17480: Unable to reload with token + persistence + allow edit

This bug affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

17480	Bug reports	Survey participants (Tokens)	public	2021-07-27 16:50	2021-08-12 08:46

Reporter	DenisChenu	Assigned To	DenisChenu
Priority	none	Severity	partial_block
Status	closed	Resolution	fixed
Product Version	3.25.20

Summary	17480: Unable to reload with token + persistence + allow edit
Description	When you start a survey with token but without persistence + allow edit can break : if you enable it after : it can broke and disable reloading.
Steps To Reproduce	Import included survey Create a token Launch in private mode, go to page 3 and save as titi/toto (or another user pass : don't care) Close private windows Update Survey with Enable token-based response persistence: ON and Allow multiple responses or update responses with one token: ON Launch survey with token Survey is empty. Activate debug mode : Undefined variable: sLoadPass
Additional Information	Issue with loading SurveyDynamic::model($surveyid)->with('saved_control')->find($oCriteria); even in saved_control is not needed.
Tags	No tags attached.
Attached Files	survey_archive_847856.lsa (4,001 bytes) PHP notice.html (17,354 bytes) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>PHP notice</title> <style type="text/css"> /<![CDATA[/ html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{border:0;outline:0;font-size:100%;vertical-align:baseline;background:transparent;margin:0;padding:0;} body{line-height:1;} ol,ul{list-style:none;} blockquote,q{quotes:none;} blockquote:before,blockquote:after,q:before,q:after{content:none;} :focus{outline:0;} ins{text-decoration:none;} del{text-decoration:line-through;} table{border-collapse:collapse;border-spacing:0;} body { font: normal 9pt "Verdana"; color: #000; background: #fff; } h1 { font: normal 18pt "Verdana"; color: #f00; margin-bottom: .5em; } h2 { font: normal 14pt "Verdana"; color: #800000; margin-bottom: .5em; } h3 { font: bold 11pt "Verdana"; } pre { font: normal 11pt Menlo, Consolas, "Lucida Console", Monospace; } pre span.error { display: block; background: #fce3e3; } pre span.ln { color: #999; padding-right: 0.5em; border-right: 1px solid #ccc; } pre span.error-ln { font-weight: bold; } .container { margin: 1em 4em; } .version { color: gray; font-size: 8pt; border-top: 1px solid #aaa; padding-top: 1em; margin-bottom: 1em; } .message { color: #000; padding: 1em; font-size: 11pt; background: #f3f3f3; -webkit-border-radius: 10px; -moz-border-radius: 10px; border-radius: 10px; margin-bottom: 1em; line-height: 160%; } .source { margin-bottom: 1em; } .code pre { background-color: #ffe; margin: 0.5em 0; padding: 0.5em; line-height: 125%; border: 1px solid #eee; } .source .file { margin-bottom: 1em; font-weight: bold; } .traces { margin: 2em 0; } .trace { margin: 0.5em 0; padding: 0.5em; } .trace.app { border: 1px dashed #c00; } .trace .number { text-align: right; width: 2em; padding: 0.5em; } .trace .content { padding: 0.5em; } .trace .plus, .trace .minus { display:inline; vertical-align:middle; text-align:center; border:1px solid #000; color:#000; font-size:10px; line-height:10px; margin:0; padding:0 1px; width:10px; height:10px; } .trace.collapsed .minus, .trace.expanded .plus, .trace.collapsed pre { display: none; } .trace-file { cursor: pointer; padding: 0.2em; } .trace-file:hover { background: #f0ffff; } /]]>/ </style> </head> <body> <div class="container"> <h1>PHP notice</h1> <p class="message"> Undefined variable: sLoadPass </p> <div class="source"> <p class="file">/data/webdev/3fixes/application/helpers/frontend_helper.php(58)</p> <div class="code"><pre><span class="ln">46</span> return false; <span class="ln">47</span> } <span class="ln">48</span> $oCriteria->params = $aParams; <span class="ln">49</span> $oResponses = SurveyDynamic::model($surveyid)->with('saved_control')->find($oCriteria); <span class="ln">50</span> <span class="ln">51</span> if (!$oResponses) { <span class="ln">52</span> return false; <span class="ln">53</span> } <span class="ln">54</span> <span class="ln">55</span> if (isset($oResponses->saved_control) && $oResponses->saved_control) { <span class="ln">56</span> $saved_control = $oResponses->saved_control; <span class="ln">57</span> $access_code = $oResponses->saved_control->access_code; <span class="error"><span class="ln error-ln">58</span> $md5_code = md5($sLoadPass); </span><span class="ln">59</span> $sha256_code = hash('sha256', $sLoadPass); <span class="ln">60</span> if ($md5_code === $access_code \|\| $sha256_code === $access_code \|\| password_verify($sLoadPass, $access_code)) { <span class="ln">61</span> //A match has been found. Let's load the values! <span class="ln">62</span> //If this is from an email, build surveysession first <span class="ln">63</span> $_SESSION['survey_' . $surveyid]['LEMtokenResume'] = true; <span class="ln">64</span> <span class="ln">65</span> // If survey come from reload (GET or POST); some value need to be found on saved_control, not on survey <span class="ln">66</span> if (Yii::app()->request->getParam('loadall') === "reload") { <span class="ln">67</span> // We don't need to control if we have one, because we do the test before <span class="ln">68</span> $_SESSION['survey_' . $surveyid]['scid'] = $saved_control->scid; <span class="ln">69</span> $_SESSION['survey_' . $surveyid]['step'] = ($saved_control->saved_thisstep > 1) ? $saved_control->saved_thisstep : 1; <span class="ln">70</span> $thisstep = $_SESSION['survey_' . $surveyid]['step'] - 1; // deprecated ? </pre></div> </div> <div class="traces"> <h2>Stack Trace</h2> <table style="width:100%;"> <tbody><tr class="trace app expanded"> <td class="number"> #0 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/application/controllers/survey/index.php(556): <strong>loadanswers</strong>() </div> <div class="code"><pre><span class="ln">551</span> // alloweditaftercompletion <span class="ln">552</span> if (!empty($oResponse->submitdate)) { <span class="ln">553</span> $_SESSION['survey_'.$surveyid]['maxstep'] = $_SESSION['survey_'.$surveyid]['totalsteps']; <span class="ln">554</span> } <span class="ln">555</span> <span class="error"><span class="ln error-ln">556</span> loadanswers(); </span><span class="ln">557</span> randomizationGroupsAndQuestions($surveyid); <span class="ln">558</span> initFieldArray($surveyid, $_SESSION['survey_'.$surveyid]['fieldmap']); <span class="ln">559</span> } <span class="ln">560</span> } <span class="ln">561</span> } </pre></div> </td> </tr> <tr class="trace app expanded"> <td class="number"> #1 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/application/controllers/survey/index.php(24): <strong>index</strong>-><strong>action</strong>() </div> <div class="code"><pre><span class="ln">19</span> public $oTemplate; <span class="ln">20</span> <span class="ln">21</span> public function run() <span class="ln">22</span> { <span class="ln">23</span> useFirebug(); <span class="error"><span class="ln error-ln">24</span> $this->action(); </span><span class="ln">25</span> } <span class="ln">26</span> <span class="ln">27</span> public function action() <span class="ln">28</span> { <span class="ln">29</span> global $surveyid; </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #2 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/actions/CAction.php(76): <strong>index</strong>-><strong>run</strong>() </div> <div class="code"><pre><span class="ln">71</span> { <span class="ln">72</span> $method=new ReflectionMethod($this, 'run'); <span class="ln">73</span> if($method->getNumberOfParameters()>0) <span class="ln">74</span> return $this->runWithParamsInternal($this, $method, $params); <span class="ln">75</span> <span class="error"><span class="ln error-ln">76</span> $this->run(); </span><span class="ln">77</span> return true; <span class="ln">78</span> } <span class="ln">79</span> <span class="ln">80</span> /** <span class="ln">81</span> * Executes a method of an object with the supplied named parameters. </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #3 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/CController.php(308): <strong>CAction</strong>-><strong>runWithParams</strong>(array("r" => "survey/index", "sid" => "847856", "token" => "TEST", "newtest" => "Y")) </div> <div class="code"><pre><span class="ln">303</span> { <span class="ln">304</span> $priorAction=$this->_action; <span class="ln">305</span> $this->_action=$action; <span class="ln">306</span> if($this->beforeAction($action)) <span class="ln">307</span> { <span class="error"><span class="ln error-ln">308</span> if($action->runWithParams($this->getActionParams())===false) </span><span class="ln">309</span> $this->invalidActionParams($action); <span class="ln">310</span> else <span class="ln">311</span> $this->afterAction($action); <span class="ln">312</span> } <span class="ln">313</span> $this->_action=$priorAction; </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #4 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/CController.php(286): <strong>CController</strong>-><strong>runAction</strong>(index) </div> <div class="code"><pre><span class="ln">281</span> * @see runAction <span class="ln">282</span> / <span class="ln">283</span> public function runActionWithFilters($action,$filters) <span class="ln">284</span> { <span class="ln">285</span> if(empty($filters)) <span class="error"><span class="ln error-ln">286</span> $this->runAction($action); </span><span class="ln">287</span> else <span class="ln">288</span> { <span class="ln">289</span> $priorAction=$this->_action; <span class="ln">290</span> $this->_action=$action; <span class="ln">291</span> CFilterChain::create($this,$action,$filters)->run(); </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #5 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/CController.php(265): <strong>CController</strong>-><strong>runActionWithFilters</strong>(index, array()) </div> <div class="code"><pre><span class="ln">260</span> { <span class="ln">261</span> if(($parent=$this->getModule())===null) <span class="ln">262</span> $parent=Yii::app(); <span class="ln">263</span> if($parent->beforeControllerAction($this,$action)) <span class="ln">264</span> { <span class="error"><span class="ln error-ln">265</span> $this->runActionWithFilters($action,$this->filters()); </span><span class="ln">266</span> $parent->afterControllerAction($this,$action); <span class="ln">267</span> } <span class="ln">268</span> } <span class="ln">269</span> else <span class="ln">270</span> $this->missingAction($actionID); </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #6 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/CWebApplication.php(282): <strong>CController</strong>-><strong>run</strong>("index") </div> <div class="code"><pre><span class="ln">277</span> { <span class="ln">278</span> list($controller,$actionID)=$ca; <span class="ln">279</span> $oldController=$this->_controller; <span class="ln">280</span> $this->_controller=$controller; <span class="ln">281</span> $controller->init(); <span class="error"><span class="ln error-ln">282</span> $controller->run($actionID); </span><span class="ln">283</span> $this->_controller=$oldController; <span class="ln">284</span> } <span class="ln">285</span> else <span class="ln">286</span> throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".', <span class="ln">287</span> array('{route}'=>$route===''?$this->defaultController:$route))); </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #7 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/web/CWebApplication.php(141): <strong>CWebApplication</strong>-><strong>runController</strong>("survey/index") </div> <div class="code"><pre><span class="ln">136</span> foreach(array_splice($this->catchAllRequest,1) as $name=>$value) <span class="ln">137</span> $_GET[$name]=$value; <span class="ln">138</span> } <span class="ln">139</span> else <span class="ln">140</span> $route=$this->getUrlManager()->parseUrl($this->getRequest()); <span class="error"><span class="ln error-ln">141</span> $this->runController($route); </span><span class="ln">142</span> } <span class="ln">143</span> <span class="ln">144</span> /* <span class="ln">145</span> * Registers the core application components. <span class="ln">146</span> * This method overrides the parent implementation by registering additional core components. </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #8 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/framework/base/CApplication.php(185): <strong>CWebApplication</strong>-><strong>processRequest</strong>() </div> <div class="code"><pre><span class="ln">180</span> public function run() <span class="ln">181</span> { <span class="ln">182</span> if($this->hasEventHandler('onBeginRequest')) <span class="ln">183</span> $this->onBeginRequest(new CEvent($this)); <span class="ln">184</span> register_shutdown_function(array($this,'end'),0,false); <span class="error"><span class="ln error-ln">185</span> $this->processRequest(); </span><span class="ln">186</span> if($this->hasEventHandler('onEndRequest')) <span class="ln">187</span> $this->onEndRequest(new CEvent($this)); <span class="ln">188</span> } <span class="ln">189</span> <span class="ln">190</span> /** </pre></div> </td> </tr> <tr class="trace app expanded"> <td class="number"> #9 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  /data/webdev/3fixes/index.php(194): <strong>CApplication</strong>-><strong>run</strong>() </div> <div class="code"><pre><span class="ln">189</span> require_once APPPATH . 'core/LSYii_Application' . EXT; <span class="ln">190</span> <span class="ln">191</span> $config = require_once(APPPATH . 'config/internal' . EXT); <span class="ln">192</span> <span class="ln">193</span> Yii::$enableIncludePath = false; <span class="error"><span class="ln error-ln">194</span> Yii::createApplication('LSYii_Application', $config)->run(); </span><span class="ln">195</span> <span class="ln">196</span> /* End of file index.php / <span class="ln">197</span> / Location: ./index.php / </pre></div> </td> </tr> </tbody></table> </div> <div class="version"> 2021-07-27 16:48:33 nginx/1.14.2 <a href="http://www.yiiframework.com/">Yii Framework</a>/1.1.24-dev </div> </div> <script type="text/javascript"> /<![CDATA[/ var traceReg = new RegExp("(^\|\\s)trace-file(\\s\|$)"); var collapsedReg = new RegExp("(^\|\\s)collapsed(\\s\|$)"); var e = document.getElementsByTagName("div"); for(var j=0,len=e.length;j<len;j++){ if(traceReg.test(e[j].className)){ e[j].onclick = function(){ var trace = this.parentNode.parentNode; if(collapsedReg.test(trace.className)) trace.className = trace.className.replace("collapsed", "expanded"); else trace.className = trace.className.replace("expanded", "collapsed"); } } } /]]>*/ </script> <div id="grammalecte_menu_main_button_shadow_host" style="width: 0px; height: 0px;"></div></body><script src="PHP%20notice_fichiers/api.js"></script></html> PHP notice.html (17,354 bytes)

Bug heat	4
Complete LimeSurvey version number (& build)	3.27.9
I will donate to the project if issue is resolved	No
Browser	not relevant
Database type & version	not relevant
Server OS (if known)	not relevant
Webserver software & version (if known)	not relevant
PHP Version	not relevant

User List	There are no users monitoring this issue.

DenisChenu 2021-07-27 17:59 developer ~65654	https://github.com/LimeSurvey/LimeSurvey/pull/1986 and https://github.com/LimeSurvey/LimeSurvey/pull/1985

ollehar 2021-07-27 19:30 administrator ~65655	Nice

ollehar 2021-07-27 19:31 administrator ~65656	Added to Zoho for testing.

DenisChenu 2021-07-30 10:58 developer ~65755	Fix committed to 3.x-LTS branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=32419

DenisChenu 2021-07-30 11:14 developer ~65756	Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=32420

LimeSurvey: 3.x-LTS 489306a7 2021-07-30 12:58 DenisChenu Committer: GitHub Details Diff	Merge pull request #1985 * Fixed issue 17480: Unable to reload with token + persistence + allow edit * Dev: Run composer install --no-dev	Affected Issues 17480
	mod - application/helpers/frontend_helper.php	Diff File
LimeSurvey: master 7e3d62d4 2021-07-30 13:14 DenisChenu Committer: GitHub Details Diff	Fixed issue 17480: Unable to reload with token + persistence + allow edit (#1986) Dev: Same fix than 3.X + findByPk	Affected Issues 17480
	mod - application/helpers/frontend_helper.php	Diff File
	mod - application/models/Response.php	Diff File

Date Modified	Username	Field	Change
2021-07-27 16:50	DenisChenu	New Issue
2021-07-27 16:50	DenisChenu	File Added: survey_archive_847856.lsa
2021-07-27 16:50	DenisChenu	File Added: PHP notice.html
2021-07-27 16:50	DenisChenu	Assigned To	=> DenisChenu
2021-07-27 16:50	DenisChenu	Status	new => assigned
2021-07-27 17:42	DenisChenu	Summary	Reload with token + persistence + allow edit can break => Unable to reload with token + persistence + allow edit
2021-07-27 17:58	DenisChenu	Assigned To	DenisChenu => ollehar
2021-07-27 17:59	DenisChenu	Status	assigned => ready for testing
2021-07-27 17:59	DenisChenu	Note Added: 65654
2021-07-27 17:59	DenisChenu	Severity	minor => partial_block
2021-07-27 19:30	ollehar	Sync to Zoho Project	=> \|Yes\|
2021-07-27 19:30	ollehar	Note Added: 65655
2021-07-27 19:31	ollehar	Note Added: 65656
2021-07-30 10:58	DenisChenu	Changeset attached	=> LimeSurvey 3.x-LTS 489306a7
2021-07-30 10:58	DenisChenu	Note Added: 65755
2021-07-30 10:58	DenisChenu	Assigned To	ollehar => DenisChenu
2021-07-30 10:58	DenisChenu	Resolution	open => fixed
2021-07-30 11:14	DenisChenu	Changeset attached	=> LimeSurvey master 7e3d62d4
2021-07-30 11:14	DenisChenu	Note Added: 65756
2021-07-30 11:19	p_teichmann	Status	ready for testing => resolved
2021-08-12 08:46	c_schmitz	Status	resolved => closed

View Issue Details

Users monitoring this issue

Activities

Related Changesets

Issue History