('admin/templates/sa/view/editfile/' . $editfileindex . '/screenname/' . $screenname . '/templatename/' . $sTemplateName . '/useindex/' . $useindex)); }
/** * filterTemplateSave to fix some template name */ public function filterTemplateSave($sTemplateName) { if (!Permission::model()->hasTemplatePermission($sTemplateName)) { if (!$this->isNewRecord) { $oSurvey = self::model()->findByPk($this->sid); if ($oSurvey->template != $sTemplateName) { // No need to test !is_null($oSurvey) $sTemplateName = Yii::app()->getConfig('defaulttemplate'); } } else { $sTemplateName = Yii::app()->getConfig('defaulttemplate'); } } return Template::templateNameFilter($sTemplateName); }
$aSettingsUpdate['updateavailable'] = array('type' => 'info', 'label' => sprintf(gT('There was an error on update check (%s)'), $updateinfo['errorcode']), 'content' => CHtml::tag('pre', array(), strip_tags($updateinfo['errorhtml']))); } elseif ($updatable) { $aSettingsUpdate['updateavailable'] = array('type' => 'info', 'content' => gT('There is currently no newer LimeSurvey version available.')); } else { $aSettingsUpdate['updateavailable'] = array('type' => 'info', 'content' => sprintf(gT('This is an unstable version and cannot be updated using ComfortUpdate. Please check %s regularly for a newer version.'), CHtml::link(gT("our website"), "http://www.limesurvey.org"))); } $this->widget('ext.SettingsWidget.SettingsWidget', array('title' => gt("Updates"), 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => $aSettingsUpdate)); ?> </div> <?php // General seetings in one part // Preparing array $aTemplateNames = array_keys(getTemplateList()); $aAdminThemes = array_keys(getAdminThemeList()); $dateformatdata = getDateFormatData(Yii::app()->session['dateformat']); $aGeneralSettings = array('info_general' => array(), 'sitename' => array('type' => 'string', 'label' => gT("Site name") . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'current' => getGlobalSetting('sitename'), 'htmlOptions' => array('readonly' => $bDemoMode)), 'defaulttemplate' => array('type' => 'select', 'label' => gT('Default template') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array_combine($aTemplateNames, $aTemplateNames), 'current' => Template::templateNameFilter(getGlobalSetting('defaulttemplate'))), 'admintheme' => array('type' => 'select', 'label' => gT('Administration template') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array_combine($aAdminThemes, $aAdminThemes), 'current' => getGlobalSetting('admintheme')), 'defaulthtmleditormode' => array('type' => 'select', 'label' => gT('Default HTML editor mode') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('none' => gT("No HTML editor", 'unescaped'), 'inline' => gT("Inline HTML editor (default)", 'unescaped'), 'popup' => gT("Popup HTML editor", 'unescaped')), 'current' => getGlobalSetting('defaulthtmleditormode')), 'defaultquestionselectormode' => array('type' => 'select', 'label' => gT('Question type selector') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('default' => gT("Full selector (default)", 'unescaped'), 'none' => gT("Simple selector", 'unescaped')), 'current' => getGlobalSetting('defaultquestionselectormode')), 'defaulttemplateeditormode' => array('type' => 'select', 'label' => gT('Template editor') . $sStringDemoMode, 'labelOptions' => array('class' => $sClassDemoMode), 'htmlOptions' => array('readonly' => $bDemoMode), 'options' => array('default' => gT("Full template editor (default)", 'unescaped'), 'none' => gT("Simple template editor", 'unescaped')), 'current' => getGlobalSetting('defaulttemplateeditormode')), 'timeadjust' => array('type' => 'float', 'label' => gt("Time difference (in hours)"), 'current' => str_replace(array('+', ' hours', ' minutes'), array('', '', ''), getGlobalSetting('timeadjust')) / 60, 'help' => sprintf(gT("Server time: %s - Corrected time: %s"), convertDateTimeFormat(date('Y-m-d H:i:s'), 'Y-m-d H:i:s', $dateformatdata['phpdate'] . ' H:i'), convertDateTimeFormat(dateShift(date("Y-m-d H:i:s"), 'Y-m-d H:i:s', getGlobalSetting('timeadjust')), 'Y-m-d H:i:s', $dateformatdata['phpdate'] . ' H:i'))), 'iSessionExpirationTime' => array(), 'GeoNamesUsername' => array('type' => 'string', 'label' => 'GeoNames username for API', 'current' => getGlobalSetting('GeoNamesUsername'), 'htmlOptions' => array('size' => '35')), 'googleMapsAPIKey' => array('type' => 'string', 'label' => 'Google Maps API key', 'current' => getGlobalSetting('googleMapsAPIKey'), 'htmlOptions' => array('size' => '35')), 'ipInfoDbAPIKey' => array('type' => 'string', 'label' => 'IP Info DB API Key', 'current' => getGlobalSetting('ipInfoDbAPIKey'), 'htmlOptions' => array('size' => '35')), 'googleanalyticsapikey' => array('type' => 'string', 'label' => 'Google Analytics API key', 'current' => getGlobalSetting('googleanalyticsapikey'), 'htmlOptions' => array('size' => '35')), 'googletranslateapikey' => array('type' => 'string', 'label' => 'Google Translate API key', 'current' => getGlobalSetting('googletranslateapikey'), 'htmlOptions' => array('size' => '35'))); if (isset(Yii::app()->session->connectionID)) { $aGeneralSettings["iSessionExpirationTime"] = array('type' => 'int', 'label' => 'Session lifetime for surveys (seconds)', 'current' => getGlobalSetting('iSessionExpirationTime'), 'htmlOptions' => array('style' => 'width:10em', 'min' => 1)); } if ($bDemoMode) { $aGeneralSettings['info_general'] = array('type' => 'info', 'class' => 'alert', 'label' => gt("Note"), 'content' => gt("Demo mode is activated. Some settings can't be changed.")); } $this->widget('ext.SettingsWidget.SettingsWidget', array('id' => 'general', 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => $aGeneralSettings)); ?> <div id='email'> <?php // Email in 2 part : User and SMTP $this->widget('ext.SettingsWidget.SettingsWidget', array('form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => array('siteadminemail' => array('type' => 'email', 'label' => gt("Default site admin email"), 'current' => getGlobalSetting('siteadminemail'), 'htmlOptions' => array('size' => '50')), 'siteadminname' => array('type' => 'string', 'label' => gt("Administrator name"), 'current' => getGlobalSetting('siteadminname'), 'htmlOptions' => array('size' => '50'))))); $this->widget('ext.SettingsWidget.SettingsWidget', array('title' => gt("SMTP configuration"), 'form' => false, 'formHtmlOptions' => array('class' => 'form-core'), 'inlist' => true, 'settings' => array('emailmethod' => array('type' => 'select', 'label' => gt("Email method"), 'options' => array('mail' => gT("PHP (default)", 'unescaped'), 'smtp' => gT("SMTP", 'unescaped'), 'sendmail' => gT("Sendmail", 'unescaped'), 'qmail' => gT("Qmail", 'unescaped')), 'current' => getGlobalSetting('emailmethod')), 'emailsmtphost' => array('type' => 'string', 'class' => array('smtp-on'), 'label' => gt("SMTP host"), 'current' => getGlobalSetting('emailsmtphost'), 'htmlOptions' => array('size' => '50'), 'help' => gT("Enter your hostname and port, e.g.: my.smtp.com:25")), 'emailsmtpuser' => array('type' => 'string', 'class' => array('smtp-on'), 'label' => gt("SMTP username"), 'current' => getGlobalSetting('emailsmtpuser'), 'htmlOptions' => array('size' => '50')), 'emailsmtppassword' => array('type' => 'password', 'class' => array('smtp-on'), 'label' => gt("SMTP password"), 'current' => getGlobalSetting('emailsmtppassword'), 'htmlOptions' => array('size' => '50')), 'emailsmtpssl' => array('type' => 'select', 'class' => array('smtp-on'), 'label' => gt("SMTP SSL/TLS"), 'options' => array('' => gT("Off", 'unescaped'), 'ssl' => gT("SSL", 'unescaped'), 'tls' => gT("TLS", 'unescaped')), 'current' => getGlobalSetting('emailsmtpssl'), 'htmlOptions' => array('size' => '50')), 'emailsmtpdebug' => array('type' => 'select', 'label' => gt("SMTP debug mode"), 'options' => array('0' => gT("Off", 'unescaped'), '1' => gT("On errors", 'unescaped'), '2' => gT("Always", 'unescaped')), 'current' => getGlobalSetting('emailsmtpdebug'), 'htmlOptions' => array('size' => '50')), 'maxemails' => array('type' => 'int', 'label' => gt("Email batch size"), 'current' => getGlobalSetting('maxemails'), 'htmlOptions' => array('min' => '1', 'style' => 'width:5em'))))); ?>
'current'=>getGlobalSetting('sitename'), 'htmlOptions'=>array( 'readonly'=>$bDemoMode, ), ), 'defaulttemplate'=>array( 'type'=>'select', 'label'=>gT('Default template').$sStringDemoMode, 'labelOptions'=>array( 'class'=>$sClassDemoMode, ), 'htmlOptions'=>array( 'readonly'=>$bDemoMode, ), 'options'=>array_combine($aTemplateNames,$aTemplateNames), 'current'=>Template::templateNameFilter(getGlobalSetting('defaulttemplate')), ), 'admintheme'=>array( 'type'=>'select', 'label'=>gT('Administration template').$sStringDemoMode, 'labelOptions'=>array( 'class'=>$sClassDemoMode, ), 'htmlOptions'=>array( 'readonly'=>$bDemoMode, ), 'options'=>array_combine($aAdminThemes,$aAdminThemes), 'current'=>getGlobalSetting('admintheme'), ), 'defaulthtmleditormode'=>array( 'type'=>'select',
