07172: Error Missing argument 1 for accessDenied() when trying to add a user/group to survey permissions when see only own groups=No

This bug affects 1 person(s).

254

ID	Project	Category	View Status	Date Submitted	Last Update

07172	Bug reports	Security	public	2013-01-10 15:33	2013-01-15 09:14

Reporter	pfpDave	Assigned To	DenisChenu
Priority	normal	Severity	minor
Status	closed	Resolution	fixed
Product Version	2.00+
Fixed in Version	2.00+

Summary	07172: Error Missing argument 1 for accessDenied() when trying to add a user/group to survey permissions when see only own groups=No
Description	Switch Global Security Setting 'Group member can only see own group' to No Create a restricted user with Participant Panel and Create Survey Global Permissions Create a survey and assign FULL survey permissions to above restricted user Login as restricted user and go to 'Survey Permissions' Attempt to add a user to the survey Error message appears: Missing argument 1 for accessDenied(), called in C:\limesurvey\application\controllers\admin\surveypermission.php on line 334 and defined (full error attached)
Tags	No tags attached.
Attached Files	PHP warning.htm (19,102 bytes) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>PHP warning</title> <style type="text/css"> /<![CDATA[/ html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{border:0;outline:0;font-size:100%;vertical-align:baseline;background:transparent;margin:0;padding:0;} body{line-height:1;} ol,ul{list-style:none;} blockquote,q{quotes:none;} blockquote:before,blockquote:after,q:before,q:after{content:none;} :focus{outline:0;} ins{text-decoration:none;} del{text-decoration:line-through;} table{border-collapse:collapse;border-spacing:0;} body { font: normal 9pt "Verdana"; color: #000; background: #fff; } h1 { font: normal 18pt "Verdana"; color: #f00; margin-bottom: .5em; } h2 { font: normal 14pt "Verdana"; color: #800000; margin-bottom: .5em; } h3 { font: bold 11pt "Verdana"; } pre { font: normal 11pt Menlo, Consolas, "Lucida Console", Monospace; } pre span.error { display: block; background: #fce3e3; } pre span.ln { color: #999; padding-right: 0.5em; border-right: 1px solid #ccc; } pre span.error-ln { font-weight: bold; } .container { margin: 1em 4em; } .version { color: gray; font-size: 8pt; border-top: 1px solid #aaa; padding-top: 1em; margin-bottom: 1em; } .message { color: #000; padding: 1em; font-size: 11pt; background: #f3f3f3; -webkit-border-radius: 10px; -moz-border-radius: 10px; border-radius: 10px; margin-bottom: 1em; line-height: 160%; } .source { margin-bottom: 1em; } .code pre { background-color: #ffe; margin: 0.5em 0; padding: 0.5em; line-height: 125%; border: 1px solid #eee; } .source .file { margin-bottom: 1em; font-weight: bold; } .traces { margin: 2em 0; } .trace { margin: 0.5em 0; padding: 0.5em; } .trace.app { border: 1px dashed #c00; } .trace .number { text-align: right; width: 2em; padding: 0.5em; } .trace .content { padding: 0.5em; } .trace .plus, .trace .minus { display:inline; vertical-align:middle; text-align:center; border:1px solid #000; color:#000; font-size:10px; line-height:10px; margin:0; padding:0 1px; width:10px; height:10px; } .trace.collapsed .minus, .trace.expanded .plus, .trace.collapsed pre { display: none; } .trace-file { cursor: pointer; padding: 0.2em; } .trace-file:hover { background: #f0ffff; } /]]>/ </style> </head> <body> <div class="container"> <h1>PHP warning</h1> <p class="message"> Missing argument 1 for accessDenied(), called in C:\limesurvey\application\controllers\admin\surveypermission.php on line 334 and defined </p> <div class="source"> <p class="file">C:\limesurvey\application\helpers\common_helper.php(6410)</p> <div class="code"><pre><span class="ln">6398</span> <span class="ln">6399</span> } // Enf if modified <span class="ln">6400</span> } // end while qentry <span class="ln">6401</span> } <span class="ln">6402</span> <span class="ln">6403</span> /** <span class="ln">6404</span> * This function is a replacement of accessDenied.php which return appropriate error message which is then displayed. <span class="ln">6405</span> * <span class="ln">6406</span> * @params string $action - action for which acces denied error message is to be returned <span class="ln">6407</span> * @params string sid - survey id <span class="ln">6408</span> * @return $accesssummary - proper access denied error message <span class="ln">6409</span> / <span class="error"><span class="ln error-ln">6410</span> function accessDenied($action,$sid='') </span><span class="ln">6411</span> { <span class="ln">6412</span> $clang = Yii::app()->lang; <span class="ln">6413</span> if (Yii::app()->session['loginID']) <span class="ln">6414</span> { <span class="ln">6415</span> $ugid = Yii::app()->getConfig('ugid'); <span class="ln">6416</span> $accesssummary = "<p><strong>".$clang->gT("Access denied!")."</strong><br />\n"; <span class="ln">6417</span> $scriptname = Yii::app()->getConfig('scriptname'); <span class="ln">6418</span> //$action=returnGlobal('action'); <span class="ln">6419</span> if ( $action == "dumpdb" ) <span class="ln">6420</span> { <span class="ln">6421</span> $accesssummary .= "<p>".$clang->gT("You are not allowed dump the database!")."<br />"; <span class="ln">6422</span> $accesssummary .= "<a href='$scriptname'>".$clang->gT("Continue")."</a><br />&nbsp;\n"; </pre></div> </div> <div class="traces"> <h2>Stack Trace</h2> <table style="width:100%;"> <tr class="trace app expanded"> <td class="number"> #0 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\application\controllers\admin\surveypermission.php(334): <strong>accessDenied</strong>() </div> <div class="code"><pre><span class="ln">329</span> $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('".$this->getController()->createUrl('admin/surveypermission/sa/view/surveyid/'.$surveyid)."', '_top')\" value=\"".$clang->gT("Continue")."\"/>\n"; <span class="ln">330</span> } <span class="ln">331</span> } <span class="ln">332</span> else <span class="ln">333</span> { <span class="error"><span class="ln error-ln">334</span> accessDenied(); </span><span class="ln">335</span> } <span class="ln">336</span> <span class="ln">337</span> $addsummary .= "</div>\n"; <span class="ln">338</span> <span class="ln">339</span> $aViewUrls['output'] = $addsummary; </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #1 </td> <td class="content"> <div class="trace-file">  unknown(0): <strong>surveypermission</strong>-><strong>adduser</strong>("328177") </div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #2 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\actions\CAction.php(107): <strong>ReflectionMethod</strong>-><strong>invokeArgs</strong>(surveypermission, array("328177")) </div> <div class="code"><pre><span class="ln">102</span> else if($param->isDefaultValueAvailable()) <span class="ln">103</span> $ps[]=$param->getDefaultValue(); <span class="ln">104</span> else <span class="ln">105</span> return false; <span class="ln">106</span> } <span class="error"><span class="ln error-ln">107</span> $method->invokeArgs($object,$ps); </span><span class="ln">108</span> return true; <span class="ln">109</span> } <span class="ln">110</span> } </pre></div> </td> </tr> <tr class="trace app expanded"> <td class="number"> #3 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\application\core\Survey_Common_Action.php(100): <strong>CAction</strong>-><strong>runWithParamsInternal</strong>(surveypermission, ReflectionMethod, array("surveyid" => "328177", "sa" => "adduser", "iSurveyId" => "328177", "iSurveyID" => "328177")) </div> <div class="code"><pre><span class="ln">095</span> $oMethod = new ReflectionMethod($this, $sDefault); <span class="ln">096</span> } <span class="ln">097</span> <span class="ln">098</span> // We're all good to go, let's execute it <span class="ln">099</span> // runWithParamsInternal would automatically get the parameters of the method and populate them as required with the params <span class="error"><span class="ln error-ln">100</span> return parent::runWithParamsInternal($this, $oMethod, $params); </span><span class="ln">101</span> } <span class="ln">102</span> <span class="ln">103</span> /* <span class="ln">104</span> * Some functions have different parameters, which are just an alias of the <span class="ln">105</span> * usual parameters we're getting in the url. This function just populates </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #4 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\CController.php(309): <strong>Survey_Common_Action</strong>-><strong>runWithParams</strong>(array("surveyid" => "328177", "sa" => "adduser")) </div> <div class="code"><pre><span class="ln">304</span> { <span class="ln">305</span> $priorAction=$this->_action; <span class="ln">306</span> $this->_action=$action; <span class="ln">307</span> if($this->beforeAction($action)) <span class="ln">308</span> { <span class="error"><span class="ln error-ln">309</span> if($action->runWithParams($this->getActionParams())===false) </span><span class="ln">310</span> $this->invalidActionParams($action); <span class="ln">311</span> else <span class="ln">312</span> $this->afterAction($action); <span class="ln">313</span> } <span class="ln">314</span> $this->_action=$priorAction; </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #5 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\CController.php(287): <strong>CController</strong>-><strong>runAction</strong>(surveypermission) </div> <div class="code"><pre><span class="ln">282</span> * @see runAction <span class="ln">283</span> / <span class="ln">284</span> public function runActionWithFilters($action,$filters) <span class="ln">285</span> { <span class="ln">286</span> if(empty($filters)) <span class="error"><span class="ln error-ln">287</span> $this->runAction($action); </span><span class="ln">288</span> else <span class="ln">289</span> { <span class="ln">290</span> $priorAction=$this->_action; <span class="ln">291</span> $this->_action=$action; <span class="ln">292</span> CFilterChain::create($this,$action,$filters)->run(); </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #6 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\CController.php(266): <strong>CController</strong>-><strong>runActionWithFilters</strong>(surveypermission, array()) </div> <div class="code"><pre><span class="ln">261</span> { <span class="ln">262</span> if(($parent=$this->getModule())===null) <span class="ln">263</span> $parent=Yii::app(); <span class="ln">264</span> if($parent->beforeControllerAction($this,$action)) <span class="ln">265</span> { <span class="error"><span class="ln error-ln">266</span> $this->runActionWithFilters($action,$this->filters()); </span><span class="ln">267</span> $parent->afterControllerAction($this,$action); <span class="ln">268</span> } <span class="ln">269</span> } <span class="ln">270</span> else <span class="ln">271</span> $this->missingAction($actionID); </pre></div> </td> </tr> <tr class="trace app expanded"> <td class="number"> #7 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\application\controllers\AdminController.php(169): <strong>CController</strong>-><strong>run</strong>("surveypermission") </div> <div class="code"><pre><span class="ln">164</span> $this->redirect($this->createUrl('/admin/authentication/sa/login')); <span class="ln">165</span> } <span class="ln">166</span> <span class="ln">167</span> } <span class="ln">168</span> <span class="error"><span class="ln error-ln">169</span> return parent::run($action); </span><span class="ln">170</span> } <span class="ln">171</span> <span class="ln">172</span> /* <span class="ln">173</span> * Routes all the actions to their respective places <span class="ln">174</span> * </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #8 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\CWebApplication.php(276): <strong>AdminController</strong>-><strong>run</strong>("surveypermission") </div> <div class="code"><pre><span class="ln">271</span> { <span class="ln">272</span> list($controller,$actionID)=$ca; <span class="ln">273</span> $oldController=$this->_controller; <span class="ln">274</span> $this->_controller=$controller; <span class="ln">275</span> $controller->init(); <span class="error"><span class="ln error-ln">276</span> $controller->run($actionID); </span><span class="ln">277</span> $this->_controller=$oldController; <span class="ln">278</span> } <span class="ln">279</span> else <span class="ln">280</span> throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".', <span class="ln">281</span> array('{route}'=>$route===''?$this->defaultController:$route))); </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #9 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\web\CWebApplication.php(135): <strong>CWebApplication</strong>-><strong>runController</strong>("admin/surveypermission/sa/adduser") </div> <div class="code"><pre><span class="ln">130</span> foreach(array_splice($this->catchAllRequest,1) as $name=>$value) <span class="ln">131</span> $_GET[$name]=$value; <span class="ln">132</span> } <span class="ln">133</span> else <span class="ln">134</span> $route=$this->getUrlManager()->parseUrl($this->getRequest()); <span class="error"><span class="ln error-ln">135</span> $this->runController($route); </span><span class="ln">136</span> } <span class="ln">137</span> <span class="ln">138</span> /** <span class="ln">139</span> * Registers the core application components. <span class="ln">140</span> * This method overrides the parent implementation by registering additional core components. </pre></div> </td> </tr> <tr class="trace core collapsed"> <td class="number"> #10 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\framework\base\CApplication.php(162): <strong>CWebApplication</strong>-><strong>processRequest</strong>() </div> <div class="code"><pre><span class="ln">157</span> / <span class="ln">158</span> public function run() <span class="ln">159</span> { <span class="ln">160</span> if($this->hasEventHandler('onBeginRequest')) <span class="ln">161</span> $this->onBeginRequest(new CEvent($this)); <span class="error"><span class="ln error-ln">162</span> $this->processRequest(); </span><span class="ln">163</span> if($this->hasEventHandler('onEndRequest')) <span class="ln">164</span> $this->onEndRequest(new CEvent($this)); <span class="ln">165</span> } <span class="ln">166</span> <span class="ln">167</span> /* </pre></div> </td> </tr> <tr class="trace app collapsed"> <td class="number"> #11 </td> <td class="content"> <div class="trace-file"> <div class="plus">+</div> <div class="minus">–</div>  C:\limesurvey\index.php(178): <strong>CApplication</strong>-><strong>run</strong>() </div> <div class="code"><pre><span class="ln">173</span> * <span class="ln">174</span> / <span class="ln">175</span> require_once BASEPATH . 'yii' . EXT; <span class="ln">176</span> require_once APPPATH . 'core/LSYii_Application' . EXT; <span class="ln">177</span> <span class="error"><span class="ln error-ln">178</span> Yii::createApplication('LSYii_Application', APPPATH . 'config/config' . EXT)->run(); </span><span class="ln">179</span> <span class="ln">180</span> / End of file index.php / <span class="ln">181</span> / Location: ./index.php / </pre></div> </td> </tr> </table> </div> <div class="version"> 2013-01-10 14:30:53 Microsoft-IIS/7.5 <a href="http://www.yiiframework.com/">Yii Framework</a>/1.1.10 </div> </div> <script type="text/javascript"> /<![CDATA[/ var traceReg = new RegExp("(^\|\\s)trace-file(\\s\|$)"); var collapsedReg = new RegExp("(^\|\\s)collapsed(\\s\|$)"); var e = document.getElementsByTagName("div"); for(var j=0,len=e.length;j<len;j++){ if(traceReg.test(e[j].className)){ e[j].onclick = function(){ var trace = this.parentNode.parentNode; if(collapsedReg.test(trace.className)) trace.className = trace.className.replace("collapsed", "expanded"); else trace.className = trace.className.replace("expanded", "collapsed"); } } } /]]>*/ </script> </body> </html> PHP warning.htm (19,102 bytes)

Bug heat	254
Complete LimeSurvey version number (& build)	130108
I will donate to the project if issue is resolved	No
Browser	IE8
Database type & version	SQL Express 2012
Server OS (if known)	Server 2008
Webserver software & version (if known)	IIS 7
PHP Version	5.4.8

User List	There are no users monitoring this issue.

Date Modified	Username	Field	Change
2013-01-10 15:33	pfpDave	New Issue
2013-01-10 15:33	pfpDave	File Added: PHP warning.htm
2013-01-13 12:30	DenisChenu	Note Added: 23626
2013-01-13 12:30	DenisChenu	Assigned To	=> DenisChenu
2013-01-13 12:30	DenisChenu	Status	new => assigned
2013-01-14 14:59	DenisChenu	Status	assigned => resolved
2013-01-14 14:59	DenisChenu	Fixed in Version	=> 2.00+
2013-01-14 14:59	DenisChenu	Resolution	open => fixed
2013-01-15 09:14	c_schmitz	Note Added: 23657
2013-01-15 09:14	c_schmitz	Status	resolved => closed

DenisChenu 2013-01-13 12:30 developer ~23626	Already for 2.1, take it for 2.0

c_schmitz 2013-01-15 09:14 administrator ~23657	2.00+ Build 130115 released

View Issue Details

Users monitoring this issue

Activities

Issue History