View Issue Details

This bug affects 1 person(s).
 12
IDProjectCategoryView StatusLast Update
08033Bug reportsSurvey editingpublic2013-08-16 13:54
Reportermfaber Assigned Tokfegert  
PriorityhighSeveritypartial_block 
Status closedResolutionfixed 
Product Version2.05 RC 
Fixed in Version2.05 RC 
Summary08033: since enable CSRF protection: Cannot access advanced question attributes
Description

When clicking on "Show advanced settings", nothing happens.

This seems to be due to enabled CSRF protection.

When 'enableCsrfValidation' is set to false in LSYii_application it works again

Steps To Reproduce

edit a question in an existing survey
click on "Show advanced settings"
advanced settings are not shown

TagsNo tags attached.
Bug heat12
Complete LimeSurvey version number (& build)130722
I will donate to the project if issue is resolvedNo
BrowserFF, Chrome
Database type & versionMySQL 5.0.10
Server OS (if known)Win7
Webserver software & version (if known)Apache/2.4.3 (Win32)
PHP VersionPhP 5.4.7

Relationships

related to 08060 closedDenisChenu CRSF issue when trying to copy a template 
related to 08034 closed Error: The CSRF token could not be verified. 

Users monitoring this issue

mfaber

Activities

mfaber

mfaber

2013-08-03 08:43

reporter   ~25912

Don't know if this has been fixed but I cannot reproduce anymore.

mfaber

mfaber

2013-08-04 23:09

reporter   ~25926

Issue still exists.
I had deactivated CSRF protection for testing....that's why it worked.
:)

DenisChenu

DenisChenu

2013-08-08 09:50

developer   ~25942

Yes, we have a lot of json/ajax/ etc ... part to fix for CRSF.

kfegert

kfegert

2013-08-13 14:18

reporter   ~25988

Fix committed to 2.05 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=12852

mdekker

mdekker

2013-08-13 14:24

reporter   ~25989

Thanks for the commit! Next time try to use a different commit message

Fixed 08033: <bug description or anything better>

Then it will be added to the bug and the bug automatically.

mdekker

mdekker

2013-08-13 14:49

reporter   ~25993

Never mind, it was still processing ;-)

c_schmitz

c_schmitz

2013-08-16 13:54

administrator   ~26008

2.05 beta 6 released

Related Changesets

LimeSurvey: 2.05 4f75692a

2013-08-13 10:43:14

kfegert

Details Diff
Fixed issue 08033: since enable CSRF protection: Cannot access advanced question attributes
Dev there were two errors: 1. wrong Url Target 2. No YII_CSRF_TOKEN supplied
Affected Issues
08033
mod - application/views/admin/survey/Question/editQuestion_view.php Diff File
mod - scripts/admin/admin_core.js Diff File

Issue History

Date Modified Username Field Change
2013-07-22 21:59 mfaber New Issue
2013-07-22 21:59 mfaber Issue Monitored: mfaber
2013-07-31 00:35 mfaber Relationship added related to 08060
2013-07-31 00:37 mfaber Relationship added related to 08034
2013-08-03 08:43 mfaber Note Added: 25912
2013-08-03 08:43 mfaber Status new => closed
2013-08-03 08:43 mfaber Assigned To => mfaber
2013-08-03 08:43 mfaber Resolution open => unable to reproduce
2013-08-04 23:09 mfaber Assigned To mfaber =>
2013-08-04 23:09 mfaber Note Added: 25926
2013-08-04 23:09 mfaber Status closed => feedback
2013-08-04 23:09 mfaber Resolution unable to reproduce => reopened
2013-08-04 23:09 mfaber Reproducibility have not tried => always
2013-08-04 23:09 mfaber Status feedback => new
2013-08-08 09:50 DenisChenu Note Added: 25942
2013-08-13 14:18 kfegert Changeset attached => LimeSurvey 2.05 4f75692a
2013-08-13 14:18 kfegert Note Added: 25988
2013-08-13 14:18 kfegert Assigned To => kfegert
2013-08-13 14:24 mdekker Note Added: 25989
2013-08-13 14:24 mdekker Status new => resolved
2013-08-13 14:24 mdekker Fixed in Version => 2.05 RC
2013-08-13 14:24 mdekker Resolution reopened => fixed
2013-08-13 14:49 mdekker Note Added: 25993
2013-08-16 13:54 c_schmitz Note Added: 26008
2013-08-16 13:54 c_schmitz Status resolved => closed
2019-11-01 17:25 c_schmitz Category Survey design => Survey editing