From 9c46b41a4b04246863a0c6798a77fc73f9633974 Mon Sep 17 00:00:00 2001 From: Adam Zammit Date: Thu, 24 Jan 2013 15:10:16 +1100 Subject: [PATCH] Added CHANGELOG update Included sRandomChars in functions.limesurvey Add an index on the token field of the survey table --- CHANGELOG | 9 ++++++++ functions/functions.limesurvey.php | 22 +++++++++++++++++++ .../limesurvey/admin/activate_functions.php | 5 +++++ 3 files changed, 36 insertions(+) diff --git a/CHANGELOG b/CHANGELOG index 6a8867d7..efd92290 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,12 @@ +queXS 1.7.0 - Changes since 1.6.1 + +New Feature: Replace queXS caseid as token with a random token to allow for safe external access + +Database updates: + +ALTER TABLE `case` ADD `token` VARCHAR( 36 ) NOT NULL ; +ALTER TABLE `case` ADD UNIQUE (`token`); + queXS 1.6.1 - Changes since 1.6.0 New Feature: Include paradata/metadata in data output (number call attempts, number of answering machine messages and all sample variables) diff --git a/functions/functions.limesurvey.php b/functions/functions.limesurvey.php index 54a2b76f..2b6ad7c6 100644 --- a/functions/functions.limesurvey.php +++ b/functions/functions.limesurvey.php @@ -271,6 +271,28 @@ function getRandomID() } +/** +* Creates a random sequence of characters +* +* @param mixed $length Length of resulting string +* @param string $pattern To define which characters should be in the resulting string +* +* From Limesurvey +*/ +function sRandomChars($length = 15,$pattern="23456789abcdefghijkmnpqrstuvwxyz") +{ + $patternlength = strlen($pattern)-1; + for($i=0;$i<$length;$i++) + { + if(isset($key)) + $key .= $pattern{rand(0,$patternlength)}; + else + $key = $pattern{rand(0,$patternlength)}; + } + return $key; +} + + /** diff --git a/include/limesurvey/admin/activate_functions.php b/include/limesurvey/admin/activate_functions.php index 2d5bcfc1..bc78b907 100644 --- a/include/limesurvey/admin/activate_functions.php +++ b/include/limesurvey/admin/activate_functions.php @@ -407,6 +407,11 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php') } $execresult=$dict->ExecuteSQLArray($sqlarray,1); + + //queXS Addition - add an index on the token + $createtokenindex = $dict->CreateIndexSQL("{$tabname}_idx", $tabname, array('token')); + $dict->ExecuteSQLArray($createtokenindex, false) or safe_die ("Failed to create token index
$createtokenindex

".$connect->ErrorMsg()); + if ($execresult==0 || $execresult==1) { $activateoutput .= "
\n
\n" .