Commit 434cac36 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Implement 'encode=specialchar' - new option per formElement.

Play: ALTER TABLE  `FormElement` ADD  `encode` ENUM(  'none',  'specialchar' ) NOT NULL DEFAULT  'specialchar' AFTER  `subrecordOption` ;
Play: formEditor.sql

Attention: FEs with text=editor needs actions - the default of 'specialchar' prohibits saving of HTML tags.

FillStoreForm.php: Submitted values will be specialchars() before copying to STORE_FORM.
AbstractBuildForm.php: Counterpart of FillStoreForm.php - will htmlspecialchars_decode() values read from database. Replace 'checkType' and 'checkPattern' with CONSTANTS.
formEditor.sql: Added new column in FormElement. Add new FormElement 'encode' in FormElement-Editor. Add column 'encode' to all FormElement records.
parent 3c54867b
......@@ -444,7 +444,11 @@ abstract class AbstractBuildForm {
if ($storeUse == STORE_USE_DEFAULT && $this->store->getVar($formElement[FE_NAME], STORE_TABLE_COLUMN_TYPES) === false) {
$storeUse = str_replace(STORE_TABLE_DEFAULT, '', $storeUse); // Remove STORE_DEFAULT
}
$value = $this->store->getVar($name, $storeUse, $formElement['checkType']);
// Retrieve value via FSRVD
$value = $this->store->getVar($name, $storeUse, $formElement[FE_CHECK_TYPE], $foundInStore);
if ($foundInStore == STORE_RECORD && $formElement[FE_ENCODE] === FE_ENCODE_SPECIALCHAR) {
$value = htmlspecialchars_decode($value, ENT_QUOTES);
}
}
// Typically: $htmlElementNameIdZero = true
......@@ -883,7 +887,7 @@ abstract class AbstractBuildForm {
$attribute .= $this->getAttributeList($formElement, [F_FE_DATA_PATTERN_ERROR, F_FE_DATA_REQUIRED_ERROR, F_FE_DATA_MATCH_ERROR, F_FE_DATA_ERROR]);
$attribute .= Support::doAttribute('data-load', ($formElement[FE_DYNAMIC_UPDATE] === 'yes') ? 'data-load' : '');
$attribute .= Support::doAttribute('title', $formElement['tooltip']);
$attribute .= $this->getInputCheckPattern($formElement['checkType'], $formElement['checkPattern']);
$attribute .= $this->getInputCheckPattern($formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN]);
$attribute .= $this->getAttributeFeMode($formElement[FE_MODE]);
......@@ -2533,16 +2537,16 @@ abstract class AbstractBuildForm {
$showTime = ($formElement[FE_TYPE] == 'time' || $formElement[FE_TYPE] == 'datetime') ? 1 : 0;
$value = Support::convertDateTime($value, $formElement[FE_DATE_FORMAT], $formElement[FE_SHOW_ZERO], $showTime, $formElement[FE_SHOW_SECONDS]);
$tmpPattern = $formElement['checkPattern'];
$formElement['checkPattern'] = Support::dateTimeRegexp($formElement[FE_TYPE], $formElement[FE_DATE_FORMAT]);
$tmpPattern = $formElement[FE_CHECK_PATTERN];
$formElement[FE_CHECK_PATTERN] = Support::dateTimeRegexp($formElement[FE_TYPE], $formElement[FE_DATE_FORMAT]);
switch ($formElement['checkType']) {
switch ($formElement[FE_CHECK_TYPE]) {
case SANITIZE_ALLOW_PATTERN:
$formElement['checkPattern'] = $tmpPattern;
$formElement[FE_CHECK_PATTERN] = $tmpPattern;
break;
case SANITIZE_ALLOW_MIN_MAX_DATE:
$arrMinMax = explode('|', $formElement['checkPattern'], 2);
$arrMinMax = explode('|', $formElement[FE_CHECK_PATTERN], 2);
if (count($arrMinMax) != 2) {
throw new UserFormException('Missing min|max definition', ERROR_MISSING_MIN_MAX);
}
......@@ -2550,10 +2554,10 @@ abstract class AbstractBuildForm {
case SANITIZE_ALLOW_ALL:
case SANITIZE_ALLOW_ALNUMX:
case SANITIZE_ALLOW_ALLBUT:
$formElement['checkType'] = SANITIZE_ALLOW_PATTERN;
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_PATTERN;
break;
default:
throw new UserFormException("Checktype not applicable for date/time: '" . $formElement['checkType'] . "'", ERROR_NOT_APPLICABLE);
throw new UserFormException("Checktype not applicable for date/time: '" . $formElement[FE_CHECK_TYPE] . "'", ERROR_NOT_APPLICABLE);
}
// truncate if necessary
......@@ -2597,7 +2601,7 @@ abstract class AbstractBuildForm {
$attribute .= $this->getAttributeList($formElement, ['autocomplete', 'autofocus', 'placeholder']);
$attribute .= Support::doAttribute('data-load', ($formElement[FE_DYNAMIC_UPDATE] === 'yes') ? 'data-load' : '');
$attribute .= Support::doAttribute('title', $formElement['tooltip']);
$attribute .= $this->getInputCheckPattern($formElement['checkType'], $formElement['checkPattern']);
$attribute .= $this->getInputCheckPattern($formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN]);
if (is_array($arrMinMax)) {
$attribute .= Support::doAttribute('min', $arrMinMax[0]);
......
......@@ -46,7 +46,7 @@ const RETURN_ARRAY = 'return_array';
const SQL_FORM_ELEMENT_SPECIFIC_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_ALL_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_SIMPLE_ALL_CONTAINER = "SELECT fe.id, fe.feIdContainer, fe.name, fe.label, fe.type, fe.checkType, fe.checkPattern, fe.mode, fe.modeSql, fe.parameter, fe.dynamicUpdate FROM FormElement AS fe, Form AS f WHERE f.name = ? AND f.id = fe.formId AND fe.deleted = 'no' AND fe.class = 'native' AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_SIMPLE_ALL_CONTAINER = "SELECT fe.id, fe.feIdContainer, fe.name, fe.label, fe.type, fe.encode, fe.checkType, fe.checkPattern, fe.mode, fe.modeSql, fe.parameter, fe.dynamicUpdate FROM FormElement AS fe, Form AS f WHERE f.name = ? AND f.id = fe.formId AND fe.deleted = 'no' AND fe.class = 'native' AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_CONTAINER_TEMPLATE_GROUP = "SELECT fe.id, fe.name, fe.label, fe.maxLength, fe.parameter FROM FormElement AS fe, Form AS f WHERE f.name = ? AND f.id = fe.formId AND fe.deleted = 'no' AND fe.class = 'container' AND fe.type='templateGroup' AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_TEMPLATE_GROUP_FE_ID = "SELECT * FROM FormElement AS fe WHERE fe.id = ? AND fe.deleted = 'no' AND fe.class = 'container' AND fe.type='templateGroup' AND fe.enabled='yes' ";
const SQL_FORM_ELEMENT_NATIVE_TG_COUNT = "SELECT fe.*, IFNULL(feTg.maxLength,0) AS _tgCopies FROM FormElement AS fe LEFT JOIN FormElement AS feTg ON fe.feIdContainer=feTg.id AND feTg.deleted = 'no' AND feTg.class = 'container' AND feTg.type='templateGroup' AND feTg.enabled='yes' WHERE fe.formId = ? AND fe.deleted = 'no' AND fe.class = 'native' AND fe.enabled='yes'";
......@@ -651,6 +651,9 @@ const FE_BS_NOTE_COLUMNS = F_BS_NOTE_COLUMNS;
const FE_WRAP_ROW_LABEL_INPUT_NOW = 'rowLabelInputNote';
const FE_MAX_LENGTH = 'maxLength';
const FE_PARAMETER = 'parameter';
const FE_ENCODE = 'encode';
const FE_CHECK_TYPE = 'checkType';
const FE_CHECK_PATTERN = 'checkPattern';
const FE_TYPE_CHECKBOX = 'checkbox';
......@@ -727,6 +730,10 @@ const TYPEAHEAD_PLACEHOLDER = '?';
const FE_HTML_ID = 'htmlId'; // Will be dynamically computed during runtime.
// Values
const FE_ENCODE_SPECIALCHAR = 'specialchar';
const FE_ENCODE_NONE = 'none';
// FormElement Types
const FE_TYPE_UPLOAD = 'upload';
const FE_TYPE_EXTRA = 'extra';
......
......@@ -220,13 +220,15 @@ class FillStoreForm {
$newValues[$formElement[FE_NAME]] = $this->doDateTime($formElement, $clientValues[$clientFieldName]);
break;
default:
$val = $clientValues[$clientFieldName];
// Check only if their is something
if($clientValues[$clientFieldName] !== '') {
$newValues[$formElement[FE_NAME]] = Sanitize::sanitize($clientValues[$clientFieldName],
$formElement['checkType'], $formElement['checkPattern'], SANATIZE_EXCEPTION);
} else {
$newValues[$formElement[FE_NAME]] = '';
if ($val !== '') {
$val = Sanitize::sanitize($val, $formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN], SANATIZE_EXCEPTION);
if ($formElement[FE_ENCODE] === FE_ENCODE_SPECIALCHAR) {
$val = htmlspecialchars($val, ENT_QUOTES);
}
}
$newValues[$formElement[FE_NAME]] = $val;
break;
}
}
......
......@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `Form` (
`permitNew` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`permitEdit` ENUM('sip', 'logged_in', 'logged_out', 'always', 'never') NOT NULL DEFAULT 'sip',
`render` ENUM('bootstrap', 'table', 'plain') NOT NULL DEFAULT 'bootstrap',
`render` ENUM('bootstrap', 'table', 'plain') NOT NULL DEFAULT 'bootstrap',
`requiredParameter` VARCHAR(255) NOT NULL DEFAULT '',
`showButton` SET('new', 'delete', 'close', 'save') NOT NULL DEFAULT 'new,delete,close,save',
`multiMode` ENUM('none', 'horizontal', 'vertical') NOT NULL DEFAULT 'none',
......@@ -27,7 +27,7 @@ CREATE TABLE IF NOT EXISTS `Form` (
`parameter` TEXT NOT NULL,
`deleted` ENUM('yes', 'no') NOT NULL DEFAULT 'no',
`modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`created` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY (`id`),
......@@ -74,6 +74,7 @@ CREATE TABLE IF NOT EXISTS `FormElement` (
'beforeLoad', 'beforeSave', 'beforeInsert', 'beforeUpdate', 'beforeDelete', 'afterLoad',
'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete', 'sendMail') NOT NULL DEFAULT 'text',
`subrecordOption` SET('edit', 'delete', 'new') NOT NULL DEFAULT '',
`encode` ENUM('none', 'specialchar') NOT NULL DEFAULT 'specialchar',
`checkType` ENUM('alnumx', 'digit', 'numerical', 'email', 'min|max', 'min|max date', 'pattern', 'allbut', 'all') NOT NULL DEFAULT 'alnumx',
`checkPattern` VARCHAR(255) NOT NULL DEFAULT '',
......@@ -100,7 +101,7 @@ CREATE TABLE IF NOT EXISTS `FormElement` (
`feGroup` VARCHAR(255) NOT NULL DEFAULT '',
`deleted` ENUM('yes', 'no') NOT NULL DEFAULT 'no',
`modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`created` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY (`id`),
......@@ -152,41 +153,41 @@ VALUES
# FormEditor: FormElements for 'form'
INSERT INTO FormElement (formId, name, label, mode, type, checkType, class, ord, size, maxLength, note, clientJs, value,
sql1, parameter, feIdContainer, subrecordOption, modeSql, placeholder)
sql1, parameter, feIdContainer, subrecordOption, modeSql, placeholder, encode)
VALUES
(1, 'id', 'id', 'readonly', 'text', 'all', 'native', 100, 0, 11, '', '', '', '', '', 1, '', '', ''),
(1, 'name', 'Name', 'required', 'text', 'alnumx', 'native', 120, 0, 0, '', '', '', '', 'autofocus', 1, '', '', ''),
(1, 'title', 'Title', 'show', 'text', 'all', 'native', 130, 0, 0, '', '', '', '', '', 1, '', '', ''),
(1, 'noteInternal', 'Note', 'show', 'text', 'all', 'native', 140, '40,3', 0, '', '', '', '', '', 1, '', '', ''),
(1, 'tableName', 'Table', 'required', 'select', 'all', 'native', 150, 0, 0, '', '', '', '{{!SHOW tables}}', 'emptyItemAtStart', 1, '', '', ''),
(1, 'requiredParameter', 'Required Parameter', 'show', 'text', 'all', 'native', 200, 0, 0, '', '', '', '', '', 2, '', '', ''),
(1, 'permitNew', 'Permit New', 'show', 'radio', 'all', 'native', 210, 0, 10, '', '', '', '', '', 2, '', '', ''),
(1, 'permitEdit', 'Permit Edit', 'show', 'radio', 'all', 'native', 220, 0, 10, '', '', '', '', '', 2, '', '', ''),
(1, 'render', 'Render', 'show', 'radio', 'all', 'native', 230, 0, 3, '', '', '', '', '', 2, '', '', ''),
(1, 'showButton', 'Show button', 'show', 'checkbox', 'all', 'native', 240, 0, 5, '', '', '', '', 'checkBoxMode = multi\norientation=vertical', 2, '', '', ''),
(1, 'forwardMode', 'Forward', 'show', 'radio', 'all', 'native', 300, 0, 0, '', '', '', '', '', 3, '', '', ''),
(1, 'forwardPage', 'Forward Page', 'show', 'text', 'all', 'native', 310, 0, 0, '', '', '', '', '', 3, '', '', ''),
(1, 'parameter', 'Parameter', 'show', 'text', 'all', 'native', 320, '40,8', 0, '', '', '', '', '', 3, '', '', ''),
(1, 'bsLabelColumns', 'BS Label Columns', 'show', 'text', 'all', 'native', 330, 0, 0, '', '', '', '', '', 3, '', '', '{{bsLabelColumns:Y}}'),
(1, 'bsInputColumns', 'BS Input Columns', 'show', 'text', 'all', 'native', 340, 0, 0, '', '', '', '', '', 3, '', '', '{{bsInputColumns:Y}}'),
(1, 'bsNoteColumns', 'BS Note Columns', 'show', 'text', 'all', 'native', 350, 0, 0, '', '', '', '', '', 3, '', '', '{{bsNoteColumns:Y}}'),
(1, 'deleted', 'Deleted', 'show', 'checkbox', 'all', 'native', 360, 0, 0, '', '', '', '', '', 3, '', '', ''),
(1, 'modified', 'Modified', 'readonly', 'text', 'all', 'native', 370, 0, 20, '', '', '', '', '', 3, '', '', ''),
(1, 'created', 'Created', 'readonly', 'text', 'all', 'native', 380, 0, 20, '', '', '', '', '', 3, '', '', ''),
(1, 'multi', 'Multi', 'show', 'fieldset', 'all', 'native', 400, 0, 0, '', '', '', '', '', 4, '', '', ''),
(1, 'multiMode', 'Multi Mode', 'show', 'radio', 'all', 'native', 410, 0, 0, '', '', '', '', '', 4, '', '', ''),
(1, 'multiSql', 'Multi SQL', 'show', 'text', 'all', 'native', 420, '40,3', 0, '', '', '', '', '', 4, '', '', ''),
(1, 'name', 'Name', 'required', 'text', 'alnumx', 'native', 120, 0, 0, '', '', '', '', 'autofocus', 1, '', '', '',
'specialchar'),
(1, 'title', 'Title', 'show', 'text', 'all', 'native', 130, 0, 0, '', '', '', '', '', 1, '', '', '', 'none'),
(1, 'noteInternal', 'Note', 'show', 'text', 'all', 'native', 140, '40,3', 0, '', '', '', '', '', 1, '', '', '', 'specialchar'),
(1, 'tableName', 'Table', 'required', 'select', 'all', 'native', 150, 0, 0, '', '', '', '{{!SHOW tables}}', 'emptyItemAtStart', 1, '', '', '', 'specialchar'),
(1, 'requiredParameter', 'Required Parameter', 'show', 'text', 'all', 'native', 200, 0, 0, '', '', '', '', '', 2, '', '', '', 'specialchar'),
(1, 'permitNew', 'Permit New', 'show', 'radio', 'all', 'native', 210, 0, 10, '', '', '', '', '', 2, '', '', '', 'specialchar'),
(1, 'permitEdit', 'Permit Edit', 'show', 'radio', 'all', 'native', 220, 0, 10, '', '', '', '', '', 2, '', '', '', 'specialchar'),
(1, 'render', 'Render', 'show', 'radio', 'all', 'native', 230, 0, 3, '', '', '', '', '', 2, '', '', '', 'specialchar'),
(1, 'showButton', 'Show button', 'show', 'checkbox', 'all', 'native', 240, 0, 5, '', '', '', '', 'checkBoxMode = multi\norientation=vertical', 2, '', '', '', 'specialchar'),
(1, 'forwardMode', 'Forward', 'show', 'radio', 'all', 'native', 300, 0, 0, '', '', '', '', '', 3, '', '', '', 'specialchar'),
(1, 'forwardPage', 'Forward Page', 'show', 'text', 'all', 'native', 310, 0, 0, '', '', '', '', '', 3, '', '', '', 'none'),
(1, 'parameter', 'Parameter', 'show', 'text', 'all', 'native', 320, '40,8', 0, '', '', '', '', '', 3, '', '', '', 'none'),
(1, 'bsLabelColumns', 'BS Label Columns', 'show', 'text', 'all', 'native', 330, 0, 0, '', '', '', '', '', 3, '', '', '{{bsLabelColumns:Y}}', 'specialchar'),
(1, 'bsInputColumns', 'BS Input Columns', 'show', 'text', 'all', 'native', 340, 0, 0, '', '', '', '', '', 3, '', '', '{{bsInputColumns:Y}}', 'specialchar'),
(1, 'bsNoteColumns', 'BS Note Columns', 'show', 'text', 'all', 'native', 350, 0, 0, '', '', '', '', '', 3, '', '', '{{bsNoteColumns:Y}}', 'specialchar'),
(1, 'deleted', 'Deleted', 'show', 'checkbox', 'all', 'native', 360, 0, 0, '', '', '', '', '', 3, '', '', '', 'specialchar'),
(1, 'modified', 'Modified', 'readonly', 'text', 'all', 'native', 370, 0, 20, '', '', '', '', '', 3, '', '', '', 'specialchar'),
(1, 'created', 'Created', 'readonly', 'text', 'all', 'native', 380, 0, 20, '', '', '', '', '', 3, '', '', '', 'specialchar'),
(1, 'multi', 'Multi', 'show', 'fieldset', 'all', 'native', 400, 0, 0, '', '', '', '', '', 4, '', '', '', 'specialchar'),
(1, 'multiMode', 'Multi Mode', 'show', 'radio', 'all', 'native', 410, 0, 0, '', '', '', '', '', 4, '', '', '', 'specialchar'),
(1, 'multiSql', 'Multi SQL', 'show', 'text', 'all', 'native', 420, '40,3', 0, '', '', '', '', '', 4, '', '', '', 'none'),
(1, 'multiDetailForm', 'Multi Detail Form', 'show', 'text', 'all', 'native', 430, 0, 0, '', '', '', '', '', 4,
'', '', ''),
'', '', '', 'specialchar'),
(1, 'multiDetailFormParameter', 'Multi Detail Form Parameter', 'show', 'text', 'all', 'native', 440, 0, 0, '', '',
'', '', '', 4, '', '', ''),
'', '', '', 4, '', '', '', 'none'),
(1, '', 'FormElements', 'show', 'subrecord', 'all', 'native', 500, 0, 0, '', '', '',
'{{!SELECT IF( fe.enabled="yes", IF( fe.enabled="yes" AND fe.feIdContainer=0 AND !ISNULL(feCX.id) AND fe.class="native", "danger", IF( fe.class="container", "text-info", IF( fe.class="action", "text-success", ""))), "text-muted") AS _rowClass, IF( fe.enabled="yes", IF(fe.feIdContainer=0 AND !ISNULL(feCX.id) AND fe.class="native", "Please choose a container for this formelement", fe.class), "Disabled") AS _rowTitle, fe.id, CONCAT( IFNULL( CONCAT( feC.name, " (", fe.feIdContainer, ")"),"")) AS Container, fe.name AS "Name|50", fe.label, fe.mode, fe.class, fe.type, fe.ord, IF(fe.dynamicUpdate="yes", \'<span class="glyphicon glyphicon-random"></span>\',"") AS "dyn|||nostrip", fe.parameter FROM FormElement AS fe LEFT JOIN FormElement AS feC ON feC.id=fe.feIdContainer AND feC.formId=fe.formId LEFT JOIN FormElement AS feCX ON feCX.class="container" AND feCX.enabled="yes" AND feCX.formId=fe.formId WHERE fe.formId={{id:R0}} GROUP BY fe.id ORDER BY fe.class DESC, feC.ord, fe.ord, fe.id}}',
'form=formElement\ndetail=id:formId', 5, 'new,edit,delete', '', '');
'form=formElement\ndetail=id:formId', 5, 'new,edit,delete', '', '', 'none');
#
......@@ -211,58 +212,63 @@ VALUES
(104, 2, 'info', 'Info', 'show', 'pill', 'all', 'container', 20, 0, '', '', '', '', '', 0, '', '');
INSERT INTO FormElement (formId, name, label, mode, type, checkType, class, ord, size, maxLength, note, clientJs, value,
sql1, parameter, feIdContainer, subrecordOption, dynamicUpdate, bsLabelColumns, bsInputColumns, bsNoteColumns, modeSql, placeholder)
sql1, parameter, feIdContainer, subrecordOption, dynamicUpdate, bsLabelColumns, bsInputColumns,
bsNoteColumns, modeSql, placeholder, encode)
VALUES
(2, 'id', 'id', 'readonly', 'text', 'all', 'native', 100, 0, 11, '', '', '', '', '', 100, '', 'no', '', '', '', '',
''),
(2, 'formId', 'formId', 'readonly', 'text', 'all', 'native', 110, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
(2, 'formId', 'formId', 'readonly', 'text', 'all', 'native', 110, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '',
'', '', 'specialchar'),
(2, 'feIdContainer', 'Container', 'show', 'select', 'all', 'native', 120, 0, 0, '', '', '',
'{{!SELECT fe.id, CONCAT(fe.type, " / ", fe.name) FROM FormElement As fe WHERE fe.formId={{formId:S0}} AND fe.class="container" ORDER BY fe.type, fe.name }}',
'emptyItemAtStart', 100, '', 'no', '', '', '', '', ''),
(2, 'enabled', 'Enabled', 'show', 'checkbox', 'all', 'native', 130, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
'emptyItemAtStart', 100, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'enabled', 'Enabled', 'show', 'checkbox', 'all', 'native', 130, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'dynamicUpdate', 'Dynamic Update', 'show', 'checkbox', 'all', 'native', 135, 0, 0, 'On change, this element will be updated and trigger other.',
'', '', '', '', 100, '', 'no', '3', '2', '7', '', ''),
(2, 'name', 'Name', 'show', 'text', 'all', 'native', 140, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
(2, 'label', 'Label', 'show', 'text', 'all', 'native', 150, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
(2, 'mode', 'Mode', 'show', 'radio', 'all', 'native', 160, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
(2, 'modeSql', 'Mode sql', 'show', 'text', 'all', 'native', 170, '70,2', 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', ''),
(2, 'class', 'Class', 'show', 'select', 'all', 'native', 180, 0, 0, '', '', '{{class:FSRD0:alnumx}}', '', '', 100, '', 'yes', '', '', '', '', ''),
'', '', '', '', 100, '', 'no', '3', '2', '7', '', '', 'specialchar'),
(2, 'name', 'Name', 'show', 'text', 'all', 'native', 140, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'label', 'Label', 'show', 'text', 'all', 'native', 150, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', '', 'none'),
(2, 'mode', 'Mode', 'show', 'radio', 'all', 'native', 160, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'modeSql', 'Mode sql', 'show', 'text', 'all', 'native', 170, '70,2', 0, '', '', '', '', '', 100, '', 'no', '', '', '', '', '', 'none'),
(2, 'class', 'Class', 'show', 'select', 'all', 'native', 180, 0, 0, '', '', '{{class:FSRD0:alnumx}}', '', '', 100, '', 'yes', '', '', '', '', '', 'none'),
(2, 'type', 'Type', 'show', 'select', 'all', 'native', 190, 0, 0, '', '', '', '',
'itemList={{SELECT IF( "{{class:FRD0:alnumx}}"="native","checkbox,date,time,datetime,dateJQW,datetimeJQW,extra,gridJQW,text,editor,note,password,radio,select,subrecord,upload", IF("{{class:FRD0:alnumx}}"="action","beforeLoad,beforeSave,beforeInsert,beforeUpdate,beforeDelete,afterLoad,afterSave,afterInsert,afterUpdate,afterDelete,sendMail", "fieldset,pill,templateGroup") ) }}',
100, '', 'yes', '', '', '', '', ''),
100, '', 'yes', '', '', '', '', '', 'specialchar'),
(2, 'subrecordOption', 'Subrecord Option', 'show', 'checkbox', 'all', 'native', 200, 0, 0, '', '', '', '', '', 100, '', 'no', '', '', '',
'', ''),
(2, 'checkType', 'Check Type', 'show', 'select', 'all', 'native', 300, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', ''),
(2, 'checkPattern', 'Check Pattern', 'show', 'text', 'all', 'native', 310, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', ''),
(2, 'onChange', 'JS onChange', 'show', 'text', 'all', 'native', 320, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', ''),
(2, 'ord', 'Order', 'show', 'text', 'all', 'native', 330, 0, 0, '', '',
'', '', 'specialchar'),
(2, 'encode', 'Encode', 'show', 'radio', 'all', 'native', 300, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'checkType', 'Check Type', 'show', 'select', 'all', 'native', 310, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'checkPattern', 'Check Pattern', 'show', 'text', 'all', 'native', 320, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'none'),
(2, 'onChange', 'JS onChange', 'show', 'text', 'all', 'native', 330, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'none'),
(2, 'ord', 'Order', 'show', 'text', 'all', 'native', 340, 0, 0, '', '',
'{{SELECT IF({{ord:R0}}=0, MAX(IFNULL(fe.ord,0))+10,{{ord:R0}}) FROM (SELECT 1) AS a LEFT JOIN FormElement AS fe ON fe.formId={{formId:S0}} GROUP BY fe.formId}}',
'', '', 101, '', 'no', '', '', '', '', ''),
(2, 'tabindex', 'tabindex', 'show', 'text', 'all', 'native', 340, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', ''),
(2, 'size', 'Size', 'show', 'text', 'all', 'native', 400, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', ''),
(2, 'bsLabelColumns', 'BS Label Columns', 'show', 'text', 'all', 'native', 410, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsLabelColumns:Y}}'),
(2, 'bsInputColumns', 'BS Input Columns', 'show', 'text', 'all', 'native', 420, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsInputColumns:Y}}'),
(2, 'bsNoteColumns', 'BS Note Columns', 'show', 'text', 'all', 'native', 430, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsNoteColumns:Y}}'),
(2, 'rowLabelInputNote', 'Label / Input / Note', 'show', 'checkbox', 'alnumx', 'native', 440, 0, 10, '', '', '', '', '', 102, '', 'no', '', '', '', '', ''),
(2, 'maxLength', 'Maxlength', 'show', 'text', 'all', 'native', 450, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', ''),
(2, 'note', 'Note', 'show', 'editor', 'all', 'native', 460, '', 0, '', '', '', '', 'editor-plugins=code link table textcolor textpattern\neditor-toolbar=code | styleselect link table | bullist numlist | forecolor backcolor bold italic\neditor-menubar=false\neditor-statusbar=false', 102, '', 'no', '', '', '', '', ''),
(2, 'tooltip', 'Tooltip', 'show', 'text', 'all', 'native', 470, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', ''),
(2, 'placeholder', 'Placeholder', 'show', 'text', 'all', 'native', 480, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', ''),
(2, 'value', 'value', 'show', 'text', 'all', 'native', 500, '40,2', 0, '', '', '', '', '', 103, '', 'no', '', '', '', '', ''),
(2, 'sql1', 'sql1', 'show', 'text', 'all', 'native', 510, '40,5', 0, 'MariaDB: <a href="https://mariadb.com/kb/en/mariadb/select/">Select</a>, <a href="https://mariadb.com/kb/en/mariadb/functions-and-operators/">Functions</a>', '', '', '', '', 103, '', 'no', '', '', '', '', ''),
'', '', 101, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'tabindex', 'tabindex', 'show', 'text', 'all', 'native', 350, 0, 0, '', '', '', '', '', 101, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'size', 'Size', 'show', 'text', 'all', 'native', 400, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'bsLabelColumns', 'BS Label Columns', 'show', 'text', 'all', 'native', 410, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsLabelColumns:Y}}', 'specialchar'),
(2, 'bsInputColumns', 'BS Input Columns', 'show', 'text', 'all', 'native', 420, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsInputColumns:Y}}', 'specialchar'),
(2, 'bsNoteColumns', 'BS Note Columns', 'show', 'text', 'all', 'native', 430, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '{{bsNoteColumns:Y}}', 'specialchar'),
(2, 'rowLabelInputNote', 'Label / Input / Note', 'show', 'checkbox', 'alnumx', 'native', 440, 0, 10, '', '', '', '', '', 102, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'maxLength', 'Maxlength', 'show', 'text', 'all', 'native', 450, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'note', 'Note', 'show', 'editor', 'all', 'native', 460, '', 0, '', '', '', '',
'editor-plugins=code link table textcolor textpattern\neditor-toolbar=code | styleselect link table | bullist numlist | forecolor backcolor bold italic\neditor-menubar=false\neditor-statusbar=false',
102, '', 'no', '', '', '', '', '', 'none'),
(2, 'tooltip', 'Tooltip', 'show', 'text', 'all', 'native', 470, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '', 'none'),
(2, 'placeholder', 'Placeholder', 'show', 'text', 'all', 'native', 480, 0, 0, '', '', '', '', '', 102, '', 'no', '', '', '', '', '', 'none'),
(2, 'value', 'value', 'show', 'text', 'all', 'native', 500, '40,2', 0, '', '', '', '', '', 103, '', 'no', '', '', '', '', '', 'none'),
(2, 'sql1', 'sql1', 'show', 'text', 'all', 'native', 510, '40,5', 0,
'MariaDB: <a href="https://mariadb.com/kb/en/mariadb/select/">Select</a>, <a href="https://mariadb.com/kb/en/mariadb/functions-and-operators/">Functions</a>',
'', '', '', '', 103, '', 'no', '', '', '', '', '', 'none'),
(2, 'parameter', 'Parameter', 'show', 'text', 'all', 'native', 520, '40,8', 0, '',
'', '', '', '', 103, '', 'no', '', '', '', '', ''),
(2, 'clientJs', 'ClientJS', 'show', 'text', 'all', 'native', 530, 0, 0, '', '', '', '', '', 103, '', 'no', '', '', '', '', ''),
(2, 'adminNote', 'Admin Note', 'show', 'text', 'all', 'native', 600, 0, 0, '', '', '', '', '', 104, '', 'no', '', '', '', '', ''),
'', '', '', '', 103, '', 'no', '', '', '', '', '', 'none'),
(2, 'clientJs', 'ClientJS', 'show', 'text', 'all', 'native', 530, 0, 0, '', '', '', '', '', 103, '', 'no', '', '', '', '', '', 'none'),
(2, 'adminNote', 'Admin Note', 'show', 'text', 'all', 'native', 600, 0, 0, '', '', '', '', '', 104, '', 'no', '', '', '', '', '', 'specialchar'),
(2, 'feGroup', 'feGroup', 'show', 'text', 'all', 'native', 610, 0, 0, '', '', '', '', '', 104, '', 'no', '', '', '',
'', ''),
'', '', 'specialchar'),
(2, 'deleted', 'Deleted', 'show', 'checkbox', 'all', 'native', 620, 0, 0, '', '', '', '', '', 104, '', 'no', '', '',
'', '', ''),
'', '', '', 'specialchar'),
(2, 'modified', 'Modified', 'readonly', 'text', 'all', 'native', 630, 0, 20, '', '', '', '', '', 104, '', 'no',
'', '', '', '', ''),
'', '', '', '', '', 'specialchar'),
(2, 'created', 'Created', 'readonly', 'text', 'all', 'native', 640, 0, 20, '', '', '', '', '', 104, '', 'no', '',
'', '', '', '');
'', '', '', '', 'specialchar');
# ----------------------------------------
......
......@@ -87,32 +87,32 @@ class BuildFormPlainTest extends AbstractDatabaseTest {
$this->assertEquals([FE_MODE_HIDDEN => '', 'disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', API_ELEMENT_UPDATE => $label], $json);
// CheckType
$formElement['checkType'] = SANITIZE_ALLOW_MIN_MAX;
$formElement['checkPattern'] = '1|10';
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_MIN_MAX;
$formElement[FE_CHECK_PATTERN] = '1|10';
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" min="1" max="10" data-hidden="no" data-disabled="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals([FE_MODE_HIDDEN => '', 'disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement['checkType'] = SANITIZE_ALLOW_PATTERN;
$formElement['checkPattern'] = '^[a-z]*$';
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_PATTERN;
$formElement[FE_CHECK_PATTERN] = '^[a-z]*$';
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" pattern="^[a-z]*$" data-hidden="no" data-disabled="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals([FE_MODE_HIDDEN => '', 'disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement['checkType'] = SANITIZE_ALLOW_DIGIT;
$formElement['checkPattern'] = '';
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_DIGIT;
$formElement[FE_CHECK_PATTERN] = '';
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" pattern="^[\d]*$" data-hidden="no" data-disabled="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals([FE_MODE_HIDDEN => '', 'disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement['checkType'] = SANITIZE_ALLOW_EMAIL;
$formElement['checkPattern'] = '';
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_EMAIL;
$formElement[FE_CHECK_PATTERN] = '';
$result = $build->buildInput($formElement, 'name:1', '', $json);
$this->assertEquals('<input id="123" name="name:1" class="form-control" maxlength="255" type="input" value="" pattern="^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$" data-hidden="no" data-disabled="no" data-required="no" ><div class="help-block with-errors hidden"></div>', $result);
$this->assertEquals([FE_MODE_HIDDEN => '', 'disabled' => false, FE_MODE_REQUIRED => '', 'form-element' => 'name:1', 'value' => '', 'disabled' => false, API_ELEMENT_UPDATE => $label], $json);
$formElement['checkType'] = '';
$formElement['checkPattern'] = '';
$formElement[FE_CHECK_TYPE] = '';
$formElement[FE_CHECK_PATTERN] = '';
// Explizit size
......@@ -221,8 +221,8 @@ class BuildFormPlainTest extends AbstractDatabaseTest {
'maxLength' => '255',
'tooltip' => '',
'placeholder' => '',
'checkType' => '',
'checkPattern' => '',
FE_CHECK_TYPE => '',
FE_CHECK_PATTERN => '',
FE_HTML_ID => '123',
'tabindex' => 0
......@@ -243,8 +243,8 @@ class BuildFormPlainTest extends AbstractDatabaseTest {
$build = new \qfq\BuildFormPlain($form, array(), [$formElement]);
$formElement['checkType'] = SANITIZE_ALLOW_MIN_MAX;
$formElement['checkPattern'] = '';
$formElement[FE_CHECK_TYPE] = SANITIZE_ALLOW_MIN_MAX;
$formElement[FE_CHECK_PATTERN] = '';
$result = $build->buildInput($formElement, 'name:1', '', $json);
}
......
......@@ -73,6 +73,7 @@ CREATE TABLE IF NOT EXISTS `FormElement` (
'afterSave', 'afterInsert', 'afterUpdate', 'afterDelete',
'sendmail') NOT NULL DEFAULT 'text',
`subrecordOption` SET('edit', 'delete', 'new') NOT NULL DEFAULT '',
`encode` ENUM('none', 'specialchar') NOT NULL DEFAULT 'specialchar',
`checkType` ENUM('alnumx', 'digit', 'numerical', 'email', 'min|max', 'min|max date', 'pattern', 'all') NOT NULL DEFAULT 'alnumx',
`checkPattern` VARCHAR(255) NOT NULL DEFAULT '',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment