function getGlobalSetting($settingname) { $dbvalue = Yii::app()->getConfig($settingname); if ($dbvalue === false) { $dbvalue = SettingGlobal::model()->findByPk($settingname); if ($dbvalue === null) { Yii::app()->setConfig($settingname, null); $dbvalue = ''; } else { $dbvalue = $dbvalue->getAttribute('stg_value'); } if (Yii::app()->getConfig($settingname) !== false) { // If the setting was not found in the setting table but exists as a variable (from config.php) // get it and save it to the table setGlobalSetting($settingname, Yii::app()->getConfig($settingname)); $dbvalue = Yii::app()->getConfig($settingname); } } return $dbvalue; }
function step4() { $clang = $this->getController()->lang; $buildnumber = Yii::app()->getConfig("buildnumber"); $tempdir = Yii::app()->getConfig("tempdir"); $updatekey = Yii::app()->getConfig("updatekey"); $updatebuild = Yii::app()->getConfig("updatebuild"); $rootdir = Yii::app()->getConfig("rootdir"); $publicdir = Yii::app()->getConfig("publicdir"); $tempdir = Yii::app()->getConfig("tempdir"); $aDatabasetype = Yii::app()->db->getDriverName(); // Request the list with changed files from the server $updatekey = getGlobalSetting('updatekey'); $aData = array('clang' => $clang); if (!isset(Yii::app()->session['updateinfo'])) { if ($updateinfo['error'] == 1) { setGlobalSetting('updatekey', ''); } } else { $updateinfo = Yii::app()->session['updateinfo']; } // this is the last step - Download the zip file, unpack it and replace files accordingly // Create DB and file backups now $downloaderror = false; $http = new http(); // Allow redirects $http->follow_redirect = 1; /* Connection timeout */ $http->timeout = 0; /* Data transfer timeout */ $http->data_timeout = 0; $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"; $http->GetRequestArguments("http://update.limesurvey.org/updates/download/{$updateinfo['downloadid']}", $arguments); $http->RestoreCookies(Yii::app()->session['updatesession']); $error = $http->Open($arguments); $error = $http->SendRequest($arguments); $http->ReadReplyHeaders($headers); if ($headers['content-type'] == 'text/html') { @unlink($tempdir . '/update.zip'); } else { if ($error == '') { $body = ''; $pFile = fopen($tempdir . '/update.zip', 'w'); for (;;) { $error = $http->ReadReplyBody($body, 100000); if ($error != "" || strlen($body) == 0) { break; } fwrite($pFile, $body); } fclose($pFile); } else { print $error; } } // Now remove all files that are to be deleted according to update process foreach ($updateinfo['files'] as $afile) { if ($afile['type'] == 'D' && file_exists($rootdir . $afile['file'])) { if (is_file($rootdir . $afile['file'])) { unlink($rootdir . $afile['file']); } else { rmdirr($rootdir . $afile['file']); } echo sprintf($clang->gT('File deleted: %s'), $afile['file']) . '<br />'; } } //Now unzip the new files over the existing ones. $new_files = false; if (file_exists($tempdir . '/update.zip')) { Yii::app()->loadLibrary("admin/pclzip/pclzip"); $archive = new PclZip($tempdir . '/update.zip'); if ($archive->extract(PCLZIP_OPT_PATH, $rootdir . '/', PCLZIP_OPT_REPLACE_NEWER) == 0) { die("Error : " . $archive->errorInfo(true)); } else { $new_files = true; unlink($tempdir . '/update.zip'); } } else { $downloaderror = true; } $aData['new_files'] = $new_files; $aData['downloaderror'] = $downloaderror; // PclTraceDisplay(); // Now we have to update version.php if (!$downloaderror) { @ini_set('auto_detect_line_endings', true); $versionlines = file($rootdir . '/application/config/version.php'); $handle = fopen($rootdir . '/application/config/version.php', "w"); foreach ($versionlines as $line) { if (strpos($line, 'buildnumber') !== false) { $line = '$config[\'buildnumber\'] = ' . Yii::app()->session['updateinfo']['toversion'] . ';' . "\r\n"; } fwrite($handle, $line); } fclose($handle); } setGlobalSetting('updatelastcheck', '1980-01-01 00:00'); setGlobalSetting('updateavailable', '0'); setGlobalSetting('updatebuild', ''); setGlobalSetting('updateversion', ''); $this->_renderWrappedTemplate('update', 'step4', $aData); }
function getUpdateInfo() { if (getGlobalSetting('SessionName') == '') { setGlobalSetting('SessionName', \Yii::app()->securityManager->generateRandomString(64)); } $url = "http://update.limesurvey.org/?" . \Yii::app()->urlManager->createPathInfo(array('build' => Yii::app()->getConfig("buildnumber"), 'id' => md5(getGlobalSetting('SessionName')), 'crosscheck' => 'true'), '=', '&'); $opts = array('http' => array('method' => 'GET', 'user_agent' => "LimeSurvey " . Yii::app()->getConfig("versionnumber") . " build " . Yii::app()->getConfig("buildnumber"), 'timeout' => 10, 'ignore_errors' => true)); $body = file_get_contents($url, false, stream_context_create($opts)); if ($body != false && null === ($updateInfo = json_decode($body, true))) { $updateInfo = array('errorhtml' => $body, 'errorcode' => $http_response_header); } return $updateInfo; }
/** * Function responsible to rename a template(folder). * * @access public * @return void */ public function templaterename() { if (!Permission::model()->hasGlobalPermission('templates', 'update')) { die('No permission'); } if (returnGlobal('action') == "templaterename" && returnGlobal('newname') && returnGlobal('copydir')) { $clang = Yii::app()->lang; $sOldName = sanitize_dirname(returnGlobal('copydir')); $sNewName = sanitize_dirname(returnGlobal('newname')); $sNewDirectoryPath = Yii::app()->getConfig('usertemplaterootdir') . "/" . $sNewName; $sOldDirectoryPath = Yii::app()->getConfig('usertemplaterootdir') . "/" . returnGlobal('copydir'); if (isStandardTemplate(returnGlobal('newname'))) { $this->getController()->error(sprintf($clang->gT("Template could not be renamed to `%s`.", "js"), $sNewName) . " " . $clang->gT("This name is reserved for standard template.", "js")); } elseif (file_exists($sNewDirectoryPath)) { $this->getController()->error(sprintf($clang->gT("Template could not be renamed to `%s`.", "js"), $sNewName) . " " . $clang->gT("A template with that name already exists.", "js")); } elseif (rename($sOldDirectoryPath, $sNewDirectoryPath) == false) { $this->getController()->error(sprintf($clang->gT("Template could not be renamed to `%s`.", "js"), $sNewName) . " " . $clang->gT("Maybe you don't have permission.", "js")); } else { Survey::model()->updateAll(array('template' => $sNewName), "template = :oldname", array(':oldname' => $sOldName)); if (getGlobalSetting('defaulttemplate') == $sOldName) { setGlobalSetting('defaulttemplate', $sNewName); } $this->index("startpage.pstpl", "welcome", $sNewName); } } }
private function _saveSettings() { if ($_POST['action'] !== "globalsettingssave") { return; } if (!Permission::model()->hasGlobalPermission('settings', 'update')) { $this->getController()->redirect(array('/admin')); } Yii::app()->loadHelper('surveytranslator'); $iPDFFontSize = sanitize_int($_POST['pdffontsize']); if ($iPDFFontSize < 1) { $iPDFFontSize = 9; } $iPDFLogoWidth = sanitize_int($_POST['pdflogowidth']); if ($iPDFLogoWidth < 1) { $iPDFLogoWidth = 50; } $maxemails = $_POST['maxemails']; if (sanitize_int($_POST['maxemails']) < 1) { $maxemails = 1; } $defaultlang = sanitize_languagecode($_POST['defaultlang']); $aRestrictToLanguages = explode(' ', sanitize_languagecodeS($_POST['restrictToLanguages'])); if (!in_array($defaultlang, $aRestrictToLanguages)) { // Force default language in restrictToLanguages $aRestrictToLanguages[] = $defaultlang; } if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) { $aRestrictToLanguages = ''; } else { $aRestrictToLanguages = implode(' ', $aRestrictToLanguages); } setGlobalSetting('defaultlang', $defaultlang); setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages)); setGlobalSetting('sitename', strip_tags($_POST['sitename'])); setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string($_POST['defaulthtmleditormode'])); setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string($_POST['defaultquestionselectormode'])); setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string($_POST['defaulttemplateeditormode'])); if (!Yii::app()->getConfig('demoMode')) { $sTemplate = Yii::app()->getRequest()->getPost("defaulttemplate"); if (array_key_exists($sTemplate, getTemplateList())) { setGlobalSetting('defaulttemplate', $sTemplate); } } setGlobalSetting('admintheme', sanitize_paranoid_string($_POST['admintheme'])); setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . sanitize_paranoid_string($_POST['admintheme']) . DIRECTORY_SEPARATOR . 'iconsize'))); setGlobalSetting('emailmethod', strip_tags($_POST['emailmethod'])); setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost'))); if (returnGlobal('emailsmtppassword') != 'somepassword') { setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword'))); } setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost'))); setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype'))); setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption'))); setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser'))); if (returnGlobal('bounceaccountpass') != 'enteredpassword') { setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass'))); } setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', ''))); setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0'))); setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser'))); setGlobalSetting('filterxsshtml', strip_tags($_POST['filterxsshtml'])); $warning = ''; // make sure emails are valid before saving them if (Yii::app()->request->getPost('siteadminbounce', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminbounce'))) { setGlobalSetting('siteadminbounce', strip_tags(Yii::app()->request->getPost('siteadminbounce'))); } else { $warning .= gT("Warning! Admin bounce email was not saved because it was not valid.") . '<br/>'; } if (Yii::app()->request->getPost('siteadminemail', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminemail'))) { setGlobalSetting('siteadminemail', strip_tags(Yii::app()->request->getPost('siteadminemail'))); } else { $warning .= gT("Warning! Admin email was not saved because it was not valid.") . '<br/>'; } setGlobalSetting('siteadminname', strip_tags($_POST['siteadminname'])); setGlobalSetting('shownoanswer', sanitize_int($_POST['shownoanswer'])); setGlobalSetting('showxquestions', $_POST['showxquestions']); setGlobalSetting('showgroupinfo', $_POST['showgroupinfo']); setGlobalSetting('showqnumcode', $_POST['showqnumcode']); $repeatheadingstemp = (int) $_POST['repeatheadings']; if ($repeatheadingstemp == 0) { $repeatheadingstemp = 25; } setGlobalSetting('repeatheadings', $repeatheadingstemp); setGlobalSetting('maxemails', sanitize_int($maxemails)); $iSessionExpirationTime = (int) $_POST['iSessionExpirationTime']; if ($iSessionExpirationTime == 0) { $iSessionExpirationTime = 7200; } setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime); setGlobalSetting('ipInfoDbAPIKey', $_POST['ipInfoDbAPIKey']); setGlobalSetting('pdffontsize', $iPDFFontSize); setGlobalSetting('pdfshowheader', $_POST['pdfshowheader']); setGlobalSetting('pdflogowidth', $iPDFLogoWidth); setGlobalSetting('pdfheadertitle', $_POST['pdfheadertitle']); setGlobalSetting('pdfheaderstring', $_POST['pdfheaderstring']); setGlobalSetting('googleMapsAPIKey', $_POST['googleMapsAPIKey']); setGlobalSetting('googleanalyticsapikey', $_POST['googleanalyticsapikey']); setGlobalSetting('googletranslateapikey', $_POST['googletranslateapikey']); setGlobalSetting('force_ssl', $_POST['force_ssl']); setGlobalSetting('surveyPreview_require_Auth', $_POST['surveyPreview_require_Auth']); setGlobalSetting('RPCInterface', $_POST['RPCInterface']); setGlobalSetting('rpc_publish_api', (bool) $_POST['rpc_publish_api']); $savetime = (double) $_POST['timeadjust'] * 60 . ' minutes'; //makes sure it is a number, at least 0 if (substr($savetime, 0, 1) != '-' && substr($savetime, 0, 1) != '+') { $savetime = '+' . $savetime; } setGlobalSetting('timeadjust', $savetime); setGlobalSetting('usercontrolSameGroupPolicy', strip_tags($_POST['usercontrolSameGroupPolicy'])); Yii::app()->session['flashmessage'] = $warning . gT("Global settings were saved."); $url = htmlspecialchars_decode(Yii::app()->session['refurl']); if ($url) { Yii::app()->getController()->redirect($url); } }
public function view($surveyid, $gid, $qid) { $aData = array(); // Init general variables $aData['surveyid'] = $iSurveyID = $surveyid; $aData['gid'] = $gid; $aData['qid'] = $qid; $baselang = Survey::model()->findByPk($iSurveyID)->language; //Show Question Details //Count answer-options for this question $qrr = Answer::model()->findAllByAttributes(array('qid' => $qid, 'language' => $baselang)); $aData['qct'] = $qct = count($qrr); //Count sub-questions for this question $sqrq = Question::model()->findAllByAttributes(array('parent_qid' => $qid, 'language' => $baselang)); $aData['sqct'] = $sqct = count($sqrq); $qrrow = Question::model()->findByAttributes(array('qid' => $qid, 'gid' => $gid, 'sid' => $iSurveyID, 'language' => $baselang)); if (is_null($qrrow)) { return; } $questionsummary = "<div class='menubar'>\n"; // Check if other questions in the Survey are dependent upon this question $condarray = getQuestDepsForConditions($iSurveyID, "all", "all", $qid, "by-targqid", "outsidegroup"); $survey = Survey::model()->findByPk($iSurveyID); if (is_null($survey)) { Yii::app()->session['flashmessage'] = gT("Invalid survey ID"); $this->getController()->redirect(array("admin/index")); } // if surveyid is invalid then die to prevent errors at a later time $surveyinfo = $survey->attributes; $surveyinfo = array_map('flattenText', $surveyinfo); $aData['activated'] = $surveyinfo['active']; $qrrow = $qrrow->attributes; $aData['languagelist'] = Survey::model()->findByPk($iSurveyID)->getAllLanguages(); $aData['qtypes'] = $qtypes = getQuestionTypeList('', 'array'); $qshowstyle = ""; $aData['qshowstyle'] = $qshowstyle; $aData['surveyid'] = $iSurveyID; $aData['qid'] = $qid; $aData['gid'] = $gid; $aData['qrrow'] = $qrrow; $aData['baselang'] = $baselang; $aAttributesWithValues = Question::model()->getAdvancedSettingsWithValues($qid, $qrrow['type'], $iSurveyID, $baselang); $DisplayArray = array(); foreach ($aAttributesWithValues as $aAttribute) { if ($aAttribute['i18n'] == false && isset($aAttribute['value']) && $aAttribute['value'] != $aAttribute['default'] || $aAttribute['i18n'] == true && isset($aAttribute['value'][$baselang]) && $aAttribute['value'][$baselang] != $aAttribute['default']) { if ($aAttribute['inputtype'] == 'singleselect') { $aAttribute['value'] = $aAttribute['options'][$aAttribute['value']]; } $DisplayArray[] = $aAttribute; } } $aData['advancedsettings'] = $DisplayArray; $aData['condarray'] = $condarray; $aData['sImageURL'] = Yii::app()->getConfig('adminimageurl'); $aData['iIconSize'] = Yii::app()->getConfig('adminthemeiconsize'); $questionsummary .= $this->getController()->renderPartial('/admin/survey/Question/questionbar_view', $aData, true); $finaldata['display'] = $questionsummary; $aData['display']['menu_bars']['gid_action'] = 'viewquestion'; $aData['questionbar']['buttons']['view'] = true; /////////// // sidemenu $aData['sidemenu']['state'] = true; $aData['sidemenu']['explorer']['state'] = true; $aData['sidemenu']['explorer']['gid'] = isset($gid) ? $gid : false; $aData['sidemenu']['explorer']['qid'] = isset($qid) ? $qid : false; $surveyinfo = Survey::model()->findByPk($iSurveyID)->surveyinfo; $aData['title_bar']['title'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")"; // Last question visited : By user (only one by user) $setting_entry = 'last_question_' . Yii::app()->user->getId(); setGlobalSetting($setting_entry, $qid); // we need to set the sid for this question $setting_entry = 'last_question_sid_' . Yii::app()->user->getId(); setGlobalSetting($setting_entry, $iSurveyID); // we need to set the gid for this question $setting_entry = 'last_question_gid_' . Yii::app()->user->getId(); setGlobalSetting($setting_entry, $gid); // Last question for this survey (only one by survey, many by user) $setting_entry = 'last_question_' . Yii::app()->user->getId() . '_' . $iSurveyID; setGlobalSetting($setting_entry, $qid); // we need to set the gid for this question $setting_entry = 'last_question_' . Yii::app()->user->getId() . '_' . $iSurveyID . '_gid'; setGlobalSetting($setting_entry, $gid); $aData['surveyIsActive'] = $survey->active !== 'N'; $this->_renderWrappedTemplate('survey/Question', 'question_view', $aData); }
function UpdateStep4() { global $clang, $scriptname, $homedir, $buildnumber, $updatebuild, $debug, $rootdir, $publicdir, $tempdir, $database_exists, $databasetype, $action, $demoModeOnly; echo '<div class="header ui-widget-header">'.sprintf($clang->gT('ComfortUpdate step %s'),'4').'</div><div class="updater-background"><br />'; if (!isset( $_SESSION['updateinfo'])) { echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />'; if ($updateinfo['error']==1) { setGlobalSetting('updatekey',''); echo $clang->gT('Your update key is invalid and was removed. ').'<br />'; } else echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />'; } else { $updateinfo=$_SESSION['updateinfo']; } // this is the last step - Download the zip file, unpack it and replace files accordingly // Create DB and file backups now require_once("classes/pclzip/pclzip.lib.php"); // require_once('classes/pclzip/pcltrace.lib.php'); // require_once('classes/pclzip/pclzip-trace.lib.php'); // PclTraceOn(2); require_once($homedir."/classes/http/http.php"); $downloaderror=false; $http=new http_class; // Allow redirects $http->follow_redirect=1; /* Connection timeout */ $http->timeout=0; /* Data transfer timeout */ $http->data_timeout=0; $http->user_agent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"; $http->GetRequestArguments("http://update.limesurvey.org/updates/download/{$updateinfo['downloadid']}",$arguments); $http->RestoreCookies($_SESSION['updatesession']); $error=$http->Open($arguments); $error=$http->SendRequest($arguments); $http->ReadReplyHeaders($headers); if ($headers['content-type']=='text/html') { @unlink($tempdir.'/update.zip'); } elseif($error=='') { $body=''; $pFile = fopen($tempdir.'/update.zip', 'w'); for(;;){ $error = $http->ReadReplyBody($body,100000); if($error != "" || strlen($body)==0) break; fwrite($pFile, $body); } fclose($pFile); } else { print( $error ); } // Now remove all files that are to be deleted according to update process foreach ($updateinfo['files'] as $afile) { if ($afile['type']=='D' && file_exists($rootdir.$afile['file'])) { if (is_file($rootdir.$afile['file'])) { unlink($rootdir.$afile['file']); } else{ rmdirr($rootdir.$afile['file']); } echo sprintf($clang->gT('File deleted: %s'),$afile['file']).'<br />'; } } //Now unzip the new files over the existing ones. if (file_exists($tempdir.'/update.zip')){ $archive = new PclZip($tempdir.'/update.zip'); if ($archive->extract(PCLZIP_OPT_PATH, $rootdir.'/', PCLZIP_OPT_REPLACE_NEWER)== 0) { die("Error : ".$archive->errorInfo(true)); } else { echo $clang->gT('New files were successfully installed.').'<br />'; unlink($tempdir.'/update.zip'); } } else { echo $clang->gT('There was a problem downloading the update file. Please try to restart the update process.').'<br />'; $downloaderror=true; } // PclTraceDisplay(); // Now we have to update version.php if (!$downloaderror) { @ini_set('auto_detect_line_endings', true); $versionlines=file($rootdir.'/version.php'); $handle = fopen($rootdir.'/version.php', "w"); foreach ($versionlines as $line) { if(strpos($line,'$buildnumber')!==false) { $line='$buildnumber'." = '{$_SESSION['updateinfo']['toversion']}';\r\n"; } fwrite($handle,$line); } fclose($handle); echo sprintf($clang->gT('Buildnumber was successfully updated to %s.'),$_SESSION['updateinfo']['toversion']).'<br />'; echo $clang->gT('Please check any problems above - update was done.').'<br />'; } echo "<p><button onclick=\"window.open('$scriptname?action=globalsettings&subaction=updatecheck', '_top')\" >".$clang->gT('Back to main menu')."</button></p>"; echo '</div>'; setGlobalSetting('updatelastcheck','1980-01-01 00:00'); setGlobalSetting('updateavailable','0'); }
/** * Generate a queXML PDF document with provided styles/settings * * @access public * @param int $iSurveyID * @return void */ public function quexml($iSurveyID) { $iSurveyID = (int) $iSurveyID; $queXMLSettings = $this->_quexmlsettings(); $aData = array(); $aData['surveyid'] = $iSurveyID; $aData['slangs'] = Survey::model()->findByPk($iSurveyID)->additionalLanguages; $aData['baselang'] = Survey::model()->findByPk($iSurveyID)->language; array_unshift($aData['slangs'], $aData['baselang']); Yii::import("application.libraries.admin.quexmlpdf", TRUE); $defaultquexmlpdf = new quexmlpdf($this->getController()); foreach ($queXMLSettings as $s) { $aData[$s] = getGlobalSetting($s); if ($aData[$s] === NULL || trim($aData[$s]) === '') { $method = str_replace("queXML", "get", $s); $aData[$s] = $defaultquexmlpdf->{$method}(); } } if (empty($_POST['ok'])) { $this->_renderWrappedTemplate('survey', 'queXMLSurvey_view', $aData); } else { $quexmlpdf = new quexmlpdf($this->getController()); //Save settings globally and generate queXML document foreach ($queXMLSettings as $s) { if ($s !== 'queXMLStyle') { setGlobalSetting($s, Yii::app()->request->getPost($s)); } $method = str_replace("queXML", "set", $s); $quexmlpdf->{$method}(Yii::app()->request->getPost($s)); } $lang = Yii::app()->request->getPost('save_language'); $tempdir = Yii::app()->getConfig("tempdir"); // Setting the selected language for printout App()->setLanguage($lang); $quexmlpdf->setLanguage($lang); set_time_limit(120); Yii::app()->loadHelper('export'); $quexml = quexml_export($iSurveyID, $lang); $quexmlpdf->create($quexmlpdf->createqueXML($quexml)); //NEED TO GET QID from $quexmlpdf $qid = intval($quexmlpdf->getQuestionnaireId()); $zipdir = $this->_tempdir($tempdir); $f1 = "{$zipdir}/quexf_banding_{$qid}_{$lang}.xml"; $f2 = "{$zipdir}/quexmlpdf_{$qid}_{$lang}.pdf"; $f3 = "{$zipdir}/quexml_{$qid}_{$lang}.xml"; $f4 = "{$zipdir}/readme.txt"; $f5 = "{$zipdir}/quexmlpdf_style_{$qid}_{$lang}.xml"; file_put_contents($f5, $quexmlpdf->exportStyleXML()); file_put_contents($f1, $quexmlpdf->getLayout()); file_put_contents($f2, $quexmlpdf->Output("quexml_{$qid}.pdf", 'S')); file_put_contents($f3, $quexml); file_put_contents($f4, gT('This archive contains a PDF file of the survey, the queXML file of the survey and a queXF banding XML file which can be used with queXF: http://quexf.sourceforge.net/ for processing scanned surveys.')); Yii::app()->loadLibrary('admin.pclzip'); $zipfile = "{$tempdir}/quexmlpdf_{$qid}_{$lang}.zip"; $z = new PclZip($zipfile); $z->create($zipdir, PCLZIP_OPT_REMOVE_PATH, $zipdir); unlink($f1); unlink($f2); unlink($f3); unlink($f4); unlink($f5); rmdir($zipdir); $fn = "quexmlpdf_{$qid}_{$lang}.zip"; $this->_addHeaders($fn, "application/zip", 0); header('Content-Transfer-Encoding: binary'); // load the file to send: readfile($zipfile); unlink($zipfile); } }
<?php /* * SAML login module for LimeSurvey, integrate with session handling * * $Id: login_check_saml.php$ */ if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) { die("Cannot run this script directly"); } if (!isset($action)) { $action = returnglobal('action'); } // Sync session/cookie name setGlobalSetting('SessionName', session_name()); // Use the default sp setting as defined in simplesamlphp $as = new SimpleSAML_Auth_Simple('default-sp'); // force authentication against remote IdP $as->requireAuth(); // Get attributes provided by the IdP $attributes = $as->getAttributes(); // Get a unique ID for the user. // If you are using standard eduPerson attributes, you may want to use ['urn:mace:dir:attribute-def:eduPersonPrincipalName'] $user_id = $attributes['NameID'][0]; // Set request context to include $user_id as REMOTE_USER $_SERVER['REMOTE_USER'] = $user_id; // Now delegate to procedure: include "usercontrol.php"; if (isset($_POST['user']) && isset($_POST['password']) || $action == "forgotpass" || $action == "login" || $action == "logout" || $useWebserverAuth === true && !isset($_SESSION['loginID'])) { include "usercontrol.php"; }
/** * Performs the AJAX update of box setting */ public function setBoxesSettings($boxesbyrow, $boxesoffset) { if (Permission::model()->hasGlobalPermission('settings', 'update')) { setGlobalSetting('boxes_by_row', $boxesbyrow); setGlobalSetting('boxes_offset', $boxesoffset); return true; } }
/** * This method construct a template object, having all the needed configuration datas. * It checks if the required template is a core one or a user one. * If it's a user template, it will check if it's an old 2.0x template to provide default configuration values corresponding to the old template system * If it's not an old template, it will check if it has a configuration file to load its datas. * If it's not the case (template probably doesn't exist), it will load the default template configuration * TODO : more tests should be done, with a call to private function _is_valid_template(), testing not only if it has a config.xml, but also id this file is correct, if it has the needed pstpl files, if the files refered in css exist, etc. * * @param string $sTemplateName the name of the template to load. The string come from the template selector in survey settings * @param string $iSurveyId the id of the survey. If */ public function setTemplateConfiguration($sTemplateName = '', $iSurveyId = '') { // If it's called from template editor, a template name will be provided. // If it's called for survey taking, a survey id will be provided if ($sTemplateName == '' && $iSurveyId == '') { throw new TemplateException("Template needs either template name or survey id"); } $this->sTemplateName = $sTemplateName; $this->iSurveyId = (int) $iSurveyId; if ($sTemplateName == '') { $this->oSurvey = Survey::model()->findByPk($iSurveyId); $this->sTemplateName = $this->oSurvey->template; } // We check if it's a CORE template $this->isStandard = $this->setIsStandard(); // If the template is standard, its root is based on standardtemplaterootdir, else, it's a user template, its root is based on usertemplaterootdir $this->path = $this->isStandard ? Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName : Yii::app()->getConfig("usertemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; // If the template directory doesn't exist, it can be that: // - user deleted a custom theme // In any case, we just set Default as the template to use if (!is_dir($this->path)) { $this->sTemplateName = 'default'; $this->isStandard = true; $this->path = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; setGlobalSetting('defaulttemplate', 'default'); } // If the template don't have a config file (maybe it has been deleted, or whatever), // then, we load the default template $this->hasConfigFile = (string) is_file($this->path . DIRECTORY_SEPARATOR . 'config.xml'); $this->isOldTemplate = !$this->hasConfigFile && is_file($this->path . DIRECTORY_SEPARATOR . 'startpage.pstpl'); // TODO: more complex checks if (!$this->hasConfigFile) { // If it's an imported template from 2.06, we return default values if ($this->isOldTemplate) { $this->xmlFile = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . 'minimal-config.xml'; } else { $this->path = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; $this->xmlFile = $this->path . DIRECTORY_SEPARATOR . 'config.xml'; } } else { $this->xmlFile = $this->path . DIRECTORY_SEPARATOR . 'config.xml'; } ////////////////////// // Config file loading $bOldEntityLoaderState = libxml_disable_entity_loader(true); // @see: http://phpsecurity.readthedocs.io/en/latest/Injection-Attacks.html#xml-external-entity-injection $sXMLConfigFile = file_get_contents(realpath($this->xmlFile)); // @see: Now that entity loader is disabled, we can't use simplexml_load_file; so we must read the file with file_get_contents and convert it as a string // Simple Xml is buggy on PHP < 5.4. The [ array -> json_encode -> json_decode ] workaround seems to be the most used one. // @see: http://php.net/manual/de/book.simplexml.php#105330 (top comment on PHP doc for simplexml) $this->config = json_decode(json_encode((array) simplexml_load_string($sXMLConfigFile), 1)); // Template configuration // Ternary operators test if configuration entry exists in the config file (to avoid PHP notice in user custom templates) $this->viewPath = isset($this->config->engine->pstpldirectory) ? $this->path . DIRECTORY_SEPARATOR . $this->config->engine->pstpldirectory . DIRECTORY_SEPARATOR : $this->path; $this->siteLogo = isset($this->config->files->logo) ? $this->config->files->logo->filename : ''; $this->filesPath = isset($this->config->engine->filesdirectory) ? $this->path . DIRECTORY_SEPARATOR . $this->config->engine->filesdirectory . DIRECTORY_SEPARATOR : $this->path . '/files/'; $this->cssFramework = isset($this->config->engine->cssframework) ? $this->config->engine->cssframework : ''; $this->packages = isset($this->config->engine->packages->package) ? $this->config->engine->packages->package : array(); // overwrite_question_views accept different values : "true" or "yes" $this->overwrite_question_views = isset($this->config->engine->overwrite_question_views) ? $this->config->engine->overwrite_question_views == 'true' || $this->config->engine->overwrite_question_views == 'yes' : false; $this->otherFiles = $this->setOtherFiles(); $this->depends = $this->packages; // TODO: remove // Package creation $this->createTemplatePackage(); libxml_disable_entity_loader($bOldEntityLoaderState); // Put back entity loader to its original state, to avoid contagion to other applications on the server return $this; }
/** * Checl if assets needs to be updated */ private function checkAssets() { $iAssetVersionNumber = Yii::app()->getConfig('assetsversionnumber'); // From version.php $iCurrentAssetVersion = GetGlobalSetting('AssetsVersion'); // From setting_global table if ($iAssetVersionNumber != $iCurrentAssetVersion) { self::republishAssets(); setGlobalSetting('AssetsVersion', $iAssetVersionNumber); App()->getController()->redirect(array("admin/")); } return false; }
/** * Load complete view of survey properties and actions specified by $iSurveyID * * @access public * @param mixed $iSurveyID * @param mixed $gid * @param mixed $qid * @return void */ public function view($iSurveyID, $gid = null, $qid = null) { // We load the panel packages for quick actions $iSurveyID = sanitize_int($iSurveyID); if (isset($gid)) { $gid = sanitize_int($gid); } if (isset($qid)) { $qid = sanitize_int($qid); } $survey = Survey::model()->findByPk($iSurveyID); $baselang = $survey->language; $aData['aAdditionalLanguages'] = $survey->additionalLanguages; // Reinit LEMlang and LEMsid: ensure LEMlang are set to default lang, surveyid are set to this survey id // Ensure Last GetLastPrettyPrintExpression get info from this sid and default lang LimeExpressionManager::SetEMLanguage($baselang); LimeExpressionManager::SetSurveyId($iSurveyID); LimeExpressionManager::StartProcessingPage(false, true); $surveyinfo = $survey->surveyinfo; $aData['title_bar']['title'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")"; $aData["surveyinfo"] = $surveyinfo; $aData['surveyid'] = $iSurveyID; $aData['display']['surveysummary'] = true; // Last survey visited $setting_entry = 'last_survey_' . Yii::app()->user->getId(); setGlobalSetting($setting_entry, $iSurveyID); $aData['surveybar']['buttons']['view'] = true; $aData['surveybar']['returnbutton']['url'] = $this->getController()->createUrl("admin/survey/sa/listsurveys"); $aData['surveybar']['returnbutton']['text'] = gT('Return to survey list'); $aData['sidemenu']["survey_menu"] = TRUE; // We get the last question visited by user for this survey $setting_entry = 'last_question_' . Yii::app()->user->getId() . '_' . $iSurveyID; $lastquestion = getGlobalSetting($setting_entry); $setting_entry = 'last_question_' . Yii::app()->user->getId() . '_' . $iSurveyID . '_gid'; // We get the list of templates //$setting_entry = 'last_question_gid'.Yii::app()->user->getId().'_'.$iSurveyID; $lastquestiongroup = getGlobalSetting($setting_entry); if ($lastquestion != null && $lastquestiongroup != null) { $aData['showLastQuestion'] = true; $qid = $lastquestion; $gid = $lastquestiongroup; $qrrow = Question::model()->findByAttributes(array('qid' => $qid, 'gid' => $gid, 'sid' => $iSurveyID, 'language' => $baselang)); $aData['last_question_name'] = $qrrow['title']; if ($qrrow['question']) { $aData['last_question_name'] .= ' : ' . $qrrow['question']; } $aData['last_question_link'] = $this->getController()->createUrl("admin/questions/sa/view/surveyid/{$iSurveyID}/gid/{$gid}/qid/{$qid}"); } else { $aData['showLastQuestion'] = false; } $this->_renderWrappedTemplate('survey', array(), $aData); }
/** * This function update the updater * It is called from the view _updater_update. * The view _updater_update is called by the ComfortUpdate server during the getWelcome step if the updater version is not the minimal required one. * @return html the welcome message */ public function updateUpdater() { if (Permission::model()->hasGlobalPermission('superadmin')) { if (Yii::app()->request->getPost('destinationBuild')) { $destinationBuild = Yii::app()->request->getPost('destinationBuild'); $updateModel = new UpdateForm(); $localChecks = $updateModel->getLocalChecksForUpdater(); if ($localChecks->result) { $file = $updateModel->downloadUpdateUpdaterFile($destinationBuild); if ($file->result) { $unzip = $updateModel->unzipUpdateUpdaterFile(); if ($unzip->result) { $updateModel->removeTmpFile('update_updater.zip'); $updateModel->removeTmpFile('comfort_updater_cookie.txt'); setGlobalSetting('updateavailable', '0'); setGlobalSetting('updatebuild', ''); setGlobalSetting('updaterversions', ''); Yii::app()->session['update_result'] = null; Yii::app()->session['next_update_check'] = null; return $this->controller->renderPartial('update/updater/steps/_updater_updated', array('destinationBuild' => $destinationBuild), false, false); } else { $error = $unzip->error; } } else { $error = $file->error; } } else { return $this->controller->renderPartial('update/updater/welcome/_error_files_update_updater', array('localChecks' => $localChecks), false, false); } } return $this->_renderErrorString($error); } }
/** * Function responsible to delete a template. * * @access public * @param string $templatename * @return void */ public function delete($templatename) { if (!Permission::model()->hasGlobalPermission('templates', 'delete')) { die('No permission'); } Yii::app()->loadHelper("admin/template"); if (array_key_exists($templatename, Template::getTemplateList()) && !Template::isStandardTemplate($templatename)) { if (rmdirr(Yii::app()->getConfig('usertemplaterootdir') . "/" . $templatename) == true) { $surveys = Survey::model()->findAllByAttributes(array('template' => $templatename)); // The default template could be the same as the one we're trying to remove $globalDefaultIsGettingDeleted = Yii::app()->getConfig('defaulttemplate') == $templatename; if ($globalDefaultIsGettingDeleted) { setGlobalSetting('defaulttemplate', 'default'); } foreach ($surveys as $s) { $s->template = Yii::app()->getConfig('defaulttemplate'); $s->save(); } Template::model()->deleteAllByAttributes(array('folder' => $templatename)); Permission::model()->deleteAllByAttributes(array('permission' => $templatename, 'entity' => 'template')); Yii::app()->setFlashMessage(sprintf(gT("Template '%s' was successfully deleted."), $templatename)); } else { Yii::app()->setFlashMessage(sprintf(gT("There was a problem deleting the template '%s'. Please check your directory/file permissions."), $templatename), 'error'); } } else { // Throw an error 500 ? } // Redirect with default templatename, editfile and screenname $this->getController()->redirect(array("admin/templates/sa/view")); }
/** * This function updates the actual global variables if an update is available after using getUpdateInfo * @return Array with update or error information */ function updateCheck() { $aUpdateVersions = getUpdateInfo(); if (isset($aUpdateVersions['errorcode'])) { Yii::app()->setFlashMessage(sprintf(gT("Error when checking for new version: %s"), $aUpdateVersions['errorcode']) . '<br>' . $aUpdateVersions['errorhtml'], 'error'); $aUpdateVersions = array(); } if (count($aUpdateVersions) && trim(Yii::app()->getConfig('buildnumber')) != '') { $sUpdateNotificationType = getGlobalSetting('updatenotification'); switch ($sUpdateNotificationType) { case 'stable': // Only show update if in stable (master) branch if (isset($aUpdateVersions['master'])) { $aUpdateVersion = $aUpdateVersions['master']; $aUpdateVersions = array_intersect_key($aUpdateVersions, array('master' => '1')); } break; case 'both': // Show first available update $aUpdateVersion = reset($aUpdateVersions); break; default: // Never show a notification $aUpdateVersions = array(); break; } } setGlobalSetting('updateversions', json_encode($aUpdateVersions)); if (isset($aUpdateVersion)) { setGlobalSetting('updateavailable', 1); setGlobalSetting('updatebuild', $aUpdateVersion['build']); setGlobalSetting('updateversion', $aUpdateVersion['versionnumber']); } else { setGlobalSetting('updateavailable', 0); $aUpdateVersions = array(); } setGlobalSetting('updatelastcheck', date('Y-m-d H:i:s')); return $aUpdateVersions; }
/** * Set the Admin Theme : * - checks if the required template exists * - set the admin theme variables * - set the admin theme constants * - Register all the needed CSS/JS files */ public function setAdminTheme() { $sAdminThemeName = getGlobalSetting('admintheme'); // We retrieve the admin theme in config ( {{settings_global}} or config-defaults.php ) $sStandardTemplateRootDir = Yii::app()->getConfig("styledir"); // Path for the standard Admin Themes $sUserTemplateDir = Yii::app()->getConfig('uploaddir') . DIRECTORY_SEPARATOR . 'admintheme'; // Path for the user Admin Themes // Check if the required theme is a standard one if ($this->isStandardAdminTheme($sAdminThemeName)) { $sTemplateDir = $sStandardTemplateRootDir; // It's standard, so it will be in standard path $sTemplateUrl = Yii::app()->getConfig('styleurl') . $sAdminThemeName; // Available via a standard URL } else { // If it's not a standard theme, we bet it's a user one. // In fact, it could also be a old 2.06 admin theme just aftet an update (it will then be caught as "non existent" in the next if statement") $sTemplateDir = $sUserTemplateDir; $sTemplateUrl = Yii::app()->getConfig('uploadurl') . DIRECTORY_SEPARATOR . 'admintheme' . DIRECTORY_SEPARATOR . $sAdminThemeName; } // If the theme directory doesn't exist, it can be that: // - user updated from 2.06 and still have old theme configurated in database // - user deleted a custom theme // In any case, we just set Sea Green as the template to use if (!is_dir($sTemplateDir . DIRECTORY_SEPARATOR . $sAdminThemeName)) { $sAdminThemeName = 'Sea_Green'; $sTemplateDir = $sStandardTemplateRootDir; $sTemplateUrl = Yii::app()->getConfig('styleurl') . DIRECTORY_SEPARATOR . $sAdminThemeName; setGlobalSetting('admintheme', 'Sea_Green'); } // Now that we are sure we have an existing template, we can set the variables of the AdminTheme $this->sTemplateUrl = $sTemplateUrl; $this->name = $sAdminThemeName; $this->path = $sTemplateDir . DIRECTORY_SEPARATOR . $this->name; // This is necessary because a lot of files still use "adminstyleurl". // TODO: replace everywhere the call to Yii::app()->getConfig('adminstyleurl) by $oAdminTheme->sTemplateUrl; Yii::app()->setConfig('adminstyleurl', $this->sTemplateUrl); // We load the admin theme's configuration file. $this->config = simplexml_load_file($this->path . '/config.xml'); // If developers want to test asset manager with debug mode on $this->use_asset_manager = $this->config->engine->use_asset_manager_in_debug_mode == 'true'; $this->defineConstants(); // Define the (still) necessary constants $this->registerStylesAndScripts(); // Register all CSS and JS return $this; }
/** * This function updates the actual global variables if an update is available after using getUpdateInfo * @return Array with update or error information */ function updateCheck() { $updateinfo = getUpdateInfo(); if (isset($updateinfo['Targetversion']['build']) && (int) $updateinfo['Targetversion']['build'] > (int) Yii::app()->getConfig('buildnumber') && trim(Yii::app()->getConfig('buildnumber')) != '') { setGlobalSetting('updateavailable', 1); setGlobalSetting('updatebuild', $updateinfo['Targetversion']['build']); setGlobalSetting('updateversion', $updateinfo['Targetversion']['versionnumber']); } else { setGlobalSetting('updateavailable', 0); } setGlobalSetting('updatelastcheck', date('Y-m-d H:i:s')); return $updateinfo; }
/** * Set the Admin Theme : * - checks if the required template exists * - set the admin theme variables * - set the admin theme constants * - Register all the needed CSS/JS files */ public function setAdminTheme() { $sAdminThemeName = getGlobalSetting('admintheme'); // We retrieve the admin theme in config ( {{settings_global}} or config-defaults.php ) $sStandardTemplateRootDir = Yii::app()->getConfig("styledir"); // Path for the standard Admin Themes $sUserTemplateDir = Yii::app()->getConfig('uploaddir') . DIRECTORY_SEPARATOR . 'admintheme'; // Path for the user Admin Themes // Check if the required theme is a standard one if ($this->isStandardAdminTheme($sAdminThemeName)) { $sTemplateDir = $sStandardTemplateRootDir; // It's standard, so it will be in standard path $sTemplateUrl = Yii::app()->getConfig('styleurl') . $sAdminThemeName; // Available via a standard URL } else { // If it's not a standard theme, we bet it's a user one. // In fact, it could also be a old 2.06 admin theme just aftet an update (it will then be caught as "non existent" in the next if statement") $sTemplateDir = $sUserTemplateDir; $sTemplateUrl = Yii::app()->getConfig('uploadurl') . DIRECTORY_SEPARATOR . 'admintheme' . DIRECTORY_SEPARATOR . $sAdminThemeName; } // If the theme directory doesn't exist, it can be that: // - user updated from 2.06 and still have old theme configurated in database // - user deleted a custom theme // In any case, we just set Sea Green as the template to use if (!is_dir($sTemplateDir . DIRECTORY_SEPARATOR . $sAdminThemeName)) { $sAdminThemeName = 'Sea_Green'; $sTemplateDir = $sStandardTemplateRootDir; $sTemplateUrl = Yii::app()->getConfig('styleurl') . DIRECTORY_SEPARATOR . $sAdminThemeName; setGlobalSetting('admintheme', 'Sea_Green'); } // Now that we are sure we have an existing template, we can set the variables of the AdminTheme $this->sTemplateUrl = $sTemplateUrl; $this->name = $sAdminThemeName; $this->path = $sTemplateDir . DIRECTORY_SEPARATOR . $this->name; // This is necessary because a lot of files still use "adminstyleurl". // TODO: replace everywhere the call to Yii::app()->getConfig('adminstyleurl) by $oAdminTheme->sTemplateUrl; Yii::app()->setConfig('adminstyleurl', $this->sTemplateUrl); ////////////////////// // Config file loading $bOldEntityLoaderState = libxml_disable_entity_loader(true); // @see: http://phpsecurity.readthedocs.io/en/latest/Injection-Attacks.html#xml-external-entity-injection $sXMLConfigFile = file_get_contents(realpath($this->path . '/config.xml')); // Now that entity loader is disabled, we can't use simplexml_load_file; so we must read the file with file_get_contents and convert it as a string // Simple Xml is buggy on PHP < 5.4. The [ array -> json_encode -> json_decode ] workaround seems to be the most used one. // @see: http://php.net/manual/de/book.simplexml.php#105330 (top comment on PHP doc for simplexml) $this->config = json_decode(json_encode((array) simplexml_load_string($sXMLConfigFile), 1)); // If developers want to test asset manager with debug mode on self::$use_asset_manager = isset($this->config->engine->use_asset_manager_in_debug_mode) ? $this->config->engine->use_asset_manager_in_debug_mode == 'true' : 'false'; $this->defineConstants(); // Define the (still) necessary constants $this->registerStylesAndScripts(); // Register all CSS and JS libxml_disable_entity_loader($bOldEntityLoaderState); // Put back entity loader to its original state, to avoid contagion to other applications on the server return $this; }
function getGlobalSetting($settingname) { global $connect, $$settingname; $registry = SettingsStorage::getInstance(); if (!$registry->isRegistered($settingname)) { $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='$settingname'"; $dbvalue=$connect->GetOne($usquery); if (is_null($dbvalue)) { $registry->set($settingname,$dbvalue); } elseif (isset($$settingname)) { // If the setting was not found in the setting table but exists as a variable (from config.php) // get it and save it to the table setGlobalSetting($settingname,$$settingname); $dbvalue=$$settingname; } } else { $dbvalue=$registry->get($settingname); } return $dbvalue; }
private function _saveSettings() { if ($_POST['action'] !== "globalsettingssave") { return; } if (!Permission::model()->hasGlobalPermission('settings', 'update')) { $this->getController()->redirect(array('/admin')); } $clang = $this->getController()->lang; Yii::app()->loadHelper('surveytranslator'); $maxemails = $_POST['maxemails']; if (sanitize_int($_POST['maxemails']) < 1) { $maxemails = 1; } $defaultlang = sanitize_languagecode($_POST['defaultlang']); $aRestrictToLanguages = explode(' ', sanitize_languagecodeS($_POST['restrictToLanguages'])); if (!in_array($defaultlang, $aRestrictToLanguages)) { // Force default language in restrictToLanguages $aRestrictToLanguages[] = $defaultlang; } if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) { $aRestrictToLanguages = ''; } else { $aRestrictToLanguages = implode(' ', $aRestrictToLanguages); } setGlobalSetting('defaultlang', $defaultlang); setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages)); setGlobalSetting('sitename', strip_tags($_POST['sitename'])); setGlobalSetting('updatecheckperiod', (int) $_POST['updatecheckperiod']); setGlobalSetting('updatenotification', strip_tags($_POST['updatenotification'])); setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string($_POST['defaulthtmleditormode'])); setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string($_POST['defaultquestionselectormode'])); setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string($_POST['defaulttemplateeditormode'])); setGlobalSetting('defaulttemplate', sanitize_paranoid_string($_POST['defaulttemplate'])); setGlobalSetting('admintheme', sanitize_paranoid_string($_POST['admintheme'])); setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . sanitize_paranoid_string($_POST['admintheme']) . DIRECTORY_SEPARATOR . 'iconsize'))); setGlobalSetting('emailmethod', strip_tags($_POST['emailmethod'])); setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost'))); if (returnGlobal('emailsmtppassword') != 'somepassword') { setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword'))); } setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost'))); setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype'))); setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption'))); setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser'))); if (returnGlobal('bounceaccountpass') != 'enteredpassword') { setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass'))); } setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', ''))); setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0'))); setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser'))); setGlobalSetting('filterxsshtml', strip_tags($_POST['filterxsshtml'])); $warning = ''; // make sure emails are valid before saving them if (Yii::app()->request->getPost('siteadminbounce', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminbounce'))) { setGlobalSetting('siteadminbounce', strip_tags(Yii::app()->request->getPost('siteadminbounce'))); } else { $warning .= $clang->gT("Warning! Admin bounce email was not saved because it was not valid.") . '<br/>'; } if (Yii::app()->request->getPost('siteadminemail', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminemail'))) { setGlobalSetting('siteadminemail', strip_tags(Yii::app()->request->getPost('siteadminemail'))); } else { $warning .= $clang->gT("Warning! Admin email was not saved because it was not valid.") . '<br/>'; } setGlobalSetting('siteadminname', strip_tags($_POST['siteadminname'])); setGlobalSetting('shownoanswer', sanitize_int($_POST['shownoanswer'])); setGlobalSetting('showxquestions', $_POST['showxquestions']); setGlobalSetting('showgroupinfo', $_POST['showgroupinfo']); setGlobalSetting('showqnumcode', $_POST['showqnumcode']); $repeatheadingstemp = (int) $_POST['repeatheadings']; if ($repeatheadingstemp == 0) { $repeatheadingstemp = 25; } setGlobalSetting('repeatheadings', $repeatheadingstemp); setGlobalSetting('maxemails', sanitize_int($maxemails)); $iSessionExpirationTime = (int) $_POST['iSessionExpirationTime']; if ($iSessionExpirationTime == 0) { $iSessionExpirationTime = 7200; } setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime); setGlobalSetting('ipInfoDbAPIKey', $_POST['ipInfoDbAPIKey']); setGlobalSetting('googleMapsAPIKey', $_POST['googleMapsAPIKey']); setGlobalSetting('googleanalyticsapikey', $_POST['googleanalyticsapikey']); setGlobalSetting('googletranslateapikey', $_POST['googletranslateapikey']); setGlobalSetting('force_ssl', $_POST['force_ssl']); setGlobalSetting('surveyPreview_require_Auth', $_POST['surveyPreview_require_Auth']); setGlobalSetting('RPCInterface', $_POST['RPCInterface']); setGlobalSetting('rpc_publish_api', (bool) $_POST['rpc_publish_api']); //added by Gaurang 2014-04-14 setGlobalSetting('Project_Manager', (int) $_POST['Project_Manager']); //setGlobalSetting('Sales_Person', (int) $_POST['Sales_Person']); setGlobalSetting('Own_Panel', (int) $_POST['Own_Panel']); // EOF Gaurang //added by Gaurang 2014-04-17 // set global status of project setGlobalSetting('project_status_run', (int) $_POST['project_status_run']); setGlobalSetting('project_status_test', (int) $_POST['project_status_test']); setGlobalSetting('project_status_hold', (int) $_POST['project_status_hold']); setGlobalSetting('project_status_completed', (int) $_POST['project_status_completed']); setGlobalSetting('project_status_closed', (int) $_POST['project_status_closed']); // set global status of redirection setGlobalSetting('redirect_status_completed', (int) $_POST['redirect_status_completed']); setGlobalSetting('redirect_status_disqual', (int) $_POST['redirect_status_disqual']); setGlobalSetting('redirect_status_qf', (int) $_POST['redirect_status_qf']); setGlobalSetting('redirect_status_redirected', (int) $_POST['redirect_status_redirected']); setGlobalSetting('redirect_status_rej_fail', (int) $_POST['redirect_status_rej_fail']); setGlobalSetting('redirect_status_rej_incosist', (int) $_POST['redirect_status_rej_incosist']); setGlobalSetting('redirect_status_rej_poor', (int) $_POST['redirect_status_rej_poor']); setGlobalSetting('redirect_status_rej_quality', (int) $_POST['redirect_status_rej_quality']); setGlobalSetting('redirect_status_rej_speed', (int) $_POST['redirect_status_rej_speed']); // EOF Gaurang $savetime = (double) $_POST['timeadjust'] * 60 . ' minutes'; //makes sure it is a number, at least 0 if (substr($savetime, 0, 1) != '-' && substr($savetime, 0, 1) != '+') { $savetime = '+' . $savetime; } setGlobalSetting('timeadjust', $savetime); setGlobalSetting('usercontrolSameGroupPolicy', strip_tags($_POST['usercontrolSameGroupPolicy'])); Yii::app()->session['flashmessage'] = $warning . $clang->gT("Global settings were saved."); $url = htmlspecialchars_decode(Yii::app()->session['refurl']); if ($url) { Yii::app()->getController()->redirect($url); } }
/** * Performs the AJAX update of box setting */ public function setBoxesSettings($boxesbyrow, $boxesoffset) { if (Yii::app()->getConfig('demoMode')) { Yii::app()->setFlashMessage(gT('This setting cannot be changed because demo mode is active.'), 'error'); $this->getController()->redirect(Yii::app()->getController()->createUrl("/admin/homepagesettings")); } if (Permission::model()->hasGlobalPermission('settings', 'update')) { setGlobalSetting('boxes_by_row', $boxesbyrow); setGlobalSetting('boxes_offset', $boxesoffset); return true; } }
<?php echo '<div class="header ui-widget-header">' . sprintf($clang->gT('ComfortUpdate step %s'), '2') . '</div><div class="updater-background"><br />'; if (!($error == "")) { print $error; } if (isset($updateinfo['error'])) { $clang->eT('On requesting the update information from limesurvey.org there has been an error:') . '<br />'; if ($updateinfo['error'] == 1) { setGlobalSetting('updatekey', ''); $clang->eT('Your update key is invalid and was removed. ') . '<br />'; } else { $clang->eT('On requesting the update information from limesurvey.org there has been an error:') . '<br />'; } } if (!isset($updateinfo['files'])) { echo "<div class='messagebox ui-corner-all'>\n <div class='warningheader'>" . $clang->gT('Update server busy') . "</div>\n <p>" . $clang->gT('The update server is currently busy. This usually happens when the update files for a new version are being prepared.') . "<br /><br />\n " . $clang->gT('Please be patient and try again in about 10 minutes.') . "</p></div>\n <p><button onclick=\"window.open('" . Yii::app()->getController()->createUrl("admin/globalsettings") . "', '_top')\">" . sprintf($clang->gT('Back to global settings'), '4') . "</button></p>"; } else { echo '<h3>' . $clang->gT('Checking existing LimeSurvey files...') . '</h3>'; if (count($readonlyfiles) > 0) { ?> <span class="warningtitle"><?php $clang->eT('Warning: The following files/directories need to be updated but their permissions are set to read-only.'); ?> <br /> <?php $clang->eT('You must set according write permissions on these filese before you can proceed. If you are unsure what to do please contact your system administrator for advice.'); ?> <br /> </span><ul>
function step4() { $clang = $this->getController()->lang; $buildnumber = Yii::app()->getConfig("buildnumber"); $tempdir = Yii::app()->getConfig("tempdir"); $updatebuild = getGlobalSetting("updatebuild"); $rootdir = Yii::app()->getConfig("rootdir"); $publicdir = Yii::app()->getConfig("publicdir"); $tempdir = Yii::app()->getConfig("tempdir"); $aDatabasetype = Yii::app()->db->getDriverName(); // Request the list with changed files from the server $aData = array(); if (!isset(Yii::app()->session['updateinfo'])) { if ($updateinfo['error'] == 1) { } } else { $updateinfo = Yii::app()->session['updateinfo']; } // this is the last step - Download the zip file, unpack it and replace files accordingly // Create DB and file backups now $downloaderror = false; Yii::import('application.libraries.admin.http.httpRequestIt'); $http = new httpRequestIt(); $http->proxy_host_name = Yii::app()->getConfig("proxy_host_name", ""); $http->proxy_host_port = Yii::app()->getConfig("proxy_host_port", 80); // Allow redirects $http->follow_redirect = 1; /* Connection timeout */ $http->timeout = 0; /* Data transfer timeout */ $http->data_timeout = 0; $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"; $http->GetRequestArguments($this->getProtocol() . "update.limesurvey.org/updates/download/{$updateinfo['downloadid']}", $arguments); $http->RestoreCookies(Yii::app()->session['updatesession']); $error = $http->Open($arguments); $error = $http->SendRequest($arguments); $http->ReadReplyHeaders($headers); if ($headers['content-type'] == 'text/html') { @unlink($tempdir . '/update.zip'); } else { if ($error == '') { $body = ''; $pFile = fopen($tempdir . '/update.zip', 'w'); for (;;) { $error = $http->ReadReplyBody($body, 100000); if ($error != "" || strlen($body) == 0) { break; } fwrite($pFile, $body); } fclose($pFile); } else { print $error; } } //Now unzip the new files over the existing ones. $new_files = false; if (file_exists($tempdir . '/update.zip')) { Yii::app()->loadLibrary("admin/pclzip"); $archive = new PclZip($tempdir . '/update.zip'); if ($archive->extract(PCLZIP_OPT_PATH, $rootdir . '/', PCLZIP_OPT_REPLACE_NEWER) == 0) { die("Error : " . $archive->errorInfo(true)); } else { $new_files = true; unlink($tempdir . '/update.zip'); } } else { $downloaderror = true; } // Now remove all files that are to be deleted according to update process // This happens after unzipping foreach ($updateinfo['files'] as $afile) { if ($afile['type'] == 'D' && file_exists($rootdir . $afile['file'])) { if (is_file($rootdir . $afile['file'])) { @unlink($rootdir . $afile['file']); } else { rmdirr($rootdir . $afile['file']); } } } $aData['new_files'] = $new_files; $aData['downloaderror'] = $downloaderror; // PclTraceDisplay(); // Now we have to update version.php if (!$downloaderror) { @ini_set('auto_detect_line_endings', true); $versionlines = file($rootdir . '/application/config/version.php'); $handle = fopen($rootdir . '/application/config/version.php', "w"); foreach ($versionlines as $line) { if (strpos($line, 'buildnumber') !== false) { $line = '$config[\'buildnumber\'] = ' . Yii::app()->session['updateinfo']['toversion'] . ';' . "\r\n"; } fwrite($handle, $line); } fclose($handle); } setGlobalSetting('updateavailable', '0'); setGlobalSetting('updatebuild', ''); setGlobalSetting('updateversions', ''); // We redirect here because the files might have been overwritten earlier // and classes may have been changed that would be needed in the view Yii::app()->session['installlstep4b'] = $aData; Yii::app()->getController()->redirect(array('/admin/update/sa/step4b')); }
/** * This method construct a template object, having all the needed configuration datas. * It checks if the required template is a core one or a user one. * If it's a user template, it will check if it's an old 2.0x template to provide default configuration values corresponding to the old template system * If it's not an old template, it will check if it has a configuration file to load its datas. * If it's not the case (template probably doesn't exist), it will load the default template configuration * TODO : more tests should be done, with a call to private function _is_valid_template(), testing not only if it has a config.xml, but also id this file is correct, if it has the needed pstpl files, if the files refered in css exist, etc. * * @param string $sTemplateName the name of the template to load. The string come from the template selector in survey settings * @param integer $iSurveyId the id of the survey. If */ public function setTemplateConfiguration($sTemplateName = '', $iSurveyId = '') { // If it's called from template editor, a template name will be provided. // If it's called for survey taking, a survey id will be provided if ($sTemplateName == '' && $iSurveyId == '') { throw new TemplateException("Template needs either template name or survey id"); } $this->sTemplateName = $sTemplateName; $this->iSurveyId = $iSurveyId; if ($sTemplateName == '') { $this->oSurvey = Survey::model()->findByPk($iSurveyId); $this->sTemplateName = $this->oSurvey->template; } // We check if it's a CORE template $this->isStandard = $this->setIsStandard(); // If the template is standard, its root is based on standardtemplaterootdir if ($this->isStandard) { $this->path = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; } else { $this->path = Yii::app()->getConfig("usertemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; } // If the template directory doesn't exist, it can be that: // - user deleted a custom theme // In any case, we just set Default as the template to use if (!is_dir($this->path)) { $this->sTemplateName = 'default'; $this->isStandard = true; $this->path = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; setGlobalSetting('defaulttemplate', 'default'); } // If the template don't have a config file (maybe it has been deleted, or whatever), // then, we load the default template $this->hasConfigFile = is_file($this->path . DIRECTORY_SEPARATOR . 'config.xml'); $this->isOldTemplate = !$this->hasConfigFile && is_file($this->path . DIRECTORY_SEPARATOR . 'startpage.pstpl'); // TODO: more complex checks if (!$this->hasConfigFile) { // If it's an imported template from 2.06, we return default values if ($this->isOldTemplate) { $this->xmlFile = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . 'minimal-config.xml'; } else { $this->path = Yii::app()->getConfig("standardtemplaterootdir") . DIRECTORY_SEPARATOR . $this->sTemplateName; $this->xmlFile = $this->path . DIRECTORY_SEPARATOR . 'config.xml'; } } else { $this->xmlFile = $this->path . DIRECTORY_SEPARATOR . 'config.xml'; } // We load the config file $this->config = simplexml_load_file(realpath($this->xmlFile)); // Template configuration. $this->viewPath = $this->path . DIRECTORY_SEPARATOR . $this->config->engine->pstpldirectory . DIRECTORY_SEPARATOR; $this->siteLogo = isset($this->config->files->logo) ? $this->config->files->logo->filename : ''; // condition for user's template prior to 160219 (before this build, this configuration field wasn't present in the config.xml) $this->filesPath = isset($this->config->engine->filesdirectory) ? $this->path . DIRECTORY_SEPARATOR . $this->config->engine->filesdirectory . DIRECTORY_SEPARATOR : $this->path . '/files/'; // condition for user's template prior to 160504 $this->overwrite_question_views = isset($this->config->engine->overwrite_question_views) ? $this->config->engine->overwrite_question_views == 'true' || $this->config->engine->overwrite_question_views == 'yes' : false; $this->cssFramework = $this->config->engine->cssframework; $this->packages = (array) $this->config->engine->packages->package; $this->otherFiles = $this->setOtherFiles(); $this->depends = $this->packages; //$this->depends[] = (string) $this->cssFramework; // Bootstrap CSS is no more needed for Bootstrap templates (their custom css like "flat_and_modern.css" is a custom version of bootstrap.css ) $this->createTemplatePackage(); return $this; }
/** * Destroy the global settings stored in the settings (they sould not be used anymore...) * @return NULL (TODO : return status) */ public function destroyGlobalSettings() { setGlobalSetting('updateavailable', '0'); setGlobalSetting('updatebuild', ''); setGlobalSetting('updateversions', ''); }
/** * This function updates the actual global variables if an update is available after using GetUpdateInfo * @return Array with update or error information */ function updatecheck() { global $buildnumber; $updateinfo = GetUpdateInfo(); if (isset($updateinfo['Targetversion']['build']) && (int) $updateinfo['Targetversion']['build'] > (int) $buildnumber && trim($buildnumber) != '') { setGlobalSetting('updateavailable', 1); setGlobalSetting('updatebuild', $updateinfo['Targetversion']['build']); setGlobalSetting('updateversion', $updateinfo['Targetversion']['versionnumber']); } else { setGlobalSetting('updateavailable', 0); } setGlobalSetting('updatelastcheck', date('Y-m-d H:i:s')); return $updateinfo; }
private function _saveSettings() { if ($_POST['action'] !== "globalsettingssave") { return; } if (Yii::app()->session['USER_RIGHT_CONFIGURATOR'] != 1) { $this->getController()->redirect($this->getController()->createUrl('/admin')); } $clang = $this->getController()->lang; Yii::app()->loadHelper('surveytranslator'); $maxemails = $_POST['maxemails']; if (sanitize_int($_POST['maxemails']) < 1) { $maxemails = 1; } $defaultlang = sanitize_languagecode($_POST['defaultlang']); $aRestrictToLanguages = explode(' ', sanitize_languagecodeS($_POST['restrictToLanguages'])); if (!in_array($defaultlang, $aRestrictToLanguages)) { // Force default language in restrictToLanguages $aRestrictToLanguages[] = $defaultlang; } if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) { $aRestrictToLanguages = ''; } else { $aRestrictToLanguages = implode(' ', $aRestrictToLanguages); } setGlobalSetting('defaultlang', $defaultlang); setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages)); setGlobalSetting('sitename', strip_tags($_POST['sitename'])); setGlobalSetting('updatecheckperiod', (int) $_POST['updatecheckperiod']); setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string($_POST['defaulthtmleditormode'])); setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string($_POST['defaultquestionselectormode'])); setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string($_POST['defaulttemplateeditormode'])); setGlobalSetting('defaulttemplate', sanitize_paranoid_string($_POST['defaulttemplate'])); setGlobalSetting('admintheme', sanitize_paranoid_string($_POST['admintheme'])); setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . sanitize_paranoid_string($_POST['admintheme']) . DIRECTORY_SEPARATOR . 'iconsize'))); setGlobalSetting('emailmethod', strip_tags($_POST['emailmethod'])); setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost'))); if (returnGlobal('emailsmtppassword') != 'somepassword') { setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword'))); } setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost'))); setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype'))); setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption'))); setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser'))); if (returnGlobal('bounceaccountpass') != 'enteredpassword') { setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass'))); } setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', ''))); setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0'))); setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser'))); setGlobalSetting('filterxsshtml', strip_tags($_POST['filterxsshtml'])); setGlobalSetting('siteadminbounce', strip_tags($_POST['siteadminbounce'])); setGlobalSetting('siteadminemail', strip_tags($_POST['siteadminemail'])); setGlobalSetting('siteadminname', strip_tags($_POST['siteadminname'])); setGlobalSetting('shownoanswer', sanitize_int($_POST['shownoanswer'])); setGlobalSetting('showxquestions', $_POST['showxquestions']); setGlobalSetting('showgroupinfo', $_POST['showgroupinfo']); setGlobalSetting('showqnumcode', $_POST['showqnumcode']); $repeatheadingstemp = (int) $_POST['repeatheadings']; if ($repeatheadingstemp == 0) { $repeatheadingstemp = 25; } setGlobalSetting('repeatheadings', $repeatheadingstemp); setGlobalSetting('maxemails', sanitize_int($maxemails)); $iSessionExpirationTime = (int) $_POST['iSessionExpirationTime']; if ($iSessionExpirationTime == 0) { $iSessionExpirationTime = 7200; } setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime); setGlobalSetting('ipInfoDbAPIKey', $_POST['ipInfoDbAPIKey']); setGlobalSetting('googleMapsAPIKey', $_POST['googleMapsAPIKey']); setGlobalSetting('googleanalyticsapikey', $_POST['googleanalyticsapikey']); setGlobalSetting('googletranslateapikey', $_POST['googletranslateapikey']); setGlobalSetting('force_ssl', $_POST['force_ssl']); setGlobalSetting('surveyPreview_require_Auth', $_POST['surveyPreview_require_Auth']); setGlobalSetting('RPCInterface', $_POST['RPCInterface']); $savetime = (double) $_POST['timeadjust'] * 60 . ' minutes'; //makes sure it is a number, at least 0 if (substr($savetime, 0, 1) != '-' && substr($savetime, 0, 1) != '+') { $savetime = '+' . $savetime; } setGlobalSetting('timeadjust', $savetime); setGlobalSetting('usercontrolSameGroupPolicy', strip_tags($_POST['usercontrolSameGroupPolicy'])); Yii::app()->session['flashmessage'] = $clang->gT("Global settings were saved."); $url = htmlspecialchars_decode(Yii::app()->session['refurl']); if ($url) { Yii::app()->getController()->redirect($url); } }
/** * This function updates the actual global variables if an update is available after using getUpdateInfo * @return Array with update or error information */ function updateCheck() { $aUpdateVersions = getUpdateInfo(); if (isset($aUpdateVersions['errorcode'])) { Yii::app()->setFlashMessage(sprintf(gT("Error when checking for new version: %s"), $aUpdateVersions['errorcode']) . '<br>' . $aUpdateVersions['errorhtml'], 'error'); $aUpdateVersions = array(); } setGlobalSetting('updateversions', json_encode($aUpdateVersions)); if (isset($aUpdateVersion)) { setGlobalSetting('updateavailable', 1); setGlobalSetting('updatebuild', $aUpdateVersion['build']); setGlobalSetting('updateversion', $aUpdateVersion['versionnumber']); } else { setGlobalSetting('updateavailable', 0); $aUpdateVersions = array(); } setGlobalSetting('updatelastcheck', date('Y-m-d H:i:s')); return $aUpdateVersions; }