Commit 469f7dce authored by Carsten  Rose's avatar Carsten Rose
Browse files

Manual.rst: Describe REST authentication

parent 99453749
......@@ -62,17 +62,17 @@ For the `download`_ function, the programs `pdftk` and `file` are necessary to c
Preparation for Ubuntu 14.04::
sudo apt-get install php5-mysqlnd php5-intl
sudo apt-get install pdftk file # for file upload and PDF
sudo apt-get install inkscape imagemagick # to render thumbnails
sudo php5enmod mysqlnd
sudo service apache2 restart
sudo apt-get install php5-mysqlnd php5-intl
sudo apt-get install pdftk file # for file upload and PDF
sudo apt-get install inkscape imagemagick # to render thumbnails
sudo php5enmod mysqlnd
sudo service apache2 restart
Preparation for Ubuntu 16.04::
sudo apt install php7.0-intl
sudo apt install pdftk libxrender1 file pdf2svg # for file upload, PDF and 'HTML to PDF' (wkhtmltopdf), PDF split
sudo apt install inkscape imagemagick # to render thumbnails
sudo apt install php7.0-intl
sudo apt install pdftk libxrender1 file pdf2svg # for file upload, PDF and 'HTML to PDF' (wkhtmltopdf), PDF split
sudo apt install inkscape imagemagick # to render thumbnails
.. _wkhtml:
......@@ -130,17 +130,17 @@ Different browser prints the same page in different variations. To prevent this,
Provide a `print this page`-link (replace 'current pageId' )::
<a href="typo3conf/ext/qfq/Source/api/print.php?id={current pageId}">Print this page</a>
<a href="typo3conf/ext/qfq/Source/api/print.php?id={current pageId}">Print this page</a>
Any parameter specified after `print.php` will be delivered to `wkhtmltopdf` as part of the URL.
Typoscript code to implement a print link on every page::
10 = TEXT
10 {
wrap = <a href="typo3conf/ext/qfq/Source/api/print.php?id=|&type=99"><span class="glyphicon glyphicon-print" aria-hidden="true"></span> Printview</a>
data = page:uid
}
10 = TEXT
10 {
wrap = <a href="typo3conf/ext/qfq/Source/api/print.php?id=|&type=99"><span class="glyphicon glyphicon-print" aria-hidden="true"></span> Printview</a>
data = page:uid
}
Send Email
^^^^^^^^^^
......@@ -433,6 +433,8 @@ Extension Manager: QFQ Configuration
| securityGetMaxLength | 50 | GET vars longer than 'x' chars triggers an `attack-recognized`. |
| | | `ExceptionMaxLength`_. |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| securityFailedAuthDelay | 3 | If authorization fails, sleep 'x' seconds before answering the request. |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| Form-Config |
+-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| recordLockTimeoutSeconds | 900 | Timeout for record locking. After this time, a record will be replaced. |
......@@ -599,7 +601,7 @@ Websites, delivering semester data, school year schedules, or any other type or
In configuration_: ::
fillStoreSystemBySql1: SELECT id AS periodId FROM Period WHERE start<=NOW() ORDER BY start DESC LIMIT 1
fillStoreSystemBySql1: SELECT id AS periodId FROM Period WHERE start<=NOW() ORDER BY start DESC LIMIT 1
a variable 'periodId' will automatically computed and filled in STORE SYSTEM. Access it via `{{periodId:Y0}}`.
To get the name and current period: ::
......@@ -1221,11 +1223,11 @@ Rules for CheckType Auto (by priority):
* TypeAheadSQL or TypeAheadLDAP defined: **alnumx**
* Table definition
* integer type: **digit**
* floating point number: **numerical**
* integer type: **digit**
* floating point number: **numerical**
* FE Type
* 'password', 'note': **all**
* 'editor', 'text' and encode = 'specialchar': **all**
* 'password', 'note': **all**
* 'editor', 'text' and encode = 'specialchar': **all**
* None of the above: **alnumx**
......@@ -1249,16 +1251,16 @@ manipulate FE user passwords via QFQ. See `setFeUserPassword`_
The following `escape` and `hashing` types are available:
* 'm' - `real_escape_string() <http://php.net/manual/en/mysqli.real-escape-string.php>`_ (m = mysql)
* 'l' - LDAP search filter values: `ldap-escape() <http://php.net/manual/en/function.ldap-escape.php>`_ (LDAP_ESCAPE_FILTER).
* 'L' - LDAP DN values. `ldap-escape() <http://php.net/manual/en/function.ldap-escape.php>`_ (LDAP_ESCAPE_DN).
* 's' - Single ticks ' will be escaped against \\'.
* 'd' - double ticks " will be escaped against \\".
* 'C' - colon ':' will be escaped against \\:.
* 'c' - config - the escape type configured in `configuration`_.
* 'p' - password hashing: depends on the hashing type in the Typo3 installation, includes salting if configured.
* '' - the escape type configured in `configuration`_.
* '-' - no escaping.
* 'm' - `real_escape_string() <http://php.net/manual/en/mysqli.real-escape-string.php>`_ (m = mysql)
* 'l' - LDAP search filter values: `ldap-escape() <http://php.net/manual/en/function.ldap-escape.php>`_ (LDAP_ESCAPE_FILTER).
* 'L' - LDAP DN values. `ldap-escape() <http://php.net/manual/en/function.ldap-escape.php>`_ (LDAP_ESCAPE_DN).
* 's' - Single ticks ' will be escaped against \\'.
* 'd' - double ticks " will be escaped against \\".
* 'C' - colon ':' will be escaped against \\:.
* 'c' - config - the escape type configured in `configuration`_.
