View Issue Details

This bug affects 1 person(s).
 4
IDProjectCategoryView StatusLast Update
17480Bug reportsSurvey participants (Tokens)public2021-08-12 08:46
ReporterDenisChenu Assigned ToDenisChenu  
PrioritynoneSeveritypartial_block 
Status closedResolutionfixed 
Product Version3.25.20 
Summary17480: Unable to reload with token + persistence + allow edit
Description

When you start a survey with token but without persistence + allow edit can break : if you enable it after : it can broke and disable reloading.

Steps To Reproduce
  1. Import included survey
  2. Create a token
  3. Launch in private mode, go to page 3 and save as titi/toto (or another user pass : don't care)
  4. Close private windows
  5. Update Survey with Enable token-based response persistence: ON and Allow multiple responses or update responses with one token: ON
  6. Launch survey with token

Survey is empty.

Activate debug mode : Undefined variable: sLoadPass

Additional Information

Issue with loading SurveyDynamic::model($surveyid)->with('saved_control')->find($oCriteria);

even in saved_control is not needed.

TagsNo tags attached.
Attached Files
PHP notice.html (17,354 bytes)   
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>PHP notice</title>

<style type="text/css">
/*<![CDATA[*/
html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{border:0;outline:0;font-size:100%;vertical-align:baseline;background:transparent;margin:0;padding:0;}
body{line-height:1;}
ol,ul{list-style:none;}
blockquote,q{quotes:none;}
blockquote:before,blockquote:after,q:before,q:after{content:none;}
:focus{outline:0;}
ins{text-decoration:none;}
del{text-decoration:line-through;}
table{border-collapse:collapse;border-spacing:0;}

body {
	font: normal 9pt "Verdana";
	color: #000;
	background: #fff;
}

h1 {
	font: normal 18pt "Verdana";
	color: #f00;
	margin-bottom: .5em;
}

h2 {
	font: normal 14pt "Verdana";
	color: #800000;
	margin-bottom: .5em;
}

h3 {
	font: bold 11pt "Verdana";
}

pre {
	font: normal 11pt Menlo, Consolas, "Lucida Console", Monospace;
}

pre span.error {
	display: block;
	background: #fce3e3;
}

pre span.ln {
	color: #999;
	padding-right: 0.5em;
	border-right: 1px solid #ccc;
}

pre span.error-ln {
	font-weight: bold;
}

.container {
	margin: 1em 4em;
}

.version {
	color: gray;
	font-size: 8pt;
	border-top: 1px solid #aaa;
	padding-top: 1em;
	margin-bottom: 1em;
}

.message {
	color: #000;
	padding: 1em;
	font-size: 11pt;
	background: #f3f3f3;
	-webkit-border-radius: 10px;
	-moz-border-radius: 10px;
	border-radius: 10px;
	margin-bottom: 1em;
	line-height: 160%;
}

.source {
	margin-bottom: 1em;
}

.code pre {
	background-color: #ffe;
	margin: 0.5em 0;
	padding: 0.5em;
	line-height: 125%;
	border: 1px solid #eee;
}

.source .file {
	margin-bottom: 1em;
	font-weight: bold;
}

.traces {
	margin: 2em 0;
}

.trace {
	margin: 0.5em 0;
	padding: 0.5em;
}

.trace.app {
	border: 1px dashed #c00;
}

.trace .number {
	text-align: right;
	width: 2em;
	padding: 0.5em;
}

.trace .content {
	padding: 0.5em;
}

.trace .plus,
.trace .minus {
	display:inline;
	vertical-align:middle;
	text-align:center;
	border:1px solid #000;
	color:#000;
	font-size:10px;
	line-height:10px;
	margin:0;
	padding:0 1px;
	width:10px;
	height:10px;
}

.trace.collapsed .minus,
.trace.expanded .plus,
.trace.collapsed pre {
	display: none;
}

.trace-file {
	cursor: pointer;
	padding: 0.2em;
}

.trace-file:hover {
	background: #f0ffff;
}
/*]]>*/
</style>
</head>

<body>
<div class="container">
	<h1>PHP notice</h1>

	<p class="message">
		Undefined variable: sLoadPass	</p>

	<div class="source">
		<p class="file">/data/webdev/3fixes/application/helpers/frontend_helper.php(58)</p>
		<div class="code"><pre><span class="ln">46</span>         return false;
<span class="ln">47</span>     }
<span class="ln">48</span>     $oCriteria-&gt;params = $aParams;
<span class="ln">49</span>     $oResponses = SurveyDynamic::model($surveyid)-&gt;with('saved_control')-&gt;find($oCriteria);
<span class="ln">50</span> 
<span class="ln">51</span>     if (!$oResponses) {
<span class="ln">52</span>         return false;
<span class="ln">53</span>     }
<span class="ln">54</span> 
<span class="ln">55</span>     if (isset($oResponses-&gt;saved_control) &amp;&amp; $oResponses-&gt;saved_control) {
<span class="ln">56</span>         $saved_control = $oResponses-&gt;saved_control;
<span class="ln">57</span>         $access_code = $oResponses-&gt;saved_control-&gt;access_code;
<span class="error"><span class="ln error-ln">58</span>         $md5_code = md5($sLoadPass);
</span><span class="ln">59</span>         $sha256_code = hash('sha256', $sLoadPass);
<span class="ln">60</span>         if ($md5_code === $access_code || $sha256_code === $access_code || password_verify($sLoadPass, $access_code)) {
<span class="ln">61</span>             //A match has been found. Let's load the values!
<span class="ln">62</span>             //If this is from an email, build surveysession first
<span class="ln">63</span>             $_SESSION['survey_' . $surveyid]['LEMtokenResume'] = true;
<span class="ln">64</span> 
<span class="ln">65</span>             // If survey come from reload (GET or POST); some value need to be found on saved_control, not on survey
<span class="ln">66</span>             if (Yii::app()-&gt;request-&gt;getParam('loadall') === "reload") {
<span class="ln">67</span>                 // We don't need to control if we have one, because we do the test before
<span class="ln">68</span>                 $_SESSION['survey_' . $surveyid]['scid'] = $saved_control-&gt;scid;
<span class="ln">69</span>                 $_SESSION['survey_' . $surveyid]['step'] = ($saved_control-&gt;saved_thisstep &gt; 1) ? $saved_control-&gt;saved_thisstep : 1;
<span class="ln">70</span>                 $thisstep = $_SESSION['survey_' . $surveyid]['step'] - 1; // deprecated ?
</pre></div>	</div>

	<div class="traces">
		<h2>Stack Trace</h2>
				<table style="width:100%;">
						<tbody><tr class="trace app expanded">
			<td class="number">
				#0			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/application/controllers/survey/index.php(556): <strong>loadanswers</strong>()				</div>

				<div class="code"><pre><span class="ln">551</span>                         // alloweditaftercompletion
<span class="ln">552</span>                         if (!empty($oResponse-&gt;submitdate)) {
<span class="ln">553</span>                             $_SESSION['survey_'.$surveyid]['maxstep'] = $_SESSION['survey_'.$surveyid]['totalsteps'];
<span class="ln">554</span>                         }
<span class="ln">555</span> 
<span class="error"><span class="ln error-ln">556</span>                         loadanswers();
</span><span class="ln">557</span>                         randomizationGroupsAndQuestions($surveyid);
<span class="ln">558</span>                         initFieldArray($surveyid, $_SESSION['survey_'.$surveyid]['fieldmap']);
<span class="ln">559</span>                     }
<span class="ln">560</span>                 }
<span class="ln">561</span>             }
</pre></div>			</td>
		</tr>
						<tr class="trace app expanded">
			<td class="number">
				#1			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/application/controllers/survey/index.php(24): <strong>index</strong>-&gt;<strong>action</strong>()				</div>

				<div class="code"><pre><span class="ln">19</span>     public $oTemplate;
<span class="ln">20</span> 
<span class="ln">21</span>     public function run()
<span class="ln">22</span>     {
<span class="ln">23</span>         useFirebug();
<span class="error"><span class="ln error-ln">24</span>         $this-&gt;action();
</span><span class="ln">25</span>     }
<span class="ln">26</span> 
<span class="ln">27</span>     public function action()
<span class="ln">28</span>     {
<span class="ln">29</span>         global $surveyid;
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#2			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/actions/CAction.php(76): <strong>index</strong>-&gt;<strong>run</strong>()				</div>

				<div class="code"><pre><span class="ln">71</span>     {
<span class="ln">72</span>         $method=new ReflectionMethod($this, 'run');
<span class="ln">73</span>         if($method-&gt;getNumberOfParameters()&gt;0)
<span class="ln">74</span>             return $this-&gt;runWithParamsInternal($this, $method, $params);
<span class="ln">75</span> 
<span class="error"><span class="ln error-ln">76</span>         $this-&gt;run();
</span><span class="ln">77</span>         return true;
<span class="ln">78</span>     }
<span class="ln">79</span> 
<span class="ln">80</span>     /**
<span class="ln">81</span>      * Executes a method of an object with the supplied named parameters.
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#3			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/CController.php(308): <strong>CAction</strong>-&gt;<strong>runWithParams</strong>(array("r" =&gt; "survey/index", "sid" =&gt; "847856", "token" =&gt; "TEST", "newtest" =&gt; "Y"))				</div>

				<div class="code"><pre><span class="ln">303</span>     {
<span class="ln">304</span>         $priorAction=$this-&gt;_action;
<span class="ln">305</span>         $this-&gt;_action=$action;
<span class="ln">306</span>         if($this-&gt;beforeAction($action))
<span class="ln">307</span>         {
<span class="error"><span class="ln error-ln">308</span>             if($action-&gt;runWithParams($this-&gt;getActionParams())===false)
</span><span class="ln">309</span>                 $this-&gt;invalidActionParams($action);
<span class="ln">310</span>             else
<span class="ln">311</span>                 $this-&gt;afterAction($action);
<span class="ln">312</span>         }
<span class="ln">313</span>         $this-&gt;_action=$priorAction;
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#4			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/CController.php(286): <strong>CController</strong>-&gt;<strong>runAction</strong>(index)				</div>

				<div class="code"><pre><span class="ln">281</span>      * @see runAction
<span class="ln">282</span>      */
<span class="ln">283</span>     public function runActionWithFilters($action,$filters)
<span class="ln">284</span>     {
<span class="ln">285</span>         if(empty($filters))
<span class="error"><span class="ln error-ln">286</span>             $this-&gt;runAction($action);
</span><span class="ln">287</span>         else
<span class="ln">288</span>         {
<span class="ln">289</span>             $priorAction=$this-&gt;_action;
<span class="ln">290</span>             $this-&gt;_action=$action;
<span class="ln">291</span>             CFilterChain::create($this,$action,$filters)-&gt;run();
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#5			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/CController.php(265): <strong>CController</strong>-&gt;<strong>runActionWithFilters</strong>(index, array())				</div>

				<div class="code"><pre><span class="ln">260</span>         {
<span class="ln">261</span>             if(($parent=$this-&gt;getModule())===null)
<span class="ln">262</span>                 $parent=Yii::app();
<span class="ln">263</span>             if($parent-&gt;beforeControllerAction($this,$action))
<span class="ln">264</span>             {
<span class="error"><span class="ln error-ln">265</span>                 $this-&gt;runActionWithFilters($action,$this-&gt;filters());
</span><span class="ln">266</span>                 $parent-&gt;afterControllerAction($this,$action);
<span class="ln">267</span>             }
<span class="ln">268</span>         }
<span class="ln">269</span>         else
<span class="ln">270</span>             $this-&gt;missingAction($actionID);
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#6			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/CWebApplication.php(282): <strong>CController</strong>-&gt;<strong>run</strong>("index")				</div>

				<div class="code"><pre><span class="ln">277</span>         {
<span class="ln">278</span>             list($controller,$actionID)=$ca;
<span class="ln">279</span>             $oldController=$this-&gt;_controller;
<span class="ln">280</span>             $this-&gt;_controller=$controller;
<span class="ln">281</span>             $controller-&gt;init();
<span class="error"><span class="ln error-ln">282</span>             $controller-&gt;run($actionID);
</span><span class="ln">283</span>             $this-&gt;_controller=$oldController;
<span class="ln">284</span>         }
<span class="ln">285</span>         else
<span class="ln">286</span>             throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".',
<span class="ln">287</span>                 array('{route}'=&gt;$route===''?$this-&gt;defaultController:$route)));
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#7			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/web/CWebApplication.php(141): <strong>CWebApplication</strong>-&gt;<strong>runController</strong>("survey/index")				</div>

				<div class="code"><pre><span class="ln">136</span>             foreach(array_splice($this-&gt;catchAllRequest,1) as $name=&gt;$value)
<span class="ln">137</span>                 $_GET[$name]=$value;
<span class="ln">138</span>         }
<span class="ln">139</span>         else
<span class="ln">140</span>             $route=$this-&gt;getUrlManager()-&gt;parseUrl($this-&gt;getRequest());
<span class="error"><span class="ln error-ln">141</span>         $this-&gt;runController($route);
</span><span class="ln">142</span>     }
<span class="ln">143</span> 
<span class="ln">144</span>     /**
<span class="ln">145</span>      * Registers the core application components.
<span class="ln">146</span>      * This method overrides the parent implementation by registering additional core components.
</pre></div>			</td>
		</tr>
						<tr class="trace core collapsed">
			<td class="number">
				#8			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/framework/base/CApplication.php(185): <strong>CWebApplication</strong>-&gt;<strong>processRequest</strong>()				</div>

				<div class="code"><pre><span class="ln">180</span>     public function run()
<span class="ln">181</span>     {
<span class="ln">182</span>         if($this-&gt;hasEventHandler('onBeginRequest'))
<span class="ln">183</span>             $this-&gt;onBeginRequest(new CEvent($this));
<span class="ln">184</span>         register_shutdown_function(array($this,'end'),0,false);
<span class="error"><span class="ln error-ln">185</span>         $this-&gt;processRequest();
</span><span class="ln">186</span>         if($this-&gt;hasEventHandler('onEndRequest'))
<span class="ln">187</span>             $this-&gt;onEndRequest(new CEvent($this));
<span class="ln">188</span>     }
<span class="ln">189</span> 
<span class="ln">190</span>     /**
</pre></div>			</td>
		</tr>
						<tr class="trace app expanded">
			<td class="number">
				#9			</td>
			<td class="content">
				<div class="trace-file">
											<div class="plus">+</div>
						<div class="minus">–</div>
										&nbsp;/data/webdev/3fixes/index.php(194): <strong>CApplication</strong>-&gt;<strong>run</strong>()				</div>

				<div class="code"><pre><span class="ln">189</span> require_once APPPATH . 'core/LSYii_Application' . EXT;
<span class="ln">190</span> 
<span class="ln">191</span> $config = require_once(APPPATH . 'config/internal' . EXT);
<span class="ln">192</span> 
<span class="ln">193</span> Yii::$enableIncludePath = false;
<span class="error"><span class="ln error-ln">194</span> Yii::createApplication('LSYii_Application', $config)-&gt;run();
</span><span class="ln">195</span> 
<span class="ln">196</span> /* End of file index.php */
<span class="ln">197</span> /* Location: ./index.php */
</pre></div>			</td>
		</tr>
				</tbody></table>
	</div>

	<div class="version">
		2021-07-27 16:48:33 nginx/1.14.2 <a href="http://www.yiiframework.com/">Yii Framework</a>/1.1.24-dev	</div>
</div>

<script type="text/javascript">
/*<![CDATA[*/
var traceReg = new RegExp("(^|\\s)trace-file(\\s|$)");
var collapsedReg = new RegExp("(^|\\s)collapsed(\\s|$)");

var e = document.getElementsByTagName("div");
for(var j=0,len=e.length;j<len;j++){
	if(traceReg.test(e[j].className)){
		e[j].onclick = function(){
			var trace = this.parentNode.parentNode;
			if(collapsedReg.test(trace.className))
				trace.className = trace.className.replace("collapsed", "expanded");
			else
				trace.className = trace.className.replace("expanded", "collapsed");
		}
	}
}
/*]]>*/
</script>



<div id="grammalecte_menu_main_button_shadow_host" style="width: 0px; height: 0px;"></div></body><script src="PHP%20notice_fichiers/api.js"></script></html>
PHP notice.html (17,354 bytes)   
Bug heat4
Complete LimeSurvey version number (& build) 3.27.9
I will donate to the project if issue is resolvedNo
Browsernot relevant
Database type & versionnot relevant
Server OS (if known)not relevant
Webserver software & version (if known)not relevant
PHP Versionnot relevant

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2021-07-27 17:59

developer   ~65654

https://github.com/LimeSurvey/LimeSurvey/pull/1986
and
https://github.com/LimeSurvey/LimeSurvey/pull/1985

ollehar

ollehar

2021-07-27 19:30

administrator   ~65655

Nice

ollehar

ollehar

2021-07-27 19:31

administrator   ~65656

Added to Zoho for testing.

DenisChenu

DenisChenu

2021-07-30 10:58

developer   ~65755

Fix committed to 3.x-LTS branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&amp;id=32419

DenisChenu

DenisChenu

2021-07-30 11:14

developer   ~65756

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&amp;id=32420

Related Changesets

LimeSurvey: 3.x-LTS 489306a7

2021-07-30 10:58:17

DenisChenu


Committer: GitHub Details Diff
Merge pull request #1985

* Fixed issue 17480: Unable to reload with token + persistence + allow edit

* Dev: Run composer install --no-dev
Affected Issues
17480
mod - application/helpers/frontend_helper.php Diff File

LimeSurvey: master 7e3d62d4

2021-07-30 11:14:48

DenisChenu


Committer: GitHub Details Diff
Fixed issue 17480: Unable to reload with token + persistence + allow edit (#1986)

Dev: Same fix than 3.X + findByPk
Affected Issues
17480
mod - application/helpers/frontend_helper.php Diff File
mod - application/models/Response.php Diff File

Issue History

Date Modified Username Field Change
2021-07-27 16:50 DenisChenu New Issue
2021-07-27 16:50 DenisChenu File Added: survey_archive_847856.lsa
2021-07-27 16:50 DenisChenu File Added: PHP notice.html
2021-07-27 16:50 DenisChenu Assigned To => DenisChenu
2021-07-27 16:50 DenisChenu Status new => assigned
2021-07-27 17:42 DenisChenu Summary Reload with token + persistence + allow edit can break => Unable to reload with token + persistence + allow edit
2021-07-27 17:58 DenisChenu Assigned To DenisChenu => ollehar
2021-07-27 17:59 DenisChenu Status assigned => ready for testing
2021-07-27 17:59 DenisChenu Note Added: 65654
2021-07-27 17:59 DenisChenu Severity minor => partial_block
2021-07-27 19:30 ollehar Sync to Zoho Project => |Yes|
2021-07-27 19:30 ollehar Note Added: 65655
2021-07-27 19:31 ollehar Note Added: 65656
2021-07-30 10:58 DenisChenu Changeset attached => LimeSurvey 3.x-LTS 489306a7
2021-07-30 10:58 DenisChenu Note Added: 65755
2021-07-30 10:58 DenisChenu Assigned To ollehar => DenisChenu
2021-07-30 10:58 DenisChenu Resolution open => fixed
2021-07-30 11:14 DenisChenu Changeset attached => LimeSurvey master 7e3d62d4
2021-07-30 11:14 DenisChenu Note Added: 65756
2021-07-30 11:19 p_teichmann Status ready for testing => resolved
2021-08-12 08:46 c_schmitz Status resolved => closed