Newer
Older
* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
* #5603 / Report: final value of report columns (special column name).
* Fabric / delete now triggers form.changed / emojis work again.
* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
* #5423 / two new column names 'filesize', 'mimetype'.
* #5571 / File Upload: save filesize and mimetype.
* STORE_VARS contains now 'mimeType' and 'fileSize'.
* sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
* STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
Bug Fixes
* Fabric: Corrected resizing with changed width in editor.
* #5640 / UTF8 encoded strings: MAX LENGTH wrong.
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
Version 0.25.12
---------------
Date: 18.02.2018
Notes
^^^^^
* New
* FE.parameter:
* timeIsOptional
* enterAsSubmit
* FE.checkType: Auto
* Thumbnail rendering. Public or secure.
* Update
* Multi DB Support: Form & Report
Features
^^^^^^^^
* #5064 / Throw user form exception on invalid date.
* #5308 / TimeIsOptional parameter.
* #5318 / Allow sendmail speaking word token, adjust documentation and fix some typos.
* #5347 / Error Message (Exception): BS colored box for report error messages. Hide technical informations, show it on click.
* #5392 / Violate message with expected date format.
* #5414 / Add checkType Auto, refactor setDefault methods, add smart detection of defaults, extend documentation and rules.
* #3470 / Enter As Submit= on/off - implemented.
* #4437 / violate sanitize message.
* #4542 / input-type-decimal' into 'master'.
* #5298 / Update docs for HTML mails.
* #5333 / Thumbnail: implementation.
* #5425 / Thumbnail: render mode 7 - implemented, rewrite - secure thumbnails are now rendered on first access, not when
'AS _thumbnail' is called.
* Implemeted two new STORE_SYSTEM variables: '_dbNameData' and '_dbNameQfq' - those will be automatically filled qfq
during instantiation QuickFormQuery(). They can be used in Report to easily access the needed DB.
* Increased Formelement.label from 255 to 511.
* Make DB_INIT in config.qfq.ini set by default.
* Notes how to optimize PDF thumbnailing.
* Reformat manual for config.qfq.ini. Copy config.qfq.example.ini to MANUAL.rst. Migrate config defaults from
setIfNotSet() to array_merge().
* Security: hide $SQL in error messages to regular user.
* New FE.parameter 'inputType'. Can optional be given by webmaster. Additional, the 'type="number"' will be automatically
set, if the column is of type 'int' or if 'min' and 'max' is numerically.
* #3192 / Fill STORE_RECORD before loading table title.
* #5285 / Make typeAheadPedantic the default.
* #5348 / Exception/Report: level key missing.
* #5367 / Error Report: reworked alerts, updated css for alerts, 'full level' missing, content too much escaped: Fixed
too much escaping. Form / FormElement Links in error messages now with BS Buttons.
* #5382 / Double quotes in tooltips are now escaped with ".
* #5390 / input validation decimal broken. fixed.
* #5430 / Add unique ID to each radio button for dynamic update.
* Form: 'FormElement' > 'Container' - relied on '{{formId:S}}' even if the FE record already exist - fixed.
* Subrecord Title - now wrapped with <label class='control-label'>.
Version 0.25.11
---------------
Date: 31.01.2018
Notes
^^^^^
* Violating a sanitize class now returns '!!<sanitize class>!!' instead of an empty string.
Features
^^^^^^^^
* #5022 / Variable violates sanatize class: 'msg' instead of empty string - new identifier "!!<sanitize class>!!".
* #4813 / Exception during form load: show 'form edit link' if editor is logged in.
* formEditor.sql: Increas size of Form.title to give more room for SQL statements in.
* Manual.rst: enhance debug tipps.
* #5321 / Plain Link - render mode- only url - implemented.
* Add regex101 link to checkPattern FormEditor.
Bug Fixes
^^^^^^^^^
* Fixed some broken help links in formEditor.sql.
* #5306 / Exception: tt_content_uid wrong - fixed.
* #4303 / Download von doc/docx-Dateien / Download.php - Mime type wird nicht mehr an Dateiname angehängt.
* #5316 / Help on how to send an E-Mail is wrong - several places fixed.
* #5311 / Error Msg SLQ_RAW != SQL_FINAL: Debug message shows outdated SQL_RAW.
* #5309 / min/max broken for date fields. Add min/max attributes to input and date input tag.
* Fabric now detects 'dirty'.
* Manual.rst: Remove broken link to W3C file upload.
Version 0.25.10
---------------
Date: 26.01.2018
Notes
^^^^^
* Form / Upload: new option 'downloadButton' - if given renders a download button instead of showing the pathFileName.
Features
^^^^^^^^
* #5023 / Fabric: Cut, rotate and enhance uploaded images. Update Manual.
* All FE 'typeahead' fields are set to 'autocomplete="off"'. Respect user setting for 'autocomplete' - if none given
(mostly), set it for FE 'typeahead' to 'off'.
* #5295 / Upload: check if given QFQ 'maxFileSize' is higher than php.in post_max_size, upload_max_filesize.
* FE.Subrecord: rearranged column order, start columns with uppercase letter.
* New CSS class 'qfq-full-width-left': especially for buttons to become full width.
* New CSS class 'qfq-table-100' - 100% width, with auto width per column. FE.subrecord changed to 'qfq-table-100'.
* #5189 / BCC SendMail Problem - fixed missing double ticks.
* Manual.rst: Update documentation that the default escape type is 'm'. Remove subrecord/list (have been removed long
time ago). Fix enumeration problem FE.type=radio `classButton`. Add short note for typeahead.js. Remove never
implemented 'keySemdId...', 'ANREDE'. Fixed typo - replace '\' by '\\' on most places (not in code sections).
More generic SQL to extract filename from pathFileName. Fixed several phinx syntax errors. Add example for
'recent list'-records.
* Fixed problem with missing 'if note exits' in CREATE TABLE `Split`.
* #5030 / Manual.rst: Fixed example with XSS vulnerability.
* #5275 / typeahead.bundle.min.js missing in Manual.rst: fixed.
* FormEditor: 'typeahead' for column 'name' fixed. Attention: only succeed if DB_1_NAME is the final DB (mostly given).
* #5048 / Default value NULL in pathFileName breaks uploads.
* #5028 / Links im FormularEditor zeigen ins Leere (Fehlende Ziel-Anker) - fixed.
* #5133 / sendmail: subject and body html entity decode: Introduce options for 'subject' and 'body' to switch on/off HTML encoding / decoding
* Manual.rst: Add notes to QFQ installation, wkhtml problems, paragraph on 'sendEmail' Html2Pdf.php: Add error codes and a hint on wkhtml fails.
* Reformat table qfq-letter.css.less: redefined h1, letter-receiver.
* Bug in sendEmail: invalid SSL_version specified at /usr/share/perl5/IO/Socket/SSL.pm line 575. Patch for sendEmail
(see https://unix.stackexchange.com/a/68952).
Version 0.25.8
--------------
Date: 11.12.2017
Features
^^^^^^^^
* #5083 / Bodytext / Report: join lines without spaces.
Bug Fixes
^^^^^^^^^
* Fix problem with commit from 8.12.17 / Store.php: appendToStore.php stopped working - 'report' failed to replace
'{{<column>:R}}'.
* Store.php: fix problem with empty 'appendToStore()' call.
Version 0.25.7
--------------
Date: 07.12.2017
Notes
^^^^^
* Report: parameter in '... AS _sendmail' needs token now - position dependent is removed now.
* Report: parameter 'a:' in '... AS _sendmail' replaced by 'F:' to be compatible with downloads. Do not separate files by comma.
* Manual: most occurences of 'U:' replaced by 'p:' - same meaning.
Features
^^^^^^^^
* #4255 / Attachments for emails implemented.
Bug Fixes
^^^^^^^^^
* Bug - PHP Warning: Declaration of qfq\BuildFormTable::head() should be compatible with
qfq\AbstractBuildForm::head($mode = qfq\FORM_LOAD) - fixed.
Version 0.25.6
--------------
Date: 03.12.2017
Notes
^^^^^
Bigger changes in update form after save/dynamic update.
Bug Fixes
^^^^^^^^^
* #5031 / Missing details in DbException: New definition of SYSTEM_SHOW_DEBUG_INFO: even after config.qfq.ini is parsed
and SIP Infos has been read - if there is no BE User logged in, the value stays on 'auto' (earlier it has been replaced
to 'no'). Staying on 'auto' keeps the information that replacing is still open and not replaced means 'no'-BE User logged in.
* #5016 / Loose checkbox value on save - Dirty workaround - better solution necessary.
* #5017 / STORE_RECORD used in FormElement and via '#!report' - save & restore STORE_RECORD.
* #5004 / FormElement with state 'ReadOnly' will be saved with empty value - existing values will be overwritten - fixed.
* 'element-update' for type 'UPLOAD seems to make trouble. Exclude it like 'SELECT'.
Version 0.25.5
--------------
Date: 23.11.17
Bug Fixes
^^^^^^^^^
* #4771: Workaround which switches off updates to SELECT lists, if they are part of a Multi-FE-Row.
Notes
^^^^^
* New keywords / features in report:
* `altsql`: Fire the query if there is no record selected in `sql`. Shown after `althead`.
* `shead`: Static head - will always be shown (before `head`), independent of sql selects records or not.
* `stail`: Static tail - will always be shown (after `tail`), independent of sql selects records or not.
Features
^^^^^^^^
* #2948 / altsql, shead, stail - new directives in Report.
* #4255 / Attachments fuer 'Email'. Static files can be attached to mails.
Bug Fixes
^^^^^^^^^
* #4980 / Variables in Report: a) nested not replaced, b) 'rbeg' not replaced, c) missing unit tests.
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
Version 0.25.3
--------------
Date: 19.11.2017
Notes
^^^^^
* Report:
* Special column name 'sendmail': the old way of position dependent parameter are deprecated. Instead use the new
defined token. See https://docs.typo3.org/typo3cms/drafts/github/T3DocumentationStarter/Public-Info-053/Manual.html#column_sendmail
* Every row is now merged in STORE_RECORD. Inner SQL statement can now retrieve outer values via STORE_RECORD.
E.g. `{{column:R}}`. No more level keys!
* The config.qfq.ini directive `VAR_ADD_BY_SQL` is replaced by `FILL_STORE_SYSTEM_BY_SQL_?`. Up to 3 statements are possible.
Features
^^^^^^^^
* Report / sendmail: control via token.
* #4967 / config.qfq.ini: Rename 'VAR_ADD_BY_SQL' to 'FILL_STORE_SYSTEM_BY_SQL_1'. Handle up to 3 FILL_STORE_SYSTEM_SQL_x.
Implement an optional error message together with a full stop.
Bug Fixes
^^^^^^^^^
* #4966 / Variable {{feUser:T}} is not available in config.qfq.ini `FILL_STORE_SYSTEM_?` - changed ordering of store
initialization. Now: TCY...
* #4944 / Delete: broken when using 'tableName' (instead of form).
* #4904 / Undefined Index: DIRTY_FE_USER - PHP problem that constants cant be replaced inside of single ticks. Fixed.
* #4965: insert path to QFQ cookie/session, to make usage of multiple QFQ installation on one host possible.
Notes
^^^^^
* Starting with this release, the default escape mode is 'm' (mysql_real_escape).
Features
^^^^^^^^
* Default Escape Type changed from 's' to 'm'. DatabaseUpdateData.php: removed the DB update from last commit - not necessary.
Config.php: New default 'm' Evaluate.php: Respect EscapeTypeDefault in form definition.
QuickFormQuery.php: Replace 'EscapeTypeDefault' in form defintion very early.
* #4049 / QFQ Variables '{{...}}' might now contain a default value.
* If 'pageAlias:T' is empty, take 'pageId:T'.
Bug Fixes
^^^^^^^^^
* #4836 / Multiple entries in table after several clicks on save. Created a saveInProgress Variable.
* Replaced latest project homepage URL in Manual.rst.
* Fix example SQL for periodId in config.qfq.ini in Manual.rst.
* Remove multiple header 'RELEASE' - there has to be only one.
Bug Fixes
^^^^^^^^^
* #4857 / broken (stale) download: multiple 'u:..' or 'u:...'.
* #4212 / Broken JSON on response to save new record 'Unknown index' fixed by isset().
Version 0.25.0
--------------
Date: 10.10.2017
* The config.qfq.ini directives DB_USER, DB_NAME, DB_HOST, DB_PASSWORD are replaced by DB_1_USER, DB_1_NAME, DB_1_HOST,
DB_1_PASSWORD. The old directives are still used, as long as the new directives does not exist.
* New config.qfq.ini directives: DB_INDEX_DATA, DB_INDEX_QFQ.
* #4720 / Separate database handles for QFQ 'form' and QFQ 'data' - 'Form' might now load/save from forign database/host/user.
Version 0.24.0
--------------
Date: 09.10.2017
Notes
^^^^^
* Change Remove SYSTEM_SECURITY_ABSOLUTE_GET_MAX_LENGTH - makes no sense to hardcode an upper limit.
Features
^^^^^^^^
* Feature Manual.rst: Doc updated for latest subrecord column special names.
* Feature AbstractBuildForm.php: new function subrecordHead(). Replaced several hard coded subrecord column names against constants.
* Feature #4456 / formModeGlobal=requiredOff - update Manual.rst.
* Feature #4606 / _link: qualifier to render bootstrap button - fix unit tests for tooltip. Add tooltip to button/text,
even if there is no link. Implement token 'b:...' for link class. Manual is updated. Open: `pageX` should be recoded
to use the new 'b:' instead of hardcoed behaviour to render a button.
* Feature: Upload Button - wrapped with Bootstrap Button. New option 'fileButtonText' to specify a button text.
* Feature #3752 / Pills auf mode|modeSql=hidden|readonly setzen - implemented during 'form load' (not dynamic update).
* Feature: Neu wird nach dem Speichern das Formular nochmal komplett geladen. Das ist wichtig um die durch aftersave
geaenderten Records in die Formularelemente zu bekommen.
* Feature #4511 / Form: URL Forward - mode dynamic computed - more generic implementation.
Bug Fixes
^^^^^^^^^
* Bug #4731 / Dynamic Update: load(post) triggers 'check required' - makes no sense during filling a form - fixed.
* Bug #4730 / InvalidDate-00-00-2000 FE.type=date - detection of empty date was broken for '00.00.0000'.
* Bug Fixed problem in subrecord when no record is selected.
* Bug #4620 / Easy Fix: saveButtonText / closeButtonText Formatierung.
Version 0.23.1
--------------
Date: 23.9.2017
Bug Fixes
^^^^^^^^^
* #4620 / Easy Fix: saveButtonText / closeButtonText Formatierung.
Version 0.23.0
--------------
Date: 17.09.2017
* #3752 / Pills auf mode|modeSql=hidden|readonly setzen - implemented during 'form load' (not dynamic update).
* #4548 /Template Group: 'form-update' broken - Broken Redirect after Save - Broken same HTML ID for FE copies in a
template group.
* #4548 /Template Group: 'form-update' broken - max tg element value/index shown after save instead of last user
supplied value, but save is ok. Neu wird nach dem Speichern das Formular nochmal komplett geladen. Das ist wichtig um
die durch aftersave geaenderten Records in die Formularelemente zu bekommen.
Version 0.22
------------
Date: 14.09.2017
Notes
^^^^^
* Form Editor: element 'forwardPage' is static again (no dynamic update) - see features in #4511.
Features
^^^^^^^^
Bug Fixes
^^^^^^^^^
* #4512 | SIP URL does not respect anker token '#'- fixed PLUS: L and type _GET Params included in links which contain a SIP (regular links still open).
* #4508 / Form: during Save with FE with 'report'-Note/Values an exception is thrown - report does not expect, to be called without typo3 - but this is the case during save and generating the JSON.
* #4021 / "required" asterik does not handle multi column labels correctly.
* #4423 / Date inputs with readonly: label is grey.
* #4504 / Upload Button: required asterik missing after save - seems to be a problem for every element - should be fixed now.
Version 0.21.0
--------------
Date: 10.09.2017
Notes
^^^^^
* The Form-Editor now has two 'requiredParamter' fields: one for 'New' record and one 'Edit'. Existing settings will be
automatically copied to both.
* The FormElement-Editor field 'Note' is not anymore a TinyMCE Editor. Instead a regular 'textarea' is used. Main reason
are incompatibilities between TinyMCE HTML mode and the neede CR/LF linebreaks needed for 'Report' Syntax in the 'note'
column.
Features
^^^^^^^^
* #4431 / FE.type=note: QFQ Report Syntax in 'FE.value' and 'FE.note'.
* #4456 / formModeGlobal=requiredOff - Switches FormElement.mode=required to 'show' for all FE of the current Form.
* #4356 / Form: required parameter - split between 'New' & 'Edit'.
Version 0.20.0
--------------
Changes
^^^^^^^
* New configuration value EXTRA_BUTTON_INFO_POSITION in config.qfq.ini.
* #4386 Fuer GRC: Optional Info Button bei 'input' wie bei 'textarea' - EXTRA_BUTTON_INFO_POSITION=below.
* #4429 / subrecord: new FE parameter 'subrecordTableCass' - a custom class for the subrecord table might be specified.
* #4428 / subrecord: mode=readonly.
* #4421 / subrecord: column of the sql1 row should go into the edit link - implemented.
* #4399 / Do not render '_pdf' when r:5 or empty string.
Bug Fixes
^^^^^^^^^
* #4396 / FE: Justify DATE and TIME in case it's DATETIME on a non primary table.
* #2414 / Deaktivieren von Option 'new' bei subrecord hat keine Folge.
* #4426 / Subrecord: mode=hidden - still shown.
* #4425 / Subrecords: Table head is not wrapped in <thead>.
* #4331 / SQL Statement 'REPLACE' not fired - Keyword missing in list of SQL Keywords.
Version 0.19.7
--------------
Changes
^^^^^^^
* #4306 / Update Text Subrecord: Please save this record first.
Features
^^^^^^^^
Bug Fixes
^^^^^^^^^
* #4278 / Language: Check that language settings are respectet inside of container / pill / fieldset / templateGroup.
* #4310 / Fixed error where custom values wouldn't be saved, nor not found for non pedantic.
* #4311 / Record Lock: expired lock wird nicht geloescht bei form reload.
Version 0.19.6
--------------
Features
^^^^^^^^
* Changes to the alert generation and added btn-group for multiple buttons.
* Should only show reload button and be modal when the conflict is mandatory.
* #4144 / Close/New: bei acquireLock=false anschliessend keine Nachfrage ob gespeichert werden soll.
* #4120 / Removed Timeout from Dirty Alert Message.
* #4283 / FE.parameter=emptyMeansNull.
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
Bug Fixes
^^^^^^^^^
* #4281 Prevent save from being clicked multiple times. Save no turns orange when saving.
Version 0.19.5
--------------
Features
^^^^^^^^
* #3790 / Multilanguage: German/ English/ ...
Bug Fixes
^^^^^^^^^
* #4274 / ItemList: escape ',' ':'
Version 0.19.4
--------------
Features
^^^^^^^^
* Feature: Form Paste Records - skip columns during copy if they do not exist on the source side.
Bug Fixes
^^^^^^^^^
* #4266 / FormElement Type=Editor: value not saved - fixed.
* #4253 / Record Lock not deleted, when window closes without save.
Version 0.19.3
--------------
Changes
^^^^^^^
* Changing buttons for the dirty Events depending on status.
Bug Fixes
^^^^^^^^^
* #4257 / Dynamic update broken - after changing JSON data structure, update load.php has been missed.
Open
^^^^
* #4253 / Record Lock not deleted when window closes without save.
Version 0.19.2
--------------
Features
^^^^^^^^
* #4250 / autocron: sending mails.
* #4248 / FormElement: TypeAhead fuer den Spaltennamen - Implemented.
* #4144 / Close/New: bei acquireLock=false anschliessend keine Nachfrage ob gespeichert werden soll.
* #4120: Removed Timeout from Dirty Alert Message.
Version 0.19.1
--------------
Features
^^^^^^^^
* #4172 / record locking: Bob tries to delete a record and get 'status=error': Client should disable 'delete' button.
* #4185 / Detect modified record.
* #4143 / New alert removes old alert(s).
* #4173 / Form: User open's a new tab and press close - alert to inform user that he has to close the tab.
* #1930, #3980 / Client: Bei Form Submit den Status 'submit_reason=save|save,close' mitsenden.
* Implemented: New > Close (save) now closes correctly the current page. Addtional, #1930 has been solved implizit.
Bug Fixes
^^^^^^^^^
* Bug #4174 / record locking: error message if delete fails due to record locking.
* Bug: SQL 'CREATE' implemented as a valid command.
Version 0.19.0
--------------
Changes
^^^^^^^
* bower.json: change bootstrap version number from micro to minor.
* Sip.php: Guarantee that uniqid() is unique at least for the current user.
* Makefile: change installation of phpDocumentor to --alldeps and remove 'phpdoc/'.
Features
^^^^^^^^
* #3881 / Variables: Ex 'keySemId', New 'periodId' (System Store).
* AbstractBuildForm.php: if a datetime / timestamp has the string 'CURRENT_TIMESTAMP' it will be replaced by the current date/time.
* Config.php: cleanup of checking GET variables.
* #3981 / Record Locking.
* Manual.rst: add documentation for record locking.
* Manual.rst: more details about QFQ variables.
Bug Fixes
^^^^^^^^^
* Bug #4158 / Delete Button im Form fehlen die SIP Parameter.
* Bug #4159 / missing htmlspecialchar_decode() for FE.value supplied content.
* Bug Makefile: fixed unwanted removing of whole 'doc' by 'maintainer-clean' - doc nowadays contains QFQ related
manually created documentation.
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
* Bug typeahead.php: An exception catched in typeahead.php has been assigned as array element, instead of a whole array. Fixed.
Version 0.18.7
--------------
Changes
^^^^^^^
* Makefile: 'make bootstrap' udpates all JS Lib packages. Double npm install removed.
Features
^^^^^^^^
* #3947 / Attack detectect: logout current user (only QFQ, FE User still logged in).
* #3959 / Class _link: implement 'any' Bootstrap glyphicons. New token 'G:' for '_link'.
Bug Fixes
^^^^^^^^^
* #3953 / Radio buttons: Auswahl nicht angezeigt, wenn per itemList definiert.
* #3982 / Filename Sanatize: remove spaces. Filename not properbly enclosed by double ticks.
Version 0.18.6
--------------
Features
^^^^^^^^
* #3460 / Report: new column types '_striptags, '_htmlentities', '_+Tag'.
Version 0.18.5
--------------
Features
^^^^^^^^
* QuickFormQuery.php: added function to check if there are copyForm paste records.
* Manual.rst, formEditor.sql: add several links in Form 'FormEditor' to the online documentation. The FormEditor now
contains links to the Online Documentation. Add missing explanations: Required Parameter, Forward.
Bug Fixes
^^^^^^^^^
* #3912 / templateGroup: max. 5 instances are saved.
* Manual.rst: Fixed missing '{{' and '%' in examples.
* #3925 / templateGroup / non primary / delete records: only one at a time.
* Makefile: Artifactory builds fails at chromedriver - temporary remove npm install of chromedriver.
Version 0.18.4
--------------
Bug Fixes
^^^^^^^^^
Version 0.18.3b
---------------
Features
^^^^^^^^
* #3903 / Copy/Paste form: references inside a record are not updated at all.
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
Version 0.18.3a
---------------
Changes
^^^^^^^
* Copy / Paste form: take care that there is now Form.id=3. This is now the reserved formId for the 'copyForm'.
UPDATE `FormElement` SET formId=100 WHERE formId=3
UPDATE `Form` SET `id` = '100' WHERE `Form`.`id` = 3;
Bug Fixes
^^^^^^^^^
Version 0.18.3
--------------
Features
^^^^^^^^
* #3899 / Copy/Paste
* DatabaseUpdate.php: New table Clipboard, New FE.type='paste', New Form.forwardMode='url-sip' - will be applied for 0.18.3.
* Store.php: New member in STORE_CLIENT 'CLIENT_COOKIE_QFQ' - might be used to identify current user.
* formEditor.sql: New form 'copyForm'. New table 'Clipboard'.
Version 0.18.2
--------------
Changes
^^^^^^^
* #3891 / Dynamic Update: Multiple Elements in a row - single show/hide - First implementation: Show / Hide via
dynamicUpdate for a second element, wrapped in an own 'col-md' div.
* #3875 / FormElement 'extra': Fehler bei neuen Records.
* #3647 / Dynamic Update: Multiple Elements in a row not updated properly.
* #3890 / upload-FormElement: mode 'hide' without effect.
* #3876 / upload-FormElement: verschwindet bei dynamicUpdate.
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
Version 0.18.1
--------------
* Update unit tests
Version 0.18.0
--------------
Changes
^^^^^^^
* New defaults to FormElement.type=`file` (=Upload).
* `access` = `application/pdf`
* `maxFileSize` = `10485760` (10MB)
Features
^^^^^^^^
* Make the image shown for ExtraButtonInfo configureable. Manual.rst: added documentation for new config.qfq.ini
variables GFX_EXTRA_BUTTON_INFO_INLINE, GFX_EXTRA_BUTTON_INFO_BELOW.
* Manual.rst: description added for `extraButtonLock` ,`extraButtonPassword`, `extraButtonInfo`. Example on how to reuse
custom vars defined in `config.qfq.ini`. Add three more examples to _pdf. How to access local online documentation.
Add note about wkhtml only on linux boxes. More wkhtml explanations.
* #3773 / Button: Info / Unlock / ShowPassword: FE_PARAMETER: extraButtonLock / extraButtonPassword / extraButtopnInfo.
* #3769 / Allow specific GET variables longer than SECURITY_GET_MAX_LENGTH. config.php: implemented special handling of
GET vars, named with '..._<num>'.
* #3766 / SQL_LOG per tt_content record einstellbar machen. Add `sqlLog` and `sqlLogMode` to QFQ tt-content records.
Add mode 'error' and `none` to sqlLogMode. Manual.rst: Added explanations for SQL_LOG, SQL_LOG_MODE, and tt-content
pendants sqlLog, sqlLogMode. Update config.qfq.ini to latest attributes.
* Config.php: Set defaults for config.qfq.ini SQL_LOG and SQL_LOG_MODE.
* config.qfq.example.ini: Remove DB_NAME_TEST, Add some details about SQL_LOG, add example for TECHNICAL_CONTACT.
* Session.php: Activate cookie_httponly for QFQ cookies.
* Html2Pdf.php: recode setting of $this->logFile.
* config.qfq.ini: new syntax for SHOW_DEBUG_INFO - [yes,no,auto][,download].
* #3711 / Upload Button opens the camera on a smartphone. New attribute 'capture'.
* Database.php: Add SQL keyword 'DROP'.
* #3706 / Check File Upload: a) mime type, b) max file size. Implemented: file upload check for mime type and max file size.
* New 'pageForward'-Mode: 'url-skip-history'.
* FormEditor:
* Most radio FEs changed from HTML standard to Bootstrap Design.
* FE 'feIdContainer' will only be shown if there is at least one FE container element.
* Use dynamicUpdate to hide/show FE 'forwardPage'.
* FE 'subrecordOption' shown only for FE.type==subrecord.
* FE 'checkPattern' shown only for FE.checkType=='pattern|min%'.
* In form 'FormElement' the FE 'formId' removed - not necessary.
* #3568 / Form: fuer alle Buttons (save, close, new, delete) eine optionale class & text konfigurierbar.
* #3569 / Input Optional '0' unterdruecken.
* #3863 / New config var 'DB_UPDATE' in config.qfq.ini.
Bug Fixes
^^^^^^^^^
* #3770 / Attack Delay: merge processing to one codeplace. Config.php: new function attackDetectedExitNow(). Sip.php:
replace local sleep(PENALTY_TIME_BROKEN_SIP) with central function attackDetectedExitNow().
* Store.php: Fix problem that an empty SQL_LOG will be added to SYSTEM_PATH_EXT. Logger.php: do nothing if there is no
file defined.
* #3751 / download FE_GROUP protected pages failed. Implement additional 'SHOW_DEBUG_INFO = download' to track down
problems with 'session forwarding'.
* Allow spaces in value when selection <radio> and <select> tags.
* #3812 / extraButtonInfo (extraButtonLock, extraButtonPassword) - Problems in TemplateGroups.
* #3832 / Dynamic Update und Radio buttons - leerer value ( '' ) kann nicht angewählt werden.
* #3612 / Konflikt typeAheadLdap mit dynamic modesql: inputs with typeahead lacks 'dynamicUpdate' via 'modeSql'.
* #3853 / New > Save: Reload des Forms mit neuer SIP und neu erstellter recordId.
* #3854 / Wrong final page: a) New > Save > Close, b) New > Save > Delete, c) New > New
formEditor.sql: update table 'Form.forwardMode' to ('client', 'no', 'url', 'url-skip-history').
* #2337 / Checkbox: checked/unchecked parameters genügen nicht.
* #2542 / FormElement-Typ 'note' funktioniert nicht mit dynamic update.
* #3863 / DB Update Fails: Expected no record, got 2 rows: SHOW TABLE STATUS WHERE Name='Form'.
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
Version 0.17.0
--------------
Changes
^^^^^^^
* ALTER TABLE `FormElement` ADD `encode` ENUM( 'none', 'specialchar' ) NOT NULL DEFAULT 'specialchar' AFTER `subrecordOption` ;
* UPDATE `FormElement` SET encode='none' WHERE class='native' AND type='editor'
* ALTER TABLE `Form` ADD `escapeTypeDefault` ENUM( '', 's', 'd', 'l', 'L', 'm', '-' ) NOT NULL DEFAULT '' AFTER `permitEdit` ;
* In order to not break functionality of existing forms, it might be necessary (bad for security, good for stability) to
leave existing forms untouched: `UPDATE Form SET escapeTypeDefault='-'`
* Play formEditor.sql
Features
^^^^^^^^
* New security option `escapeTypeDefault`: will be defined 1) sytem wide in config.qfq.ini, or 2) more specific per
Form or 3) individually per variable. The later has priority.
* #3544 / Form: view current form - It's now possible to direct view a form, which is currently loaded/edited in the
FormEditor: Button 'eye' near left of button 'save'.
* #3552 / typeAheadLdapSearchPerToken - webpass kann nicht gleichzeitig nach Vornamen und Nachnamen suchen. Added option
typeAheadLdapSearchPerToken to split search value in token and OR-combine every search with the individual tokens.
* Download latest QFQ builds and releases: https://w3.math.uzh.ch/qfq/.
* #3218, #3600 / download.php / export: QFQ is now able to create PDFs and ZIPs on the fly. The sources might be
uploaded PDFs or Websites (local or remote) which will be converted to PDFs.
* Implement 'encode=specialchar' - new option per FormElement which is now the default for every FormElement.
* Sanatize.php: New function urlDecodeArr(). Decode all _GET vars.
* Implemented max GET parameter lenght. Default: 50.
* Implemented new escape class 'mysql' (realEscapeString).
* Html2Pdf.php: Add SIP support wkhtmltopdf URLs. Move cookies for wkhtmltopdf from commandline arguments to filebased.
* SessionCookie.php: New class to save current cookies in a file.
* Html2Pdf.php: implemented session forwarding to wkhtmltopdf.
* Session.php: introduced close(). This will unlock the current session. Take care on subsequent calls to reopen primary session again.
* Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string().
* Implement honeypot variables to detect bots.
* HTML special char encode all URL GET parameter. This can't be skipped.
Bug Fixes
^^^^^^^^^
* Sip.php: Parameter XDEBUG_SESSUIB_START excluded from GET parameter copied to SIP.
* Manual.rst: add libxrender1 to install by using wkhtmltopdf.
* Download.php: Skip 'pdftk' if there is only one PDF file to concatenate.
* #3615 / download.php: Das Popup schliesst nicht automatisch bei ZIP, im FF, Warnung in der Console, hourglass wobbles.
* Split PHP 'print.php' in a pure API file 'print.php' and a class 'Html2Pdf.php' - the class will be reused by Download.php.
* #3573 / TypeaheadLdap: Prefetch funktioniert nicht.
* #3547 / FE of type 'note' causes writing of empty fields.
* #3546 / Throw of a UserFormException with wrong parameter. Fixed.
* #3536 / a) Datum (datetime / timestamp) werden nicht angezeigt, b) Angezeigte Datumsformat String und aktzeptierte Eingabe matchen nicht.
* #3533 / afterSave: sqlUpdate auf child-record ändert xId von Hauptrecord auf 0.
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
Version 0.16
------------
Changes
^^^^^^^
* Play:
ALTER TABLE `FormElement` ADD INDEX `feIdContainer` (`feIdContainer`);
ALTER TABLE `FormElement` ADD INDEX `ord` (`ord`);
ALTER TABLE `FormElement` ADD INDEX `feGroup` (`feGroup`);
ALTER TABLE `FormElement` ADD `adminNote` TEXT NOT NULL AFTER `note`;
* Play formEditor.sql
Features
^^^^^^^^
* formEditor.sql:
* Added 'on update current timestamp'.
* Add three indexes to formEditor.sql.
* Column FormElement.adminNote added.
* Change default width on Form for subrecord FormElement.name.
* Changed input height of 'parameter of FormEditor and FormElementEditor to 8 lines.
* Enlarge placeholder value in FormElement. Old 512, New 2048..
* #3466 / Input Typeahead: optional only allow specified input. Mode: typeAheadPedantic.
* #3465 / Save button: optional 'active after form load': `Form.parameter.saveButtonActive` - if this attribute is set,
the save button will be enabled directly on form load.
* #3463 / form.mode=readonly. Make a form complete `readonly`. This can be done statically or dynamically via variable (e.g. SIP).
* #3447 / Icons das man im FrontEnd direkt das gewaehlte FormElement im Formulareditor bearbeiten kann. Add checkbox left.
to the 'EditForm'-Button, to toogle the 'FormElemnt'-Icons. Like the 'Form Edit'-Pencil, the 'FormElement Checkbox'
is only displayed if the user is logged in BE.
* #3456 / LDAP: with Credentials (e.g. to access 'webpass'). Updated doc for a) config.qfq.ini: LDAP_1_RDN, LDAP_1_PASSWORD,
b) Form.parameter|FormElement.parameter: ldapUseBindCredentials.
* ErrorHandler.php: removed details - the end user should not too many details.
* FormAction.php, Ldap.php, QuickFormQuery.php: implement 'ldapUseBindCredentials'.
* Ldap.php: set_error_handler() to catch ldap_bind() problems. Always set LDAP_OPT_PROTOCOL_VERSION=3 - this might
cause problems with som LDAP Servers - we will see.
* 3509 / SELECT Element: value wird nicht selektiert.
* 3502 / TemplateGroups: Checkboxen werden beim ersten Speichern (insert) nicht geschrieben - ein anschliessendes Update
ist ok.
* 3385 / templateGroup: insert/update/delete non primary records.
* Non primary record leads to a problem that the default values, given as an array, are not replaced by scalar values. fixed.
* Update doc how to insert/update/delete non primary templateGroup records.
* Removed $templateGroupIndex - solved implicit by defining a LIMIT on 'slaveId' . Implemented '%D' (one below %d).
Implemented FE_SQL_HONOR_FORM_ELEMENTS - reduces unecassary SQL queries.
* Fill STORE_RECORD during Formload - to read templateGroup records very early. Local copy of `getNativeFormElements()`,
new `explodeTemplateGroupElements()`
* TypeAhead.js: Handle <ENTER> key properly.
* #3462 / FormElement.parameter: requiredList not ok for non numeric content. STORE_FORM had been called without 'sanatize class'.
Therefore, all non numeric values has been sanatized by default. New: SANATIZE_ALLOW_ALL.
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
* Corrected error message to use 'itemList' instead of 'itemValues'. Renamed constant too.
* #2542 / FormElement-Typ 'note' funktioniert nicht mit dynamic update. 'Label' and 'note' are fixed - 'value' is still not updated, open.
Version 0.15
------------
Changes
^^^^^^^
* Play formEditor.sql.
* Form 'FormElement' failed to display the formtitle of the current form in case of a new FE.
* Updated subrecord in 'Form' for 'FormElements' - columns 'size' and 'sql1' removed and 'dyn' inserted. Play formEditor.sql.
* #3431, Parameter keyword 'typeAheadLdapKeyPrintf' changed to 'typeAheadLdapIdPrintf'.::
UPDATE FormElement SET parameter = REPLACE(parameter, 'typeAheadLdapKeyPrintf', 'typeAheadLdapIdPrintf')
* Size 'placeholder' increased::
ALTER TABLE `FormElement` CHANGE `placeholder` `placeholder` VARCHAR( 2048 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '';
Features
^^^^^^^^
* Introduce new config.qfq.ini setting 'EDIT_FORM_PAGE' - by default set to 'form' - the wrench symbol on every Form
will direct to that page. Fix #3420 / Quicklink 'editform' on form: directs to the current T3 page which might be insufficient.
* Form 'subrecord' columns: the default width limit of 20 chars are disabled if 'nostrip' is specifed.
* #3431 / typeAheadSql: columnname 'key' is a reserverd SQL statement - replace by 'id'. Additional the parametername
'typeAheadLdapKeyPrintf' renamed to 'typeAheadLdapIdPrintf'. By using 'id' instead of 'key' the quoting of the columnname
is not necessary anoymore.
Bug Fixes
^^^^^^^^^
* #3419 / typeAheadSql: Array with only one column or non standard columnnames are not handeld properbly.
Detection of missing LIMIT implemented.
* #3425 / Form.parameter, FormElement.parameter: comment handling, trailing & leading spaces
Manual.rst: commented handling of 'comment character' and 'escaping of leading/trailing spaces'
Support.php: new funtion handleEscapeSpaceComment().
* Evaluate.php: parse all F|FE.parameter via handleEscapeSpaceComment(). A leading '#' or ' ' might be escaped by '\'.
* Saving 'extra' FE in STORE_SIP has been done with inappropiate FE_NAME. Correct is the pure FE_NAME, without any
extension like recordId. Unessary and broken decoding removed.