FormTest

  • Every form consist of a Form record and multiple FormElement records.
  • Forms will be created by using the Form editor.
  • A form is assigned to table, called primary table.
  • If a form saves values to more than one table, use the addNupdate FormElements.

Form specification

Most fields of a form specification might contain: * ‘’constants’’ (=strings), this is the standard use case. * ‘’variables’’ retrieved from the stores (see below), * ‘’SQL statements’’ (limited set of), * or any combination of the above.

Variable (incl. mixed SQL Statement)

  • A variable (or SQL) statement is surrounded by curely braces:

    {{VarName[:<store / prio>[:<sanitize class>]]}}

  • Example:

    {{recordid}}

    {{SELECT name FROM person WHERE id=1234}}

    {{SELECT name FROM person WHERE id={{recordid}} }}

    {{SELECT name FROM person WHERE id={{key1:C:ALNUMX}} }}

  • Leading and tailing spaces inside curly braces are removed.

    • {{ SELECT “_1” }} is equal to {{SELECT “_1”}}
    • {{ varname }} is equal to {{varname}}
  • There are several stores, from where to retrieve the value. If a value is not found in one store, take the next store, until a value has been found.

  • If there is an empty string found, this ‘’‘is’‘’ a value: value found >> stop search.

  • If no value is found, the value is an <empty string>.

URL Parameter

  • URL (=GET) Parameter can be used in forms as variables.
  • Every parameter should be defined in ‘Form.url_parameter_type’, together with a sanitize class.
  • Parameter without a definition are classified as digit. Broken validation will clear the variable (empty string).

Sanitize class

  • All values in Store C (Client) and store F (Form) will be sanitized with one of three classes:
    • digit: [0-9].-+
    • alnumx: [A-Za-z][0-9]@-_.,; /()
    • all: no sanitizing
  • All Predefined variable names have a specific default sanitize class.
  • All other variables (Store: C, F) get by default the sanitize class ‘digit’.
  • A default sanitize class can be overwritten by individual definition: {{a:C:all}}

Store / prio

Only variables, which are known in a specified store, can be substituted.

Name Description Content
F Form: data still not saved in database. All native form elements. Recent values from the Browser.
S SIP: Client parameter ‘s’ will indicate the current SIP, which will be loaded from the SESSION repo to the SIP-Store. sip, r (record_id), form
R Record - the one who will be edited. For new records: empty. All columns of the current record from the current table
P Parent record. E.g.: on multi forms the current record of the outer query All columns of the MultiSQL Statement from the for the current row
D The table.column specified default value.  
M The table.column specified type  
C Client: POST variable, if not found: GET variable Parameter send from the Client (=Browser).
T Typo3: a) Bodytext (ttcontent record), b) Typo3 internal varibles like fe_user_uid, ... See Typo3 tt_content record configuration
0 Value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string All possible keys
Y System: a) Database credentials, b) helper vars for logging/debugging: SYSTEM_SQL_RAW ... SYSTEM_FORM_ELEMENT_COLUMN  
  • Default <prio>: FSRD - Form / SIP / Record / Table definition.
  • Hint: Preferable, parameter should be submitted by SIP, not by Client (=URL).
    • SIPs can only be defined by using Report.
    • Data submitted via ‘Client’ can be easily spoofed and altered.
    • Data submitted via SIP never leaves the server, cannot be spoofed or altered by the user.
  • QFQ generated internal links are automatically ‘SIP’ed.
    • If are URL parameter needed, specifying ‘C’ inside <prio> is necessary as well as specifying them in Form.permitUrlParameter.

Predefined variable names

Store: CLIENT - C

Name Explanation
s =SIP
r record id. Typically stored in SIP, rarely specified on the URL
keySemId always current Semester Id
keySemIdUser {{keySemIdUser}}, may be changed by user
pageId current T3 page Id
pageType T3 GET Parameter ‘type’
pageLanguage T3 GET Parameter ‘L’
HTTP_HOST current HTTP HOST
REMOTE_ADDR Client IP address
‘$_SERVER[*]’ All other variables accessable by $_SERVER[]. Only the often used have a pre defined sanitize class.
form Unique name of current form
random random string with length of 32 chars, alphanum
ANREDE {{sex}} == male >> Sehr geehrter Herr, {{sex}} == female Sehr geehrte Frau
EANREDE {{sex}} == male >> Dear Mr., {{sex}} == female >> Dear Mrs.

Store: TYPO3 (Bodytext) - T

Name Explanation
form Formname defined in ttcontent record bodytext * fix. E.g.: form = person * via SIP. E.g. `form = {{form}}
debugShowStack Any exception will show the call stack. E.g. debugShowStack = 1
debugLoad Debug Level for ‘load’, defined in ttcontent record bodytext
debugSave Debug Level for ‘save’, defined in ttcontent record bodytext
fe_user Logged in Typo3 FE User
fe_user_uid Logged in Typo3 FE User uid
fe_user_group FE groups of logged in Typo3 FE User

Store: FORM - F

  • Represents the values in the form, typically before saving them.
  • Used for:
    • Formelements who will be rerendered, after a parent element has been changed by the user.
    • Formelement actions, before saving the form.
Name Explanation
FormElement name Name of native formelement. To get, exactly and only, the specified form element(for ‘p_id’): {{p_id:F}}

Store: RECORD - R

Name Explanation
record column name Name of a column of the primary table (as defined in the current form). To get, exactly and only, the specified form element: {{p_id:R}}

SQL detection

  • The detection of an SQL command is case insensitive.
Name Explanation
SELECT ... reserved and indicates a SQL Statememt
INSERT ... reserved and indicates a SQL Statememt
UPDATE ... reserved and indicates a SQL Statememt
DELETE ... reserved and indicates a SQL Statememt
SHOW ... reserved and indicates a SQL Statememt

SQL

  • SQL Statement:

    {{[!]SELECT ...|UPDATE ...|INSERT ...|SHOW ...|LAST_INSERT_ID ...}}
    
  • Example:

    {{SELECT ... id, name, ... [<PARAM1>] ... FROM person ... [<PARAM2>] [...]}}
    
  • A SQL Statement might contain parameter, including additional SQL statements. Inner SQL queries will be fired first.

  • All variables will be substituted one by one from inner to outer.

  • Maximum recursion depth: 5 (a recursion depth of 2 is sometimes used for mailing with templates, 3 and more probably confuses too much and are therefore not practicable, but supported until depth of 5)

  • The number of variables inside an input field or a SQL statement is not limited.

  • A resultset of a SQL statement will be imploded over all (concat all columns of a row, concat all rows - there is no glue string).

  • Array: {{!SELECT ...}}

    • Only possible for the most outer SELECT.

Form

Name Explanation Description
id int, autoincrement created by by MySQL
name string unique and speaking name of the form. Form will be identified by this name
title string / query Title, shown on/above the form.
noteInternal textarea Internal notes: special functionality, used variables, ...
tableName string Primay table of the form
permitNew enum(‘sip’, ‘logged_in’, ‘logged_out’, ‘always’, ‘never’) Default: sip
permitEdit enum(‘sip’, ‘logged_in’, ‘logged_out’, ‘always’, ‘never’) Default: sip
permitUrlParameter textarea Braucht es das wircklich? per line one GET-‘parameter name’ with a class DIGIT, ALNUMX, ALL. F.e.: email:ALPHANUM n postalcode:DIGIT
render enum(‘plain’,’table’, ‘bootstrap’) Default bootstrap
multiMode enum(‘none’,’horizontal’,’vertical’) Default ‘none’
multiSql text Optional. SQL Query which selects all records to edit.
multiDetailForm string Optional. Form to open, if a record is selected to edit (double click on record line)
multiDetailFormParameter string Optional. Translated Parameter submitted to detailform (like subrecord parameter)
forwardMode string: ‘auto|no|page’.  
forwardPage string / query If $forward==”page”: page to jump to
bsLabelColumns string title: default number of ‘bootstrap 12grid’ columns
bsInputColumns string input: default number of ‘bootstrap 12grid’ columns
bsNoteColumns string note: default number of ‘bootstrap 12grid’ columns
parameter text Misc additional parameters. See ‘Form.parameter’
deleted string ‘yes’|’no’.
modified timestamp updated autmatically throught stored procedure
created datetime set once through QFQ
  • Former columns used in form2, maybe usefull in QFQ:
    • gr_id_section / int / Assign form to a user defineable list of sections. Supports administration of tables.
    • form_delete / string / form.name of a ‘delete’ form. Deletes primary record(s) and dependent records
    • typ / enum / Not necessary in the first version of QFQ - may be later.
  • Columns used in form2, probably not used anymore in QFQ.
    • col_id_background / int / done by CSS
    • col_id_font / int / done by CSS
    • col_id_border / int / done by CSS
    • section_unused
    • color_css / enum(‘yes’, ‘no’)

Form.parameter

Name Type Description
maxVisiblePill int Show pills upto <maxVisiblePill> as button, all further in a dropdown menu. Eg.: maxVisiblePill=3
class string HTML div with given class, surrounding the whole form. Eg.: class=container-fluid

FormElement

  • Ordering and grouping: Native Form-Elements and Container-Elements, both with feIdContainer=0 will ordered by ‘ord’.
  • Inside of a container, all nested elements will be displayed.

Class: Container

  • Pill’s are container for ‘fieldset’ and ‘native’ Form-Elements.
  • Fieldsets are container for ‘native’ Form-Elements

Type: fieldset

  • Native Formelements might be assigned to a fieldset.
  • name: technical name, used as HTML identifier.
  • label: Shown title of the fieldset.

Type: pill

  • Pill is a synonym for a tab. A pill looks like a tab.
  • Pill’s are only available with mode render=’bootstrap’.
  • If there is a pill defined, every native Formelements needs to be assigned to a pill or to a fieldset.
  • If there is a pill defined, every fieldset needs to be assigned to a pill.
  • Parameter:
    • FormElement.’‘’name’‘’: technical name, used as HTML identifier.
    • FormElement.’‘’label’‘’: Label shown on the corresponding pill button or inside the dropdown menu.
    • FormElement.’‘’type’‘’: pill
    • FormElement.’‘’feIdContainer’‘’: 0 # Pill’s can’t be nested.
    • Form.’‘’Parameter’‘’: maxVisiblePill=<nr> Number of Pill-Buttons shown. Undefined means unlimited. Remaining Pill buttons, not shown, will be displayed as a dropdown menu.

Class: Native

Name Type Description
id int  
formId int  
feIdContainer int  
enabled enum(‘yes’|’no’)  
name string  
label string Label of formelement. Depending on layout model, left or on top of the formelement
mode enum(‘show’, ‘readonly’, ‘required’, ‘lock’, ‘disable’ ) Default: normal - Normal: regular user input field. Readonly : user can’t change any data. Important : user manipulated data wont be saved. Required User has to specify a value. Typically, an <empty string> represents ‘no value’ . lock form element is read only and grayed out, disable: form element is not visible
class enum(‘native’, ‘action’, Details below.
  ‘container’)  
type enum(‘checkbox’, ‘dateJQW’, ‘datetimeJQW’, ‘gridJQW’, ‘hidden’, ‘text’, ‘note’, ‘password’, ‘radio’, ‘select’, ‘subrecord’,
  ‘textarea’, ‘timeJQW’, ‘upload’, ‘fieldset’, ‘pill’, ‘before_load’, ‘before_save’, ‘before_insert’, ‘before_update’,
  ‘before_delete’, ‘after_load’, ‘after_save’, ‘after_insert’, ‘after_update’, ‘after_delete’, ‘feGroup’, ‘sendmail’ )’.
checkType enum(‘min|max’, ‘pattern’, ‘number’, ‘email’)  
checkPattern ‘regexp’ if $check_type==’pattern’: pattern to match
onChange string
list of ‘form element names’ of current form, separated by ‘, ‘, If one of the named form elements
change, reload own data / status / mode
ord string display order of form elements (‘order’ is a reserved keyword)
tabindex string HTML tabindex attribute
size string Visible length of input element. Might be ommited, depending on the choosen form layout
maxLength string Maximum characters for input.
note string Note of formelement. Depending on layout model, right or below of the formelement
tooltip text Display this text as tooltip on mouse over
placeholder string text, displayed inside the input element in light grey
clientJs text Javascript called on ‘on change’ formelements
value text Default value
sql1 text SQL query (‘sql’ is a reserved keyword)
sql2 text second SQL query
parameter text might contain misc parameter. Depends on the type of formelement.
feGroup string Comma separated list of Typo3 FE Group ID. NOT SURE IF THIS WILL BE IMPLEMENTED. Natvie formElements, fieldsets and pills can be assigned to feGroups. Group status: show, hidden, disabled. Group Access: FE-Groups. User will be assigned to FE-Groups and the form defintion reference such FE-groups. Easy way of granting permission.
deleted string ‘yes’|’no’.
modified timestamp updated autmatically throught stored procedure
created datetime set once through QFQ
Attribute checkbox dateJQW datetimeJQW gridJQW hidden input note password radio select subrecord textarea timeJQW upload
id <-14> Internal id
formId <-14> Form
containerId <-14> Assign the Formelement to user defined fieldSet or pill
enabled <-14> Formelement is active or not
name <-14> Name of a column of the primary table. Formelements with a corresponding table will be saved automatically.
label <-14> Label shown to the user.
mode <-14> show, readonly, required, lock, disable.
class <-14> native
type checkbox dateJQW datetimeJQW gridJQW hidden input note password radio select subrecord textarea timeJQW upload
checkType  
   
 
     
 
checkPattern  
   
 
     
 
onChange
   
 
 
ord
tabindex
size
  • 1
       
 
  • 1
  • 2
 
  • 1
  • ?
maxLength          
 
           
note
   
tooltip
   
 
 
placeholder  
   
         
clientJs  
 
 
 
value
 
sql1 <-14> ?
sql2 <-14> ?
<-15 rowbgcolor=”#eeeeee”> Additional attributes in Field ‘parameter’. Typically in key=value format.
type checkbox dateJQW datetimeJQW gridJQW hidden input note password radio select subrecord textarea timeJQW upload
accept <-15> ?
alt <-15> ?
autocomplete  
   
         
 
autofocus
   
 
 
checkBoxMode
                       
checked
       
   
         
unchecked
       
   
         
label2
             
         
itemList
             
       
emptyItemAtStart                  
       
emptyItemAtEnd                  
       
accept                          
  • 3

Class: native

  • All ‘native’ Formelements like ‘input’, ‘checkbox’, ...

Type: checkbox

Parameter |
checkBoxMode |
checked |
unchecked |
label2 |
itemList | E.g.: ‘red,blue,orange’ or ‘1:red,2:blue,3:orange’ |
  • Mode: checkBoxMode=single
    • This mode is selected if the attribute checkBoxMode is missing and the number of fields of the set/enum definition is <3.
    • FormElement type: string, set, enum.
    • One Checkbox.
    • Field ‘parameter’:
      • checkBoxMode=simple (optional)
      • checked=<value> (optional)
      • unchecked=<value> (optional)
      • label2=<value> (Text right beside checkbox) (optional)
    • If checked=””:
      • If ‘enum’ or ‘set’, get first item. If string, get default.
    • If unchecked=’‘:
      • If ‘enum’ or ‘set’, get opposite item of checked. If string, get ‘’.
  • Mode: checkBoxMode=multiple (as many as field values)
    • Type enum
    • Each field value right beside the checkbox.
    • Create a <br> after every maxLength checkboxes (0: no <br>)

Type: date

Type: datetime

Type: hidden

Type: input

  • General tnput for text and number.
  • size:
    • <number>: width of input element in characters. Lineheight = 1.
    • <cols>,<rows>: inpit element = textarea, width=<cols>, height=<rows>

Type: note

Type: radio

  • Radio Buttons will be build from one of three sources:

      1. ‘sql1’: E.g. {{!SELECT type AS label FROM car }} or {{!SELECT type AS label, typeNr AS id FROM car}} or {{!SHOW tables}}.
      • Resultset format ‘named’: column ‘label’ and optional a column ‘id’.
      • Resultset format ‘index’:
      • One column in resultset >> first column represent label
      • Two or more columns in resultset >> first column represent id and the second column represent label.
      1. FormElement.’‘’parameter’‘’:
      • ‘’‘itemList’‘’ attribute. E.g.: itemList=red,blue,orange or itemList=1:red,2:blue:3:orange
      1. Definition of the enum or set field (only labels, no ids are possible).
  • FormElement.’‘’parameter’‘’:

    • ‘’‘emptyItemAtStart’‘’: Existence of this item inserts an empty entry at the beginning of the selectlist.
    • ‘’‘emptyItemAtEnd’‘’: Existence of this item inserts an empty entry at the end of the selectlist.

Type: select

  • Select lists will be build from one of three sources:

      1. ‘sql1’: E.g. {{!SELECT type AS label FROM car }} or {{!SELECT type AS label, typeNr AS id FROM car}} or {{!SHOW tables}}.
      • Resultset format ‘named’: column ‘label’ and optional a column ‘id’.
      • Resultset format ‘index’:
        • One column in resultset >> first column represent label
        • Two or more columns in resultset >> first column represent id and the second column represent label.
      1. FormElement.’‘’parameter’‘’:
      • ‘’‘itemList’‘’ attribute. E.g.: itemList=red,blue,orange or itemList=1:red,2:blue:3:orange
      1. Definition of the enum or set field (only labels, no ids are possible).
  • FormElement.’‘’size’‘’:

    • <empty>|0|1: Dropdown list.
    • >1: Select field with ‘size’ rows height. Multiple selection of items are possible.
  • FormElement.’‘’parameter’‘’:

    • ‘’‘emptyItemAtStart’‘’: Existence of this item inserts an empty entry at the beginning of the selectlist.
    • ‘’‘emptyItemAtEnd’‘’: Existence of this item inserts an empty entry at the end of the selectlist.

Type: subrecord

  • ‘subrecord’ will be rendered as html table.

  • FormElement.’‘’sql1’‘’: SQL query to select records. E.g.:

    {{!SELECT a.id AS id, CONCAT(a.strasse, a.hausnummer) AS a, a.city AS b, a.zip AS c FROM adresse AS a}}
    
  • Columnname: <title>[|<number>][|width=<number>][|nostrip][|icon][|url][|mailto]

    • ‘’‘<number>’‘’: any ‘digit only’ will be treated as ‘’‘width’‘’.
    • ‘’‘width=<number>’‘’: max. number of chars displayed per cell in the column.
    • ‘’‘nostrip’‘’: by default, html tags will be stripped off the cell content before rendering. This protects the table layout. ‘nostrip’ deactivates the cleaning to make links, images, ... possible.
    • ‘’‘icon’‘’: the cell value contains the name of an icon in fileadmin/icons. Empty cell values will omit an html image tag (=nothing renderd in the cell).
    • ‘’‘mailto’‘’: value will be rendered as a mailto link.
    • ‘’‘url’‘’: value will be rendered as a link.
    • ‘’‘title=<text>’‘’ or ‘<none of the above>’: column ‘’‘title’‘’.
    • The parameters are position independet.
    • Examples:: SELECT note1 AS ‘Comment’, note2 AS ‘Comment|50’ , note3 AS ‘title=Comment|width=100|nostrip’, note4 AS ‘50|Comment’, ‘checked.png’ AS ‘Status|icon’, email AS ‘mailto’, CONCAT(homepage, ‘|Homepage’) AS ‘url’ ...
  • Exactly one column ‘id’ has to exist and specifies the primary record for the target form.

  • FormElement.’‘’parameter’‘’

    • ‘’‘detail’‘’: e.g. detail=id:gr_id,#{{a}}:p_id,#12:x_id
    • ‘’‘form’‘’: Target form, e.g. form=person
    • ‘’‘page’‘’: Target page with detail form.
    • ‘’‘title’‘’: Title displayed over the table.

Type: string

Type: submit

Typical not used. Usefull if user wisches an explicit ‘Submit’ Button.

Type: time

Type: upload

Class: Action

Type: before load

  • Former: formallow
  • Function: a) fire SQL, b) allow / deny access
  • respects ‘processRow’

Type: after load

  • Probably not implemented: no usecase.
  • Function: fire SQL
  • respects ‘processRow’

Type: before save

  • Former: lookup
  • Function: a) fire SQL, b) allow / deny access
  • respects ‘processRow’

Type: after save

  • Maybe successor of addnupdate
  • Function: fire SQL
  • respects ‘processRow’

Type: before /after insert

  • Function: a) fire SQL, b) (before) allow / deny access
  • respects ‘processRow’

Type: before /after update

  • Function: a) fire SQL, b) (before) allow / deny access
  • respects ‘processRow’

Type: before / after delete

  • Function: a) fire SQL, b) (before) allow / deny access
  • respects ‘processRow’

Type: addnupdate

  • Probably not implemented: no usecase. Probably replaced by after save | after insert. Depends on functionality of ‘after ...’.

Type: sendmail

  • Send mail(s) on request.
  • respects ‘processRow’