Skip to content
  • Carsten  Rose's avatar
    Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
    Carsten Rose authored
    Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
    Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
    
    Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
    Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
    Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
    Evaluate.php: Respect global escapeTypeDefault. Implement
    formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
    ba817c0e