Merging the updated Limesurvey 1.92+ branch of queXS to trunk

2024-04-02 12:12:16 +00:00 · 2012-11-21 04:04:39 +00:00
parent 153fc8ca0d
commit c569559964
856 changed files with 254260 additions and 819988 deletions
--- a/admin/quotarow.php
+++ b/admin/quotarow.php
@@ -274,14 +274,19 @@ if ($questionnaire_id != false)
 				print "<h1>" . T_("Enter the details for creating the row quota:") . "</h1>";
 				print "<h2>" . T_("Pre defined values for this question:") . "</h2>";
-				$qid = explode("X", $sgqa);
+				$rs = "";
 				$qid = $qid[2];
-				$sql = "SELECT l.code,l.answer as title
+				if ($sgqa != -2 && $sgqa != -1 && !empty($sgqa))
-					FROM `" . LIME_PREFIX . "answers` as l
+				{
-					WHERE l.qid = '$qid'";
+					$qid = explode("X", $sgqa);
 					$qid = $qid[2];
-				$rs = $db->GetAll($sql);
+					$sql = "SELECT l.code,l.answer as title
 						FROM `" . LIME_PREFIX . "answers` as l
 						WHERE l.qid = '$qid'";
 					$rs = $db->GetAll($sql);
 				}
 				if (!isset($rs) || empty($rs))
 					print "<p>" . T_("No labels defined for this question") ."</p>";
--- a/appointmentlist.php
+++ b/appointmentlist.php
@@ -53,7 +53,7 @@ $js = false;
 if (AUTO_LOGOUT_MINUTES !== false)
 	$js = array("include/jquery-ui/js/jquery-1.4.2.min.js","js/childnap.js");
-xhtml_head(T_("Appointment List"),true,array("css/table.css"),$js,false,15);
+xhtml_head(T_("Appointment List"),true,array("css/table.css"),$js,false,60);
 //List the case appointment
 // display in respondent time so that the operator will be able to
--- a/callhistory.php
+++ b/callhistory.php
@@ -53,7 +53,7 @@ $js = false;
 if (AUTO_LOGOUT_MINUTES !== false)
        $js = array("include/jquery-ui/js/jquery-1.4.2.min.js","js/childnap.js");
-xhtml_head(T_("Case History List"),true,array("css/table.css"),$js,false,15);
+xhtml_head(T_("Case History List"),true,array("css/table.css"),$js,false,60);
 //List the case call history
 // display in respondent time so that the operator will be able to
--- a/calllist.php
+++ b/calllist.php
@@ -53,7 +53,7 @@ $js = false;
 if (AUTO_LOGOUT_MINUTES !== false)
        $js = array("include/jquery-ui/js/jquery-1.4.2.min.js","js/childnap.js");
-xhtml_head(T_("Call List"),true,array("css/table.css"),$js,false,15);
+xhtml_head(T_("Call List"),true,array("css/table.css"),$js,false,60);
 //List the case call history
 // display in respondent time so that the operator will be able to
--- a/config.default.php
+++ b/config.default.php
@@ -161,7 +161,7 @@ if (!defined('PHP_EXEC')) define('PHP_EXEC', "php");
 /**
 * Path to ADODB
 */
-if (!defined('ADODB_PATH')) define('ADODB_PATH',dirname(__FILE__).'/../adodb/');
+if (!defined('ADODB_PATH')) define('ADODB_PATH',dirname(__FILE__).'/include/limesurvey/classes/adodb/');
 /**
 * Path to the HTPASSWD file read/writable by the web server user for htpasswd integration
--- a/config.inc.local.php.example
+++ b/config.inc.local.php.example
@@ -63,11 +63,6 @@ define('AUTO_POPUP',false);
 */
 define('QUEXS_PATH', '/quexs/');
 /**
 * Path to ADODB
 */
 define('ADODB_PATH',dirname(__FILE__).'/../adodb/');
 /**
 * Database configuration for queXS
 */
--- a/database/quexs.sql
+++ b/database/quexs.sql
@@ -3,9 +3,9 @@
 -- http://www.phpmyadmin.net
 --
 -- Host: localhost
-- Generation Time: Sep 07, 2011 at 02:42 PM
+-- Generation Time: Nov 16, 2012 at 12:35 PM
 -- Server version: 5.0.51
-- PHP Version: 5.2.6-1+lenny13
+-- PHP Version: 5.2.6-1+lenny16
 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
@@ -18,7 +18,6 @@ SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
 --
 -- Database: `quexs`
 --
 -- --------------------------------------------------------
 --
@@ -472,6 +471,31 @@ CREATE TABLE `lime_defaultvalues` (
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_expression_errors`
 --
 CREATE TABLE `lime_expression_errors` (
  `id` int(9) NOT NULL auto_increment,
  `errortime` varchar(50) collate utf8_unicode_ci default NULL,
  `sid` int(11) default NULL,
  `gid` int(11) default NULL,
  `qid` int(11) default NULL,
  `gseq` int(11) default NULL,
  `qseq` int(11) default NULL,
  `type` varchar(50) collate utf8_unicode_ci default NULL,
  `eqn` text collate utf8_unicode_ci,
  `prettyprint` text collate utf8_unicode_ci,
  PRIMARY KEY  (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_expression_errors`
 --
 -- --------------------------------------------------------
 --
@@ -504,6 +528,8 @@ CREATE TABLE `lime_groups` (
  `group_order` int(11) NOT NULL default '0',
  `description` text collate utf8_unicode_ci,
  `language` varchar(20) collate utf8_unicode_ci NOT NULL default 'en',
  `randomization_group` varchar(20) collate utf8_unicode_ci NOT NULL default '',
  `grelevance` text collate utf8_unicode_ci,
  PRIMARY KEY  (`gid`,`language`),
  KEY `groups_idx2` (`sid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
@@ -553,6 +579,119 @@ CREATE TABLE `lime_labelsets` (
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participants`
 --
 CREATE TABLE `lime_participants` (
  `participant_id` varchar(50) collate utf8_unicode_ci NOT NULL,
  `firstname` varchar(40) collate utf8_unicode_ci default NULL,
  `lastname` varchar(40) collate utf8_unicode_ci default NULL,
  `email` varchar(80) collate utf8_unicode_ci default NULL,
  `language` varchar(40) collate utf8_unicode_ci default NULL,
  `blacklisted` varchar(1) collate utf8_unicode_ci NOT NULL,
  `owner_uid` int(20) NOT NULL,
  PRIMARY KEY  (`participant_id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participants`
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participant_attribute`
 --
 CREATE TABLE `lime_participant_attribute` (
  `participant_id` varchar(50) collate utf8_unicode_ci NOT NULL,
  `attribute_id` int(11) NOT NULL,
  `value` varchar(50) collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`participant_id`,`attribute_id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participant_attribute`
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participant_attribute_names`
 --
 CREATE TABLE `lime_participant_attribute_names` (
  `attribute_id` int(11) NOT NULL auto_increment,
  `attribute_type` varchar(4) collate utf8_unicode_ci NOT NULL,
  `visible` char(5) collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`attribute_id`,`attribute_type`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participant_attribute_names`
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participant_attribute_names_lang`
 --
 CREATE TABLE `lime_participant_attribute_names_lang` (
  `attribute_id` int(11) NOT NULL,
  `attribute_name` varchar(30) collate utf8_unicode_ci NOT NULL,
  `lang` varchar(20) collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`attribute_id`,`lang`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participant_attribute_names_lang`
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participant_attribute_values`
 --
 CREATE TABLE `lime_participant_attribute_values` (
  `value_id` int(11) NOT NULL auto_increment,
  `attribute_id` int(11) NOT NULL,
  `value` varchar(20) collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`value_id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participant_attribute_values`
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_participant_shares`
 --
 CREATE TABLE `lime_participant_shares` (
  `participant_id` varchar(50) collate utf8_unicode_ci NOT NULL,
  `share_uid` int(11) NOT NULL,
  `date_added` datetime NOT NULL,
  `can_edit` varchar(5) collate utf8_unicode_ci NOT NULL,
  PRIMARY KEY  (`participant_id`,`share_uid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_participant_shares`
 --
 -- --------------------------------------------------------
 --
@@ -575,6 +714,7 @@ CREATE TABLE `lime_questions` (
  `language` varchar(20) collate utf8_unicode_ci NOT NULL default 'en',
  `scale_id` tinyint(4) NOT NULL default '0',
  `same_default` tinyint(4) NOT NULL default '0' COMMENT 'Saves if user set to use the same default value across languages in default options dialog',
  `relevance` text collate utf8_unicode_ci,
  PRIMARY KEY  (`qid`,`language`),
  KEY `questions_idx2` (`sid`),
  KEY `questions_idx3` (`gid`),
@@ -598,8 +738,10 @@ CREATE TABLE `lime_question_attributes` (
  `qid` int(11) NOT NULL default '0',
  `attribute` varchar(50) collate utf8_unicode_ci default NULL,
  `value` text collate utf8_unicode_ci,
  `language` varchar(20) collate utf8_unicode_ci default NULL,
  PRIMARY KEY  (`qaid`),
-  KEY `question_attributes_idx2` (`qid`)
+  KEY `question_attributes_idx2` (`qid`),
  KEY `question_attributes_idx3` (`attribute`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
@@ -741,14 +883,9 @@ CREATE TABLE `lime_settings_global` (
 -- Dumping data for table `lime_settings_global`
 --
-INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('DBVersion', '146');
+INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES
-INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('force_ssl', '');
+('DBVersion', '155.6'),
-INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('SessionName', 'ls28629164789259281352');
+('SessionName', 'ls28629164789259281352');
 INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('showgroupinfo', 'choose');
 INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('showqnumcode', 'choose');
 INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('showXquestions', 'choose');
 INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('updateavailable', '0');
 INSERT INTO `lime_settings_global` (`stg_name`, `stg_value`) VALUES('updatelastcheck', '2011-09-07 14:38:57');
 -- --------------------------------------------------------
@@ -795,7 +932,7 @@ CREATE TABLE `lime_surveys` (
  `emailresponseto` text collate utf8_unicode_ci,
  `emailnotificationto` text collate utf8_unicode_ci,
  `tokenlength` tinyint(2) default '15',
-  `showXquestions` char(1) collate utf8_unicode_ci default 'Y',
+  `showxquestions` char(1) collate utf8_unicode_ci default 'Y',
  `showgroupinfo` char(1) collate utf8_unicode_ci default 'B',
  `shownoanswer` char(1) collate utf8_unicode_ci default 'Y',
  `showqnumcode` char(1) collate utf8_unicode_ci default 'X',
@@ -812,6 +949,8 @@ CREATE TABLE `lime_surveys` (
  `navigationdelay` tinyint(2) default '0',
  `nokeyboard` char(1) collate utf8_unicode_ci default 'N',
  `alloweditaftercompletion` char(1) collate utf8_unicode_ci default 'N',
  `googleanalyticsstyle` char(1) collate utf8_unicode_ci default NULL,
  `googleanalyticsapikey` varchar(25) collate utf8_unicode_ci default NULL,
  PRIMARY KEY  (`sid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
@@ -827,7 +966,7 @@ CREATE TABLE `lime_surveys` (
 --
 CREATE TABLE `lime_surveys_languagesettings` (
-  `surveyls_survey_id` int(10) unsigned NOT NULL default '0',
+  `surveyls_survey_id` int(11) NOT NULL default '0',
  `surveyls_language` varchar(45) collate utf8_unicode_ci NOT NULL default 'en',
  `surveyls_title` varchar(200) collate utf8_unicode_ci NOT NULL,
  `surveyls_description` text collate utf8_unicode_ci,
@@ -844,11 +983,11 @@ CREATE TABLE `lime_surveys_languagesettings` (
  `surveyls_email_confirm_subj` varchar(255) collate utf8_unicode_ci default NULL,
  `surveyls_email_confirm` text collate utf8_unicode_ci,
  `surveyls_dateformat` int(10) unsigned NOT NULL default '1',
  `surveyls_numberformat` int(11) NOT NULL default '0',
  `email_admin_notification_subj` varchar(255) collate utf8_unicode_ci default NULL,
  `email_admin_notification` text collate utf8_unicode_ci,
  `email_admin_responses_subj` varchar(255) collate utf8_unicode_ci default NULL,
  `email_admin_responses` text collate utf8_unicode_ci,
  `surveyls_numberformat` int(11) NOT NULL default '0',
  PRIMARY KEY  (`surveyls_survey_id`,`surveyls_language`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
@@ -857,6 +996,25 @@ CREATE TABLE `lime_surveys_languagesettings` (
 --
 -- --------------------------------------------------------
 --
 -- Table structure for table `lime_survey_links`
 --
 CREATE TABLE `lime_survey_links` (
  `participant_id` varchar(50) collate utf8_unicode_ci NOT NULL,
  `token_id` int(11) NOT NULL,
  `survey_id` int(11) NOT NULL,
  `date_created` datetime NOT NULL,
  PRIMARY KEY  (`participant_id`,`token_id`,`survey_id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 --
 -- Dumping data for table `lime_survey_links`
 --
 -- --------------------------------------------------------
 --
@@ -864,8 +1022,8 @@ CREATE TABLE `lime_surveys_languagesettings` (
 --
 CREATE TABLE `lime_survey_permissions` (
-  `sid` int(10) unsigned NOT NULL,
+  `sid` int(11) NOT NULL,
-  `uid` int(10) unsigned NOT NULL,
+  `uid` int(11) NOT NULL,
  `permission` varchar(20) collate utf8_unicode_ci NOT NULL,
  `create_p` tinyint(1) NOT NULL default '0',
  `read_p` tinyint(1) NOT NULL default '0',
@@ -927,19 +1085,22 @@ CREATE TABLE `lime_users` (
  `users_name` varchar(64) collate utf8_unicode_ci NOT NULL default '',
  `password` blob NOT NULL,
  `full_name` varchar(50) collate utf8_unicode_ci NOT NULL,
-  `parent_id` int(10) unsigned NOT NULL,
+  `parent_id` int(11) NOT NULL,
  `lang` varchar(20) collate utf8_unicode_ci default NULL,
  `email` varchar(320) collate utf8_unicode_ci default NULL,
  `create_survey` tinyint(1) NOT NULL default '0',
  `create_user` tinyint(1) NOT NULL default '0',
  `participant_panel` tinyint(1) NOT NULL default '0',
  `delete_user` tinyint(1) NOT NULL default '0',
  `superadmin` tinyint(1) NOT NULL default '0',
  `configurator` tinyint(1) NOT NULL default '0',
  `manage_template` tinyint(1) NOT NULL default '0',
  `manage_label` tinyint(1) NOT NULL default '0',
  `htmleditormode` varchar(7) collate utf8_unicode_ci default 'default',
  `templateeditormode` varchar(7) collate utf8_unicode_ci default 'default',
  `questionselectormode` varchar(7) collate utf8_unicode_ci default 'default',
  `one_time_pw` blob,
-  `dateformat` int(10) unsigned NOT NULL default '1',
+  `dateformat` int(11) NOT NULL default '1',
  PRIMARY KEY  (`uid`),
  UNIQUE KEY `users_name` (`users_name`)
 ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
@@ -948,7 +1109,8 @@ CREATE TABLE `lime_users` (
 -- Dumping data for table `lime_users`
 --
-INSERT INTO `lime_users` (`uid`, `users_name`, `password`, `full_name`, `parent_id`, `lang`, `email`, `create_survey`, `create_user`, `delete_user`, `superadmin`, `configurator`, `manage_template`, `manage_label`, `htmleditormode`, `one_time_pw`, `dateformat`) VALUES(1, 'admin', 0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438, 'Your Name', 0, 'en', 'your@email.org', 1, 1, 1, 1, 1, 1, 1, 'default', NULL, 1);
+INSERT INTO `lime_users` (`uid`, `users_name`, `password`, `full_name`, `parent_id`, `lang`, `email`, `create_survey`, `create_user`, `participant_panel`, `delete_user`, `superadmin`, `configurator`, `manage_template`, `manage_label`, `htmleditormode`, `templateeditormode`, `questionselectormode`, `one_time_pw`, `dateformat`) VALUES
 (1, 'admin', 0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438, 'Your Name', 0, 'en', 'your-email@example.net', 1, 1, 0, 1, 1, 1, 1, 1, 'default', 'default', 'default', NULL, 1);
 -- --------------------------------------------------------
@@ -957,10 +1119,10 @@ INSERT INTO `lime_users` (`uid`, `users_name`, `password`, `full_name`, `parent_
 --
 CREATE TABLE `lime_user_groups` (
-  `ugid` int(10) unsigned NOT NULL auto_increment,
+  `ugid` int(11) NOT NULL auto_increment,
  `name` varchar(20) collate utf8_unicode_ci NOT NULL,
  `description` text collate utf8_unicode_ci NOT NULL,
-  `owner_id` int(10) unsigned NOT NULL,
+  `owner_id` int(11) NOT NULL,
  PRIMARY KEY  (`ugid`),
  UNIQUE KEY `name` (`name`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
@@ -977,8 +1139,8 @@ CREATE TABLE `lime_user_groups` (
 --
 CREATE TABLE `lime_user_in_groups` (
-  `ugid` int(10) unsigned NOT NULL,
+  `ugid` int(11) NOT NULL,
-  `uid` int(10) unsigned NOT NULL,
+  `uid` int(11) NOT NULL,
  PRIMARY KEY  (`ugid`,`uid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
--- a/include/limesurvey/.gitignore
+++ b/include/limesurvey/.gitignore
@@ -0,0 +1,2 @@
 /upload/surveys/*
--- a/include/limesurvey/admin/access_denied.php
+++ b/include/limesurvey/admin/access_denied.php
@@ -10,15 +10,15 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: access_denied.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: access_denied.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
-if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly (access_denied)");}
+include_once("login_check.php");  //Login Check dies also if the script is started directly
 if (isset($_SESSION['loginID']))
 {
-
+    include('html.php'); // For showadminmenu
    $accesssummary = "<p><strong>".$clang->gT("Access denied!")."</strong><br />\n";
    $action=returnglobal('action');
--- a/include/limesurvey/admin/activate.php
+++ b/include/limesurvey/admin/activate.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: activate.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: activate.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
@@ -88,3 +88,4 @@ else
            include('tokens.php');
    }
 }
--- a/include/limesurvey/admin/activate_functions.php
+++ b/include/limesurvey/admin/activate_functions.php
@@ -1,32 +1,33 @@
 <?php
 /*
- * LimeSurvey
+* LimeSurvey
- * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
- * All rights reserved.
+* All rights reserved.
- * License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
- * LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
- * to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
- * is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
- * other free or open source software licenses.
+* other free or open source software licenses.
- * See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
- *
+*
- *	$Id: activate_functions.php 9671 2010-12-21 20:02:24Z c_schmitz $
+*	Files Purpose: holds functions to activate a survey and precheck the consistency of the survey
- *	Files Purpose: holds functions to activate a survey and precheck the consistency of the survey
+*/
 */
 /**
- * fixes the numbering of questions
+* fixes the numbering of questions
- * @global $dbprefix $dbprefix
+* @global $dbprefix $dbprefix
- * @global $connect $connect
+* @global $connect $connect
- * @global $clang $clang
+* @global $clang $clang
- * @param <type> $fixnumbering
+* @param <type> $fixnumbering
- */
+*/
 function fixNumbering($fixnumbering)
 {
-    global $dbprefix, $connect, $clang;
+    global $dbprefix, $connect, $clang, $surveyid;
-     //Fix a question id - requires renumbering a question
+
-    $oldqid = $fixnumbering;
+    LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
    //Fix a question id - requires renumbering a question
    $oldqid = sanitize_int($fixnumbering);
    $query = "SELECT qid FROM {$dbprefix}questions ORDER BY qid DESC";
    $result = db_select_limit_assoc($query, 1) or safe_die($query."<br />".$connect->ErrorMsg());
    while ($row=$result->FetchRow()) {$lastqid=$row['qid'];}
@@ -51,9 +52,9 @@ function fixNumbering($fixnumbering)
        foreach ($switcher as $switch)
        {
            $query = "UPDATE {$dbprefix}conditions
-                                              SET cqid=$newqid,
+            SET cqid=$newqid,
-                                              cfieldname='".str_replace("X".$oldqid, "X".$newqid, $switch['cfieldname'])."'
+            cfieldname='".str_replace("X".$oldqid, "X".$newqid, $switch['cfieldname'])."'
-                                              WHERE cqid=$oldqid";
+            WHERE cqid=$oldqid";
            $result = $connect->Execute($query) or safe_die($query."<br />".$connect->ErrorMsg());
        }
    }
@@ -63,19 +64,21 @@ function fixNumbering($fixnumbering)
    //Now answers
    $query = "UPDATE {$dbprefix}answers SET qid=$newqid WHERE qid=$oldqid";
    $result = $connect->Execute($query) or safe_die($query."<br />".$connect->ErrorMsg());
    LimeExpressionManager::UpgradeConditionsToRelevance($surveyid);
 }
 /**
- * checks consistency of groups
+* checks consistency of groups
- * @global  $dbprefix
+* @global  $dbprefix
- * @global  $connect
+* @global  $connect
- * @global  $clang
+* @global  $clang
- * @return <type>
+* @return <type>
- */
+*/
 function checkGroup($postsid)
 {
    global $dbprefix, $connect, $clang;
-     $baselang = GetBaseLanguageFromSurveyID($postsid);
+    $baselang = GetBaseLanguageFromSurveyID($postsid);
    $groupquery = "SELECT g.gid,g.group_name,count(q.qid) as count from {$dbprefix}questions as q RIGHT JOIN {$dbprefix}groups as g ON q.gid=g.gid AND g.language=q.language WHERE g.sid=$postsid AND g.language='$baselang' group by g.gid,g.group_name;";
    $groupresult=db_execute_assoc($groupquery) or safe_die($groupquery."<br />".$connect->ErrorMsg());
    while ($row=$groupresult->FetchRow())
@@ -92,20 +95,20 @@ function checkGroup($postsid)
 }
 /**
- * checks questions in a survey for consistency
+* checks questions in a survey for consistency
- * @global <type> $dbprefix
+* @global <type> $dbprefix
- * @global <type> $connect
+* @global <type> $connect
- * @global <type> $clang
+* @global <type> $clang
- * @param <type> $postsid
+* @param <type> $postsid
- * @param <type> $surveyid
+* @param <type> $surveyid
- * @return array $faildcheck
+* @return array $faildcheck
- */
+*/
 function checkQuestions($postsid, $surveyid, $qtypes)
 {
-     global $dbprefix, $connect, $clang;
+    global $dbprefix, $connect, $clang;
-     //CHECK TO MAKE SURE ALL QUESTION TYPES THAT REQUIRE ANSWERS HAVE ACTUALLY GOT ANSWERS
+    //CHECK TO MAKE SURE ALL QUESTION TYPES THAT REQUIRE ANSWERS HAVE ACTUALLY GOT ANSWERS
    //THESE QUESTION TYPES ARE:
    //	# "L" -> LIST
    //  # "O" -> LIST WITH COMMENT
@@ -114,7 +117,7 @@ function checkQuestions($postsid, $surveyid, $qtypes)
    //	# "A", "B", "C", "E", "F", "H", "^" -> Various Array Types
    //  # "R" -> RANKING
    //  # "U" -> FILE CSV MORE
-	//  # "I" -> LANGUAGE SWITCH
+    //  # "I" -> LANGUAGE SWITCH
    //  # ":" -> Array Multi Flexi Numbers
    //  # ";" -> Array Multi Flexi Text
    //  # "1" -> MULTI SCALE
@@ -146,7 +149,7 @@ function checkQuestions($postsid, $surveyid, $qtypes)
    }
    //NOW CHECK THAT ALL QUESTIONS HAVE A 'QUESTION TYPE' FIELD SET
-    $chkquery = "SELECT qid, question, gid FROM {$dbprefix}questions WHERE sid={$_GET['sid']} AND type = ''";
+    $chkquery = "SELECT qid, question, gid FROM {$dbprefix}questions WHERE sid={$surveyid} AND type = ''";
    $chkresult = db_execute_assoc($chkquery) or safe_die ("Couldn't check questions for missing types<br />$chkquery<br />".$connect->ErrorMsg());
    while ($chkrow = $chkresult->FetchRow())
    {
@@ -157,14 +160,14 @@ function checkQuestions($postsid, $surveyid, $qtypes)
    //ChECK THAT certain array question types have answers set
-    $chkquery = "SELECT q.qid, question, gid FROM {$dbprefix}questions as q WHERE (select count(*) from {$dbprefix}answers as a where a.qid=q.qid and scale_id=0)=0 and sid={$_GET['sid']} AND type IN ('F', 'H', 'W', 'Z', '1') and q.parent_qid=0";
+    $chkquery = "SELECT q.qid, question, gid FROM {$dbprefix}questions as q WHERE (select count(*) from {$dbprefix}answers as a where a.qid=q.qid and scale_id=0)=0 and sid={$surveyid} AND type IN ('F', 'H', 'W', 'Z', '1') and q.parent_qid=0";
    $chkresult = db_execute_assoc($chkquery) or safe_die ("Couldn't check questions for missing answers<br />$chkquery<br />".$connect->ErrorMsg());
    while($chkrow = $chkresult->FetchRow()){
        $failedcheck[]=array($chkrow['qid'], $chkrow['question'], ": ".$clang->gT("This question requires answers, but none are set."), $chkrow['gid']);
    } // while
    //CHECK THAT DUAL Array has answers set
-    $chkquery = "SELECT q.qid, question, gid FROM {$dbprefix}questions as q WHERE (select count(*) from {$dbprefix}answers as a where a.qid=q.qid and scale_id=1)=0 and sid={$_GET['sid']} AND type='1' and q.parent_qid=0";
+    $chkquery = "SELECT q.qid, question, gid FROM {$dbprefix}questions as q WHERE (select count(*) from {$dbprefix}answers as a where a.qid=q.qid and scale_id=1)=0 and sid={$surveyid} AND type='1' and q.parent_qid=0";
    $chkresult = db_execute_assoc($chkquery) or safe_die ("Couldn't check questions for missing 2nd answer set<br />$chkquery<br />".$connect->ErrorMsg());
    while($chkrow = $chkresult->FetchRow()){
        $failedcheck[]=array($chkrow['qid'], $chkrow['question'], ": ".$clang->gT("This question requires a second answer set but none is set."), $chkrow['gid']);
@@ -173,7 +176,7 @@ function checkQuestions($postsid, $surveyid, $qtypes)
    //CHECK THAT ALL CONDITIONS SET ARE FOR QUESTIONS THAT PRECEED THE QUESTION CONDITION
    //A: Make an array of all the qids in order of appearance
-    //	$qorderquery="SELECT * FROM {$dbprefix}questions, {$dbprefix}groups WHERE {$dbprefix}questions.gid={$dbprefix}groups.gid AND {$dbprefix}questions.sid={$_GET['sid']} ORDER BY {$dbprefix}groups.sortorder, {$dbprefix}questions.title";
+    //	$qorderquery="SELECT * FROM {$dbprefix}questions, {$dbprefix}groups WHERE {$dbprefix}questions.gid={$dbprefix}groups.gid AND {$dbprefix}questions.sid={$surveyid} ORDER BY {$dbprefix}groups.sortorder, {$dbprefix}questions.title";
    //	$qorderresult=$connect->Execute($qorderquery) or safe_die("Couldn't generate a list of questions in order<br />$qorderquery<br />".$connect->ErrorMsg());
    //	$qordercount=$qorderresult->RecordCount();
    //	$c=0;
@@ -228,7 +231,8 @@ function checkQuestions($postsid, $surveyid, $qtypes)
        }
    }
    //CHECK THAT ALL THE CREATED FIELDS WILL BE UNIQUE
-    $fieldmap=createFieldMap($surveyid, "full");
+    $fieldmap=createFieldMap($surveyid, 'full', true,false, GetBaseLanguageFromSurveyID($surveyid));// createFieldMap($surveyid, $styl, $force_refresh,$questionid, $sQuestionLanguage);
    $clang = new limesurvey_lang($_SESSION['adminlang']);
    if (isset($fieldmap))
    {
        foreach($fieldmap as $fielddata)
@@ -254,22 +258,22 @@ function checkQuestions($postsid, $surveyid, $qtypes)
        return false;
 }
 /**
- * Function to activate a survey
+* Function to activate a survey
- * @global $dbprefix $dbprefix
+* @global $dbprefix $dbprefix
- * @global $connect $connect
+* @global $connect $connect
- * @global $clang $clang
+* @global $clang $clang
- * @param int $postsid
+* @param int $postsid
- * @param int $surveyid
+* @param int $surveyid
- * @return string
+* @return string
- */
+*/
 function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
 {
    global $dbprefix, $connect, $clang, $databasetype,$databasetabletype, $uploaddir;
-     $createsurvey='';
+    $createsurvey='';
-     $activateoutput='';
+    $activateoutput='';
-     $createsurveytimings='';
+    $createsurveytimings='';
-     $createsurveydirectory=false;
+    $createsurveydirectory=false;
    //Check for any additional fields for this survey and create necessary fields (token and datestamp)
    $pquery = "SELECT anonymized, allowregister, datestamp, ipaddr, refurl, savetimings FROM {$dbprefix}surveys WHERE sid={$postsid}";
    $presult=db_execute_assoc($pquery);
@@ -282,13 +286,9 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
    {
        $savetimings="TRUE";
    }
    //strip trailing comma and new line feed (if any)
    $createsurvey = rtrim($createsurvey, ",\n");
    //strip trailing comma and new line feed (if any)
    $createsurvey = rtrim($createsurvey, ",\n");
    //Get list of questions for the base language
-    $fieldmap=createFieldMap($surveyid);
+    $fieldmap=createFieldMap($surveyid, 'full', true,false, GetBaseLanguageFromSurveyID($surveyid));// createFieldMap($surveyid, $styl, $force_refresh,$questionid, $sQuestionLanguage);
    foreach ($fieldmap as $arow) //With each question, create the appropriate field(s)
    {
        if ($createsurvey!='') {$createsurvey .= ",\n";}
@@ -344,7 +344,11 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
                $createsurvey .= " X";
                break;
            case "D":  //DATE
-                $createsurvey .= " D";
+                if ($databasetype=='odbc_mssql' || $databasetype=='odbtp' || $databasetype=='mssql_n' || $databasetype=='mssqlnative') {
                    $createsurvey .= " T";
                }
                else
                    $createsurvey .= " D";
                break;
            case "5":  //5 Point Choice
            case "G":  //Gender
@@ -376,6 +380,9 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
                    $createsurvey .= " C(36)";
                }
                break;
            case '*':   // Equation
                $createsurvey .= " X";  // could be anything, from numeric to a long message, so default to text
                break;
            default:
                $createsurvey .= " C(5)";
        }
@@ -389,7 +396,7 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
    $tabname = "{$dbprefix}survey_{$postsid}"; # not using db_table_name as it quotes the table name (as does CreateTableSQL)
    $taboptarray = array('mysql' => 'ENGINE='.$databasetabletype.'  CHARACTER SET utf8 COLLATE utf8_unicode_ci',
-                         'mysqli'=> 'ENGINE='.$databasetabletype.'  CHARACTER SET utf8 COLLATE utf8_unicode_ci');
+    'mysqli'=> 'ENGINE='.$databasetabletype.'  CHARACTER SET utf8 COLLATE utf8_unicode_ci');
    $dict = NewDataDictionary($connect);
    $sqlarray = $dict->CreateTableSQL($tabname, $createsurvey, $taboptarray);
@@ -450,32 +457,44 @@ function activateSurvey($postsid,$surveyid, $scriptname='admin.php')
        if ($createsurveydirectory)
            if (!file_exists($uploaddir."/surveys/" . $postsid . "/files"))
            {
-               if (!(mkdir($uploaddir."/surveys/" . $postsid . "/files", 0777, true)))
+                if (!(mkdir($uploaddir."/surveys/" . $postsid . "/files", 0777, true)))
-               {
+                {
-                $activateoutput .= "<div class='warningheader'>".
+                    $activateoutput .= "<div class='warningheader'>".
                    $clang->gT("The required directory for saving the uploaded files couldn't be created. Please check file premissions on the limesurvey/upload/surveys directory.") . "</div>";
-               }
+                }
-               else
+                else
-               {
+                {
-                   file_put_contents($uploaddir."/surveys/" . $postsid . "/files/index.html",'<html><head></head><body></body></html>');
+                    file_put_contents($uploaddir."/surveys/" . $postsid . "/files/index.html",'<html><head></head><body></body></html>');
-               }
+                }
            }
-        $acquery = "UPDATE {$dbprefix}surveys SET active='Y' WHERE sid=".$surveyid;
+            $acquery = "UPDATE {$dbprefix}surveys SET active='Y' WHERE sid=".$surveyid;
        $acresult = $connect->Execute($acquery);
        $query=db_select_tables_like("{$dbprefix}old\_tokens\_".$surveyid."\_%");
        $result=db_execute_num($query) or safe_die("Couldn't get old table list<br />".$query."<br />".$connect->ErrorMsg());
        $tcount=$result->RecordCount();
        if ($tcount==0)
        {
            $sTokenActivationLink="$scriptname?action=tokens&amp;sid={$postsid}&amp;createtable=Y";
        }
        else
        {
            $sTokenActivationLink="$scriptname?action=tokens&amp;sid={$postsid}";
        }
        if (isset($surveyallowsregistration) && $surveyallowsregistration == "TRUE")
        {
            $activateoutput .= $clang->gT("This survey allows public registration. A token table must also be created.")."<br /><br />\n";
-            $activateoutput .= "<input type='submit' value='".$clang->gT("Initialise tokens")."' onclick=\"".get2post("$scriptname?action=tokens&amp;sid={$postsid}&amp;createtable=Y")."\" />\n";
+            $activateoutput .= "<input type='submit' value='".$clang->gT("Initialise tokens")."' onclick=\"".get2post($sTokenActivationLink)."\" />\n";
        }
        else
        {
            $activateoutput .= $clang->gT("This survey is now active, and responses can be recorded.")."<br /><br />\n";
-//queXS removal
+//queXS Removal
 //            $activateoutput .= "<strong>".$clang->gT("Open-access mode").":</strong> ".$clang->gT("No invitation code is needed to complete the survey.")."<br />".$clang->gT("You can switch to the closed-access mode by initialising a token table with the button below.")."<br /><br />\n";
-  //        $activateoutput .= "<input type='submit' value='".$clang->gT("Switch to closed-access mode")."' onclick=\"".get2post("$scriptname?action=tokens&amp;sid={$postsid}&amp;createtable=Y")."\" />\n";
+  //          $activateoutput .= "<input type='submit' value='".$clang->gT("Switch to closed-access mode")."' onclick=\"".get2post($sTokenActivationLink)."\" />\n";
    //        $activateoutput .= "<input type='submit' value='".$clang->gT("No, thanks.")."' onclick=\"".get2post("$scriptname?sid={$postsid}")."\" />\n";
        }
        $activateoutput .= "</div><br />&nbsp;\n";
@@ -501,11 +520,11 @@ function mssql_drop_constraint($fieldname, $tablename)
    // find out the name of the default constraint
    // Did I already mention that this is the most suckiest thing I have ever seen in MSSQL database?
    $dfquery ="SELECT c_obj.name AS constraint_name
-                FROM  sys.sysobjects AS c_obj INNER JOIN
+    FROM  sys.sysobjects AS c_obj INNER JOIN
-                      sys.sysobjects AS t_obj ON c_obj.parent_obj = t_obj.id INNER JOIN
+    sys.sysobjects AS t_obj ON c_obj.parent_obj = t_obj.id INNER JOIN
-                      sys.sysconstraints AS con ON c_obj.id = con.constid INNER JOIN
+    sys.sysconstraints AS con ON c_obj.id = con.constid INNER JOIN
-                      sys.syscolumns AS col ON t_obj.id = col.id AND con.colid = col.colid
+    sys.syscolumns AS col ON t_obj.id = col.id AND con.colid = col.colid
-                WHERE (c_obj.xtype = 'D') AND (col.name = '$fieldname') AND (t_obj.name='{$dbprefix}{$tablename}')";
+    WHERE (c_obj.xtype = 'D') AND (col.name = '$fieldname') AND (t_obj.name='{$dbprefix}{$tablename}')";
    $defaultname=$connect->GetRow($dfquery);
    if ($defaultname!=false)
    {
@@ -516,11 +535,11 @@ function mssql_drop_constraint($fieldname, $tablename)
 function mssql_drop_primary_index($tablename)
 {
-     global $dbprefix, $connect, $modifyoutput;
+    global $dbprefix, $connect, $modifyoutput;
    // find out the constraint name of the old primary key
    $pkquery = "SELECT CONSTRAINT_NAME "
-              ."FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS "
+    ."FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS "
-              ."WHERE     (TABLE_NAME = '{$dbprefix}{$tablename}') AND (CONSTRAINT_TYPE = 'PRIMARY KEY')";
+    ."WHERE     (TABLE_NAME = '{$dbprefix}{$tablename}') AND (CONSTRAINT_TYPE = 'PRIMARY KEY')";
    $primarykey=$connect->GetOne($pkquery);
    if ($primarykey!=false)
--- a/include/limesurvey/admin/admin.php
+++ b/include/limesurvey/admin/admin.php
@@ -1,31 +1,22 @@
 <?php
 /*
- * LimeSurvey
+* LimeSurvey
- * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
- * All rights reserved.
+* All rights reserved.
- * License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
- * LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
- * to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
- * is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
- * other free or open source software licenses.
+* other free or open source software licenses.
- * See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
- *
+*
- * $Id: admin.php 10925 2011-09-02 14:12:02Z c_schmitz $
+* $Id: admin.php 12082 2012-01-17 04:55:39Z tmswhite $
- */
+*/
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
 require_once(dirname(__FILE__).'/../classes/core/startup.php');
 // XML code for LS1.70 is based on the experimental PHP4 domxml
 // extension. PHP5 uses the PHP5/dom extension unless the old domxml is activated
 // the following file is a wrapper to use PHP4/domxml scripts
 // with PHP5/dom or PHP6/dom
 // see http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/index.en.html#licence
 if (version_compare(PHP_VERSION,'5','>=')&& !(function_exists('domxml_new_doc')))
 {
    require_once(dirname(__FILE__).'/classes/core/domxml-php4-to-php5.php');
 }
 require_once(dirname(__FILE__).'/../config-defaults.php');
 require_once(dirname(__FILE__).'/../common.php');
@@ -45,6 +36,19 @@ if (!isset($action)) {$action=returnglobal('action');}          //Desired action
 if (!isset($subaction)) {$subaction=returnglobal('subaction');} //Desired subaction
 if (!isset($editedaction)) {$editedaction=returnglobal('editedaction');} // for html editor integration
 if (isset($_SERVER['HTTP_REFERER']))
 {
    $refurl =  $_SERVER['HTTP_REFERER']; //store referer. Can be used for other screens and not just GlobalSettings
 }
 else
 {
    $refurl =  "";
 }
 LimeExpressionManager::SetSurveyId($surveyid);  // must be called early - it clears internal cache if a new survey is being used
 if (!is_null($surveyid)) {
    $sinfo = getSurveyInfo($surveyid);
    LimeExpressionManager::SetEMLanguage($sinfo['surveyls_language']);
 }
 if ($action != 'showprintablesurvey' && substr($action,0,4)!= 'ajax')
 {
@@ -85,15 +89,15 @@ if(isset($_SESSION['loginID']))
    sendcacheheaders();
    /* Check user right actions for validity
-     Currently existing user rights:
+    Currently existing user rights:
-     `configurator`
+    `configurator`
-     `create_survey`
+    `create_survey`
-     `create_user`
+    `create_user`
-     `delete_user`
+    `delete_user`
-     `manage_label`
+    `manage_label`
-     `manage_template`
+    `manage_template`
-     `superadmin`
+    `superadmin`
-     */
+    */
    if ($action == 'importsurvey' || $action == 'copysurvey')
    {
@@ -102,7 +106,7 @@ if(isset($_SESSION['loginID']))
    }
    elseif ($action == 'dumpdb')
    {
-        if ($_SESSION['USER_RIGHT_CONFIGURATOR']==1)  {include('dumpdb.php');}
+        if ($_SESSION['USER_RIGHT_SUPERADMIN']==1)  {include('dumpdb.php');}
        else { include('access_denied.php');}
    }
    elseif ($action == 'dumplabel')
@@ -149,14 +153,14 @@ if(isset($_SESSION['loginID']))
    /* Check survey right actions for validity
-     Currently existing survey rights:
+    Currently existing survey rights:
-     `edit_survey_property`
+    `edit_survey_property`
-     `define_questions`
+    `define_questions`
-     `browse_response`
+    `browse_response`
-     `export`
+    `export`
-     `delete_survey`
+    `delete_survey`
-     `activate_survey`
+    `activate_survey`
-     */
+    */
    if ($action == 'activate')
    {
@@ -255,6 +259,25 @@ if(isset($_SESSION['loginID']))
        exit;
    }
    elseif ($action == 'showlogicfile')
    {
        if(bHasSurveyPermission($surveyid,'translations','read'))
        {
            $surveyid = sanitize_int($surveyid);
            $thissurvey  = getSurveyInfo($surveyid);
            $_POST['sid'] = $surveyid . '|N';
            $_POST['LEM_PRETTY_PRINT_ALL_SYNTAX'] = 'Y';
            $_POST['surveyMode'] = 'survey';
            $_POST['LEMcalledFromAdmin'] = 'Y';
            $_POST['assessments'] = $thissurvey['assessments'];
            LimeExpressionManager::SetDirtyFlag();
            if (isset($_GET['gid'])) { $_POST['gid'] = $_GET['gid']; }
            if (isset($_GET['qid'])) { $_POST['qid'] = $_GET['qid']; }
            include($rootdir . '/classes/expressions/test/survey_logic_file.php');
            exit;
        }
        else { include('access_denied.php');}
    }
    elseif ($action=='addgroup' || $action=='editgroup' || $action=='ordergroups')
    {
        if(bHasSurveyPermission($surveyid,'surveycontent','read'))    {$_SESSION['FileManagerContext']="edit:group:$surveyid"; include('questiongrouphandling.php');}
@@ -265,13 +288,13 @@ if(isset($_SESSION['loginID']))
        if(bHasSurveyPermission($surveyid,'responses','read'))    {include('saved.php');}
        else { include('access_denied.php');}
    }
-//<AdV>
+    //<AdV>
    elseif ($action == 'translate')
    {
        if(bHasSurveyPermission($surveyid,'translations','read'))    {$_SESSION['FileManagerContext']="edit:translate:$surveyid"; include('translate.php');}
        else { include('access_denied.php'); }
    }
-//</AdV>
+    //</AdV>
    elseif ($action == 'tokens')
    {
        if(bHasSurveyPermission($surveyid,'tokens','read'))
@@ -437,11 +460,11 @@ if(isset($_SESSION['loginID']))
        include('surveylist.php');
    }
    if (!isset($assessmentsoutput) && !isset($statisticsoutput) && !isset($browseoutput) &&
-        !isset($savedsurveyoutput) && !isset($listcolumnoutput) && !isset($conditionsoutput) &&
+    !isset($savedsurveyoutput) && !isset($listcolumnoutput) && !isset($conditionsoutput) &&
-        !isset($importoldresponsesoutput) && !isset($exportroutput) && !isset($vvoutput) &&
+    !isset($importoldresponsesoutput) && !isset($exportroutput) && !isset($vvoutput) &&
-        !isset($tokenoutput) && !isset($exportoutput) && !isset($templatesoutput) && !isset($translateoutput) && //<AdV>
+    !isset($tokenoutput) && !isset($exportoutput) && !isset($templatesoutput) && !isset($translateoutput) && //<AdV>
-        !isset($iteratesurveyoutput) && (substr($action,0,4)!= 'ajax') && ($action!='update') &&
+    !isset($iteratesurveyoutput) && (substr($action,0,4)!= 'ajax') && ($action!='update') &&
-        (isset($surveyid) || $action == "" || preg_match('/^(personalsettings|statistics|copysurvey|importsurvey|editsurveysettings|editsurveylocalesettings|updatesurveysettings|updatesurveysettingsandeditlocalesettings|updatedefaultvalues|ordergroups|dataentry|newsurvey|globalsettings|editusergroups|editusergroup|exportspss|surveyrights|quotas|editusers|login|browse|vvimport|vvexport|setuserrights|modifyuser|setusertemplates|deluser|adduser|userrights|usertemplates|moduser|addusertogroup|deleteuserfromgroup|globalsettingssave|savepersonalsettings|addusergroup|editusergroupindb|usergroupindb|finaldeluser|delusergroup|mailusergroup|mailsendusergroup)$/',$action)))
+    (isset($surveyid) || $action == "" || preg_match('/^(personalsettings|statistics|copysurvey|importsurvey|editsurveysettings|editsurveylocalesettings|updatesurveysettings|updatesurveysettingsandeditlocalesettings|updatedefaultvalues|ordergroups|dataentry|newsurvey|globalsettings|editusergroups|editusergroup|exportspss|surveyrights|quotas|editusers|login|browse|vvimport|vvexport|setuserrights|modifyuser|setusertemplates|deluser|adduser|userrights|usertemplates|moduser|addusertogroup|deleteuserfromgroup|globalsettingssave|savepersonalsettings|addusergroup|editusergroupindb|usergroupindb|finaldeluser|delusergroup|mailusergroup|mailsendusergroup)$/',$action)))
    {
        if ($action=='editsurveysettings' || $action=='editsurveylocalesettings')
        {
@@ -520,8 +543,103 @@ if(isset($_SESSION['loginID']))
        if(bHasSurveyPermission($surveyid,'responses','create'))    {include('vvimport.php');}
        else { include('access_denied.php');}
    }
    elseif ($action == 'EMtest') {
        switch ($subaction) {
            case 'functions':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/functions.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'stringsplit':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/stringsplit.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'tokenizer':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/tokenizer.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'unit':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/unit.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'strings_with_expressions':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/strings_with_expressions.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'relevance':
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/relevance.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'conditions2relevance':
                if (bHasSurveyPermission($surveyid, 'surveycontent', 'read'))
                {
                    include('../classes/expressions/test/conditions2relevance.php');
                }
                else
                {
                    include('access_denied.php');
                }
                break;
            case 'navigation_test':
                if($_SESSION['USER_RIGHT_CONFIGURATOR']==1) {
                    include('../classes/expressions/test/navigation_test.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'survey_logic_file':
                if($_SESSION['USER_RIGHT_CONFIGURATOR']==1) {
                    include('../classes/expressions/test/survey_logic_file.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            case 'upgrade_conditions2relevance':
                if($_SESSION['USER_RIGHT_CONFIGURATOR']==1) {
                    include('../classes/expressions/test/upgrade_conditions2relevance.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
            default:
                if(bHasSurveyPermission($surveyid,'surveycontent','read')) {
                    include('../classes/expressions/test/test.php');
                }
                else {
                    include('access_denied.php');
                }
                break;
        }
        exit;
    }
    if ($action=='addquestion'    || $action=='copyquestion' || $action=='editquestion' || $action=='editdefaultvalues' ||
-        $action=='orderquestions' || $action=='ajaxquestionattributes' || $action=='ajaxlabelsetpicker' || $action=='ajaxlabelsetdetails')
+    $action=='orderquestions' || $action=='ajaxquestionattributes' || $action=='ajaxlabelsetpicker' || $action=='ajaxlabelsetdetails')
    {
        if(bHasSurveyPermission($surveyid,'surveycontent','read'))
        {
@@ -674,11 +792,11 @@ if(isset($_SESSION['loginID']))
 else
 { //not logged in
-sendcacheheaders();
+    sendcacheheaders();
-if (!isset($_SESSION['metaHeader'])) {$_SESSION['metaHeader']='';}
+    if (!isset($_SESSION['metaHeader'])) {$_SESSION['metaHeader']='';}
-$adminoutput = getAdminHeader($_SESSION['metaHeader']).$adminoutput.$loginsummary;  // All future output is written into this and then outputted at the end of file
+    $adminoutput = getAdminHeader($_SESSION['metaHeader']).$adminoutput.$loginsummary;  // All future output is written into this and then outputted at the end of file
-unset($_SESSION['metaHeader']);
+    unset($_SESSION['metaHeader']);
-$adminoutput.= "</div>\n".getAdminFooter("http://docs.limesurvey.org", $clang->gT("LimeSurvey online manual"));
+    $adminoutput.= "</div>\n".getAdminFooter("http://docs.limesurvey.org", $clang->gT("LimeSurvey online manual"));
 }
 if (($action=='showphpinfo') && ($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1))
 {
--- a/include/limesurvey/admin/admin_functions.php
+++ b/include/limesurvey/admin/admin_functions.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- *	$Id: admin_functions.php 9586 2010-12-06 03:08:07Z c_schmitz $
+ *	$Id: admin_functions.php 11664 2011-12-16 05:19:42Z tmswhite $
 *	Files Purpose:
 */
@@ -339,6 +339,7 @@ function getAdminHeader($meta=false)
    $strAdminHeader.= "<script type=\"text/javascript\" src=\"{$homeurl}/scripts/tabpane/js/tabpane.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"{$rooturl}/scripts/jquery/jquery.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"{$rooturl}/scripts/jquery/jquery-ui.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"".$rooturl."/scripts/jquery/jquery.ui.touch-punch.min.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"{$rooturl}/scripts/jquery/jquery.qtip.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"{$rooturl}/scripts/jquery/jquery.notify.js\"></script>\n"
    . "<script type=\"text/javascript\" src=\"{$homeurl}/scripts/admin_core.js\"></script>\n";
--- a/include/limesurvey/admin/assessments.php
+++ b/include/limesurvey/admin/assessments.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: assessments.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: assessments.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
@@ -171,10 +171,11 @@ if (bHasSurveyPermission($surveyid, 'assessments','read'))
 		$assessmentsoutput.= "<th>$head</th>\n";
 	}
 	$assessmentsoutput.= "<th>".$clang->gT("Title")."</th><th>".$clang->gT("Message")."</th>";
-	$assessmentsoutput.= "</tr></thead>\n<tbody>\n";
+	$assessmentsoutput.= "</tr></thead>\n";
 	$flipflop=true;
 	foreach($assessments as $assess) {
 		$flipflop=!$flipflop;
 		$assessmentsoutput.= "<tbody>\n";
 		if ($flipflop==true){$assessmentsoutput.= "<tr class='oddrow'>\n";}
 		else {$assessmentsoutput.= "<tr class='evenrow'>\n";}
 		$assessmentsoutput.= "<td>".$assess['id']."</td>\n";
@@ -226,32 +227,33 @@ if (bHasSurveyPermission($surveyid, 'assessments','read'))
 	    $assessmentsoutput.= "<br /><form method='post' class='form30' id='assessmentsform' name='assessmentsform' action='$scriptname?sid=$surveyid'><div class='header ui-widget-header'>\n";
 	    $assessmentsoutput.= "$actiontitle</div>\n";
-	    $assessmentsoutput.="<ul><li><label>".$clang->gT("Scope")."</label><input type='radio' id='radiototal' name='scope' value='T' ";
+	    $assessmentsoutput.="<ul>\n"
 	    ."<li><label>".$clang->gT("Scope")."</label><input type='radio' id='radiototal' name='scope' value='T' ";
 	    if (!isset($editdata) || $editdata['scope'] == "T") {$assessmentsoutput .= " checked='checked' ";}
 	    $assessmentsoutput.=" /><label for='radiototal'>".$clang->gT("Total")."</label>
                     <input type='radio' id='radiogroup' name='scope' value='G'";
 	    if (isset($editdata) && $editdata['scope'] == "G") {$assessmentsoutput .= " checked='checked' ";}
-	    $assessmentsoutput.="/><label for='radiogroup'>".$clang->gT("Group")."</label></li>";
+	    $assessmentsoutput.="/><label for='radiogroup'>".$clang->gT("Group")."</label></li>\n";
-	    $assessmentsoutput.="<li><label for='gid'>".$clang->gT("Question group")."</label>$groupselect</li>"
+	    $assessmentsoutput.="<li><label for='gid'>".$clang->gT("Question group")."</label>$groupselect</li>\n"
 	    ."<li><label for='minimum'>".$clang->gT("Minimum")."</label><input type='text' id='minimum' name='minimum' class='numbersonly'";
 	    if (isset($editdata)) {$assessmentsoutput .= " value='{$editdata['minimum']}' ";}
-	    $assessmentsoutput.="/></li>"
+	    $assessmentsoutput.="/></li>\n"
 	    ."<li><label for='maximum'>".$clang->gT("Maximum")."</label><input type='text' id='maximum' name='maximum' class='numbersonly'";
 	    if (isset($editdata)) {$assessmentsoutput .= " value='{$editdata['maximum']}' ";}
-	    $assessmentsoutput.="/></li>";
+	    $assessmentsoutput.="/></li>\n"
 	    ."</ul>";
 	    // start tabs
-	    $assessmentsoutput.= "<tr><td>&nbsp;</td><td>&nbsp;</td></tr>\n";
+	    $assessmentsoutput.= "<div id=\"languagetabs\">"
-	    $assessmentsoutput.='</table><div id="languagetabs">'
+	    ."<ul>\n";
 	    .'<ul>';
 	    foreach ($assessmentlangs as $assessmentlang)
 	    {
 		    $position=0;
 		    $assessmentsoutput .= '<li><a href="#tablang'.$assessmentlang.'"><span>'.getLanguageNameFromCode($assessmentlang, false);
 		    if ($assessmentlang==$baselang) {$assessmentsoutput .= ' ('.$clang->gT("Base language").')';}
-		    $assessmentsoutput .='</span></a></li>';
+		    $assessmentsoutput .="</span></a></li>\n";
 	    }
-	    $assessmentsoutput.= '</ul>';
+	    $assessmentsoutput.= "</ul>\n";
 	    foreach ($assessmentlangs as $assessmentlang)
 	    {
 		    $heading=''; $message='';
@@ -265,28 +267,29 @@ if (bHasSurveyPermission($surveyid, 'assessments','read'))
 			    $heading=htmlspecialchars($editdata['name'],ENT_QUOTES);
 			    $message=htmlspecialchars($editdata['message']);
 		    }
-		    $assessmentsoutput .= '<div id="tablang'.$assessmentlang.'">';
+		    $assessmentsoutput .= "<div id=\"tablang".$assessmentlang."\">\n"
-		    $assessmentsoutput .= $clang->gT("Heading")."<br/>"
+			."\t<div class='settingrow'>\n"
-		    ."<input type='text' name='name_$assessmentlang' size='80' value='$heading'/><br /><br />"
+		    ."\t\t<span class=\"settingcaption\">".$clang->gT("Heading")."</span>\n"
-		    .$clang->gT("Message")
+		    ."\t\t<span class=\"settingentry\"><input type='text' name='name_$assessmentlang' size='80' value='$heading'/></span>\n"
-		    ."<textarea name='assessmentmessage_$assessmentlang' id='assessmentmessage_$assessmentlang' rows='10' cols='80'>$message</textarea >";
+			."\t</div>\n"
-
+			."\t<div class='settingrow'>\n"
-		    $assessmentsoutput .='</div>';
+		    ."\t\t<span class=\"settingcaption\">".$clang->gT("Message")."</span>\n"
 		    ."\t\t<span class=\"settingentry\">\n\t\t\t<textarea name='assessmentmessage_$assessmentlang' id='assessmentmessage_$assessmentlang' rows='10' cols='80'>$message</textarea >\n";
 		    $assessmentsoutput.=getEditor("assessment-text","assessmentmessage_$assessmentlang", "[".$clang->gT("Message:", "js")."]",$surveyid,$gid,$qid,$action);
 			$assessmentsoutput .="</span>\n\t</div>\n"
 			."\t<div style='clear:both'></div>\n"
 			."</div>";
 	    }
 	    $assessmentsoutput .='</div>';
-
+	    $assessmentsoutput.= "<p>\n"
-	    $assessmentsoutput.= "<p><input type='submit' value='".$clang->gT("Save")."' />\n";
+	    ."<input type='submit' value='".$clang->gT("Save")."' />\n";
 	    if ($action == "assessmentedit") $assessmentsoutput.= "&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' value='".$clang->gT("Cancel")."' onclick=\"document.assessmentsform.action.value='assessments'\" />\n";
 	    $assessmentsoutput.= "<input type='hidden' name='sid' value='$surveyid' />\n"
 	    ."<input type='hidden' name='action' value='$actionvalue' />\n"
 	    ."<input type='hidden' name='id' value='$thisid' />\n"
-	    ."</div>\n"
+	    ."</p>\n"
 	    ."</form>\n";
 	    foreach ($assessmentlangs as $assessmentlang)
 	    {
 		    $assessmentsoutput.=getEditor("assessment-text","assessmentmessage_$assessmentlang", "[".$clang->gT("Message:", "js")."]",$surveyid,$gid,$qid,$action);
 	    }
    }
 }
--- a/include/limesurvey/admin/browse.php
+++ b/include/limesurvey/admin/browse.php
@@ -10,14 +10,13 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: browse.php 10925 2011-09-02 14:12:02Z c_schmitz $
 */
 include_once("login_check.php");  //Login Check dies also if the script is started directly
-if (!isset($limit)) {$limit=returnglobal('limit');}
+if (!isset($limit)) {$limit=(int)returnglobal('limit');}
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
-if (!isset($id)) {$id=returnglobal('id');}
+if (!isset($id)) {$id=(int)returnglobal('id');}
 if (!isset($order)) {$order=returnglobal('order');}
 if (!isset($browselang)) {$browselang=returnglobal('browselang');}
@@ -121,7 +120,7 @@ if ($subaction == "id")
    $dateformatdetails=getDateFormatData($_SESSION['dateformat']);
    //SHOW HEADER
-    if (!isset($_POST['sql']) || !$_POST['sql']) {$browseoutput .= $surveyoptions;} // Don't show options if coming from tokens/statistics script
+    if (!isset($_SESSION['sql']) || !$_SESSION['sql']) {$browseoutput .= $surveyoptions;} // Don't show options if coming from tokens/statistics script
    //FIRST LETS GET THE NAMES OF THE QUESTIONS AND MATCH THEM TO THE FIELD NAMES FOR THE DATABASE
    $fncount = 0;
@@ -188,20 +187,22 @@ if ($subaction == "id")
    $nfncount = count($fnames)-1;
    //SHOW INDIVIDUAL RECORD
-    $idquery = "SELECT * FROM $surveytable ";
+    $idquery = "SELECT * FROM {$surveytable} s";
    if ($surveyinfo['anonymized'] == "N" && db_tables_exist($tokentable))
-        $idquery .= "LEFT JOIN $tokentable ON $surveytable.token = $tokentable.token ";
+        $idquery .= " LEFT JOIN {$tokentable} t ON s.token = t.token ";
    //queXS Addition
    $qfs = questionnaireSampleFilterstate();
    if ($qfs != false)
    {
        //Limit responses by questionnaire and/or sample
-        $query .= "     JOIN `case` AS c ON ($surveytable.token = c.case_id AND c.questionnaire_id = '{$qfs[0]}') ";
+        $query .= "     JOIN `case` AS c ON (s.token = c.case_id AND c.questionnaire_id = '{$qfs[0]}') ";
        if ($qfs[1] != 0) //if a sample is selected
-                $query .= "     JOIN `sample` AS s ON (s.sample_id = c.sample_id AND s.import_id = '{$qfs[1]}') ";
+                $query .= "     JOIN `sample` AS ss ON (ss.sample_id = c.sample_id AND ss.import_id = '{$qfs[1]}') ";
    }
    if (incompleteAnsFilterstate() == "inc")
        $idquery .= " WHERE (submitdate = ".$connect->DBDate('1980-01-01'). " OR submitdate IS NULL) AND ";
    elseif (incompleteAnsFilterstate() == "filter")
@@ -209,12 +210,7 @@ if ($subaction == "id")
    else
        $idquery .= " WHERE ";
    if ($id < 1) { $id = 1; }
-    if (isset($_POST['sql']) && $_POST['sql'])
+    $idquery .= " s.id = $id";
    {
        if (get_magic_quotes_gpc()) {$idquery .= stripslashes($_POST['sql']);}
        else {$idquery .= "{$_POST['sql']}";}
    }
    else {$idquery .= "$surveytable.id = $id";}
    $idresult = db_execute_assoc($idquery) or safe_die ("Couldn't get entry<br />\n$idquery<br />\n".$connect->ErrorMsg());
    while ($idrow = $idresult->FetchRow())
    {
@@ -273,6 +269,10 @@ if ($subaction == "id")
        $highlight=false;
        for ($i = 0; $i < $nfncount+1; $i++)
        {
            if ($fnames[$i][0] != 'completed' && is_null($idrow[$fnames[$i][0]]))
            {
                continue;   // irrelevant, so don't show
            }
            $inserthighlight='';
            if ($highlight)
                $inserthighlight="class='highlight'";
@@ -329,20 +329,21 @@ elseif ($subaction == "all")
                          var noFilesSelectedForDeletion = '".$clang->gT('Please select at least one file for deletion','js')."';
                          var noFilesSelectedForDnld = '".$clang->gT('Please select at least one file for download','js')."';
                        </script>\n";
-    if (!isset($_POST['sql']))
+    $browseoutput .= $surveyoptions;
-    {$browseoutput .= $surveyoptions;} //don't show options when called from another script with a filter on
+    $bClearFilter=returnglobal('clearfilter');
-    else
+    if ($bClearFilter)
    {
-        $browseoutput .= "\t<tr><td colspan='2' height='4'><strong>".$clang->gT("Browse Responses").":</strong> $surveyname</td></tr>\n"
+        unset($_SESSION['sql']);
-                ."\n<tr><td><table width='100%' align='center' border='0' bgcolor='#EFEFEF'>\n"
+    }
-                ."\t<tr>\n"
+    if (isset($_SESSION['sql']))
-                ."<td align='center'>\n"
+    {
-                ."".$clang->gT("Showing Filtered Results")."<br />\n"
+        $browseoutput .= "<form action='$scriptname?clearfilter=1' method='post'>
-                ."&nbsp;[<a href=\"javascript:window.close()\">".$clang->gT("Close")."</a>]"
+        <p>".$clang->gT("Note:").'&nbsp;'.$clang->gT("Showing Filtered Results")." "
-                ."</font></td>\n"
+        ."&nbsp;<input type='submit' value='".$clang->gT("Remove filter")."'>
-                ."\t</tr>\n"
+        <input type='hidden' name='sid' value='$surveyid' />
-                ."</table></td></tr>\n";
+        <input type='hidden' name='action' value='browse' />
-
+        <input type='hidden' name='subaction' value='all' />
        </p></form>\n";
    }
    //Delete Individual answer using inrow delete buttons/links - checked
@@ -597,6 +598,7 @@ elseif ($subaction == "all")
    }
    $selectedgroup = returnglobal('selectgroup'); // group token id
    $sql_where = "";
@@ -624,9 +626,9 @@ elseif ($subaction == "all")
    if ($limit > $dtcount) {$limit=$dtcount;}
    //NOW LETS SHOW THE DATA
-    if (isset($_POST['sql']))
+    if (isset($_SESSION['sql']))
    {
-        if ($_POST['sql'] == "NULL" )
+        if ($_SESSION['sql'] == "NULL" )
        {
            if ($surveyinfo['anonymized'] == "N" && db_tables_exist($tokentable))
                $dtquery = "SELECT * FROM $surveytable LEFT JOIN $tokentable ON $surveytable.token = $tokentable.token ";
@@ -657,6 +659,7 @@ elseif ($subaction == "all")
        }
        else
        {
            if ($surveytable['anonymized'] == "N" && db_tables_exist($tokentable))
                $dtquery = "SELECT * FROM $surveytable LEFT JOIN $tokentable ON $surveytable.token = $tokentable.token WHERE 1=1 ";
            else
@@ -681,9 +684,9 @@ elseif ($subaction == "all")
            {
                $dtquery .= " AND submitdate IS NOT NULL ";
            }
-            if (stripcslashes($_POST['sql']) !== "")
+            if ($_SESSION['sql'] !== "")
            {
-                $dtquery .= ' AND '.stripcslashes($_POST['sql'])." ";
+                $dtquery .= ' AND '.$_SESSION['sql']." ";
            }
            $dtquery .= " ORDER BY {$surveytable}.id";
        }
@@ -704,6 +707,7 @@ elseif ($subaction == "all")
 	                $dtquery .= "     JOIN `sample` AS s ON (s.sample_id = c.sample_id AND s.import_id = '{$qfs[1]}') ";
 	    }
        if (incompleteAnsFilterstate() == "inc")
        {
            $dtquery .= " WHERE submitdate IS NULL ";
@@ -772,13 +776,14 @@ elseif ($subaction == "all")
    $browseoutput .="<form action='$scriptname?action=browse' id='browseresults' method='post'><font size='1' face='verdana'>\n"
            ."<img src='$imageurl/blank.gif' width='31' height='20' border='0' hspace='0' align='right' alt='' />\n"
-           ."&nbsp;&nbsp; ".$clang->gT("Display:")."<select name='filterinc' onchange='javascript:document.getElementById(\"limit\").value=\"\";submit();'>\n"
+            ."&nbsp;&nbsp; ".$clang->gT("Display:")."<select name='filterinc' onchange='javascript:document.getElementById(\"limit\").value=\"\";submit();'>\n"
            ."\t<option value='show' $selectshow>".$clang->gT("All responses")."</option>\n"
            ."\t<option value='filter' $selecthide>".$clang->gT("Completed responses only")."</option>\n"
            ."\t<option value='incomplete' $selectinc>".$clang->gT("Incomplete responses only")."</option>\n"
            ."</select>\n";
 $quexsfilterstate = questionnaireSampleFilterstate();
    //queXS Addition
@@ -793,6 +798,7 @@ $quexsfilterstate = questionnaireSampleFilterstate();
            ."&nbsp;&nbsp; <input type='submit' value='".$clang->gT("Show")."' />\n";
     $browseoutput .= "</font>\n"
            ."<input type='hidden' name='sid' value='$surveyid' />\n"
            ."<input type='hidden' name='action' value='browse' />\n"
--- a/include/limesurvey/admin/classes/gtranslate/GTranslate.php
+++ b/include/limesurvey/admin/classes/gtranslate/GTranslate.php
@@ -61,14 +61,14 @@ class GTranslate
 	* @access private
 	* @var String 
 	*/
-	private $url = "http://ajax.googleapis.com/ajax/services/language/translate";
+	private $url = "https://www.googleapis.com/language/translate/v2";
        /**
        * Google Translate (TM) Api Version
        * @access private
        * @var String 
        */	
-	private $api_version = "1.0";
+	private $api_version = "2";
        /**
        * Comunication Transport Method
@@ -125,26 +125,19 @@ class GTranslate
 	private function urlFormat($lang_pair,$string)
 	{
 		$parameters = array(
 			"v" => $this->api_version,
 			"q" => $string,
-			"langpair"=> implode("|",$lang_pair)
+            "source" => $lang_pair[0],
            "target" => $lang_pair[1],
 		);
 		if(!empty($this->api_key))
 		{
 			$parameters["key"] = $this->api_key;
 		}
-
+        else
-		if( empty($this->user_ip) ) 
+        {
-		{
+            $parameters["key"] = getGlobalSetting('googletranslateapikey');
-			if( !empty($_SERVER["REMOTE_ADDR"]) ) 
+        }
 			{
 				$parameters["userip"]	=	$_SERVER["REMOTE_ADDR"];
 			}
 		} else 
 		{
 			$parameters["userip"]   =	$this->user_ip;
 		}
 		$url  = "";
@@ -221,7 +214,10 @@ class GTranslate
 	private function requestHttp($url)
 	{
-		return GTranslate::evalResponse(json_decode(file_get_contents($this->url."?".$url)));
+        $fullurl = $this->url."?".$url;
        $return = file_get_contents($fullurl);
        $json = json_decode($return);
 		return GTranslate::evalResponse($json);
 	}
        /**     
@@ -254,14 +250,13 @@ class GTranslate
 	private function evalResponse($json_response)
 	{
-		switch($json_response->responseStatus)
+        if (isset($json_response->data->translations))
-		{
+        {
-			case 200:
+            return $json_response->data->translations[0]->translatedText;
-				return $json_response->responseData->translatedText;
+        }
-				break;
+        else
-			default:
+        {
-				throw new GTranslateException("Unable to perform Translation:".$json_response->responseDetails);
+            throw new GTranslateException("Unable to perform Translation:".$json_response->data);
 			break;
 		}
 	}
--- a/include/limesurvey/admin/classes/quexml/quexmlpdf.php
+++ b/include/limesurvey/admin/classes/quexml/quexmlpdf.php
@@ -1,5 +1,5 @@
 <?php
-
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {safe_die("Cannot run this script directly");}
 /**
 * Modify these two lines to point to your TCPDF installation
 * Tested with TCPDF 5.8.008 - see http://www.tcpdf.org/
@@ -46,7 +46,7 @@ class queXMLPDF extends TCPDF {
 	 * @var int  Defaults to 15.
 	 * @since 2010-09-02
 	 */
-	protected $cornerBorder = 15;
+	protected $cornerBorder = 14;
 	/**
 	 * The length in MM of a corner line
@@ -199,6 +199,14 @@ class queXMLPDF extends TCPDF {
 	 *
 	 * @var string  Defaults to 10.
 	 * @since 2010-09-20
 	 * Height of the area of a single response where displayed horizontally
 	 *
 	 * @var string  Defaults to 10.5.
 	 * @since 2011-12-20
 	 */
 	protected $singleResponseHorizontalHeight = 10.5;
 	/**
 	 */
 	protected $singleResponseAreaWidth = 10;
@@ -266,14 +274,6 @@ class queXMLPDF extends TCPDF {
 	 */
 	protected $singleResponseHorizontalMax = 10;
 	/**
 	 * The horizontal area height of a box running horizontally
 	 * 
 	 * @var string  Defaults to 7. 
 	 * @since 2010-09-20
 	 */
 	protected $singleResponseHorizontalAreaHeight = 7;
 	/**
 	 * The height of an arrow
 	 *
@@ -882,10 +882,10 @@ class queXMLPDF extends TCPDF {
 		$this->SetLineWidth($this->singleResponseBoxBorder);
 		//centre for the line
-		$boxmid = ($y + ($this->singleResponseHorizontalAreaHeight / 2.0));
+		$boxmid = ($y + ($this->singleResponseHorizontalHeight / 2.0));
 		//centre on y
-		$y = $y + (($this->singleResponseHorizontalAreaHeight - $this->singleResponseBoxHeight) / 2.0);
+		$y = $y + (($this->singleResponseHorizontalHeight - $this->singleResponseBoxHeight) / 2.0);
 		if ($smallwidth)
 			$areawidth = $this->singleResponseVerticalAreaWidthSmall;
@@ -1819,10 +1819,10 @@ class queXMLPDF extends TCPDF {
 			//Draw background
 			$html = "<div></div>";
 			$this->setBackground('question');
-			$this->writeHTMLCell($this->getMainPageWidth(), $this->singleResponseAreaHeight, $this->getMainPageX(), $currentY, $this->style . $html,0,1,true,true);	
+			$this->writeHTMLCell($this->getMainPageWidth(), $this->singleResponseHorizontalHeight, $this->getMainPageX(), $currentY, $this->style . $html,0,1,true,true);
 			$this->setDefaultFont($this->responseTextFontSize);
-			$this->MultiCell($textwidth,$this->singleResponseAreaHeight,$s['text'],0,'R',false,0,$this->getMainPageX(),$currentY,true,0,false,true,$this->singleResponseAreaHeight,'M',true);
+			$this->MultiCell($textwidth,$this->singleResponseHorizontalHeight,$s['text'],0,'R',false,0,$this->getMainPageX(),$currentY,true,0,false,true,$this->singleResponseHorizontalHeight,'M',true);
@@ -1845,10 +1845,10 @@ class queXMLPDF extends TCPDF {
 				$rnum++;
 			}
-			if (($this->GetY() - $currentY) > $this->singleResponseAreaHeight)
+			if (($this->GetY() - $currentY) > $this->singleResponseHorizontalHeight)
 				$currentY = $this->GetY();
 			else
-				$currentY = $currentY + $this->singleResponseAreaHeight;
+				$currentY = $currentY + $this->singleResponseHorizontalHeight;
 			$this->SetY($currentY,false);
@@ -2111,7 +2111,7 @@ class queXMLPDF extends TCPDF {
 		$this->Line($width - $cb,$height - $cb,$width - $cb - $cl,$height - $cb,$lineStyle);
 		$this->Line($width - $cb,$height - $cb,$width - $cb,$height - ($cb + $cl),$lineStyle);
-		$barcodeValue = str_pad($this->questionnaireId,$this->idLength,"0",STR_PAD_LEFT) . str_pad($this->getPage(),$this->pageLength,"0",STR_PAD_LEFT);	
+		$barcodeValue = substr(str_pad($this->questionnaireId,$this->idLength,"0",STR_PAD_LEFT),0,$this->idLength) . substr(str_pad($this->getPage(),$this->pageLength,"0",STR_PAD_LEFT),0,$this->pageLength);
 		//Calc X position of barcode from page width
 		$barcodeX = $width - ($this->barcodeMarginX + $this->barcodeW);
--- a/include/limesurvey/admin/classes/tcpdf/mypdf.php
+++ b/include/limesurvey/admin/classes/tcpdf/mypdf.php
@@ -1,9 +1,9 @@
 <?php
-require_once('tcpdf.php');
+    require_once('tcpdf.php');
-class MyPDF extends TCPDF
+    class MyPDF extends TCPDF
-{
+    {
    function MyPDF($orientation='P', $unit='mm', $format='A4')
    {
        parent::__construct($orientation,$unit,$format);
@@ -333,5 +333,5 @@ class MyPDF extends TCPDF
        return strip_tags($text);
    }
-}
+    }
 ?>
--- a/include/limesurvey/admin/cmdline_importsurvey.php
+++ b/include/limesurvey/admin/cmdline_importsurvey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: cmdline_importsurvey.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: cmdline_importsurvey.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/conditionshandling.php
+++ b/include/limesurvey/admin/conditionshandling.php
@@ -1,17 +1,17 @@
 <?php
 /*
- * LimeSurvey
+* LimeSurvey
- * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
- * All rights reserved.
+* All rights reserved.
- * License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
- * LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
- * to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
- * is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
- * other free or open source software licenses.
+* other free or open source software licenses.
- * See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
- *
+*
- * $Id: conditionshandling.php 10925 2011-09-02 14:12:02Z c_schmitz $
+* $Id: conditionshandling.php 11664 2011-12-16 05:19:42Z tmswhite $
- */
+*/
 //
 // TODO
@@ -34,7 +34,7 @@ if (!isset($gid)) {$gid=returnglobal('gid');}
 if (!isset($p_scenario)) {$p_scenario=returnglobal('scenario');}
 if (!isset($p_cqid))
 {
-    $p_cqid=returnglobal('cqid');
+    $p_cqid=(int)returnglobal('cqid');
    if ($p_cqid == '') $p_cqid=0; // we are not using another question as source of condition
 }
 if (!isset($p_cid)) {$p_cid=returnglobal('cid');}
@@ -60,30 +60,30 @@ if (!isset($p_canswers))
 if (isset($stringcomparizonoperators) && $stringcomparizonoperators == 1)
 {
    $method = array(
-            "<"  => $clang->gT("Less than"),
+    "<"  => $clang->gT("Less than"),
-            "<=" => $clang->gT("Less than or equal to"),
+    "<=" => $clang->gT("Less than or equal to"),
-            "==" => $clang->gT("equals"),
+    "==" => $clang->gT("equals"),
-            "!=" => $clang->gT("Not equal to"),
+    "!=" => $clang->gT("Not equal to"),
-            ">=" => $clang->gT("Greater than or equal to"),
+    ">=" => $clang->gT("Greater than or equal to"),
-            ">"  => $clang->gT("Greater than"),
+    ">"  => $clang->gT("Greater than"),
-            "RX" => $clang->gT("Regular expression"),
+    "RX" => $clang->gT("Regular expression"),
-            "a<b"  => $clang->gT("Less than (Strings)"),
+    "a<b"  => $clang->gT("Less than (Strings)"),
-            "a<=b" => $clang->gT("Less than or equal to (Strings)"),
+    "a<=b" => $clang->gT("Less than or equal to (Strings)"),
-            "a>=b" => $clang->gT("Greater than or equal to (Strings)"),
+    "a>=b" => $clang->gT("Greater than or equal to (Strings)"),
-            "a>b"  => $clang->gT("Greater than (Strings)")
+    "a>b"  => $clang->gT("Greater than (Strings)")
-            );
+    );
 }
 else
 {
    $method = array(
-            "<"  => $clang->gT("Less than"),
+    "<"  => $clang->gT("Less than"),
-            "<=" => $clang->gT("Less than or equal to"),
+    "<=" => $clang->gT("Less than or equal to"),
-            "==" => $clang->gT("equals"),
+    "==" => $clang->gT("equals"),
-            "!=" => $clang->gT("Not equal to"),
+    "!=" => $clang->gT("Not equal to"),
-            ">=" => $clang->gT("Greater than or equal to"),
+    ">=" => $clang->gT("Greater than or equal to"),
-            ">"  => $clang->gT("Greater than"),
+    ">"  => $clang->gT("Greater than"),
-            "RX" => $clang->gT("Regular expression")
+    "RX" => $clang->gT("Regular expression")
-            );
+    );
 }
 if (isset($_POST['method']))
@@ -200,12 +200,12 @@ if (isset($p_subaction) && $p_subaction == "insertcondition")
                if ($count_caseinsensitivedupes == 0)
                {
-                $query = "INSERT INTO {$dbprefix}conditions (qid, scenario, cqid, cfieldname, method, value) VALUES "
+                    $query = "INSERT INTO {$dbprefix}conditions (qid, scenario, cqid, cfieldname, method, value) VALUES "
-                . "('{$qid}', '{$p_scenario}', '{$p_cqid}', '{$conditionCfieldname}', '{$p_method}', '$ca')";
+                    . "('{$qid}', '{$p_scenario}', '{$p_cqid}', '{$conditionCfieldname}', '{$p_method}', '$ca')";
-                $result = $connect->Execute($query) or safe_die ("Couldn't insert new condition<br />$query<br />".$connect->ErrorMsg());
+                    $result = $connect->Execute($query) or safe_die ("Couldn't insert new condition<br />$query<br />".$connect->ErrorMsg());
                }
            }
        }
        }
        unset($posted_condition_value);
        // Please note that auto_unescape is already applied in database.php included above
@@ -234,6 +234,7 @@ if (isset($p_subaction) && $p_subaction == "insertcondition")
            $result = $connect->Execute($query) or safe_die ("Couldn't insert new condition<br />$query<br />".$connect->ErrorMsg());
        }
    }
    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // UPDATE ENTRY IF THIS IS AN EDIT
@@ -296,32 +297,39 @@ if (isset($p_subaction) && $p_subaction == "updatecondition")
            $result = $connect->Execute($query) or safe_die ("Couldn't insert new condition<br />$query<br />".$connect->ErrorMsg());
        }
    }
    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // DELETE ENTRY IF THIS IS DELETE
 if (isset($p_subaction) && $p_subaction == "delete")
 {
    LimeExpressionManager::RevertUpgradeConditionsToRelevance(NULL,$qid);   // in case deleted the last condition
    $query = "DELETE FROM {$dbprefix}conditions WHERE cid={$p_cid}";
    $result = $connect->Execute($query) or safe_die ("Couldn't delete condition<br />$query<br />".$connect->ErrorMsg());
    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // DELETE ALL CONDITIONS IN THIS SCENARIO
 if (isset($p_subaction) && $p_subaction == "deletescenario")
 {
    LimeExpressionManager::RevertUpgradeConditionsToRelevance(NULL,$qid);   // in case deleted the last condition
    $query = "DELETE FROM {$dbprefix}conditions WHERE qid={$qid} AND scenario={$p_scenario}";
    $result = $connect->Execute($query) or safe_die ("Couldn't delete scenario<br />$query<br />".$connect->ErrorMsg());
    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // UPDATE SCENARIO
 if (isset($p_subaction) && $p_subaction == "updatescenario" && isset($p_newscenarionum))
 {
    $query = "UPDATE {$dbprefix}conditions SET scenario=$p_newscenarionum WHERE qid={$qid} AND scenario={$p_scenario}";
-    $result = $connect->Execute($query) or safe_die ("Couldn't delete scenario<br />$query<br />".$connect->ErrorMsg());
+    $result = $connect->Execute($query) or safe_die ("Couldn't update scenario<br />$query<br />".$connect->ErrorMsg());
    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // DELETE ALL CONDITIONS FOR THIS QUESTION
 if (isset($p_subaction) && $p_subaction == "deleteallconditions")
 {
    LimeExpressionManager::RevertUpgradeConditionsToRelevance(NULL,$qid);
    $query = "DELETE FROM {$dbprefix}conditions WHERE qid={$qid}";
    $result = $connect->Execute($query) or safe_die ("Couldn't delete scenario<br />$query<br />".$connect->ErrorMsg());
 }
@@ -338,7 +346,7 @@ if (isset($p_subaction) && $p_subaction == "renumberscenarios")
        $result2 = $connect->Execute($query2) or safe_die ("Couldn't renumber scenario<br />$query<br />".$connect->ErrorMsg());
        $newindex++;
    }
-
+    LimeExpressionManager::UpgradeConditionsToRelevance(NULL,$qid);
 }
 // COPY CONDITIONS IF THIS IS COPY
@@ -358,10 +366,10 @@ if (isset($p_subaction) && $p_subaction == "copyconditions")
        while($row=$result->FetchRow())
        {
            $proformaconditions[]=array("scenario"=>$row['scenario'],
-			"cqid"=>$row['cqid'],
+            "cqid"=>$row['cqid'],
-			"cfieldname"=>$row['cfieldname'],
+            "cfieldname"=>$row['cfieldname'],
-			"method"=>$row['method'],
+            "method"=>$row['method'],
-			"value"=>$row['value']);
+            "value"=>$row['value']);
        } // while
        foreach ($copyconditionsto as $copyc)
        {
@@ -419,7 +427,7 @@ if (isset($p_subaction) && $p_subaction == "copyconditions")
            $CopyConditionsMessage = "<div class='warningheader'>(".$clang->gT("No conditions could be copied (due to duplicates)").")</div>";
        }
    }
-
+    LimeExpressionManager::UpgradeConditionsToRelevance($surveyid); // do for whole survey, since don't know which questions affected.
 }
 //END PROCESS ACTIONS
@@ -534,13 +542,13 @@ if (isset($questionlist) && is_array($questionlist))
        while ($myrows=$result->FetchRow())
        {                   //key => value
            $theserows[]=array("qid"=>$myrows['qid'],
-					"sid"=>$myrows['sid'],
+            "sid"=>$myrows['sid'],
-					"gid"=>$myrows['gid'],
+            "gid"=>$myrows['gid'],
-					"question"=>$myrows['question'],
+            "question"=>$myrows['question'],
-					"type"=>$myrows['type'],
+            "type"=>$myrows['type'],
-					"mandatory"=>$myrows['mandatory'],
+            "mandatory"=>$myrows['mandatory'],
-					"other"=>$myrows['other'],
+            "other"=>$myrows['other'],
-					"title"=>$myrows['title']);
+            "title"=>$myrows['title']);
        }
    }
 }
@@ -573,13 +581,13 @@ if (isset($postquestionlist) && is_array($postquestionlist))
        while($myrows=$result->FetchRow())
        {
            $postrows[]=array("qid"=>$myrows['qid'],
-                        "sid"=>$myrows['sid'],
+            "sid"=>$myrows['sid'],
-                        "gid"=>$myrows['gid'],
+            "gid"=>$myrows['gid'],
-                        "question"=>$myrows['question'],
+            "question"=>$myrows['question'],
-                        "type"=>$myrows['type'],
+            "type"=>$myrows['type'],
-                        "mandatory"=>$myrows['mandatory'],
+            "mandatory"=>$myrows['mandatory'],
-                        "other"=>$myrows['other'],
+            "other"=>$myrows['other'],
-                        "title"=>$myrows['title']);
+            "title"=>$myrows['title']);
        } // while
    }
    $postquestionscount=count($postrows);
@@ -589,11 +597,11 @@ $questionscount=count($theserows);
 if (isset($postquestionscount) && $postquestionscount > 0)
 { //Build the array used for the questionNav and copyTo select boxes
-foreach ($postrows as $pr)
+    foreach ($postrows as $pr)
-{
+    {
-    $pquestions[]=array("text"=>$pr['title'].": ".substr(strip_tags($pr['question']), 0, 80),
+        $pquestions[]=array("text"=>$pr['title'].": ".substr(strip_tags($pr['question']), 0, 80),
-		"fieldname"=>$pr['sid']."X".$pr['gid']."X".$pr['qid']);
+        "fieldname"=>$pr['sid']."X".$pr['gid']."X".$pr['qid']);
-}
+    }
 }
 // Previous question parsing ==> building cquestions[] and canswers[]
@@ -679,17 +687,18 @@ if ($questionscount > 0)
            //Get question attribute for $canswers
            $qidattributes=getQuestionAttributes($rows['qid'], $rows['type']);
            if (isset($qidattributes['multiflexible_max']) && trim($qidattributes['multiflexible_max'])!='') {
-                $maxvalue=$qidattributes['multiflexible_max'];
+                $maxvalue=floatval($qidattributes['multiflexible_max']);
            } else {
                $maxvalue=10;
            }
            if (isset($qidattributes['multiflexible_min']) && trim($qidattributes['multiflexible_min'])!='') {
-                $minvalue=$qidattributes['multiflexible_min'];
+                $minvalue=floatval($qidattributes['multiflexible_min']);
            } else {
                $minvalue=1;
            }
            if (isset($qidattributes['multiflexible_step']) && trim($qidattributes['multiflexible_step'])!='') {
-                $stepvalue=$qidattributes['multiflexible_step'];
+                $stepvalue=floatval($qidattributes['multiflexible_step']);
                if ($stepvalue==0) $stepvalue=1;
            } else {
                $stepvalue=1;
            }
@@ -707,21 +716,21 @@ if ($questionscount > 0)
            . "AND q.language='".GetBaseLanguageFromSurveyID($surveyid)."'"
            ." AND sq.language='".GetBaseLanguageFromSurveyID($surveyid)."'"
            ." AND q.qid={$rows['qid']}
-               AND sq.scale_id=0
+            AND sq.scale_id=0
-               ORDER BY sq.question_order";
+            ORDER BY sq.question_order";
            $y_axis_db = db_execute_assoc($fquery);
-             // Get the X-Axis
+            // Get the X-Axis
-             $aquery = "SELECT sq.*
+            $aquery = "SELECT sq.*
-                         FROM ".db_table_name('questions')." q, ".db_table_name('questions')." sq
+            FROM ".db_table_name('questions')." q, ".db_table_name('questions')." sq
-                         WHERE q.sid=$surveyid
+            WHERE q.sid=$surveyid
-                         AND sq.parent_qid=q.qid
+            AND sq.parent_qid=q.qid
-                         AND q.language='".GetBaseLanguageFromSurveyID($surveyid)."'
+            AND q.language='".GetBaseLanguageFromSurveyID($surveyid)."'
-                         AND sq.language='".GetBaseLanguageFromSurveyID($surveyid)."'
+            AND sq.language='".GetBaseLanguageFromSurveyID($surveyid)."'
-                         AND q.qid=".$rows['qid']."
+            AND q.qid=".$rows['qid']."
-                         AND sq.scale_id=1
+            AND sq.scale_id=1
-                         ORDER BY sq.question_order";
+            ORDER BY sq.question_order";
            $x_axis_db=db_execute_assoc($aquery) or safe_die ("Couldn't get answers to Array questions<br />$aquery<br />".$connect->ErrorMsg());
@@ -741,7 +750,7 @@ if ($questionscount > 0)
                    {
                        for($ii=$minvalue; $ii<=$maxvalue; $ii+=$stepvalue)
                        {
-                            $canswers[]=array($rows['sid'].$X.$rows['gid'].$X.$rows['qid'].$arows['title'], $ii, $ii);
+                            $canswers[]=array($rows['sid'].$X.$rows['gid'].$X.$rows['qid'].$arows['title']."_".$key, $ii, $ii);
                        }
                    }
                }
@@ -1082,7 +1091,7 @@ if (isset($canswers))
 {
    foreach($canswers as $can)
    {
-        $an=json_encode(FlattenText($can[2]));
+        $an=ls_json_encode(FlattenText($can[2]));
        $conditionsoutput_main_content .= "Fieldnames[$jn]='$can[0]';\n"
        ."Codes[$jn]='$can[1]';\n"
        ."Answers[$jn]={$an};\n";
@@ -1274,7 +1283,7 @@ $subaction=='copyconditionsform' || $subaction=='copyconditions')
            ."AND {$dbprefix}conditions.qid=$qid "
            ."AND {$dbprefix}conditions.scenario={$scenarionr['scenario']}\n"
            ."AND {$dbprefix}conditions.cfieldname NOT LIKE '{%' \n" // avoid catching SRCtokenAttr conditions
-            ."ORDER BY {$dbprefix}groups.group_order,{$dbprefix}questions.question_order";
+            ."ORDER BY {$dbprefix}groups.group_order,{$dbprefix}questions.question_order, {$dbprefix}conditions.cfieldname";
            $result = db_execute_assoc($query) or safe_die ("Couldn't get other conditions for question $qid<br />$query<br />".$connect->ErrorMsg());
            $conditionscount=$result->RecordCount();
@@ -1376,7 +1385,7 @@ $subaction=='copyconditionsform' || $subaction=='copyconditions')
                        $conditionsoutput_main_content .= "\t$thisAttrName\n";
                        // TIBO not sure this is used anymore !!
                        $conditionsList[]=array("cid"=>$rows['cid'],
-								"text"=>$thisAttrName);
+                        "text"=>$thisAttrName);
                    }
                    else
                    {
@@ -1387,7 +1396,7 @@ $subaction=='copyconditionsform' || $subaction=='copyconditions')
                            {
                                $conditionsoutput_main_content .= "\t$cqn[0] (qid{$rows['cqid']})\n";
                                $conditionsList[]=array("cid"=>$rows['cid'],
-									"text"=>$cqn[0]." ({$rows['value']})");
+                                "text"=>$cqn[0]." ({$rows['value']})");
                            }
                            else
                            {
@@ -1633,7 +1642,7 @@ if ($subaction == "copyconditionsform" || $subaction == "copyconditions")
        }
        $conditionsoutput_main_content .= "\t<div class='condition-tbl-full'>\n"
-//        ."\t\t<input type='submit' value='".$clang->gT("Copy conditions")."' onclick=\"if (confirm('".$clang->gT("Are you sure you want to copy these condition(s) to the questions you have selected?","js")."')){prepareCopyconditions(); return true;} else {return false;}\" $disableCopyCondition/>\n"
+        //        ."\t\t<input type='submit' value='".$clang->gT("Copy conditions")."' onclick=\"if (confirm('".$clang->gT("Are you sure you want to copy these condition(s) to the questions you have selected?","js")."')){prepareCopyconditions(); return true;} else {return false;}\" $disableCopyCondition/>\n"
        ."\t\t<input type='submit' value='".$clang->gT("Copy conditions")."' onclick=\"prepareCopyconditions(); return true;\" $disableCopyCondition/>\n"
        ."<input type='hidden' name='subaction' value='copyconditions' />\n"
        ."<input type='hidden' name='sid' value='$surveyid' />\n"
@@ -1797,10 +1806,10 @@ $subaction == "editthiscondition" || $subaction == "delete")
    ."<select name='method' id='method' style='font-family:verdana; font-size:10' >\n";
    foreach ($method as $methodCode => $methodTxt)
    {
-    	$selected=$methodCode=="==" ? " selected='selected'" : "";
+        $selected=$methodCode=="==" ? " selected='selected'" : "";
        $conditionsoutput_main_content .= "\t<option value='".$methodCode."'$selected>".$methodTxt."</option>\n";
    }
-/**
+    /**
    ."\t<option value='<'>".$clang->gT("Less than")."</option>\n"
    ."\t<option value='<='>".$clang->gT("Less than or equal to")."</option>\n"
    ."\t<option selected='selected' value='=='>".$clang->gT("Equals")."</option>\n"
@@ -1812,7 +1821,7 @@ $subaction == "editthiscondition" || $subaction == "delete")
    ."\t<option value='a<=b'>".$clang->gT("Less than or equal to (Strings)")."</option>\n"
    ."\t<option value='a>=b'>".$clang->gT("Greater than or equal to (Strings)")."</option>\n"
    ."\t<option value='a>b'>".$clang->gT("Greater than (Strings)")."</option>\n"
-**/
+    **/
    $conditionsoutput_main_content .="</select>\n"
    ."</div>\n"
    ."</div>\n";
@@ -2119,5 +2128,3 @@ function showSpeaker($hinttext)
    return $reshtml;
 }
 ?>
--- a/include/limesurvey/admin/database.php
+++ b/include/limesurvey/admin/database.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: database.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: database.php 12242 2012-01-27 23:41:13Z c_schmitz $
 */
 //Last security audit on 2009-10-11
@@ -75,8 +75,8 @@ if(isset($surveyid))
                //Clean XSS
                if ($filterxsshtml)
                {
-                    $_POST['group_name_'.$grouplang]=$myFilter->process($_POST['group_name_'.$grouplang]);
+                    $_POST['group_name_'.$grouplang]=$myFilter->process(html_entity_decode($_POST['group_name_'.$grouplang], ENT_QUOTES, "UTF-8"));
-                    $_POST['description_'.$grouplang]=$myFilter->process($_POST['description_'.$grouplang]);
+                    $_POST['description_'.$grouplang]=$myFilter->process(html_entity_decode($_POST['description_'.$grouplang], ENT_QUOTES, "UTF-8"));
                }
                else
                {
@@ -87,18 +87,19 @@ if(isset($surveyid))
                // Fix bug with FCKEditor saving strange BR types
                $_POST['group_name_'.$grouplang]=fix_FCKeditor_text($_POST['group_name_'.$grouplang]);
                $_POST['description_'.$grouplang]=fix_FCKeditor_text($_POST['description_'.$grouplang]);
                $grelevance = (isset($_POST['grelevance']) ? $_POST['grelevance'] : 1);
                if ($first)
                {
-                    $query = "INSERT INTO ".db_table_name('groups')." (sid, group_name, description,group_order,language) VALUES ('".db_quote($postsid)."', '".db_quote($_POST['group_name_'.$grouplang])."', '".db_quote($_POST['description_'.$grouplang])."',".getMaxgrouporder(returnglobal('sid')).",'{$grouplang}')";
+                    $query = "INSERT INTO ".db_table_name('groups')." (sid, group_name, description, grelevance, group_order, language) VALUES ('".db_quote($postsid)."', '".db_quote($_POST['group_name_'.$grouplang])."', '".db_quote($_POST['description_'.$grouplang])."','".db_quote($grelevance)."',".getMaxgrouporder(returnglobal('sid')).",'{$grouplang}')";
                    $result = $connect->Execute($query); // Checked
                    $groupid=$connect->Insert_Id(db_table_name_nq('groups'),"gid");
                    $first=false;
                }
                else{
                    db_switchIDInsert('groups',true);
-                    $query = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description,group_order,language) VALUES ('{$groupid}','".db_quote($postsid)."', '".db_quote($_POST['group_name_'.$grouplang])."', '".db_quote($_POST['description_'.$grouplang])."',".getMaxgrouporder(returnglobal('sid')).",'{$grouplang}')";
+                    $query = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description, grelevance, group_order, language) VALUES ('{$groupid}','".db_quote($postsid)."', '".db_quote($_POST['group_name_'.$grouplang])."', '".db_quote($_POST['description_'.$grouplang])."','".db_quote($grelevance)."',".getMaxgrouporder(returnglobal('sid')).",'{$grouplang}')";
                    $result = $connect->Execute($query) or safe_die("Error<br />".$query."<br />".$connect->ErrorMsg());   // Checked
                    db_switchIDInsert('groups',false);
                }
@@ -147,7 +148,7 @@ if(isset($surveyid))
                // don't use array_map db_quote on POST
                // since this is iterated for each language
                //$_POST  = array_map('db_quote', $_POST);
-                $ugquery = "UPDATE ".db_table_name('groups')." SET group_name='".db_quote($_POST['group_name_'.$grplang])."', description='".db_quote($_POST['description_'.$grplang])."' WHERE sid=".db_quote($postsid)." AND gid=".db_quote($postgid)." AND language='{$grplang}'";
+                $ugquery = "UPDATE ".db_table_name('groups')." SET group_name='".db_quote($_POST['group_name_'.$grplang])."', description='".db_quote($_POST['description_'.$grplang])."', grelevance='".db_quote($_POST['grelevance'])."' WHERE sid=".db_quote($postsid)." AND gid=".db_quote($postgid)." AND language='{$grplang}'";
                $ugresult = $connect->Execute($ugquery);  // Checked
                if ($ugresult)
                {
@@ -166,6 +167,8 @@ if(isset($surveyid))
    elseif ($action == "delgroup" && bHasSurveyPermission($surveyid, 'surveycontent','delete'))
    {
        LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
        if (!isset($gid)) $gid=returnglobal('gid');
        $query = "SELECT qid FROM ".db_table_name('groups')." g, ".db_table_name('questions')." q WHERE g.gid=q.gid AND g.gid=$gid AND q.parent_qid=0 group by qid";
        if ($result = db_execute_assoc($query)) // Checked
@@ -196,6 +199,7 @@ if(isset($surveyid))
        {
            $databaseoutput .= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Group could not be deleted","js")."\n$error\")\n //-->\n</script>\n";
        }
        LimeExpressionManager::UpgradeConditionsToRelevance($surveyid);
    }
    elseif ($action == "insertquestion" && bHasSurveyPermission($surveyid, 'surveycontent','create'))
@@ -244,9 +248,9 @@ if(isset($surveyid))
            $_POST['help_'.$baselang]=fix_FCKeditor_text($_POST['help_'.$baselang]);
            $_POST  = array_map('db_quote', $_POST);
-            $query = "INSERT INTO ".db_table_name('questions')." (sid, gid, type, title, question, preg, help, other, mandatory, question_order, language)"
+            $query = "INSERT INTO ".db_table_name('questions')." (sid, gid, type, title, question, preg, help, other, mandatory, question_order, relevance, language)"
            ." VALUES ('{$postsid}', '{$postgid}', '{$_POST['type']}', '{$_POST['title']}',"
-            ." '{$_POST['question_'.$baselang]}', '{$_POST['preg']}', '{$_POST['help_'.$baselang]}', '{$_POST['other']}', '{$_POST['mandatory']}', $question_order,'{$baselang}')";
+            ." '{$_POST['question_'.$baselang]}', '{$_POST['preg']}', '{$_POST['help_'.$baselang]}', '{$_POST['other']}', '{$_POST['mandatory']}', $question_order,'".db_quote($_POST['relevance'])."','{$baselang}')";
            $result = $connect->Execute($query);  // Checked
            // Get the last inserted questionid for other languages
            $qid=$connect->Insert_ID(db_table_name_nq('questions'),"qid");
@@ -304,13 +308,16 @@ if(isset($surveyid))
            //include("surveytable_functions.php");
            //surveyFixColumns($surveyid);
        }
        LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
    }
    elseif ($action == "renumberquestions" && bHasSurveyPermission($surveyid, 'surveycontent','update'))
    {
        //Automatically renumbers the "question codes" so that they follow
        //a methodical numbering method
        $style = ((isset($_POST['style']) && $_POST['style']=="bygroup") ? 'bygroup' : 'straight');
        $question_number=1;
        $group_number=0;
        $gseq=0;
        $gselect="SELECT a.qid, a.gid\n"
        ."FROM ".db_table_name('questions')." as a, ".db_table_name('groups')."\n"
        ."WHERE a.gid=".db_table_name('groups').".gid AND a.sid=$surveyid AND a.parent_qid=0 "
@@ -322,13 +329,16 @@ if(isset($surveyid))
        foreach($grows as $grow)
        {
            //Go through all the questions
-            if ((isset($_POST['style']) && $_POST['style']=="bygroup") && (!isset($group_number) || $group_number != $grow['gid']))
+            if ($style == 'bygroup' && (!isset($group_number) || $group_number != $grow['gid']))
            { //If we're doing this by group, restart the numbering when the group number changes
                $question_number=1;
-                $group_number++;
+                $group_number = $grow['gid'];
                $gseq++;
            }
            $usql="UPDATE ".db_table_name('questions')."\n"
-            ."SET title='".str_pad($question_number, 4, "0", STR_PAD_LEFT)."'\n"
+            ."SET title='"
            .(($style == 'bygroup') ? ('G' . $gseq . '_') : '')
            ."Q".str_pad($question_number, 4, "0", STR_PAD_LEFT)."'\n"
            ."WHERE qid=".$grow['qid'];
            //$databaseoutput .= "[$sql]";
            $uresult=$connect->Execute($usql) or safe_die("Error: ".$connect->ErrorMsg());  // Checked
@@ -336,7 +346,8 @@ if(isset($surveyid))
            $group_number=$grow['gid'];
        }
        $_SESSION['flashmessage'] = $clang->gT("Question codes were successfully regenerated.");
-    }
+        LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
        }
    elseif ($action == "updatedefaultvalues" && bHasSurveyPermission($surveyid, 'surveycontent','update'))
@@ -408,12 +419,25 @@ if(isset($surveyid))
                }
            }
        }
        if ($qtproperties[$questiontype]['answerscales']==0 && $qtproperties[$questiontype]['subquestions']==0)
        {
            foreach ($questlangs as $language)
            {
                if (isset($_POST['defaultanswerscale_0_'.$language.'_0']))
                {
                   Updatedefaultvalues($postqid,0,0,'',$language,$_POST['defaultanswerscale_0_'.$language.'_0'],true);
                }
            }
        }
        $_SESSION['flashmessage'] = $clang->gT("Default value settings were successfully saved.");
        LimeExpressionManager::SetDirtyFlag();
    }
    elseif ($action == "updatequestion" && bHasSurveyPermission($surveyid, 'surveycontent','update'))
    {
        LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
        $cqquery = "SELECT type, gid FROM ".db_table_name('questions')." WHERE qid={$postqid}";
        $cqresult=db_execute_assoc($cqquery) or safe_die ("Couldn't get question type to check for change<br />".$cqquery."<br />".$connect->ErrorMsg()); // Checked
        $cqr=$cqresult->FetchRow();
@@ -447,23 +471,32 @@ if(isset($surveyid))
            if (isset($_POST[$validAttribute['name']]))
            {
                if ($filterxsshtml)
                {
-                    $_POST[$validAttribute['name']]=$myFilter->process($_POST[$validAttribute['name']]);
+                    $sAttributeValue=$myFilter->process($_POST[$validAttribute['name']]);
                }
                else
                {
                    $sAttributeValue=$_POST[$validAttribute['name']];
                }
                if ($validAttribute['name']=='multiflexible_step' && trim($sAttributeValue)!='') {
                    $sAttributeValue=floatval($sAttributeValue);
                    if ($sAttributeValue==0) $sAttributeValue=1;
                };
                $query = "select qaid from ".db_table_name('question_attributes')."
                          WHERE attribute='".$validAttribute['name']."' AND qid=".$qid;
                $result = $connect->Execute($query) or safe_die("Error updating attribute value<br />".$query."<br />".$connect->ErrorMsg());  // Checked
                if ($result->Recordcount()>0)
                {
                    $query = "UPDATE ".db_table_name('question_attributes')."
-                              SET value='".db_quote($_POST[$validAttribute['name']])."' WHERE attribute='".$validAttribute['name']."' AND qid=".$qid;
+                              SET value='".db_quote($sAttributeValue)."' WHERE attribute='".$validAttribute['name']."' AND qid=".$qid;
                    $result = $connect->Execute($query) or safe_die("Error updating attribute value<br />".$query."<br />".$connect->ErrorMsg());  // Checked
                }
                else
                {
                    $query = "INSERT into ".db_table_name('question_attributes')."
-                              (qid, value, attribute) values ($qid,'".db_quote($_POST[$validAttribute['name']])."','{$validAttribute['name']}')";
+                              (qid, value, attribute) values ($qid,'".db_quote($sAttributeValue)."','{$validAttribute['name']}')";
                    $result = $connect->Execute($query) or safe_die("Error updating attribute value<br />".$query."<br />".$connect->ErrorMsg());  // Checked
                }
            }
@@ -483,7 +516,7 @@ if(isset($surveyid))
        // These are the questions types that have no validation - so zap it accordingly
        if ($_POST['type']== "!" || $_POST['type']== "L" || $_POST['type']== "M" || $_POST['type']== "P" ||
-        $_POST['type']== "F" || $_POST['type']== "H" || $_POST['type']== ":" || $_POST['type']== ";" ||
+        $_POST['type']== "F" || $_POST['type']== "H" ||
        $_POST['type']== "X" || $_POST['type']== "")
        {
            $_POST['preg']='';
@@ -514,11 +547,6 @@ if(isset($surveyid))
            if (isset($postgid) && $postgid != "")
            {
                $array_result=checkMovequestionConstraintsForConditions(sanitize_int($postsid),sanitize_int($postqid), sanitize_int($postgid));
                // If there is no blocking conditions that could prevent this move
                if (is_null($array_result['notAbove']) && is_null($array_result['notBelow']))
                {
                    $questlangs = GetAdditionalLanguagesFromSurveyID($postsid);
                    $baselang = GetBaseLanguageFromSurveyID($postsid);
                    array_push($questlangs,$baselang);
@@ -538,8 +566,8 @@ if(isset($surveyid))
                    {
                        if ($filterxsshtml)
                        {
-                            $_POST['question_'.$qlang]=$myFilter->process($_POST['question_'.$qlang]);
+                            $_POST['question_'.$qlang]=$myFilter->process(html_entity_decode($_POST['question_'.$qlang], ENT_QUOTES, "UTF-8"));
-                            $_POST['help_'.$qlang]=$myFilter->process($_POST['help_'.$qlang]);
+                            $_POST['help_'.$qlang]=$myFilter->process(html_entity_decode($_POST['help_'.$qlang], ENT_QUOTES, "UTF-8"));
                        }
                        else
                        {
@@ -556,7 +584,8 @@ if(isset($surveyid))
                            . "SET type='".db_quote($_POST['type'])."', title='".db_quote($_POST['title'])."', "
                            . "question='".db_quote($_POST['question_'.$qlang])."', preg='".db_quote($_POST['preg'])."', help='".db_quote($_POST['help_'.$qlang])."', "
                            . "gid='".db_quote($postgid)."', other='".db_quote($_POST['other'])."', "
-                            . "mandatory='".db_quote($_POST['mandatory'])."'";
+                            . "mandatory='".db_quote($_POST['mandatory'])."'"
                            . ", relevance='".db_quote($_POST['relevance'])."'";;
                            if ($oldgid!=$postgid)
                            {
                                if ( getGroupOrder(returnglobal('sid'),$oldgid) > getGroupOrder(returnglobal('sid'),returnglobal('gid')) )
@@ -609,44 +638,13 @@ if(isset($surveyid))
                    $_SESSION['flashmessage'] = $clang->gT("Question was successfully saved.");
                }
                else
                {
                    // There are conditions constraints: alert the user
                    $errormsg="";
                    if (!is_null($array_result['notAbove']))
                    {
                        $errormsg.=$clang->gT("This question relies on other question's answers and can't be moved above groupId:","js")
                        . " " . $array_result['notAbove'][0][0] . " " . $clang->gT("in position","js")." ".$array_result['notAbove'][0][1]."\\n"
                        . $clang->gT("See conditions:")."\\n";
                        foreach ($array_result['notAbove'] as $notAboveCond)
                        {
                            $errormsg.="- cid:". $notAboveCond[3]."\\n";
                        }
                    }
                    if (!is_null($array_result['notBelow']))
                    {
                        $errormsg.=$clang->gT("Some questions rely on this question's answers. You can't move this question below groupId:","js")
                        . " " . $array_result['notBelow'][0][0] . " " . $clang->gT("in position","js")." ".$array_result['notBelow'][0][1]."\\n"
                        . $clang->gT("See conditions:")."\\n";
                        foreach ($array_result['notBelow'] as $notBelowCond)
                        {
                            $errormsg.="- cid:". $notBelowCond[3]."\\n";
                        }
                    }
                    $databaseoutput .= "<script type=\"text/javascript\">\n<!--\n alert(\"$errormsg\")\n //-->\n</script>\n";
                    $gid= $oldgid; // group move impossible ==> keep display on oldgid
                }
            }
            else
            {
                $databaseoutput .= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Question could not be updated","js")."\")\n //-->\n</script>\n";
            }
        }
        LimeExpressionManager::UpgradeConditionsToRelevance($surveyid);
    }
    elseif ($action == "copynewquestion" && bHasSurveyPermission($surveyid, 'surveycontent','create'))
@@ -686,8 +684,8 @@ if(isset($surveyid))
            $_POST['question_'.$baselang]=fix_FCKeditor_text($_POST['question_'.$baselang]);
            $_POST['help_'.$baselang]=fix_FCKeditor_text($_POST['help_'.$baselang]);
            $_POST  = array_map('db_quote', $_POST);
-            $query = "INSERT INTO {$dbprefix}questions (sid, gid, type, title, question, preg, help, other, mandatory, question_order, language)
+            $query = "INSERT INTO {$dbprefix}questions (sid, gid, type, title, question, preg, help, other, mandatory, relevance, question_order, language)
-                      VALUES ({$postsid}, {$postgid}, '{$_POST['type']}', '{$_POST['title']}', '".$_POST['question_'.$baselang]."', '{$_POST['preg']}', '".$_POST['help_'.$baselang]."', '{$_POST['other']}', '{$_POST['mandatory']}', $max,".db_quoteall($baselang).")";
+                      VALUES ({$postsid}, {$postgid}, '{$_POST['type']}', '{$_POST['title']}', '".$_POST['question_'.$baselang]."', '{$_POST['preg']}', '".$_POST['help_'.$baselang]."', '{$_POST['other']}', '{$_POST['mandatory']}', '{$_POST['relevance']}', $max,".db_quoteall($baselang).")";
            $result = $connect->Execute($query) or safe_die($connect->ErrorMsg()); // Checked
            $newqid = $connect->Insert_ID("{$dbprefix}questions","qid");
            if (!$result)
@@ -714,8 +712,8 @@ if(isset($surveyid))
                $_POST['help_'.$qlanguage]=fix_FCKeditor_text($_POST['help_'.$qlanguage]);
                db_switchIDInsert('questions',true);
-                $query = "INSERT INTO {$dbprefix}questions (qid, sid, gid, type, title, question, help, other, mandatory, question_order, language)
+                $query = "INSERT INTO {$dbprefix}questions (qid, sid, gid, type, title, question, help, other, mandatory, relevance, question_order, language)
-                      VALUES ($newqid,{$postsid}, {$postgid}, '{$_POST['type']}', '{$_POST['title']}', '".$_POST['question_'.$qlanguage]."', '".$_POST['help_'.$qlanguage]."', '{$_POST['other']}', '{$_POST['mandatory']}', $max,".db_quoteall($qlanguage).")";
+                      VALUES ($newqid,{$postsid}, {$postgid}, '{$_POST['type']}', '{$_POST['title']}', '".$_POST['question_'.$qlanguage]."', '".$_POST['help_'.$qlanguage]."', '{$_POST['other']}', '{$_POST['mandatory']}', '{$_POST['relevance']}', $max,".db_quoteall($qlanguage).")";
                $result = $connect->Execute($query) or safe_die($connect->ErrorMsg()); // Checked
                db_switchIDInsert('questions',false);
            }
@@ -769,10 +767,10 @@ if(isset($surveyid))
                while ($qr1 = $r1->FetchRow())
                {
                    $qr1 = array_map('db_quote', $qr1);
-                    $i1 = "INSERT INTO {$dbprefix}answers (qid, code, answer, sortorder, language, scale_id) "
+                    $i1 = "INSERT INTO {$dbprefix}answers (qid, code, answer, sortorder, language, scale_id, assessment_value) "
                    . "VALUES ('$newqid', '{$qr1['code']}', "
                    . "'{$qr1['answer']}', "
-                    . "'{$qr1['sortorder']}', '{$qr1['language']}', '{$qr1['scale_id']}')";
+                    . "'{$qr1['sortorder']}', '{$qr1['language']}', '{$qr1['scale_id']}', '{$qr1['assessment_value']}')";
                    $ir1 = $connect->Execute($i1);   // Checked
                }
@@ -799,12 +797,15 @@ if(isset($surveyid))
            $qid=$newqid; //Sets the qid so that admin.php displays the newly created question
            $_SESSION['flashmessage'] = $clang->gT("Question was successfully copied.");
            LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
        }
    }
    elseif ($action == "delquestion" && bHasSurveyPermission($surveyid, 'surveycontent','delete'))
    {
        if (!isset($qid)) {$qid=returnglobal('qid');}
        //check if any other questions have conditions which rely on this question. Don't delete if there are.
        LimeExpressionManager::RevertUpgradeConditionsToRelevance(NULL,$qid);
        $ccquery = "SELECT * FROM {$dbprefix}conditions WHERE cqid=$qid";
        $ccresult = db_execute_assoc($ccquery) or safe_die ("Couldn't get list of cqids for this question<br />".$ccquery."<br />".$connect->ErrorMsg()); // Checked
        $cccount=$ccresult->RecordCount();
@@ -860,6 +861,8 @@ if(isset($surveyid))
        $query = "delete from ".db_table_name('answers')." where qid=".db_quote($qid);
        $result = $connect->Execute($query); // Checked
        LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
        for ($scale_id=0;$scale_id<$scalecount;$scale_id++)
        {
            $maxcount=(int)$_POST['answercount_'.$scale_id];
@@ -908,6 +911,8 @@ if(isset($surveyid))
            }  // for ($sortorderid=0;$sortorderid<$maxcount;$sortorderid++)
        }  //  for ($scale_id=0;
        LimeExpressionManager::UpgradeConditionsToRelevance($surveyid);
        if ($invalidCode == 1) $databaseoutput .= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Answers with a code of 0 (zero) or blank code are not allowed, and will not be saved","js")."\")\n //-->\n</script>\n";
        if ($duplicateCode == 1) $databaseoutput .= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Duplicate codes found, these entries won't be updated","js")."\")\n //-->\n</script>\n";
@@ -933,6 +938,8 @@ if(isset($surveyid))
        // First delete any deleted ids
        $deletedqids=explode(' ', trim($_POST['deletedqids']));
        LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
        foreach ($deletedqids as $deletedqid)
        {
            $deletedqid=(int)$deletedqid;
@@ -987,7 +994,8 @@ if(isset($surveyid))
        $myFilter = new InputFilter('','',1,1,1);
-        $insertqids=array();
+        //$insertqids=array(); //?
        $insertqid = array();
        for ($scale_id=0;$scale_id<$scalecount;$scale_id++)
        {
            foreach ($anslangs as $language)
@@ -1010,18 +1018,18 @@ if(isset($surveyid))
                    }
                    else
                    {
-                        if (!isset($insertqid[$position]))
+                        if (!isset($insertqid[$scale_id][$position]))
                        {
                            $query='INSERT into '.db_table_name('questions').' (sid, gid, question_order, title, question, parent_qid, language, scale_id) values ('.$surveyid.','.$gid.','.($position+1).','.db_quoteall($codes[$scale_id][$position]).','.db_quoteall($subquestionvalue).','.$qid.','.db_quoteall($language).','.$scale_id.')';
                            $connect->execute($query);
-                            $insertqid[$position]=$connect->Insert_Id(db_table_name_nq('questions'),"qid");
+                            $insertqid[$scale_id][$position]=$connect->Insert_Id(db_table_name_nq('questions'),"qid");
                        }
                        else
                        {
                            db_switchIDInsert('questions',true);
-                            $query='INSERT into '.db_table_name('questions').' (qid, sid, gid, question_order, title, question, parent_qid, language, scale_id) values ('.$insertqid[$position].','.$surveyid.','.$gid.','.($position+1).','.db_quoteall($codes[$scale_id][$position]).','.db_quoteall($subquestionvalue).','.$qid.','.db_quoteall($language).','.$scale_id.')';
+                            $query='INSERT into '.db_table_name('questions').' (qid, sid, gid, question_order, title, question, parent_qid, language, scale_id) values ('.$insertqid[$scale_id][$position].','.$surveyid.','.$gid.','.($position+1).','.db_quoteall($codes[$scale_id][$position]).','.db_quoteall($subquestionvalue).','.$qid.','.db_quoteall($language).','.$scale_id.')';
                            $connect->execute($query);
-                            db_switchIDInsert('questions',true);
+                            db_switchIDInsert('questions',false);
                        }
                    }
                    $position++;
@@ -1029,6 +1037,8 @@ if(isset($surveyid))
            }
        }
        LimeExpressionManager::UpgradeConditionsToRelevance($surveyid);
        //include("surveytable_functions.php");
        //surveyFixColumns($surveyid);
        $_SESSION['flashmessage'] = $clang->gT("Subquestions were successfully saved.");
@@ -1100,7 +1110,7 @@ if(isset($surveyid))
                            'printanswers'=>$_POST['printanswers'],
                            'publicstatistics'=>$_POST['publicstatistics'],
                            'autoredirect'=>$_POST['autoredirect'],
-                            'showXquestions'=>$_POST['showXquestions'],
+                            'showxquestions'=>$_POST['showxquestions'],
                            'showgroupinfo'=>$_POST['showgroupinfo'],
                            'showqnumcode'=>$_POST['showqnumcode'],
                            'shownoanswer'=>$_POST['shownoanswer'],
@@ -1116,6 +1126,8 @@ if(isset($surveyid))
                            'usecaptcha'=>$_POST['usecaptcha'],
                            'emailresponseto'=>trim($_POST['emailresponseto']),
                            'emailnotificationto'=>trim($_POST['emailnotificationto']),
                            'googleanalyticsapikey'=>trim($_POST['googleanalyticsapikey']),
                            'googleanalyticsstyle'=>trim($_POST['googleanalyticsstyle']),
                            'tokenlength'=>$_POST['tokenlength']
        );
@@ -1399,7 +1411,7 @@ elseif ($action == "insertsurvey" && $_SESSION['USER_RIGHT_CREATE_SURVEY'])
                            'allowsave'=>$_POST['allowsave'],
                            'navigationdelay'=>$_POST['navigationdelay'],
                            'autoredirect'=>$_POST['autoredirect'],
-                            'showXquestions'=>$_POST['showXquestions'],
+                            'showxquestions'=>$_POST['showxquestions'],
                            'showgroupinfo'=>$_POST['showgroupinfo'],
                            'showqnumcode'=>$_POST['showqnumcode'],
                            'shownoanswer'=>$_POST['shownoanswer'],
@@ -1474,6 +1486,7 @@ elseif ($action == "insertsurvey" && $_SESSION['USER_RIGHT_CREATE_SURVEY'])
        // Update survey permissions
        GiveAllSurveyPermissions($_SESSION['loginID'],$surveyid);
        LimeExpressionManager::SetSurveyId($surveyid);
        $surveyselect = getsurveylist();
@@ -1490,11 +1503,13 @@ elseif ($action == "insertsurvey" && $_SESSION['USER_RIGHT_CREATE_SURVEY'])
 elseif ($action == "savepersonalsettings")
 {
    $_POST  = array_map('db_quote', $_POST);
-    $uquery = "UPDATE {$dbprefix}users SET lang='{$_POST['lang']}', dateformat='{$_POST['dateformat']}', htmleditormode= '{$_POST['htmleditormode']}'
+    $uquery = "UPDATE {$dbprefix}users SET lang='{$_POST['lang']}', dateformat='{$_POST['dateformat']}', htmleditormode= '{$_POST['htmleditormode']}', questionselectormode= '{$_POST['questionselectormode']}', templateeditormode= '{$_POST['templateeditormode']}'
               WHERE uid={$_SESSION['loginID']}";
    $uresult = $connect->Execute($uquery)  or safe_die ($uquery."<br />".$connect->ErrorMsg());  // Checked
    $_SESSION['adminlang']=$_POST['lang'];
    $_SESSION['htmleditormode']=$_POST['htmleditormode'];
    $_SESSION['questionselectormode']=$_POST['questionselectormode'];
    $_SESSION['templateeditormode']=$_POST['templateeditormode'];
    $_SESSION['dateformat']= $_POST['dateformat'];
    $_SESSION['flashmessage'] = $clang->gT("Your personal settings were successfully saved.");
 }
--- a/include/limesurvey/admin/dataentry.php
+++ b/include/limesurvey/admin/dataentry.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: dataentry.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: dataentry.php 12452 2012-02-14 11:33:25Z maziminke $
 */
 /*
@@ -267,7 +267,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            }
                            $columns[] .= db_quote_id($fieldname);
-                            $values[] .= db_quoteall(json_encode($phparray), true);
+                            $values[] .= db_quoteall(ls_json_encode($phparray), true);
                        }
                        else
                        {
@@ -351,7 +351,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
 				"identifier"=>$saver['identifier'],
 				"access_code"=>$password,
 				"email"=>$saver['email'],
-				"ip"=>$_SERVER['REMOTE_ADDR'],
+				"ip"=>getIPAddress(),
 				"refurl"=>getenv("HTTP_REFERER"),
 				'saved_thisstep' => 0,
 				"status"=>"S",
@@ -553,6 +553,10 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                //$dataentryoutput .= "<pre>"; print_r($fname);$dataentryoutput .= "</pre>";
                if (isset($idrow[$fname['fieldname']])) $answer = $idrow[$fname['fieldname']];
                $question=$fname['question'];
                //get survey details
                $thissurvey=getSurveyInfo($surveyid);
                $dataentryoutput .= "\t<tr";
                if ($highlight) $dataentryoutput .=" class='odd'";
                   else $dataentryoutput .=" class='even'";
@@ -596,7 +600,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                    case "Q":
                    case "K":
                        $dataentryoutput .= "\t{$fname['subquestion']}&nbsp;<input type='text' name='{$fname['fieldname']}' value='"
-                        .$idrow[$fname['fieldname']] . "' />\n";
+                        .htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES) . "' />\n";
                        break;
                    case "id":
                        $dataentryoutput .= "<span style='font-weight:bold;'>&nbsp;{$idrow[$fname['fieldname']]}</span>";
@@ -605,7 +609,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                        for ($x=1; $x<=5; $x++)
                        {
                            $dataentryoutput .= "\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='$x'";
-                            if ($idrow[$fname['fieldname']] == $x) {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == $x) {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />$x \n";
                        }
                        break;
@@ -925,7 +929,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            else
                            {
                                $dataentryoutput .= "\t<input type='checkbox' class='checkboxbtn' name='{$fname['fieldname']}' value='Y'";
-                                if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked";}
+                                if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " />{$fname['subquestion']}<br />\n";
                            }
@@ -987,7 +991,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            {
                                $dataentryoutput .= "\t<tr>\n"
                                ."<td><input type='checkbox' class='checkboxbtn' name=\"{$fname['fieldname']}\" value='Y'";
-                                if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked";}
+                                if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " />{$fname['subquestion']}</td>\n";
                            }
                            $fname=next($fnames);
@@ -1014,7 +1018,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                                                   .'<tr><td></td><td><input type="hidden" class="'.$fname['fieldname'].'" id="'.$fname['fieldname'].'_ext_'.$i     .'" name="ext"      size=50 value="'.htmlspecialchars($metadata[$i]["ext"])     .'" /></td></tr>'
                                                   .'<tr><td></td><td><input type="hidden"  class="'.$fname['fieldname'].'" id="'.$fname['fieldname'].'_filename_'.$i    .'" name="filename" size=50 value="'.htmlspecialchars(rawurldecode($metadata[$i]["filename"]))    .'" /></td></tr>';
                            }
-                            $dataentryoutput .= '<tr><td></td><td><input type="hidden" id="'.$fname['fieldname'].'" name="'.$fname['fieldname'].'" size=50 value="'.htmlspecialchars($idrow[$fname['fieldname']]).'" /></td></tr>';
+                            $dataentryoutput .= '<tr><td></td><td><input type="hidden" id="'.$fname['fieldname'].'" name="'.$fname['fieldname'].'" size=50 value="'.htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES).'" /></td></tr>';
                            $dataentryoutput .= '</table>';
                            $dataentryoutput .= '<script type="text/javascript">
                                                     $(function() {
@@ -1042,25 +1046,233 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                        }
                        else
                        {//file count
-                            $dataentryoutput .= '<input readonly id="'.$fname['fieldname'].'" name="'.$fname['fieldname'].'" value ="'.htmlspecialchars($idrow[$fname['fieldname']]).'" /></td></table>';
+                            $dataentryoutput .= '<input readonly id="'.$fname['fieldname'].'" name="'.$fname['fieldname'].'" value ="'.htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES).'" /></td></table>';
                        }
                        break;
                    case "N": //NUMERICAL TEXT
-                        $dataentryoutput .= "\t<input type='text' name='{$fname['fieldname']}' value='{$idrow[$fname['fieldname']]}' "
+
-                        ."onkeypress=\"return goodchars(event,'0123456789.,')\" />\n";
+                    	//get question attributes to change some style and validation settings
                    	$qidattributes = getQuestionAttributes($fname['qid']);
 					    if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='')
 					    {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    if (intval(trim($qidattributes['maximum_chars']))>0 && intval(trim($qidattributes['maximum_chars']))<20) // Limt to 20 chars for numeric
 					    {
 					        $maximum_chars= intval(trim($qidattributes['maximum_chars']));
 					        $maxlength= "maxlength='{$maximum_chars}' ";
 					    }
 					    else
 					    {
 					        $maxlength= "maxlength='20' ";
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=10;
 					    }
 					    if (trim($qidattributes['num_value_int_only'])==1)
 					    {
 					        $acomma="";
 					    }
 					    else
 					    {
 					        $acomma=getRadixPointData($thissurvey['surveyls_numberformat']);
 					        $acomma = $acomma['seperator'];
 					    }
 					    $sSeperator = getRadixPointData($thissurvey['surveyls_numberformat']);
 					    $dataentryoutput .= $prefix. "<input type='text' size='".$tiwidth."' name='{$fname['fieldname']}' value='".htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES)."'
    					title='".$clang->gT('Only numbers may be entered in this field')."' $maxlength onkeypress=\"return goodchars(event,'-0123456789{$acomma}')\" />".$suffix;
                        break;
                    case "S": //SHORT FREE TEXT
-                        $dataentryoutput .= "\t<input type='text' name='{$fname['fieldname']}' value='"
+
-                        .htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) . "' />\n";
+                        //get question attributes to change some style and validation settings
                    	$qidattributes = getQuestionAttributes($fname['qid']);
 	                    if ($qidattributes['numbers_only']==1)
 					    {
 					        $sSeperator = getRadixPointData($thissurvey['surveyls_numberformat']);
 					        $sSeperator = $sSeperator['seperator'];
 					        $numbersonly = 'onkeypress="return goodchars(event,\'-0123456789'.$sSeperator.'\')"';
 					    }
 					    else
 					    {
 					        $numbersonly = '';
 					    }
 					    if (intval(trim($qidattributes['maximum_chars']))>0)
 					    {
 					    	// Only maxlength attribute, use textarea[maxlength] jquery selector for textarea
 					        $maximum_chars= intval(trim($qidattributes['maximum_chars']));
 					        $maxlength= "maxlength='{$maximum_chars}' ";
 					    }
 					    else
 					    {
 					        $maxlength= "";
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=50;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='')
                        {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='')
 					    {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
                    	if (trim($qidattributes['display_rows'])!='')
 					    {
 					        //question attribute "display_rows" is set -> we need a textarea to be able to show several rows
 					        $drows=$qidattributes['display_rows'];
 					        //if a textarea should be displayed we make it equal width to the long text question
 					        //this looks nicer and more continuous
 					        if($tiwidth == 50)
 					        {
 					            $tiwidth=40;
 					        }
 					        $dataentryoutput .= $prefix."<textarea $numbersonly name='{$fname['fieldname']}' rows='".$drows."' cols='".$tiwidth."' >";
 					        $dataentryoutput .= htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) ."</textarea>$suffix\n";
 					    }
                    	else
 					    {
 					        //no question attribute set, use common input text field
 					       	$dataentryoutput .= $prefix."<input type=\"text\" size=\"$tiwidth\"
 					       	name='{$fname['fieldname']}' value='"
                        	.htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) . "' ";
 					        $dataentryoutput .=" {$maxlength} $numbersonly />\n\t$suffix\n\n";
 					    }
                        break;
                    case "T": //LONG FREE TEXT
-                        $dataentryoutput .= "\t<textarea rows='5' cols='45' name='{$fname['fieldname']}'>"
+
-                        .htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) . "</textarea>\n";
+                    	//get question attributes to change some style and validation settings
                        $qidattributes=getQuestionAttributes($fname['qid']);
                        if (trim($qidattributes['display_rows'])!='')
 					    {
 					        $drows=$qidattributes['display_rows'];
 					    }
 					    else
 					    {
 					        $drows=5;
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=40;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='')
                        {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='')
 					    {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    $dataentryoutput .= $prefix."<textarea name='{$fname['fieldname']}' rows='$drows' cols='$tiwidth' >"
                        .htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) ."</textarea>$suffix\n";
                        break;
                    case "U": //HUGE FREE TEXT
-                        $dataentryoutput .= "\t<textarea rows='50' cols='70' name='{$fname['fieldname']}'>"
+
-                        .htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) . "</textarea>\n";
+                    	//get question attributes to change some style and validation settings
 	                    $qidattributes=getQuestionAttributes($fname['qid']);
 					    if (trim($qidattributes['display_rows'])!='')
 					    {
 					        $drows=$qidattributes['display_rows'];
 					    }
 					    else
 					    {
 					        $drows=70;
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=50;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='') {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    $dataentryoutput .= $prefix.'<textarea name="'.$fname['fieldname'].'" rows="'.$drows.'" cols="'.$tiwidth.'">';
 					    $dataentryoutput .= htmlspecialchars($idrow[$fname['fieldname']], ENT_QUOTES) . "</textarea>$suffix\n";
                        break;
                    case "Y": //YES/NO radio-buttons
                        $dataentryoutput .= "\t<select name='{$fname['fieldname']}'>\n"
                        ."<option value=''";
@@ -1085,7 +1297,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            for ($j=1; $j<=5; $j++)
                            {
                                $dataentryoutput .= "\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='$j'";
-                                if ($idrow[$fname['fieldname']] == $j) {$dataentryoutput .= " checked";}
+                                if ($idrow[$fname['fieldname']] == $j) {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " />$j&nbsp;\n";
                            }
                            $dataentryoutput .= "</td>\n"
@@ -1107,7 +1319,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            for ($j=1; $j<=10; $j++)
                            {
                                $dataentryoutput .= "\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='$j'";
-                                if ($idrow[$fname['fieldname']] == $j) {$dataentryoutput .= " checked";}
+                                if ($idrow[$fname['fieldname']] == $j) {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " />$j&nbsp;\n";
                            }
                            $dataentryoutput .= "</td>\n"
@@ -1127,13 +1339,13 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            ."<td align='right'>{$fname['subquestion']}</td>\n"
                            ."<td>\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='Y'";
-                            if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "Y") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />".$clang->gT("Yes")."&nbsp;\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='U'";
-                            if ($idrow[$fname['fieldname']] == "U") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "U") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />".$clang->gT("Uncertain")."&nbsp;\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='N'";
-                            if ($idrow[$fname['fieldname']] == "N") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "N") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />".$clang->gT("No")."&nbsp;\n"
                            ."</td>\n"
                            ."\t</tr>\n";
@@ -1152,13 +1364,13 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            ."<td align='right'>{$fname['subquestion']}</td>\n"
                            ."<td>\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='I'";
-                            if ($idrow[$fname['fieldname']] == "I") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "I") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />Increase&nbsp;\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='S'";
-                            if ($idrow[$fname['fieldname']] == "I") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "I") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />Same&nbsp;\n"
                            ."\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='D'";
-                            if ($idrow[$fname['fieldname']] == "D") {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == "D") {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />Decrease&nbsp;\n"
                            ."</td>\n"
                            ."\t</tr>\n";
@@ -1190,12 +1402,12 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            while ($frow=$fresult->FetchRow())
                            {
                                $dataentryoutput .= "\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value='{$frow['code']}'";
-                                if ($idrow[$fname['fieldname']] == $frow['code']) {$dataentryoutput .= " checked";}
+                                if ($idrow[$fname['fieldname']] == $frow['code']) {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " />".$frow['answer']."&nbsp;\n";
                            }
                            //Add 'No Answer'
                            $dataentryoutput .= "\t<input type='radio' class='radiobtn' name='{$fname['fieldname']}' value=''";
-                            if ($idrow[$fname['fieldname']] == '') {$dataentryoutput .= " checked";}
+                            if ($idrow[$fname['fieldname']] == '') {$dataentryoutput .= " checked='checked'";}
                            $dataentryoutput .= " />".$clang->gT("No answer")."&nbsp;\n";
                            $dataentryoutput .= "</td>\n"
@@ -1247,17 +1459,18 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            $dataentryoutput .= "<td>\n";
                            if ($qidattributes['input_boxes']!=0) {
                                $dataentryoutput .= "\t<input type='text' name='{$fname['fieldname']}' value='";
-                                if (!empty($idrow[$fname['fieldname']])) {$datentryoutput .= $idrow[$fname['fieldname']];}
+                                if (!empty($idrow[$fname['fieldname']])) {$dataentryoutput .= htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES);}
-                                $dataentryoutput .= "' size=4 />";
+                                $dataentryoutput .= "' size=\"4\" />";
                            } else {
                                $dataentryoutput .= "\t<select name='{$fname['fieldname']}'>\n";
                                $dataentryoutput .= "<option value=''>...</option>\n";
                                for($ii=$minvalue;$ii<=$maxvalue;$ii+=$stepvalue)
                                {
                                    $dataentryoutput .= "<option value='$ii'";
-                                    if($idrow[$fname['fieldname']] == $ii) {$dataentryoutput .= " selected";}
+                                    if($idrow[$fname['fieldname']] == $ii) {$dataentryoutput .= " selected='selected'";}
                                    $dataentryoutput .= ">$ii</option>\n";
                                }
                                $dataentryoutput .= "</select>\n";
                            }
                            $dataentryoutput .= "</td>\n"
@@ -1277,7 +1490,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            . "<td align='right' valign='top'>{$fname['subquestion1']}:{$fname['subquestion2']}</td>\n";
                            $dataentryoutput .= "<td>\n";
                            $dataentryoutput .= "\t<input type='text' name='{$fname['fieldname']}' value='";
-                            if(!empty($idrow[$fname['fieldname']])) {$dataentryoutput .= $idrow[$fname['fieldname']];}
+                            if(!empty($idrow[$fname['fieldname']])) {$dataentryoutput .= htmlspecialchars($idrow[$fname['fieldname']],ENT_QUOTES);}
                            $dataentryoutput .= "' /></td>\n"
                            ."\t</tr>\n";
                            $fname=next($fnames);
@@ -1296,19 +1509,19 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
            } while ($fname=next($fnames));
            }
        $dataentryoutput .= "</table>\n"
-        ."<p>\n";
+        ."\n";
        if (!bHasSurveyPermission($surveyid, 'responses','update'))
        { // if you are not survey owner or super admin you cannot modify responses
-            $dataentryoutput .= "<input type='button' value='".$clang->gT("Save")."' disabled='disabled'/>\n";
+            $dataentryoutput .= "<p><input type='button' value='".$clang->gT("Save")."' disabled='disabled'/></p>\n";
        }
        elseif ($subaction == "edit" && bHasSurveyPermission($surveyid,'responses','update'))
        {
-            $dataentryoutput .= "
+            $dataentryoutput .= "<p>
 						 <input type='submit' value='".$clang->gT("Save")."' />
 						 <input type='hidden' name='id' value='$id' />
 						 <input type='hidden' name='sid' value='$surveyid' />
 						 <input type='hidden' name='subaction' value='update' />
-						 <input type='hidden' name='language' value='".$sDataEntryLanguage."' />";
+						 <input type='hidden' name='language' value='".$sDataEntryLanguage."' /></p>";
        }
        elseif ($subaction == "editsaved" && bHasSurveyPermission($surveyid,'responses','update'))
        {
@@ -1333,11 +1546,11 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
 				  //-->
 				  </script>\n";
            $dataentryoutput .= "<table><tr><td align='left'>\n";
            $dataentryoutput .= "\t<input type='checkbox' class='checkboxbtn' name='closerecord' id='closerecord' /><label for='closerecord'>".$clang->gT("Finalize response submission")."</label></td></tr>\n";
            $dataentryoutput .="<input type='hidden' name='closedate' value='".date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $timeadjust)."' />\n";
            $dataentryoutput .= "\t<input type='checkbox' class='checkboxbtn' name='closerecord' id='closerecord' /><label for='closerecord'>".$clang->gT("Finalize response submission")."</label></td></tr>\n";
            $dataentryoutput .= "\t<tr><td align='left'><input type='checkbox' class='checkboxbtn' name='save' id='save' onclick='saveshow(this.id)' /><label for='save'>".$clang->gT("Save for further completion by survey user")."</label>\n";
            $dataentryoutput .= "</td></tr></table>\n";
-            $dataentryoutput .= "<div name='saveoptions' id='saveoptions' style='display: none'>\n";
+            $dataentryoutput .= "<div id='saveoptions' style='display: none'>\n";
            $dataentryoutput .= "<table align='center' class='outlinetable' cellspacing='0'>
 				  <tr><td align='right'>".$clang->gT("Identifier:")."</td>
 				  <td><input type='text' name='save_identifier'";
@@ -1493,6 +1706,10 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
        $thissurvey=getSurveyInfo($surveyid);
        //This is the default, presenting a blank dataentry form
        $fieldmap=createFieldMap($surveyid);
        LimeExpressionManager::StartSurvey($surveyid, 'survey',NULL,false,LEM_PRETTY_PRINT_ALL_SYNTAX);
        $moveResult = LimeExpressionManager::NavigateForwards();
        // PRESENT SURVEY DATAENTRY SCREEN
        $dataentryoutput .= $surveyoptions;
@@ -1604,159 +1821,34 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                //GET ANY CONDITIONS THAT APPLY TO THIS QUESTION
                $explanation = ""; //reset conditions explanation
                $s=0;
-                $scenarioquery="SELECT DISTINCT scenario FROM ".db_table_name("conditions")." WHERE ".db_table_name("conditions").".qid={$deqrow['qid']} ORDER BY scenario";
+
-                $scenarioresult=db_execute_assoc($scenarioquery);
+                $qinfo = LimeExpressionManager::GetQuestionStatus($deqrow['qid']);
-                while ($scenariorow=$scenarioresult->FetchRow())
+                $relevance = trim($qinfo['info']['relevance']);
-                {
+                $explanation = trim($qinfo['relEqn']);
-                    if ($s == 0 && $scenarioresult->RecordCount() > 1) { $explanation .= " <br />-------- <i>Scenario {$scenariorow['scenario']}</i> --------<br />";}
+                $validation = trim($qinfo['prettyValidTip']);
-                    if ($s > 0) { $explanation .= " <br />-------- <i>".$clang->gT("OR")." Scenario {$scenariorow['scenario']}</i> --------<br />";}
+                $qidattributes=getQuestionAttributes($deqrow['qid']);
-
+                $array_filter_help = FlattenText(array_filter_help($qidattributes, $sDataEntryLanguage, $surveyid));
-                    $x=0;
+
-                    $distinctquery="SELECT DISTINCT cqid, ".db_table_name("questions").".title FROM ".db_table_name("conditions").", ".db_table_name("questions")." WHERE ".db_table_name("conditions").".cqid=".db_table_name("questions").".qid AND ".db_table_name("conditions").".qid={$deqrow['qid']} AND ".db_table_name("conditions").".scenario={$scenariorow['scenario']} ORDER BY cqid";
+                if (($relevance != '' && $relevance != '1') || ($validation != '') || ($array_filter_help != ''))
                    $distinctresult=db_execute_assoc($distinctquery);
                    while ($distinctrow=$distinctresult->FetchRow())
                    {
                        if ($x > 0) {$explanation .= " <i>".$blang->gT("AND")."</i><br />";}
                        $conquery="SELECT cid, cqid, cfieldname, ".db_table_name("questions").".title, ".db_table_name("questions").".question, value, ".db_table_name("questions").".type, method FROM ".db_table_name("conditions").", ".db_table_name("questions")." WHERE ".db_table_name("conditions").".cqid=".db_table_name("questions").".qid AND ".db_table_name("conditions").".cqid={$distinctrow['cqid']} AND ".db_table_name("conditions").".qid={$deqrow['qid']} AND ".db_table_name("conditions").".scenario={$scenariorow['scenario']}";
                        $conresult=db_execute_assoc($conquery);
                        while ($conrow=$conresult->FetchRow())
                        {
                            if ($conrow['method']=="==") {$conrow['method']="= ";} else {$conrow['method']=$conrow['method']." ";}
                            switch($conrow['type'])
                            {
                                case "Y":
                                    switch ($conrow['value'])
                                    {
                                        case "Y": $conditions[]=$conrow['method']."'".$blang->gT("Yes")."'"; break;
                                        case "N": $conditions[]=$conrow['method']."'".$blang->gT("No")."'"; break;
                                    }
                                    break;
                                case "G":
                                    switch($conrow['value'])
                                    {
                                        case "M": $conditions[]=$conrow['method']."'".$blang->gT("Male")."'"; break;
                                        case "F": $conditions[]=$conrow['method']."'".$blang->gT("Female")."'"; break;
                                    } // switch
                                    break;
                                case "A":
                                case "B":
                                    $conditions[]=$conrow['method']."'".$conrow['value']."'";
                                    break;
                                case "C":
                                    switch($conrow['value'])
                                    {
                                        case "Y": $conditions[]=$conrow['method']."'".$blang->gT("Yes")."'"; break;
                                        case "U": $conditions[]=$conrow['method']."'".$blang->gT("Uncertain")."'"; break;
                                        case "N": $conditions[]=$conrow['method']."'".$blang->gT("No")."'"; break;
                                    } // switch
                                    break;
                                case "1":
                                    $value=substr($conrow['cfieldname'], strpos($conrow['cfieldname'], "X".$conrow['cqid'])+strlen("X".$conrow['cqid']), strlen($conrow['cfieldname']));
                                    $fquery = "SELECT * FROM ".db_table_name("labels")."\n"
                                    . "WHERE lid='{$conrow['lid']}'\n and language='$sDataEntryLanguage' "
                                    . "AND code='{$conrow['value']}'";
                                    $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".$connect->ErrorMsg());
                                    while($frow=$fresult->FetchRow())
                                    {
                                        $postans=$frow['title'];
                                        $conditions[]=$conrow['method']."'".$frow['title']."'";
                                    } // while
                                    break;
                                case "E":
                                    switch($conrow['value'])
                                    {
                                        case "I": $conditions[]=$conrow['method']."'".$blang->gT("Increase")."'"; break;
                                        case "D": $conditions[]=$conrow['method']."'".$blang->gT("Decrease")."'"; break;
                                        case "S": $conditions[]=$conrow['method']."'".$blang->gT("Same")."'"; break;
                                    }
                                    break;
                                case "F":
                                case "H":
                                default:
                                    $value=substr($conrow['cfieldname'], strpos($conrow['cfieldname'], "X".$conrow['cqid'])+strlen("X".$conrow['cqid']), strlen($conrow['cfieldname']));
                                    $fquery = "SELECT * FROM ".db_table_name("questions")."\n"
                                    . "WHERE qid='{$conrow['cqid']}'\n and language='$sDataEntryLanguage' "
                                    . "AND title='{$conrow['title']}' and scale_id=0";
                                    $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".$connect->ErrorMsg());
                                    if ($fresult->RecordCount() <= 0) die($fquery);
                                    while($frow=$fresult->FetchRow())
                                    {
                                        $postans=$frow['title'];
                                        $conditions[]=$conrow['method']."'".$frow['title']."'";
                                    } // while
                                    break;
                            } // switch
                            $answer_section="";
                            switch($conrow['type'])
                            {
                                case "1":
                                    $ansquery="SELECT answer FROM ".db_table_name("answers")." WHERE qid='{$conrow['cqid']}' AND code='{$conrow['value']}' AND language='{$baselang}'";
                                    $ansresult=db_execute_assoc($ansquery);
                                    while ($ansrow=$ansresult->FetchRow())
                                    {
                                        $conditions[]=$conrow['method']."'".$ansrow['answer']."'";
                                    }
                                    $operator=$clang->gT("OR");
                                    if (isset($conditions)) $conditions = array_unique($conditions);
                                    break;
                                case "A":
                                case "B":
                                case "C":
                                case "E":
                                case "F":
                                case "H":
                                case ":":
                                case ";":
                                    $thiscquestion=$fieldmap[$conrow['cfieldname']];
                                    $ansquery="SELECT answer FROM ".db_table_name("answers")." WHERE qid='{$conrow['cqid']}' AND code='{$thiscquestion['aid']}' AND language='{$sDataEntryLanguage}'";
                                    $ansresult=db_execute_assoc($ansquery);
                                    $i=0;
                                    while ($ansrow=$ansresult->FetchRow())
                                    {
                                        if (isset($conditions) && count($conditions) > 0)
                                        {
                                            $conditions[sizeof($conditions)-1]="(".$ansrow['answer'].") : ".end($conditions);
                                        }
                                    }
                                    $operator=$blang->gT("AND");	// this is a dirty, DIRTY fix but it works since only array questions seem to be ORd
                                    break;
                                default:
                                    $ansquery="SELECT answer FROM ".db_table_name("answers")." WHERE qid='{$conrow['cqid']}' AND code='{$conrow['value']}' AND language='{$sDataEntryLanguage}'";
                                    $ansresult=db_execute_assoc($ansquery);
                                    while ($ansrow=$ansresult->FetchRow())
                                    {
                                        $conditions[]=$conrow['method']."'".$ansrow['answer']."'";
                                    }
                                    $operator=$blang->gT("OR");
                                    if (isset($conditions)) $conditions = array_unique($conditions);
                                    break;
                            }
                        }
                        if (isset($conditions) && count($conditions) > 1)
                        {
                            $conanswers = implode(" ".$operator." ", $conditions);
                            $explanation .= " -" . str_replace("{ANSWER}", $conanswers, $blang->gT("to question {QUESTION}, answer {ANSWER}"));
                        }
                        else
                        {
                            if(empty($conditions[0])) $conditions[0] = "'".$blang->gT("No Answer")."'";
                            $explanation .= " -" . str_replace("{ANSWER}", $conditions[0], $blang->gT("to question {QUESTION}, answer {ANSWER}"));
                        }
                        unset($conditions);
                        $explanation = str_replace("{QUESTION}", "'{$distinctrow['title']}$answer_section'", $explanation);
                        $x++;
                    }
                    $s++;
                }
                if ($explanation)
                {
                    $showme = '';
                    if ($bgc == "even") {$bgc = "odd";} else {$bgc = "even";} //Do no alternate on explanation row
-                    $explanation = "[".$blang->gT("Only answer this if the following conditions are met:")."]<br />$explanation\n";
+                    if ($relevance != '' && $relevance != '1') {
-                    $dataentryoutput .= "<tr class ='data-entry-explanation'><td class='data-entry-small-text' colspan='3' align='left'>$explanation</td></tr>\n";
+                        $showme = "[".$blang->gT("Only answer this if the following conditions are met:")."]<br />$explanation\n";
                    }
                    if ($showme != '' && $validation != '') {
                        $showme .= '<br/>';
                    }
                    if ($validation != '') {
                        $showme .= "[".$blang->gT("The answer(s) must meet these validation criteria:")."]<br />$validation\n";
                    }
                    if ($showme != '' && $array_filter_help != '') {
                        $showme .= '<br/>';
                    }
                    if ($array_filter_help != '') {
                        $showme .= "[".$blang->gT("The answer(s) must meet these array_filter criteria:")."]<br />$array_filter_help\n";
                    }
                    $dataentryoutput .= "<tr class ='data-entry-explanation'><td class='data-entry-small-text' colspan='3' align='left'>$showme</td></tr>\n";
                }
                //END OF GETTING CONDITIONS
@@ -1772,6 +1864,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                $dataentryoutput .= "\t<tr class='$bgc'>\n"
                ."<td class='data-entry-small-text' valign='top' width='1%'>{$deqrow['title']}</td>\n"
                ."<td valign='top' align='right' width='30%'>";
                // TMSW - Mandatory->EM
                if ($deqrow['mandatory']=="Y") //question is mandatory
                {
                    $dataentryoutput .= "<font color='red'>*</font>";
@@ -1873,7 +1966,8 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            .$clang->gT("Other").":"
                            ."<input type='text' name='{$fieldname}other' value='' />\n";
                        }
-                        $dataentryoutput .= "</tr></table>";
+                        //OLD: invalid HTML -> $dataentryoutput .= "</tr></table>";
                        $dataentryoutput .= "</table>";
                        break;
                    case "L": //LIST drop-down/radio-button list
@@ -2190,7 +2284,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            while ($mearow = $mearesult->FetchRow())
                            {
                                $dataentryoutput .= "\t<input type='checkbox' class='checkboxbtn' name='$fieldname{$mearow['code']}' id='answer$fieldname{$mearow['code']}' value='Y'";
-                                if ($mearow['default_value'] == "Y") {$dataentryoutput .= " checked";}
+                                if ($mearow['default_value'] == "Y") {$dataentryoutput .= " checked='checked'";}
                                $dataentryoutput .= " /><label for='$fieldname{$mearow['code']}'>{$mearow['answer']}</label><br />\n";
                            }
                            if ($deqrow['other'] == "Y")
@@ -2220,7 +2314,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                        break;
                    case "P": //Multiple choice with comments checkbox + text
                        $dataentryoutput .= "<table border='0'>\n";
-                        $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order, question";
+                        $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']} AND language='{$sDataEntryLanguage}' ORDER BY question_order";
                        $mearesult = db_execute_assoc($meaquery);
                        while ($mearow = $mearesult->FetchRow())
                        {
@@ -2277,7 +2371,13 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                        else
                            $dataentryoutput .= "jsonstr += '\"comment\":\"\",';";
-                        $dataentryoutput .= "jsonstr += '\"name\":\"'+$('#".$fieldname."_file_'+i).val()+'\"}';";
+                        $dataentryoutput .= "filename = $('#".$fieldname."_file_'+i).val();";
                        $dataentryoutput .= "if( filename.indexOf('\\\') != '-1' ) {
                            file = filename.split('\\\');
                            var max = file.length;
                            filename = file[max-1];
                        }";
                        $dataentryoutput .= "jsonstr += '\"name\":\"'+filename+'\"}';";
                        $dataentryoutput .= "jsonstr += ',';\n
                            filecount++;
@@ -2321,17 +2421,198 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                        $dataentryoutput .= "<tr><td align='center'><input type='hidden' name='".$fieldname."_filecount' id='".$fieldname."_filecount' value='' /></td>\n</tr>\n";
                        $dataentryoutput .= "</table>\n";
                        break;
                    case "N": //NUMERICAL TEXT
-                        $dataentryoutput .= "\t<input type='text' name='$fieldname' onkeypress=\"return goodchars(event,'0123456789.,')\" />";
+                        //get question attributes to change some style and validation settings
                    	$qidattributes = getQuestionAttributes($qid);
 					    if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='')
 					    {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    if (intval(trim($qidattributes['maximum_chars']))>0 && intval(trim($qidattributes['maximum_chars']))<20) // Limt to 20 chars for numeric
 					    {
 					        $maximum_chars= intval(trim($qidattributes['maximum_chars']));
 					        $maxlength= "maxlength='{$maximum_chars}' ";
 					    }
 					    else
 					    {
 					        $maxlength= "maxlength='20' ";
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=10;
 					    }
 					    if (trim($qidattributes['num_value_int_only'])==1)
 					    {
 					        $acomma="";
 					    }
 					    else
 					    {
 					        $acomma=getRadixPointData($thissurvey['surveyls_numberformat']);
 					        $acomma = $acomma['seperator'];
 					    }
 					    $sSeperator = getRadixPointData($thissurvey['surveyls_numberformat']);
 					    $dataentryoutput .= $prefix. "<input type='text' size='".$tiwidth."' name='".$fieldname."'
    					title='".$clang->gT('Only numbers may be entered in this field')."' $maxlength onkeypress=\"return goodchars(event,'-0123456789{$acomma}')\" />".$suffix;
                        break;
                    case "S": //SHORT FREE TEXT
-                        $dataentryoutput .= "\t<input type='text' name='$fieldname' />\n";
+                    	//get question attributes to change some style and validation settings
                    	$qidattributes = getQuestionAttributes($qid);
 	                    if ($qidattributes['numbers_only']==1)
 					    {
 					        $sSeperator = getRadixPointData($thissurvey['surveyls_numberformat']);
 					        $sSeperator = $sSeperator['seperator'];
 					        $numbersonly = 'onkeypress="return goodchars(event,\'-0123456789'.$sSeperator.'\')"';
 					    }
 					    else
 					    {
 					        $numbersonly = '';
 					    }
 					    if (intval(trim($qidattributes['maximum_chars']))>0)
 					    {
 					    	// Only maxlength attribute, use textarea[maxlength] jquery selector for textarea
 					        $maximum_chars= intval(trim($qidattributes['maximum_chars']));
 					        $maxlength= "maxlength='{$maximum_chars}' ";
 					    }
 					    else
 					    {
 					        $maxlength= "";
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=50;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='') {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
                    	if (trim($qidattributes['display_rows'])!='')
 					    {
 					        //question attribute "display_rows" is set -> we need a textarea to be able to show several rows
 					        $drows=$qidattributes['display_rows'];
 					        //if a textarea should be displayed we make it equal width to the long text question
 					        //this looks nicer and more continuous
 					        if($tiwidth == 50)
 					        {
 					            $tiwidth=40;
 					        }
 					        $dataentryoutput .= $prefix."<textarea $numbersonly name='".$fieldname."' rows='".$drows."'
 					        cols='".$tiwidth."' >";
 					        $dataentryoutput .= "</textarea>$suffix\n";
 					    }
                    	else
 					    {
 					        //no question attribute set, use common input text field
 					       	$dataentryoutput .= $prefix."<input type=\"text\" size=\"$tiwidth\" name=\"$fieldname\" ";
 					        $dataentryoutput .=" {$maxlength} $numbersonly />\n\t$suffix\n\n";
 					    }
                        break;
                    case "T": //LONG FREE TEXT
-                        $dataentryoutput .= "\t<textarea cols='40' rows='5' name='$fieldname'></textarea>\n";
+                    	$qidattributes=getQuestionAttributes($qid);
 					    if (trim($qidattributes['display_rows'])!='')
 					    {
 					        $drows=$qidattributes['display_rows'];
 					    }
 					    else
 					    {
 					        $drows=5;
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=40;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='') {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    $dataentryoutput .= $prefix.'<textarea name="'.$fieldname.'" rows="'.$drows.'" cols="'.$tiwidth.'" >';
 					    $dataentryoutput .= "</textarea>$suffix\n";
                        break;
-                    case "U": //LONG FREE TEXT
+
-                        $dataentryoutput .= "\t<textarea cols='50' rows='70' name='$fieldname'></textarea>\n";
+                    case "U": //HUGE FREE TEXT
                        $qidattributes=getQuestionAttributes($qid);
 					    if (trim($qidattributes['display_rows'])!='')
 					    {
 					        $drows=$qidattributes['display_rows'];
 					    }
 					    else
 					    {
 					        $drows=70;
 					    }
 					    if (trim($qidattributes['text_input_width'])!='')
 					    {
 					        $tiwidth=$qidattributes['text_input_width'];
 					    }
 					    else
 					    {
 					        $tiwidth=50;
 					    }
                        if (isset($qidattributes['prefix']) && trim($qidattributes['prefix'])!='') {
 					        $prefix=$qidattributes['prefix'];
 					    }
 					    else
 					    {
 					        $prefix = '';
 					    }
 					    if (isset($qidattributes['suffix']) && trim($qidattributes['suffix'])!='') {
 					        $suffix=$qidattributes['suffix'];
 					    }
 					    else
 					    {
 					        $suffix = '';
 					    }
 					    $dataentryoutput .= $prefix.'<textarea name="'.$fieldname.'" rows="'.$drows.'" cols="'.$tiwidth.'">';
 					    $dataentryoutput .= "</textarea>$suffix\n";
                        break;
                    case "Y": //YES/NO radio-buttons
                        $dataentryoutput .= "\t<select name='$fieldname'>\n";
@@ -2489,7 +2770,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                            {
                                $dataentryoutput .= "<td>\n";
                                if ($qidattributes['input_boxes']!=0) {
-                                    $dataentryoutput .= "\t<input type='text' name='$fieldname{$mearow['title']}_$ld' size=4 />";
+                                    $dataentryoutput .= "\t<input type='text' name='$fieldname{$mearow['title']}_$ld' size='4' />";
                                } else {
                                    $dataentryoutput .= "\t<select name='$fieldname{$mearow['title']}_$ld'>\n";
                                    $dataentryoutput .= "<option value=''>...</option>\n";
@@ -2625,7 +2906,7 @@ if (bHasSurveyPermission($surveyid, 'responses','read') || bHasSurveyPermission(
                //Show Save Option
                $dataentryoutput .= "\t<tr><td align='left'><input type='checkbox' class='checkboxbtn' name='save' id='save' onclick='saveshow(this.id)' /><label for='save'>".$clang->gT("Save for further completion by survey user")."</label>\n";
                $dataentryoutput .= "</td></tr></table>\n";
-                $dataentryoutput .= "<div name='saveoptions' id='saveoptions' style='display: none'>\n";
+                $dataentryoutput .= "<div id='saveoptions' style='display: none'>\n";
                $dataentryoutput .= "<table align='center' class='outlinetable' cellspacing='0'>
 					  <tr><td align='right'>".$clang->gT("Identifier:")."</td>
 					  <td><input type='text' name='save_identifier' /></td></tr>
@@ -2719,4 +3000,31 @@ function array_in_array($needle, $haystack)
    return false;
 }
 /*
 * This is a duplicate of the array_filter_help function in printablesurvey.php
 */
 function array_filter_help($qidattributes, $surveyprintlang, $surveyid) {
    global $clang;
    $output = "";
    if(!empty($qidattributes['array_filter']))
    {
        $newquery="SELECT question FROM ".db_table_name("questions")." WHERE title='{$qidattributes['array_filter']}' AND language='{$surveyprintlang}' AND sid = '$surveyid'";
        $newresult=db_execute_assoc($newquery);
        $newquestiontext=$newresult->fetchRow();
        $output .= "\n<p class='extrahelp'>
 		    ".sprintf($clang->gT("Only answer this question for the items you selected in question *%s* ('%s')"),$qidattributes['array_filter'], FlattenText(br2nl($newquestiontext['question'])))."
 		</p>\n";
    }
    if(!empty($qidattributes['array_filter_exclude']))
    {
        $newquery="SELECT question FROM ".db_table_name("questions")." WHERE title='{$qidattributes['array_filter_exclude']}' AND language='{$surveyprintlang}' AND sid = '$surveyid'";
        $newresult=db_execute_assoc($newquery);
        $newquestiontext=$newresult->fetchRow();
        $output .= "\n    <p class='extrahelp'>
 		    ".sprintf($clang->gT("Only answer this question for the items you did not select in question *%s* ('%s')"),$qidattributes['array_filter_exclude'], br2nl($newquestiontext['question']))."
 		</p>\n";
    }
    return $output;
 }
 ?>
--- a/include/limesurvey/admin/deactivate.php
+++ b/include/limesurvey/admin/deactivate.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: deactivate.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: deactivate.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 include_once("login_check.php");  //Login Check dies also if the script is started directly
--- a/include/limesurvey/admin/deletesurvey.php
+++ b/include/limesurvey/admin/deletesurvey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: deletesurvey.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: deletesurvey.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
--- a/include/limesurvey/admin/dumpdb.php
+++ b/include/limesurvey/admin/dumpdb.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: dumpdb.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: dumpdb.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 include_once("login_check.php");  //Login Check dies also if the script is started directly
--- a/include/limesurvey/admin/dumpgroup.php
+++ b/include/limesurvey/admin/dumpgroup.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: dumpgroup.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: dumpgroup.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/dumplabel.php
+++ b/include/limesurvey/admin/dumplabel.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: dumplabel.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: dumplabel.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/dumpquestion.php
+++ b/include/limesurvey/admin/dumpquestion.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: dumpquestion.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: dumpquestion.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/editansweroptions.php
+++ b/include/limesurvey/admin/editansweroptions.php
@@ -107,7 +107,7 @@
    // Insert some Javascript variables
    $surveysummary .= "\n<script type='text/javascript'>
-                          var languagecount=".count($anslangs).";\n
+                          var languagecount=".count($anslangs).";
                          var scalecount=".$scalecount.";
                          var assessmentvisible=".($assessmentvisible?'true':'false').";
                          var newansweroption_text='".$clang->gT('New answer option','js')."';
@@ -118,6 +118,7 @@
                          var quickaddtitle='".$clang->gT('Quick-add answers','js')."';
                          var sAssessmentValue='".$clang->gT('Assessment value','js')."';
                          var duplicateanswercode='".$clang->gT('Error: You are trying to use duplicate answer codes.','js')."';
                          var strNoLabelSet='".$clang->gT('There are no label sets which match the survey default language','js')."';
                          var langs='".implode(';',$anslangs)."';</script>\n";
    foreach ($anslangs as $anslang)
@@ -239,20 +240,20 @@
    }
    // Label set browser
 //                      <br/><input type='checkbox' checked='checked' id='languagefilter' /><label for='languagefilter'>".$clang->gT('Match language')."</label>
-    $vasummary .= "<div id='labelsetbrowser' style='display:none;'><div style='float:left;width:260px;'>
+    $vasummary .= "<div id='labelsetbrowser' class='labelsets-update' style='display:none;'><div class='labelset-list' style='float:left;width:260px;'>
                      <label for='labelsets'>".$clang->gT('Available label sets:')."</label>
-                      <br /><select id='labelsets' size='10' style='width:250px;'><option>&nbsp;</option></select>
+                      <select id='labelsets' size='10' style='width:250px;'><option>&nbsp;</option></select>
-                      <br /><button id='btnlsreplace' type='button'>".$clang->gT('Replace')."</button>
+                      <p class='button-list'><button id='btnlsreplace' type='button'>".$clang->gT('Replace')."</button>
                      <button id='btnlsinsert' type='button'>".$clang->gT('Add')."</button>
-                      <button id='btncancel' type='button'>".$clang->gT('Cancel')."</button></div>
+                      <button id='btncancel' type='button'>".$clang->gT('Cancel')."</button></p></div>
                   <div id='labelsetpreview' style='float:right;width:500px;'></div></div> ";
-    $vasummary .= "<div id='quickadd' style='display:none;'><div style='float:left;'>
+    $vasummary .= "<div id='quickadd' class='labelsets-update' style='display:none;'><div class='labelset-list' style='float:left;'>
                      <label for='quickadd'>".$clang->gT('Enter your answers:')."</label>
-                      <br /><textarea id='quickaddarea' class='tipme' title='".$clang->gT('Enter one answer per line. You can provide a code by separating code and answer text with a semikolon or tab. For multilingual surveys you add the translation(s) on the same line separated with a semikolon/tab.')."' rows='30' style='width:570px;'></textarea>
+                      <textarea id='quickaddarea' class='tipme' title='".$clang->gT('Enter one answer per line. You can provide a code by separating code and answer text with a semikolon or tab. For multilingual surveys you add the translation(s) on the same line separated with a semikolon/tab.')."' rows='30' style='width:570px;'></textarea>
-                      <br /><button id='btnqareplace' type='button'>".$clang->gT('Replace')."</button>
+                      <p class='button-list'><button id='btnqareplace' type='button'>".$clang->gT('Replace')."</button>
                      <button id='btnqainsert' type='button'>".$clang->gT('Add')."</button>
-                      <button id='btnqacancel' type='button'>".$clang->gT('Cancel')."</button></div>
+                      <button id='btnqacancel' type='button'>".$clang->gT('Cancel')."</button></p></div>
                   </div> ";
    // Save button
    $vasummary .= "<p><input type='submit' id='saveallbtn_$anslang' name='method' value='".$clang->gT("Save changes")."' />\n";
--- a/include/limesurvey/admin/editsubquestions.php
+++ b/include/limesurvey/admin/editsubquestions.php
@@ -73,6 +73,7 @@
                      var lsbrowsertitle='".$clang->gT('Label set browser','js')."';
                      var quickaddtitle='".$clang->gT('Quick-add subquestions','js')."';
                      var duplicateanswercode='".$clang->gT('Error: You are trying to use duplicate subquestion codes.','js')."';
                      var strNoLabelSet='".$clang->gT('There are no label sets which match the survey default language','js')."';
                      var langs='".implode(';',$anslangs)."';</script>\n";
@@ -195,7 +196,7 @@
                }
                elseif ($activated != 'Y' && $first) // If survey is decactivated
                {
-                    $vasummary .= "<img class='handle' src='$imageurl/handle.png' /></td><td><input type='hidden' class='oldcode' id='oldcode_{$row['qid']}_{$row['scale_id']}' name='oldcode_{$row['qid']}_{$row['scale_id']}' value=\"{$row['title']}\" /><input type='text' id='code_{$row['qid']}_{$row['scale_id']}' class='code' name='code_{$row['qid']}_{$row['scale_id']}' value=\"{$row['title']}\" maxlength='5' size='5'"
+                    $vasummary .= "<img class='handle' src='$imageurl/handle.png' /></td><td><input type='hidden' class='oldcode' id='oldcode_{$row['qid']}_{$row['scale_id']}' name='oldcode_{$row['qid']}_{$row['scale_id']}' value=\"{$row['title']}\" /><input type='text' id='code_{$row['qid']}_{$row['scale_id']}' class='code' name='code_{$row['qid']}_{$row['scale_id']}' value=\"{$row['title']}\" maxlength='20' size='5'"
                    ." onkeypress=\" if(event.keyCode==13) {if (event && event.preventDefault) event.preventDefault(); document.getElementById('saveallbtn_$anslang').click(); return false;} return goodchars(event,'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_')\""
                    ." />";
@@ -239,19 +240,19 @@
    // Label set browser
 //                      <br/><input type='checkbox' checked='checked' id='languagefilter' /><label for='languagefilter'>".$clang->gT('Match language')."</label>
-    $vasummary .= "<div id='labelsetbrowser' style='display:none;'><div style='float:left; width:260px;'>
+    $vasummary .= "<div id='labelsetbrowser' style='display:none;'><div class='labelset-list' style='float:left; width:260px;'>
                      <label for='labelsets'>".$clang->gT('Available label sets:')."</label>
-                      <br /><select id='labelsets' size='10' style='width:250px;'><option>&nbsp;</option></select>
+                      <select id='labelsets' size='10' style='width:250px;'><option>&nbsp;</option></select>
-                      <br /><button id='btnlsreplace' type='button'>".$clang->gT('Replace')."</button>
+                      <p class=button-list'><button id='btnlsreplace' type='button'>".$clang->gT('Replace')."</button>
                      <button id='btnlsinsert' type='button'>".$clang->gT('Add')."</button>
-                      <button id='btncancel' type='button'>".$clang->gT('Cancel')."</button></div>
+                      <button id='btncancel' type='button'>".$clang->gT('Cancel')."</button></p></div>
                   <div id='labelsetpreview' style='float:right;width:500px;'></div></div> ";
-    $vasummary .= "<div id='quickadd' style='display:none;'><div style='float:left;'>
+    $vasummary .= "<div id='quickadd' class='labelsets-update' style='display:none;'><div style='float:left;'>
                      <label for='quickadd'>".$clang->gT('Enter your subquestions:')."</label>
-                      <br /><textarea id='quickaddarea' class='tipme' title='".$clang->gT('Enter one subquestion per line. You can provide a code by separating code and subquestion text with a semikolon or tab. For multilingual surveys you add the translation(s) on the same line separated with a semikolon/tab.')."' rows='30' style='width:570px;'></textarea>
+                      <textarea id='quickaddarea' class='tipme' title='".$clang->gT('Enter one subquestion per line. You can provide a code by separating code and subquestion text with a semikolon or tab. For multilingual surveys you add the translation(s) on the same line separated with a semikolon/tab.')."' rows='30' style='width:570px;'></textarea>
-                      <br /><button id='btnqareplace' type='button'>".$clang->gT('Replace')."</button>
+                      <p class=button-list'><button id='btnqareplace' type='button'>".$clang->gT('Replace')."</button>
                      <button id='btnqainsert' type='button'>".$clang->gT('Add')."</button>
-                      <button id='btnqacancel' type='button'>".$clang->gT('Cancel')."</button></div>
+                      <button id='btnqacancel' type='button'>".$clang->gT('Cancel')."</button></p></div>
                   </div> ";
    $vasummary .= "<p>"
    ."<input type='submit' id='saveallbtn_$anslang' name='method' value='".$clang->gT("Save changes")."' />\n";
--- a/include/limesurvey/admin/editsurveysettings.php
+++ b/include/limesurvey/admin/editsurveysettings.php
--- a/include/limesurvey/admin/editsurveytextelements.php
+++ b/include/limesurvey/admin/editsurveytextelements.php
@@ -37,7 +37,7 @@
            $esquery = "SELECT * FROM ".db_table_name("surveys_languagesettings")." WHERE surveyls_survey_id=$surveyid and surveyls_language='$grouplang'";
            $esresult = db_execute_assoc($esquery); //Checked
            $esrow = $esresult->FetchRow();
-
+            if($esrow['surveyls_url']==""){$esrow['surveyls_url']="http://";}
            $tab_title[$i] = getLanguageNameFromCode($esrow['surveyls_language'],false);
            if ($esrow['surveyls_language']==GetBaseLanguageFromSurveyID($surveyid))
--- a/include/limesurvey/admin/export_data_functions.php
+++ b/include/limesurvey/admin/export_data_functions.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_data_functions.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: export_data_functions.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 /**
@@ -25,7 +25,7 @@ function strip_tags_full($string) {
    //$string = str_replace(array("\r\n","\r","\n",'-oth-'), '', $string);
    //The backslashes must be escaped twice, once for php, and again for the regexp
    //$string = str_replace("'|\\\\'", "&apos;", $string);
-	return FlattenText($string);	
+    return FlattenText($string);
 }
 /**
@@ -306,7 +306,7 @@ function spss_fieldmap($prefix = 'V') {
        foreach ($tokenattributes as $attributefield=>$attributedescription)
        {
            //Drop the token field, since it is in the survey too
-            if($attributefield!='token' && $attributefield!='callattempts' && $attributefield!='onappointment') {
+	    if($attributefield!='token' && $attributefield!='callattempts' && $attributefield!='onappointment') {
                $fieldno++;
                $fields[] = array('id'=>"$prefix$fieldno",'name'=>mb_substr($attributefield, 0, 8),
 			    'qid'=>0,'code'=>'','SPSStype'=>'A','LStype'=>'Undef',
@@ -444,7 +444,7 @@ function spss_getquery() {
        $tokenattributes=GetTokenFieldsAndNames($surveyid,false,false);
        foreach ($tokenattributes as $attributefield=>$attributedescription) {
            //Drop the token field, since it is in the survey too
-            if($attributefield!='token' && $attributefield!='callattempts' && $attributefield!='onappointment') {
+	    if($attributefield!='token' && $attributefield!='callattempts' && $attributefield!='onappointment') {
                $query .= "{$dbprefix}tokens_$surveyid.$attributefield, ";
            }
        }
@@ -455,6 +455,7 @@ function spss_getquery() {
        $query = "SELECT *
 	    FROM {$dbprefix}survey_$surveyid";
    }
    $qfs = questionnaireSampleFilterstate();
    if ($qfs != false)
    {
@@ -463,6 +464,7 @@ function spss_getquery() {
 	if ($qfs[1] != 0) //if a sample is selected
 		$query .= "	JOIN `sample` AS s ON (s.sample_id = c.sample_id AND s.import_id = '{$qfs[1]}') ";	
    }
    switch (incompleteAnsFilterstate()) {
        case 'inc':
            //Inclomplete answers only
--- a/include/limesurvey/admin/export_data_r.php
+++ b/include/limesurvey/admin/export_data_r.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_data_r.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: export_data_r.php 12179 2012-01-24 13:27:31Z adevries $
 */
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
@@ -66,15 +66,17 @@ $typeMap = array(
 'R'=>Array('name'=>'Ranking','size'=>1,'SPSStype'=>'F'),
 'S'=>Array('name'=>'Short free text','size'=>1,'SPSStype'=>'F'),
 'Y'=>Array('name'=>'Yes/No','size'=>1,'SPSStype'=>'F'),
-':'=>Array('name'=>'Multi flexi numbers','size'=>1,'SPSStype'=>'F','Scale'=>3),
+':'=>Array('name'=>'Multi flexi numbers','size'=>1,'SPSStype'=>'F'),
 ';'=>Array('name'=>'Multi flexi text','size'=>1,'SPSStype'=>'A'),
 '*'=>Array('name'=>'Equation','size'=>1,'SPSStype'=>'A'),
 );
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 $filterstate = incompleteAnsFilterstate();
 $quexsfilterstate = questionnaireSampleFilterstate();
-$headerComment = '#$Rev: 10925 $' . " $filterstate.\n";
+$headerComment = '#$Rev: 12179 $' . " $filterstate.\n";
 if (isset($_GET['dldata'])) $subaction = "dldata";
 if (isset($_GET['dlstructure'])) $subaction = "dlstructure";
@@ -202,25 +204,25 @@ if  ($subaction=='dlstructure')
  $i = 1;
  foreach ($fields as $field)
  {
-        if($field['SPSStype'] == 'DATETIME23.2') $field['size']='';
+    if($field['SPSStype'] == 'DATETIME23.2') $field['size']='';
    if($field['LStype'] == 'N' || $field['LStype']=='K')
    {
-            $field['size'].='.'.($field['size']-1);
+        $field['size'].='.'.($field['size']-1);
-        }
+    }
    switch ($field['SPSStype'])
    {
-            case 'F':
+      case 'F':
-                $type="numeric";
+          $type="numeric";
-                break;
+          break;
-            case 'A':
+      case 'A':
-                $type="character";
+          $type="character";
-                break;
+          break;
-            case 'DATETIME23.2':
+      case 'DATETIME23.2':
-            case 'SDATE':
+      case 'SDATE':
-                $type="character";
+          $type="character";
-                //@TODO set $type to format for date
+          //@TODO set $type to format for date
-                break;
+          break;
-        }
+    }
    if (!$field['hide'])
    {
@@ -232,7 +234,7 @@ if  ($subaction=='dlstructure')
                  htmlspecialchars_decode(
                    mb_substr(
                      strip_tags_full(
-                        $field['VariableLabel']),0,$length_varlabel)))  // <AdV> added htmlspecialchars_decode
+                        $field['VariableLabel']),0,$length_varlabel)))  
              . '"' . "\n";
      // Create the value Labels!
@@ -240,30 +242,32 @@ if  ($subaction=='dlstructure')
      {
            $answers = $field['answers'];
            //print out the value labels!
-            // data$V14=factor(data$V14,levels=c(1,2,3),labels=c("Yes","No","Uncertain"))
+            if($field['LStype'] != ':') // Exclude array (numeric) type questions. There must be a better way of doing this, but I can't find it. (AdV)
-        echo 'data[, ' . $i .'] <- factor(data[, ' . $i . '], levels=c(';
+              {
-            $str="";
+                echo 'data[, ' . $i .'] <- factor(data[, ' . $i . '], levels=c(';
-            foreach ($answers as $answer) {
+                $str="";
-                if ($field['SPSStype']=="F" && my_is_numeric($answer['code'])) {
+                foreach ($answers as $answer) {
-                    $str .= ",{$answer['code']}";
+                    if ($field['SPSStype']=="F" && my_is_numeric($answer['code'])) {
-                } else {
+                        $str .= ",{$answer['code']}";
-                    $str .= ",\"{$answer['code']}\"";
+                    } else {
                        $str .= ",\"{$answer['code']}\"";
                    }
                }
-            }
+                $str = mb_substr($str,1);
-            $str = mb_substr($str,1);
+                echo $str . '),labels=c(';
-            echo $str . '),labels=c(';
+                $str="";
-            $str="";
+                foreach ($answers as $answer) {
-            foreach ($answers as $answer) {
+                    $str .= ",\"{$answer['value']}\"";
-                $str .= ",\"{$answer['value']}\"";
+                }
-            }
+                $str = mb_substr($str,1);
            $str = mb_substr($str,1);
            if($field['scale']!=='' && $field['scale'] == 2 ) {
-                $scale = ",ordered=TRUE";
+                    $scale = ",ordered=TRUE";
-            } else {
+                } else {
-                $scale = "";
+                    $scale = "";
                }
                echo "$str)$scale)\n";
            }
-            echo "$str)$scale)\n";
+          }
        }
    //Rename the Variables (in case somethings goes wrong, we still have the OLD values
      if (isset($field['sql_name']))
--- a/include/limesurvey/admin/export_data_spss.php
+++ b/include/limesurvey/admin/export_data_spss.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_data_spss.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: export_data_spss.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
@@ -63,11 +63,14 @@ $typeMap = array(
 ':'=>Array('name'=>'Multi flexi numbers','size'=>1,'SPSStype'=>'F','Scale'=>3),
 ';'=>Array('name'=>'Multi flexi text','size'=>1,'SPSStype'=>'A'),
 '|'=>Array('name'=>'File upload','size'=>1,'SPSStype'=>'A'),
 '*'=>Array('name'=>'Equation','size'=>1,'SPSStype'=>'A'),
 );
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 $filterstate = incompleteAnsFilterstate();
 $quexsfilterstate = questionnaireSampleFilterstate();
 $spssver = returnglobal('spssver');
 if (is_null($spssver)) {
    if (!isset($_SESSION['spssversion'])) {
@@ -93,7 +96,7 @@ switch ($spssver) {
 }
-$headerComment = '*$Rev: 10925 $' . " $quexsfilterstate $filterstate $spssver.\n";
+$headerComment = '*$Rev: 11664 $' . " $quexsfilterstate $filterstate $spssver.\n";
 if (isset($_GET['dldata'])) $subaction = "dldata";
 if (isset($_GET['dlstructure'])) $subaction = "dlstructure";
--- a/include/limesurvey/admin/export_resources_zip.php
+++ b/include/limesurvey/admin/export_resources_zip.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_resources_zip.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: export_resources_zip.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
--- a/include/limesurvey/admin/export_structure_lsrc.php
+++ b/include/limesurvey/admin/export_structure_lsrc.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_structure_lsrc.php 9586 2010-12-06 03:08:07Z c_schmitz $
+ * $Id: export_structure_lsrc.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/export_structure_quexml.php
+++ b/include/limesurvey/admin/export_structure_quexml.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_structure_quexml.php 9671 2010-12-21 20:02:24Z c_schmitz $
+ * $Id: export_structure_quexml.php 11697 2011-12-20 04:17:59Z azammitdcarf $
 */
@@ -53,27 +53,24 @@ if (!$surveyid)
 function cleanup($string)
 {
-	return trim(strip_tags(str_ireplace("<br />","\n",$string)));
+	return html_entity_decode(trim(strip_tags(str_ireplace("<br />","\n",$string),'<p><b><u><i><em>')),ENT_QUOTES,'UTF-8');
 }
 function create_free($f,$len,$lab="")
 {
 	global $dom;
-	$free = $dom->create_element("free");
+	$free = $dom->createElement("free");
-	$format = $dom->create_element("format");
+	$format = $dom->createElement("format",cleanup($f));
 	$format->set_content(cleanup($f));
-	$length = $dom->create_element("length");
+	$length = $dom->createElement("length",cleanup($len));
 	$length->set_content(cleanup($len));
-	$label = $dom->create_element("label");
+	$label = $dom->createElement("label",cleanup($lab));
 	$label->set_content(cleanup($lab));
-	$free->append_child($format);
+	$free->appendChild($format);
-	$free->append_child($length);
+	$free->appendChild($length);
-	$free->append_child($label);
+	$free->appendChild($label);
 	return $free;
@@ -83,22 +80,20 @@ function create_free($f,$len,$lab="")
 function fixed_array($array)
 {
 	global $dom;
-	$fixed = $dom->create_element("fixed");
+	$fixed = $dom->createElement("fixed");
 	foreach ($array as $key => $v)
 	{
-		$category = $dom->create_element("category");
+		$category = $dom->createElement("category");
-		$label = $dom->create_element("label");
+		$label = $dom->createElement("label",cleanup($key));
 		$label->set_content(cleanup("$key"));
-		$value= $dom->create_element("value");
+		$value= $dom->createElement("value",cleanup($v));
 		$value->set_content(cleanup("$v"));
-		$category->append_child($label);
+		$category->appendChild($label);
-		$category->append_child($value);
+		$category->appendChild($value);
-		$fixed->append_child($category);
+		$fixed->appendChild($category);
 	}
@@ -114,67 +109,11 @@ function fixed_array($array)
 * @return bool|string Text of item to skip to otherwise false if nothing to skip to
 * @author Adam Zammit <adam.zammit@acspri.org.au>
 * @since  2010-10-28
- */
+ * @TODO Correctly handle conditions in a database agnostic way
 */
 function skipto($qid,$value,$cfieldname = "")
 {
-	global $connect ;
+	return false;
 	global $dbprefix ;
 	global $surveyid ;
 	global $qlang ;
 	$zeros = $connect->qstr("0000000000");
 	$Query = "SELECT q.*," . $connect->concat("RIGHT(" . $connect->concat($zeros,'g.gid') . ",10)","RIGHT(". $connect->concat($zeros,'q.question_order') .",10)") ." as globalorder
                  FROM {$dbprefix}questions as q, {$dbprefix}questions as q2, {$dbprefix}groups as g, {$dbprefix}groups as g2
                  WHERE q.parent_qid = 0 
                  AND q2.parent_qid = 0
                  AND q.sid=$surveyid
                  AND q2.sid=$surveyid
                  AND q2.qid = $qid       
                  AND g2.gid =q2.gid                      
                  AND g.gid = q.gid
                  AND " . $connect->concat("RIGHT(" . $connect->concat($zeros,'g.gid') . ",10)","RIGHT(". $connect->concat($zeros,'q.question_order') .",10)") ." > " . $connect->concat("RIGHT(" . $connect->concat($zeros,'g2.gid') . ",10)","RIGHT(". $connect->concat($zeros,'q2.question_order') .",10)") ."
                  ORDER BY globalorder";
 	$QueryResult = db_execute_assoc($Query);
 	$nextqid="";
 	$nextorder="";
 	$Row = $QueryResult->FetchRow();
 	if ($Row)
 	{
 		$nextqid = $Row['qid'];
 		$nextorder = $Row['globalorder'];
 	}
 	else
 		return false;
 	$Query = "SELECT q.*
 		FROM {$dbprefix}questions as q
 		JOIN {$dbprefix}groups as g ON (g.gid = q.gid)
 		LEFT JOIN {$dbprefix}conditions as c ON (c.cqid = '$qid' AND c.qid = q.qid AND c.method LIKE '==' AND c.value NOT LIKE '$value' $cfieldname)
 		WHERE q.sid = $surveyid
 		AND q.parent_qid = 0
 		AND " . $connect->concat("RIGHT(" . $connect->concat($zeros,'g.gid') . ",10)","RIGHT(". $connect->concat($zeros,'q.question_order') .",10)") ." >= $nextorder
 		AND c.cqid IS NULL
 		ORDER BY  " . $connect->concat("RIGHT(" . $connect->concat($zeros,'g.gid') . ",10)","RIGHT(". $connect->concat($zeros,'q.question_order') .",10)"); 
 	$QueryResult = db_execute_assoc($Query);
 	$Row = $QueryResult->FetchRow();
 	if ($Row)
 	{
 		if ($nextqid == $Row['qid'])
 			return false;
 		else
 			return $Row['title'];
 	}
 	else
 		return $qlang->gT("End");
 }
@@ -196,66 +135,58 @@ function create_fixed($qid,$rotate=false,$labels=true,$scale=0,$other=false,$var
 	$QueryResult = db_execute_assoc($Query);
-	$fixed = $dom->create_element("fixed");
+	$fixed = $dom->createElement("fixed");
 	$nextcode = "";
 	while ($Row = $QueryResult->FetchRow())
 	{
-		$category = $dom->create_element("category");
+		$category = $dom->createElement("category");
-		$label = $dom->create_element("label");
+		$label = $dom->createElement("label",cleanup($Row['title']));
 		$label->set_content(cleanup($Row['title']));
-		$value= $dom->create_element("value");
+		$value= $dom->createElement("value",cleanup($Row['code']));
 		$value->set_content(cleanup($Row['code']));
-		$category->append_child($label);
+		$category->appendChild($label);
-		$category->append_child($value);
+		$category->appendChild($value);
 		$st = skipto($qid,$Row['code']);
 		if ($st !== false)
 		{
-			$skipto = $dom->create_element("skipTo");
+			$skipto = $dom->createElement("skipTo",$st);
-			$skipto->set_content($st);
+			$category->appendChild($skipto);	
 			$category->append_child($skipto);	
 		}
-		$fixed->append_child($category);
+		$fixed->appendChild($category);
 		$nextcode = $Row['code'];
 	}
 	if ($other)
 	{
-		$category = $dom->create_element("category");
+		$category = $dom->createElement("category");
-		$label = $dom->create_element("label");
+		$label = $dom->createElement("label",get_length($qid,"other_replace_text",$qlang->gT("Other")));
 		$label->set_content(get_length($qid,"other_replace_text",$qlang->gT("Other")));
-		$value= $dom->create_element("value");
+		$value= $dom->createElement("value",'-oth');
-		$value->set_content('-oth-');
+		$category->appendChild($label);
 		$category->appendChild($value);	    
-		$category->append_child($label);
+		$contingentQuestion = $dom->createElement("contingentQuestion");
-		$category->append_child($value);	    
+		$length = $dom->createElement("length",24);
 		$text = $dom->createElement("text",get_length($qid,"other_replace_text",$qlang->gT("Other")));
-		$contingentQuestion = $dom->create_element("contingentQuestion");
+		$contingentQuestion->appendChild($text);
-		$length = $dom->create_element("length");
+		$contingentQuestion->appendChild($length);
-		$text = $dom->create_element("text");
+		$contingentQuestion->setAttribute("varName",$varname . 'other');
-		$text->set_content(get_length($qid,"other_replace_text",$qlang->gT("Other")));
+		$category->appendChild($contingentQuestion);
 		$length->set_content(24);
 		$contingentQuestion->append_child($text);
 		$contingentQuestion->append_child($length);
 		$contingentQuestion->set_attribute("varName",$varname . 'other');
-		$category->append_child($contingentQuestion);
+		$fixed->appendChild($category);
 		$fixed->append_child($category);
 	}
-	if ($rotate) $fixed->set_attribute("rotate","true");
+	if ($rotate) $fixed->setAttribute("rotate","true");
 	return $fixed;
 }
@@ -301,54 +232,49 @@ function create_multi(&$question,$qid,$varname,$scale_id = false,$free = false,$
 	while ($Row = $QueryResult->FetchRow())
 	{
-		$response = $dom->create_element("response");
+		$response = $dom->createElement("response");
 		if ($free == false)
 		{
-			$fixed = $dom->create_element("fixed");
+			$fixed = $dom->createElement("fixed");
-			$category = $dom->create_element("category");
+			$category = $dom->createElement("category");
-			$label = $dom->create_element("label");
+			$label = $dom->createElement("label",cleanup($Row['question']));
 			$label->set_content(cleanup($Row['question']));
-			$value= $dom->create_element("value");
+			$value= $dom->createElement("value",1);
 			//$value->set_content(cleanup($Row['title']));
 			$value->set_content("1");
 			$nextcode = $Row['title'];
-			$category->append_child($label);
+			$category->appendChild($label);
-			$category->append_child($value);
+			$category->appendChild($value);
 			$st = skipto($qid,'Y'," AND c.cfieldname LIKE '+$surveyid" . "X" . $Row['gid'] . "X" . $qid . $Row['title'] . "' ");
 			if ($st !== false)
 			{
-				$skipto = $dom->create_element("skipTo");
+				$skipto = $dom->createElement("skipTo",$st);
-				$skipto->set_content($st);
+				$category->appendChild($skipto);	
 				$category->append_child($skipto);	
 			}
-			$fixed->append_child($category);
+			$fixed->appendChild($category);
-			$response->append_child($fixed);
+			$response->appendChild($fixed);
 		}
 		else
-			$response->append_child(create_free($free['f'],$free['len'],$Row['question']));
+			$response->appendChild(create_free($free['f'],$free['len'],$Row['question']));
-		$response->set_attribute("varName",$varname . cleanup($Row['title']));
+		$response->setAttribute("varName",$varname . cleanup($Row['title']));
-		$question->append_child($response);
+		$question->appendChild($response);
 	}
 	if ($other && $free==false)
 	{
-		$response = $dom->create_element("response");
+		$response = $dom->createElement("response");
-		$fixed = $dom->create_element("fixed");
+		$fixed = $dom->createElement("fixed");
-		$category = $dom->create_element("category");
+		$category = $dom->createElement("category");
-		$label = $dom->create_element("label");
+		$label = $dom->createElement("label",get_length($qid,"other_replace_text",$qlang->gT("Other")));
 		$label->set_content(get_length($qid,"other_replace_text",$qlang->gT("Other")));
-		$value= $dom->create_element("value");
+		$value= $dom->createElement("value",1);
 		//Get next code
 		if (is_numeric($nextcode))
@@ -356,28 +282,24 @@ function create_multi(&$question,$qid,$varname,$scale_id = false,$free = false,$
 		else if (is_string($nextcode))
 			$nextcode = chr(ord($nextcode) + 1);
-		$value->set_content(1);
+		$category->appendChild($label);
 		$category->appendChild($value);	    
-		$category->append_child($label);
+		$contingentQuestion = $dom->createElement("contingentQuestion");
-		$category->append_child($value);	    
+		$length = $dom->createElement("length",24);
 		$text = $dom->createElement("text",get_length($qid,"other_replace_text",$qlang->gT("Other")));
-		$contingentQuestion = $dom->create_element("contingentQuestion");
+		$contingentQuestion->appendChild($text);
-		$length = $dom->create_element("length");
+		$contingentQuestion->appendChild($length);
-		$text = $dom->create_element("text");
+		$contingentQuestion->setAttribute("varName",$varname . 'other');
-		$text->set_content(get_length($qid,"other_replace_text",$qlang->gT("Other")));
+		$category->appendChild($contingentQuestion);
 		$length->set_content(24);
 		$contingentQuestion->append_child($text);
 		$contingentQuestion->append_child($length);
 		$contingentQuestion->set_attribute("varName",$varname . 'other');
-		$category->append_child($contingentQuestion);
+		$fixed->appendChild($category);
 		$response->appendChild($fixed);
 		$response->setAttribute("varName",$varname . cleanup($nextcode));
-		$fixed->append_child($category);
+		$question->appendChild($response);
 		$response->append_child($fixed);
 		$response->set_attribute("varName",$varname . cleanup($nextcode));
 		$question->append_child($response);
 	}
@@ -401,12 +323,11 @@ function create_subQuestions(&$question,$qid,$varname,$use_answers = false)
 	$QueryResult = db_execute_assoc($Query);
 	while ($Row = $QueryResult->FetchRow())
 	{
-		$subQuestion = $dom->create_element("subQuestion");
+		$subQuestion = $dom->createElement("subQuestion");
-		$text = $dom->create_element("text");
+		$text = $dom->createElement("text",cleanup($Row['question']));
-		$text->set_content(cleanup($Row['question']));
+		$subQuestion->appendChild($text);
-		$subQuestion->append_child($text);
+		$subQuestion->setAttribute("varName",$varname . cleanup($Row['title']));
-		$subQuestion->set_attribute("varName",$varname . cleanup($Row['title']));
+		$question->appendChild($subQuestion);
 		$question->append_child($subQuestion);
 	}
 	return;
@@ -416,44 +337,52 @@ global $dbprefix;
 global $connect ;
 $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
-$dom = domxml_new_doc("1.0");
+$dom = new DOMDocument('1.0','UTF-8'); 
 //Title and survey id
-$questionnaire = $dom->create_element("questionnaire");
+$questionnaire = $dom->createElement("questionnaire");
 $title = $dom->create_element("title");
 $Query = "SELECT * FROM {$dbprefix}surveys,{$dbprefix}surveys_languagesettings WHERE sid=$surveyid and surveyls_survey_id=sid and surveyls_language='".$quexmllang."'";
 $QueryResult = db_execute_assoc($Query);
 $Row = $QueryResult->FetchRow();
-$questionnaire->set_attribute("id", $Row['sid']);
+$questionnaire->setAttribute("id", $Row['sid']);
-$title->set_content(cleanup($Row['surveyls_title']));
+$title = $dom->createElement("title",cleanup($Row['surveyls_title']));
-$questionnaire->append_child($title);
+$questionnaire->appendChild($title);
 //investigator and datacollector
-$investigator = $dom->create_element("investigator");
+$investigator = $dom->createElement("investigator");
-$name = $dom->create_element("name");
+$name = $dom->createElement("name");
-$name = $dom->create_element("firstName");
+$name = $dom->createElement("firstName");
-$name = $dom->create_element("lastName");
+$name = $dom->createElement("lastName");
-$dataCollector = $dom->create_element("dataCollector");
+$dataCollector = $dom->createElement("dataCollector");
-$questionnaire->append_child($investigator);
+$questionnaire->appendChild($investigator);
-$questionnaire->append_child($dataCollector);
+$questionnaire->appendChild($dataCollector);
 //questionnaireInfo == welcome
 if (!empty($Row['surveyls_welcometext']))
 {
-	$questionnaireInfo = $dom->create_element("questionnaireInfo");
+	$questionnaireInfo = $dom->createElement("questionnaireInfo");
-	$position = $dom->create_element("position");
+	$position = $dom->createElement("position","before");
-	$text = $dom->create_element("text");
+	$text = $dom->createElement("text",cleanup($Row['surveyls_welcometext']));
-	$administration = $dom->create_element("administration");
+	$administration = $dom->createElement("administration","self");
-	$position->set_content("before");
+	$questionnaireInfo->appendChild($position);
-	$text->set_content(cleanup($Row['surveyls_welcometext']));
+	$questionnaireInfo->appendChild($text);
-	$administration->set_content("self");
+	$questionnaireInfo->appendChild($administration);
-	$questionnaireInfo->append_child($position);
+	$questionnaire->appendChild($questionnaireInfo);
-	$questionnaireInfo->append_child($text);
+}
-	$questionnaireInfo->append_child($administration);
+
-	$questionnaire->append_child($questionnaireInfo);
+if (!empty($Row['surveyls_endtext']))
 {
 	$questionnaireInfo = $dom->createElement("questionnaireInfo");
 	$position = $dom->createElement("position","after");
 	$text = $dom->createElement("text",cleanup($Row['surveyls_endtext']));
 	$administration = $dom->createElement("administration","self");
 	$questionnaireInfo->appendChild($position);
 	$questionnaireInfo->appendChild($text);
 	$questionnaireInfo->appendChild($administration);
 	$questionnaire->appendChild($questionnaireInfo);
 }
 //section == group
@@ -467,61 +396,49 @@ while ($Row = $QueryResult->FetchRow())
 {
 	$gid = $Row['gid'];
-	$section = $dom->create_element("section");
+	$section = $dom->createElement("section");
 	if (!empty($Row['group_name']))
 	{
-		$sectionInfo = $dom->create_element("sectionInfo");
+		$sectionInfo = $dom->createElement("sectionInfo");
-		$position = $dom->create_element("position");
+		$position = $dom->createElement("position","title");
-		$text = $dom->create_element("text");
+		$text = $dom->createElement("text",cleanup($Row['group_name']));
-		$administration = $dom->create_element("administration");
+		$administration = $dom->createElement("administration","self");
-		$position->set_content("title");
+		$sectionInfo->appendChild($position);
-		$text->set_content(cleanup($Row['group_name']));
+		$sectionInfo->appendChild($text);
-		$administration->set_content("self");
+		$sectionInfo->appendChild($administration);
-		$sectionInfo->append_child($position);
+		$section->appendChild($sectionInfo);
 		$sectionInfo->append_child($text);
 		$sectionInfo->append_child($administration);
 		$section->append_child($sectionInfo);
 	}
 	if (!empty($Row['description']))
 	{
-		$sectionInfo = $dom->create_element("sectionInfo");	
+		$sectionInfo = $dom->createElement("sectionInfo");	
-		$position = $dom->create_element("position");
+		$position = $dom->createElement("position","before");
-		$text = $dom->create_element("text");
+		$text = $dom->createElement("text",cleanup($Row['description']));
-		$administration = $dom->create_element("administration");
+		$administration = $dom->createElement("administration","self");
-		$position->set_content("before");
+		$sectionInfo->appendChild($position);
-		$text->set_content(cleanup($Row['description']));
+		$sectionInfo->appendChild($text);
-		$administration->set_content("self");
+		$sectionInfo->appendChild($administration);
-		$sectionInfo->append_child($position);
+		$section->appendChild($sectionInfo);
 		$sectionInfo->append_child($text);
 		$sectionInfo->append_child($administration);
 		$section->append_child($sectionInfo);
 	}
-
+	$section->setAttribute("id", $gid);
 	$section->set_attribute("id", $gid);
 	//boilerplate questions convert to sectionInfo elements
 	$Query = "SELECT * FROM {$dbprefix}questions WHERE sid=$surveyid AND gid = $gid AND type LIKE 'X'  AND language='$quexmllang' ORDER BY question_order ASC";
 	$QR = db_execute_assoc($Query);
 	while ($RowQ = $QR->FetchRow())
 	{
-		$sectionInfo = $dom->create_element("sectionInfo");
+		$sectionInfo = $dom->createElement("sectionInfo");
-		$position = $dom->create_element("position");
+		$position = $dom->createElement("position","before");
-		$text = $dom->create_element("text");
+		$text = $dom->createElement("text",cleanup($RowQ['question']));
-		$administration = $dom->create_element("administration");
+		$administration = $dom->createElement("administration","self");
 		$sectionInfo->appendChild($position);
 		$sectionInfo->appendChild($text);
 		$sectionInfo->appendChild($administration);
-		$position->set_content("before");
+		$section->appendChild($sectionInfo);
 		$text->set_content(cleanup($RowQ['question']));
 		$administration->set_content("self");
 		$sectionInfo->append_child($position);
 		$sectionInfo->append_child($text);
 		$sectionInfo->append_child($administration);
 		$section->append_child($sectionInfo);
 	}
@@ -531,7 +448,7 @@ while ($Row = $QueryResult->FetchRow())
 	$QR = db_execute_assoc($Query);
 	while ($RowQ = $QR->FetchRow())
 	{
-		$question = $dom->create_element("question");
+		$question = $dom->createElement("question");
 		$type = $RowQ['type'];
 		$qid = $RowQ['qid'];
@@ -545,9 +462,8 @@ while ($Row = $QueryResult->FetchRow())
 			$txt = cleanup($qt);
 			if (!empty($txt))
 			{
-				$text = $dom->create_element("text");
+				$text = $dom->createElement("text",$txt);
-				$text->set_content($txt);	
+				$question->appendChild($text);
 				$question->append_child($text);
 			}
 		}
@@ -555,24 +471,21 @@ while ($Row = $QueryResult->FetchRow())
 		//directive
 		if (!empty($RowQ['help']))
 		{
-			$directive = $dom->create_element("directive");
+			$directive = $dom->createElement("directive");
-			$position = $dom->create_element("position");
+			$position = $dom->createElement("position","during");
-			$position->set_content("during");
+			$text = $dom->createElement("text",cleanup($RowQ['help']));
-			$text = $dom->create_element("text");
+			$administration = $dom->createElement("administration","self");
 			$text->set_content(cleanup($RowQ['help']));
 			$administration = $dom->create_element("administration");
 			$administration->set_content("self");
-			$directive->append_child($position);
+			$directive->appendChild($position);
-			$directive->append_child($text);
+			$directive->appendChild($text);
-			$directive->append_child($administration);
+			$directive->appendChild($administration);
-			$question->append_child($directive);
+			$question->appendChild($directive);
 		}
-		$response = $dom->create_element("response");
+		$response = $dom->createElement("response");
 		$sgq = $surveyid . "X" . $gid . "X" . $qid;
-		$response->set_attribute("varName",$sgq);
+		$response->setAttribute("varName",$sgq);
 		switch ($type)
 		{
@@ -580,24 +493,24 @@ while ($Row = $QueryResult->FetchRow())
 				break;
 			case "5": //5 POINT CHOICE radio-buttons
-				$response->append_child(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5)));
+				$response->appendChild(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5)));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "D": //DATE
-				$response->append_child(create_free("date","8",""));
+				$response->appendChild(create_free("date","8",""));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "L": //LIST drop-down/radio-button list
-				$response->append_child(create_fixed($qid,false,false,0,$other,$sgq));
+				$response->appendChild(create_fixed($qid,false,false,0,$other,$sgq));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "!": //List - dropdown
-				$response->append_child(create_fixed($qid,false,false,0,$other,$sgq));
+				$response->appendChild(create_fixed($qid,false,false,0,$other,$sgq));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "O": //LIST WITH COMMENT drop-down/radio-button list + textarea
-				$response->append_child(create_fixed($qid,false,false,0,$other,$sgq));
+				$response->appendChild(create_fixed($qid,false,false,0,$other,$sgq));
-			$question->append_child($response);
+			$question->appendChild($response);
 			//no comment - this should be a separate question
 			break;
 			case "R": //RANKING STYLE
@@ -607,8 +520,8 @@ while ($Row = $QueryResult->FetchRow())
 			//$QRE = mysql_query($Query) or die ("ERROR: $QRE<br />".mysql_error());
 			//$QROW = mysql_fetch_assoc($QRE);
 			$QROW = $QRE->FetchRow();
-			$response->append_child(create_free("integer",strlen($QROW['sc']),""));
+			$response->appendChild(create_free("integer",strlen($QROW['sc']),""));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "M": //Multiple choice checkbox
 				create_multi($question,$qid,$sgq,false,false,$other);
@@ -620,80 +533,80 @@ while ($Row = $QueryResult->FetchRow())
 			break;
 			case "Q": //MULTIPLE SHORT TEXT
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(create_free("text",get_length($qid,"maximum_chars","10"),""));
+			$response->appendChild(create_free("text",get_length($qid,"maximum_chars","10"),""));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "K": //MULTIPLE NUMERICAL
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(create_free("integer",get_length($qid,"maximum_chars","10"),""));
+			$response->appendChild(create_free("integer",get_length($qid,"maximum_chars","10"),""));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "N": //NUMERICAL QUESTION TYPE
-				$response->append_child(create_free("integer",get_length($qid,"maximum_chars","10"),""));
+				$response->appendChild(create_free("integer",get_length($qid,"maximum_chars","10"),get_length($qid,"prefix","")));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "S": //SHORT FREE TEXT
-				$response->append_child(create_free("text",get_length($qid,"maximum_chars","240"),""));
+				$response->appendChild(create_free("text",get_length($qid,"maximum_chars","240"),get_length($qid,"prefix","")));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "T": //LONG FREE TEXT
-				$response->append_child(create_free("longtext",get_length($qid,"display_rows","40"),""));
+				$response->appendChild(create_free("longtext",get_length($qid,"display_rows","40"),get_length($qid,"prefix","")));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "U": //HUGE FREE TEXT
-				$response->append_child(create_free("longtext",get_length($qid,"display_rows","80"),""));
+				$response->appendChild(create_free("longtext",get_length($qid,"display_rows","80"),get_length($qid,"prefix","")));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "Y": //YES/NO radio-buttons
-				$response->append_child(fixed_array(array($qlang->gT("Yes") => 'Y',$qlang->gT("No") => 'N')));
+				$response->appendChild(fixed_array(array($qlang->gT("Yes") => 'Y',$qlang->gT("No") => 'N')));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "G": //GENDER drop-down list
-				$response->append_child(fixed_array(array($qlang->gT("Female") => 'F',$qlang->gT("Male") => 'M')));
+				$response->appendChild(fixed_array(array($qlang->gT("Female") => 'F',$qlang->gT("Male") => 'M')));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "A": //ARRAY (5 POINT CHOICE) radio-buttons
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5)));
+			$response->appendChild(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5)));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "B": //ARRAY (10 POINT CHOICE) radio-buttons
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5,"6" => 6,"7" => 7,"8" => 8,"9" => 9,"10" => 10)));
+			$response->appendChild(fixed_array(array("1" => 1,"2" => 2,"3" => 3,"4" => 4,"5" => 5,"6" => 6,"7" => 7,"8" => 8,"9" => 9,"10" => 10)));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "C": //ARRAY (YES/UNCERTAIN/NO) radio-buttons
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(fixed_array(array($qlang->gT("Yes") => 'Y',$qlang->gT("Uncertain") => 'U',$qlang->gT("No") => 'N')));
+			$response->appendChild(fixed_array(array($qlang->gT("Yes") => 'Y',$qlang->gT("Uncertain") => 'U',$qlang->gT("No") => 'N')));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "E": //ARRAY (Increase/Same/Decrease) radio-buttons
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(fixed_array(array($qlang->gT("Increase") => 'I',$qlang->gT("Same") => 'S',$qlang->gT("Decrease") => 'D')));
+			$response->appendChild(fixed_array(array($qlang->gT("Increase") => 'I',$qlang->gT("Same") => 'S',$qlang->gT("Decrease") => 'D')));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "F": //ARRAY (Flexible) - Row Format
 				//select subQuestions from answers table where QID
 				create_subQuestions($question,$qid,$sgq);
-			$response->append_child(create_fixed($qid,false,false,0,$other,$sgq));
+			$response->appendChild(create_fixed($qid,false,false,0,$other,$sgq));
-			$question->append_child($response);
+			$question->appendChild($response);
 			//select fixed responses from
 			break;
 			case "H": //ARRAY (Flexible) - Column Format
 				create_subQuestions($question,$RowQ['qid'],$sgq);
-			$response->append_child(create_fixed($qid,true,false,0,$other,$sgq));
+			$response->appendChild(create_fixed($qid,true,false,0,$other,$sgq));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 			case "1": //Dualscale multi-flexi array
 				//select subQuestions from answers table where QID
 				create_subQuestions($question,$qid,$sgq);
-			$response = $dom->create_element("response");
+			$response = $dom->createElement("response");
-			$response->append_child(create_fixed($qid,false,false,0,$other,$sgq)); 
+			$response->appendChild(create_fixed($qid,false,false,0,$other,$sgq)); 
-			$response2 = $dom->create_element("response");  
+			$response2 = $dom->createElement("response");  
-			$response2->set_attribute("varName",cleanup($sgq) . "_2");
+			$response2->setAttribute("varName",cleanup($sgq) . "_2");
-			$response2->append_child(create_fixed($qid,false,false,1,$other,$sgq));   
+			$response2->appendChild(create_fixed($qid,false,false,1,$other,$sgq));   
-			$question->append_child($response);
+			$question->appendChild($response);
-			$question->append_child($response2);  
+			$question->appendChild($response2);  
 			break;
 			case ":": //multi-flexi array numbers
 				create_subQuestions($question,$qid,$sgq);
@@ -714,25 +627,27 @@ while ($Row = $QueryResult->FetchRow())
 			create_multi($question,$qid,$sgq,1,array('f' => 'text', 'len' => 10, 'lab' => ''));
 			break;
 			case "^": //SLIDER CONTROL - not supported
-				$response->append_child(fixed_array(array("NOT SUPPORTED:$type" => 1)));
+				$response->appendChild(fixed_array(array("NOT SUPPORTED:$type" => 1)));
-			$question->append_child($response);
+			$question->appendChild($response);
 			break;
 		} //End Switch
-		$section->append_child($question);
+		$section->appendChild($question);
 	}
-	$questionnaire->append_child($section);
+	$questionnaire->appendChild($section);
 }
-$dom->append_child($questionnaire);
+$dom->appendChild($questionnaire);
-$quexml =  $dom->dump_mem(true,'UTF-8');
+$dom->formatOutput = true;
 $quexml =  $dom->saveXML();
 if (!(isset($noheader) && $noheader == true))
 {
--- a/include/limesurvey/admin/export_structure_xml.php
+++ b/include/limesurvey/admin/export_structure_xml.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: export_structure_xml.php 9607 2010-12-08 22:59:51Z azammitdcarf $
+ * $Id: export_structure_xml.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/exportresults.php
+++ b/include/limesurvey/admin/exportresults.php
@@ -1,17 +1,17 @@
 <?php
 /*
- * LimeSurvey
+* LimeSurvey
- * Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
+* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
- * All rights reserved.
+* All rights reserved.
- * License: GNU/GPL License v2 or later, see LICENSE.php
+* License: GNU/GPL License v2 or later, see LICENSE.php
- * LimeSurvey is free software. This version may have been modified pursuant
+* LimeSurvey is free software. This version may have been modified pursuant
- * to the GNU General Public License, and as distributed it includes or
+* to the GNU General Public License, and as distributed it includes or
- * is derivative of works licensed under the GNU General Public License or
+* is derivative of works licensed under the GNU General Public License or
- * other free or open source software licenses.
+* other free or open source software licenses.
- * See COPYRIGHT.php for copyright notices and details.
+* See COPYRIGHT.php for copyright notices and details.
- *
+*
- * $Id: exportresults.php 10925 2011-09-02 14:12:02Z c_schmitz $
+* $Id: exportresults.php 11664 2011-12-16 05:19:42Z tmswhite $
- */
+*/
 //Ensure script is not run directly, avoid path disclosure
@@ -44,7 +44,7 @@ if (!$exportstyle)
 {
    //FIND OUT HOW MANY FIELDS WILL BE NEEDED - FOR 255 COLUMN LIMIT
-    $excesscols=createFieldMap($surveyid);
+    $excesscols=createFieldMap($surveyid,'full',false,false,$surveybaselang);
    if ($thissurvey['savetimings'] === "Y") {
        //Append survey timings to the fieldmap array
        $excesscols = $excesscols + createTimingsFieldMap($surveyid);
@@ -110,6 +110,7 @@ $quexsfilterstate = questionnaireSampleFilterstate();
    $exportoutput .='<fieldset><legend>'
    .$clang->gT("Questions")."</legend>\n"
    ."<ul>\n"
    ."<li><input type='radio' class='radiobtn' name='exportstyle' value='abrev' id='headabbrev' />"
@@ -292,13 +293,15 @@ switch ( $_POST["type"] ) {
        $workbook->send('results-survey'.$surveyid.'.xls');
        // Creating the first worksheet
-        $query="SELECT * FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id=".$surveyid;
+        $query="SELECT * FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id={$surveyid} AND surveyls_language='{$surveybaselang}'" ;
        $result=db_execute_assoc($query) or safe_die("Couldn't get privacy data<br />$query<br />".$connect->ErrorMsg());
        $row = $result->FetchRow();
        $row['surveyls_title']=substr(str_replace(array('*', ':', '/', '\\', '?', '[', ']'),array(' '),$row['surveyls_title']),0,31); // Remove invalid characters
-        $sheet =& $workbook->addWorksheet($row['surveyls_title']); // do not translate/change this - the library does not support any special chars in sheet name
+        $sheet =& $workbook->addWorksheet(); // do not translate/change this - the library does not support any special chars in sheet name
 //        $row['surveyls_title']
        $sheet->setInputEncoding('utf-8');
        $sheet->name=$row['surveyls_title'] ;
        $separator="~|";
        break;
    case "csv":
@@ -311,7 +314,7 @@ switch ( $_POST["type"] ) {
        $pdf->SetFont($pdfdefaultfont,'',$pdffontsize);
        $pdf->AddPage();
        $pdf->intopdf("PDF Export ".date("Y.m.d-H:i",time()));
-        $query="SELECT * FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id=".$surveyid;
+        $query="SELECT * FROM {$dbprefix}surveys_languagesettings WHERE surveyls_survey_id={$surveyid}  AND surveyls_language='{$surveybaselang}'" ;
        $result=db_execute_assoc($query) or safe_die("Couldn't get privacy data<br />$query<br />".$connect->ErrorMsg());
        while ($row = $result->FetchRow())
        {
@@ -421,6 +424,7 @@ if ($tokenTableExists && $thissurvey['anonymized']=='N')
    . " ON $surveytable.token = {$dbprefix}tokens_$surveyid.token";
 }
 $qfs = questionnaireSampleFilterstate();
 if ($qfs != false)
 {
@@ -507,57 +511,48 @@ for ($i=0; $i<$fieldcount; $i++)
    }
    else
    {
-        //Data field heading!
+        // Prepare the header line
        $fielddata=$fieldmap[$fieldinfo];
        $fqid=$fielddata['qid'];
        $ftype=$fielddata['type'];
        $fsid=$fielddata['sid'];
        $fgid=$fielddata['gid'];
        $faid=$fielddata['aid'];
-        $question=$fielddata['question'];
+        switch ($exportstyle)
        if (isset($fielddata['scale'])) $question = "[{$fielddata['scale']}] ". $question;
        if (isset($fielddata['subquestion'])) $question = "[{$fielddata['subquestion']}] ". $question;
        if (isset($fielddata['subquestion2'])) $question = "[{$fielddata['subquestion2']}] ". $question;
        if (isset($fielddata['subquestion1'])) $question = "[{$fielddata['subquestion1']}] ". $question;
        if ($exportstyle == "abrev")
        {
-            $qname=strip_tags_full($question);
+            case 'headcodes': // only question codes
            $qname=mb_substr($qname, 0, 15)."..";
            $firstline = str_replace("\n", "", $firstline);
            $firstline = str_replace("\r", "", $firstline);
            if ($type == "csv") {$firstline .= "\"$qname";}
            else {$firstline .= "$qname";}
            if (isset($faid)) {$firstline .= " [{$faid}]"; $faid="";}
            if ($type == "csv") {$firstline .= "\"";}
            $firstline .= "$separator";
        }
        else    //headcode or full answer
        {
            if ($exportstyle == "headcodes")
            {
                $fquest=$fielddata['title'];
                if (!empty($fielddata['aid'])) $fquest .= ' [' . $fielddata['aid'] . ']';
-            }
+                if (isset($fielddata['scale_id'])) $fquest = $fquest."[{$fielddata['scale_id']}]";
-            else
+                $fquest=FlattenText($fquest,true);
-            {
+                break;
-                $fquest=$question;
+            case 'abrev': // Abbreviated question text
-            }
+                $fquest=FlattenText($fielddata['question']);
-            $fquest=FlattenText($fquest,true);
+                $fquest=mb_substr($fquest, 0, 15);
-            if ($type == "csv")
+                if (strlen($fquest)==15) $fquest.='...';
-            {
+                if (isset($faid)) {$fquest .= " [{$faid}]";}
-                $firstline .="\"$fquest\"$separator";
+                if (isset($fielddata['scale_id'])) $fquest = $fquest."[{$fielddata['scale_id']}]";
-            }
+                break;
-            else
+            default: // Full question text
-            {
+                $fquest=$fielddata['question'];
-                $firstline .= $fquest.$separator;
+                if (isset($fielddata['scale_id'])) $fquest = "[{$fielddata['scale_id']}] ". $fquest;
-            }
+                if (isset($fielddata['subquestion'])) $fquest = "[{$fielddata['subquestion']}] ". $fquest;
                if (isset($fielddata['subquestion2'])) $fquest = "[{$fielddata['subquestion2']}] ". $fquest;
                if (isset($fielddata['subquestion1'])) $fquest = "[{$fielddata['subquestion1']}] ". $fquest;
                $fquest=FlattenText($fquest,true);
                break;
        }
-        if($convertspacetous == "Y")
+         if($convertspacetous == "Y")
        {
-            $firstline=str_replace(" ", "_", $firstline);
+            $fquest=str_replace(" ", "_", $fquest);
        }
        if ($type == "csv") {$fquest = "\"$fquest\"";}
        $firstline .= $fquest.$separator;
    }
 }
 if ($type == "csv") { $firstline = mb_substr(trim($firstline),0,strlen($firstline)-1);}
 else
 {
@@ -582,8 +577,8 @@ if ($type == "doc" || $type == "pdf")
        </style>';
 }
 else
-if ($type == "xls")
+    if ($type == "xls")
-{
+    {
    //var_dump ($firstline);
    $flarray=explode($separator, $firstline);
    $fli=0;
@@ -593,9 +588,9 @@ if ($type == "xls")
        $fli++;
    }
    //print_r($fieldmap);
-}
+    }
-else
+    else
-{
+    {
    $exportoutput .= $firstline; //Sending the header row
 }
@@ -627,7 +622,7 @@ if (isset($_POST['answerid']) && $_POST['answerid'] != "NULL") //this applies if
 {
    $where[] = "$surveytable.id=".stripcslashes($_POST['answerid']);
 }
- if (count($where)>0) $dquery .= ' WHERE ' . join(' AND ', $where);
+if (count($where)>0) $dquery .= ' WHERE ' . join(' AND ', $where);
 $dquery .= " ORDER BY $surveytable.id";
@@ -1115,15 +1110,15 @@ elseif ($answers == "long")        //chose complete answers
 }
 if ($type=='xls')
 {
-//    echo memory_get_peak_usage(true); die();
+    //    echo memory_get_peak_usage(true); die();
    $workbook->close();
 }
 else if($type=='pdf')
-{
+    {
    $pdf->Output($clang->gT($surveyname)." ".$surveyid.".pdf","D");
-}
+    }
-else
+    else
-{
+    {
    echo $exportoutput;
 }
 exit;
--- a/include/limesurvey/admin/fck_LimeReplacementFields.php
+++ b/include/limesurvey/admin/fck_LimeReplacementFields.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: fck_LimeReplacementFields.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: fck_LimeReplacementFields.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 include_once("login_check.php");
--- a/include/limesurvey/admin/globalsettings.php
+++ b/include/limesurvey/admin/globalsettings.php
@@ -10,12 +10,13 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: globalsettings.php 9662 2010-12-20 15:26:32Z c_schmitz $
+ * $Id: globalsettings.php 12242 2012-01-27 23:41:13Z c_schmitz $
 */
 // Dont use login_check.php : globalsettings included in common.php
 if (!isset($homedir) || isset($_REQUEST['$homedir'])) {die("Cannot run this script directly");}
 require_once('classes/core/settingsstorage.php');
 //Ensure script is not run directly, avoid path disclosure
 if (!isset($homedir) || isset($_REQUEST['$homedir'])) {die("Cannot run this script directly");}
 injectglobalsettings();
@@ -46,7 +47,7 @@ function globalsettingssave()
    global $action, $editsurvey, $connect, $scriptname, $clang;
    if (isset($action) && $action == "globalsettingssave")
    {
-        if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
+        if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
        {
            if (sanitize_int($_POST['maxemails'])<1)
            {
@@ -81,7 +82,7 @@ function globalsettingssave()
            setGlobalSetting('siteadminemail',strip_tags($_POST['siteadminemail']));
            setGlobalSetting('siteadminname',strip_tags($_POST['siteadminname']));
            setGlobalSetting('shownoanswer',sanitize_int($_POST['shownoanswer']));
-            setGlobalSetting('showXquestions',($_POST['showXquestions']));
+            setGlobalSetting('showxquestions',($_POST['showxquestions']));
            setGlobalSetting('showgroupinfo',($_POST['showgroupinfo']));
            setGlobalSetting('showqnumcode',($_POST['showqnumcode']));
            $repeatheadingstemp=(int)($_POST['repeatheadings']);
@@ -94,6 +95,8 @@ function globalsettingssave()
            setGlobalSetting('sessionlifetime',$sessionlifetimetemp);
            setGlobalSetting('ipInfoDbAPIKey',$_POST['ipInfoDbAPIKey']);
            setGlobalSetting('googleMapsAPIKey',$_POST['googleMapsAPIKey']);
            setGlobalSetting('googleanalyticsapikey',$_POST['googleanalyticsapikey']);
            setGlobalSetting('googletranslateapikey',$_POST['googletranslateapikey']);
            setGlobalSetting('force_ssl',$_POST['force_ssl']);
            setGlobalSetting('surveyPreview_require_Auth',strip_tags($_POST['surveyPreview_require_Auth']));
            $savetime=trim(strip_tags((float) $_POST['timeadjust']).' hours'); //makes sure it is a number, at least 0
@@ -103,6 +106,8 @@ function globalsettingssave()
            setGlobalSetting('usercontrolSameGroupPolicy',strip_tags($_POST['usercontrolSameGroupPolicy']));
            $_SESSION['flashmessage'] = $clang->gT("Global settings were saved.");
            $url = htmlspecialchars_decode($_SESSION['refurl']);
            header("Location: $url");
        }
    }
@@ -112,16 +117,20 @@ function globalsettingsdisplay()
 {
    global $action, $connect, $js_admin_includes, $editsurvey, $subaction, $scriptname, $clang;
    global $updateversion, $updatebuild, $updateavailable, $updatelastcheck, $demoModeOnly;
    global $refurl;
    if (isset($subaction) && $subaction == "updatecheck")
    {
-        //$updateinfo=updatecheck();
+//        $updateinfo=updatecheck();
    }
    if (isset($action) && $action == "globalsettings")
    {
-        if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
+        if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
        {
            //save refurl from where global settings screen is called!
            $_SESSION['refurl'] = htmlspecialchars($refurl); //just to be safe!
            $js_admin_includes[]='scripts/globalsettings.js';
            // header
            $editsurvey = "<div class='header ui-widget-header'>".$clang->gT("Global settings")."</div>\n";
@@ -139,7 +148,8 @@ function globalsettingsdisplay()
            $editsurvey .= "<div id='overview'>\n";
            $editsurvey .= checksettings();
-/*
+/* queXS Removal
            $thisupdatecheckperiod=getGlobalSetting('updatecheckperiod');
            $editsurvey .= "<br /></p><div class='header ui-widget-header'>".$clang->gT("Updates")."</div><ul>"
            . "\t<li><label for='updatecheckperiod'>".$clang->gT("Check for updates:")."</label>\n"
@@ -176,10 +186,12 @@ function globalsettingsdisplay()
            {
                $editsurvey .=$clang->gT('There is currently no newer LimeSurvey version available.');
            }
-*/
+
 end queXS Removal */
            $editsurvey .= "</p></div>";
            // General TAB
            $editsurvey .= "\t<div id='general'>\n";
            // Administrator...
@@ -263,7 +275,10 @@ function globalsettingsdisplay()
            . "<input type='text' size='35' id='ipInfoDbAPIKey' name='ipInfoDbAPIKey' value=\"".htmlspecialchars(getGlobalSetting('ipInfoDbAPIKey'))."\" /></li>"
            . "<li><label for='googleMapsAPIKey'>".$clang->gT("Google Maps API key:")."</label>\n"
            . "<input type='text' size='35' id='googleMapsAPIKey' name='googleMapsAPIKey' value=\"".htmlspecialchars(getGlobalSetting('googleMapsAPIKey'))."\" /></li>"
-
+            . "<li><label for='googleanalyticsapikey'>".$clang->gT("Google Analytics API key:")."</label>\n"
            . "<input type='text' size='35' id='googleanalyticsapikey' name='googleanalyticsapikey' value=\"".htmlspecialchars(getGlobalSetting('googleanalyticsapikey'))."\" /></li>"
            . "<li><label for='googletranslateapikey'>".$clang->gT("Google Translate API key:")."</label>\n"
            . "<input type='text' size='35' id='googletranslateapikey' name='googletranslateapikey' value=\"".htmlspecialchars(getGlobalSetting('googletranslateapikey'))."\" /></li>"                    
                    ;
@@ -457,16 +472,16 @@ function globalsettingsdisplay()
        . "\t\t<input id='repeatheadings' name='repeatheadings' value='$thisrepeatheadings' size='4' maxlength='4' /></li>\n";
-        // showXquestions
+        // showxquestions
-        $set_xq=getGlobalSetting('showXquestions');
+        $set_xq=getGlobalSetting('showxquestions');
 	    $sel_xq = array( 'hide' => '' , 'show' => '' , 'choose' => '');
 	    $sel_xq[$set_xq] = ' selected="selected"';
 	    if( empty($sel_xq['hide']) && empty($sel_xq['show']) && empty($sel_xq['choose']))
 	    {
 	    	$sel_xq['choose'] = ' selected="selected"';
 	    };
-            $editsurvey .= "\t<li><label for=\"showXquestions\">".$clang->gT('Show "There are X questions in this survey"')."</label>\n"
+            $editsurvey .= "\t<li><label for=\"showxquestions\">".$clang->gT('Show "There are X questions in this survey"')."</label>\n"
-            . "\t\t<select id=\"showXquestions\" name=\"showXquestions\">\n"
+            . "\t\t<select id=\"showxquestions\" name=\"showxquestions\">\n"
            . "\t\t\t<option value=\"show\"{$sel_xq['show']}>".$clang->gT('Yes')."</option>\n"
            . "\t\t\t<option value=\"hide\"{$sel_xq['hide']}>".$clang->gT('No')."</option>\n"
            . "\t\t\t<option value=\"choose\"{$sel_xq['choose']}>".$clang->gT('Survey admin can choose')."</option>\n"
--- a/include/limesurvey/admin/html.php
+++ b/include/limesurvey/admin/html.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: html.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: html.php 12398 2012-02-07 20:02:56Z tmswhite $
 */
 //Security Checked: POST, GET, SESSION, DB, REQUEST, returnglobal
@@ -43,6 +43,48 @@ if ($action == "personalsettings")
            $edmod1="selected='selected'";
            break;
    }
    // prepare data for the questionselectormode preference
    $qsmod1='';
    $qsmod2='';
    $qsmod3='';
    $qsmod="default";
    if( isset($_SESSION['questionselectormode']))
    {
        $qsmod=$_SESSION['questionselectormode'];
    }
    switch ($qsmod)
    {
        case 'full':
            $qsmod2="selected='selected'";
            break;
        case 'none':
            $qsmod3="selected='selected'";
            break;
        default:
            $qsmod1="selected='selected'";
            break;
    }
    // prepare data for the templateeditormode preference
    $temod1='';
    $temod2='';
    $temod3='';
    $temod="default";
    if( isset($_SESSION['templateeditormode']))
    {
        $temod=$_SESSION['templateeditormode'];
    }
    switch ($temod)
    {
        case 'full':
            $temod2="selected='selected'";
            break;
        case 'none':
            $temod3="selected='selected'";
            break;
        default:
            $temod1="selected='selected'";
            break;
    }
    $cssummary = "<div class='formheader'>"
    . "<strong>".$clang->gT("Your personal settings")."</strong>\n"
@@ -80,6 +122,26 @@ if ($action == "personalsettings")
    $cssummary .= "</select>\n"
    . "</li>\n";
    // Current questionselectormode
    $cssummary .=  "<li>\n"
    . "<label for='questionselectormode'>".$clang->gT("Question type selector").":</label>\n"
    . "<select id='questionselectormode' name='questionselectormode'>\n"
    . "<option value='default' {$qsmod1}>".$clang->gT("Default")."</option>\n"
    . "<option value='full' {$qsmod2}>".$clang->gT("Full selector")."</option>\n"
    . "<option value='none' {$qsmod3}>".$clang->gT("Simple selector")."</option>\n";
    $cssummary .= "</select>\n"
    . "</li>\n";
    // Current templateeditormode
    $cssummary .=  "<li>\n"
    . "<label for='templateeditormode'>".$clang->gT("Template editor mode").":</label>\n"
    . "<select id='templateeditormode' name='templateeditormode'>\n"
    . "<option value='default' {$temod1}>".$clang->gT("Default")."</option>\n"
    . "<option value='full' {$temod2}>".$clang->gT("Full template editor")."</option>\n"
    . "<option value='none' {$temod3}>".$clang->gT("Simple template editor")."</option>\n";
    $cssummary .= "</select>\n"
    . "</li>\n";
    // Date format
    $cssummary .=  "<li>\n"
    . "<label for='dateformat'>".$clang->gT("Date format").":</label>\n"
@@ -213,7 +275,10 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
            $icontext2=$clang->gTview("Execute This Survey");
        }
        $baselang = GetBaseLanguageFromSurveyID($surveyid);
-        if (count(GetAdditionalLanguagesFromSurveyID($surveyid)) == 0)
+        $tmp_survlangs = GetAdditionalLanguagesFromSurveyID($surveyid);
        $tmp_survlangs[] = $baselang;
        rsort($tmp_survlangs);
        if (count($tmp_survlangs) == 1)
        {
            $surveysummary .= "<li><a href='#' accesskey='d' onclick=\"window.open('"
            . $publicurl."/index.php?sid={$surveyid}&amp;newtest=Y&amp;lang={$baselang}', '_blank')\" title=\"{$icontext2}\" >"
@@ -227,9 +292,6 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
            . "</a><ul>\n";
            $surveysummary .= "<li><a accesskey='d' target='_blank' href='{$publicurl}/index.php?sid=$surveyid&amp;newtest=Y'>"
              . "<img src='{$imageurl}/do_30.png' /> $icontext </a><ul>";
            $tmp_survlangs = GetAdditionalLanguagesFromSurveyID($surveyid);
            $tmp_survlangs[] = $baselang;
            rsort($tmp_survlangs);
            // Test Survey Language Selection Popup
            foreach ($tmp_survlangs as $tmp_lang)
            {
@@ -262,7 +324,7 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
        }
        // Survey permission item
-        if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $surveyinfo['owner_id'] == $_SESSION['loginID'])
+        if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $surveyinfo['owner_id'] == $_SESSION['loginID'] || bHasSurveyPermission($surveyid,'surveysecurity','read'))
        {
            $surveysummary .= "<li><a href='{$scriptname}?action=surveysecurity&amp;sid={$surveyid}'>"
            . "<img src='{$imageurl}/survey_security_30.png' name='SurveySecurity'/> ".$clang->gT("Survey permissions")."</a></li>\n";
@@ -309,12 +371,38 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
            . "<img src='{$imageurl}/emailtemplates_30.png' name='EditEmailTemplates' /> ".$clang->gT("Email templates")."</a></li>\n";
        }
        // QUALITY ASSURANCE BUTTON - SHOW LOGIC FILE
        if(bHasSurveyPermission($surveyid,'translations','read'))
        {
            $icontext = $clang->gT("Survey  Logic File");
        }
        if (count($tmp_survlangs) == 1)
        {
            $surveysummary .= "<li><a href='#' onclick=\"window.open('{$scriptname}?action=showlogicfile&amp;sid={$surveyid}', '_blank')\" title=\"{$icontext}\" >"
            . "<img src='{$imageurl}/quality_assurance.png' alt='$icontext' />$icontext"
            . "</a></li>\n";
        } else {
            $surveysummary .= "<li><a href='#' "
            . "title='{$icontext}'>"
            . "<img src='{$imageurl}/quality_assurance.png' alt='{$icontext}' />$icontext"
            . "</a><ul>\n";
            // Test Survey Language Selection Popup
            foreach ($tmp_survlangs as $tmp_lang)
            {
                $surveysummary .= "<li><a target='_blank' href='{$scriptname}?action=showlogicfile&amp;sid={$surveyid}&amp;lang={$tmp_lang}'>"
                . "<img src='{$imageurl}/quality_assurance.png' /> ".getLanguageNameFromCode($tmp_lang,false)."</a></li>";
            }
            $surveysummary .= "</ul></li>";
        }
        $surveysummary .='</ul></li>'; // End if survey properties
        // Tools menu item
        $surveysummary .= "<li><a href=\"#\">"
-        . "<img src='{$imageurl}/tools.png' name='SorveyTools' alt='".$clang->gT("Tools")."' /></a><ul>\n";
+        . "<img src='{$imageurl}/tools.png' name='SurveyTools' alt='".$clang->gT("Tools")."' /></a><ul>\n";
        // Delete survey item
@@ -357,6 +445,14 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
                . "<img src='{$imageurl}/resetsurveylogic_disabled_30.png' name='ResetSurveyLogic' /> ".$clang->gT("Reset Survey Logic")."</a></li>\n";
            }
        }
        // EXPRESSION MANAGER TEST SUITE
        if (bHasSurveyPermission($surveyid,'surveycontent','update'))
        {
            $surveysummary .= "<li><a target='_blank' href='{$scriptname}?action=EMtest'>"
            . "<img src='{$imageurl}/expressionManager_30.png' name='ExpressionManager' /> ".$clang->gT("Expression Manager")."</a></li>\n";
        }
        $surveysummary .='</ul></li>' ;
@@ -645,10 +741,10 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
        {
            $surveysummary2 .= $clang->gT("Regenerate question codes:")
            . " [<a href='#' "
-            . "onclick=\"if (confirm('".$clang->gT("Are you sure you want regenerate the question codes?","js")."')) {".get2post("$scriptname?action=renumberquestions&amp;sid=$surveyid&amp;style=straight")."}\" "
+            . "onclick=\"if (confirm('".$clang->gT("Are you sure you want to regenerate the question codes?\n\nWARNING:\nThis is safe if you only use the Conditions editor.\n\nHOWEVER, if you manually specified any relevance equations, regenerating the question codes will break all of that survey logic.","js")."')) {".get2post("$scriptname?action=renumberquestions&amp;sid=$surveyid&amp;style=straight")."}\" "
            . ">".$clang->gT("Straight")."</a>] "
            . " [<a href='#' "
-            . "onclick=\"if (confirm('".$clang->gT("Are you sure you want regenerate the question codes?","js")."')) {".get2post("$scriptname?action=renumberquestions&amp;sid=$surveyid&amp;style=bygroup")."}\" "
+            . "onclick=\"if (confirm('".$clang->gT("Are you sure you want to regenerate the question codes?\n\nWARNING:\nThis is safe if you only use the Conditions editor.\n\nHOWEVER, if you manually specified any relevance equations, regenerating the question codes will break all of that survey logic.","js")."')) {".get2post("$scriptname?action=renumberquestions&amp;sid=$surveyid&amp;style=bygroup")."}\" "
            . ">".$clang->gT("By Group")."</a>]";
            $surveysummary2 .= "</td></tr>\n";
        }
@@ -674,12 +770,36 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
        $surveysummary .= "</td></tr>\n"
        . "<tr><td align='right' valign='top'><strong>"
        . $clang->gT("Description:")."</strong></td>\n<td align='left'>";
-        if (trim($surveyinfo['surveyls_description'])!='') {$surveysummary .= " {$surveyinfo['surveyls_description']}";}
+
        LimeExpressionManager::StartProcessingPage(false,$rooturl,true);  // so can click on syntax highlighting to edit questions
        if (trim($surveyinfo['surveyls_description'])!='')
        {
            templatereplace($surveyinfo['surveyls_description']);
            $surveysummary .= LimeExpressionManager::GetLastPrettyPrintExpression();
        }
        $surveysummary .= "</td></tr>\n"
        . "<tr >\n"
        . "<td align='right' valign='top'><strong>"
        . $clang->gT("Welcome:")."</strong></td>\n"
-        . "<td align='left'> {$surveyinfo['surveyls_welcometext']}</td></tr>\n"
+        . "<td align='left'>";
        templatereplace($surveyinfo['surveyls_welcometext']);
        $surveysummary .= LimeExpressionManager::GetLastPrettyPrintExpression();
        if (trim($surveyinfo['surveyls_endtext'])!='')
        {
            $surveysummary .= "</td></tr>\n"
            . "<tr >\n"
            . "<td align='right' valign='top'><strong>"
            . $clang->gT("End message:")."</strong></td>\n"
            . "<td align='left'>";
            templatereplace($surveyinfo['surveyls_endtext']);
            $surveysummary .= LimeExpressionManager::GetLastPrettyPrintExpression();
        }
        $surveysummary .= "</td></tr>\n"
        . "<tr ><td align='right' valign='top'><strong>"
        . $clang->gT("Administrator:")."</strong></td>\n"
        . "<td align='left'> {$surveyinfo['admin']} ({$surveyinfo['adminemail']})</td></tr>\n";
@@ -753,7 +873,11 @@ $action!='vvimport' && $action!='vvexport' && $action!='exportresults')
        . "<td align='left'>";
        if ($surveyinfo['surveyls_url']!="")
        {
-            $surveysummary .=" <a target='_blank' href=\"".htmlspecialchars($surveyinfo['surveyls_url'])."\" title=\"".htmlspecialchars($surveyinfo['surveyls_url'])."\">{$surveyinfo['surveyls_urldescription']}</a>";
+            templatereplace($surveyinfo['surveyls_url']);
            $_url = htmlspecialchars(strip_tags(LimeExpressionManager::GetLastPrettyPrintExpression()));
            templatereplace($surveyinfo['surveyls_urldescription']);
            $_desc = LimeExpressionManager::GetLastPrettyPrintExpression();
            $surveysummary .=" <a target='_blank' href=\"".$_url."\" title=\"".$_url."\">{$_desc}</a>";
        }
        else
        {
@@ -815,9 +939,6 @@ if (isset($surveyid) && $surveyid && $gid )   // Show the group toolbar
 	language='".$baselang."' ORDER BY ".db_table_name('groups').".group_order";
    $grpresult = db_execute_assoc($grpquery); //Checked
    // Check if other questions/groups are dependent upon this group
    $condarray=GetGroupDepsForConditions($surveyid,"all",$gid,"by-targgid");
    $groupsummary = "<div class='menubar'>\n"
    . "<div class='menubar-title ui-widget-header'>\n";
@@ -860,6 +981,14 @@ if (isset($surveyid) && $surveyid && $gid )   // Show the group toolbar
            . "<img src='$imageurl/edit.png' alt='".$clang->gT("Edit current question group")."' name='EditGroup' /></a>\n" ;
        }
        // QUALITY ASSURANCE BUTTON - SHOW LOGIC FILE FOR THIS QUESTION GROUP
        if(bHasSurveyPermission($surveyid,'translations','read'))
        {
            $groupsummary .= "<img src='$imageurl/seperator.gif' alt=''  />\n"
            . "<a href=\"#\" onclick=\"window.open('$scriptname?action=showlogicfile&amp;sid=$surveyid&amp;gid=$gid','_blank')\""
            . " title=\"".$clang->gTview("Survey logic file for current question group")."\">"
            . "<img src='$imageurl/quality_assurance.png' alt='".$clang->gT("Survey logic file for current question group")."' name='ShowGroupLogicFile' /></a>\n" ;
        }
        // DELETE CURRENT QUESTION GROUP BUTTON
@@ -867,20 +996,9 @@ if (isset($surveyid) && $surveyid && $gid )   // Show the group toolbar
        {
            if ((($sumcount4 == 0 && $activated != "Y") || $activated != "Y"))
            {
                if (is_null($condarray))
                {
                    //				$groupsummary .= "<a href='$scriptname?action=delgroup&amp;sid=$surveyid&amp;gid=$gid' onclick=\"return confirm('".$clang->gT("Deleting this group will also delete any questions and answers it contains. Are you sure you want to continue?","js")."')\""
                    $groupsummary .= "<a href='#' onclick=\"if (confirm('".$clang->gT("Deleting this group will also delete any questions and answers it contains. Are you sure you want to continue?","js")."')) {".get2post("$scriptname?action=delgroup&amp;sid=$surveyid&amp;gid=$gid")."}\""
                    . " title=\"".$clang->gTview("Delete current question group")."\">"
                    . "<img src='$imageurl/delete.png' alt='".$clang->gT("Delete current question group")."' name='DeleteWholeGroup' title=''  /></a>\n";
                    //get2post("$scriptname?action=delgroup&amp;sid=$surveyid&amp;gid=$gid");
                }
                else
                {
                    $groupsummary .= "<a href='$scriptname?sid=$surveyid&amp;gid=$gid' onclick=\"alert('".$clang->gT("Impossible to delete this group because there is at least one question having a condition on its content","js")."')\""
                    . " title=\"".$clang->gTview("Delete current question group")."\">"
                    . "<img src='$imageurl/delete_disabled.png' alt='".$clang->gT("Delete current question group")."' name='DeleteWholeGroup' /></a>\n";
                }
            }
            else
            {
@@ -906,8 +1024,6 @@ if (isset($surveyid) && $surveyid && $gid )   // Show the group toolbar
            $groupsummary .= "<img src='$imageurl/seperator.gif' alt='' />\n";
            if($activated!="Y" && getQuestionSum($surveyid, $gid)>1)
            {
 //                $groupsummary .= "<img src='$imageurl/blank.gif' alt='' width='40' />\n";
 //                $groupsummary .= "<img src='$imageurl/seperator.gif' alt='' />\n";
                $groupsummary .= "<a href='$scriptname?action=orderquestions&amp;sid=$surveyid&amp;gid=$gid' title=\"".$clang->gTview("Change Question Order")."\" >"
                . "<img src='$imageurl/reorder.png' alt='".$clang->gT("Change Question Order")."' name='updatequestionorder' /></a>\n" ;
            }
@@ -1010,25 +1126,20 @@ if (isset($surveyid) && $surveyid && $gid )   // Show the group toolbar
        . "{$grow['group_name']} ({$grow['gid']})</td></tr>\n"
        . "<tr><td valign='top' align='right'><strong>"
        . $clang->gT("Description:")."</strong></td>\n<td align='left'>";
-        if (trim($grow['description'])!='') {$groupsummary .=$grow['description'];}
+        if (trim($grow['description'])!='')
        {
            templatereplace($grow['description']);
            $groupsummary .= LimeExpressionManager::GetLastPrettyPrintExpression();
        }
        if (trim($grow['grelevance'])!='')
        {
            $groupsummary .= "</td><tr><td valign='top' align='right'><strong>";
            $groupsummary .= $clang->gT("Relevance:")."</td>\n<td align='left'>";
            templatereplace('{' . $grow['grelevance'] . '}');
            $groupsummary .= LimeExpressionManager::GetLastPrettyPrintExpression();
        }
        $groupsummary .= "</td></tr>\n";
        if (!is_null($condarray))
        {
            $groupsummary .= "<tr><td align='right'><strong>"
            . $clang->gT("Questions with conditions to this group").":</strong></td>\n"
            . "<td valign='bottom' align='left'>";
            foreach ($condarray[$gid] as $depgid => $deprow)
            {
                foreach ($deprow['conditions'] as $depqid => $depcid)
                {
                    //$groupsummary .= "[QID: ".$depqid."]";
                    $listcid=implode("-",$depcid);
                    $groupsummary .= " <a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;gid=".$depgid."&amp;qid=".$depqid."&amp;action=conditions&amp;markcid=".$listcid."','_self')\">[QID: ".$depqid."]</a>";
                }
            }
            $groupsummary .= "</td></tr>";
        }
    }
    $groupsummary .= "\n</table>\n";
 }
@@ -1055,18 +1166,12 @@ if (isset($surveyid) && $surveyid && $gid && $qid)  // Show the question toolbar
    $qrresult = db_execute_assoc($qrquery) or safe_die($qrquery."<br />".$connect->ErrorMsg()); //Checked
    $questionsummary = "<div class='menubar'>\n";
    // Check if other questions in the Survey are dependent upon this question
    $condarray=GetQuestDepsForConditions($surveyid,"all","all",$qid,"by-targqid","outsidegroup");
    // PREVIEW THIS QUESTION BUTTON
    while ($qrrow = $qrresult->FetchRow())
    {
        $qrrow = array_map('FlattenText', $qrrow);
        //$qrrow = array_map('htmlspecialchars', $qrrow);
        $questionsummary .= "<div class='menubar-title ui-widget-header'>\n"
-        . "<strong>". $clang->gT("Question")."</strong> <span class='basic'>{$qrrow['question']} (".$clang->gT("ID").":$qid)</span>\n"
+        . "<strong>". $clang->gT("Question")."</strong> <span class='basic'>".FlattenText($qrrow['question'])." (".$clang->gT("ID").":$qid)</span>\n"
        . "</div>\n"
        . "<div class='menubar-main'>\n"
        . "<div class='menubar-left'>\n"
@@ -1101,41 +1206,34 @@ if (isset($surveyid) && $surveyid && $gid && $qid)  // Show the question toolbar
            }
        }
        // SEPARATOR
 //        $questionsummary .= "<img src='$imageurl/blank.gif' alt='' width='117' height='20'  />\n";
        // EDIT CURRENT QUESTION BUTTON
        if(bHasSurveyPermission($surveyid,'surveycontent','update'))
        {
            $questionsummary .= ""
 //            ."<img src='$imageurl/seperator.gif' alt='' />\n"
            . "<a href='$scriptname?action=editquestion&amp;sid=$surveyid&amp;gid=$gid&amp;qid=$qid'"
            . " title=\"".$clang->gTview("Edit current question")."\">"
            . "<img src='$imageurl/edit.png' alt='".$clang->gT("Edit Current Question")."' name='EditQuestion' /></a>\n" ;
        }
        // QUALITY ASSURANCE BUTTON - SHOW LOGIC FILE FOR THIS QUESTION GROUP
        if(bHasSurveyPermission($surveyid,'translations','read'))
        {
            $questionsummary .= "<img src='$imageurl/seperator.gif' alt=''  />\n"
            . "<a href=\"#\" onclick=\"window.open('$scriptname?action=showlogicfile&amp;sid=$surveyid&amp;gid=$gid&amp;qid=$qid','_blank')\""
            . " title=\"".$clang->gTview("Survey logic file for current question")."\">"
            . "<img src='$imageurl/quality_assurance.png' alt='".$clang->gT("Survey logic file for current question")."' name='ShowQuestionLogicFile' /></a>\n" ;
        }
        // DELETE CURRENT QUESTION BUTTON
        if ((($qct == 0 && $activated != "Y") || $activated != "Y") && bHasSurveyPermission($surveyid,'surveycontent','delete'))
        {
            if (is_null($condarray))
            {
                $questionsummary .= "<a href='#'" .
 				"onclick=\"if (confirm('".$clang->gT("Deleting this question will also delete any answer options and subquestions it includes. Are you sure you want to continue?","js")."')) {".get2post("$scriptname?action=delquestion&amp;sid=$surveyid&amp;gid=$gid&amp;qid=$qid")."}\">"
 				. "<img src='$imageurl/delete.png' name='DeleteWholeQuestion' alt='".$clang->gT("Delete current question")."' "
 				. "border='0' hspace='0' /></a>\n";
            }
            else
            {
                $questionsummary .= "<a href='$scriptname?sid=$surveyid&amp;gid=$gid&amp;qid=$qid'" .
 				"onclick=\"alert('".$clang->gT("It's impossible to delete this question because there is at least one question having a condition on it.","js")."')\""
 				. "title=\"".$clang->gTview("Disabled - Delete current question")."\">"
 				. "<img src='$imageurl/delete_disabled.png' name='DeleteWholeQuestion' alt='".$clang->gT("Disabled - Delete current question")."' /></a>\n";
            }
        }
        else {$questionsummary .= "<img src='$imageurl/blank.gif' alt='' width='40' />\n";}
@@ -1265,11 +1363,22 @@ if (isset($surveyid) && $surveyid && $gid && $qid)  // Show the question toolbar
            else {$questionsummary .= ": (<i>".$clang->gT("Optional Question")."</i>)";}
        }
        $questionsummary .= "</td></tr>\n"
-        . "<tr><td align='right' valign='top'><strong>"
+        . "<tr><td align='right' valign='top'><strong>";
-        . $clang->gT("Question:")."</strong></td>\n<td align='left'>".$qrrow['question']."</td></tr>\n"
+        $questionsummary .= $clang->gT("Question:") . "</strong></td>\n<td align='left'>";
        // Color code the question, help, and relevance
        templatereplace($qrrow['question'],false,false,$qid);
        $questionsummary .= FlattenText(LimeExpressionManager::GetLastPrettyPrintExpression(), false, 'UTF-8', true, true);
        $questionsummary .= "</td></tr>\n"
        . "<tr><td align='right' valign='top'><strong>"
        . $clang->gT("Help:")."</strong></td>\n<td align='left'>";
-        if (trim($qrrow['help'])!=''){$questionsummary .= $qrrow['help'];}
+        if (trim($qrrow['help'])!='')
        {
            templatereplace($qrrow['help'],false,false,$qid);
            $questionsummary .= FlattenText(LimeExpressionManager::GetLastPrettyPrintExpression(), false, 'UTF-8', true, true);
        }
        $questionsummary .= "</td></tr>\n";
        if ($qrrow['preg'])
        {
@@ -1318,22 +1427,25 @@ if (isset($surveyid) && $surveyid && $gid && $qid)  // Show the question toolbar
            $questionsummary .= ($qrrow['mandatory'] == "Y") ? ($clang->gT("Yes")) : ($clang->gT("No")) ;
            $questionsummary .= "</td></tr>\n";
        }
-        if (!is_null($condarray))
+        if (is_null($qrrow['relevance']) || trim($qrrow['relevance']) == '')
        {
            $rel2show = 1;
        }
        else
        {
            LimeExpressionManager::ProcessString("{" . $qrrow['relevance'] . "}", $qid);    // tests Relevance equation so can pretty-print it
            $rel2show = LimeExpressionManager::GetLastPrettyPrintExpression();
            $questionsummary .= "<tr>"
            . "<td align='right' valign='top'><strong>"
-            . $clang->gT("Other questions having conditions on this question:")
+            . $clang->gT("Relevance:")."</strong></td>\n"
-            . "</strong></td>\n<td align='left' valign='bottom'>\n";
+            . "<td align='left'>";
-            foreach ($condarray[$qid] as $depqid => $depcid)
+            $questionsummary .= $rel2show;
-            {
+            $questionsummary .= "</td></tr>\n";
                $listcid=implode("-",$depcid);
                $questionsummary .= " <a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;qid=".$depqid."&amp;action=conditions&amp;markcid=".$listcid."','_self')\">[QID: ".$depqid."]</a>";
            }
            $questionsummary .= "</td></tr>";
        }
        $questionsummary .= "</table>";
    }
 }
 LimeExpressionManager::FinishProcessingPage();
 // ============= EDIT ANSWER OPTIONS=====================================
@@ -1362,12 +1474,6 @@ if($action == "addsurveysecurity")
    $addsummary = "<div class='header ui-widget-header'>".$clang->gT("Add User")."</div>\n";
    $addsummary .= "<div class=\"messagebox ui-corner-all\">\n";
    $query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID']." AND owner_id != ".$postuserid;
    $result = db_execute_assoc($query); //Checked
    if( ($result->RecordCount() > 0 && in_array($postuserid,getuserlist('onlyuidarray'))) ||
    $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
    {
        if($postuserid > 0){
            $isrquery = "INSERT INTO {$dbprefix}survey_permissions (sid,uid,permission,read_p) VALUES ({$surveyid},{$postuserid},'survey',1)";
@@ -1396,11 +1502,6 @@ if($action == "addsurveysecurity")
            . "<br />" . $clang->gT("No Username selected.")."<br />\n";
            $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?sid={$surveyid}&amp;action=surveysecurity', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
        }
    }
    else
    {
        include("access_denied.php");
    }
    $addsummary .= "</div>\n";
 }
@@ -1410,57 +1511,48 @@ if($action == "addusergroupsurveysecurity")
    $addsummary = "<div class=\"header\">".$clang->gT("Add user group")."</div>\n";
    $addsummary .= "<div class=\"messagebox ui-corner-all\" >\n";
-    $query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID'];
+    if($postusergroupid > 0){
-    $result = db_execute_assoc($query); //Checked
+        $query2 = "SELECT b.uid FROM (SELECT uid FROM ".db_table_name('survey_permissions')." WHERE sid = {$surveyid}) AS c RIGHT JOIN ".db_table_name('user_in_groups')." AS b ON b.uid = c.uid WHERE c.uid IS NULL AND b.ugid = {$postusergroupid}";
-    if( ($result->RecordCount() > 0 && in_array($postusergroupid,getsurveyusergrouplist('simpleugidarray'))) || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
+        $result2 = db_execute_assoc($query2); //Checked
-    {
+        if($result2->RecordCount() > 0)
-        if($postusergroupid > 0){
+        {
-            $query2 = "SELECT b.uid FROM (SELECT uid FROM ".db_table_name('survey_permissions')." WHERE sid = {$surveyid}) AS c RIGHT JOIN ".db_table_name('user_in_groups')." AS b ON b.uid = c.uid WHERE c.uid IS NULL AND b.ugid = {$postusergroupid}";
+            while ($row2 = $result2->FetchRow())
            $result2 = db_execute_assoc($query2); //Checked
            if($result2->RecordCount() > 0)
            {
-                while ($row2 = $result2->FetchRow())
+                $uid_arr[] = $row2['uid'];
-                {
+                $isrquery = "INSERT INTO {$dbprefix}survey_permissions (sid,uid,permission,read_p) VALUES ({$surveyid}, {$row2['uid']},'survey',1) ";
-                    $uid_arr[] = $row2['uid'];
+                $isrresult = $connect->Execute($isrquery); //Checked
-                    $isrquery = "INSERT INTO {$dbprefix}survey_permissions (sid,uid,permission,read_p) VALUES ({$surveyid}, {$row2['uid']},'survey',1) ";
+                if (!$isrresult) break;
-                    $isrresult = $connect->Execute($isrquery); //Checked
+            }
                    if (!$isrresult) break;
                }
-                if($isrresult)
+            if($isrresult)
-                {
+            {
-                    $addsummary .= "<div class=\"successheader\">".$clang->gT("User Group added.")."</div>\n";
+                $addsummary .= "<div class=\"successheader\">".$clang->gT("User Group added.")."</div>\n";
-                    $_SESSION['uids'] = $uid_arr;
+                $_SESSION['uids'] = $uid_arr;
-                    $addsummary .= "<br /><form method='post' action='$scriptname?sid={$surveyid}'>"
+                $addsummary .= "<br /><form method='post' action='$scriptname?sid={$surveyid}'>"
                    ."<input type='submit' value='".$clang->gT("Set Survey Rights")."' />"
                    ."<input type='hidden' name='action' value='setusergroupsurveysecurity' />"
                    ."<input type='hidden' name='ugid' value='{$postusergroupid}' />"
                    ."</form>\n";
                }
                else
                {
                    // Error while adding user to the database
                    $addsummary .= "<div class=\"warningheader\">".$clang->gT("Failed to add User Group.")."</div>\n";
                    $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?action=surveysecurity&amp;sid={$surveyid}', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
                }
            }
            else
            {
-                // no user to add
+                // Error while adding user to the database
                $addsummary .= "<div class=\"warningheader\">".$clang->gT("Failed to add User Group.")."</div>\n";
                $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?action=surveysecurity&amp;sid={$surveyid}', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
            }
        }
        else
        {
-            $addsummary .= "<div class=\"warningheader\">".$clang->gT("Failed to add user.")."</div>\n"
+            // no user to add
-            . "<br />" . $clang->gT("No Username selected.")."<br />\n";
+            $addsummary .= "<div class=\"warningheader\">".$clang->gT("Failed to add User Group.")."</div>\n";
            $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?action=surveysecurity&amp;sid={$surveyid}', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
        }
    }
    else
    {
-        include("access_denied.php");
+        $addsummary .= "<div class=\"warningheader\">".$clang->gT("Failed to add user.")."</div>\n"
            . "<br />" . $clang->gT("No Username selected.")."<br />\n";
        $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?action=surveysecurity&amp;sid={$surveyid}', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
    }
    $addsummary .= "</div>\n";
 }
@@ -1470,57 +1562,40 @@ if($action == "delsurveysecurity")
    $addsummary = "<div class=\"header\">".$clang->gT("Deleting User")."</div>\n";
    $addsummary .= "<div class=\"messagebox\">\n";
-    $query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID']." AND owner_id != ".$postuserid;
+    if (isset($postuserid))
    $result = db_execute_assoc($query); //Checked
    if($result->RecordCount() > 0 || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
    {
-        if (isset($postuserid))
+        $dquery="DELETE FROM".db_table_name('survey_permissions')." WHERE uid={$postuserid} AND sid={$surveyid}";	//	added by Dennis
-        {
+        $dresult=$connect->Execute($dquery); //Checked
            $dquery="DELETE FROM".db_table_name('survey_permissions')." WHERE uid={$postuserid} AND sid={$surveyid}";	//	added by Dennis
            $dresult=$connect->Execute($dquery); //Checked
-            $addsummary .= "<br />".$clang->gT("Username").": ".sanitize_xss_string($_POST['user'])."<br /><br />\n";
+        $addsummary .= "<br />".$clang->gT("Username").": ".sanitize_xss_string($_POST['user'])."<br /><br />\n";
-            $addsummary .= "<div class=\"successheader\">".$clang->gT("Success!")."</div>\n";
+        $addsummary .= "<div class=\"successheader\">".$clang->gT("Success!")."</div>\n";
        }
        else
        {
            $addsummary .= "<div class=\"warningheader\">".$clang->gT("Could not delete user. User was not supplied.")."</div>\n";
        }
        $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?sid={$surveyid}&amp;action=surveysecurity', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
    }
    else
    {
-        include("access_denied.php");
+        $addsummary .= "<div class=\"warningheader\">".$clang->gT("Could not delete user. User was not supplied.")."</div>\n";
    }
    $addsummary .= "<br/><input type=\"submit\" onclick=\"window.open('$scriptname?sid={$surveyid}&amp;action=surveysecurity', '_self')\" value=\"".$clang->gT("Continue")."\"/>\n";
    $addsummary .= "</div>\n";
 }
 if($action == "setsurveysecurity" || $action == "setusergroupsurveysecurity")
 {
-    $query = "SELECT sid, owner_id FROM ".db_table_name('surveys')." WHERE sid = {$surveyid} AND owner_id = ".$_SESSION['loginID'];
+    $js_admin_includes[]='../scripts/jquery/jquery.tablesorter.min.js';
    $js_admin_includes[]='scripts/surveysecurity.js';
    if ($action == "setsurveysecurity")
    {
-      $query.=  " AND owner_id != ".$postuserid;
+        $sUsername=$connect->GetOne("select users_name from ".db_table_name('users')." where uid={$postuserid}");
        $usersummary = "<div class='header ui-widget-header'>".sprintf($clang->gT("Edit survey permissions for user %s"),"<span style='font-style:italic'>".$sUsername."</span>")."</div>";
    }
-    $result = db_execute_assoc($query); //Checked
+    else
    if($result->RecordCount() > 0 || $_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
    {
-        $js_admin_includes[]='../scripts/jquery/jquery.tablesorter.min.js';
+        $sUsergroupName=$connect->GetOne("select name from ".db_table_name('user_groups')." where ugid={$postusergroupid}");
-        $js_admin_includes[]='scripts/surveysecurity.js';
+        $usersummary = "<div class='header ui-widget-header'>".sprintf($clang->gT("Edit survey permissions for group %s"),"<span style='font-style:italic'>".$sUsergroupName."</span>")."</div>";
-        if ($action == "setsurveysecurity")
+    }
-        {
+    $usersummary .= "<br /><form action='$scriptname?sid={$surveyid}' method='post'>\n"
            $sUsername=$connect->GetOne("select users_name from ".db_table_name('users')." where uid={$postuserid}");
            $usersummary = "<div class='header ui-widget-header'>".sprintf($clang->gT("Edit survey permissions for user %s"),"<span style='font-style:italic'>".$sUsername."</span>")."</div>";
        }
        else
        {
            $sUsergroupName=$connect->GetOne("select name from ".db_table_name('user_groups')." where ugid={$postusergroupid}");
            $usersummary = "<div class='header ui-widget-header'>".sprintf($clang->gT("Edit survey permissions for group %s"),"<span style='font-style:italic'>".$sUsergroupName."</span>")."</div>";
        }
        $usersummary .= "<br /><form action='$scriptname?sid={$surveyid}' method='post'>\n"
        . "<table style='margin:0 auto;' border='0' class='usersurveypermissions'><thead>\n";
-        $usersummary .= ""
+    $usersummary .= ""
        . "<tr><th></th><th align='center'>".$clang->gT("Permission")."</th>\n"
        . "<th align='center'><input type='button' id='btnToggleAdvanced' value='&gt;&gt;' /></th>\n"
        . "<th align='center' class='extended'>".$clang->gT("Create")."</th>\n"
@@ -1533,54 +1608,49 @@ if($action == "setsurveysecurity" || $action == "setusergroupsurveysecurity")
        //content
-        $aBasePermissions=aGetBaseSurveyPermissions();
+    $aBasePermissions=aGetBaseSurveyPermissions();
-        $oddcolumn=false;
+    $oddcolumn=false;
-        foreach($aBasePermissions as $sPermissionKey=>$aCRUDPermissions)
+    foreach($aBasePermissions as $sPermissionKey=>$aCRUDPermissions)
    {
        $oddcolumn=!$oddcolumn;
        $usersummary .= "<tr><td align='center'><img src='{$imageurl}/{$aCRUDPermissions['img']}_30.png' /></td>";
        $usersummary .= "<td align='right'>{$aCRUDPermissions['title']}</td>";
        $usersummary .= "<td  align='center'><input type=\"checkbox\"  class=\"markrow\" name='all_{$sPermissionKey}' /></td>";
        foreach ($aCRUDPermissions as $sCRUDKey=>$CRUDValue)
        {
-            $oddcolumn=!$oddcolumn;
+            if (!in_array($sCRUDKey,array('create','read','update','delete','import','export'))) continue;
-            $usersummary .= "<tr><td align='center'><img src='{$imageurl}/{$aCRUDPermissions['img']}_30.png' /></td>";
+            $usersummary .= "<td class='extended' align='center'>";
-            $usersummary .= "<td align='right'>{$aCRUDPermissions['title']}</td>";
+
-            $usersummary .= "<td  align='center'><input type=\"checkbox\"  class=\"markrow\" name='all_{$sPermissionKey}' /></td>";
+            if ($CRUDValue)
            foreach ($aCRUDPermissions as $sCRUDKey=>$CRUDValue)
            {
-                if (!in_array($sCRUDKey,array('create','read','update','delete','import','export'))) continue;
+                if (!($sPermissionKey=='survey' && $sCRUDKey=='read'))
                $usersummary .= "<td class='extended' align='center'>";
                if ($CRUDValue)
                {
-                    if (!($sPermissionKey=='survey' && $sCRUDKey=='read'))
+                    $usersummary .= "<input type=\"checkbox\"  class=\"checkboxbtn\" name='perm_{$sPermissionKey}_{$sCRUDKey}' ";
-                    {
+                    if($action=='setsurveysecurity' && bHasSurveyPermission( $surveyid,$sPermissionKey,$sCRUDKey,$postuserid)) {
-                        $usersummary .= "<input type=\"checkbox\"  class=\"checkboxbtn\" name='perm_{$sPermissionKey}_{$sCRUDKey}' ";
+                        $usersummary .= ' checked="checked" ';
                        if($action=='setsurveysecurity' && bHasSurveyPermission( $surveyid,$sPermissionKey,$sCRUDKey,$postuserid)) {
                            $usersummary .= ' checked="checked" ';
                        }
                        $usersummary .=" />";
                    }
                    $usersummary .=" />";
                }
                $usersummary .= "</td>";
            }
-            $usersummary .= "</tr>";
+            $usersummary .= "</td>";
        }
        $usersummary .= "</tr>";
    }
-        $usersummary .= "\n</table>"
+    $usersummary .= "\n</table>"
-        ."<p><input type='submit' value='".$clang->gT("Save Now")."' />"
+    ."<p><input type='submit' value='".$clang->gT("Save Now")."' />"
-        ."<input type='hidden' name='perm_survey_read' value='1' />"
+    ."<input type='hidden' name='perm_survey_read' value='1' />"
-        ."<input type='hidden' name='action' value='surveyrights' />";
+    ."<input type='hidden' name='action' value='surveyrights' />";
-        if ($action=='setsurveysecurity')
+    if ($action=='setsurveysecurity')
-        {
+    {
-            $usersummary .="<input type='hidden' name='uid' value='{$postuserid}' />";
+        $usersummary .="<input type='hidden' name='uid' value='{$postuserid}' />";
        }
        else
        {
            $usersummary .="<input type='hidden' name='ugid' value='{$postusergroupid}' />";
        }
        $usersummary .= "</form>\n";
    }
    else
    {
-        include("access_denied.php");
+        $usersummary .="<input type='hidden' name='ugid' value='{$postusergroupid}' />";
    }
    $usersummary .= "</form>\n";
 }
 // This is the action to export the structure of a complete survey
@@ -1792,18 +1862,24 @@ if($action == "surveysecurity")
                $surveysecurity .= "<tr>\n";
                $surveysecurity .= "<td>\n";
-                $surveysecurity .= "<form style='display:inline;' method='post' action='$scriptname?sid={$surveyid}'>"
+                if (bHasSurveyPermission($surveyid, 'surveysecurity', 'update'))
-                ."<input type='image' src='{$imageurl}/token_edit.png' title='".$clang->gT("Edit permissions")."' />"
+                {
-                ."<input type='hidden' name='action' value='setsurveysecurity' />"
+                    $surveysecurity .= "<form style='display:inline;' method='post' action='$scriptname?sid={$surveyid}'>"
-                ."<input type='hidden' name='user' value='{$PermissionRow['users_name']}' />"
+                    ."<input type='image' src='{$imageurl}/token_edit.png' title='".$clang->gT("Edit permissions")."' />"
-                ."<input type='hidden' name='uid' value='{$PermissionRow['uid']}' />"
+                    ."<input type='hidden' name='action' value='setsurveysecurity' />"
-                ."</form>\n";
+                    ."<input type='hidden' name='user' value='{$PermissionRow['users_name']}' />"
-                $surveysecurity .= "<form style='display:inline;' method='post' action='$scriptname?sid={$surveyid}'>"
+                    ."<input type='hidden' name='uid' value='{$PermissionRow['uid']}' />"
-                ."<input type='image' src='{$imageurl}/token_delete.png' title='".$clang->gT("Delete")."' onclick='return confirm(\"".$clang->gT("Are you sure you want to delete this entry?","js")."\")' />"
+                    ."</form>\n";
-                ."<input type='hidden' name='action' value='delsurveysecurity' />"
+                }
-                ."<input type='hidden' name='user' value='{$PermissionRow['users_name']}' />"
+                if (bHasSurveyPermission($surveyid, 'surveysecurity', 'delete'))
-                ."<input type='hidden' name='uid' value='{$PermissionRow['uid']}' />"
+                {
-                ."</form>";
+                    $surveysecurity .= "<form style='display:inline;' method='post' action='$scriptname?sid={$surveyid}'>"
                    ."<input type='image' src='{$imageurl}/token_delete.png' title='".$clang->gT("Delete")."' onclick='return confirm(\"".$clang->gT("Are you sure you want to delete this entry?","js")."\")' />"
                    ."<input type='hidden' name='action' value='delsurveysecurity' />"
                    ."<input type='hidden' name='user' value='{$PermissionRow['users_name']}' />"
                    ."<input type='hidden' name='uid' value='{$PermissionRow['uid']}' />"
                    ."</form>";
                }
                $surveysecurity .= "</td>\n";
@@ -1856,21 +1932,24 @@ if($action == "surveysecurity")
            $surveysecurity .= "<tr><td colspan='18'></td></tr>"; //fix error on empty table
        }
        $surveysecurity .= "</tbody>\n"
-        . "</table>\n"
+        . "</table>\n";
-        . "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul>\n"
+        if (bHasSurveyPermission($surveyid, 'surveysecurity', 'delete'))
-        . "<li><label for='uidselect'>".$clang->gT("User").": </label><select id='uidselect' name='uid'>\n"
+        {
-        . sGetSurveyUserlist(false,false)
+            $surveysecurity.= "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul>\n"
-        . "</select>\n"
+            . "<li><label for='uidselect'>".$clang->gT("User").": </label><select id='uidselect' name='uid'>\n"
-        . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User")."'  onclick=\"if (document.getElementById('uidselect').value == -1) {alert('".$clang->gT("Please select a user first","js")."'); return false;}\"/>"
+            . sGetSurveyUserlist(false,false)
-        . "<input type='hidden' name='action' value='addsurveysecurity' />"
+            . "</select>\n"
-        . "</li></ul></form>\n"
+            . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User")."'  onclick=\"if (document.getElementById('uidselect').value == -1) {alert('".$clang->gT("Please select a user first","js")."'); return false;}\"/>"
-        . "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul><li>\n"
+            . "<input type='hidden' name='action' value='addsurveysecurity' />"
-        . "<label for='ugidselect'>".$clang->gT("Groups").": </label><select id='ugidselect' name='ugid'>\n"
+            . "</li></ul></form>\n"
-        . getsurveyusergrouplist()
+            . "<form class='form44' action='$scriptname?sid={$surveyid}' method='post'><ul><li>\n"
-        . "</select>\n"
+            . "<label for='ugidselect'>".$clang->gT("Groups").": </label><select id='ugidselect' name='ugid'>\n"
-        . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User Group")."' onclick=\"if (document.getElementById('ugidselect').value == -1) {alert('".$clang->gT("Please select a user group first","js")."'); return false;}\" />"
+            . getsurveyusergrouplist()
-        . "<input type='hidden' name='action' value='addusergroupsurveysecurity' />\n"
+            . "</select>\n"
-        . "</li></ul></form>";
+            . "<input style='width: 15em;' type='submit' value='".$clang->gT("Add User Group")."' onclick=\"if (document.getElementById('ugidselect').value == -1) {alert('".$clang->gT("Please select a user group first","js")."'); return false;}\" />"
            . "<input type='hidden' name='action' value='addusergroupsurveysecurity' />\n"
            . "</li></ul></form>";
        }
    }
    else
@@ -2038,13 +2117,12 @@ function showadminmenu()
        . "</strong>\n";
    }
    $adminmenu  .="</div>\n";
-/*
+/* queXS Disable
-	//queXS Disable
+    if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1 && isset($updatelastcheck) && $updatelastcheck>0 && isset($updateavailable) && $updateavailable==1)
    if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 && isset($updatelastcheck) && $updatelastcheck>0 && isset($updateavailable) && $updateavailable==1)
    {
        $adminmenu  .="<div class='menubar-title-right'><a href='{$scriptname}?action=globalsettings'>".sprintf($clang->gT('Update available: %s'),$updateversion."($updatebuild)").'</a></div>';
    }
-*/
+end queXS Disable */
    $adminmenu .= "</div>\n"
    . "<div class='menubar-main'>\n"
    . "<div class='menubar-left'>\n"
@@ -2061,7 +2139,7 @@ function showadminmenu()
    $adminmenu .="<a href=\"#\" onclick=\"window.open('{$scriptname}?action=editusergroups', '_self')\" title=\"".$clang->gTview("Create/Edit Groups")."\" >"
    ."<img src='{$imageurl}/usergroup.png' alt='".$clang->gT("Create/Edit Groups")."' /></a>\n" ;
-    if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
+    if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
    {
        $adminmenu .= "<a href=\"#\" onclick=\"window.open('{$scriptname}?action=globalsettings', '_self')\" title=\"".$clang->gTview("Global settings")."\" >"
        . "<img src='{$imageurl}/global.png' name='GlobalSettings' alt='". $clang->gT("Global settings")."' /></a>"
@@ -2079,8 +2157,8 @@ function showadminmenu()
    ."<img src='$imageurl/surveylist.png' name='ListSurveys' alt='".$clang->gT("List Surveys")."' />"
    ."</a>" ;
-    // db backup & label editor
+    // db backup : limit only to SUPERADMIN, else user have all access to whole survey's and user information.
-    if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
+    if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
    {
        if ($databasetype=='mysql' || $databasetype=='mysqli')
        {
--- a/include/limesurvey/admin/html_functions.php
+++ b/include/limesurvey/admin/html_functions.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: html_functions.php 9668 2010-12-21 00:49:44Z c_schmitz $
+ * $Id: html_functions.php 12211 2012-01-26 17:02:27Z shnoulle $
 */
 function browsemenubar($title='')
 {
@@ -147,4 +147,15 @@ function browsemenubar($title='')
    return $browsemenubar;
 }
-
+function getQuestionlistMode(){
    global $defaultquestionselectormode;
    //TODO : put it on globalsettings $defaultquestionselectormode=getGlobalSetting('defaultquestionselectormode');
    if (isset($_SESSION['questionselectormode']) && ($_SESSION['questionselectormode']=='full' || $_SESSION['questionselectormode']=='none'))
    {
        return $_SESSION['questionselectormode'];
    }
    else
    {
    return $defaultquestionselectormode;
    }
 }
--- a/include/limesurvey/admin/htmleditor-functions.php
+++ b/include/limesurvey/admin/htmleditor-functions.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: htmleditor-functions.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: htmleditor-functions.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 //include_once("login_check.php");
--- a/include/limesurvey/admin/htmleditor-popup.php
+++ b/include/limesurvey/admin/htmleditor-popup.php
@@ -10,14 +10,15 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
 * $Id: htmleditor-popup.php 10925 2011-09-02 14:12:02Z c_schmitz $
 */
-//Ensure script is not run directly, avoid path disclosure
+require_once(dirname(__FILE__).'/../classes/core/startup.php');
 //include_once("login_check.php");
 require_once(dirname(__FILE__).'/../config-defaults.php');
 require_once(dirname(__FILE__).'/../common.php');
 require_once('login_check.php');
 if (!isset($_SESSION['loginID'])) die();
 if (!isset($_GET['lang']))
 {
@@ -28,6 +29,7 @@ else
    $clang = new limesurvey_lang($_GET['lang']);
 }
 if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
 {
    $output = '
@@ -57,8 +59,11 @@ if (!isset($_GET['fieldname']) || !isset($_GET['fieldtext']))
 	</html>';
 }
 else {
-    $fieldname=$_GET['fieldname'];
+    require_once("../classes/inputfilter/class.inputfilter_clean.php");
-    $fieldtext=$_GET['fieldtext'];
+    $oFilter = new InputFilter('','',1,1,1);
    $fieldname=$oFilter->process($_GET['fieldname']);
    $fieldtext=$oFilter->process($_GET['fieldtext']);
    if (get_magic_quotes_gpc()) $fieldtext = stripslashes($fieldtext);
    $controlidena=$_GET['fieldname'].'_popupctrlena';
    $controliddis=$_GET['fieldname'].'_popupctrldis';
@@ -186,4 +191,5 @@ else {
 }
 echo $output;
-?>
+
 // Yes, closing PHP tag was intentionally left out
--- a/include/limesurvey/admin/http_importsurvey.php
+++ b/include/limesurvey/admin/http_importsurvey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: http_importsurvey.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: http_importsurvey.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
 // Ensure script is not run directly, avoid path disclosure
@@ -40,7 +40,7 @@ $importerror=false; // Put a var for continue
 if ($action == 'importsurvey')
 {
-    $the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
+    $the_full_file_path = $tempdir . "/" . sRandomChars(20).'_'.$_FILES['the_file']['name'];
    if (!@move_uploaded_file($_FILES['the_file']['tmp_name'], $the_full_file_path))
    {
        $importsurvey .= "<div class='errorheader'>".$clang->gT("Error")."</div>\n";
--- a/include/limesurvey/admin/import_functions.php
+++ b/include/limesurvey/admin/import_functions.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- *	$Id: import_functions.php 9586 2010-12-06 03:08:07Z c_schmitz $
+ *	$Id: import_functions.php 11664 2011-12-16 05:19:42Z tmswhite $
 *	Files Purpose:
 */
@@ -1061,6 +1061,9 @@ function CSVImportSurvey($sFullFilepath,$iDesiredSurveyId=NULL)
        }
    }
    LimeExpressionManager::RevertUpgradeConditionsToRelevance($newsid);
    LimeExpressionManager::UpgradeConditionsToRelevance($newsid);
    $importresults['importversion']=$importversion;
    $importresults['newsid']=$newsid;
    $importresults['oldsid']=$oldsid;
@@ -1078,6 +1081,7 @@ function XMLImportSurvey($sFullFilepath,$sXMLdata=NULL,$sNewSurveyName=NULL,$iDe
 {
    global $connect, $dbprefix, $clang, $timeadjust;
    $iDesiredSurveyId=intval($iDesiredSurveyId);
    $results['error']=false;
    if ($sXMLdata == NULL)
    {
@@ -1098,7 +1102,7 @@ function XMLImportSurvey($sFullFilepath,$sXMLdata=NULL,$sNewSurveyName=NULL,$iDe
        //echo $clang->gT("This is VALID LimeSurvey survey structure XML file.");
        //return $results;
    }
-    $dbversion = (int) $xml->DBVersion;
+    $dbversion = (float) $xml->DBVersion;
    $aQIDReplacements=array();
    $aQuotaReplacements=array();
    $results['defaultvalues']=0;
@@ -1578,6 +1582,10 @@ function XMLImportSurvey($sFullFilepath,$sXMLdata=NULL,$sNewSurveyName=NULL,$iDe
        TranslateInsertansTags($newsid,$oldsid,$aOldNewFieldmap);
    }
    LimeExpressionManager::RevertUpgradeConditionsToRelevance($newsid);
    LimeExpressionManager::UpgradeConditionsToRelevance($newsid);
    LimeExpressionManager::SetSurveyId($newsid);
    return $results;
 }
--- a/include/limesurvey/admin/import_resources_zip.php
+++ b/include/limesurvey/admin/import_resources_zip.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: import_resources_zip.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: import_resources_zip.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
--- a/include/limesurvey/admin/importgroup.php
+++ b/include/limesurvey/admin/importgroup.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: importgroup.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: importgroup.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -863,6 +863,9 @@ function CSVImportGroup($sFullFilepath, $newsid)
            $results['conditions']++;
        }
    }
    LimeExpressionManager::RevertUpgradeConditionsToRelevance($newsid);
    LimeExpressionManager::UpgradeConditionsToRelevance($newsid);
    $results['groups']=1;
    $results['newgid']=$newgid;
    return $results;
@@ -886,7 +889,7 @@ function XMLImportGroup($sFullFilepath, $newsid)
    $xml = @simplexml_load_file($sFullFilepath);
    if ($xml==false || $xml->LimeSurveyDocType!='Group') safe_die('This is not a valid LimeSurvey group structure XML file.');
-    $dbversion = (int) $xml->DBVersion;
+    $dbversion = (float) $xml->DBVersion;
    $aQIDReplacements=array();
    $results['defaultvalues']=0;
    $results['answers']=0;
@@ -904,7 +907,7 @@ function XMLImportGroup($sFullFilepath, $newsid)
    if (!in_array($sBaseLanguage,$importlanguages))
    {
        $results['fatalerror'] = $clang->gT("The languages of the imported group file must at least include the base language of this survey.");
-        return;
+        return $results;
    }
    // First get an overview of fieldnames - it's not useful for the moment but might be with newer versions
    /*
@@ -970,40 +973,43 @@ function XMLImportGroup($sFullFilepath, $newsid)
    // then for subquestions (because we need to determine the new qids for the main questions first)
    $tablename=$dbprefix.'questions';
    $results['questions']=0;
-    foreach ($xml->questions->rows->row as $row)
+    if (isset($xml->questions))
    {
-       $insertdata=array(); 
+        foreach ($xml->questions->rows->row as $row)
        foreach ($row as $key=>$value)
        {
-            $insertdata[(string)$key]=(string)$value;
+           $insertdata=array();
-        }
+            foreach ($row as $key=>$value)
-        $oldsid=$insertdata['sid'];
+            {
-        $insertdata['sid']=$newsid;
+                $insertdata[(string)$key]=(string)$value;
-        if (!isset($aGIDReplacements[$insertdata['gid']]) || trim($insertdata['title'])=='') continue; // Skip questions with invalid group id
+            }
-        $insertdata['gid']=$aGIDReplacements[$insertdata['gid']];
+            $oldsid=$insertdata['sid'];
-        $oldqid=$insertdata['qid']; unset($insertdata['qid']); // save the old qid
+            $insertdata['sid']=$newsid;
            if (!isset($aGIDReplacements[$insertdata['gid']]) || trim($insertdata['title'])=='') continue; // Skip questions with invalid group id
            $insertdata['gid']=$aGIDReplacements[$insertdata['gid']];
            $oldqid=$insertdata['qid']; unset($insertdata['qid']); // save the old qid
-        // now translate any links
+            // now translate any links
-        $insertdata['title']=translink('survey', $oldsid, $newsid, $insertdata['title']);
+            $insertdata['title']=translink('survey', $oldsid, $newsid, $insertdata['title']);
-        $insertdata['question']=translink('survey', $oldsid, $newsid, $insertdata['question']);
+            $insertdata['question']=translink('survey', $oldsid, $newsid, $insertdata['question']);
-        $insertdata['help']=translink('survey', $oldsid, $newsid, $insertdata['help']);
+            $insertdata['help']=translink('survey', $oldsid, $newsid, $insertdata['help']);
-        // Insert the new question    
+            // Insert the new question
-        if (isset($aQIDReplacements[$oldqid]))
+            if (isset($aQIDReplacements[$oldqid]))
-        {
+            {
-           $insertdata['qid']=$aQIDReplacements[$oldqid];
+               $insertdata['qid']=$aQIDReplacements[$oldqid];
-           db_switchIDInsert('questions',true);
+               db_switchIDInsert('questions',true);
-        }   
+            }
-        $query=$connect->GetInsertSQL($tablename,$insertdata); 
+            $query=$connect->GetInsertSQL($tablename,$insertdata);
-        $result = $connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />{$query}<br />\n".$connect->ErrorMsg());
+            $result = $connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />{$query}<br />\n".$connect->ErrorMsg());
-        if (!isset($aQIDReplacements[$oldqid]))
+            if (!isset($aQIDReplacements[$oldqid]))
-        {
+            {
-            $newqid=$connect->Insert_ID($tablename,"qid"); // save this for later
+                $newqid=$connect->Insert_ID($tablename,"qid"); // save this for later
-            $aQIDReplacements[$oldqid]=$newqid; // add old and new qid to the mapping array
+                $aQIDReplacements[$oldqid]=$newqid; // add old and new qid to the mapping array
-            $results['questions']++;
+                $results['questions']++;
-        }
+            }
-        else
+            else
-        {
+            {
-           db_switchIDInsert('questions',false);
+               db_switchIDInsert('questions',false);
            }
        }
    }
@@ -1028,7 +1034,7 @@ function XMLImportGroup($sFullFilepath, $newsid)
            // now translate any links
            $insertdata['title']=translink('survey', $oldsid, $newsid, $insertdata['title']);
            $insertdata['question']=translink('survey', $oldsid, $newsid, $insertdata['question']);
-            $insertdata['help']=translink('survey', $oldsid, $newsid, $insertdata['help']);
+            $insertdata['help']=(isset($insertdata['help']) ? translink('survey', $oldsid, $newsid, $insertdata['help']) : '');
            if (isset($aQIDReplacements[$oldsqid])){
               $insertdata['qid']=$aQIDReplacements[$oldsqid];
               db_switchIDInsert('questions',true);
@@ -1111,11 +1117,18 @@ function XMLImportGroup($sFullFilepath, $newsid)
                $insertdata[(string)$key]=(string)$value;
            }
            $insertdata['qid']=$aQIDReplacements[(int)$insertdata['qid']]; // remap the qid
-            $insertdata['sqid']=$aQIDReplacements[(int)$insertdata['sqid']]; // remap the subqeustion id
+            if (!isset($aQIDReplacements[(int)$insertdata['sqid']]) || is_null($aQIDReplacements[(int)$insertdata['sqid']]))
            {
                $insertdata['sqid'] = 0;    // defaults for non-array types
            }
            else
            {
                $insertdata['sqid']=$aQIDReplacements[(int)$insertdata['sqid']]; // remap the subqeustion id
            }
            // now translate any links
            $query=$connect->GetInsertSQL($tablename,$insertdata);
-            $result=$connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />\$query<br />\n".$connect->ErrorMsg());
+            $result=$connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />". $query. "<br />\n".$connect->ErrorMsg());
            $results['defaultvalues']++;
        }
    }
@@ -1173,6 +1186,8 @@ function XMLImportGroup($sFullFilepath, $newsid)
            $results['conditions']++;
        }
    }
    LimeExpressionManager::RevertUpgradeConditionsToRelevance($newsid);
    LimeExpressionManager::UpgradeConditionsToRelevance($newsid);
    $results['newgid']=$newgid;
--- a/include/limesurvey/admin/importlabel.php
+++ b/include/limesurvey/admin/importlabel.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: importlabel.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: importlabel.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -61,35 +61,34 @@ unlink($sFullFilepath);
 if (isset($aImportResults))
 {
-if (count($aImportResults['warnings'])>0)
+    if (isset($aImportResults['fatalerror']))
 {
    $importlabeloutput .= "<br />\n<div class='warningheader'>".$clang->gT("Warnings")."</div><ul>\n";
    foreach ($aImportResults['warnings'] as $warning)
    {
-        $importlabeloutput .= '<li>'.$warning.'</li>';
+        $importlabeloutput .= "<br />\n<div class='warningheader'>".$clang->gT("Error")."</div>
        <p>{$aImportResults['fatalerror']}<br>";
    }
-    $importlabeloutput .= "</ul>\n";
+    else
    {
        if (count($aImportResults['warnings'])>0)
        {
            $importlabeloutput .= "<br />\n<div class='warningheader'>".$clang->gT("Warnings")."</div><ul>\n";
            foreach ($aImportResults['warnings'] as $warning)
            {
                $importlabeloutput .= '<li>'.$warning.'</li>';
            }
            $importlabeloutput .= "</ul>\n";
        }
        $importlabeloutput .= "<br />\n<div class='successheader'>".$clang->gT("Success")."</div><br />\n";
        $importlabeloutput .= "<strong><u>".$clang->gT("Label set import summary")."</u></strong><br />\n";
        $importlabeloutput .= "<ul style=\"text-align:left;\">\n\t<li>".$clang->gT("Label sets").": {$aImportResults['labelsets']}</li>\n";
        $importlabeloutput .= "\t<li>".$clang->gT("Labels").": {$aImportResults['labels']}</li></ul>\n";
        $importlabeloutput .= "<p><strong>".$clang->gT("Import of label set(s) is completed.")."</strong><br /><br />\n";
    }
    $importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to label set administration")."' onclick=\"window.open('$scriptname?action=labels', '_self')\" />\n";
    $importlabeloutput .= "</p></div><br />\n";
 }
 $importlabeloutput .= "<br />\n<div class='successheader'>".$clang->gT("Success")."</div><br />\n";
 $importlabeloutput .= "<strong><u>".$clang->gT("Label set import summary")."</u></strong><br />\n";
 $importlabeloutput .= "<ul style=\"text-align:left;\">\n\t<li>".$clang->gT("Label sets").": {$aImportResults['labelsets']}</li>\n";
 $importlabeloutput .= "\t<li>".$clang->gT("Labels").": {$aImportResults['labels']}</li></ul>\n";
 $importlabeloutput .= "<p><strong>".$clang->gT("Import of label set(s) is completed.")."</strong><br /><br />\n";
 $importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to label set administration")."' onclick=\"window.open('$scriptname?action=labels', '_self')\" />\n";
 $importlabeloutput .= "</div><br />\n";
 }
 $importlabeloutput .= "<br />\n<div class='successheader'>".$clang->gT("Success")."</div><br />\n";
 $importlabeloutput .= "<strong><u>".$clang->gT("Label set import summary")."</u></strong><br />\n";
 $importlabeloutput .= "<ul style=\"text-align:left;\">\n\t<li>".$clang->gT("Label sets").": {$aImportResults['labelsets']}</li>\n";
 $importlabeloutput .= "\t<li>".$clang->gT("Labels").": {$aImportResults['labels']}</li></ul>\n";
 $importlabeloutput .= "<p><strong>".$clang->gT("Import of label set(s) is completed.")."</strong><br /><br />\n";
 $importlabeloutput .= "<input type='submit' value='".$clang->gT("Return to label set administration")."' onclick=\"window.open('$scriptname?action=labels', '_self')\" />\n";
 $importlabeloutput .= "</div><br />\n";
 // IF WE GOT THIS FAR, THEN THE FILE HAS BEEN UPLOADED SUCCESFULLY
 function CSVImportLabelset($sFullFilepath, $options)
@@ -110,7 +109,8 @@ function CSVImportLabelset($sFullFilepath, $options)
    fclose($handle);
    if (substr($bigarray[0], 0, 27) != "# LimeSurvey Label Set Dump" && substr($bigarray[0], 0, 28) != "# PHPSurveyor Label Set Dump")
    {
-        return $results['fatalerror']=$clang->gT("This file is not a LimeSurvey label set file. Import failed.");
+        $results['fatalerror']=$clang->gT("This file is not a LimeSurvey label set file. Import failed.");
        return $results;
    }
    for ($i=0; $i<9; $i++) //skipping the first lines that are not needed
@@ -268,7 +268,7 @@ function XMLImportLabelsets($sFullFilepath, $options)
    $xml = simplexml_load_file($sFullFilepath);
    if ($xml->LimeSurveyDocType!='Label set') safe_die('This is not a valid LimeSurvey label set structure XML file.');
-    $dbversion = (int) $xml->DBVersion;
+    $dbversion = (float) $xml->DBVersion;
    $csarray=buildLabelSetCheckSumArray();
    $aLSIDReplacements=array();
    $results['labelsets']=0;
@@ -302,6 +302,7 @@ function XMLImportLabelsets($sFullFilepath, $options)
    // Import labels table ===================================================================================
    $tablename=$dbprefix.'labels';
    if (isset($xml->labels->rows->row))
    foreach ($xml->labels->rows->row as $row)
    {
       $insertdata=array();
--- a/include/limesurvey/admin/importoldresponses.php
+++ b/include/limesurvey/admin/importoldresponses.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: importoldresponses.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: importoldresponses.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
--- a/include/limesurvey/admin/importquestion.php
+++ b/include/limesurvey/admin/importquestion.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: importquestion.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: importquestion.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -682,6 +682,8 @@ function CSVImportQuestion($sFullFilepath, $newsid, $newgid)
        }
    }
    LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
    $results['newqid']=$newqid;
    $results['questions']=1;
    $results['newqid']=$newqid;
@@ -708,7 +710,7 @@ function XMLImportQuestion($sFullFilepath, $newsid, $newgid)
    $xml = simplexml_load_file($sFullFilepath);
    if ($xml->LimeSurveyDocType!='Question') safe_die('This is not a valid LimeSurvey question structure XML file.');
-    $dbversion = (int) $xml->DBVersion;
+    $dbversion = (float) $xml->DBVersion;
    $aQIDReplacements=array();
    $aSQIDReplacements=array(0=>0);
    $results['defaultvalues']=0;
@@ -842,7 +844,7 @@ function XMLImportQuestion($sFullFilepath, $newsid, $newgid)
            $query=$connect->GetInsertSQL($tablename,$insertdata);
            $result=$connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />{$query}<br />\n".$connect->ErrorMsg());
            $results['answers']++;
-        }            
+    }
    }
@@ -865,7 +867,7 @@ function XMLImportQuestion($sFullFilepath, $newsid, $newgid)
            $query=$connect->GetInsertSQL($tablename,$insertdata);
            $result=$connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />{$query}<br />\n".$connect->ErrorMsg());
            $results['question_attributes']++;
-        }        
+    }
    }
@@ -889,8 +891,10 @@ function XMLImportQuestion($sFullFilepath, $newsid, $newgid)
            $query=$connect->GetInsertSQL($tablename,$insertdata);
            $result=$connect->Execute($query) or safe_die ($clang->gT("Error").": Failed to insert data<br />\$query<br />\n".$connect->ErrorMsg());
            $results['defaultvalues']++;
        }             
    }
    }
    LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
    $results['newqid']=$newqid;
    $results['questions']=1;
--- a/include/limesurvey/admin/importsurvey.php
+++ b/include/limesurvey/admin/importsurvey.php
@@ -10,15 +10,13 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: importsurvey.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: importsurvey.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
 //importsurvey.php should be called from cmdline_importsurvey.php or http_importsurvey.php, they set the $importingfrom variable
-if ((!isset($importingfrom) && !isset($copyfunction)) || isset($_REQUEST['importingfrom']))
+if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {safe_die("Cannot run this script directly");}
-{
+
    die("Cannot run this script directly");
 }
 require_once('import_functions.php');
 if (!isset($copyfunction))
--- a/include/limesurvey/admin/integritycheck.php
+++ b/include/limesurvey/admin/integritycheck.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: integritycheck.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: integritycheck.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
@@ -44,7 +44,7 @@ if($_SESSION['USER_RIGHT_CONFIGURATOR'] == 1)
        while ($aRow=$aResult->FetchRow())
        {
           $tablename=substr($aRow[0],strlen($dbprefix));
-           if ($tablename=='survey_permissions') continue;
+           if ($tablename=='survey_permissions' || $tablename=='survey_links') continue;
           $iSurveyID=substr($tablename,strpos($tablename,'_')+1);
           $qquery="SELECT sid FROM {$dbprefix}surveys WHERE sid='{$iSurveyID}'";
           $qresult=$connect->Execute($qquery) or safe_die ("Couldn't check questions table for qids<br />$qquery<br />".$connect->ErrorMsg());
--- a/include/limesurvey/admin/iterate_survey.php
+++ b/include/limesurvey/admin/iterate_survey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: iterate_survey.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: iterate_survey.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 /*
 * Set completed answers to the incomplete state and reset the tokens to 'not used' so that
@@ -54,13 +54,12 @@ if  ($subaction=='unfinalizeanswers')
    $updateqr = "UPDATE $surveytable SET submitdate=NULL, lastpage=NULL;\n";
    $updateres = $connect->Execute($updateqr) or safe_die("UnFinilize answers failed:<br />\n" . $connect->ErrorMsg() . "<br />$updateqr");
    // Finally, reset the token completed and sent status
-    $updateqr="UPDATE ".db_table_name("tokens_$surveyid")." SET sent='N', remindersent='N', remindercount=0, completed='N', usesleft=1";
+    $updateqr="UPDATE ".db_table_name("tokens_$surveyid")." SET sent='N', remindersent='N', remindercount=0, completed='N', usesleft=1 where usesleft=0";
    $updateres=$connect->Execute($updateqr) or safe_die ("Couldn't reset token completed state<br />$updateqr<br />".$connect->ErrorMsg());
    $iteratesurveyoutput .= "<br />\n";
    $iteratesurveyoutput .= "<div class='header ui-widget-header'>".$clang->gT("Iterate survey")."</div>\n";
-    $iteratesurveyoutput .=  "<p style='width:100%;'>\n"
+    $iteratesurveyoutput .=  "<p>\n"
    . "<font class='successtitle'>".$clang->gT("Success")."</font><br />\n"
    . $clang->gT("Answers and tokens have been re-opened.")."<br />\n"
-    . "</p>\n"
+    . "</p>\n";
    . "<table><tr><td>";
 }
--- a/include/limesurvey/admin/labels.php
+++ b/include/limesurvey/admin/labels.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: labels.php 10934 2011-09-02 22:12:07Z c_schmitz $
+ * $Id: labels.php 11675 2011-12-18 02:27:59Z tmswhite $
 */
 include_once("login_check.php");  //Login Check dies also if the script is started directly
@@ -40,7 +40,7 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
    //DO DATABASE UPDATESTUFF
    if ($action == "updateset") {updateset($lid);}
    if ($action == "insertlabelset") {$lid=insertlabelset();}
-    if ($action == "modlabelsetanswers") {modlabelsetanswers($lid);}
+    if (($action == "modlabelsetanswers")||($action == "ajaxmodlabelsetanswers")) {modlabelsetanswers($lid);}
    if ($action == "deletelabelset") {if (deletelabelset($lid)) {$lid=0;}}
    if ($action == "importlabels")
    {
@@ -155,7 +155,7 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
        ."<input type='image' src='$imageurl/close.gif' align='right' "
        ."onclick=\"window.open('admin.php?action=labels&amp;lid=$lid', '_self')\" />\n";
        if ($action == "newlabelset") {$labelsoutput.= $clang->gT("Create or import new label set(s)"); $langids=$_SESSION['adminlang']; $tabitem=$clang->gT("Create New Label Set");}
-        else {$labelsoutput.= $clang->gT("Edit label set"); $tabitem=$clang->gT("Edit label set");}
+        else {$labelsoutput.= $clang->gT("Edit Label Set"); $tabitem=$clang->gT("Edit label set");}
        $langidsarray=explode(" ",trim($langids)); //Make an array of it
        $labelsoutput.= "\n\t</div>\n";
@@ -272,7 +272,7 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
 					"<img src='$imageurl/dumplabel.png' alt='".$clang->gT("Export this label set")."' align='left' /></a>"
 					."\t</div>\n"
 					."\t<div class='menubar-right'>\n"
-					."\t<input type='image' src='$imageurl/close.gif' title='".$clang->gT("Close")."'"
+					."\t<input type='image' src='$imageurl/close.gif' title='".$clang->gT("Close Window")."'"
 					."onclick=\"window.open('admin.php?action=labels', '_self')\" />\n"
 					."\t</div>\n"
 					."\t</div>\n"
@@ -283,6 +283,7 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
        //LABEL ANSWERS  - SHOW THE MASK FOR EDITING THE LABELS
 		$js_admin_includes[]='scripts/updateset.js';
        $qulabelset = "SELECT * FROM ".db_table_name('labelsets')." WHERE lid=$lid";
        $rslabelset = db_execute_assoc($qulabelset) or safe_die($connect->ErrorMsg());
@@ -296,9 +297,9 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
        $msorow=$maxresult->FetchRow();
        $maxsortorder=$msorow['maxsortorder']+1;
-        // KP
+        // labels table
        $labelsoutput.= "\t<div class='header ui-widget-header'>".$clang->gT("Labels")."\t</div>\n";
-        $labelsoutput.= "<form method='post' action='admin.php' onsubmit=\"return codeCheck('code_',$maxsortorder,'".$clang->gT("Error: You are trying to use duplicate label codes.",'js')."','".$clang->gT("Error: 'other' is a reserved keyword.",'js')."');\">\n"
+        $labelsoutput.= "<form method='post' id='mainform' action='admin.php' onsubmit=\"return codeCheck('code_',$maxsortorder,'".$clang->gT("Error: You are trying to use duplicate label codes.",'js')."','".$clang->gT("Error: 'other' is a reserved keyword.",'js')."');\">\n"
        ."<input type='hidden' name='sortorder' value='{$row['sortorder']}' />\n"
        ."<input type='hidden' name='lid' value='$lid' />\n"
        ."<input type='hidden' name='action' value='modlabelsetanswers' />\n";
@@ -312,145 +313,82 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
            $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
            $labelcount = $result->RecordCount();
            $tab_title[$i] = getLanguageNameFromCode($lslanguage,false);
-            $tab_content[$i] = "<table class='answertable' align='center'>\n"
+
-            ."<thead align='center'>"
+            $tab_content[$i] = "
-            ."<tr>\n"
+                <input type='hidden' class='lslanguage' value='{$lslanguage}'>
-            ."\t<th align='right' class='settingcaption'>\n"
+                <table class='answertable' align='center'>
-            .$clang->gT("Code")
+                    <thead align='center'>
-            ."\t</th>\n";
+                        <tr>";
-            $tab_content[$i].="<th align='right' class='settingcaption'>".$clang->gT("Assessment value").'</th>';
+
-            $tab_content[$i].="\t<th class='settingcaption'>\n"
+            if ($first)
-            .$clang->gT("Title")
+                $tab_content[$i] .= "<th>&nbsp;</th>";
-            ."\t</th>\n"
+
-            ."\t<th align='center' class='settingcaption'>\n"
+            $tab_content[$i] .= "<th class='settingcaption'>{$clang->gT("Code")}</th>
-            .$clang->gT("Action")
+                            <th class='settingcaption'>{$clang->gT("Assessment value")}</th>
-            ."\t</th>\n"
+                            <th class='settingcaption'>{$clang->gT("Title")}</th>";
-            ."\t<th align='center' class='settingcaption'>\n"
+
-            .$clang->gT("Order")
+            if ($first)
-            ."\t</th>\n"
+                $tab_content[$i] .= "<th class='settingcaption'>{$clang->gT("Action")}</th>";
-            ."</tr></thead>"
+
-            ."<tbody align='center'>";
+            $tab_content[$i] .= "</tr>
                    </thead>
                    <tbody align='center'>
            ";
            $alternate=false;
            while ($row=$result->FetchRow())
            {
                $sortorderids=$sortorderids.' '.$row['language'].'_'.$row['sortorder'];
                if ($first) {$codeids=$codeids.' '.$row['sortorder'];}
-               $tab_content[$i].= "<tr style='white-space: nowrap;' ";
+
                $tab_content[$i].= "<tr style='white-space: nowrap;' name='{$row['sortorder']}'";
                if ($alternate==true)
-                {
+                    $tab_content[$i].=' class = "highlight" ';
                    $tab_content[$i].=' class="highlight" ';
                    $alternate=false;
                }
                else
                {
                    $alternate=true;
                }
                $tab_content[$i].="><td align='right'>\n";
                $tab_content[$i] .= ">";
                if (!$first)
-                {
+                    $tab_content[$i].= "<td>{$row['code']}</td><td>{$row['assessment_value']}</td>";
                    $tab_content[$i].= "\t{$row['code']}";
                }
                else
-                {
+                    $tab_content[$i].= "
-                    $tab_content[$i].= "\t<input type='hidden' name='oldcode_{$row['sortorder']}' value=\"{$row['code']}\" />\n";
+                        <td><img src='$imageurl/handle.png' /></td>
-                    $tab_content[$i].= "\t<input type='text' id='code_{$row['sortorder']}' name='code_{$row['sortorder']}' maxlength='5' size='5' value=\"{$row['code']}\" onkeypress=\"if(event.keyCode!=13) {return goodchars(event,'1234567890abcdefghijklmnopqrstuvwxyz');}; return catchenter(event,'saveallbtn_$lslanguage');\" />\n";
+                        <td>
-                }
+                            <input type='hidden' class='hiddencode' value='{$row['code']}' />
                            <input type='text'  class='codeval'id='code_{$row['sortorder']}' name='code_{$row['sortorder']}' maxlength='5'
                                size='6' value='{$row['code']}'/>
                        </td>
                        <td>
                            <input type='text' class='assessmentval' id='assessmentvalue_{$row['sortorder']}' style='text-align: right;' name='assessmentvalue_{$row['sortorder']}' maxlength='5' size='6' value='{$row['assessment_value']}' />
                        </td>
                    ";
                $tab_content[$i].= "
                     <td>
                        <input type='text' name='title_{$row['language']}_{$row['sortorder']}' maxlength='3000' size='80' value=\"".html_escape($row['title'])."\" />"
                        .getEditor("editlabel", "title_{$row['language']}_{$row['sortorder']}", "[".$clang->gT("Label:", "js")."](".$row['language'].")",'','','',$action)
                    ."</td>";
                 if ($first)
                     $tab_content[$i] .= "
                     <td style='text-align:center;'>
                     <img src='$imageurl/addanswer.png' class='btnaddanswer' /><img src='$imageurl/deleteanswer.png' class='btndelanswer' />
                     </td>
                     </tr>";
                $tab_content[$i].= "\t</td>\n"
                ."\t<td style='text-align:center;'>\n";
                if ($first)
                {
                    $tab_content[$i].= "\t<input type='text' id='assessmentvalue_{$row['sortorder']}' style='text-align: right;' name='assessmentvalue_{$row['sortorder']}' maxlength='5' size='5' value=\"{$row['assessment_value']}\" "
                    ." onkeypress=\"if(event.keyCode==13) {if (event && event.preventDefault) event.preventDefault(); document.getElementById('saveallbtn_$lslanguage').click(); return false;} return goodchars(event,'1234567890-')\" />";
                }
                else
                {
                    $tab_content[$i].= $row['assessment_value'];
                }
                $tab_content[$i].= "\t</td>\n"
                ."\t<td>\n"
                ."\t<input type='text' name='title_{$row['language']}_{$row['sortorder']}' maxlength='3000' size='75' value=\"".html_escape($row['title'])."\" onkeypress=\"return catchenter(event,'saveallbtn_$lslanguage');\"/>\n"
                . getEditor("editlabel", "title_{$row['language']}_{$row['sortorder']}", "[".$clang->gT("Label:", "js")."](".$row['language'].")",'','','',$action)
                ."\t</td>\n"
                ."\t<td style='text-align:center;'>\n";
                $tab_content[$i].= "\t<input type='submit' name='method' value='".$clang->gT("Del")."' onclick=\"this.form.sortorder.value='{$row['sortorder']}'\" />\n";
                $tab_content[$i].= "\t</td>\n"
                ."\t<td>\n";
                if ($position > 0)
                {
                    $tab_content[$i].= "\t<input type='submit' name='method' value='".$clang->gT("Up")."' onclick=\"this.form.sortorder.value='{$row['sortorder']}'\" />\n";
                };
                if ($position < $labelcount-1)
                {
                    // Fill the sortorder hiddenfield so we know what field is moved down
                    $tab_content[$i].= "\t<input type='submit' name='method' value='".$clang->gT("Dn")."' onclick=\"this.form.sortorder.value='{$row['sortorder']}'\" />\n";
                }
               $tab_content[$i].= "\t</td></tr>\n";
                $position++;
            }
            if ($labelcount>0)
            {
                $tab_content[$i].= "\t<tr><td colspan='5'><center><input type='submit' name='method' value='".$clang->gT("Save Changes")."'  id='saveallbtn_$lslanguage' />"
                ."</center></td></tr>\n";
            }
-            $position=sprintf("%05d", $position);
+            $tab_content[$i] .= "</tbody></table>";
-            if (!isset($_SESSION['nextlabelcode'])) $_SESSION['nextlabelcode']='';
+
-            if ($first)
+            $tab_content[$i] .= "<button class='btnquickadd' id='btnquickadd' type='button'>".$clang->gT('Quick add...')."</button>";
-            {  $tab_content[$i].= "<tr><td><br /></td></tr><tr><td align='right'>"
+
-            ."<input type='hidden' name='sortorderids' value='$sortorderids' />\n"
+            $tab_content[$i].= "<p><input type='submit' name='method' value='".$clang->gT("Save Changes")."'  id='saveallbtn_$lslanguage' /></p>";
            ."<input type='hidden' name='codeids' value='$codeids' />\n"
            ."<strong>".$clang->gT("New label").":</strong> <input type='text' maxlength='5' name='insertcode' size='6' value='".$_SESSION['nextlabelcode']."' id='code_$maxsortorder' onkeypress=\"if(event.keyCode!=13) {return goodchars(event,'1234567890abcdefghijklmnopqrstuvwxyz');}; return catchenter(event,'addnewlabelbtn');\" />\n"
            ."\t</td>\n"
            ."<td style='text-align:center;'>"
            ."<input style='text-align:right;' type='text' maxlength='5' name='insertassessmentvalue' size='6' id='insertassessmentvalue' value='0' "
            ."onkeypress=\"if(event.keyCode==13) {if (event && event.preventDefault) event.preventDefault(); document.getElementById('addnewlabelbtn').click(); return false;} return goodchars(event,'1234567890-')\" />"
            ."\t</td>\n"
            ."\t<td>\n"
            ."\t<input type='text' maxlength='3000' name='inserttitle' size='75' onkeypress=\"return catchenter(event,'addnewlabelbtn');\"/>\n"
            . getEditor("addlabel", "inserttitle", "[".$clang->gT("Label:", "js")."](".$lslanguage.")",'','','',$action)
            ."\t</td>\n"
            ."\t<td colspan='2'>\n"
            ."\t<input type='submit' name='method' value='".$clang->gT("Add new label")."' id='addnewlabelbtn' />\n"
            ."<script type='text/javascript'>\n"
            ."<!--\n"
            ."document.getElementById('code_$maxsortorder').focus();\n"
            ."function catchenter(evt, btnid)\n"
            ."{\n"
            ."\tvar mykey = window.event ? evt.keyCode : evt.which;\n"
            ."\tif (mykey == 13)\n"
            ."\t{\n"
            ."\t\tvar mybtn = document.getElementById(btnid);\n"
            ."\t\tmybtn.click();\n"
            ."\t\treturn false;\n"
            ."\t}\n"
            ."\treturn true;\n"
            ."}\n"
            ."//-->\n"
            ."</script>\n"
            ."\t</td>\n"
            ."</tr>\n";
            }
            else
            {
               $tab_content[$i].= "<tr>\n"
                ."\t<td colspan='4' align='center'>\n"
                ."<span style='font-color:green; font-size:8px; font-weight:bold; font-style: italic;'>"
                .$clang->gT("Note: Inserting new labels must be done on the first language tab.")."</span>\n"
                ."\t</td>\n"
                ."</tr>\n";
            }
            unset($_SESSION['nextlabelcode']);
            $first=false;
            $tab_content[$i].="</tbody></table>\n";
            $i++;
        }
@@ -466,6 +404,8 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
            $labelsoutput .= "<div id='neweditlblset$i'>$eachcontent</div>";
        }
        $labelsoutput .="</form>";
        $disabledIfNoResources = '';
        if (hasResources($lid,'label') === false)
        {
@@ -495,6 +435,14 @@ if($_SESSION['USER_RIGHT_SUPERADMIN'] == 1 || $_SESSION['USER_RIGHT_MANAGE_LABEL
        $labelsoutput .= "</div>";
        $labelsoutput .= "<div id='quickadd' name='{$clang->gT('Quick add')}'style='display:none;'><div style='float:left;'>
                      <label for='quickadd'>".$clang->gT('Enter your labels:')."</label>
                      <br /><textarea id='quickaddarea' class='tipme' title='".$clang->gT('Enter one label per line. You can provide a code by separating code and label text with a semikolon or tab. For multilingual surveys you add the translation(s) on the same line separated with a semikolon or tab.')."' rows='30' style='width:570px;'></textarea>
                      <br /><button id='btnqareplace' type='button'>".$clang->gT('Replace')."</button>
                      <button id='btnqainsert' type='button'>".$clang->gT('Add')."</button>
                      <button id='btnqacancel' type='button'>".$clang->gT('Cancel')."</button></div>
                   </div> ";
    }
 }
@@ -638,174 +586,100 @@ function insertlabelset()
 }
 function modlabelsetanswers($lid)
 {
    global $dbprefix, $connect, $clang, $labelsoutput, $databasetype, $filterxsshtml,$postsortorder;
-
+    $ajax = false;
-    $qulabelset = "SELECT * FROM ".db_table_name('labelsets')." WHERE lid='$lid'";
+    if (isset($_POST['ajax']) && $_POST['ajax'] == "1"){
-    $rslabelset = db_execute_assoc($qulabelset) or safe_die($connect->ErrorMsg());
+        $ajax = true;
-    $rwlabelset=$rslabelset->FetchRow();
+    }
    $lslanguages=explode(" ", trim($rwlabelset['languages']));
    if (!isset($_POST['method'])) {
        $_POST['method'] = $clang->gT("Save");
    }
-    switch($_POST['method'])
+
    $sPostData=html_entity_decode($_POST['dataToSend'], ENT_QUOTES, "UTF-8");
    $sPostData=str_replace("\t", '', $sPostData); 
    if (get_magic_quotes_gpc())
    {
-        case $clang->gT("Add new label", "unescaped"):
+        $data = json_decode(stripslashes($sPostData));    
            if (isset($_POST['insertcode']) && $_POST['insertcode']!='')
            {
                $_SESSION['nextlabelcode']=getNextCode($_POST['insertcode']);
                $_POST['insertcode'] = db_quoteall($_POST['insertcode'],true);
                // check that the code doesn't exist yet
                $query = "SELECT code FROM ".db_table_name('labels')." WHERE lid='$lid' AND code=".$_POST['insertcode'];
                $result = $connect->Execute($query);
                $codeoccurences=$result->RecordCount();
                if ($codeoccurences == 0)
                {
                    $query = "select max(sortorder) as maxorder from ".db_table_name('labels')." where lid='$lid'";
                    $result = $connect->Execute($query);
                    $newsortorder=sprintf("%05d", $result->fields['maxorder']+1);
                    if ($filterxsshtml)
                    {
                        require_once("../classes/inputfilter/class.inputfilter_clean.php");
                        $myFilter = new InputFilter('','',1,1,1);
                        $_POST['inserttitle']=$myFilter->process($_POST['inserttitle']);
                    }
                    else
                    {
                        $_POST['inserttitle'] = html_entity_decode($_POST['inserttitle'], ENT_QUOTES, "UTF-8");
                    }
                    // Fix bug with FCKEditor saving strange BR types
                    $_POST['inserttitle']=fix_FCKeditor_text($_POST['inserttitle']);
                    $_POST['inserttitle'] = db_quoteall($_POST['inserttitle'],true);
                    $_POST['insertassessmentvalue']=(int)$_POST['insertassessmentvalue'];
                    foreach ($lslanguages as $lslanguage)
                    {
                        db_switchIDInsert('labels',true);
                        $query = "INSERT INTO ".db_table_name('labels')." (lid, code, title, sortorder,language, assessment_value) VALUES ($lid, {$_POST['insertcode']}, {$_POST['inserttitle']}, '$newsortorder','$lslanguage',{$_POST['insertassessmentvalue']})";
                        if (!$result = $connect->Execute($query))
                        {
                            $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to insert label", "js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
                        }
                        db_switchIDInsert('labels',false);
                    }
                }
                else
                {
                    $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("This label code is already used in this labelset. Please choose another code or rename the existing one.", "js")."\")\n //-->\n</script>\n";
                }
            }
            break;
            // Save all labels with one button
        case $clang->gT("Save Changes", "unescaped"):
            //Determine autoids by evaluating the hidden field
            $sortorderids=explode(' ', trim($_POST['sortorderids']));
            $codeids=explode(' ', trim($_POST['codeids']));
            $count=0;
            // Quote each code_codeid first
            foreach ($codeids as $codeid)
            {
                $_POST['code_'.$codeid] = db_quoteall($_POST['code_'.$codeid],true);
                if (isset($_POST['oldcode_'.$codeid])) $_POST['oldcode_'.$codeid] = db_quoteall($_POST['oldcode_'.$codeid],true);
                // Get the code values to check for duplicates
                $codevalues[] = $_POST['code_'.$codeid];
            }
            // Check that there is no code duplicate
            if (count(array_unique($codevalues)) == count($codevalues))
            {
                if ($filterxsshtml)
                {
                    require_once("../classes/inputfilter/class.inputfilter_clean.php");
                    $myFilter = new InputFilter('','',1,1,1);
                }
                foreach ($sortorderids as $sortorderid)
                {
                    $orderid=substr($sortorderid,strrpos($sortorderid,'_')+1,20);
                    foreach ($lslanguages as $langid)
                        {
                        $sortorderid = $langid . '_' . $orderid;
                        if ($filterxsshtml)
                        {
                            $_POST['title_'.$sortorderid]=$myFilter->process($_POST['title_'.$sortorderid]);
                        }
                        else
                        {
                            $_POST['title_'.$sortorderid] = html_entity_decode($_POST['title_'.$sortorderid], ENT_QUOTES, "UTF-8");
                        }
                        // Fix bug with FCKEditor saving strange BR types
                        $_POST['title_'.$sortorderid]=fix_FCKeditor_text($_POST['title_'.$sortorderid]);
                        $_POST['title_'.$sortorderid] = db_quoteall($_POST['title_'.$sortorderid],true);
                        $query = "UPDATE ".db_table_name('labels')." SET code=".$_POST['code_'.$codeids[$count]].", title={$_POST['title_'.$sortorderid]}, assessment_value={$_POST['assessmentvalue_'.$codeids[$count]]} WHERE lid=$lid AND sortorder=$orderid AND language='$langid'";
                        if (!$result = $connect->Execute($query))
                        // if update didn't work we assume the label does not exist and insert it
                        {
                            $query = "insert into ".db_table_name('labels')." (code,title,lid,sortorder,language) VALUES (".$_POST['code_'.$codeids[$count]].", {$_POST['title_'.$sortorderid]}, $lid , $orderid , '$langid')";
                            if (!$result = $connect->Execute($query))
                            {
                                $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to update label","js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
                            }
                        }
                    }
                    $count++;
                    if ($count>count($codeids)-1) {$count=0;}
                }
                fixorder($lid);
            }
            else
            {
                $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Can't update labels because you are using duplicated codes","js")."\")\n //-->\n</script>\n";
            }
            break;
            // Pressing the Up button
        case $clang->gT("Up", "unescaped"):
            $newsortorder=$postsortorder-1;
            $oldsortorder=$postsortorder;
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=-1 WHERE lid=$lid AND sortorder=$newsortorder";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=$newsortorder WHERE lid=$lid AND sortorder=$oldsortorder";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder='$oldsortorder' WHERE lid=$lid AND sortorder=-1";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            break;
            // Pressing the Down button
        case $clang->gT("Dn", "unescaped"):
            $newsortorder=$postsortorder+1;
            $oldsortorder=$postsortorder;
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=-1 WHERE lid=$lid AND sortorder='$newsortorder'";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder='$newsortorder' WHERE lid=$lid AND sortorder=$oldsortorder";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            $cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=$oldsortorder WHERE lid=$lid AND sortorder=-1";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            break;
            // Delete Button
        case $clang->gT("Del", "unescaped"):
            $query = "DELETE FROM ".db_table_name('labels')." WHERE lid=$lid AND sortorder='{$postsortorder}'";
            if (!$result = $connect->Execute($query))
            {
                $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to delete label","js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
            }
            fixorder($lid);
            break;
    }
    else
    {
        $data = json_decode($sPostData);
    }
    if ($ajax){
        $lid = insertlabelset();
    }
    if (count(array_unique($data->{'codelist'})) == count($data->{'codelist'}))
    {
        if ($filterxsshtml)
        {
            require_once("../classes/inputfilter/class.inputfilter_clean.php");
            $myFilter = new InputFilter('','',1,1,1);
        }
        $query = "DELETE FROM ".db_table_name('labels')."  WHERE lid = {$lid}";
        $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
        foreach($data->{'codelist'} as $index=>$codeid){
            $codeObj = $data->$codeid;
            $actualcode = db_quoteall($codeObj->{'code'},true);
            $codeid = db_quoteall($codeid,true);
            $assessmentvalue = (int)($codeObj->{'assessmentvalue'});
            foreach($data->{'langs'} as $lang){
                $strTemp = 'text_'.$lang;
                $title = $codeObj->$strTemp;
                if ($filterxsshtml)
                    $title=$myFilter->process($title);
                else
                    $title = html_entity_decode($title, ENT_QUOTES, "UTF-8");
                // Fix bug with FCKEditor saving strange BR types
                $title =fix_FCKeditor_text($title);
                $title = db_quoteall($title,true);
                $sort_order = db_quoteall($index);
                $lang = db_quoteall($lang);
                $title = trim($title, "'");
                if (get_magic_quotes_gpc())
                {
                    $title = str_replace("'","\'",$title);
                }
                $query = "INSERT INTO ".db_table_name('labels')." (lid,code,title,sortorder, assessment_value, language)
                    VALUES({$lid},{$actualcode},'".$title."',{$sort_order},{$assessmentvalue},{$lang})";
                $result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
            }
        }
    $_SESSION['flashmessage']=$clang->gT("Labels sucessfully updated");
    }
    else
    {
        $labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Can't update labels because you are using duplicated codes","js")."\")\n //-->\n</script>\n";
    }
    if ($ajax){ die(); }
 }
 /**
--- a/include/limesurvey/admin/listcolumn.php
+++ b/include/limesurvey/admin/listcolumn.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: listcolumn.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: listcolumn.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 include_once("login_check.php");
--- a/include/limesurvey/admin/login_check.php
+++ b/include/limesurvey/admin/login_check.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: login_check.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: login_check.php 12211 2012-01-26 17:02:27Z shnoulle $
 */
@@ -51,7 +51,7 @@ if(isset($_GET['user']) && isset($_GET['onepass']))
        else
        {
            //check if user exists in DB
-            $query = "SELECT uid, users_name, password, one_time_pw, dateformat, full_name, htmleditormode FROM ".db_table_name('users')." WHERE users_name=".$connect->qstr($user);
+            $query = "SELECT uid, users_name, password, one_time_pw, dateformat, full_name, htmleditormode, questionselectormode, templateeditormode FROM ".db_table_name('users')." WHERE users_name=".$connect->qstr($user);
            $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC; //Checked
            $result = $connect->SelectLimit($query, 1) or safe_die ($query."<br />".$connect->ErrorMsg());
            if(!$result)
@@ -101,6 +101,8 @@ if(isset($_GET['user']) && isset($_GET['onepass']))
                    $_SESSION['loginID'] = $srow['uid'];
                    $_SESSION['dateformat'] = $srow['dateformat'];
                    $_SESSION['htmleditormode'] = $srow['htmleditormode'];
                    $_SESSION['questionselectormode'] = $srow['questionselectormode'];
                    $_SESSION['templateeditormode'] = $srow['templateeditormode'];
                    $_SESSION['full_name'] = $srow['full_name'];
                    GetSessionUserRights($_SESSION['loginID']);
@@ -181,7 +183,7 @@ if(!isset($_SESSION['loginID']) && $action != "forgotpass" && ($action != "logou
        //include("database.php");
-        $sIp = $_SERVER['REMOTE_ADDR'];
+        $sIp = getIPAddress();
        $query = "SELECT * FROM ".db_table_name('failed_login_attempts'). " WHERE ip='$sIp';";
        $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
        $result = $connect->query($query) or safe_die ($query."<br />".$connect->ErrorMsg());
--- a/include/limesurvey/admin/login_check_cas.php
+++ b/include/limesurvey/admin/login_check_cas.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: login_check_cas.php 9586 2010-12-06 03:08:07Z c_schmitz $
+ * $Id: login_check_cas.php 12211 2012-01-26 17:02:27Z shnoulle $
 */
 if (!isset($dbprefix) || isset($_REQUEST['dbprefix'])) {die("Cannot run this script directly");}
 if (!isset($action)) {$action=returnglobal('action');}
@@ -207,7 +207,8 @@ function setUserRightsCas($user, $role="")
    $_SESSION['adminlang'] = $defaultlang;
    $_SESSION['htmleditormode'] = 'default';
-
+    $_SESSION['questionselectormode'] = 'default';
    $_SESSION['templateeditormode'] = 'default';
    $_SESSION['checksessionpost'] = sRandomChars(10);
    $_SESSION['pw_notify']=false;
--- a/include/limesurvey/admin/preview.php
+++ b/include/limesurvey/admin/preview.php
@@ -10,41 +10,37 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: preview.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: preview.php 12106 2012-01-19 05:35:48Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
 $LEMdebugLevel=0;
 include_once("login_check.php");
 require_once(dirname(__FILE__).'/sessioncontrol.php');
 require_once(dirname(__FILE__).'/../qanda.php');
 if (!isset($surveyid)) {$surveyid=returnglobal('sid');}
 if (!isset($qid)) {$qid=returnglobal('qid');}
 if (empty($surveyid)) {die("No SID provided.");}
 if (empty($qid)) {die("No QID provided.");}
 if (!isset($_SESSION['step'])) { $_SESSION['step'] = 0; }
 if (!isset($_SESSION['prevstep'])) { $_SESSION['prevstep'] = 0; }
 if (!isset($_SESSION['maxstep'])) { $_SESSION['maxstep'] = 0; }
 if (!isset($_GET['lang']) || $_GET['lang'] == "")
 {
    $language = GetBaseLanguageFromSurveyID($surveyid);
 } else {
-    $language = $_GET['lang'];
+    $language = sanitize_languagecode($_GET['lang']);
 }
 $_SESSION['s_lang'] = $language;
 $_SESSION['fieldmap']=createFieldMap($surveyid,'full',true,$qid);
 // Prefill question/answer from defaultvalues
 foreach ($_SESSION['fieldmap'] as $field)
 {
    if (isset($field['defaultvalue']))
    {
        $_SESSION[$field['fieldname']]=$field['defaultvalue'];
    }
 }
 $clang = new limesurvey_lang($language);
 $thissurvey=getSurveyInfo($surveyid);
 $_SESSION['dateformats'] = getDateFormatData($thissurvey['surveyls_dateformat']);
 require_once(dirname(__FILE__).'/../qanda.php');
 $qquery = 'SELECT * FROM '.db_table_name('questions')." WHERE sid='$surveyid' AND qid='$qid' AND language='{$language}'";
 $qresult = db_execute_assoc($qquery);
@@ -56,10 +52,19 @@ $ia = array(0 => $qid,
 4 => $qrows['type'],
 5 => $qrows['gid'],
 6 => $qrows['mandatory'],
 //7 => $qrows['other']); // ia[7] is conditionsexist not other
 7 => 'N',
 8 => 'N' ); // ia[8] is usedinconditions
 $radix=getRadixPointData($thissurvey['surveyls_numberformat']);
 $radix = $radix['seperator'];
 $surveyOptions = array(
    'radix'=>$radix,
    );
 LimeExpressionManager::StartSurvey($thissurvey['sid'], 'question', $surveyOptions, false,$LEMdebugLevel);
 $qseq = LimeExpressionManager::GetQuestionSeq($qid);
 $moveResult = LimeExpressionManager::JumpTo($qseq+1,true,false,true);
 $answers = retrieveAnswers($ia);
 if (!$thissurvey['template'])
@@ -72,40 +77,105 @@ else
 }
 doHeader();
-$dummy_js = '
+$showQuestion = "$('#question$qid').show();";
-		<!-- JAVASCRIPT FOR CONDITIONAL QUESTIONS -->
+$dummy_js = <<< EOD
-		<script type="text/javascript">
+    <script type='text/javascript'>
-        /* <![CDATA[ */
+    <!--
-            function checkconditions(value, name, type)
+    LEMradix='$radix';
-            {
+    var numRegex = new RegExp('[^-' + LEMradix + '0-9]','g');
-            }
+    var intRegex = new RegExp('[^-0-9]','g');
-		function noop_checkconditions(value, name, type)
+	function fixnum_checkconditions(value, name, type, evt_type, intonly)
-		{
+	{
-		}
+        newval = new String(value);
-        /* ]]> */
+        if (typeof intonly !=='undefined' && intonly==1) {
-		</script>
+            newval = newval.replace(intRegex,'');
-        ';
+        }
        else {
            newval = newval.replace(numRegex,'');
        }
        if (LEMradix === ',') {
            newval = newval.split(',').join('.');
        }
        if (newval != '-' && newval != '.' && newval != '-.' && newval != parseFloat(newval)) {
            newval = '';
        }
        displayVal = newval;
        if (LEMradix === ',') {
            displayVal = displayVal.split('.').join(',');
        }
        if (name.match(/other$/)) {
            $('#answer'+name+'text').val(displayVal);
        }
        $('#answer'+name).val(displayVal);
        if (typeof evt_type === 'undefined')
        {
            evt_type = 'onchange';
        }
        checkconditions(newval, name, type, evt_type);
 	}
 	function checkconditions(value, name, type, evt_type)
 	{
        if (typeof evt_type === 'undefined')
        {
            evt_type = 'onchange';
        }
        if (type == 'radio' || type == 'select-one')
        {
            var hiddenformname='java'+name;
            document.getElementById(hiddenformname).value=value;
        }
        else if (type == 'checkbox')
        {
            if (document.getElementById('answer'+name).checked)
            {
                $('#java'+name).val('Y');
            } else
            {
                $('#java'+name).val('');
            }
        }
        else if (type == 'text' && name.match(/other$/) && typeof document.getElementById('java'+name) !== 'undefined' && document.getElementById('java'+name) != null)
        {
            $('#java'+name).val(value);
        }
        ExprMgr_process_relevance_and_tailoring(evt_type,name,type);
        $showQuestion
 	}
    $(document).ready(function() {
        $showQuestion
    });
    $(document).change(function() {
        $showQuestion
    });
    $(document).bind('keydown',function(e) {
                if (e.keyCode == 9) {
                    $showQuestion
                    return true;
                }
                return true;
            });
 // -->
 </script>
 EOD;
 $answer=$answers[0][1];
-$help=$answers[0][2];
+
 //GET HELP
 $hquery="SELECT help FROM {$dbprefix}questions WHERE qid=$ia[0] AND language='".$_SESSION['s_lang']."'";
 $hresult=db_execute_num($hquery) or safe_die($connect->ErrorMsg());       //Checked
 $help="";
 while ($hrow=$hresult->FetchRow()) {$help=$hrow[0];}
 $question = $answers[0][0];
 $question['code']=$answers[0][5];
 $question['class'] = question_class($qrows['type']);
 $question['essentials'] = 'id="question'.$qrows['qid'].'"';
 $question['sgq']=$ia[1];
-
+$question['aid']='unknown';
-//Temporary fix for error condition arising from linked question via replacement fields
+$question['sqid']='unknown';
-//@todo: find a consistent way to check and handle this - I guess this is already handled but the wrong values are entered into the DB
+$question['type']= $qrows['type'];
 $search_for = '{INSERTANS';
 if(strpos($question['text'],$search_for)!==false){
    $pattern_text = '/{([A-Z])*:([0-9])*X([0-9])*X([0-9])*}/';
    $replacement_text = $clang->gT('[Dependency on another question (ID $4)]');
    $text = preg_replace($pattern_text,$replacement_text,$question['text']);
    $question['text']=$text;
 }
 if ($qrows['mandatory'] == 'Y')
 {
@@ -123,20 +193,33 @@ $content .= templatereplace(file_get_contents("$thistpl/startgroup.pstpl"));
 $question_template = file_get_contents("$thistpl/question.pstpl");
 if(substr_count($question_template , '{QUESTION_ESSENTIALS}') > 0 ) // the following has been added for backwards compatiblity.
 {// LS 1.87 and newer templates
-    $content .= "\n".templatereplace($question_template)."\n";
+    $content .= "\n".templatereplace($question_template,NULL,false,$qid)."\n";
 }
 else
 {// LS 1.86 and older templates
    $content .= '<div '.$question['essentials'].' class="'.$question['class'].$question['man_class'].'">';
-    $content .= "\n".templatereplace($question_template)."\n";
+    $content .= "\n".templatereplace($question_template,NULL,false,$qid)."\n";
    $content .= "\n\t</div>\n";
 };
 $content .= templatereplace(file_get_contents("$thistpl/endgroup.pstpl")).$dummy_js;
 LimeExpressionManager::FinishProcessingGroup();
 $content .= LimeExpressionManager::GetRelevanceAndTailoringJavaScript();
 $content .= '<p>&nbsp;</form>';
-$content .= templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
+
 LimeExpressionManager::FinishProcessingPage();
 echo $content;
 if ($LEMdebugLevel >= 1) {
    echo LimeExpressionManager::GetDebugTimingMessage();
 }
 if ($LEMdebugLevel >= 2) {
     echo "<table><tr><td align='left'><b>Group/Question Validation Results:</b>".$moveResult['message']."</td></tr></table>\n";
 }
 $content .= templatereplace(file_get_contents("$thistpl/endpage.pstpl"));
 echo "</html>\n";
--- a/include/limesurvey/admin/printablesurvey.php
+++ b/include/limesurvey/admin/printablesurvey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: printablesurvey.php 10929 2011-09-02 15:27:07Z c_schmitz $
+ * $Id: printablesurvey.php 12418 2012-02-09 11:54:10Z mennodekker $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -103,10 +103,10 @@ else
 	define('PRINT_TEMPLATE_URL' , $standardtemplaterooturl.'/default/' , true);
 }
 LimeExpressionManager::StartSurvey($surveyid, 'survey',NULL,false,LEM_PRETTY_PRINT_ALL_SYNTAX);
 $moveResult = LimeExpressionManager::NavigateForwards();
 $fieldmap=createFieldMap($surveyid);
 $degquery = "SELECT * FROM ".db_table_name("groups")." WHERE sid='{$surveyid}' AND language='{$surveyprintlang}' ORDER BY ".db_table_name("groups").".group_order";
 $degresult = db_execute_assoc($degquery);
@@ -136,7 +136,7 @@ if(isset($showsgqacode) && $showsgqacode == true)
 }
 else
 {
-	$surveyname = "";
+	$surveyname = $surveyname;
 }
 $survey_output = array(
@@ -411,7 +411,7 @@ while ($degrow = $degresult->FetchRow())
            // START doing questions
            $qidattributes=getQuestionAttributes($deqrow['qid'],$deqrow['type']);
-            if ($qidattributes['hidden']==1)
+            if ($qidattributes['hidden']==1 && $deqrow['type'] != '*')
            {
                continue;
            }
@@ -422,341 +422,15 @@ while ($degrow = $degresult->FetchRow())
            $printablesurveyoutput = '';
            $explanation = ''; //reset conditions explanation
            $s=0;
            $scenarioquery="SELECT DISTINCT ".db_table_name("conditions").".scenario FROM ".db_table_name("conditions")." WHERE ".db_table_name("conditions").".qid={$deqrow['qid']} ORDER BY scenario";
            $scenarioresult=db_execute_assoc($scenarioquery);
-            //Loop through distinct scenarios, thus grouping them together.
+            $qinfo = LimeExpressionManager::GetQuestionStatus($deqrow['qid']);
-            while ($scenariorow=$scenarioresult->FetchRow())
+            $relevance = trim($qinfo['info']['relevance']);
-            {
+            $explanation = $qinfo['relEqn'];
                if($s == 0 && $scenarioresult->RecordCount() > 1)
                {
                    $explanation .= '<p class="scenario">'.try_debug(__LINE__)." -------- Scenario {$scenariorow['scenario']} --------</p>\n\n";
                }
                if($s > 0)
                {
                    $explanation .= '<p class="scenario">'.try_debug(__LINE__).' -------- '.$clang->gT("or")." Scenario {$scenariorow['scenario']} --------</p>\n\n";
                }
-                $x=0;
+            if (trim($relevance) != '' && trim($relevance) != '1')
                $distinctquery="SELECT cqid, method, cfieldname, value
                            FROM ".db_table_name("conditions")."
                            WHERE  ".db_table_name("conditions").".qid={$deqrow['qid']}
                                AND ".db_table_name("conditions").".scenario={$scenariorow['scenario']}
                            group by cqid, method
                            ORDER BY cqid";
                $distinctresult=db_execute_assoc($distinctquery);
                //Loop through each condition for a particular scenario.
                while ($distinctrow=$distinctresult->FetchRow())
                {
                    $subquery='select title, question from '.db_table_name("questions")." where qid={$distinctrow['cqid']} AND parent_qid=0 AND language='{$surveyprintlang}'";
                    $subresult=$connect->GetRow($subquery);
                    if($x > 0)
                    {
                        $explanation .= ' <em>'.$clang->gT('and').'</em> ';
                    }
                    if(trim($distinctrow['method'])=='')
                    {
                        $distinctrow['method']='==';
                    }
                    if($distinctrow['cqid']){ // cqid != 0  ==> previous answer match
                        if($distinctrow['method']=='==')
                        {
                            $explanation .= $clang->gT("Answer was")." ";
                        }
                        elseif($distinctrow['method']=='!=')
                        {
                            $explanation .= $clang->gT("Answer was NOT")." ";
                        }
                        elseif($distinctrow['method']=='<')
                        {
                            $explanation .= $clang->gT("Answer was less than")." ";
                        }
                        elseif($distinctrow['method']=='<=')
                        {
                            $explanation .= $clang->gT("Answer was less than or equal to")." ";
                        }
                        elseif($distinctrow['method']=='>=')
                        {
                            $explanation .= $clang->gT("Answer was greater than or equal to")." ";
                        }
                        elseif($distinctrow['method']=='>')
                        {
                            $explanation .= $clang->gT("Answer was greater than")." ";
                        }
                        elseif($distinctrow['method']=='RX')
                        {
                            $explanation .= $clang->gT("Answer matched (regexp)")." ";
                        }
                        else
                        {
                            $explanation .= $clang->gT("Answer was")." ";
                        }
                    	$explanation .= " ".$distinctrow['value'];
                    }
                    if(!$distinctrow['cqid']) { // cqid == 0  ==> token attribute match
                        $tokenData = GetTokenFieldsAndNames($surveyid);
                        preg_match('/^{TOKEN:([^}]*)}$/',$distinctrow['cfieldname'],$extractedTokenAttr);
                        $explanation .= "Your ".$tokenData[strtolower($extractedTokenAttr[1])]." ";
                        if($distinctrow['method']=='==')
                        {
                            $explanation .= $clang->gT("is")." ";
                        }
                        elseif($distinctrow['method']=='!=')
                        {
                            $explanation .= $clang->gT("is NOT")." ";
                        }
                        elseif($distinctrow['method']=='<')
                        {
                            $explanation .= $clang->gT("is less than")." ";
                        }
                        elseif($distinctrow['method']=='<=')
                        {
                            $explanation .= $clang->gT("is less than or equal to")." ";
                        }
                        elseif($distinctrow['method']=='>=')
                        {
                            $explanation .= $clang->gT("is greater than or equal to")." ";
                        }
                        elseif($distinctrow['method']=='>')
                        {
                            $explanation .= $clang->gT("is greater than")." ";
                        }
                        elseif($distinctrow['method']=='RX')
                        {
                            $explanation .= $clang->gT("is matched (regexp)")." ";
                        }
                        else
                        {
                            $explanation .= $clang->gT("is")." ";
                        }
                        $answer_section = $distinctrow['value'];
                    }
                    $conquery="SELECT cid, cqid, q.title,\n"
                    ."q.question, value, q.type, cfieldname\n"
                    ."FROM ".db_table_name("conditions")." c, ".db_table_name("questions")." q\n"
                    ."WHERE c.cqid=q.qid\n"
                    ."AND c.cqid={$distinctrow['cqid']}\n"
                    ."AND c.qid={$deqrow['qid']} \n"
                    ."AND c.scenario={$scenariorow['scenario']} \n"
                    ."AND language='{$surveyprintlang}'";
                    $conresult=db_execute_assoc($conquery) or safe_die("$conquery<br />".htmlspecialchars($connect->ErrorMsg()));
                    $conditions=array();
                    while ($conrow=$conresult->FetchRow())
                    {
                        $postans="";
                        $value=$conrow['value'];
                        switch($conrow['type'])
                        {
                            case "Y":
                                switch ($conrow['value'])
                                {
                                    case "Y": $conditions[]=$clang->gT("Yes"); break;
                                    case "N": $conditions[]=$clang->gT("No"); break;
                                }
                                break;
                            case "G":
                                switch($conrow['value'])
                                {
                                    case "M": $conditions[]=$clang->gT("Male"); break;
                                    case "F": $conditions[]=$clang->gT("Female"); break;
                                } // switch
                                break;
                            case "A":
                            case "B":
                            case ":":
                            case ";":
                                $conditions[]=$conrow['value'];
                                break;
                            case "C":
                                switch($conrow['value'])
                                {
                                    case "Y": $conditions[]=$clang->gT("Yes"); break;
                                    case "U": $conditions[]=$clang->gT("Uncertain"); break;
                                    case "N": $conditions[]=$clang->gT("No"); break;
                                } // switch
                                break;
                            case "E":
                                switch($conrow['value'])
                                {
                                    case "I": $conditions[]=$clang->gT("Increase"); break;
                                    case "D": $conditions[]=$clang->gT("Decrease"); break;
                                    case "S": $conditions[]=$clang->gT("Same"); break;
                                }
                            case "1":
                                $labelIndex=preg_match("/^[^#]+#([01]{1})$/",$conrow['cfieldname']);
                                if ($labelIndex == 0)
                                { // TIBO
                                    $fquery = "SELECT * FROM ".db_table_name("answers")."\n"
                                    . "WHERE qid='{$conrow['cqid']}'\n"
                                    . "AND code='{$conrow['value']}' and scale_id=0 AND language='{$surveyprintlang}'";
                                    $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".htmlspecialchars($connect->ErrorMsg()));
                                    while($frow=$fresult->FetchRow())
                                    {
                                        $postans=$frow['answer'];
                                        $conditions[]=$frow['answer'];
                                    } // while
                                }
                                elseif ($labelIndex == 1)
                                {
                                    $fquery = "SELECT * FROM ".db_table_name("answers")."\n"
                                    . "WHERE qid='{$conrow['cqid']}'\n"
                                    . "AND code='{$conrow['value']}' and scale_id=1 AND language='{$surveyprintlang}'";
                                    $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".htmlspecialchars($connect->ErrorMsg()));
                                    while($frow=$fresult->FetchRow())
                                    {
                                        $postans=$frow['answer'];
                                        $conditions[]=$frow['answer'];
                                    } // while
                                }
                                break;
                            case "L":
                            case "!":
                            case "O":
                            case "R":
                                $ansquery="SELECT answer FROM ".db_table_name("answers")." WHERE qid='{$conrow['cqid']}' AND code='{$conrow['value']}' AND language='{$surveyprintlang}'";
                                $ansresult=db_execute_assoc($ansquery);
                                while ($ansrow=$ansresult->FetchRow())
                                {
                                    $conditions[]=$ansrow['answer'];
                                }
                            	if($conrow['value'] == "-oth-") {
                            	    $conditions[]=$clang->gT("Other");
                            	}
                                $conditions = array_unique($conditions);
                                break;
                            case "M":
                            case "P":
                                $ansquery="SELECT question FROM ".db_table_name("questions")." WHERE parent_qid='{$conrow['cqid']}' AND title='{$conrow['value']}' AND language='{$surveyprintlang}'";
                                $ansresult=db_execute_assoc($ansquery);
                                while ($ansrow=$ansresult->FetchRow())
                                {
                                    $conditions[]=$ansrow['question'];
                                }
                                $conditions = array_unique($conditions);
                                break;
                            case "F":
                            case "H":
                            default:
                                $value=substr($conrow['cfieldname'], strpos($conrow['cfieldname'], "X".$conrow['cqid'])+strlen("X".$conrow['cqid']), strlen($conrow['cfieldname']));
                                $fquery = "SELECT * FROM ".db_table_name("answers")."\n"
                                . "WHERE qid='{$conrow['cqid']}'\n"
                                . "AND code='{$conrow['value']}' AND language='{$surveyprintlang}'";
                                $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".htmlspecialchars($connect->ErrorMsg()));
                                while($frow=$fresult->FetchRow())
                                {
                                    $postans=$frow['answer'];
                                    $conditions[]=$frow['answer'];
                                } // while
                                break;
                        } // switch
                        // Now let's complete the answer text with the answer_section
                        $answer_section="";
                        switch($conrow['type'])
                        {
                            case "A":
                            case "B":
                            case "C":
                            case "E":
                            case "F":
                            case "H":
                            case "K":
                                $thiscquestion=$fieldmap[$conrow['cfieldname']];
                                $ansquery="SELECT question FROM ".db_table_name("questions")." WHERE parent_qid='{$conrow['cqid']}' AND title='{$thiscquestion['aid']}' AND language='{$surveyprintlang}'";
                                //$ansquery="SELECT question FROM ".db_table_name("questions")." WHERE qid='{$conrow['cqid']}' AND language='{$surveyprintlang}'";
                                $ansresult=db_execute_assoc($ansquery);
                                while ($ansrow=$ansresult->FetchRow())
                                {
                                    $answer_section=" (".$ansrow['question'].")";
                                }
                                break;
                            case "1": // dual: (Label 1), (Label 2)
                                $labelIndex=substr($conrow['cfieldname'],-1);
                                $thiscquestion=$fieldmap[$conrow['cfieldname']];
                                $ansquery="SELECT question FROM ".db_table_name("questions")." WHERE parent_qid='{$conrow['cqid']}' AND title='{$thiscquestion['aid']}' AND language='{$surveyprintlang}'";
                                //$ansquery="SELECT question FROM ".db_table_name("questions")." WHERE qid='{$conrow['cqid']}' AND language='{$surveyprintlang}'";
                                $ansresult=db_execute_assoc($ansquery);
                                $cqidattributes = getQuestionAttributes($conrow['cqid'], $conrow['type']);
                                if ($labelIndex == 0)
                                {
                                    if (trim($cqidattributes['dualscale_headerA']) != '') {
                                        $header = $clang->gT($cqidattributes['dualscale_headerA']);
                                    } else {
                                        $header = '1';
                                    }
                                }
                                elseif ($labelIndex == 1)
                                {
                                    if (trim($cqidattributes['dualscale_headerB']) != '') {
                                        $header = $clang->gT($cqidattributes['dualscale_headerB']);
                                    } else {
                                        $header = '2';
                                    }
                                }
                                while ($ansrow=$ansresult->FetchRow())
                                {
                                    $answer_section=" (".$ansrow['question']." ".sprintf($clang->gT("Label %s"),$header).")";
                                }
                                break;
                            case ":":
                            case ";": //multi flexi: ( answer [label] )
                                $thiscquestion=$fieldmap[$conrow['cfieldname']];
                                $ansquery="SELECT question FROM ".db_table_name("questions")." WHERE parent_qid='{$conrow['cqid']}' AND title='{$thiscquestion['aid']}' AND language='{$surveyprintlang}'";
                                $ansresult=db_execute_assoc($ansquery);
                                while ($ansrow=$ansresult->FetchRow())
                                {
                                    $fquery = "SELECT * FROM ".db_table_name("answers")."\n"
                                    . "WHERE qid='{$conrow['cqid']}'\n"
                                    . "AND code='{$conrow['value']}' AND language='{$surveyprintlang}'";
                                    $fresult=db_execute_assoc($fquery) or safe_die("$fquery<br />".htmlspecialchars($connect->ErrorMsg()));
                                    while($frow=$fresult->FetchRow())
                                    {
                                        //$conditions[]=$frow['title'];
                                        $answer_section=" (".$ansrow['question']."[".$frow['answer']."])";
                                    } // while
                                }
                                break;
                            case "R": // (Rank 1), (Rank 2)... TIBO
                                $thiscquestion=$fieldmap[$conrow['cfieldname']];
                                $rankid=$thiscquestion['aid'];
                                $answer_section=" (".$clang->gT("RANK")." $rankid)";
                                break;
                            default: // nothing to add
                                break;
                        }
                    }
                    if (count($conditions) > 1)
                    {
                        $explanation .=  "'".implode("' ".$clang->gT("or")." '", $conditions)."'";
                    }
                    elseif (count($conditions) == 1)
                    {
                        $explanation .= "'".$conditions[0]."'";
                    }
                    unset($conditions);
                    // Following line commented out because answer_section  was lost, but is required for some question types
                    //$explanation .= " ".$clang->gT("to question")." '".$mapquestionsNumbers[$distinctrow['cqid']]."' $answer_section ";
                    if($distinctrow['cqid']){
                        $explanation .= " ".$clang->gT("at question")." '".$mapquestionsNumbers[$distinctrow['cqid']]." [".$subresult['title']."]' (".strip_tags($subresult['question'])."$answer_section)" ;
                    }
                    else{
                        $explanation .= " ".$distinctrow['value'] ;
                    }
                    //$distinctrow
                    $x++;
                }
                $s++;
            }
            if ($explanation)
            {
                $explanation = "<b>".$clang->gT('Only answer this question if the following conditions are met:')."</b>"
-                ."<br/> ° ".$explanation;//"[".sprintf($clang->gT("Only answer this question %s"), $explanation)."]";
+                ."<br/> ° ".$explanation;
            }
            else
            {
@@ -787,7 +461,7 @@ while ($degrow = $degresult->FetchRow())
            ,'QUESTION_MANDATORY' => ''		// translated 'mandatory' identifier
            ,'QUESTION_ID' => $deqrow['qid']    // id to be added to wrapping question div
            ,'QUESTION_CLASS' => question_class( $deqrow['type'])	// classes to be added to wrapping question div
-            ,'QUESTION_TYPE_HELP' => ''		// instructions on how to complete the question
+            ,'QUESTION_TYPE_HELP' => $qinfo['validTip']   // ''		// instructions on how to complete the question // prettyValidTip is too verbose; assuming printable surveys will use static values
            ,'QUESTION_MAN_MESSAGE' => ''		// (not sure if this is used) mandatory error
            ,'QUESTION_VALID_MESSAGE' => ''		// (not sure if this is used) validation error
            ,'QUESTION_FILE_VALID_MESSAGE' => ''// (not sure if this is used) file validation error
@@ -795,6 +469,10 @@ while ($degrow = $degresult->FetchRow())
            ,'ANSWER' => ''				// contains formatted HTML answer
            );
            if($question['QUESTION_TYPE_HELP'] != "") {
                $question['QUESTION_TYPE_HELP'] .= "<br />\n";
            }
            if ($deqrow['mandatory'] == 'Y')
            {
@@ -833,7 +511,7 @@ while ($degrow = $degresult->FetchRow())
            {
                // ==================================================================
                case "5":	//5 POINT CHOICE
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT('Please choose *only one* of the following:');
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT('Please choose *only one* of the following:');
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *only one* of the following:"),"U");}
                    $pdfoutput ='';
                    $question['ANSWER'] .= "\n\t<ul>\n";
@@ -850,7 +528,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "D":  //DATE
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT('Please enter a date:');
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT('Please enter a date:');
                    $question['ANSWER'] .= "\t".input_type_image('text',$question['QUESTION_TYPE_HELP'],30,1);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please enter a date:")." ___________");}
@@ -858,7 +536,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "G":  //GENDER
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *only one* of the following:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *only one* of the following:");
                    $question['ANSWER'] .= "\n\t<ul>\n";
                    $question['ANSWER'] .= "\t\t<li>\n\t\t\t".input_type_image('radio',$clang->gT("Female"))."\n\t\t\t".$clang->gT("Female")." ".addsgqacode("(F)")."\n\t\t</li>\n";
@@ -891,7 +569,7 @@ while ($degrow = $degresult->FetchRow())
                        unset($optCategorySeparator);
                    }
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *only one* of the following:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *only one* of the following:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *only one* of the following:"));}
@@ -958,7 +636,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "O":  //LIST WITH COMMENT
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *only one* of the following:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *only one* of the following:");
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *only one* of the following:"),"U");}
                    $deaquery = "SELECT * FROM ".db_table_name("answers")." WHERE qid={$deqrow['qid']} AND language='{$surveyprintlang}' ORDER BY sortorder, answer ";
                    $dearesult = db_execute_assoc($deaquery);
@@ -985,7 +663,8 @@ while ($degrow = $degresult->FetchRow())
                    $reaquery = "SELECT * FROM ".db_table_name("answers")." WHERE qid={$deqrow['qid']} AND language='{$surveyprintlang}' ORDER BY sortorder, answer";
                    $rearesult = db_execute_assoc($reaquery) or safe_die ("Couldn't get ranked answers<br />".$connect->ErrorMsg());
                    $reacount = $rearesult->RecordCount();
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please number each box in order of preference from 1 to")." $reacount";
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please number each box in order of preference from 1 to")." $reacount";
                	$question['QUESTION_TYPE_HELP'] .= min_max_answers_help($qidattributes, $surveyprintlang, $surveyid);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please number each box in order of preference from 1 to ").$reacount,"U");}
                    $question['ANSWER'] = "\n<ul>\n";
                    while ($rearow = $rearesult->FetchRow())
@@ -1007,16 +686,9 @@ while ($degrow = $degresult->FetchRow())
                    {
                        $dcols=0;
                    }
-                    if (trim($qidattributes['max_answers'])=='') {
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *all* that apply:");
-                        $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *all* that apply:");
+                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *all* that apply:"),"U");}
-                        if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *all* that apply:"),"U");}
+
                    }
                    else
                    {
                        $maxansw=$qidattributes["max_answers"];
                        $question['QUESTION_TYPE_HELP'] = sprintf($clang->gT('Please choose *at most* %s answers:' ),'<span class="num">'.$maxansw.'</span>');
                        if(isset($_POST['printableexport'])){$pdf->intopdf(sprintf($clang->gT('Please choose *at most* %s answers:' ),$maxansw),"U");}
                    }
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']} AND language='{$surveyprintlang}' ORDER BY question_order";
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $mearesult = db_execute_assoc($meaquery);
@@ -1065,16 +737,8 @@ while ($degrow = $degresult->FetchRow())
                     // ==================================================================
                case "P":  //Multiple choice with comments
-                    if (trim($qidattributes['max_answers'])=='') {
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *all* that apply and provide a comment:");
-                        $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose all that apply and provide a comment:");
+                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose all that apply and provide a comment:"),"U");}
                        if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose all that apply and provide a comment:"),"U");}
                    }
                    else
                    {
                        $maxansw=$qidattributes['max_answers'];
                        $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *at most* ").'<span class="num">'.$maxansw.'</span> '.$clang->gT("answers and provide a comment:");
                        if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose *at most* ").$maxansw.$clang->gT("answers and provide a comment:"),"U");}
                    }
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $mearesult = db_execute_assoc($meaquery);
@@ -1110,26 +774,9 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "K":  //MULTIPLE NUMERICAL
                    $question['QUESTION_TYPE_HELP'] = "";
                    $width=(isset($width))?$width:16;
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please write your answer(s) here:"),"U");}
                    if (!empty($qidattributes['equals_num_value']))
                    {
                        $question['QUESTION_TYPE_HELP'] .= "* ".sprintf($clang->gT('Total of all entries must equal %d'),$qidattributes['equals_num_value'])."<br />\n";
                    }
                    if (!empty($qidattributes['max_num_value']))
                    {
                        $question['QUESTION_TYPE_HELP'] .= sprintf($clang->gT('Total of all entries must not exceed %d'), $qidattributes['max_num_value'])."<br />\n";
                    }
                    if (!empty($qidattributes['min_num_value']))
                    {
                        $question['QUESTION_TYPE_HELP'] .= sprintf($clang->gT('Total of all entries must be at least %s'),$qidattributes['min_num_value'])."<br />\n";
                    }
                    if($question['QUESTION_TYPE_HELP'] != "") {
                        $question['QUESTION_TYPE_HELP'] .= "<br />\n";
                    }
                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please write your answer(s) here:");
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
@@ -1152,7 +799,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "S":  //SHORT TEXT
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please write your answer here:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please write your answer here:");
                    $question['ANSWER'] = input_type_image('text',$question['QUESTION_TYPE_HELP'], 50);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please write your answer here:"),"U");}
                    if(isset($_POST['printableexport'])){$pdf->intopdf("____________________");}
@@ -1161,7 +808,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "T":  //LONG TEXT
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please write your answer here:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please write your answer here:");
                    $question['ANSWER'] = input_type_image('textarea',$question['QUESTION_TYPE_HELP'], '100%' , 8);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please write your answer here:"),"U");}
@@ -1174,7 +821,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "U":  //HUGE TEXT
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please write your answer here:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please write your answer here:");
                    $question['ANSWER'] = input_type_image('textarea',$question['QUESTION_TYPE_HELP'], '100%' , 30);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please write your answer here:"),"U");}
@@ -1187,8 +834,16 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "N":  //NUMERICAL
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please write your answer here:");
+                	$prefix="";
-                    $question['ANSWER'] = input_type_image('text',$question['QUESTION_TYPE_HELP'],20);
+                	$suffix="";
                	if($qidattributes['prefix'] != "") {
                		$prefix=$qidattributes['prefix'];
                	}
                	if($qidattributes['suffix'] != "") {
                		$suffix=$qidattributes['suffix'];
                	}
                	$question['QUESTION_TYPE_HELP'] .= $clang->gT("Please write your answer here:");
                    $question['ANSWER'] = "<ul>\n\t<li>\n\t\t<span>$prefix</span>\n\t\t".input_type_image('text',$question['QUESTION_TYPE_HELP'],20)."\n\t\t<span>$suffix</span>\n\t\t</li>\n\t</ul>";
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please write your answer here:"),"U");}
                    if(isset($_POST['printableexport'])){$pdf->intopdf("____________________");}
@@ -1197,7 +852,7 @@ while ($degrow = $degresult->FetchRow())
                    // ==================================================================
                case "Y":  //YES/NO
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose *only one* of the following:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose *only one* of the following:");
                    $question['ANSWER'] = "\n<ul>\n\t<li>\n\t\t".input_type_image('radio',$clang->gT('Yes'))."\n\t\t".$clang->gT('Yes').addsgqacode(" (Y)")."\n\t</li>\n";
                    $question['ANSWER'] .= "\n\t<li>\n\t\t".input_type_image('radio',$clang->gT('No'))."\n\t\t".$clang->gT('No').addsgqacode(" (N)")."\n\t</li>\n</ul>\n";
@@ -1211,7 +866,7 @@ while ($degrow = $degresult->FetchRow())
                case "A":  //ARRAY (5 POINT CHOICE)
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']} AND language='{$surveyprintlang}'  ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] = "
@@ -1275,7 +930,7 @@ while ($degrow = $degresult->FetchRow())
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] .= "\n<table>\n\t<thead>\n\t\t<tr>\n\t\t\t<td>&nbsp;</td>\n";
@@ -1311,7 +966,7 @@ while ($degrow = $degresult->FetchRow())
                case "C":  //ARRAY (YES/UNCERTAIN/NO)
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] = '
@@ -1352,7 +1007,7 @@ while ($degrow = $degresult->FetchRow())
                case "E":  //ARRAY (Increase/Same/Decrease)
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']} AND language='{$surveyprintlang}'  ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] = '
@@ -1425,23 +1080,6 @@ while ($degrow = $degresult->FetchRow())
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND scale_id=0 AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
                    if ($checkboxlayout === false)
                    {
                        if ($stepvalue > 1)
                        {
                            $question['QUESTION_TYPE_HELP'] = sprintf($clang->gT("Please write a multiple of %d between %d and %d for each item:"),$stepvalue,$minvalue,$maxvalue);
                            if(isset($_POST['printableexport'])){$pdf->intopdf(sprintf($clang->gT("Please write a multiple of %d between %d and %d for each item:"),$stepvalue,$minvalue,$maxvalue),"U");}
                        }
                        else {
                            $question['QUESTION_TYPE_HELP'] = sprintf($clang->gT("Please enter a number between %d and %d for each item:"),$minvalue,$maxvalue);
                            if(isset($_POST['printableexport'])){$pdf->intopdf(sprintf($clang->gT("Please enter a number between %d and %d for each item:"),$minvalue,$maxvalue),"U");}
                        }
                    }
                    else
                    {
                        $question['QUESTION_TYPE_HELP'] = $clang->gT("Check any that apply").":";
                        if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Check any that apply"),"U");}
                    }
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] .= "\n<table>\n\t<thead>\n\t\t<tr>\n\t\t\t<td>&nbsp;</td>\n";
@@ -1515,7 +1153,7 @@ while ($degrow = $degresult->FetchRow())
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND scale_id=0 AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = array_filter_help($qidattributes, $surveyprintlang, $surveyid);
+                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $question['ANSWER'] .= "\n<table>\n\t<thead>\n\t\t<tr>\n\t\t\t<td>&nbsp;</td>\n";
                    $fquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND scale_id=1 AND language='{$surveyprintlang}' ORDER BY question_order";
@@ -1576,7 +1214,7 @@ while ($degrow = $degresult->FetchRow())
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    $fquery = "SELECT * FROM ".db_table_name("answers")." WHERE scale_id=0 and qid='{$deqrow['qid']}'  AND language='{$surveyprintlang}' ORDER BY sortorder, code";
@@ -1680,7 +1318,7 @@ while ($degrow = $degresult->FetchRow())
                    $meaquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order";
                    $mearesult = db_execute_assoc($meaquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    $question['QUESTION_TYPE_HELP'] .= array_filter_help($qidattributes, $surveyprintlang, $surveyid);
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose the appropriate response for each item:"),"U");}
@@ -1787,7 +1425,7 @@ while ($degrow = $degresult->FetchRow())
                    $headstyle="style='padding-left: 20px; padding-right: 7px'";
                    $fquery = "SELECT * FROM ".db_table_name("questions")." WHERE parent_qid={$deqrow['qid']}  AND language='{$surveyprintlang}' ORDER BY question_order, title";
                    $fresult = db_execute_assoc($fquery);
-                    $question['QUESTION_TYPE_HELP'] = $clang->gT("Please choose the appropriate response for each item:");
+                    $question['QUESTION_TYPE_HELP'] .= $clang->gT("Please choose the appropriate response for each item:");
                    if(isset($_POST['printableexport'])){$pdf->intopdf($clang->gT("Please choose the appropriate response for each item:"),"U");}
                    $question['ANSWER'] .= "\n<table>\n\t<thead>\n\t\t<tr>\n\t\t\t<td>&nbsp;</td>\n";
                    $meaquery = "SELECT * FROM ".db_table_name("answers")." WHERE qid='{$deqrow['qid']}' AND scale_id=0 AND language='{$surveyprintlang}' ORDER BY sortorder, code";
@@ -1841,7 +1479,7 @@ while ($degrow = $degresult->FetchRow())
        }
        if ($bGroupHasVisibleQuestions)
        {
-            $survey_output['GROUPS'] .= populate_template( 'group' , $group );
+        $survey_output['GROUPS'] .= populate_template( 'group' , $group );
        }
 }
@@ -1930,12 +1568,23 @@ if(isset($_POST['printableexport']))
    }
    $pdf->titleintopdf($clang->gT("Submit Your Survey."),$clang->gT("Thank you for completing this survey."));
    $pdf->write_out($clang->gT($surveyname)." ".$surveyid.".pdf");
 } else {
    echo populate_template( 'survey' , $survey_output );
 }
 echo populate_template( 'survey' , $survey_output );
 exit;
 function min_max_answers_help($qidattributes, $surveyprintlang, $surveyid) {
 	global $clang;
 	$output = "";
 	if(!empty($qidattributes['min_answers'])) {
 		$output .= "\n<p class='extrahelp'>".sprintf($clang->gT("Please choose at least %s item(s)"), $qidattributes['min_answers'])."</p>\n";
 	}
    if(!empty($qidattributes['max_answers'])) {
 		$output .= "\n<p class='extrahelp'>".sprintf($clang->gT("Please choose no more than %s item(s)"),$qidattributes['max_answers'])."</p>\n";
 	}
 	return $output;
 }
 function array_filter_help($qidattributes, $surveyprintlang, $surveyid) {
    global $clang;
    $output = "";
@@ -1945,7 +1594,7 @@ function array_filter_help($qidattributes, $surveyprintlang, $surveyid) {
        $newresult=db_execute_assoc($newquery);
        $newquestiontext=$newresult->fetchRow();
        $output .= "\n<p class='extrahelp'>
-		    ".sprintf($clang->gT("Only answer this question for the items you selected in question %d ('%s')"),$qidattributes['array_filter'], br2nl($newquestiontext['question']))."
+		    ".sprintf($clang->gT("Only answer this question for the items you selected in question *%s* ('%s')"),$qidattributes['array_filter'], FlattenText(br2nl($newquestiontext['question'])))."
 		</p>\n";
    }
    if(!empty($qidattributes['array_filter_exclude']))
@@ -1954,7 +1603,7 @@ function array_filter_help($qidattributes, $surveyprintlang, $surveyid) {
        $newresult=db_execute_assoc($newquery);
        $newquestiontext=$newresult->fetchRow();
        $output .= "\n    <p class='extrahelp'>
-		    ".sprintf($clang->gT("Only answer this question for the items you did not select in question %d ('%s')"),$qidattributes['array_filter_exclude'], br2nl($newquestiontext['question']))."
+		    ".sprintf($clang->gT("Only answer this question for the items you did not select in question *%s* ('%s')"),$qidattributes['array_filter_exclude'], br2nl($newquestiontext['question']))."
 		</p>\n";
    }
    return $output;
--- a/include/limesurvey/admin/questiongrouphandling.php
+++ b/include/limesurvey/admin/questiongrouphandling.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: questiongrouphandling.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: questiongrouphandling.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
@@ -61,6 +61,10 @@ if ($action == "addgroup")
        . "<textarea cols='80' rows='8' id='description_$grouplang' name='description_$grouplang'></textarea>"
        . getEditor("group-desc","description_".$grouplang, "[".$clang->gT("Description:", "js")."](".$grouplang.")",$surveyid,'','',$action)
        . "</li>\n"
        // Group-Level Relevance
        . "<li><label for='grelevance'>".$clang->gT("Relevance equation:")."</label>"
        . "<textarea cols='50' rows='1' id='grelevance' name='grelevance'></textarea>"
        . "</li>"
        . "</ul>"
        . "\t<p><input type='submit' value='".$clang->gT("Save question group")."' />\n"
        . "</div>\n";
@@ -118,7 +122,7 @@ if ($action == "editgroup")
        } else {
            $grplangs[$esrow['language']] = 99;
        }
-        if ($esrow['language'] == $baselang) $basesettings = array('group_name' => $esrow['group_name'],'description' => $esrow['description'],'group_order' => $esrow['group_order']);
+        if ($esrow['language'] == $baselang) $basesettings = array('group_name' => $esrow['group_name'],'description' => $esrow['description'],'group_order' => $esrow['group_order'], 'grelevance' => $esrow['grelevance']);
    }
@@ -126,7 +130,7 @@ if ($action == "editgroup")
    {
        if ($value != 99)
        {
-            $egquery = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description,group_order,language) VALUES ('{$gid}', '{$surveyid}', '{$basesettings['group_name']}', '{$basesettings['description']}','{$basesettings['group_order']}', '{$key}')";
+            $egquery = "INSERT INTO ".db_table_name('groups')." (gid, sid, group_name, description,group_order, grelevance, language) VALUES ('{$gid}', '{$surveyid}', '{$basesettings['group_name']}', '{$basesettings['description']}','{$basesettings['group_order']}', '{$basesettings['grelevance']}', '{$key}')";
            $egresult = $connect->Execute($egquery);
        }
    }
@@ -143,7 +147,11 @@ if ($action == "editgroup")
        . "<div class='settingrow'><span class='settingcaption'><label for='description_{$esrow['language']}'>".$clang->gT("Description:")."</label>\n"
        . "</span><span class='settingentry'><textarea cols='70' rows='8' id='description_{$esrow['language']}' name='description_{$esrow['language']}'>{$esrow['description']}</textarea>\n"
        . getEditor("group-desc","description_".$esrow['language'], "[".$clang->gT("Description:", "js")."](".$esrow['language'].")",$surveyid,$gid,'',$action)
-        . "\t</span></div><div style='clear:both'></div>";
+        . "</span></div>"
        . "<div class='settingrow'><span class='settingcaption'><label for='grelevance'>".$clang->gT("Relevance equation:")."</label></span>\n"
        . "<span class='settingentry'><textarea cols='50' rows='1' id='grelevance' name='grelevance'>".$esrow['grelevance']."</textarea></span>"
        . "</span></div>"
        . "\n<div style='clear:both'></div>";
    $egquery = "SELECT * FROM ".db_table_name('groups')." WHERE sid=$surveyid AND gid=$gid AND language!='$baselang'";
    $egresult = db_execute_assoc($egquery);
    $i = 1;
@@ -220,6 +228,7 @@ if ($action == "ordergroups")
                    $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());//Checked
                    break;
            }
            LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
        }
        // Move the question to specific position
        if ((!empty($_POST['groupmovefrom']) || (isset($_POST['groupmovefrom']) && $_POST['groupmovefrom'] == '0')) && (!empty($_POST['groupmoveto']) || (isset($_POST['groupmoveto']) && $_POST['groupmoveto'] == '0')))
@@ -251,35 +260,11 @@ if ($action == "ordergroups")
                $cdquery = "UPDATE ".db_table_name('groups')." SET group_order=".($newpos+1)." WHERE sid=$surveyid AND group_order=-1";
                $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
            }
            LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
        }
        $ordergroups = "<div class='header ui-widget-header'>".$clang->gT("Change Group Order")."</div><br />\n";
        // Get groups dependencies regarding conditions
        // => Get an array of groups containing questions with conditions outside the group
        // $groupdepsarray[dependent-gid][target-gid]['conditions'][qid-having-conditions]=Array(cids...)
        $groupdepsarray = GetGroupDepsForConditions($surveyid);
        $nicegroupdeps=array();
        if (!is_null($groupdepsarray))
        {
            $ordergroups .= "<ul class='movableList'><li class='movableNode'><strong><font color='orange'>".$clang->gT("Warning").":</font> ".$clang->gT("Current survey has questions with conditions outside their own group")."</strong><br /><br /><i>".$clang->gT("Re-ordering groups is restricted to ensure that questions on which conditions are based aren't reordered after questions having the conditions set")."</i></strong><br /><br/>".$clang->gT("The following groups are concerned").":<ul>\n";
            foreach ($groupdepsarray as $depgid => $depgrouprow)
            {
                foreach($depgrouprow as $targgid => $targrow)
                {
                    $ordergroups .= "<li>".sprintf($clang->gT("Group %s depends on group %s, see the marked conditions on:"), "<a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;gid=".$depgid."')\">".$targrow['depgpname']."</a>", "<a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;gid=".$targgid."')\">".$targrow['targetgpname']."</a> ");
                    $nicegroupdeps[$depgid]=$targgid;
                    foreach($targrow['conditions'] as $depqid => $depqrow)
                    {
                        $listcid=implode("-",$depqrow);
                        $ordergroups .= " <a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;gid=".$depgid."&amp;qid=".$depqid."&amp;action=conditions&amp;markcid=".$listcid."','_self')\"> [".$clang->gT("QID").": ".$depqid."]</a>";
                    }
                    $ordergroups .= "</li>\n";
                }
            }
            $ordergroups .= "</ul></li></ul>";
        }
        $ordergroups .= "<form method='post' action=''><ul class='movableList'>";
        //Get the groups from this survey
        $s_lang = GetBaseLanguageFromSurveyID($surveyid);
@@ -318,18 +303,6 @@ if ($action == "ordergroups")
        {
            $downdisabled = "";
            $updisabled = "";
            if ( !is_null($groupdepsarray) && $i < $groupcount-1 &&
            array_key_exists($ogarray[$i+1]['gid'],$groupdepsarray) &&
            array_key_exists($ogarray[$i]['gid'],$groupdepsarray[$ogarray[$i+1]['gid']]) )
            {
                $downdisabled = "disabled=\"true\" class=\"disabledUpDnBtn\"";
            }
            if ( !is_null($groupdepsarray) && $i !=0  &&
            array_key_exists($ogarray[$i]['gid'],$groupdepsarray) &&
            array_key_exists($ogarray[$i-1]['gid'],$groupdepsarray[$ogarray[$i]['gid']]) )
            {
                $updisabled = "disabled=\"true\" class=\"disabledUpDnBtn\"";
            }
            $ordergroups.="<li class='movableNode' id='gid".$ogarray[$i]['gid']."'>\n" ;
@@ -347,41 +320,9 @@ if ($action == "ordergroups")
            }
            //Find out if there are any dependencies
            $max_start_order=0;
            if ( !is_null($groupdepsarray) && $i!=0 &&
            array_key_exists($ogarray[$i]['gid'], $groupdepsarray)) //This should find out if there are any dependencies
            {
                foreach($groupdepsarray[$ogarray[$i]['gid']] as $key=>$val)
                {
                    //qet the question_order value for each of the dependencies
                    foreach($miniogarray as $mo)
                    {
                        if($mo['gid'] == $key && $mo['group_order'] > $max_start_order) //If there is a matching condition, and the question order for that condition is higher than the one already set:
                        {
                            $max_start_order = $mo['group_order']; //Set the maximum question condition to this
                        }
                    }
                }
            }
            //Find out if any groups use this as a dependency
            $max_end_order=$groupcount+1; //By default, stop the list at the last group
            if ( !is_null($nicegroupdeps))
            {
                //to find which question has a dependence on this one
                //then stop the list, so you can't move this group past the dependent one
                foreach($nicegroupdeps as $gdarray)
                {
                    if ($ogarray[$i]['gid'] == $gdarray)
                    {
                        //This group should never get higher than here ($gdarray)!
                        //Get the group_order for $gdarray;
                        $goquery="SELECT group_order FROM ".db_table_name('groups')." WHERE gid = $gdarray";
                        $goresult=db_execute_assoc($goquery) or safe_die($connect->ErrorMsg());
                        $gorow = $goresult->FetchRow();
                        $max_end_order=$gorow['group_order'];
                    }
                }
            }
            $minipos=$miniogarray[0]['group_order']; //Start at the very first group_order
            foreach($miniogarray as $mo)
            {
--- a/include/limesurvey/admin/questionhandling.php
+++ b/include/limesurvey/admin/questionhandling.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: questionhandling.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: questionhandling.php 12217 2012-01-26 17:54:59Z tmswhite $
 */
@@ -66,6 +66,12 @@ if ($action == "copyquestion")
    . "<input type='text' id='preg' name='preg' size='50' value=\"".$eqrow['preg']."\" />\n"
    . "</li>\n"
    // Relevance
    ."<li>"
    . "<label for='relevance'>".$clang->gT("Relevance equation:")."</label>"
    . "<textarea cols='50' rows='1' id='relevance' name='relevance'>".$eqrow['relevance']."</textarea>"
    . "</li>\n"
    . "<li ><label for='gid'>".$clang->gT("Question group:")."</label>\n"
    . "<select id='gid' name='gid'>\n"
    . getgrouplist3($eqrow['gid'])
@@ -189,26 +195,69 @@ if ($action == "editdefaultvalues")
                }
                $editdefvalues.="<ul>";
-                foreach ($sqrows as $aSubquestion)
+                switch($questionrow['type'])
                {
-                    $defaultvalue=$connect->GetOne("SELECT defaultvalue FROM ".db_table_name('defaultvalues')." WHERE qid=$qid AND specialtype='' and sqid={$aSubquestion['qid']} and scale_id={$scale_id} AND language='{$language}'");
+                    case 'L':
-                    $editdefvalues.="<li><label for='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'>{$aSubquestion['title']}: ".FlattenText($aSubquestion['question'])."</label>";
+                    case 'M':
-                    $editdefvalues.="<select name='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}' id='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'>";
+                    case 'O':
-                    foreach ($options as $value=>$label)
+                    case 'P':
                    case '!':
                        $inputStyle='enum';
                        break;
                    case 'K':
                    case 'Q':
                        $inputStyle='text';
                        break;
                }
                if ($inputStyle == 'enum')
                {
                    foreach ($sqrows as $aSubquestion)
                    {
-                        $editdefvalues.="<option ";
+                        $defaultvalue=$connect->GetOne("SELECT defaultvalue FROM ".db_table_name('defaultvalues')." WHERE qid=$qid AND specialtype='' and sqid={$aSubquestion['qid']} and scale_id={$scale_id} AND language='{$language}'");
-                        if ($value==$defaultvalue)
+                        $editdefvalues.="<li><label for='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'>{$aSubquestion['title']}: ".FlattenText($aSubquestion['question'])."</label>";
                        $editdefvalues.="<select name='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}' id='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'>";
                        foreach ($options as $value=>$label)
                        {
-                            $editdefvalues.= " selected='selected' ";
+                            $editdefvalues.="<option ";
                            if ($value==$defaultvalue)
                            {
                                $editdefvalues.= " selected='selected' ";
                            }
                            $editdefvalues.="value='{$value}'>{$label}</option>";
                        }
-                        $editdefvalues.="value='{$value}'>{$label}</option>";
+                        $editdefvalues.="</select></li> ";
                    }
                }
                if ($inputStyle == 'text')
                {
                    foreach ($sqrows as $aSubquestion)
                    {
                        $defaultvalue=$connect->GetOne("SELECT defaultvalue FROM ".db_table_name('defaultvalues')." WHERE qid=$qid AND specialtype='' and sqid={$aSubquestion['qid']} and scale_id={$scale_id} AND language='{$language}'");
                        $editdefvalues.="<li><label for='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'>{$aSubquestion['title']}: ".FlattenText($aSubquestion['question'])."</label>";
                        $editdefvalues.="<textarea cols='50' name='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}' id='defaultanswerscale_{$scale_id}_{$language}_{$aSubquestion['qid']}'/>";
                        $editdefvalues.=$defaultvalue."</textarea></li>\n";
                    }
                    $editdefvalues.="</select></li> ";
                }
            }
        }
-            if ($language==$baselang && count($questlangs)>1)
+
-            {
+        if ($qtproperties[$questionrow['type']]['answerscales']==0 && $qtproperties[$questionrow['type']]['subquestions']==0)
        {
            /*
                    case 'D':
                    case 'N':
                    case 'S':
                    case 'T':
                    case 'U':*
             */
            $defaultvalue=$connect->GetOne("SELECT defaultvalue FROM ".db_table_name('defaultvalues')." WHERE qid=$qid AND language='{$language}'");
            $editdefvalues.="<li>";
            $editdefvalues.="<textarea cols='50' name='defaultanswerscale_0_{$language}_0' id='defaultanswerscale_0_{$language}_0'/>";
            $editdefvalues.=$defaultvalue."</textarea></li>\n";
        }
        if ($language==$baselang && count($questlangs)>1)
        {
            $editdefvalues.="<li><label for='samedefault'>".$clang->gT('Use same default value across languages:')."<label><input type='checkbox' name='samedefault' id='samedefault'";
            if ($questionrow['same_default'])
            {
@@ -218,7 +267,7 @@ if ($action == "editdefaultvalues")
        }
            $editdefvalues.="</ul> ";
            $editdefvalues.="</div> "; // Closing page
-        }
+    }
    $editdefvalues.="</div> "; // Closing pane
    $editdefvalues.="<input type='hidden' id='action' name='action' value='updatedefaultvalues'> "
        . "\t<input type='hidden' id='sid' name='sid' value='$surveyid' /></p>\n"
@@ -232,6 +281,11 @@ if ($action == "editdefaultvalues")
 if ($action == "editquestion" || $action=="addquestion")
 {
    $adding=($action=="addquestion");
    if ($adding)
    {
        // This is needed to properly color-code content if it contains replacements
        LimeExpressionManager::StartProcessingPage(false,$rooturl,true);  // so can click on syntax highlighting to edit questions
    }
    $questlangs = GetAdditionalLanguagesFromSurveyID($surveyid);
    $baselang = GetBaseLanguageFromSurveyID($surveyid);
    $questlangs[] = $baselang;
@@ -294,7 +348,7 @@ if ($action == "editquestion" || $action=="addquestion")
    $qCodeToInfo = 'qCodeToInfo = {';
    foreach ($qtypelist as $qtype=>$qdesc){
        $qDescToCode .= " '{$qdesc['description']}' : '{$qtype}', \n";
-        $qCodeToInfo .= " '{$qtype}' : '".json_encode($qdesc)."', \n";
+        $qCodeToInfo .= " '{$qtype}' : '".ls_json_encode($qdesc)."', \n";
    }
    $qTypeOutput = "$qDescToCode 'null':'null' }; \n $qCodeToInfo 'null':'null' };";
@@ -321,6 +375,7 @@ if ($action == "editquestion" || $action=="addquestion")
        $eqrow['other']='N';
        $eqrow['mandatory']='N';
        $eqrow['preg']='';
        $eqrow['relevance']='1';
    }
   $editquestion .= "<div id='tabs'><ul>";
@@ -334,7 +389,7 @@ if ($action == "editquestion" || $action=="addquestion")
        foreach  ($addlanguages as $addlanguage)
        {
 		$editquestion .= '<li><a href="#'.$addlanguage.'">'.getLanguageNameFromCode($addlanguage,false);
-	    $editquestion .= "</a></li>\n";
+	$editquestion .= "</a></li>\n";
 		}
 		$editquestion .= "\n</ul>\n";
@@ -353,9 +408,11 @@ if ($action == "editquestion" || $action=="addquestion")
    . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Help:")."</span>\n"
    . "<span class='settingentry'><textarea cols='50' rows='4' name='help_{$eqrow['language']}'>{$eqrow['help']}</textarea>\n"
    . getEditor("question-help","help_".$eqrow['language'], "[".$clang->gT("Help:", "js")."](".$eqrow['language'].")",$surveyid,$gid,$qid,$action)
    . "<!--"
    . "\t</span></div>\n"
    . "\t<div class='settingrow'><span class='settingcaption'>&nbsp;</span>\n"
    . "<span class='settingentry'>&nbsp;\n"
    . "-->"
    . "\t</span></div>\n";
    $editquestion .= '&nbsp;</div>';
@@ -394,9 +451,11 @@ if ($action == "editquestion" || $action=="addquestion")
            . "\t<div class='settingrow'><span class='settingcaption'>".$clang->gT("Help:")."</span>\n"
            . "<span class='settingentry'><textarea cols='50' rows='4' name='help_{$addlanguage}'></textarea>\n"
            . getEditor("question-help","help_".$addlanguage, "[".$clang->gT("Help:", "js")."](".$addlanguage.")",$surveyid,$gid,$qid,$action)
            . "<!--"
            . "\t</span></div>\n"
            . "\t<div class='settingrow'><span class='settingcaption'>&nbsp;</span>\n"
            . "<span class='settingentry'>&nbsp;\n"
            . "-->"
            . "\t</span></div>\n";
            $editquestion .= '</div>';
        }
@@ -405,10 +464,10 @@ if ($action == "editquestion" || $action=="addquestion")
    //question type:
    $editquestion .= "\t<div id='questionbottom'><ul>\n"
-    . "<li><label for='question_type'>".$clang->gT("Question Type:")."</label>\n";
+    . "<li><label for='question_type'>".$clang->gT("Question Type:")." </label>\n";
    if ($activated != "Y")
    {
-        $editquestion .= "<select id='question_type' style='margin-bottom:5px' name='type' "
+        $editquestion .= "<select id='question_type' style='margin-bottom:5px' name='type' class='".getQuestionlistMode()."'"
        . ">\n"
        . getqtypelist($eqrow['type'],'group')
        . "</select>\n";
@@ -478,6 +537,12 @@ if ($action == "editquestion" || $action=="addquestion")
    . "<input type='text' id='preg' name='preg' size='50' value=\"".$eqrow['preg']."\" />\n"
    . "\t</li>";
    // Relevance
    $editquestion .=  "<li>
                    <label for='relevance'>".$clang->gT("Relevance equation:")."</label>
                    <textarea cols='50' rows='1' id='relevance' name='relevance'>".$eqrow['relevance']."</textarea>
                </li>";
    if ($adding)
    {
@@ -600,6 +665,7 @@ if($action == "orderquestions")
                $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
                break;
        }
        LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
    }
    if ((!empty($_POST['questionmovefrom']) || (isset($_POST['questionmovefrom']) && $_POST['questionmovefrom'] == '0')) && (!empty($_POST['questionmoveto']) || (isset($_POST['questionmoveto']) && $_POST['questionmoveto'] == '0')))
    {
@@ -630,6 +696,7 @@ if($action == "orderquestions")
            $cdquery = "UPDATE ".db_table_name('questions')." SET question_order=".($newpos+1)." WHERE gid=$gid AND question_order=-1";
            $cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
        }
        LimeExpressionManager::SetDirtyFlag(); // so refreshes syntax highlighting
    }
    //Get the questions for this group
@@ -643,45 +710,14 @@ if($action == "orderquestions")
    $oqarray = $oqresult->GetArray();
    $minioqarray=$oqarray;
    // Get the condition dependecy array for all questions in this array and group
    $questdepsarray = GetQuestDepsForConditions($surveyid,$gid);
    if (!is_null($questdepsarray))
    {
        $orderquestions .= "<br/><div class='movableNode' style='margin:0 auto;'><strong><font color='orange'>".$clang->gT("Warning").":</font> ".$clang->gT("Current group is using conditional questions")."</strong><br /><br /><i>".$clang->gT("Re-ordering questions in this group is restricted to ensure that questions on which conditions are based aren't reordered after questions having the conditions set")."</i></strong><br /><br/>".$clang->gT("See the conditions marked on the following questions").":<ul>\n";
        foreach ($questdepsarray as $depqid => $depquestrow)
        {
            foreach ($depquestrow as $targqid => $targcid)
            {
                $listcid=implode("-",$targcid);
                $question=arraySearchByKey($depqid, $oqarray, "qid", 1);
                $orderquestions .= "<li><a href='#' onclick=\"window.open('admin.php?sid=".$surveyid."&amp;gid=".$gid."&amp;qid=".$depqid."&amp;action=conditions&amp;markcid=".$listcid."','_self')\">".$question['title'].": ".FlattenText($question['question']). " [QID: ".$depqid."] </a> ";
            }
            $orderquestions .= "</li>\n";
        }
        $orderquestions .= "</ul></div>";
    }
    $orderquestions	.= "<form method='post' action=''><ul class='movableList'>";
    LimeExpressionManager::StartProcessingPage(false,$rooturl,true);  // so can click on syntax highlighting to edit questions
    for($i=0; $i < $questioncount ; $i++) //Assumes that all question orders start with 0
    {
        $downdisabled = "";
        $updisabled = "";
        //Check if question is relied on as a condition dependency by the next question, and if so, don't allow moving down
        if ( !is_null($questdepsarray) && $i < $questioncount-1 &&
        array_key_exists($oqarray[$i+1]['qid'],$questdepsarray) &&
        array_key_exists($oqarray[$i]['qid'],$questdepsarray[$oqarray[$i+1]['qid']]) )
        {
            $downdisabled = "disabled=\"true\" class=\"disabledUpDnBtn\"";
        }
        //Check if question has a condition dependency on the preceding question, and if so, don't allow moving up
        if ( !is_null($questdepsarray) && $i !=0  &&
        array_key_exists($oqarray[$i]['qid'],$questdepsarray) &&
        array_key_exists($oqarray[$i-1]['qid'],$questdepsarray[$oqarray[$i]['qid']]) )
        {
            $updisabled = "disabled=\"true\" class=\"disabledUpDnBtn\"";
        }
        //Move to location
        $orderquestions.="<li class='movableNode'>\n" ;
@@ -689,46 +725,13 @@ if($action == "orderquestions")
        $orderquestions.="' name='questionmovetomethod$i' onchange=\"this.form.questionmovefrom.value='".$oqarray[$i]['question_order']."';this.form.questionmoveto.value=this.value;submit()\">\n";
        $orderquestions.="<option value=''>".$clang->gT("Place after..")."</option>\n";
        //Display the "position at beginning" item
-        if(empty($questdepsarray) || (!is_null($questdepsarray)  && $i != 0 &&
+        if($i != 0)
        !array_key_exists($oqarray[$i]['qid'], $questdepsarray)))
        {
            $orderquestions.="<option value='-1'>".$clang->gT("At beginning")."</option>\n";
        }
        //Find out if there are any dependencies
        $max_start_order=0;
        if ( !is_null($questdepsarray) && $i!=0 &&
        array_key_exists($oqarray[$i]['qid'], $questdepsarray)) //This should find out if there are any dependencies
        {
            foreach($questdepsarray[$oqarray[$i]['qid']] as $key=>$val) {
                //qet the question_order value for each of the dependencies
                foreach($minioqarray as $mo) {
                    if($mo['qid'] == $key && $mo['question_order'] > $max_start_order) //If there is a matching condition, and the question order for that condition is higher than the one already set:
                    {
                        $max_start_order = $mo['question_order']; //Set the maximum question condition to this
                    }
                }
            }
        }
        //Find out if any questions use this as a dependency
        $max_end_order=$questioncount+1;
        if ( !is_null($questdepsarray))
        {
            //There doesn't seem to be any choice but to go through the questdepsarray one at a time
            //to find which question has a dependence on this one
            foreach($questdepsarray as $qdarray)
            {
                if (array_key_exists($oqarray[$i]['qid'], $qdarray))
                {
                    $cqidquery = "SELECT question_order
 				          FROM ".db_table_name('conditions').", ".db_table_name('questions')."
 						  WHERE ".db_table_name('conditions').".qid=".db_table_name('questions').".qid
 						  AND cid=".$qdarray[$oqarray[$i]['qid']][0];
                    $cqidresult = db_execute_assoc($cqidquery);
                    $cqidrow = $cqidresult->FetchRow();
                    $max_end_order=$cqidrow['question_order'];
                }
            }
        }
        $minipos=$minioqarray[0]['question_order']; //Start at the very first question_order
        foreach($minioqarray as $mo)
        {
@@ -748,7 +751,11 @@ if($action == "orderquestions")
            // Fill the sortorder hiddenfield so we know what field is moved down
            $orderquestions.= "\t<input type='image' src='$imageurl/down.png' style='float:right;' name='btndown_$i' onclick=\"$('#sortorder').val('{$oqarray[$i]['question_order']}');$('#questionordermethod').val('down')\" ".$downdisabled."/>\n";
        }
-        $orderquestions.= "<a href='admin.php?sid=$surveyid&amp;gid=$gid&amp;qid={$oqarray[$i]['qid']}' title='".$clang->gT("View Question")."'>".$oqarray[$i]['title']."</a>: ".FlattenText($oqarray[$i]['question']);
+        $orderquestions.= "<a href='admin.php?sid=$surveyid&amp;gid=$gid&amp;qid={$oqarray[$i]['qid']}' title='".$clang->gT("View Question")."'>".$oqarray[$i]['title']."</a>: ";
        $relevance = ($oqarray[$i]['relevance'] == '') ? 1 : $oqarray[$i]['relevance'];
        $showme = '[{' . $relevance . '}] ' . $oqarray[$i]['question'];
        LimeExpressionManager::ProcessString($showme, $oqarray[$i]['qid']);
        $orderquestions.=FlattenText(LimeExpressionManager::GetLastPrettyPrintExpression(), false, 'UTF-8', true, true);
        $orderquestions.= "</li>\n" ;
    }
@@ -760,6 +767,9 @@ if($action == "orderquestions")
    . "\t<input type='hidden' name='action' value='orderquestions' />"
    . "</form>" ;
    $orderquestions .="<br />" ;
    LimeExpressionManager::FinishProcessingGroup();
    LimeExpressionManager::FinishProcessingPage();
 }
 function questionjavascript($type)
@@ -795,12 +805,18 @@ function questionjavascript($type)
    . "document.getElementById('Validation').style.display = 'none';\n"
    . "document.getElementById('MandatorySelection').style.display='none';\n"
    . "}\n"
-    . "\telse if (QuestionType == 'F' || QuestionType == 'H' || QuestionType == ':' || QuestionType == ';')\n"
+    . "\telse if (QuestionType == 'F' || QuestionType == 'H')\n"
    . "{\n"
    . "document.getElementById('OtherSelection').style.display = 'none';\n"
    . "document.getElementById('Validation').style.display = 'none';\n"
    . "document.getElementById('MandatorySelection').style.display='';\n"
    . "}\n"
    . "\telse if (QuestionType == ';' || QuestionType == ':')\n"
    . "{\n"
    . "document.getElementById('OtherSelection').style.display = 'none';\n"
    . "document.getElementById('Validation').style.display = '';\n"
    . "document.getElementById('MandatorySelection').style.display='';\n"
    . "}\n"
    . "\telse if (QuestionType == '1')\n"
    . "{\n"
    . "document.getElementById('OtherSelection').style.display = 'none';\n"
@@ -820,6 +836,12 @@ function questionjavascript($type)
    . "document.getElementById('OtherSelection').style.display ='none';\n"
    . "document.getElementById('MandatorySelection').style.display='none';\n"
    . "}\n"
    . "\telse if (QuestionType == 'Q')\n"
    . "{\n"
    . "document.getElementById('Validation').style.display = '';\n"
    . "document.getElementById('OtherSelection').style.display ='none';\n"
    . "document.getElementById('MandatorySelection').style.display='';\n"
    . "}\n"
    . "\telse\n"
    . "{\n"
    . "document.getElementById('OtherSelection').style.display = 'none';\n"
@@ -846,7 +868,7 @@ if ($action == "ajaxlabelsetdetails")
        $labels=$connect->GetArray($query);
        $resultdata[]=array($language=>array($labels,getLanguageNameFromCode($language,false)));
    }
-    echo json_encode($resultdata);
+    echo ls_json_encode($resultdata);
 }
@@ -863,7 +885,7 @@ if ($action == "ajaxlabelsetpicker")
        $language=null;
    }
    $resultdata=getlabelsets($language);
-    echo json_encode($resultdata);
+    echo ls_json_encode($resultdata);
 }
--- a/include/limesurvey/admin/quexmlsurvey.php
+++ b/include/limesurvey/admin/quexmlsurvey.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: quexmlsurvey.php 9607 2010-12-08 22:59:51Z azammitdcarf $
+ * $Id: quexmlsurvey.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
--- a/include/limesurvey/admin/quota.php
+++ b/include/limesurvey/admin/quota.php
--- a/include/limesurvey/admin/remotecontrol/lsrc.client.php
+++ b/include/limesurvey/admin/remotecontrol/lsrc.client.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: lsrc.client.php 9648 2011-01-07 13:06:39Z c_schmitz $
+ * $Id: lsrc.client.php 9031 2010-08-05 15:07:08Z wahrendorff $
 *
 */
 class lsrcClient {
--- a/include/limesurvey/admin/remotecontrol/lsrc.helper.php
+++ b/include/limesurvey/admin/remotecontrol/lsrc.helper.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: lsrc.helper.php 9656 2011-01-07 20:48:39Z c_schmitz $
+ * $Id: lsrc.helper.php 12399 2012-02-07 20:37:00Z tmswhite $
 *
 */
 /**
@@ -240,6 +240,7 @@ class LsrcHelper {
                        while(isset($emrow["attribute_$c"]))
                        {
                            $fieldsarray["{ATTRIBUTE_$c}"]=$emrow["attribute_$c"];
                            $fieldsarray["{TOKEN:ATTRIBUTE_$c}"]=$emrow["attribute_$c"];
                            ++$c;
                        }
                        $fieldsarray["{ADMINNAME}"]= $thissurvey['adminname'];
@@ -496,6 +497,7 @@ class LsrcHelper {
                        while(isset($emrow["attribute_$c"]))
                        {
                            $fieldsarray["{ATTRIBUTE_$c}"]=$emrow["attribute_$c"];
                            $fieldsarray["{TOKEN:ATTRIBUTE_$c}"]=$emrow["attribute_$c"];
                            ++$c;
                        }
@@ -853,7 +855,7 @@ class LsrcHelper {
        {
            //$importgroup .= "<strong><font color='red'>".("Error")."</font></strong>\n";
            //$importgroup .= ("This file is not a LimeSurvey group file. Import failed.")."\n";
-            //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+            //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_top')\">\n";
            //$importgroup .= "</td></tr></table>\n";
            //unlink($the_full_file_path);
            return false;
@@ -1034,7 +1036,7 @@ class LsrcHelper {
            {
                //$importgroup .= "<strong><font color='red'>".("Error")."</font></strong>\n";
                //$importgroup .= ("You can't import a group which doesn't support the current survey's base language.")."\n";
-                //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+                //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_top')\">\n";
                //$importgroup .= "</td></tr></table>\n";
                //unlink($the_full_file_path);
                return "Group does not support Surveys Baselanguage ($langcode)";
@@ -1050,7 +1052,7 @@ class LsrcHelper {
            {
                //$importgroup .= "<strong><font color='red'>".("Error")."</font></strong>\n";
                //$importgroup .= ("You can't import a question which doesn't support the current survey's base language.")."\n";
-                //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_self')\">\n";
+                //$importgroup .= "<input type='submit' value='".("Main Admin Screen")."' onclick=\"window.open('$scriptname', '_top')\">\n";
                //$importgroup .= "</td></tr></table>\n";
                //unlink($the_full_file_path);
                return "Group does not support Surveys Baselanguage ($langcode)";
@@ -2221,6 +2223,7 @@ class LsrcHelper {
 			. "remindersent C(17) DEFAULT 'N',\n "
 			. "remindercount int I DEFAULT 0,\n "
 			. "completed C(17) DEFAULT 'N',\n "
 			. "usesleft I DEFAULT 1,\n"
 			. "validfrom date ,\n "
 			. "validuntil date ,\n "
 			. "mpid I ";
--- a/include/limesurvey/admin/remotecontrol/lsrc.server.php
+++ b/include/limesurvey/admin/remotecontrol/lsrc.server.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: lsrc.server.php 9648 2011-01-07 13:06:39Z c_schmitz $
+ * $Id: lsrc.server.php 11664 2011-12-16 05:19:42Z tmswhite $
 *
 */
 // include the lsrc.config.php
--- a/include/limesurvey/admin/remotecontrol/lsrc.testclient.php
+++ b/include/limesurvey/admin/remotecontrol/lsrc.testclient.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: lsrc.testclient.php 9648 2011-01-07 13:06:39Z c_schmitz $
+ * $Id: lsrc.testclient.php 11664 2011-12-16 05:19:42Z tmswhite $
 *
 */
--- a/include/limesurvey/admin/remotecontrol/surveys/limesurvey_survey_29846.lss
+++ b/include/limesurvey/admin/remotecontrol/surveys/limesurvey_survey_29846.lss
--- a/include/limesurvey/admin/resetsurveylogic.php
+++ b/include/limesurvey/admin/resetsurveylogic.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: resetsurveylogic.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: resetsurveylogic.php 11664 2011-12-16 05:19:42Z tmswhite $
 */
 //Ensure script is not run directly, avoid path disclosure
@@ -55,6 +55,7 @@ if (!isset($ok) || !$ok)
 else //delete conditions in the survey
 {
    $dict = NewDataDictionary($connect);
    LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
    $resetlogicquery = "DELETE FROM {$dbprefix}conditions WHERE qid in (select qid from {$dbprefix}questions where sid=$surveyid)";
    $resetlogicresult = $connect->Execute($resetlogicquery) or safe_die ("Couldn't delete conditions<br />$resetlogicquery<br />".$connect->ErrorMsg());
--- a/include/limesurvey/admin/results.php
+++ b/include/limesurvey/admin/results.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: results.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: results.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
--- a/include/limesurvey/admin/saved.php
+++ b/include/limesurvey/admin/saved.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: saved.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: saved.php 11607 2011-12-06 23:19:52Z tmswhite $
 */
 include_once("login_check.php");
--- a/include/limesurvey/admin/scripts/admin_core.js
+++ b/include/limesurvey/admin/scripts/admin_core.js
@@ -1,4 +1,4 @@
-//$Id: admin_core.js 10855 2011-08-26 13:30:41Z mot3 $    
+//$Id: admin_core.js 12275 2012-02-01 13:18:38Z ssachdeva $
 $(document).ready(function(){
    setupAllTabs();
@@ -242,7 +242,7 @@ $(document).ready(function(){
       });
    });
-    if ($("#question_type").length > 0 && $("#question_type").attr('type')!='hidden'){
+    if ($("#question_type:not(.none)").length > 0 && $("#question_type").attr('type')!='hidden'){
        $("#question_type").msDropDown({onInit:qTypeDropdownInit});
        $("#question_type").change(function(event){
@@ -261,10 +261,10 @@ function qTypeDropdownInit()
        $(element).qtip({
               style: {
-                            'margin' : '15px',
+                            margin : 15,
-                            'width': '450px',
+                            width: 450,
-                            'height':'auto',
+                            height: 'auto',
-                            'border':{
+                            border:{
                                    width: 4,
                                    radius: 2
                            }
@@ -300,6 +300,7 @@ function getToolTip(type){
    if (code == ":") code = "COLON";
    else if(code == "|") code = "PIPE";
    else if(code == "*") code = "EQUATION";
    if (multiple > 0){
        returnval = '';
@@ -360,7 +361,7 @@ function validatefilename (form, strmessage )
 // If the length of the element's string is 0 then display helper message
 function isEmpty(elem, helperMsg)
 {
-	if(elem.value.length == 0){
+	if($.trim(elem.value).length == 0){
 		alert(helperMsg);
 		elem.focus(); // set the focus to this input
 		return false;
@@ -639,6 +640,77 @@ function htmlspecialchars(str) {
 return str;
 }
 function saveaslabelset()
 {
    var lang = langs.split(";");
    dataToSend = {};
    dataToSend['langs'] = lang;
    dataToSend['codelist'] = [];
    $(".answertable:first tbody tr").each(function(i,e){
        code = $(".code",e).attr('id');
        code = code.split("_");
        code = code[1];
        dataToSend['codelist'].push(code);
        var assessment_val = '0';
        if ($("#assessment_"+code+"_0").length != 0 ){
            assessment_val = $("#assessment_"+code+"_0").val();
        }
        dataToSend[code] =  {
            code: $("#code_"+code+"_0").val(),
            assessmentvalue: assessment_val
        };
        $(lang).each(function(index,element){
            dataToSend[code]['text_'+element] = $("#answer_"+element+"_"+code+"_0").val();
        });
    });
    var label_name = prompt("Enter new label name", "");
    var data = {
        action: 'ajaxmodlabelsetanswers',
        lid:'1',
        dataToSend:js2php(dataToSend),
        ajax:'1',
        label_name:label_name,
        languageids: dataToSend['langs'].join(" "),
        checksessionbypost: $("[name=checksessionbypost]").val()
    }
    $.ajax({
      type: 'POST',
      url: 'admin.php',
      data: data,
      success: function(){
          alert("Label successfully created");
      }
    });
 }
 function js2php(object){
    var json = "{";
    for (property in object){
        var value = object[property];
        if (typeof(value)=="string"){
 			//escape double quotes!
            value = value.replace(/"/g, '\\"'); //.replace(/'/g, '\\\'')
 			json += '"'+property+'":"'+value+'",';
        }
        else{
            if (!value[0]){
                json += '"'+property + '":'+js2php(value)+',';
            }
            else{
                json += '"' + property + '":[';
                for (prop in value) json += '"'+value[prop]+'",';
                json = json.substr(0,json.length-1)+"],";
            }
        }
    }
    return json.substr(0,json.length-1)+ "}";
 }
--- a/include/limesurvey/admin/scripts/answers.js
+++ b/include/limesurvey/admin/scripts/answers.js
@@ -1,4 +1,4 @@
-// $Id: answers.js 10065 2011-05-15 09:28:52Z c_schmitz $
+// $Id: answers.js 12442 2012-02-11 00:07:00Z shnoulle $
 var labelcache=[];
 $(document).ready(function(){
       $('.tab-page:first .answertable tbody').sortable({   containment:'parent',
@@ -97,6 +97,12 @@ function addinput()
    newposition=Number(position)+1;
    languages=langs.split(';');
    sNextCode=getNextCode($(this).parent().parent().find('.code').val());
    while ($(this).parent().parent().parent().find('input[value="'+sNextCode+'"]').length>0 && sNextCode!=$(this).parent().parent().find('.code').val())
    {
        sNextCode=getNextCode(sNextCode);
    }
    for (x in languages)
    {
        tablerow=$('#tabpage_'+languages[x]).find('#answers_'+languages[x]+'_'+scale_id+' .row_'+position);
@@ -110,7 +116,6 @@ function addinput()
            assessment_style='style="display:none;"';
            assessment_type='hidden';
        }
        sNextCode=getNextCode($(this).parent().parent().find('.code').val());
        if (x==0) {
            inserthtml='<tr class="row_'+newposition+'" style="display:none;"><td><img class="handle" src="../images/handle.png" /></td><td><input class="code" onkeypress="return goodchars(event,\'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_\')" type="text" maxlength="5" size="5" value="'+htmlspecialchars(sNextCode)+'" /></td><td '+assessment_style+'><input class="assessment" type="'+assessment_type+'" maxlength="5" size="5" value="1"/></td><td><input type="text" size="100" class="answer" value="'+htmlspecialchars(newansweroption_text)+'"></input><a class="editorLink"><img class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
        }
@@ -314,8 +319,11 @@ function lsbrowser()
        }
        else
        {
            $("#labelsetpreview").html("<p class='ui-state-highlight ui-corner-all ui-notify-message'>"+strNoLabelSet+"</p>");
            $('#btnlsreplace').addClass('ui-state-disabled');
            $('#btnlsinsert').addClass('ui-state-disabled');
            $('#btnlsreplace').attr('disabled','disabled');
            $('#btnlsinsert').attr('disabled','disabled');
        }
    });
--- a/include/limesurvey/admin/scripts/browse.js
+++ b/include/limesurvey/admin/scripts/browse.js
@@ -9,7 +9,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
-* $Id: browse.js 10251 2011-06-10 17:33:49Z tpartner $
+* $Id: browse.js 11664 2011-12-16 05:19:42Z tmswhite $
 */
 $(document).ready(function(){
@@ -95,7 +95,7 @@ $(document).ready(function(){
    // Fix the heigh of the cell
    $('.browsetable td').each(function(){
    	if ($(this).text().length> 30){
-    		$(this).html("<span class=\"content\" title=\""+$(this).text()+"\">"+$(this).html()+"</span>");
+    		$(this).html("<span class=\"content\" title=\""+htmlspecialchars(htmlspecialchars($(this).text(),'ENT_HTML_QUOTE_DOUBLE'),'ENT_QUOTES')+"\">"+$(this).html()+"</span>");
    	}
    });
    $('.browsetable th strong').each(function(){
@@ -130,3 +130,60 @@ $(document).ready(function(){
 		}
    });
 });
 function htmlspecialchars (string, quote_style, charset, double_encode) {
    // Convert special characters to HTML entities
    //
    // version: 1109.2015
    // discuss at: http://phpjs.org/functions/htmlspecialchars    // +   original by: Mirek Slugen
    // +   improved by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
    // +   bugfixed by: Nathan
    // +   bugfixed by: Arno
    // +    revised by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)    // +    bugfixed by: Brett Zamir (http://brett-zamir.me)
    // +      input by: Ratheous
    // +      input by: Mailfaker (http://www.weedem.fr/)
    // +      reimplemented by: Brett Zamir (http://brett-zamir.me)
    // +      input by: felix    // +    bugfixed by: Brett Zamir (http://brett-zamir.me)
    // %        note 1: charset argument not supported
    // *     example 1: htmlspecialchars("<a href='test'>Test</a>", 'ENT_QUOTES');
    // *     returns 1: '&lt;a href=&#039;test&#039;&gt;Test&lt;/a&gt;'
    // *     example 2: htmlspecialchars("ab\"c'd", ['ENT_NOQUOTES', 'ENT_QUOTES']);    // *     returns 2: 'ab"c&#039;d'
    // *     example 3: htmlspecialchars("my "&entity;" is still here", null, null, false);
    // *     returns 3: 'my &quot;&entity;&quot; is still here'
    var optTemp = 0,
        i = 0,        noquotes = false;
    if (typeof quote_style === 'undefined' || quote_style === null) {
        quote_style = 2;
    }
    string = string.toString();    if (double_encode !== false) { // Put this first to avoid double-encoding
        string = string.replace(/&/g, '&amp;');
    }
    string = string.replace(/</g, '&lt;').replace(/>/g, '&gt;');
     var OPTS = {
        'ENT_NOQUOTES': 0,
        'ENT_HTML_QUOTE_SINGLE': 1,
        'ENT_HTML_QUOTE_DOUBLE': 2,
        'ENT_COMPAT': 2,        'ENT_QUOTES': 3,
        'ENT_IGNORE': 4
    };
    if (quote_style === 0) {
        noquotes = true;    }
    if (typeof quote_style !== 'number') { // Allow for a single string or an array of string flags
        quote_style = [].concat(quote_style);
        for (i = 0; i < quote_style.length; i++) {
            // Resolve string input to bitwise e.g. 'ENT_IGNORE' becomes 4
            if (OPTS[quote_style[i]] === 0) {
                noquotes = true;
            }
            else if (OPTS[quote_style[i]]) {
                optTemp = optTemp | OPTS[quote_style[i]];            }
        }
        quote_style = optTemp;
    }
    if (quote_style & OPTS.ENT_HTML_QUOTE_SINGLE) {        string = string.replace(/'/g, '&#039;');
    }
    if (!noquotes) {
        string = string.replace(/"/g, '&quot;');
    }
    return string;
 }
--- a/include/limesurvey/admin/scripts/ckeditor.36/ckeditor.asp
+++ b/include/limesurvey/admin/scripts/ckeditor.36/ckeditor.asp
@@ -1,955 +0,0 @@
 <%
 '
 ' Copyright (c) 2003-2011, CKSource - Frederico Knabben. All rights reserved.
 ' For licensing, see LICENSE.html or http://ckeditor.com/license
 ' Shared variable for all instances ("static")
 dim CKEDITOR_initComplete
 dim CKEDITOR_returnedEvents
 ''
 ' \brief CKEditor class that can be used to create editor
 ' instances in ASP pages on server side.
 ' @see http://ckeditor.com
 '
 ' Sample usage:
 ' @code
 ' editor = new CKEditor
 ' editor.editor "editor1", "<p>Initial value.</p>", empty, empty
 ' @endcode
 Class CKEditor
 	''
 	' The version of %CKEditor.
 	private version
 	''
 	' A constant string unique for each release of %CKEditor.
 	private mTimeStamp
 	''
 	' URL to the %CKEditor installation directory (absolute or relative to document root).
 	' If not set, CKEditor will try to guess it's path.
 	'
 	' Example usage:
 	' @code
 	' editor.basePath = "/ckeditor/"
 	' @endcode
 	Public basePath
 	''
 	' A boolean variable indicating whether CKEditor has been initialized.
 	' Set it to true only if you have already included
 	' &lt;script&gt; tag loading ckeditor.js in your website.
 	Public initialized
 	''
 	' Boolean variable indicating whether created code should be printed out or returned by a function.
 	'
 	' Example 1: get the code creating %CKEditor instance and print it on a page with the "echo" function.
 	' @code
 	' editor = new CKEditor
 	' editor.returnOutput = true
 	' code = editor.editor("editor1", "<p>Initial value.</p>", empty, empty)
 	' response.write "<p>Editor 1:</p>"
 	' response.write code
 	' @endcode
 	Public returnOutput
 	''
 	' A Dictionary with textarea attributes.
 	'
 	' When %CKEditor is created with the editor() method, a HTML &lt;textarea&gt; element is created,
 	' it will be displayed to anyone with JavaScript disabled or with incompatible browser.
 	public textareaAttributes
 	''
 	' A string indicating the creation date of %CKEditor.
 	' Do not change it unless you want to force browsers to not use previously cached version of %CKEditor.
 	public timestamp
 	''
 	' A dictionary that holds the instance configuration.
 	private oInstanceConfig
 	''
 	' A dictionary that holds the configuration for all the instances.
 	private oAllInstancesConfig
 	''
 	' A dictionary that holds event listeners for the instance.
 	private oInstanceEvents
 	''
 	' A dictionary that holds event listeners for all the instances.
 	private oAllInstancesEvents
 	''
 	' A Dictionary that holds global event listeners (CKEDITOR object)
 	private oGlobalEvents
 	Private Sub Class_Initialize()
 		version = "3.6"
 		timeStamp = "B49E5BQ"
 		mTimeStamp = "B49E5BQ"
 		Set oInstanceConfig = CreateObject("Scripting.Dictionary")
 		Set oAllInstancesConfig = CreateObject("Scripting.Dictionary")
 		Set oInstanceEvents = CreateObject("Scripting.Dictionary")
 		Set oAllInstancesEvents = CreateObject("Scripting.Dictionary")
 		Set oGlobalEvents = CreateObject("Scripting.Dictionary")
 		Set textareaAttributes = CreateObject("Scripting.Dictionary")
 		textareaAttributes.Add "rows", 8
 		textareaAttributes.Add "cols", 60
 	End Sub
 	''
 	 ' Creates a %CKEditor instance.
 	 ' In incompatible browsers %CKEditor will downgrade to plain HTML &lt;textarea&gt; element.
 	 '
 	 ' @param name (string) Name of the %CKEditor instance (this will be also the "name" attribute of textarea element).
 	 ' @param value (string) Initial value.
 	 '
 	 ' Example usage:
 	 ' @code
 	 ' set editor = New CKEditor
 	 ' editor.editor "field1", "<p>Initial value.</p>"
 	 ' @endcode
 	 '
 	 ' Advanced example:
 	 ' @code
 	 ' set editor = new CKEditor
 	 ' set config = CreateObject("Scripting.Dictionary")
 	 ' config.Add "toolbar", Array( _
 	 '	Array( "Source", "-", "Bold", "Italic", "Underline", "Strike" ), _
 	 '	Array( "Image", "Link", "Unlink", "Anchor" ) _
 	 ' )
 	 ' set events = CreateObject("Scripting.Dictionary")
 	 ' events.Add "instanceReady", "function (evt) { alert('Loaded second editor: ' + evt.editor.name );}"
 	 ' editor.editor "field1", "<p>Initial value.</p>", config, events
 	 ' @endcode
 	 '
 	public function editor(name, value)
 		dim attr, out, js, customConfig, extraConfig
 		dim attribute
 		attr = ""
 		for each attribute in textareaAttributes
 			attr = attr & " " &  attribute & "=""" & replace( textareaAttributes( attribute ), """", "&quot" ) & """"
 		next
 		out = "<textarea name=""" & name & """" & attr & ">" & Server.HtmlEncode(value) & "</textarea>" & vbcrlf
 		if not(initialized) then
 			out = out & init()
 		end if
 		set customConfig = configSettings()
 		js = returnGlobalEvents()
 		extraConfig = (new JSON)( empty, customConfig, false )
 		if extraConfig<>"" then extraConfig = ", " & extraConfig
 		js = js & "CKEDITOR.replace('" & name & "'" & extraConfig & ");"
 		out = out & script(js)
 		if not(returnOutput) then
 			response.write out
 			out = ""
 		end if
 		editor = out
 		oInstanceConfig.RemoveAll
 		oInstanceEvents.RemoveAll
 	end function
 	''
 	 ' Replaces a &lt;textarea&gt; with a %CKEditor instance.
 	 '
 	 ' @param id (string) The id or name of textarea element.
 	 '
 	 ' Example 1: adding %CKEditor to &lt;textarea name="article"&gt;&lt;/textarea&gt; element:
 	 ' @code
 	 ' set editor = New CKEditor
 	 ' editor.replace "article"
 	 ' @endcode
 	 '
 	public function replaceInstance(id)
 		dim out, js, customConfig, extraConfig
 		out = ""
 		if not(initialized) then
 			out = out & init()
 		end if
 		set customConfig = configSettings()
 		js = returnGlobalEvents()
 		extraConfig = (new JSON)( empty, customConfig, false )
 		if extraConfig<>"" then extraConfig = ", " & extraConfig
 		js = js & "CKEDITOR.replace('" & id & "'" & extraConfig & ");"
 		out = out & script(js)
 		if not(returnOutput) then
 			response.write out
 			out = ""
 		end if
 		replaceInstance = out
 		oInstanceConfig.RemoveAll
 		oInstanceEvents.RemoveAll
 	end function
 	''
 	 ' Replace all &lt;textarea&gt; elements available in the document with editor instances.
 	 '
 	 ' @param className (string) If set, replace all textareas with class className in the page.
 	 '
 	 ' Example 1: replace all &lt;textarea&gt; elements in the page.
 	 ' @code
 	 ' editor = new CKEditor
 	 ' editor.replaceAll empty
 	 ' @endcode
 	 '
 	 ' Example 2: replace all &lt;textarea class="myClassName"&gt; elements in the page.
 	 ' @code
 	 ' editor = new CKEditor
 	 ' editor.replaceAll 'myClassName'
 	 ' @endcode
 	 '
 	function replaceAll(className)
 		dim out, js, customConfig
 		out = ""
 		if not(initialized) then
 			out = out & init()
 		end if
 		set customConfig = configSettings()
 		js = returnGlobalEvents()
 		if (customConfig.Count=0) then
 			if (isEmpty(className)) then
 				js = js & "CKEDITOR.replaceAll();"
 			else
 				js = js & "CKEDITOR.replaceAll('" & className & "');"
 			end if
 		else
 			js = js & "CKEDITOR.replaceAll( function(textarea, config) {\n"
 			if not(isEmpty(className)) then
 				js = js & "	var classRegex = new RegExp('(?:^| )' + '" & className & "' + '(?:$| )');\n"
 				js = js & "	if (!classRegex.test(textarea.className))\n"
 				js = js & "		return false;\n"
 			end if
 			js = js & "	CKEDITOR.tools.extend(config, " & (new JSON)( empty, customConfig, false ) & ", true);"
 			js = js & "} );"
 		end if
 		out = out & script(js)
 		if not(returnOutput) then
 			response.write out
 			out = ""
 		end if
 		replaceAll = out
 		oInstanceConfig.RemoveAll
 		oInstanceEvents.RemoveAll
 	end function
 	''
 	' A Dictionary that holds the %CKEditor configuration for all instances
 	' For the list of available options, see http://docs.cksource.com/ckeditor_api/symbols/CKEDITOR.config.html
 	'
 	' Example usage:
 	' @code
 	' editor.config("height") = 400
 	' // Use @@ at the beggining of a string to ouput it without surrounding quotes.
 	' editor.config("width") = "@@screen.width * 0.8"
 	' @endcode
 	Public Property Let Config( configKey, configValue )
 		oAllInstancesConfig.Add configKey, configValue
 	End Property
 	''
 	' Configuration options for the next instance
 	'
 	Public Property Let instanceConfig( configKey, configValue )
 		oInstanceConfig.Add configKey, configValue
 	End Property
 	''
 	 ' Adds event listener.
 	 ' Events are fired by %CKEditor in various situations.
 	 '
 	 ' @param eventName (string) Event name.
 	 ' @param javascriptCode (string) Javascript anonymous function or function name.
 	 '
 	 ' Example usage:
 	 ' @code
 	 ' editor.addEventHandler  "instanceReady", "function (ev) { " & _
 	 '    " alert('Loaded: ' + ev.editor.name); " & _
 	 ' "}"
 	 ' @endcode
 	 '
 	public sub addEventHandler(eventName, javascriptCode)
 		if not(oAllInstancesEvents.Exists( eventName ) ) then
 			oAllInstancesEvents.Add eventName, Array()
 		end if
 		dim listeners, size
 		listeners = oAllInstancesEvents( eventName )
 		size = ubound(listeners) + 1
 		redim preserve listeners(size)
 		listeners(size) = javascriptCode
 		oAllInstancesEvents( eventName ) = listeners
 '		'' Avoid duplicates. fixme...
 '		if (!in_array($javascriptCode, $this->_events[$event])) {
 '			$this->_events[$event][] = $javascriptCode;
 '		}
 	end sub
 	''
 	 ' Clear registered event handlers.
 	 ' Note: this function will have no effect on already created editor instances.
 	 '
 	 ' @param eventName (string) Event name, if set to 'empty' all event handlers will be removed.
 	 '
 	public sub clearEventHandlers( eventName )
 		if not(isEmpty( eventName )) then
 			oAllInstancesEvents.Remove eventName
 		else
 			oAllInstancesEvents.RemoveAll
 		end if
 	end sub
 	''
 	 ' Adds event listener only for the next instance.
 	 ' Events are fired by %CKEditor in various situations.
 	 '
 	 ' @param eventName (string) Event name.
 	 ' @param javascriptCode (string) Javascript anonymous function or function name.
 	 '
 	 ' Example usage:
 	 ' @code
 	 ' editor.addInstanceEventHandler  "instanceReady", "function (ev) { " & _
 	 '    " alert('Loaded: ' + ev.editor.name); " & _
 	 ' "}"
 	 ' @endcode
 	 '
 	public sub addInstanceEventHandler(eventName, javascriptCode)
 		if not(oInstanceEvents.Exists( eventName ) ) then
 			oInstanceEvents.Add eventName, Array()
 		end if
 		dim listeners, size
 		listeners = oInstanceEvents( eventName )
 		size = ubound(listeners) + 1
 		redim preserve listeners(size)
 		listeners(size) = javascriptCode
 		oInstanceEvents( eventName ) = listeners
 '		'' Avoid duplicates. fixme...
 '		if (!in_array($javascriptCode, $this->_events[$event])) {
 '			$this->_events[$event][] = $javascriptCode;
 '		}
 	end sub
 	''
 	 ' Clear registered event handlers.
 	 ' Note: this function will have no effect on already created editor instances.
 	 '
 	 ' @param eventName (string) Event name, if set to 'empty' all event handlers will be removed.
 	 '
 	public sub clearInstanceEventHandlers( eventName )
 		if not(isEmpty( eventName )) then
 			oInstanceEvents.Remove eventName
 		else
 			oInstanceEvents.RemoveAll
 		end if
 	end sub
 	''
 	 ' Adds global event listener.
 	 '
 	 ' @param event (string) Event name.
 	 ' @param javascriptCode (string) Javascript anonymous function or function name.
 	 '
 	 ' Example usage:
 	 ' @code
 	 ' editor.addGlobalEventHandler "dialogDefinition", "function (ev) { " & _
 	 '   "  alert('Loading dialog: ' + ev.data.name); " & _
 	 ' "}"
 	 ' @endcode
 	 '
 	public sub addGlobalEventHandler( eventName, javascriptCode)
 		if not(oGlobalEvents.Exists( eventName ) ) then
 			oGlobalEvents.Add eventName, Array()
 		end if
 		dim listeners, size
 		listeners = oGlobalEvents( eventName )
 		size = ubound(listeners) + 1
 		redim preserve listeners(size)
 		listeners(size) = javascriptCode
 		oGlobalEvents( eventName ) = listeners
 '		// Avoid duplicates.
 '		if (!in_array($javascriptCode, $this->_globalEvents[$event])) {
 '			$this->_globalEvents[$event][] = $javascriptCode;
 '		}
 	end sub
 	''
 	 ' Clear registered global event handlers.
 	 ' Note: this function will have no effect if the event handler has been already printed/returned.
 	 '
 	 ' @param eventName (string) Event name, if set to 'empty' all event handlers will be removed .
 	 '
 	public sub clearGlobalEventHandlers( eventName )
 		if not(isEmpty( eventName )) then
 			oGlobalEvents.Remove eventName
 		else
 			oGlobalEvents.RemoveAll
 		end if
 	end sub
 	''
 	 ' Prints javascript code.
 	 '
 	 ' @param string js
 	 '
 	private function script(js)
 		script = "<script type=""text/javascript"">" & _
 			"//<![CDATA[" & vbcrlf & _
 			js & vbcrlf & _
 			"//]]>" & _
 			"</script>" & vbcrlf
 	end function
 	''
 	 ' Returns the configuration array (global and instance specific settings are merged into one array).
 	 '
 	 ' @param instanceConfig (Dictionary) The specific configurations to apply to editor instance.
 	 ' @param instanceEvents (Dictionary) Event listeners for editor instance.
 	 '
 	private function configSettings()
 		dim mergedConfig, mergedEvents
 		set mergedConfig = cloneDictionary(oAllInstancesConfig)
 		set mergedEvents = cloneDictionary(oAllInstancesEvents)
 		if not(isEmpty(oInstanceConfig)) then
 			set mergedConfig = mergeDictionary(mergedConfig, oInstanceConfig)
 		end if
 		if not(isEmpty(oInstanceEvents)) then
 			for each eventName in oInstanceEvents
 				code = oInstanceEvents( eventName )
 				if not(mergedEvents.Exists( eventName)) then
 					mergedEvents.Add eventName, code
 				else
 					dim listeners, size
 					listeners = mergedEvents( eventName )
 					size = ubound(listeners)
 					if isArray( code ) then
 						addedCount = ubound(code)
 						redim preserve listeners( size + addedCount + 1 )
 						for i = 0 to addedCount
 							listeners(size + i + 1) = code (i)
 						next
 					else
 						size = size + 1
 						redim preserve listeners(size)
 						listeners(size) = code
 					end if
 					mergedEvents( eventName ) = listeners
 				end if
 			next
 		end if
 		dim i, eventName, handlers, configON, ub, code
 		if mergedEvents.Count>0 then
 			if mergedConfig.Exists( "on" ) then
 				set configON = mergedConfig.items( "on" )
 			else
 				set configON = CreateObject("Scripting.Dictionary")
 				mergedConfig.Add "on", configOn
 			end if
 			for each eventName in mergedEvents
 				handlers = mergedEvents( eventName )
 				code = ""
 				if isArray(handlers) then
 					uB = ubound(handlers)
 					if (uB = 0) then
 						code = handlers(0)
 					else
 						code = "function (ev) {"
 						for i=0 to uB
 							code = code & "(" & handlers(i) & ")(ev);"
 						next
 						code = code & "}"
 					end if
 				else
 					code = handlers
 				end if
 				' Using @@ at the beggining to signal JSON that we don't want this quoted.
 				configON.Add eventName, "@@" & code
 			next
 '			set mergedConfig.Item("on") = configOn
 		end if
 		set configSettings = mergedConfig
 	end function
 	 ''
 		' Returns a copy of a scripting.dictionary object
 		'
 	private function cloneDictionary( base )
 		dim newOne, tmpKey
 		Set newOne = CreateObject("Scripting.Dictionary")
 		for each tmpKey in base
 			newOne.Add tmpKey , base( tmpKey )
 		next
 		set cloneDictionary = newOne
 	end function
 	 ''
 		' Combines two scripting.dictionary objects
 		' The base object isn't modified, and extra gets all the properties in base
 		'
 	private function mergeDictionary(base, extra)
 		dim newOne, tmpKey
 		for each tmpKey in base
 			if not(extra.Exists( tmpKey )) then
 				extra.Add tmpKey, base( tmpKey )
 			end if
 		next
 		set mergeDictionary = extra
 	end function
 	''
 	 ' Return global event handlers.
 	 '
 	private function returnGlobalEvents()
 		dim out, eventName, handlers
 		dim handlersForEvent, handler, code, i
 		out = ""
 		if (isempty(CKEDITOR_returnedEvents)) then
 			set CKEDITOR_returnedEvents = CreateObject("Scripting.Dictionary")
 		end if
 		for each eventName in oGlobalEvents
 			handlers = oGlobalEvents( eventName )
 			if not(CKEDITOR_returnedEvents.Exists(eventName)) then
 				CKEDITOR_returnedEvents.Add eventName, CreateObject("Scripting.Dictionary")
 			end if
 				set handlersForEvent = CKEDITOR_returnedEvents.Item( eventName )
 				' handlersForEvent is another dictionary
 				' and handlers is an array
 				for i = 0 to ubound(handlers)
 					code = handlers( i )
 					' Return only new events
 					if not(handlersForEvent.Exists( code )) then
 						if (out <> "") then out = out & vbcrlf
 						out = out & "CKEDITOR.on('" &  eventName & "', " & code & ");"
 						handlersForEvent.Add code, code
 					end if
 				next
 		next
 		returnGlobalEvents = out
 	end function
 	''
 	 ' Initializes CKEditor (executed only once).
 	 '
 	private function init()
 		dim out, args, path, extraCode, file
 		out = ""
 		if (CKEDITOR_initComplete) then
 			init = ""
 			exit function
 		end if
 		if (initialized) then
 			CKEDITOR_initComplete = true
 			init = ""
 			exit function
 		end if
 		args = ""
 		path = ckeditorPath()
 		if (timestamp <> "") and (timestamp <> "%" & "TIMESTAMP%") then
 			args = "?t=" & timestamp
 		end if
 		' Skip relative paths...
 		if (instr(path, "..") <> 0) then
 			out = out & script("window.CKEDITOR_BASEPATH='" &  path  & "';")
 		end if
 		out = out & "<scr" & "ipt type=""text/javascript"" src=""" & path & ckeditorFileName() & args & """></scr" & "ipt>" & vbcrlf
 		extraCode = ""
 		if (timestamp <> mTimeStamp) then
 			extraCode = extraCode & "CKEDITOR.timestamp = '" & timestamp & "';"
 		end if
 		if (extraCode <> "") then
 			out = out & script(extraCode)
 		end if
 		CKEDITOR_initComplete = true
 		initialized = true
 		init = out
 	end function
 	private function ckeditorFileName()
 		ckeditorFileName = "ckeditor.js"
 	end function
 	''
 	 ' Return path to ckeditor.js.
 	 '
 	private function ckeditorPath()
 		if (basePath <> "") then
 			ckeditorPath = basePath
 		else
 			' In classic ASP we can't get the location of this included script
 			ckeditorPath = "/ckeditor/"
 		end if
 		' Try to check if that folder contains the CKEditor files:
 		' If it's a full URL avoid checking it as it might point to an external server.
 		if (instr(ckeditorPath, "://") <> 0) then exit function
 		dim filename, oFSO, exists
 		filename = server.mapPath(basePath & ckeditorFileName())
 		set oFSO = Server.CreateObject("Scripting.FileSystemObject")
 		exists = oFSO.FileExists(filename)
 		set oFSO = nothing
 		if not(exists) then
 			response.clear
 			response.write "<h1>CKEditor path validation failed</h1>"
 			response.write "<p>The path &quot;" & ckeditorPath & "&quot; doesn't include the CKEditor main file (" & ckeditorFileName() & ")</p>"
 			response.write "<p>Please, verify that you have set it correctly and/or adjust the 'basePath' property</p>"
 			response.write "<p>Checked for physical file: &quot;" & filename & "&quot;</p>"
 			response.end
 		end if
 	end function
 End Class
 ' URL: http://www.webdevbros.net/2007/04/26/generate-json-from-asp-datatypes/
 '**************************************************************************************************************
 '' @CLASSTITLE:		JSON
 '' @CREATOR:		Michal Gabrukiewicz (gabru at grafix.at), Michael Rebec
 '' @CONTRIBUTORS:	- Cliff Pruitt (opensource at crayoncowboy.com)
 ''					- Sylvain Lafontaine
 ''					- Jef Housein
 ''					- Jeremy Brown
 '' @CREATEDON:		2007-04-26 12:46
 '' @CDESCRIPTION:	Comes up with functionality for JSON (http://json.org) to use within ASP.
 ''					Correct escaping of characters, generating JSON Grammer out of ASP datatypes and structures
 ''					Some examples (all use the <em>toJSON()</em> method but as it is the class' default method it can be left out):
 ''					<code>
 ''					<%
 ''					'simple number
 ''					output = (new JSON)("myNum", 2, false)
 ''					'generates {"myNum": 2}
 ''
 ''					'array with different datatypes
 ''					output = (new JSON)("anArray", array(2, "x", null), true)
 ''					'generates "anArray": [2, "x", null]
 ''					'(note: the last parameter was true, thus no surrounding brackets in the result)
 ''					% >
 ''					</code>
 '' @REQUIRES:		-
 '' @OPTIONEXPLICIT:	yes
 '' @VERSION:		1.5.1
 '**************************************************************************************************************
 class JSON
 	'private members
 	private output, innerCall
 	'**********************************************************************************************************
 	'* constructor
 	'**********************************************************************************************************
 	public sub class_initialize()
 		newGeneration()
 	end sub
 	'******************************************************************************************
 	'' @SDESCRIPTION:	STATIC! takes a given string and makes it JSON valid
 	'' @DESCRIPTION:	all characters which needs to be escaped are beeing replaced by their
 	''					unicode representation according to the
 	''					RFC4627#2.5 - http://www.ietf.org/rfc/rfc4627.txt?number=4627
 	'' @PARAM:			val [string]: value which should be escaped
 	'' @RETURN:			[string] JSON valid string
 	'******************************************************************************************
 	public function escape(val)
 		dim cDoubleQuote, cRevSolidus, cSolidus
 		cDoubleQuote = &h22
 		cRevSolidus = &h5C
 		cSolidus = &h2F
 		dim i, currentDigit
 		for i = 1 to (len(val))
 			currentDigit = mid(val, i, 1)
 			if ascw(currentDigit) > &h00 and ascw(currentDigit) < &h1F then
 				currentDigit = escapequence(currentDigit)
 			elseif ascw(currentDigit) >= &hC280 and ascw(currentDigit) <= &hC2BF then
 				currentDigit = "\u00" + right(padLeft(hex(ascw(currentDigit) - &hC200), 2, 0), 2)
 			elseif ascw(currentDigit) >= &hC380 and ascw(currentDigit) <= &hC3BF then
 				currentDigit = "\u00" + right(padLeft(hex(ascw(currentDigit) - &hC2C0), 2, 0), 2)
 			else
 				select case ascw(currentDigit)
 					case cDoubleQuote: currentDigit = escapequence(currentDigit)
 					case cRevSolidus: currentDigit = escapequence(currentDigit)
 					case cSolidus: currentDigit = escapequence(currentDigit)
 				end select
 			end if
 			escape = escape & currentDigit
 		next
 	end function
 	'******************************************************************************************************************
 	'' @SDESCRIPTION:	generates a representation of a name value pair in JSON grammer
 	'' @DESCRIPTION:	It generates a name value pair which is represented as <em>{"name": value}</em> in JSON.
 	''					the generation is fully recursive. Thus the value can also be a complex datatype (array in dictionary, etc.) e.g.
 	''					<code>
 	''					<%
 	''					set j = new JSON
 	''					j.toJSON "n", array(RS, dict, false), false
 	''					j.toJSON "n", array(array(), 2, true), false
 	''					% >
 	''					</code>
 	'' @PARAM:			name [string]: name of the value (accessible with javascript afterwards). leave empty to get just the value
 	'' @PARAM:			val [variant], [int], [float], [array], [object], [dictionary]: value which needs
 	''					to be generated. Conversation of the data types is as follows:<br>
 	''					- <strong>ASP datatype -> JavaScript datatype</strong>
 	''					- NOTHING, NULL -> null
 	''					- INT, DOUBLE -> number
 	''					- STRING -> string
 	''					- BOOLEAN -> bool
 	''					- ARRAY -> array
 	''					- DICTIONARY -> Represents it as name value pairs. Each key is accessible as property afterwards. json will look like <code>"name": {"key1": "some value", "key2": "other value"}</code>
 	''					- <em>multidimensional array</em> -> Generates a 1-dimensional array (flat) with all values of the multidimensional array
 	''					- <em>request</em> object -> every property and collection (cookies, form, querystring, etc) of the asp request object is exposed as an item of a dictionary. Property names are <strong>lowercase</strong>. e.g. <em>servervariables</em>.
 	''					- OBJECT -> name of the type (if unknown type) or all its properties (if class implements <em>reflect()</em> method)
 	''					Implement a <strong>reflect()</strong> function if you want your custom classes to be recognized. The function must return
 	''					a dictionary where the key holds the property name and the value its value. Example of a reflect function within a User class which has firstname and lastname properties
 	''					<code>
 	''					<%
 	''					function reflect()
 	''					.	set reflect = server.createObject("scripting.dictionary")
 	''					.	reflect.add "firstname", firstname
 	''					.	reflect.add "lastname", lastname
 	''					end function
 	''					% >
 	''					</code>
 	''					Example of how to generate a JSON representation of the asp request object and access the <em>HTTP_HOST</em> server variable in JavaScript:
 	''					<code>
 	''					<script>alert(<%= (new JSON)(empty, request, false) % >.servervariables.HTTP_HOST);</script>
 	''					</code>
 	'' @PARAM:			nested [bool]: indicates if the name value pair is already nested within another? if yes then the <em>{}</em> are left out.
 	'' @RETURN:			[string] returns a JSON representation of the given name value pair
 	'******************************************************************************************************************
 	public default function toJSON(name, val, nested)
 		if not nested and not isEmpty(name) then write("{")
 		if not isEmpty(name) then write("""" & escape(name) & """: ")
 		generateValue(val)
 		if not nested and not isEmpty(name) then write("}")
 		toJSON = output
 		if innerCall = 0 then newGeneration()
 	end function
 	'******************************************************************************************************************
 	'* generate
 	'******************************************************************************************************************
 	private function generateValue(val)
 		if isNull(val) then
 			write("null")
 		elseif isArray(val) then
 			generateArray(val)
 		elseif isObject(val) then
 			dim tName : tName = typename(val)
 			if val is nothing then
 				write("null")
 			elseif tName = "Dictionary" or tName = "IRequestDictionary" then
 				generateDictionary(val)
 			elseif tName = "IRequest" then
 				set req = server.createObject("scripting.dictionary")
 				req.add "clientcertificate", val.ClientCertificate
 				req.add "cookies", val.cookies
 				req.add "form", val.form
 				req.add "querystring", val.queryString
 				req.add "servervariables", val.serverVariables
 				req.add "totalbytes", val.totalBytes
 				generateDictionary(req)
 			elseif tName = "IStringList" then
 				if val.count = 1 then
 					toJSON empty, val(1), true
 				else
 					generateArray(val)
 				end if
 			else
 				generateObject(val)
 			end if
 		else
 			'bool
 			dim varTyp
 			varTyp = varType(val)
 			if varTyp = 11 then
 				if val then write("true") else write("false")
 			'int, long, byte
 			elseif varTyp = 2 or varTyp = 3 or varTyp = 17 or varTyp = 19 then
 				write(cLng(val))
 			'single, double, currency
 			elseif varTyp = 4 or varTyp = 5 or varTyp = 6 or varTyp = 14 then
 				write(replace(cDbl(val), ",", "."))
 			else
 				' Using @@ at the beggining to signal JSON that we don't want this quoted.
 				if left(val, 2) = "@@" then
 					write( mid( val, 3 ) )
 				else
 					write("""" & escape(val & "") & """")
 				end if
 			end if
 		end if
 		generateValue = output
 	end function
 	'******************************************************************************************************************
 	'* generateArray
 	'******************************************************************************************************************
 	private sub generateArray(val)
 		dim item, i
 		write("[")
 		i = 0
 		'the for each allows us to support also multi dimensional arrays
 		for each item in val
 			if i > 0 then write(",")
 			generateValue(item)
 			i = i + 1
 		next
 		write("]")
 	end sub
 	'******************************************************************************************************************
 	'* generateDictionary
 	'******************************************************************************************************************
 	private sub generateDictionary(val)
 		innerCall = innerCall + 1
 		if val.count = 0 then
 			toJSON empty, null, true
 			exit sub
 		end if
 		dim key, i
 		write("{")
 		i = 0
 		for each key in val
 			if i > 0 then write(",")
 			toJSON key, val(key), true
 			i = i + 1
 		next
 		write("}")
 		innerCall = innerCall - 1
 	end sub
 	'******************************************************************************************************************
 	'* generateObject
 	'******************************************************************************************************************
 	private sub generateObject(val)
 		dim props
 		on error resume next
 		set props = val.reflect()
 		if err = 0 then
 			on error goto 0
 			innerCall = innerCall + 1
 			toJSON empty, props, true
 			innerCall = innerCall - 1
 		else
 			on error goto 0
 			write("""" & escape(typename(val)) & """")
 		end if
 	end sub
 	'******************************************************************************************************************
 	'* newGeneration
 	'******************************************************************************************************************
 	private sub newGeneration()
 		output = empty
 		innerCall = 0
 	end sub
 	'******************************************************************************************
 	'* JsonEscapeSquence
 	'******************************************************************************************
 	private function escapequence(digit)
 		escapequence = "\u00" + right(padLeft(hex(ascw(digit)), 2, 0), 2)
 	end function
 	'******************************************************************************************
 	'* padLeft
 	'******************************************************************************************
 	private function padLeft(value, totalLength, paddingChar)
 		padLeft = right(clone(paddingChar, totalLength) & value, totalLength)
 	end function
 	'******************************************************************************************
 	'* clone
 	'******************************************************************************************
 	private function clone(byVal str, n)
 		dim i
 		for i = 1 to n : clone = clone & str : next
 	end function
 	'******************************************************************************************
 	'* write
 	'******************************************************************************************
 	private sub write(val)
 		output = output & val
 	end sub
 end class
 %>
--- a/include/limesurvey/admin/scripts/ckeditor.36/limesurvey-config.js
+++ b/include/limesurvey/admin/scripts/ckeditor.36/limesurvey-config.js
@@ -12,6 +12,7 @@ CKEDITOR.editorConfig = function( config )
 	config.toolbarCanCollapse = false;
 	config.resize_enabled = false;
    config.autoParagraph = false;
    config.entities = false;    
    config.toolbar_popup =
    [
--- a/include/limesurvey/admin/scripts/globalsettings.js
+++ b/include/limesurvey/admin/scripts/globalsettings.js
@@ -1,4 +1,4 @@
-// $Id: globalsettings.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: globalsettings.js 8964 2010-07-20 20:46:47Z anishseth $
 $(document).ready(function(){
    $("#emailmethod").change(Emailchange);
--- a/include/limesurvey/admin/scripts/kcfinder/core/autoload.php
+++ b/include/limesurvey/admin/scripts/kcfinder/core/autoload.php
@@ -1,95 +1,101 @@
 <?php
-/** This file is part of KCFinder project
+    /** This file is part of KCFinder project
-  *
+    *
-  *      @desc Autoload classes magic function
+    *      @desc Autoload classes magic function
-  *   @package KCFinder
+    *   @package KCFinder
-  *   @version 2.21
+    *   @version 2.21
-  *    @author Pavel Tzonkov <pavelc@users.sourceforge.net>
+    *    @author Pavel Tzonkov <pavelc@users.sourceforge.net>
-  * @copyright 2010 KCFinder Project
+    * @copyright 2010 KCFinder Project
-  *   @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2
+    *   @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2
-  *   @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2
+    *   @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2
-  *      @link http://kcfinder.sunhater.com
+    *      @link http://kcfinder.sunhater.com
-  */
+    */
-require_once(dirname(__FILE__).'/../../../../config-defaults.php');
+    require_once(dirname(__FILE__).'/../../../../config-defaults.php');
-require_once(dirname(__FILE__).'/../../../../common.php');
+    require_once(dirname(__FILE__).'/../../../../common.php');
-require_once(dirname(__FILE__).'/../../../admin_functions.php');
+    require_once(dirname(__FILE__).'/../../../admin_functions.php');
-$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
+    $usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
-$usresult = db_execute_assoc($usquery,'',true);
+    $usresult = db_execute_assoc($usquery,'',true);
-if ($usresult)
+    if ($usresult)
-{
+    {
-    $usrow = $usresult->FetchRow();
+        $usrow = $usresult->FetchRow();
-    @session_name($usrow['stg_value']);
+        @session_name($usrow['stg_value']);
-}
+    }
-else
+    else
-{
+    {
-    session_name("LimeSurveyAdmin");
+        session_name("LimeSurveyAdmin");
-}
+    }
-session_set_cookie_params(0,$relativeurl.'/');
+    session_set_cookie_params(0,$relativeurl.'/');
-if (session_id() == "") @session_start();
+    if (session_id() == "") @session_start();
-$_SESSION['KCFINDER'] = array();
+    $_SESSION['KCFINDER'] = array();
-$sAllowedExtensions	= implode(' ',array_map('trim',explode(',',$allowedresourcesuploads)));
+    $sAllowedExtensions	= implode(' ',array_map('trim',explode(',',$allowedresourcesuploads)));
-$_SESSION['KCFINDER']['types']=array('files'=>$sAllowedExtensions,
+    $_SESSION['KCFINDER']['types']=array('files'=>$sAllowedExtensions,
-                                     'flash'=>$sAllowedExtensions,
+    'flash'=>$sAllowedExtensions,
-                                     'images'=>$sAllowedExtensions);
+    'images'=>$sAllowedExtensions);
-
+    if ($demoModeOnly === false &&
 if ($demoModeOnly === false &&
    isset($_SESSION['loginID']) &&
    isset($_SESSION['FileManagerContext']))
-{
+    {
-    // disable upload at survey creation time
+        // disable upload at survey creation time
-    // because we don't know the sid yet
+        // because we don't know the sid yet
-    if (preg_match('/^(create|edit):(question|group|answer)/',$_SESSION['FileManagerContext']) != 0 ||
+        if (preg_match('/^(create|edit):(question|group|answer)/',$_SESSION['FileManagerContext']) != 0 ||
        preg_match('/^edit:survey/',$_SESSION['FileManagerContext']) !=0 ||
        preg_match('/^edit:assessments/',$_SESSION['FileManagerContext']) !=0 ||
        preg_match('/^edit:emailsettings/',$_SESSION['FileManagerContext']) != 0)
    {
        $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
        $surveyid=$contextarray[2];
        if(bHasSurveyPermission($surveyid,'surveycontent','update'))
        {
-            $_SESSION['KCFINDER']['disabled'] = false ;
+            $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
-            $_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/surveys/{$surveyid}/" ;
+            $surveyid=$contextarray[2];
-            $_SESSION['KCFINDER']['uploadDir'] = $uploaddir.'/surveys/'.$surveyid;
+
            if(bHasSurveyPermission($surveyid,'surveycontent','update'))
            {
                $_SESSION['KCFINDER']['disabled'] = false ;
                if (preg_match('/^edit:emailsettings/',$_SESSION['FileManagerContext']) != 0)
                {
                    $_SESSION['KCFINDER']['uploadURL'] = "{$rooturl}/upload/surveys/{$surveyid}/" ;
                }
                else
                {
                    $_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/surveys/{$surveyid}/" ;
                }
                $_SESSION['KCFINDER']['uploadDir'] = $uploaddir.'/surveys/'.$surveyid;
            }
        }
        elseif (preg_match('/^edit:label/',$_SESSION['FileManagerContext']) != 0)
        {
            $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
            $labelid=$contextarray[2];
            // check if the user has label management right and labelid defined
            if ($_SESSION['USER_RIGHT_MANAGE_LABEL']==1 && isset($labelid) && $labelid != '')
            {
                $_SESSION['KCFINDER']['disabled'] = false ;
                $_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/labels/{$labelid}/" ;
                $_SESSION['KCFINDER']['uploadDir'] = "{$uploaddir}/labels/{$labelid}" ;
            }
        }
    }
-    elseif (preg_match('/^edit:label/',$_SESSION['FileManagerContext']) != 0)
+
-    {
+
-        $contextarray=explode(':',$_SESSION['FileManagerContext'],3);
+    function __autoload($class) {
-        $labelid=$contextarray[2];
+        if ($class == "uploader")
-        // check if the user has label management right and labelid defined
+            require "core/uploader.php";
-        if ($_SESSION['USER_RIGHT_MANAGE_LABEL']==1 && isset($labelid) && $labelid != '')
+        elseif ($class == "browser")
-        {
+            require "core/browser.php";
-            $_SESSION['KCFINDER']['disabled'] = false ;
+        elseif (file_exists("core/types/$class.php"))
-            $_SESSION['KCFINDER']['uploadURL'] = "{$relativeurl}/upload/labels/{$labelid}/" ;
+            require "core/types/$class.php";
-            $_SESSION['KCFINDER']['uploadDir'] = "{$uploaddir}/labels/{$labelid}" ;
+        elseif (file_exists("lib/class_$class.php"))
-        }
+            require "lib/class_$class.php";
        elseif (file_exists("lib/helper_$class.php"))
            require "lib/helper_$class.php";
    }
 }
 function __autoload($class) {
    if ($class == "uploader")
        require "core/uploader.php";
    elseif ($class == "browser")
        require "core/browser.php";
    elseif (file_exists("core/types/$class.php"))
        require "core/types/$class.php";
    elseif (file_exists("lib/class_$class.php"))
        require "lib/class_$class.php";
    elseif (file_exists("lib/helper_$class.php"))
        require "lib/helper_$class.php";
 }
 ?>
--- a/include/limesurvey/admin/scripts/kcfinder/core/uploader.php
+++ b/include/limesurvey/admin/scripts/kcfinder/core/uploader.php
@@ -107,25 +107,42 @@ class uploader {
        if (!strlen($this->config['cookiePath']))
            $this->config['cookiePath'] = "/";
-        // UPLOAD FOLDER INIT
+                 // UPLOAD FOLDER INIT
-        if ($this->config['uploadURL'] == "/") {
+
-            $this->config['uploadDir'] = strlen($this->config['uploadDir'])
+            // FULL URL
-                ? path::normalize($this->config['uploadDir'])
+            if (preg_match('/^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)\/?$/',
-                : path::normalize($_SERVER['DOCUMENT_ROOT']);
+                    $this->config['uploadURL'], $patt)
-            $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
+            ) {
-            $this->typeURL = "/{$this->type}";
+                list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
-        } else {
+                $path = path::normalize($path);
-            $this->config['uploadURL'] = (substr($this->config['uploadURL'], 0, 1) === "/")
+                $this->config['uploadURL'] = "$protocol://$domain" . (strlen($port) ? ":$port" : "") . "/$path";
-                ? path::normalize($this->config['uploadURL'])
+                $this->config['uploadDir'] = strlen($this->config['uploadDir'])
-                : path::rel2abs_url($this->config['uploadURL']);
+                    ? path::normalize($this->config['uploadDir'])
-            $this->config['uploadDir'] = strlen($this->config['uploadDir'])
+                    : path::url2fullPath("/$path");
-                ? path::normalize($this->config['uploadDir'])
+                $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
-                : path::url2fullPath($this->config['uploadURL']);
+                $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
-            $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
+
-            $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
+            // SITE ROOT
-        }
+            } elseif ($this->config['uploadURL'] == "/") {
-        if (!is_dir($this->config['uploadDir']))
+                $this->config['uploadDir'] = strlen($this->config['uploadDir'])
-            @mkdir($this->config['uploadDir'], $this->config['dirPerms']);
+                    ? path::normalize($this->config['uploadDir'])
                    : path::normalize($_SERVER['DOCUMENT_ROOT']);
                $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
                $this->typeURL = "/{$this->type}";
            // ABSOLUTE & RELATIVE
            } else {
                $this->config['uploadURL'] = (substr($this->config['uploadURL'], 0, 1) === "/")
                    ? path::normalize($this->config['uploadURL'])
                    : path::rel2abs_url($this->config['uploadURL']);
                $this->config['uploadDir'] = strlen($this->config['uploadDir'])
                    ? path::normalize($this->config['uploadDir'])
                    : path::url2fullPath($this->config['uploadURL']);
                $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
                $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
            }
            if (!is_dir($this->config['uploadDir']))
                @mkdir($this->config['uploadDir'], $this->config['dirPerms']);
        // HOST APPLICATIONS INIT
        if (isset($this->get['CKEditorFuncNum']))
--- a/include/limesurvey/admin/scripts/kcfinder/js/helper.js
+++ b/include/limesurvey/admin/scripts/kcfinder/js/helper.js
@@ -64,11 +64,23 @@ _.getFileExtension = function(filename, toLower) {
 };
 _.escapeDirs = function(path) {
    var fullDirExpr = /^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)$/,
        prefix = "";
    if (fullDirExpr.test(path)) {
        var port = path.replace(fullDirExpr, "$4");
        prefix = path.replace(fullDirExpr, "$1://$2")
        if (port.length)
            prefix += ":" + port;
        prefix += "/";
        path = path.replace(fullDirExpr, "$5");
    }
    var dirs = path.split('/');
    var escapePath = '';
    for (var i = 0; i < dirs.length; i++)
        escapePath += encodeURIComponent(dirs[i]) + '/';
-    return escapePath.substr(0, escapePath.length - 1);
+
    return prefix + escapePath.substr(0, escapePath.length - 1);
 };
 _.outerSpace = function(selector, type, mbp) {
--- a/include/limesurvey/admin/scripts/listsurvey.js
+++ b/include/limesurvey/admin/scripts/listsurvey.js
@@ -1,4 +1,4 @@
-// $Id: listsurvey.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: listsurvey.js 9692 2011-01-15 21:31:10Z c_schmitz $
 $.tablesorter.addParser({ 
    // set a unique id 
--- a/include/limesurvey/admin/scripts/rating/index.asp
+++ b/include/limesurvey/admin/scripts/rating/index.asp
@@ -1 +0,0 @@
 <!--#include file="../documentation.asp"//-->
--- a/include/limesurvey/admin/scripts/saved.js
+++ b/include/limesurvey/admin/scripts/saved.js
@@ -1,4 +1,4 @@
-// $Id: saved.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: saved.js 9330 2010-10-24 22:23:56Z c_schmitz $
 $(document).ready(function(){
    $(".browsetable").tablesorter({
--- a/include/limesurvey/admin/scripts/subquestions.js
+++ b/include/limesurvey/admin/scripts/subquestions.js
@@ -1,39 +1,42 @@
-// $Id: subquestions.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: subquestions.js 12442 2012-02-11 00:07:00Z shnoulle $
 var labelcache=[];
 $(document).ready(function(){
-       $('.tab-page:first .answertable tbody').sortable({   containment:'parent',
+    $("body").delegate(".code", "keyup", function() {
-                                            start:startmove,
+        $(this).val($(this).val().replace(/[^a-zA-Z0-9_]/,''));
-                                            update:aftermove,
+    });
-                                            distance:3});
+    $('.tab-page:first .answertable tbody').sortable({   containment:'parent',
-       $('.btnaddanswer').click(addinput);
+        start:startmove,
-       $('.btndelanswer').click(deleteinput); 
+        update:aftermove,
-       $('#editsubquestionsform').submit(code_duplicates_check)
+        distance:3});
-       $('#labelsetbrowser').dialog({ autoOpen: false,
+    $('.btnaddanswer').click(addinput);
-                                        modal: true,
+    $('.btndelanswer').click(deleteinput);
-                                        width:800,
+    $('#editsubquestionsform').submit(code_duplicates_check)
-                                        title: lsbrowsertitle});   
+    $('#labelsetbrowser').dialog({ autoOpen: false,
-       $('#quickadd').dialog({ autoOpen: false,
+        modal: true,
-                                        modal: true,
+        width:800,
-                                        width:600,
+        title: lsbrowsertitle});
-                                        title: quickaddtitle});   
+    $('#quickadd').dialog({ autoOpen: false,
        modal: true,
        width:600,
        title: quickaddtitle});
-       $('.btnlsbrowser').click(lsbrowser);
+    $('.btnlsbrowser').click(lsbrowser);
-       $('#btncancel').click(function(){
+    $('#btncancel').click(function(){
-           $('#labelsetbrowser').dialog('close');
+        $('#labelsetbrowser').dialog('close');
-       });
+    });
-       $('#btnlsreplace').click(transferlabels);
+    $('#btnlsreplace').click(transferlabels);
-       $('#btnlsinsert').click(transferlabels);
+    $('#btnlsinsert').click(transferlabels);
-       $('#btnqacancel').click(function(){
+    $('#btnqacancel').click(function(){
-           $('#quickadd').dialog('close');
+        $('#quickadd').dialog('close');
-       });  
+    });
-       $('#btnqareplace').click(quickaddlabels);
+    $('#btnqareplace').click(quickaddlabels);
-       $('#btnqainsert').click(quickaddlabels);
+    $('#btnqainsert').click(quickaddlabels);
-       $('#labelsets').click(lspreview);
+    $('#labelsets').click(lspreview);
-       $('#languagefilter').click(lsbrowser);
+    $('#languagefilter').click(lsbrowser);
-       $('.btnquickadd').click(quickadddialog);
+    $('.btnquickadd').click(quickadddialog);
-       updaterowproperties(); 
+    updaterowproperties();
 });
 function deleteinput()
@@ -43,22 +46,22 @@ function deleteinput()
    countanswers=$(this).parent().parent().parent().children().length;
    if (countanswers>1)
-    {
+        {
-       // 2.) Remove the table row
+        // 2.) Remove the table row
-       scale_id=removechars($(this).closest('table').attr('id'));     
+        scale_id=removechars($(this).closest('table').attr('id'));
-       index = Number($(this).closest('tr').parent().children().index($(this).closest('tr')))+1;            
+        index = Number($(this).closest('tr').parent().children().index($(this).closest('tr')))+1;
-       languages=langs.split(';');
+        languages=langs.split(';');
-       var x;
+        var x;
-       for (x in languages)
+        for (x in languages)
-       {
+            {
            tablerow=$('#answertable_'+languages[x]+'_'+scale_id+' tbody tr:nth-child('+index+')');
            if (x==0) {
-               tablerow.fadeTo(400, 0, function(){
+                tablerow.fadeTo(400, 0, function(){
-                       $(this).remove();  
+                    $(this).remove();
-                       updaterowproperties();       
+                    updaterowproperties();
-               });            
+                });
            }
            else {
                tablerow.remove();
@@ -68,9 +71,9 @@ function deleteinput()
        }
    }
    else
-    {
+        {
-       $.blockUI({message:"<p><br/>"+strCantDeleteLastAnswer+"</p>"});
+        $.blockUI({message:"<p><br/>"+strCantDeleteLastAnswer+"</p>"});
-       setTimeout(jQuery.unblockUI,1000);   
+        setTimeout(jQuery.unblockUI,1000);
    }
    updaterowproperties();
 }
@@ -78,24 +81,30 @@ function deleteinput()
 function addinput()
 {
-	var sID=$('input[name=sid]').val();
+    var sID=$('input[name=sid]').val();
-	var gID=$('input[name=gid]').val();
+    var gID=$('input[name=gid]').val();
-	var qID=$('input[name=qid]').val();
+    var qID=$('input[name=qid]').val();
    scale_id=removechars($(this).closest('table').attr('id'));
    newposition = Number($(this).closest('tr').parent().children().index($(this).closest('tr')))+1;
    languages=langs.split(';');
-    for (x in languages)
+    nextcode=getNextCode($(this).parent().parent().find('.code').val());
    while ($(this).parent().parent().parent().find('input[value="'+nextcode+'"]').length>0 && nextcode!=$(this).parent().parent().find('.code').val())
    {
        nextcode=getNextCode(nextcode);
    }
    for (x in languages)
        {
        tablerow=$('#answertable_'+languages[x]+'_'+scale_id+' tbody tr:nth-child('+newposition+')');
-        nextcode=getNextCode($(this).parent().parent().find('.code').val());
+
        var randomid='new'+Math.floor(Math.random()*111111)
        if (x==0) {
-            inserthtml='<tr class="row_'+newposition+'" style="display:none;"><td><img class="handle" src="../images/handle.png" /></td><td><input id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" onkeypress="return goodchars(event,\'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_\')" class="code" type="text" maxlength="5" size="5" value="'+htmlspecialchars(nextcode)+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(newansweroption_text)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
+            inserthtml='<tr class="row_'+newposition+'" style="display:none;"><td><img class="handle" src="../images/handle.png" /></td><td><input id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" onkeypress="return goodchars(event,\'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_\')" class="code" type="text" maxlength="20" size="5" value="'+htmlspecialchars(nextcode)+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(newansweroption_text)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
        }
        else
-        {
+            {
            inserthtml='<tr class="row_'+newposition+'" style="display:none;"><td>&nbsp;</td><td>'+htmlspecialchars(nextcode)+'</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(newansweroption_text)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
        }
        tablerow.after(inserthtml);
@@ -103,7 +112,7 @@ function addinput()
        tablerow.next().find('.btndelanswer').click(deleteinput);
        tablerow.next().find('.answer').focus(function(){
            if ($(this).val()==newansweroption_text)
-            {
+                {
                $(this).val('');
            }
        });
@@ -127,22 +136,22 @@ function aftermove(event,ui)
    // But first we have change the sortorder in translations, too
-   var newindex = Number($(ui.item[0]).parent().children().index(ui.item[0]))+1;
+    var newindex = Number($(ui.item[0]).parent().children().index(ui.item[0]))+1;
-   info=$(ui.item[0]).closest('table').attr('id').split("_"); 
+    info=$(ui.item[0]).closest('table').attr('id').split("_");
-   languages=langs.split(';');
+    languages=langs.split(';');
-   var x;
+    var x;
-   for (x in languages)
+    for (x in languages)
-   {
+        {
        if (x>0) {
            tablerow=$('#tabpage_'+languages[x]+' tbody tr:nth-child('+newindex+')');
            tablebody=$('#tabpage_'+languages[x]).find('tbody');
            if (newindex<oldindex)
-            {
+                {
                $('#tabpage_'+languages[x]+' tbody tr:nth-child('+newindex+')').before($('#tabpage_'+languages[x]+' tbody tr:nth-child('+oldindex+')'));
            }
            else
-            {
+                {
                $('#tabpage_'+languages[x]+' tbody tr:nth-child('+newindex+')').after($('#tabpage_'+languages[x]+' tbody tr:nth-child('+oldindex+')'));
                //tablebody.find('.row_'+newindex).after(tablebody.find('.row_'+oldindex));
            }
@@ -155,17 +164,17 @@ function aftermove(event,ui)
 // if the list changed
 function updaterowproperties()
 {
-  $('.answertable tbody').each(function(){
+    $('.answertable tbody').each(function(){
-      var highlight=true;
+        var highlight=true;
-      $(this).children('tr').each(function(){
+        $(this).children('tr').each(function(){
-         $(this).removeClass('highlight'); 
+            $(this).removeClass('highlight');
-         if (highlight){
+            if (highlight){
-             $(this).addClass('highlight');
+                $(this).addClass('highlight');
-         }
+            }
-         highlight=!highlight;
+            highlight=!highlight;
-      })
+        })
-  })  
+    })
 }
 function updatecodes()
@@ -183,21 +192,21 @@ function getNextCode(sourcecode)
    {
        found=is_numeric(sourcecode.substr(sclength-i,i));
        if (found)
-        {
+            {
            foundnumber=sourcecode.substr(sclength-i,i);
            i++;
        }
    }
    if (foundnumber==-1)
-    {
+        {
        return(sourcecode);
    }
    else
-    {
+        {
-       foundnumber++; 
+        foundnumber++;
-       foundnumber=foundnumber+'';
+        foundnumber=foundnumber+'';
-       result=sourcecode.substr(0,sclength-foundnumber.length)+foundnumber;
+        result=sourcecode.substr(0,sclength-foundnumber.length)+foundnumber;
-       return(result);
+        return(result);
    }
 }
@@ -219,17 +228,17 @@ function code_duplicates_check()
    $('#tabpage_'+languages[0]+' .answertable tbody').each(function(){
        var codearray=[];
        $(this).find('tr .code').each(function(){
-           codearray.push($(this).val());  
+            codearray.push($(this).val());
        })
        if (arrHasDupes(codearray))
-        {
+            {
            alert(duplicateanswercode);
            dupefound=true;
            return;
        }
    })
    if (dupefound)
-    {
+        {
        return false;
    }
 }
@@ -243,20 +252,20 @@ function lsbrowser()
    match=0;
    if ($('#languagefilter').attr('checked')==true)
    {
-        match=1;
+    match=1;
    }*/
    $.getJSON('admin.php?action=ajaxlabelsetpicker',{sid:surveyid, match:1},function(json){
        var x=0;
        $("#labelsets").removeOption(/.*/);
        for (x in json)
-        {
+            {
            $('#labelsets').addOption(json[x][0],json[x][1]);
            if (x==0){
                remind=json[x][0];
            }
        }
        if ($('#labelsets > option').size()>0)
-        {
+            {
            $('#labelsets').selectOptions(remind);
            lspreview();
            $('#btnlsreplace').removeClass('ui-state-disabled');
@@ -265,7 +274,8 @@ function lsbrowser()
            $('#btnlsinsert').attr('disabled','');
        }
        else
-        {
+            {
            $("#labelsetpreview").html("<p class='ui-state-highlight ui-corner-all ui-notify-message'>"+strNoLabelSet+"</p>");
            $('#btnlsreplace').addClass('ui-state-disabled');
            $('#btnlsinsert').addClass('ui-state-disabled');
            $('#btnlsreplace').attr('disabled','disabled');
@@ -278,66 +288,66 @@ function lsbrowser()
 // previews the labels in a label set after selecting it in the select box
 function lspreview()
 {
-   if ($('#labelsets > option').size()==0)
+    if ($('#labelsets > option').size()==0)
-   {
+        {
-       return;
+        return;
-   }
+    }
-   var lsid=$('#labelsets').val();
+    var lsid=$('#labelsets').val();
-   surveyid=$('input[name=sid]').val();
+    surveyid=$('input[name=sid]').val();
-   // check if this label set is already cached
+    // check if this label set is already cached
-   if (!isset(labelcache[lsid]))
+    if (!isset(labelcache[lsid]))
-   {
+        {
-       $.ajax({
+        $.ajax({
-              url: 'admin.php?action=ajaxlabelsetdetails',
+            url: 'admin.php?action=ajaxlabelsetdetails',
-              dataType: 'json',
+            dataType: 'json',
-              data: {lid:lsid, sid:surveyid},
+            data: {lid:lsid, sid:surveyid},
-              cache: true,
+            cache: true,
-              success: function(json){
+            success: function(json){
-                    $("#labelsetpreview").tabs('destroy');
+                $("#labelsetpreview").tabs('destroy');
-                    $("#labelsetpreview").empty();
+                $("#labelsetpreview").empty();
-                    var tabindex=''; 
+                var tabindex='';
-                    var tabbody=''; 
+                var tabbody='';
-                    for ( x in json)
+                for ( x in json)
                    {
-                        language=json[x];
+                    language=json[x];
-                        for (y in language)
+                    for (y in language)
                        {
-                            tabindex=tabindex+'<li><a href="#language_'+y+'">'+language[y][1]+'</a></li>';
+                        tabindex=tabindex+'<li><a href="#language_'+y+'">'+language[y][1]+'</a></li>';
-                            tabbody=tabbody+"<div id='language_"+y+"'><table class='limetable'>";
+                        tabbody=tabbody+"<div id='language_"+y+"'><table class='limetable'>";
-                            lsrows=language[y][0];
+                        lsrows=language[y][0];
-                            tablerows='';
+                        tablerows='';
-                            var highlight=true;
+                        var highlight=true;
-                            for (z in lsrows)
+                        for (z in lsrows)
                            {
-                                highlight=!highlight; 
+                            highlight=!highlight;
-                                tabbody=tabbody+'<tbody><tr';
+                            tabbody=tabbody+'<tbody><tr';
-                                if (highlight==true) { 
+                            if (highlight==true) {
-                                    tabbody=tabbody+" class='highlight' ";
+                                tabbody=tabbody+" class='highlight' ";
                                }
                                if (lsrows[z].title==null)
                                {
                                    lsrows[z].title='';
                                }
                                tabbody=tabbody+'><td>'+lsrows[z].code+'</td><td>'+lsrows[z].title+'</td></tr><tbody>';
                            }
-                            tabbody=tabbody+'<thead><tr><th>'+strcode+'</th><th>'+strlabel+'</th></tr></thead></table></div>';
+                            if (lsrows[z].title==null)
                                {
                                lsrows[z].title='';
                            }
                            tabbody=tabbody+'><td>'+lsrows[z].code+'</td><td>'+lsrows[z].title+'</td></tr><tbody>';
                        }
                        tabbody=tabbody+'<thead><tr><th>'+strcode+'</th><th>'+strlabel+'</th></tr></thead></table></div>';
                    }
-                    $("#labelsetpreview").append('<ul>'+tabindex+'</ul>'+tabbody);
+                }
-                    labelcache[lsid]='<ul>'+tabindex+'</ul>'+tabbody;
+                $("#labelsetpreview").append('<ul>'+tabindex+'</ul>'+tabbody);
-                    $("#labelsetpreview").tabs();
+                labelcache[lsid]='<ul>'+tabindex+'</ul>'+tabbody;
-              }}
+                $("#labelsetpreview").tabs();
-       );
+        }}
-   }
+        );
-   else
+    }
-   {
+    else
-                    $("#labelsetpreview").tabs('destroy');
+        {
-                    $("#labelsetpreview").empty();
+        $("#labelsetpreview").tabs('destroy');
-                    $("#labelsetpreview").append(labelcache[lsid]);
+        $("#labelsetpreview").empty();
-                    $("#labelsetpreview").tabs();
+        $("#labelsetpreview").append(labelcache[lsid]);
-   }
+        $("#labelsetpreview").tabs();
    }
 }
@@ -373,170 +383,170 @@ function dump(arr,level) {
 function transferlabels()
 {
-	var sID=$('input[name=sid]').val();
+    var sID=$('input[name=sid]').val();
-	var gID=$('input[name=gid]').val();
+    var gID=$('input[name=gid]').val();
-	var qID=$('input[name=qid]').val();
+    var qID=$('input[name=qid]').val();
    surveyid=$('input[name=sid]').val();
    if ($(this).attr('id')=='btnlsreplace')
-    {
+        {
        var lsreplace=true;
    }
    else
-    {
+        {
        var lsreplace=false;
    }
    if (lsreplace)
-    {
+        {
-       $('.answertable:eq('+scale_id+') tbody tr').each(function(){
+        $('.answertable:eq('+scale_id+') tbody tr').each(function(){
-          aRowInfo=this.id.split('_');  
+            aRowInfo=this.id.split('_');
-          $('#deletedqids').val($('#deletedqids').val()+' '+aRowInfo[2]);
+            $('#deletedqids').val($('#deletedqids').val()+' '+aRowInfo[2]);
-       }); 
+        });
    }
-   var lsid=$('#labelsets').val();
+    var lsid=$('#labelsets').val();
-   $.ajax({
+    $.ajax({
-          url: 'admin.php?action=ajaxlabelsetdetails',
+        url: 'admin.php?action=ajaxlabelsetdetails',
-          dataType: 'json',
+        dataType: 'json',
-          data: {lid:lsid, sid:surveyid},
+        data: {lid:lsid, sid:surveyid},
-          cache: true,
+        cache: true,
-          success: function(json){
+        success: function(json){
-                languages=langs.split(';');   
+            languages=langs.split(';');
-                var x;
+            var x;
-                var defaultdata_labels = null;
+            var defaultdata_labels = null;
-                for (x in languages)
+            for (x in languages)
                {
-                    lang_x_found_in_label=false;
+                lang_x_found_in_label=false;
-                    var tablerows='';
+                var tablerows='';
-                    var y;
+                var y;
-                    for (y in json)
+                for (y in json)
                    {
-                        language=json[y];
+                    language=json[y];
-                        var lsrows = new Array();
+                    var lsrows = new Array();
-                        //defaultdata=language[languages[0]][0];
+                    //defaultdata=language[languages[0]][0];
-                        for (z in language)
+                    for (z in language)
                        {
-                            if (z==languages[0])
+                        if (z==languages[0])
                            {
-                                defaultdata_labels=language[languages[0]];
+                            defaultdata_labels=language[languages[0]];
                            }
                            if (z==languages[x])
                            {
                                lang_x_found_in_label = true;
                                lsrows=language[z][0];
                            }
                            var k;
                            for (k in lsrows)
                            {
                                var randomid='new'+Math.floor(Math.random()*111111) 
                                if (x==0) {
                                    tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td><img class="handle" src="../images/handle.png" /></td><td><input class="code" id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" onkeypress="return goodchars(event,\'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_\')" type="text" maxlength="5" size="5" value="'+htmlspecialchars(lsrows[k].code)+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
                                }
                                else
                                {
                                    tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td>&nbsp;</td><td>'+htmlspecialchars(lsrows[k].code)+'</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
                                }
                            }
                        }
-                    }                    
+                        if (z==languages[x])
-                    if (lang_x_found_in_label === false)
+                            {
-                    {
+                            lang_x_found_in_label = true;
-                        lsrows=defaultdata_labels[0];
+                            lsrows=language[z][0];
-                        k=0;
+                        }
                        var k;
                        for (k in lsrows)
-                        {
+                            {
-                            tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td>&nbsp;</td><td>'+htmlspecialchars(lsrows[k].code)+'</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
+                            var randomid='new'+Math.floor(Math.random()*111111)
                            if (x==0) {
                                tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td><img class="handle" src="../images/handle.png" /></td><td><input class="code" id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" onkeypress="return goodchars(event,\'1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWZYZ_\')" type="text" maxlength="20" size="5" value="'+htmlspecialchars(lsrows[k].code)+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
                            }
                            else
                                {
                                tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td>&nbsp;</td><td>'+htmlspecialchars(lsrows[k].code)+'</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
                            }
                        }
                    }
                    if (lsreplace) {
                        $('#answertable_'+languages[x]+'_'+scale_id+' tbody').empty();
                    }
                    $('#answertable_'+languages[x]+'_'+scale_id+' tbody').append(tablerows);
                    // Unbind any previous events
                    $('#answertable_'+languages[x]+'_'+scale_id+' .btnaddanswer').unbind('click');
                    $('#answertable_'+languages[x]+'_'+scale_id+' .btndelanswer').unbind('click');
                    $('#answertable_'+languages[x]+'_'+scale_id+' .answer').unbind('focus');
                    $('#answertable_'+languages[x]+'_'+scale_id+' .btnaddanswer').click(addinput);
                    $('#answertable_'+languages[x]+'_'+scale_id+' .btndelanswer').click(deleteinput);
                    $('#answertable_'+languages[x]+'_'+scale_id+' .answer').focus(function(){
                        if ($(this).val()==newansweroption_text)
                        {
                            $(this).val('');
                        }
                    });
                }
-                $('#labelsetbrowser').dialog('close');
+                if (lang_x_found_in_label === false)
-                $('.tab-page:first .answertable tbody').sortable('refresh');                       
+                    {
-                updaterowproperties(); 
+                    lsrows=defaultdata_labels[0];
                    k=0;
                    for (k in lsrows)
                        {
                        tablerows=tablerows+'<tr class="row_'+k+'_'+scale_id+'" ><td>&nbsp;</td><td>'+htmlspecialchars(lsrows[k].code)+'</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+htmlspecialchars(lsrows[k].title)+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
                    }
                }
                if (lsreplace) {
                    $('#answertable_'+languages[x]+'_'+scale_id+' tbody').empty();
                }
                $('#answertable_'+languages[x]+'_'+scale_id+' tbody').append(tablerows);
                // Unbind any previous events
                $('#answertable_'+languages[x]+'_'+scale_id+' .btnaddanswer').unbind('click');
                $('#answertable_'+languages[x]+'_'+scale_id+' .btndelanswer').unbind('click');
                $('#answertable_'+languages[x]+'_'+scale_id+' .answer').unbind('focus');
                $('#answertable_'+languages[x]+'_'+scale_id+' .btnaddanswer').click(addinput);
                $('#answertable_'+languages[x]+'_'+scale_id+' .btndelanswer').click(deleteinput);
                $('#answertable_'+languages[x]+'_'+scale_id+' .answer').focus(function(){
                    if ($(this).val()==newansweroption_text)
                        {
                        $(this).val('');
                    }
                });
            }
            $('#labelsetbrowser').dialog('close');
            $('.tab-page:first .answertable tbody').sortable('refresh');
            updaterowproperties();
-          }}
+    }}
-   );
+    );
 }
 function quickaddlabels()
 {
-	var sID=$('input[name=sid]').val();
+    var sID=$('input[name=sid]').val();
-	var gID=$('input[name=gid]').val();
+    var gID=$('input[name=gid]').val();
-	var qID=$('input[name=qid]').val();
+    var qID=$('input[name=qid]').val();
    if ($(this).attr('id')=='btnqareplace')
-    {
+        {
-       var lsreplace=true;
+        var lsreplace=true;
    }
    else
-    {
+        {
-       var lsreplace=false;
+        var lsreplace=false;
    }
    if (lsreplace)
-    {
+        {
-       $('.answertable:eq('+scale_id+') tbody tr').each(function(){
+        $('.answertable:eq('+scale_id+') tbody tr').each(function(){
-          aRowInfo=this.id.split('_');  
+            aRowInfo=this.id.split('_');
-          $('#deletedqids').val($('#deletedqids').val()+' '+aRowInfo[2]);
+            $('#deletedqids').val($('#deletedqids').val()+' '+aRowInfo[2]);
-       }); 
+        });
    }
    languages=langs.split(';');
    for (x in languages)
-    {
+        {
        lsrows=$('#quickaddarea').val().split("\n");
        if (lsrows[0].indexOf("\t")==-1)
-        {
+            {
            separatorchar=';'
        }
        else
-        {
+            {
            separatorchar="\t";
        }
        tablerows='';
        for (k in lsrows)
-        {
+            {
            thisrow=lsrows[k].splitCSV(separatorchar);
            if (thisrow.length<=languages.length)
-            {
+                {
                thisrow.unshift(parseInt(k)+1);
            }
            else
-            {
+                {
-                thisrow[0]=thisrow[0].replace(/[^A-Za-z0-9]/g, "");
+                thisrow[0]=thisrow[0].replace(/[^A-Za-z0-9]/g, "").substr(0,20);;
            }
            var randomid='new'+Math.floor(Math.random()*111111)
            if (typeof thisrow[parseInt(x)+1]=='undefined')
-            {
+                {
                thisrow[parseInt(x)+1]=thisrow[1];
            }
            if (x==0) {
-                tablerows=tablerows+'<tr class="row_'+k+'" ><td><img class="handle" src="../images/handle.png" /></td><td><input class="code" id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" type="text" maxlength="5" size="5" value="'+thisrow[0]+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+thisrow[parseInt(x)+1]+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
+                tablerows=tablerows+'<tr class="row_'+k+'" ><td><img class="handle" src="../images/handle.png" /></td><td><input class="code" id="code_'+randomid+'_'+scale_id+'" name="code_'+randomid+'_'+scale_id+'" type="text" maxlength="20" size="5" value="'+thisrow[0]+'" /></td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+thisrow[parseInt(x)+1]+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td><img src="../images/addanswer.png" class="btnaddanswer" /><img src="../images/deleteanswer.png" class="btndelanswer" /></td></tr>'
            }
            else
-            {
+                {
                tablerows=tablerows+'<tr class="row_'+k+'" ><td>&nbsp;</td><td>&nbsp;</td><td><input type="text" size="100" id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" name="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'" class="answer" value="'+thisrow[parseInt(x)+1]+'"></input><a id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_ctrl" href="javascript:start_popup_editor(\'answer_'+languages[x]+'_'+randomid+'_'+scale_id+'\',\'[Subquestion:]('+languages[x]+')\',\''+sID+'\',\''+gID+'\',\''+qID+'\',\'editanswer\',\'editanswer\')" class="editorLink"><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrlena" class="btneditanswerena" src="../images/edithtmlpopup.png" width="16" height="16" border="0" /><img id="answer_'+languages[x]+'_'+randomid+'_'+scale_id+'_popupctrldis" class="btneditanswerdis" alt="Give focus to the HTML editor popup window" src="../images/edithtmlpopup_disabled.png" style="display: none;" width="16" height="16" align="top" border="0" /></a></td><td>&nbsp;</td></tr>'
            }
        }
@@ -552,7 +562,7 @@ function quickaddlabels()
        $('#answertable_'+languages[x]+'_'+scale_id+' .btndelanswer').click(deleteinput);
        $('#answertable_'+languages[x]+'_'+scale_id+' .answer').focus(function(){
            if ($(this).val()==newansweroption_text)
-            {
+                {
                $(this).val('');
            }
        });
--- a/include/limesurvey/admin/scripts/surveysecurity.js
+++ b/include/limesurvey/admin/scripts/surveysecurity.js
@@ -1,4 +1,4 @@
-//$Id: surveysecurity.js 9648 2011-01-07 13:06:39Z c_schmitz $
+//$Id: surveysecurity.js 9376 2010-10-31 15:13:46Z c_schmitz $
 $(document).ready(function(){
    $(".surveysecurity").tablesorter({
--- a/include/limesurvey/admin/scripts/surveysettings.js
+++ b/include/limesurvey/admin/scripts/surveysettings.js
@@ -1,4 +1,4 @@
-// $Id: surveysettings.js 9714 2011-01-25 17:52:16Z shnoulle $
+// $Id: surveysettings.js 9757 2011-02-09 20:52:33Z c_schmitz $
 $(document).ready(function(){
    $("#template").change(templatechange);
--- a/include/limesurvey/admin/scripts/surveytoolbar.js
+++ b/include/limesurvey/admin/scripts/surveytoolbar.js
@@ -1,4 +1,4 @@
-// $Id: surveytoolbar.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: surveytoolbar.js 9401 2010-11-03 11:54:50Z c_schmitz $
 // based on TTabs from http://interface.eyecon.ro/
 $(document).ready(function(){
--- a/include/limesurvey/admin/scripts/templates.js
+++ b/include/limesurvey/admin/scripts/templates.js
@@ -1,8 +1,8 @@
-// $Id: templates.js 9680 2011-01-13 19:26:43Z shnoulle $
+// $Id: templates.js 12211 2012-01-26 17:02:27Z shnoulle $
 // based on TTabs from http://interface.eyecon.ro/
 $(document).ready(function(){
-    if($("#changes").length > 0) {
+    if($("#changes:not(.none)").length > 0) {
        editAreaLoader.init({
            language: adminlanguage,
            id : "changes"        // textarea id
--- a/include/limesurvey/admin/scripts/translation.js
+++ b/include/limesurvey/admin/scripts/translation.js
@@ -1,8 +1,9 @@
 // $Id: tokens.js 8633 2010-04-25 12:57:33Z c_schmitz
 var iRunningThreads=0;
 $(document).ready(function(){
    intThrottlingRate = 550; // 1 request per 550 ms
    $('#translationtabs').tabs();
    $('#translationtabs').show();
    $('#translationloading').hide();
@@ -14,6 +15,23 @@ $(document).ready(function(){
        var sBaseLang    = $("[name=baselang]").val();
        var sToLang      = $("[name=tolang]").val();
        switch (sToLang)
        {
            case 'he': sToLang='iw'; break;
            case 'zh-Hans': sToLang='zh-CN'; break;
            case 'zh-Hant-TW': sToLang='zh-TW'; break;
            case 'zh-Hant-HK': sToLang='zh-TW'; break;
            case 'nl-informal': sToLang='nl'; break;
            case 'de-informal': sToLang='de'; break;
            case 'ie': sToLang='ga'; break;
            case 'it-formal': sToLang='it'; break;
            case 'nb': sToLang='no'; break;
            case 'nn': sToLang='no'; break;
            case 'pt-BR': sToLang='pt'; break;
            case 'es-MX': sToLang='es'; break;
            zh-Hans
        }
        $("._from_",$(ui.target).parent()).each(function(index,element)
        {
            var sToConvert = $(element).html();
@@ -48,6 +66,7 @@ $(document).ready(function(){
            }
            if (!bIgnore){
                sToConvert = sToConvert.replace( new RegExp( "\\n", "g" ),'\\n');
                sToConvert = sToConvert.replace(/"/g,'\\"');
                setTimeout('fDoTranslateAjax("'+sBaseLang+'","'+sToLang+'","'+sToConvert+'","'+sId+'");',index*intThrottlingRate)
@@ -55,18 +74,22 @@ $(document).ready(function(){
        });
        setTimeout('fHideAjaxLoader();',($("._from_",$(ui.target).parent()).length)*intThrottlingRate)
        return false;
    });
 });
 function fHideAjaxLoader(){
-    $('.ajax-loader').css('display','none');
+    iRunningThreads--;
    if (iRunningThreads<=0)
    {
        $('.ajax-loader').css('display','none');
    }
 }
 function fDoTranslateAjax(sBaseLang,sToLang,sToConvert,sId)
  {
      $('.ajax-loader').css('display','inline');
      iRunningThreads++;
      $.ajax({
            url:'admin.php',
            datatype: 'json',
@@ -77,8 +100,14 @@ function fDoTranslateAjax(sBaseLang,sToLang,sToConvert,sId)
                tolang:sToLang,
                text:sToConvert
            },
            error: function()
            {
                fHideAjaxLoader();
            },
            success: function(aData)
            {
                fHideAjaxLoader();
                if (aData.error)
                {
                    alert(sGoogleApiError + " " + sDetailedError + ": " + aData.error);
--- a/include/limesurvey/admin/scripts/updateset.js
+++ b/include/limesurvey/admin/scripts/updateset.js
@@ -0,0 +1,325 @@
 $(document).ready(function(){
    if ($(".answertable tbody").children().length == 0)
        add_label(undefined);
    $(".btnaddanswer").live('click',add_label);
    $(".btndelanswer").live('click',del_label);
    $('#neweditlblset0 .answertable tbody').sortable({
        update:sort_complete,
        distance:2
    });
    $('#quickadd').dialog({autoOpen: false,
        modal: true,
        width:600,
        title: $("#quickadd").attr('name')});
    $('.btnquickadd').live('click',function(){
        $('#quickadd').dialog('open');
    });
    $('#btnqacancel').click(function(){
        $('#quickadd').dialog('close');
    });
    $('#btnqareplace').click(quickaddfunction);
    $('#btnqainsert').click(quickaddfunction);
    $("#mainform").submit(function(event,ui){
        var dataToSend = {};
        dataToSend['langs'] = [];
        dataToSend['codelist'] = [];
        $("#tabs>div").each(function(divindex,divelement){
            var div_language = $(".lslanguage",divelement).val();
            if (typeof(div_language)!="undefined")
                dataToSend['langs'].push(div_language);
        });
        $("tbody>tr",$("#tabs>div:first")).each(function(trindex,trelement){
            var tr_code = $(trelement).attr('name');
            dataToSend['codelist'].push(tr_code);
            dataToSend[tr_code] = {
                code: $("#code_"+tr_code).val(),
                assessmentvalue: $("#assessmentvalue_"+tr_code).val()
            };
            $(dataToSend['langs']).each(function(i,e){
                dataToSend[tr_code]['text_'+e] = $("[name=title_"+e+"_"+tr_code+"]").val();
            });
        });
        $("input[name=dataToSend]").remove();
        var encodedData = htmlspecialchars(js2php(dataToSend));
        $("#mainform").append("<input type='hidden' name='dataToSend' value='"+encodedData+"' />");
    });
    fix_highlighting();
 });
 function quickaddfunction(){
    var lsreplace = false;
    if ($(this).attr('id') == 'btnqareplace'){
        lsreplace=true;
    }
    if (lsreplace){
        $("#tabs>div:not(:last) tbody>tr").remove();
    }
    lsrows=$('#quickaddarea').val().split("\n");
    var seperatorchar="\t";
    if (lsrows[0].indexOf("\t")==-1){
        seperatorchar=';'
    }
    $(lsrows).each(function(index,element){
        code = undefined;
        params = element.split(seperatorchar);
        i = 0;
        if (params.length > $(".lslanguage").length){
            code = params[0].replace(/[^a-zA-Z 0-9]+/g,'');
            i++;
        }
        if (index!=0 || (!lsreplace && $("#tabs>div:not(:last) tbody>tr").length > 0)){
            event = {};
            event.target = $(".btnaddanswer:last");
            var retcode = add_label(event);
        }
        else{
            var retcode = add_label();
        }
        if (typeof(code)!="undefined")
            $("#code_"+retcode).val(code);
        $(".lslanguage").each(function(){
            $("input[name=title_"+$(this).val()+"_"+retcode+"]").val(params[i]);
            i++;
        });
    });
    $("#quickaddarea").html('');
    $('#quickadd').dialog('close');
 }
 function check_onsubmit(element){
    var onsub = $(element).attr('onsubmit');
    var code = onsub.substr(6,onsub.length);
    return eval(code);
 }
 function sort_complete(event, ui){
    var newposition = ($(ui.item).parent().children().index($(ui.item)));
    var item = ui.item;
    var position = ui.position;
    var originalposition = ui.originalPosition;
    if (originalposition.top > position.top) newposition = newposition - 1;
    $("#tabs div:not(:first) [name="+$(item).attr('name')+"]").each(function(index,element){
        var backup = "<tr name='"+$(item).attr('name')+"'>"+$(element).html()+"</tr>";
        if (newposition >= 0)
            $($(element).parent().children()[newposition]).after(backup);
        else
            $(element).parent().prepend(backup);
        $(element).remove();
    });
    fix_highlighting();
 }
 function add_label(event)
 {
    if ($(this).parent().parent().find('.codeval').size()>0)
    {
        next_code=getNextCode($(this).parent().parent().find('.codeval').val());
    }
    else
    {
        next_code='L001';
    }
    while ($(this).parent().parent().parent().find('input[value="'+next_code+'"]').length>0  && next_code!=$(this).parent().parent().find('.codeval').val())
    {
        next_code=getNextCode(next_code);
    }
    var html = createNewLabelTR(true,true);
    if (typeof(event)=="undefined")
        var row_id = -1;
    else
        var row_id = ($(event.target).parent().parent().parent().children().index($(event.target).parent().parent()));
    var randomid = 'new' + Math.floor(Math.random()*111111);
    html = str_replace("###assessmentval###",'0',html);
    html = str_replace("###codeval###",next_code,html);
    html = str_replace("###next###",randomid,html);
    html = str_replace("###lang###",$("#tabs div:first .lslanguage").val(),html);
    if (typeof(event) == "undefined")
        $("#tabs div:first tbody").html(html);
    else
        $(event.target).parent().parent().after(html);
    html = createNewLabelTR(true,false);
    html = str_replace("###assessmentval###",'0',html);
    html = str_replace("###codeval###",next_code,html);
    html = str_replace("###next###",randomid,html);
    $("#tabs div:not(:first)").each(function(index,element){
        var temp_html = str_replace("###lang###",$(".lslanguage",element).val(),html);
        if (row_id >= 0){
            $($("tbody",element).children()[row_id]).after(temp_html);
        }
        else
            $(".answertable tbody",$(element)).html(temp_html);
    });
    $("tr[name="+randomid+"]").hide().fadeIn(1000);
    fix_highlighting();
    return randomid;
 }
 function del_label(event){
    var id = $(event.target).parent().parent().attr('name');
    $("[name="+id+"]").remove();
    fix_highlighting();
    if ($(".answertable tbody").children().length == 0)
        add_label(undefined);
 }
 function fix_highlighting(){
    $("tbody tr").removeClass("highlight");
    $("tbody tr:even").addClass("highlight");
 }
 function createNewLabelTR(alternate,first){
    x = "<tr ";
    if (alternate)
        x = x + "class= 'highlight' ";
    x = x + "style = 'white-space: nowrap;' name='###next###'>";
    if (!first)
        x = x + "<td>###codeval###</td><td>###assessmentval###</td>";
    else
        x = x + "<td><img src='../images/handle.png'></td><td>"
    + "<input type='hidden' class='hiddencode' value='###codeval###' />"
    + "<input type='text' class='codeval' value='###codeval###' name='code_###next###' id='code_###next###' size='6' maxlength='5' >"
    + "</td><td>"
    + "<input type=\"text\" class='assessmentval' value=\"###assessmentval###\" name=\"assessmentvalue_###next###\" id=\"assessmentvalue_###next###\" style=\"text-align: right;\" size=\"6\" maxlength=\"5\" >";
    x = x + "<td><input name=\"title_###lang###_###next###\"  type=\"text\" value=\"\" size=\"80\" maxlength=\"3000\" >"+
    "<a title=\"\" id=\"title_###lang###_###next###_ctrl\" href=\"javascript:start_popup_editor('title_###lang###_###next###','[Label:](###lang###)','','','','editlabel','labels')\">"+
    "<img height=\"16\" border=\"0\" width=\"16\" src=\"../images/edithtmlpopup.png\" name=\"title_###lang###_###next###_popupctrlena\" id=\"title_###lang###_###next###_popupctrlena\" alt=\"\">"+
    "<img height=\"16\" border=\"0\" align=\"top\" width=\"16\" style=\"display: none;\" src=\"../images/edithtmlpopup_disabled.png\" name=\"title_###lang###_###next###_popupctrldis\" id=\"title_###lang###_###next###_popupctrldis\" alt=\"Give focus to the HTML editor popup window\"></a></td>";
    if (first)
        x = x + "<td style=\"text-align: center;\"><img class=\"btnaddanswer\" src=\"../images/addanswer.png\"><img class=\"btndelanswer\" src=\"../images/deleteanswer.png\"></td>";
    x = x + "</tr>";
    return x;
 }
 function str_replace (search, replace, subject, count) {
    var i = 0, j = 0, temp = '', repl = '', sl = 0, fl = 0,
    f = [].concat(search),
    r = [].concat(replace),
    s = subject,
    ra = r instanceof Array, sa = s instanceof Array;
    s = [].concat(s);
    if (count) {
        this.window[count] = 0;
    }
    for (i=0, sl=s.length; i < sl; i++) {
        if (s[i] === '') {
            continue;
        }
        for (j=0, fl=f.length; j < fl; j++) {
            temp = s[i]+'';
            repl = ra ? (r[j] !== undefined ? r[j] : '') : r[0];
            s[i] = (temp).split(f[j]).join(repl);
            if (count && s[i] !== temp) {
                this.window[count] += (temp.length-s[i].length)/f[j].length;}
        }
    }
    return sa ? s : s[0];
 }
 function getNextCode(sourcecode)
 {
    i=1;
    found=true;
    foundnumber=-1;
    sclength = sourcecode.length;
    while (i<=sclength && found == true)
    {
        found=is_numeric(sourcecode.substr(sclength-i,i));
        if (found)
            {
            foundnumber=sourcecode.substr(sclength-i,i);
            i++;
        }
    }
    if (foundnumber==-1)
        {
        return(sourcecode);
    }
    else
        {
        foundnumber++;
        foundnumber=foundnumber+'';
        result=sourcecode.substr(0,sclength-foundnumber.length)+foundnumber;
        return(result);
    }
 }
 function is_numeric (mixed_var) {
    return (typeof(mixed_var) === 'number' || typeof(mixed_var) === 'string') && mixed_var !== '' && !isNaN(mixed_var);
 }
--- a/include/limesurvey/admin/scripts/users.js
+++ b/include/limesurvey/admin/scripts/users.js
@@ -1,4 +1,4 @@
-// $Id: users.js 9648 2011-01-07 13:06:39Z c_schmitz $
+// $Id: users.js 9330 2010-10-24 22:23:56Z c_schmitz $
 $(document).ready(function(){
    $("#users").tablesorter({
--- a/include/limesurvey/admin/sessioncontrol.php
+++ b/include/limesurvey/admin/sessioncontrol.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: sessioncontrol.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: sessioncontrol.php 11675 2011-12-18 02:27:59Z tmswhite $
 */
 // Security Checked: POST, GET, SESSION, REQUEST, returnglobal, DB
@@ -152,7 +152,8 @@ $dangerousActionsArray = Array
        5 => Array('subaction' => 'insertquotaanswer'),
        6 => Array('subaction' => 'quota_delans')
    ),
-    'translate' => Array()
+    'translate' => Array(),
    'ajaxmodlabelsetanswers'=>Array()
 );
 if ($_SERVER['REQUEST_METHOD'] == 'GET' && isset($_GET['action']) &&
--- a/include/limesurvey/admin/statistics.php
+++ b/include/limesurvey/admin/statistics.php
@@ -10,7 +10,7 @@
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 *
- * $Id: statistics.php 10925 2011-09-02 14:12:02Z c_schmitz $
+ * $Id: statistics.php 11664 2011-12-16 05:19:42Z tmswhite $
 *
 */
@@ -270,6 +270,7 @@ $quexsfilterstate = questionnaireSampleFilterstate();
    . get_questionnaire_sample_list($surveyid,$quexsfilterstate)
    ."</select></li>\n";
 $statisticsoutput .= "<li><label for='viewsummaryall'>".$clang->gT("View summary of all available fields")."</label>
                <input type='checkbox' id='viewsummaryall' name='viewsummaryall' ";
 if (isset($_POST['viewsummaryall'])) {$statisticsoutput .= "checked='checked'";}
@@ -291,7 +292,7 @@ $language_options="";
 foreach ($survlangs as $survlang)
 {
    $language_options .= "\t<option value=\"{$survlang}\"";
-    if ($_SESSION['adminlang'] == $survlang)
+    if ($statlang == $survlang)
    {
        $language_options .= "selected=\"selected\" " ;
    }
@@ -349,6 +350,12 @@ if ($grapherror!='')
 }
 $statisticsoutput.="</li>\n";
 //Show text responses inline
 $statisticsoutput .= "<li>
    <label>".$clang->gT("Show text responses inline").":</label>
    <input type='checkbox' id='showtextinline' name='showtextinline' ";
 if(isset($_POST['showtextinline'])) { $statisticsoutput .= "checked='checked'"; }
 $statisticsoutput .= "/><br /></li>\n";
 //Output selector
 $statisticsoutput .= "<li>"
 ."<label>"
@@ -1275,7 +1282,7 @@ foreach ($filters as $flt)
            for ($i=1; $i<=$count; $i++)
            {
                //adjust layout depending on counter
-                if ($counter2 == 4) {$statisticsoutput .= "\t\t\t\t</tr>\n\t\t\t\t<tr>\n"; $counter=0;}
+                if ($counter2 == 4) {$statisticsoutput .= "\t\t\t\t</tr>\n\t\t\t\t<tr>\n"; $counter2=0;}
                //myfield is the SGQ identifier
                //myfield2 is just used as comment in HTML like "R40X34X1721-1"
--- a/include/limesurvey/admin/statistics_function.php
+++ b/include/limesurvey/admin/statistics_function.php
--- a/include/limesurvey/admin/styles/default/adminstyle-rtl.css
+++ b/include/limesurvey/admin/styles/default/adminstyle-rtl.css
@@ -438,3 +438,5 @@ div.menubar input {
 #surveydetails td+td,#groupdetails td+td,#questiondetails td+td {
  text-align: right;
 }
 .labelsets-update label{display:block}
 .button-list{text-align:right}
--- a/include/limesurvey/admin/styles/default/adminstyle.css
+++ b/include/limesurvey/admin/styles/default/adminstyle.css
@@ -390,6 +390,10 @@ span.settingcaption {
    color: #1D2D45;
 }
 #assessmentsform span.settingcaption {
    width: 15%;
 }
 .settingentry {
    float: left;
    width: 660px;
@@ -402,6 +406,10 @@ span.settingcaption {
 	outline: 0 none;
 }
 #assessmentsform .settingentry {
    width: 80%;
 }
 .settingentry span {
 	outline: 0 none;
 }
@@ -413,6 +421,10 @@ span.settingcaption {
    background-color: #F8F8FF;
 }
 #assessmentsform .settingrow {
    width: 100%;
 }
 .settingrow .cke_skin_office2003,
 .settingrow .cke_skin_office2003 .cke_wrapper{
 	margin-bottom: 0;
@@ -699,6 +711,12 @@ a.optoutemail {
    margin:0 auto;
 }
 #assessmentsform #languagetabs {
 	min-width: 680px;
    background-color: #F8F8FF;
 	background-image: none;
 }
 .answertable tr.highlight {
    background-color:#EAF2FF;
 }
@@ -1163,7 +1181,9 @@ textarea.updater-changelog {
    padding-bottom:5px;
 }
-
+#assessmentsform .ui-tabs-nav li {
    clear: none;
 }
 #frmeditquestion li,
 #importquestion li {
@@ -1451,7 +1471,20 @@ div.translate {
  width: 90%;
 }
 #translateform table td{
  padding: 1px 4px;
 }
 #translateform textarea:focus{
  outline: blue solid thin;
 }
 .textresponses {
  text-align: center;
  border: 1px solid #eee;
  height: 200px;
  overflow: auto;
 }
 .labelsets-update label{display:block}
 .button-list{text-align:left}
--- a/include/limesurvey/admin/styles/default/superfish.css
+++ b/include/limesurvey/admin/styles/default/superfish.css
@@ -32,9 +32,15 @@
 .sf-menu li:hover ul,
 .sf-menu li.sfHover ul {
 	left:			0;
-	top:			44px; /* match top ul list item height */
+	top:			43px; /* match top ul list item height */
 	z-index:		99;
 }
 .sf-menu.sf-js-enabled li:hover ul,
 .sf-menu.sf-js-enabled li.sfHover ul {
 	top:			44px; 
 }
 ul.sf-menu li:hover li ul,
 ul.sf-menu li.sfHover li ul {
 	top:			-999em;
@@ -59,11 +65,22 @@ ul.sf-menu li li li.sfHover ul {
 	float:			left;
 	margin-bottom:	1em;
 }
 .sf-menu a {
 .menubar-main ul.sf-menu {
 	height: auto;
 	margin-bottom: 0; 
 }
 .sf-menu a {
 	padding: 		0.1em 1em;
 	text-decoration:none;
 }
 .menubar-main .sf-menu a {
 	padding: 1px 1em 0 1em;
 	height: 42px;
 }
 .sf-menu a, .sf-menu a:visited  { /* visited pseudo selector so IE6 applies text colour*/
 	color:			#13a;
 }
--- a/Show More
+++ b/Show More
		`@@ -1 +0,0 @@`
			`<!--#include file="../documentation.asp"//-->`