Commit 37de5761 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Feature: #4049 / '{{...}}' with default value

parent 12472d64
...@@ -561,6 +561,7 @@ if (!function_exists('ldap_escape')) { ...@@ -561,6 +561,7 @@ if (!function_exists('ldap_escape')) {
} }
const TOKEN_FOUND_IN_STORE_QUERY = 'query'; const TOKEN_FOUND_IN_STORE_QUERY = 'query';
const TOKEN_FOUND_AS_DEFAULT = 'default';
const RANDOM_LENGTH = 32; const RANDOM_LENGTH = 32;
......
...@@ -174,9 +174,9 @@ class Evaluate { ...@@ -174,9 +174,9 @@ class Evaluate {
* Tries to substitute $token. * Tries to substitute $token.
* Token might be: * Token might be:
* a) a SQL statement to fire * a) a SQL statement to fire
* b) fetch from a store. Syntax: 'form', 'form:C', 'form:SC0', 'form:S:alnumx', 'form:F:all:s' * b) fetch from a store. Syntax: 'form', 'form:C', 'form:SC0', 'form:S:alnumx', 'form:F:all:s','form:F:all:s:default'
* *
* The token have to be _without_ Delimiter '{{' / '}}' * The token have to be _without_ Delimiter '{{' , '}}'
* If neither a) or b) match, return the token itself. * If neither a) or b) match, return the token itself.
* *
* @param string $token * @param string $token
...@@ -209,9 +209,9 @@ class Evaluate { ...@@ -209,9 +209,9 @@ class Evaluate {
return $this->db->sql($token, $sqlMode); return $this->db->sql($token, $sqlMode);
} }
// explode for: <key>:<store priority>:<sanitize class>:<escape> // explode for: <key>:<store priority>:<sanitize class>:<escape>:<default>
$arr = explode(':', $token, 4); $arr = explode(':', $token, 5);
$arr = array_merge($arr, [null, null, null, null]); // fake isset() $arr = array_merge($arr, [null, null, null, null, null]); // fake isset()
$escapeTypes = $arr[3]; $escapeTypes = $arr[3];
if ($escapeTypes == '') { if ($escapeTypes == '') {
$escapeTypes = $this->escapeTypeDefault; $escapeTypes = $this->escapeTypeDefault;
...@@ -223,7 +223,7 @@ class Evaluate { ...@@ -223,7 +223,7 @@ class Evaluate {
// escape ticks // escape ticks
if (is_string($value)) { if (is_string($value)) {
// Process all escape requests in the given order. // Process all escape requests in the given order.
for ($ii = 0; $ii < strlen($arr[3]); $ii++) { for ($ii = 0; $ii < strlen($escapeTypes); $ii++) {
$escape = $escapeTypes[$ii]; $escape = $escapeTypes[$ii];
switch ($escape) { switch ($escape) {
case TOKEN_ESCAPE_SINGLE_TICK: case TOKEN_ESCAPE_SINGLE_TICK:
...@@ -250,10 +250,12 @@ class Evaluate { ...@@ -250,10 +250,12 @@ class Evaluate {
} }
} }
// OLD: nothing replaced: put ticks around, to sanitize strings for SQL statements. Nothing to substitute is not a wished situation. // Not found and a default is given: take the default.
// return ($value === false) ? "'" . $token . "'" : $value; if ($foundInStore == '' && !empty($arr[4])) {
$foundInStore = TOKEN_FOUND_AS_DEFAULT;
$value = str_replace('\\:', ':', $arr[4]);
}
// NEW: nothing replaced: higher level should decide what to do
return $value; return $value;
} }
......
...@@ -85,6 +85,11 @@ $UPDATE_ARRAY = array( ...@@ -85,6 +85,11 @@ $UPDATE_ARRAY = array(
'0.25.0' => [ '0.25.0' => [
"ALTER TABLE `FormElement` CHANGE `type` `type` ENUM( 'checkbox', 'date', 'datetime', 'dateJQW', 'datetimeJQW', 'extra', 'gridJQW', 'text', 'editor', 'annotate', 'time', 'note', 'password', 'radio', 'select', 'subrecord', 'upload', 'annotate', 'fieldset', 'pill', 'templateGroup', 'beforeLoad', 'beforeSave', 'beforeInsert', 'beforeUpdate', 'beforeDelete', 'afterLoad', 'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete', 'sendMail', 'paste' ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'text';", "ALTER TABLE `FormElement` CHANGE `type` `type` ENUM( 'checkbox', 'date', 'datetime', 'dateJQW', 'datetimeJQW', 'extra', 'gridJQW', 'text', 'editor', 'annotate', 'time', 'note', 'password', 'radio', 'select', 'subrecord', 'upload', 'annotate', 'fieldset', 'pill', 'templateGroup', 'beforeLoad', 'beforeSave', 'beforeInsert', 'beforeUpdate', 'beforeDelete', 'afterLoad', 'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete', 'sendMail', 'paste' ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'text';",
], ],
'0.26.0' => [
"ALTER TABLE `Form` CHANGE `escapeTypeDefault` `escapeTypeDefault` VARCHAR( 32 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'm'",
"UPDATE Form SET escapeTypeDefault = 'm' WHERE escapeTypeDefault = 'c'",
],
); );
......
...@@ -416,10 +416,6 @@ class Report { ...@@ -416,10 +416,6 @@ class Report {
continue; continue;
} }
// Set dbAlias if one is specified. Else keep the parent one.
//TODO dbAlias
// $this->dbAlias = $this->getValueParentDefault("db", $full_super_level, $full_level, $cur_level, DB);
// Set debug, if one is specified else keep the parent one. // Set debug, if one is specified else keep the parent one.
$lineDebug = $this->getValueParentDefault(TOKEN_DEBUG, $full_super_level, $full_level, $cur_level, 0); $lineDebug = $this->getValueParentDefault(TOKEN_DEBUG, $full_super_level, $full_level, $cur_level, 0);
......
...@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `Form` ( ...@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `Form` (
`permitNew` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip', `permitNew` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`permitEdit` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip', `permitEdit` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`escapeTypeDefault` VARCHAR(32) NOT NULL DEFAULT 'c', `escapeTypeDefault` VARCHAR(32) NOT NULL DEFAULT 'm',
`render` ENUM('bootstrap', 'table', 'plain') NOT NULL DEFAULT 'bootstrap', `render` ENUM('bootstrap', 'table', 'plain') NOT NULL DEFAULT 'bootstrap',
`requiredParameterNew` VARCHAR(255) NOT NULL DEFAULT '', `requiredParameterNew` VARCHAR(255) NOT NULL DEFAULT '',
`requiredParameterEdit` VARCHAR(255) NOT NULL DEFAULT '', `requiredParameterEdit` VARCHAR(255) NOT NULL DEFAULT '',
......
...@@ -360,6 +360,17 @@ class EvaluateTest extends \AbstractDatabaseTest { ...@@ -360,6 +360,17 @@ class EvaluateTest extends \AbstractDatabaseTest {
} }
public function testSubstituteDefault() {
$eval = new \qfq\Evaluate($this->store, $this->dbArray[DB_INDEX_DATA_DEFAULT]);
// No escape
$this->store->setVar('a', 'hello', STORE_FORM, true);
$this->assertEquals('hello', $eval->substitute('a:F:all::world', $foundInStore));
$this->assertEquals('world', $eval->substitute('a-notused:F:all::world', $foundInStore));
$this->assertEquals('hello:world', $eval->substitute('a-notused:F:all::hello\\:world', $foundInStore));
}
protected function setUp() { protected function setUp() {
$this->store = Store::getInstance('form=TestFormName', true); $this->store = Store::getInstance('form=TestFormName', true);
......
...@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `Form` ( ...@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `Form` (
`permitNew` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip', `permitNew` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`permitEdit` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip', `permitEdit` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`escapeTypeDefault` VARCHAR(32) NOT NULL DEFAULT 'c', `escapeTypeDefault` VARCHAR(32) NOT NULL DEFAULT 'm',
`render` ENUM('plain', 'table', 'bootstrap') NOT NULL DEFAULT 'plain', `render` ENUM('plain', 'table', 'bootstrap') NOT NULL DEFAULT 'plain',
`requiredParameter` VARCHAR(255) NOT NULL DEFAULT '', `requiredParameter` VARCHAR(255) NOT NULL DEFAULT '',
`dirtyMode` ENUM('exclusive', 'advisory', 'none') NOT NULL DEFAULT 'exclusive', `dirtyMode` ENUM('exclusive', 'advisory', 'none') NOT NULL DEFAULT 'exclusive',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment