Merge branch 'release/v0.21.3'

rubenarslan · Jun 21, 2024 · aee83e0 · aee83e0
2 parents 44c8f67 + edb3314
commit aee83e0
Show file tree

Hide file tree

Showing 11 changed files with 56 additions and 24 deletions.
diff --git a/application/Controller/RunController.php b/application/Controller/RunController.php
@@ -268,7 +268,8 @@ protected function loginUser() {
         $id = null;
 
         // came here with a login link
-        if (isset($_GET['run_name']) && isset($_GET['code']) && strlen($_GET['code']) == 64) {
+        $code_rule = Config::get("user_code_regular_expression");
+        if (isset($_GET['run_name']) && isset($_GET['code']) && preg_match($code_rule, $_GET['code'])) {
             // user came in with login code
             $loginCode = $_GET['code'];
         } elseif ($user = Site::getInstance()->getSessionUser()) {

diff --git a/application/Model/Item/Timezone.php b/application/Model/Item/Timezone.php
@@ -39,12 +39,37 @@ public function getReply($reply) {
     }
 
     protected function render_input() {
-        $tpl = '
+        $tpl = "
+        <script>
+        document.addEventListener('DOMContentLoaded', function() {
+    // Get the browser's timezone
+    let timezone = Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+    // Replace '/' with ' - ' to match the format in the select options
+    timezone = timezone.replace(/\//g, ' - ');
+
+    // Get the select element by its name attribute
+    const selectElement = document.querySelector('select[name=\"timezone\"]');
+    const options = selectElement.options;
+
+    // Find the option that matches the browser's timezone and select it
+    for (let i = 0; i < options.length; i++) {
+        if (options[i].text.includes(timezone)) {
+            options[i].selected = true;
+
+            // Trigger change event for select2 to update UI
+            const event = new Event('change', { bubbles: true });
+            selectElement.dispatchEvent(event);
+            break;
+        }
+    }
+});
+</script>
 			<select %{select_attributes}>
 				%{empty_option}
 				%{options}
 			</select>
-		';
+		";
 
         $options = '';
         foreach ($this->choices as $value => $option) {

diff --git a/application/Model/RunSession.php b/application/Model/RunSession.php
@@ -130,10 +130,10 @@ public function create($session = null, $testing = 0) {
         if ($this->run->id === -1) {
             return false;
         }
-
+        $code_rule = Config::get("user_code_regular_expression");
         if ($session !== null) {
-            if (strlen($session) != 64) {
-                alert("<strong>Error.</strong> Session tokens need to be exactly 64 characters long.", 'alert-danger');
+            if (!preg_match($code_rule, $session)) {
+                alert("<strong>Error.</strong> Session tokens needs to match $code_rule", 'alert-danger');
                 return false;
             }
         } else {

diff --git a/application/Site.php b/application/Site.php
@@ -170,7 +170,9 @@ public function expire_session($expiry) {
 
     public function loginUser($user) {
         // came here with a login link
-        if (isset($_GET['run_name']) && isset($_GET['code']) && strlen($_GET['code']) == 64) {
+        $code_rule = Config::get("user_code_regular_expression");
+        pr($_GET['code']);die;
+        if (isset($_GET['run_name']) && isset($_GET['code']) && preg_match($code_rule, $_GET['code'])) {
             $login_code = $_GET['code'];
             // this user came here with a session code that he wasn't using before. 
             // this will always be true if the user is 

diff --git a/bin/add_user.php b/bin/add_user.php
@@ -29,14 +29,14 @@
 
 if($config['level'] > 1 && $users > 0) {
 	print("Cannot create superadmins when users already exist");
+} else {
+	$inserted = $db->insert('survey_users', array(
+		'email' => $config['email'],
+		'created' => mysql_now(),
+		'password' => $config['hash'],
+		'user_code' => crypto_token(48),
+		'referrer_code' => "created from host",
+		'email_verified' => 1,
+		'admin' => $config['level']
+	));
 }
-
-$inserted = $db->insert('survey_users', array(
-	'email' => $config['email'],
-	'created' => mysql_now(),
-	'password' => $config['hash'],
-	'user_code' => crypto_token(48),
-	'referrer_code' => "created from host",
-	'email_verified' => 1,
-	'admin' => $config['level']
-));
diff --git a/config-dist/settings.php b/config-dist/settings.php
@@ -84,6 +84,8 @@
 $settings['display_errors'] = 0;
 $settings['error_to_stderr'] = 0;
 
+$settings['user_code_regular_expression'] = "/^[A-Za-z0-9+]{64}$/";
+
 // Session expiration related settings
 // (for unregistered users. in seconds (defaults to a year))
 $settings['expire_unregistered_session'] = 365 * 24 * 60 * 60;

diff --git a/setup.php b/setup.php
@@ -1,6 +1,6 @@
 <?php
 
-define('FORMR_VERSION', 'v0.21.0');
+define('FORMR_VERSION', 'v0.21.3');
 
 define('APPLICATION_ROOT', __DIR__ . '/');
 define('INCLUDE_ROOT', APPLICATION_ROOT);

diff --git a/sql/patches/038_more_mediumtexts.sql b/sql/patches/038_more_mediumtexts.sql
@@ -0,0 +1 @@
+ALTER TABLE `survey_items` CHANGE `value` `value` mediumtext COLLATE utf8mb4_unicode_ci;
diff --git a/sql/schema.sql b/sql/schema.sql
@@ -111,7 +111,7 @@ CREATE TABLE `osf` (
 
 CREATE TABLE `survey_users` (
   `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-  `user_code` char(64) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL,
+  `user_code` varchar(64) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL,
   `first_name` VARCHAR(50) NULL,
   `last_name` VARCHAR(50) NULL,
   `affiliation` VARCHAR(350) NULL,
@@ -200,7 +200,7 @@ CREATE TABLE `survey_run_sessions` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `run_id` int(10) unsigned NOT NULL,
   `user_id` int(10) unsigned DEFAULT NULL,
-  `session` char(64) COLLATE utf8mb4_unicode_ci NOT NULL,
+  `session` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL,
   `created` datetime DEFAULT NULL,
   `ended` datetime DEFAULT NULL,
   `last_access` datetime DEFAULT NULL,
@@ -292,6 +292,7 @@ CREATE TABLE `survey_email_accounts` (
   `tls` tinyint(4) DEFAULT NULL,
   `username` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `password` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
+  `reply_to` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `auth_key` text COLLATE utf8mb4_unicode_ci NOT NULL,
   `deleted` int(1) NOT NULL DEFAULT 0,
   `status` tinyint(1) DEFAULT NULL,
@@ -402,12 +403,12 @@ CREATE TABLE `survey_items` (
   `choice_list` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `type_options` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `name` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
-  `label` text COLLATE utf8mb4_unicode_ci,
+  `label` mediumtext COLLATE utf8mb4_unicode_ci,
   `label_parsed` mediumtext COLLATE utf8mb4_unicode_ci,
   `optional` tinyint(4) DEFAULT NULL,
   `class` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `showif` mediumtext COLLATE utf8mb4_unicode_ci,
-  `value` text COLLATE utf8mb4_unicode_ci,
+  `value` mediumtext COLLATE utf8mb4_unicode_ci,
   `block_order` varchar(4) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
   `item_order` smallint(6) DEFAULT NULL,
   `order` int(10) DEFAULT NULL,

diff --git a/webroot/assets/build/js/formr.min.js b/webroot/assets/build/js/formr.min.js
diff --git a/webroot/assets/common/js/webshim.js b/webroot/assets/common/js/webshim.js
@@ -29,7 +29,7 @@ webshim.setOptions({
     'forms-ext': {
         types: 'range date time number month color',
         customDatalist: true,
-        replaceUI: {range: true, color: true, date: true, month: true},
+        replaceUI: {range: true, color: true, date: true, month: true, number: true},
 		widgets: {
 			'startView': 1,
 			'openOnFocus': true,