From cf3ac246bfea245459dbcfbff25b22f4952c8514 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?=
 <marcosgdf@gmail.com>
Date: Fri, 3 Jan 2014 15:35:12 +0100
Subject: [PATCH] Moved exportcsv.php out of public folder as it should only be
 accesible for Dolibarr users

---
 htdocs/opensurvey/adminstuds_preview.php     |  2 +-
 htdocs/opensurvey/{public => }/exportcsv.php | 20 +++++---------------
 2 files changed, 6 insertions(+), 16 deletions(-)
 rename htdocs/opensurvey/{public => }/exportcsv.php (84%)

diff --git a/htdocs/opensurvey/adminstuds_preview.php b/htdocs/opensurvey/adminstuds_preview.php
index de1658b80ea..04a3ed62b86 100644
--- a/htdocs/opensurvey/adminstuds_preview.php
+++ b/htdocs/opensurvey/adminstuds_preview.php
@@ -449,7 +449,7 @@ print '</form>'."\n";
 
 print '<div class="tabsAction">';
 
-print '<a class="butAction" href="public/exportcsv.php?sondage=' . $numsondage . '">'.$langs->trans("ExportSpreadsheet") .' (.CSV)' . '</a>';
+print '<a class="butAction" href="exportcsv.php?id=' . $numsondage . '">'.$langs->trans("ExportSpreadsheet") .' (.CSV)' . '</a>';
 
 print '</div>';
 
diff --git a/htdocs/opensurvey/public/exportcsv.php b/htdocs/opensurvey/exportcsv.php
similarity index 84%
rename from htdocs/opensurvey/public/exportcsv.php
rename to htdocs/opensurvey/exportcsv.php
index 5fded4f5d32..49d982f5721 100644
--- a/htdocs/opensurvey/public/exportcsv.php
+++ b/htdocs/opensurvey/exportcsv.php
@@ -16,33 +16,23 @@
  */
 
 /**
- *	\file       htdocs/opensurvey/public/exportcsv.php
+ *	\file       htdocs/opensurvey/exportcsv.php
  *	\ingroup    opensurvey
  *	\brief      Page to list surveys
  */
 
 
-define("NOLOGIN",1);		// This means this output page does not require to be logged.
-define("NOCSRFCHECK",1);	// We accept to go on this page from external web site.
-require_once('../../main.inc.php');
+require_once('../main.inc.php');
 require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/opensurvey/class/opensurveysondage.class.php");
 
 $action=GETPOST('action');
 $numsondage = $numsondageadmin = '';
-if (GETPOST('sondage'))
+if (GETPOST('id'))
 {
-	if (strlen(GETPOST('sondage')) == 24)	// recuperation du numero de sondage admin (24 car.) dans l'URL
-	{
-		$numsondageadmin=GETPOST("sondage",'alpha');
-		$numsondage=substr($numsondageadmin, 0, 16);
-	}
-	else
-	{
-		$numsondageadmin='';
-		$numsondage=GETPOST("sondage",'alpha');
-	}
+	$numsondageadmin=GETPOST("id",'alpha');
+	$numsondage=substr($numsondageadmin, 0, 16);
 }
 
 $object=new Opensurveysondage($db);
-- 
GitLab