Changesets: LimeSurvey
master da4db6e4 2023-11-09 22:44:37 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue #18995: [security] Confidentiality issue about username (03512) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 18995 |
|
mod - application/controllers/admin/Database.php | Diff File | ||
mod - application/models/services/SurveyUpdater/GeneralSettings.php | Diff File | ||
mod - tests/unit/services/SurveyUpdater/GeneralSettings/GeneralSettingsExceptionsTest.php | Diff File | ||
mod - tests/unit/services/SurveyUpdater/GeneralSettings/GeneralSettingsFactory.php | Diff File | ||
mod - tests/unit/services/SurveyUpdater/GeneralSettings/GeneralSettingsMockSet.php | Diff File | ||
mod - tests/unit/services/SurveyUpdater/GeneralSettings/GeneralSettingsMockSetFactory.php | Diff File | ||
mod - tests/unit/services/SurveyUpdater/GeneralSettings/GeneralSettingsUpdateOwnerTest.php | Diff File | ||
5.x 031ba27e 2023-11-09 20:36:21 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue #19114: [security] Admin with Settings & Plugins permission only can store XSS in Survey menus (#3553) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19114 |
|
mod - application/models/SurveymenuEntries.php | Diff File | ||
5.x 09edd85f 2023-11-09 20:25:47 Committer: GitHub Details Diff |
Fixed issue 19086: Survey Theme Options - image preview does not work (#3562) |
Affected Issues 19086 |
|
mod - application/views/themeOptions/options_core.php | Diff File | ||
mod - assets/packages/themeoptions-core/themeoptions-core.js | Diff File | ||
master 47ec6559 2023-11-09 19:26:46 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue 19081: Lato fonts are loaded from Google fonts instead of solely using the ones shipped with limesurvey itself (#3543) Co-authored-by: Lapiu Dev <devgit@lapiu.biz> |
Affected Issues 19081 |
|
add - themes/survey/bootswatch/css/variations/README.txt | Diff File | ||
mod - themes/survey/bootswatch/css/variations/cosmos.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/cyborg.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/darkly.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/flatly.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/journal.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/lumen.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/paper.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/readable.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/sandstone.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/simplex.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/spacelab.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/superhero.min.css | Diff File | ||
mod - themes/survey/bootswatch/css/variations/yeti.min.css | Diff File | ||
5.x 01e27162 2023-11-09 19:19:47 Committer: GitHub Details Diff |
Fixed issue #19211: [security] CSRF In Copy Survey (#3601) |
Affected Issues 19211 |
|
mod - application/controllers/SurveyAdministrationController.php | Diff File | ||
master e5a86df8 2023-11-09 19:13:56 Committer: GitHub Details Diff |
Fixed issue #19211: [security] CSRF In Copy Survey (03600) |
Affected Issues 19211 |
|
mod - application/controllers/SurveyAdministrationController.php | Diff File | ||
master 98fc47b6 2023-11-09 18:58:38 Committer: GitHub Details Diff |
Fixed issue 19214: JSON RPC response content type should be application/json (03610) |
Affected Issues 19214 |
|
mod - application/libraries/LSjsonRPCServer.php | Diff File | ||
5.x 4cca25e1 2023-11-09 18:58:13 Committer: GitHub Details Diff |
Fixed issue 19214: JSON RPC response content type should be application/json (03611) |
Affected Issues 19214 |
|
mod - application/libraries/LSjsonRPCServer.php | Diff File | ||
master c3bc60f2 2023-11-09 18:27:40 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue 19224: Advanced ranking does not respect max answers when drag-n-drop (#3608) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19224 |
|
mod - themes/question/ranking_advanced/survey/questions/answer/ranking/assets/scripts/advanced_ranking.js | Diff File | ||
master c3bc60f2 2023-11-09 18:27:40 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue 19224: Advanced ranking does not respect max answers when drag-n-drop (#3608) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19224 |
|
mod - themes/question/ranking_advanced/survey/questions/answer/ranking/assets/scripts/advanced_ranking.js | Diff File | ||
5.x b8f1c0a8 2023-11-09 12:08:41 Details Diff |
Fixed issue: Update can fail if there are label codes longer than 5 characters (cherry picked from commit 30a7797f83448decb628c43a1bceaa461f51896d) |
||
mod - application/helpers/update/updates/Update_400.php | Diff File | ||
master 30a7797f 2023-11-09 12:08:41 Details Diff |
Fixed issue: Update can fail if there are label codes longer than 5 characters | ||
mod - application/helpers/update/updates/Update_400.php | Diff File | ||
5.x 7d374449 2023-11-08 13:41:02 Details Diff |
Revert "Fixed issue #19117: [security] Account past their expiration date can be still active (03524)" This reverts commit 0e78d7e89cb3791dc3241accbc3b8868e3558d56. This commit breaks upgrade from LS3 to LS5. |
Affected Issues 19117 |
|
mod - application/controllers/admin/Authentication.php | Diff File | ||
mod - application/core/LSWebUser.php | Diff File | ||
mod - application/core/Traits/LSApplicationTrait.php | Diff File | ||
mod - application/models/User.php | Diff File | ||
master 8e9d0818 2023-11-08 11:46:45 Committer: GitHub Details Diff |
Fixed issue CR-1352: Saving subquestions and answers caused display errors (03514) | ||
mod - assets/scripts/admin/questionEditor.js | Diff File | ||
master 24ffc5c1 2023-11-07 16:19:39 Committer: GitHub Details Diff |
Fixed issue 19215: PHP81 + debug PHP Notice when import some lss (03589) |
Affected Issues 19215 |
|
mod - application/helpers/common_helper.php | Diff File | ||
master 5dfeae87 2023-11-07 16:15:58 Committer: GitHub Details Diff |
Fixed issue 19218: PHP error with PHP81 and debug with strpos in asSplitStringOnExpressions function (#3597) |
Affected Issues 19218 |
|
mod - application/helpers/expressions/em_manager_helper.php | Diff File | ||
5.x 675ffdb3 2023-11-07 15:24:10 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue #19162: [security] File Upload causes XSS in Central participant management/Import file CSV (#3585) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19162 |
|
mod - application/controllers/admin/ParticipantsAction.php | Diff File | ||
mod - application/views/admin/participants/uploadSummary_view.php | Diff File | ||
5.x 675ffdb3 2023-11-07 15:24:10 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue #19162: [security] File Upload causes XSS in Central participant management/Import file CSV (#3585) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19162 |
|
mod - application/controllers/admin/ParticipantsAction.php | Diff File | ||
mod - application/views/admin/participants/uploadSummary_view.php | Diff File | ||
master a75a3177 2023-11-07 15:22:32 Gabriel Jenik Committer: GitHub Details Diff |
Fixed issue #19162: [security] File Upload causes XSS in Central participant management/Import file CSV (03584) Co-authored-by: lapiudevgit <devgit@lapiu.biz> |
Affected Issues 19162 |
|
mod - application/controllers/admin/ParticipantsAction.php | Diff File | ||
mod - application/views/admin/participants/uploadSummary_view.php | Diff File | ||
master 51705eb6 2023-11-07 09:45:07 Committer: GitHub Details Diff |
Fixed issue 18350: activate_survey does not correctly set inherited properties for Notification and data management (#3595) |
Affected Issues 18350 |
|
mod - application/helpers/remotecontrol/remotecontrol_handle.php | Diff File | ||
master 5b2ca643 2023-11-06 19:29:20 Details Diff |
Dev: fix merge (or PR) issue | ||
mod - application/controllers/UserManagementController.php | Diff File | ||
master 6c102006 2023-11-06 15:42:18 Committer: GitHub Details Diff |
Fixed issue 19086: Survey Theme Options - image preview does not work (03557) |
Affected Issues 19086 |
|
mod - application/views/themeOptions/options_core.php | Diff File | ||
mod - assets/packages/themeoptions-core/themeoptions-core.js | Diff File | ||
master e0fefafb 2023-11-06 14:56:03 Committer: GitHub Details Diff |
isValidPatch for OpHandlerQuestionAttributeUpdate (03602) | ||
mod - application/libraries/Api/Command/V1/SurveyPatch/OpHandlerQuestionAttributeUpdate.php | Diff File | ||
master fbd47246 2023-11-06 14:50:34 Committer: GitHub Details Diff |
Fixed issue #19118: [security] Improper permission management on bulk actions (03580) |
Affected Issues 19118 |
|
mod - application/controllers/UserManagementController.php | Diff File | ||
5.x fcd22aad 2023-11-06 14:49:49 Committer: GitHub Details Diff |
Fixed issue #19118: [security] Improper permission management on bulk actions (03579) |
Affected Issues 19118 |
|
mod - application/controllers/UserManagementController.php | Diff File |