/** * Function responsible to save the changes made in CodemMirror editor. * * @access public * @return void */ public function templatesavechanges() { if (!Permission::model()->hasGlobalPermission('templates', 'update')) { die('No permission'); } if (returnGlobal('changes')) { $changedtext = returnGlobal('changes'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } if (returnGlobal('changes_cp')) { $changedtext = returnGlobal('changes_cp'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } $action = returnGlobal('action'); $editfile = returnGlobal('editfile'); $sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename')); $screenname = returnGlobal('screenname'); $oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName); $aScreenFiles = $this->getValidScreenFiles($sTemplateName); $cssfiles = $this->_initcssfiles($oEditedTemplate); $jsfiles = $this->_getEditableJsFiles($oEditedTemplate); if ($action == "templatesavechanges" && $changedtext) { Yii::app()->loadHelper('admin/template'); $changedtext = str_replace("\r\n", "\n", $changedtext); if ($editfile) { // Check if someone tries to submit a file other than one of the allowed filenames if (in_array($editfile, $aScreenFiles) === false && in_array($editfile, $cssfiles) === false && in_array($editfile, $jsfiles) === false) { Yii::app()->user->setFlash('error', gT('Invalid template name')); $this->getController()->redirect(array("admin/templates/sa/upload")); } $savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile); if (is_writable($savefilename)) { if (!($handle = fopen($savefilename, 'w'))) { Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } if (!fwrite($handle, $changedtext)) { Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } $oEditedTemplate->actualizeLastUpdate(); fclose($handle); } else { Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable"); $this->getController()->redirect(array("admin/templates/sa/upload")); } } } $this->getController()->redirect(array('admin/templates/', 'sa' => 'view', 'editfile' => $editfile, 'screenname' => $screenname, 'templatename' => $sTemplateName)); }
private function _saveSettings() { if (App()->request->getPost('action') !== "save" && App()->request->getPost('action') !== "savequit") { return; } if (!Permission::model()->hasGlobalPermission('settings', 'update')) { $this->getController()->redirect(array('/admin')); } Yii::app()->loadHelper('surveytranslator'); $iPDFFontSize = sanitize_int(App()->request->getPost('pdffontsize')); if ($iPDFFontSize < 1) { $iPDFFontSize = 9; } $iPDFLogoWidth = sanitize_int(App()->request->getPost('pdflogowidth')); if ($iPDFLogoWidth < 1) { $iPDFLogoWidth = 50; } $maxemails = (int) App()->request->getPost('maxemails'); if ($maxemails < 1) { $maxemails = 1; } $defaultlang = sanitize_languagecode(App()->request->getPost('defaultlang')); $aRestrictToLanguages = App()->request->getPost('restrictToLanguages', array()); if (!in_array($defaultlang, $aRestrictToLanguages)) { // Force default language in restrictToLanguages $aRestrictToLanguages[] = $defaultlang; } if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) { $aRestrictToLanguages = ''; } else { $aRestrictToLanguages = implode(' ', $aRestrictToLanguages); } setGlobalSetting('defaultlang', $defaultlang); setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages)); setGlobalSetting('sitename', strip_tags(App()->request->getPost('sitename'))); setGlobalSetting('updatecheckperiod', (int) App()->request->getPost('updatecheckperiod')); setGlobalSetting('updatenotification', strip_tags(App()->request->getPost('updatenotification'))); setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string(App()->request->getPost('defaulthtmleditormode'))); setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string(App()->request->getPost('defaultquestionselectormode'))); setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string(App()->request->getPost('defaulttemplateeditormode'))); if (!Yii::app()->getConfig('demoMode')) { setGlobalSetting('defaulttemplate', Template::templateNameFilter(App()->request->getPost('defaulttemplate'))); } $sAdminTheme = sanitize_paranoid_string(App()->request->getPost('admintheme')); setGlobalSetting('admintheme', $sAdminTheme); setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . $sAdminTheme . DIRECTORY_SEPARATOR . 'iconsize'))); setGlobalSetting('emailmethod', strip_tags(App()->request->getPost('emailmethod'))); setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost'))); if (returnGlobal('emailsmtppassword') != 'somepassword') { setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword'))); } setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost'))); setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype'))); setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption'))); setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser'))); if (returnGlobal('bounceaccountpass') != 'enteredpassword') { setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass'))); } setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', ''))); setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0'))); setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser'))); setGlobalSetting('filterxsshtml', strip_tags(App()->request->getPost('filterxsshtml'))); // make sure emails are valid before saving them if (Yii::app()->request->getPost('siteadminbounce', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminbounce'))) { setGlobalSetting('siteadminbounce', strip_tags(Yii::app()->request->getPost('siteadminbounce'))); } else { Yii::app()->setFlashMessage(gT("Warning! Admin bounce email was not saved because it was not valid."), 'error'); } if (Yii::app()->request->getPost('siteadminemail', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminemail'))) { setGlobalSetting('siteadminemail', strip_tags(Yii::app()->request->getPost('siteadminemail'))); } else { Yii::app()->setFlashMessage(gT("Warning! Admin email was not saved because it was not valid."), 'error'); } setGlobalSetting('siteadminname', strip_tags(App()->request->getPost('siteadminname'))); setGlobalSetting('shownoanswer', sanitize_int(App()->request->getPost('shownoanswer'))); setGlobalSetting('showxquestions', App()->request->getPost('showxquestions')); setGlobalSetting('showgroupinfo', App()->request->getPost('showgroupinfo')); setGlobalSetting('showqnumcode', App()->request->getPost('showqnumcode')); $repeatheadingstemp = (int) App()->request->getPost('repeatheadings'); if ($repeatheadingstemp <= 0) { $repeatheadingstemp = 25; } setGlobalSetting('repeatheadings', $repeatheadingstemp); setGlobalSetting('maxemails', sanitize_int($maxemails)); $iSessionExpirationTime = (int) App()->request->getPost('iSessionExpirationTime', getGlobalSetting('iSessionExpirationTime')); // If not in post : don't replace it if ($iSessionExpirationTime <= 0) { $iSessionExpirationTime = 7200; } setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime); setGlobalSetting('GeoNamesUsername', App()->request->getPost('GeoNamesUsername')); setGlobalSetting('googleMapsAPIKey', App()->request->getPost('googleMapsAPIKey')); setGlobalSetting('ipInfoDbAPIKey', App()->request->getPost('ipInfoDbAPIKey')); setGlobalSetting('pdffontsize', $iPDFFontSize); setGlobalSetting('pdfshowheader', App()->request->getPost('pdfshowheader')); setGlobalSetting('pdflogowidth', $iPDFLogoWidth); setGlobalSetting('pdfheadertitle', App()->request->getPost('pdfheadertitle')); setGlobalSetting('pdfheaderstring', App()->request->getPost('pdfheaderstring')); setGlobalSetting('googleanalyticsapikey', App()->request->getPost('googleanalyticsapikey')); setGlobalSetting('googletranslateapikey', App()->request->getPost('googletranslateapikey')); setGlobalSetting('force_ssl', App()->request->getPost('force_ssl')); setGlobalSetting('surveyPreview_require_Auth', App()->request->getPost('surveyPreview_require_Auth')); setGlobalSetting('RPCInterface', App()->request->getPost('RPCInterface')); setGlobalSetting('rpc_publish_api', (bool) App()->request->getPost('rpc_publish_api')); $savetime = (double) App()->request->getPost('timeadjust') * 60 . ' minutes'; //makes sure it is a number, at least 0 if (substr($savetime, 0, 1) != '-' && substr($savetime, 0, 1) != '+') { $savetime = '+' . $savetime; } setGlobalSetting('timeadjust', $savetime); setGlobalSetting('usercontrolSameGroupPolicy', strip_tags(App()->request->getPost('usercontrolSameGroupPolicy'))); Yii::app()->setFlashMessage(gT("Global settings were saved.")); if (App()->request->getPost('action') == "savequit") { $url = htmlspecialchars_decode(Yii::app()->session['refurl']); if ($url) { Yii::app()->getController()->redirect($url); } } }