Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Suvey is Problematic if [created by COPY] and [not done by SuperAdministrator]

  • kmanapp
  • kmanapp's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
9 years 5 days ago - 9 years 5 days ago #118288 by kmanapp
Dear friends,

I am not sure whether this is a known bug.

The situation is:
I have some existing surveys (so-called the "Company Survey Template") well-configured with some predefined settings (e.g., Survey settings, Question Groups, Basic Questions), and in some questions, I have inserted source codes (mainly jQuery JavaScript) at the "Help" text by clicking the "Source" button to control advance behaviour of such questions.

The issue is:
While "userA" to which such surveys are granted to be viewable and editable clicked the "Create a new Survey" by copying from those "Company Survey Template", the newly created one (or, in other words, the duplicated/cloned one) will be corrupted. The most obvious scenario of corrupted settings is that all the "jQuery JavaScript" has lost, and even more worse, it is unable to fill-in the required "jQuery JavaScript" as the LimeSurvey engine no longer interpret those correct "jQuery JavaScript" and seems that such surveys has been problematic.

One point has to be stressed here is that "userA" is NOT of LimeSurvey "SuperAdministrator" role, but a normal user role (granted with all available privileges in relation to survey). If the above scenario is done by any user bearing the LimeSurvey "SuperAdministrator" role, no problem happens.

The scenario can be easily replicated/reproduced.

Does anyone experience the same problem? Appreciate sharing your experience and your help in working around such problem. Thanks.
Last edit: 9 years 5 days ago by kmanapp.
The topic has been locked.
  • tpartner
  • tpartner's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
9 years 4 days ago - 9 years 4 days ago #118291 by tpartner
In Global settings --> Security, set "Filter HTML for XSS" to "No". This will allow non-super-admins to insert or edit JavaScript. manual.limesurvey.org/Global_settings#Security

Cheers,
Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Last edit: 9 years 4 days ago by tpartner.
The following user(s) said Thank You: DenisChenu, kmanapp
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose