View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 8
IDProjectCategoryView StatusDate SubmittedLast Update
20348Bug reportsImport/Exportpublic2025-11-13 13:442025-11-13 15:47
Reporterritapas Assigned To 
PrioritynoneSeverityfeature 
Status newResolutionopen 
Product Version6.6.x 
Summary20348: Users can import random garbage in txt files when importing a survey for creation
Description

Provided the file extensions is correct, users can import any garbage into limesurvey when using the Create survey - import.
The worst part is that apparently the system validates it at first step ("Complimenti"):

Steps To Reproduce

Steps to reproduce

Prepare a .txt file containing random text or even rename a different kind of file (you can use those enclosed by me). Go to create a survey and, inside "import file" dialog, drop one of such files.

Expected result

LS should not acknowledge the result as having imported a survey

Actual result

Success screen

TagsNo tags attached.
Attached Files
immagine.png (26,067 bytes)   
immagine.png (26,067 bytes)   
RandomGarbage.txt (3,348 bytes)    

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec tincidunt neque sit amet augue sollicitudin vulputate. Quisque a arcu sed mi pulvinar condimentum eu at odio. Integer commodo, sem id placerat egestas, ipsum tortor imperdiet metus, at dapibus nisi massa ut sem. Ut id urna sollicitudin, sagittis ipsum at, dictum libero. Morbi venenatis in arcu eu facilisis. Maecenas at ipsum felis. Cras eget efficitur nibh.

Aenean at lorem tincidunt, faucibus magna a, vulputate tortor. Quisque vel vehicula lorem. Sed quis velit vitae enim fringilla venenatis. Donec ut tincidunt enim. Sed cursus ullamcorper elit, facilisis semper purus ultrices non. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Sed lobortis massa non arcu finibus luctus.

Mauris quis mauris volutpat, luctus nunc nec, imperdiet risus. Quisque suscipit interdum justo at tristique. Nullam auctor rhoncus metus quis dapibus. Morbi ut mauris sed ante sagittis aliquam. In elementum purus et viverra vehicula. Etiam et nisl arcu. Fusce posuere diam id bibendum efficitur. Vivamus lacus tellus, tempor id rhoncus sed, tincidunt porta magna. Quisque convallis fermentum diam sed ornare. Pellentesque malesuada lacinia magna, quis auctor lacus convallis non. Integer vestibulum felis id eleifend aliquam. Nullam elit massa, gravida ac lectus nec, porttitor commodo sapien. Quisque convallis nisi vitae dolor blandit efficitur. Vivamus convallis mi eget libero pretium, id condimentum eros molestie.

Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Cras cursus felis magna, semper scelerisque nisl euismod quis. Donec auctor consectetur dolor. In malesuada nisi eu turpis suscipit efficitur. Sed at mi vulputate orci viverra ullamcorper vitae non libero. Praesent ut urna interdum, consequat mauris at, congue ex. Sed hendrerit ante ac eleifend dignissim. Nunc mattis nulla arcu, ut vulputate dui vehicula in. Mauris pulvinar neque quis odio suscipit, in mollis dui maximus. Integer tempus quam a quam sodales, molestie pulvinar enim viverra. Cras tortor sem, luctus quis justo cursus, luctus aliquam arcu. Pellentesque ipsum justo, viverra ac convallis sed, facilisis id lacus. Nullam vitae pulvinar nulla. Maecenas non efficitur turpis. Fusce rutrum, dui et lacinia dignissim, urna lorem pellentesque neque, non auctor lacus sapien tincidunt nisi. Aenean dictum dolor et laoreet sodales.

Vestibulum porttitor efficitur tincidunt. Vivamus finibus vel ligula eget vestibulum. Pellentesque nec arcu vitae sapien eleifend pellentesque a sed odio. In sagittis quam et nibh consectetur, vitae bibendum ante blandit. Integer turpis odio, laoreet in dignissim eu, imperdiet vitae nisi. Suspendisse in efficitur nisl, ac cursus arcu. Nullam at ornare urna. Duis vitae leo blandit, aliquam massa nec, semper orci. Suspendisse tincidunt lobortis ante, vitae condimentum urna ultricies at. Mauris vitae ante condimentum, laoreet urna in, euismod eros. Orci varius natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Nulla sit amet interdum elit, vitae fermentum velit. Nullam facilisis, erat efficitur condimentum venenatis, sapien nibh pulvinar odio, tempus convallis justo orci sit amet nibh. Morbi ligula neque, pretium eget purus vitae, efficitur mollis libero.
RandomGarbage.txt (3,348 bytes)   
4.2.svg.txt (2,320 bytes)    
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 144 34" xmlns:v="https://vecta.io/nano"><g fill="#e7e7e7"><use xlink:href="#B"/><use xlink:href="#C"/><use xlink:href="#C" x="28"/><use xlink:href="#D"/><path d="M127.14 4.569c.346-.758 1.376-.758 1.722 0l2.899 6.362c.139.305.416.516.736.56l6.674.921c.795.11 1.114 1.136.532 1.714l-4.882 4.853a1.03 1.03 0 0 0-.282.906l1.226 6.931c.146.826-.688 1.46-1.393 1.06l-5.916-3.363c-.284-.161-.626-.161-.91 0l-5.916 3.363c-.705.401-1.539-.234-1.393-1.06l1.226-6.931a1.03 1.03 0 0 0-.282-.906l-4.882-4.853c-.582-.578-.263-1.605.532-1.714l6.674-.921c.32-.044.597-.255.736-.56l2.899-6.362z"/></g><g fill="#f4c15c"><use xlink:href="#B"/><use xlink:href="#C"/><use xlink:href="#C" x="28"/><use xlink:href="#D"/><path d="M116 13.408c0-.469.315-.925.83-.996l3.17-.437v5.832l-3.702-3.68a1 1 0 0 1-.298-.718h0z"/><path d="M116 13.408c0-.469.315-.925.83-.996l1.17-.161v3.567l-1.702-1.692a1 1 0 0 1-.298-.718h0z"/></g><defs ><path id="B" d="M15.139 4.569c.345-.758 1.376-.758 1.721 0l2.899 6.362c.139.305.416.516.736.56l6.674.921c.795.11 1.114 1.136.532 1.714l-4.882 4.853a1.03 1.03 0 0 0-.281.906l1.226 6.931c.146.826-.688 1.46-1.393 1.06l-5.916-3.363c-.284-.161-.626-.161-.91 0l-5.916 3.363c-.705.401-1.539-.234-1.393-1.06l1.226-6.931a1.03 1.03 0 0 0-.281-.906l-4.882-4.853c-.582-.578-.263-1.605.532-1.714l6.674-.921c.32-.044.597-.255.736-.56l2.899-6.362z"/><path id="C" d="M43.139 4.569c.346-.758 1.376-.758 1.721 0l2.899 6.362c.139.305.416.516.736.56l6.674.921c.795.11 1.114 1.136.532 1.714l-4.882 4.853a1.03 1.03 0 0 0-.281.906l1.226 6.931c.146.826-.688 1.46-1.393 1.06l-5.916-3.363c-.284-.161-.626-.161-.91 0l-5.916 3.363c-.705.401-1.539-.234-1.393-1.06l1.226-6.931a1.03 1.03 0 0 0-.281-.906l-4.882-4.853c-.582-.578-.263-1.605.532-1.714l6.674-.921c.32-.044.597-.255.736-.56l2.899-6.362z"/><path id="D" d="M99.139 4.569c.346-.758 1.376-.758 1.722 0l2.899 6.362c.139.305.416.516.736.56l6.674.921c.795.11 1.114 1.136.532 1.714l-4.882 4.853a1.03 1.03 0 0 0-.282.906l1.226 6.931c.146.826-.688 1.46-1.393 1.06l-5.916-3.363c-.284-.161-.626-.161-.91 0l-5.916 3.363c-.705.401-1.539-.234-1.393-1.06l1.226-6.931a1.03 1.03 0 0 0-.281-.906l-4.882-4.853c-.582-.578-.263-1.605.532-1.714l6.674-.921c.32-.044.597-.255.736-.56l2.899-6.362z"/></defs></svg>
4.2.svg.txt (2,320 bytes)   
Bug heat8
Complete LimeSurvey version number (& build)6.10.6, 6.15.20 (demo page) also version3 is like this
I will donate to the project if issue is resolvedNo
Browser
Database type & versionn/a
Server OS (if known)
Webserver software & version (if known)
PHP Versionn/a

Users monitoring this issue

ritapas

Activities

tibor.pacalat

tibor.pacalat

2025-11-13 13:57

administrator   ~83771

This validation was never implemented, so this would be a new feature.
ritapas

ritapas

2025-11-13 14:03

reporter   ~83772

given this remark, I agree that validation would be a new feature. However, giving confirmation and a success message without actually knowing is a bit weird
DenisChenu

DenisChenu

2025-11-13 15:47

developer   ~83776

This validation was never implemented, so this would be a new feature.

No, i think minimum it's validate it's a TSV file maybe with minimal column name ?

Here : i don't understand why we have language to 1 : there are no survey language found : no survey language : not a valid file.

Issue History

Date Modified Username Field Change
2025-11-13 13:44 ritapas New Issue
2025-11-13 13:44 ritapas File Added: immagine.png
2025-11-13 13:44 ritapas File Added: RandomGarbage.txt
2025-11-13 13:44 ritapas File Added: 4.2.svg.txt
2025-11-13 13:47 ritapas Issue Monitored: ritapas
2025-11-13 13:47 ritapas Bug heat 0 => 2
2025-11-13 13:56 tibor.pacalat Severity tweak => feature
2025-11-13 13:57 tibor.pacalat Note Added: 83771
2025-11-13 13:57 tibor.pacalat Bug heat 2 => 4
2025-11-13 14:03 ritapas Note Added: 83772
2025-11-13 14:03 ritapas Bug heat 4 => 6
2025-11-13 15:47 DenisChenu Note Added: 83776
2025-11-13 15:47 DenisChenu Bug heat 6 => 8