* 'p' - password hashing: depends on the hashing type in the Typo3 installation, includes salting if configured.
* '' - the escape type configured in `configuration`_.
* '-' - no escaping.
* The `escape` type is defined by the fourth parameter of the variable. E.g.: `{{name:FE:alnumx:m}}` (m = mysql).
* It's possible to combine different `escape` types, they will be processed in the order given. E.g. `{{name:FE:alnumx:Ls}}` (L, s).
......@@ -1333,7 +1335,7 @@ Database index
To access different databases in a `multi-database`_ setup, the database index can be specified after the opening curly
braces. ::
{{[1]SELECT ... }}
{{[1]SELECT ... }}
For using the indexData and indexQfq (configuration_), it's a good practice to specify the variable name
instead of the numeric index. ::
......@@ -1385,11 +1387,11 @@ Link column variables
These variables return a link, completely rendered in HTML. The syntax and all features of `column-link`_ are available.
The following code will render a 'new person' button::
{{p:form&form=Person|s|N|t:new person AS link}}
{{p:form&form=Person|s|N|t:new person AS link}}
For better reading, the format string might be wrapped in single or double quotes (this is optional): ::
{{"p:form&form=Person|s|N|t:new person" AS link}}
{{"p:form&form=Person|s|N|t:new person" AS link}}
These variables are especially helpful in:
......@@ -1509,9 +1511,9 @@ To offer download of those files, use the reserved column name '_download' (see
**Important**: To protect the installation against executing of uploaded malicious script code, disable PHP for the final
upload directory. E.g. `fileadmin` (Apache): ::
<Directory "/var/www/html/fileadmin">
php_admin_flag engine Off
</Directory>
<Directory "/var/www/html/fileadmin">
php_admin_flag engine Off
</Directory>
This is in general a good security improvement for directories with user supplied content.
......@@ -1685,7 +1687,9 @@ Store: *CLIENT* - C
+=========================+==========================================================================================================================================+
| s | =SIP |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| r | record id. Typically stored in SIP, rarely specified on the URL |
| r | record id. Only if specified as GET parameter - typically stored in SIP (=STORE_SIP) |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| form | Name of form to load. Only if specified as GET parameter - typically stored in SIP (=STORE_SIP) |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| HTTP_HOST | current HTTP HOST |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
......@@ -1693,7 +1697,7 @@ Store: *CLIENT* - C
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| '$_SERVER[*]' | All other variables accessible by *$_SERVER[]*. Only the often used have a pre-defined sanitize class. |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
| form | Unique name of current form |
| Authorization | Value of the HTTP Header 'Authorization'. This is typically not set. Mostly used for authentication of REST requests |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
.. _STORE_TYPO3:
......@@ -2536,10 +2540,10 @@ Optional it might be defined via *Form.parameter* ::
The following shows the same *Form* in the `regular`, `readonly` and `requiredOff` mode::
10.sql = SELECT CONCAT('p:{{pageAlias:T}}&form=person&r=', p.id, '|Regular') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=readonly&r=', p.id, '|Readonly') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=requiredOff&r=', p.id, '|Required off') as _pagee
FROM Person AS p
10.sql = SELECT CONCAT('p:{{pageAlias:T}}&form=person&r=', p.id, '|Regular') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=readonly&r=', p.id, '|Readonly') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=requiredOff&r=', p.id, '|Required off') as _pagee
FROM Person AS p
..
......@@ -2687,11 +2691,11 @@ Add an *action* record, type='afterSave', and assign the record to the given *te
In the parameter field define: ::
slaveId = {{SELECT id FROM Address WHERE personId={{id}} ORDER BY id LIMIT %D,1}}
sqlHonorFormElements = city%d, street%d
sqlUpdate = {{UPDATE Address SET city='{{city%d:FE:alnumx:s}}', street='{{street%d:FE:alnumx:s}}' WHERE id={{slaveId}} LIMIT 1}}
sqlInsert = {{INSERT INTO Address (`personId`, `city`, `street`) VALUES ({{id}}, '{{city%d:FE:alnumx:s}}' , '{{street%d:FE:alnumx:s}}') }}
sqlDelete = {{DELETE FROM Address WHERE id={{slaveId}} LIMIT 1}}
slaveId = {{SELECT id FROM Address WHERE personId={{id}} ORDER BY id LIMIT %D,1}}
sqlHonorFormElements = city%d, street%d
sqlUpdate = {{UPDATE Address SET city='{{city%d:FE:alnumx:s}}', street='{{street%d:FE:alnumx:s}}' WHERE id={{slaveId}} LIMIT 1}}
sqlInsert = {{INSERT INTO Address (`personId`, `city`, `street`) VALUES ({{id}}, '{{city%d:FE:alnumx:s}}' , '{{street%d:FE:alnumx:s}}') }}
sqlDelete = {{DELETE FROM Address WHERE id={{slaveId}} LIMIT 1}}
The `slaveId` needs attention: the placeholder `%d` starts always at 1. The `LIMIT` directive starts at 0 - therefore
use `%D` instead of `%d`, cause `%D` is always one below `%d` - but can **only** be used on the action element.
......@@ -3480,11 +3484,11 @@ will be rendered inside the form as a HTML table.
* *subrecordTableClass*: Optional. Default: 'table table-hover qfq-subrecord-table'. If given, the default will be
overwritten. Example: ::
subrecordTableClass = table table-hover qfq-subrecord-table qfq-table-50
subrecordTableClass = table table-hover qfq-subrecord-table qfq-table-50
* Tablesorter in Subrecord:
subrecordTableClass = table table-hover qfq-subrecord-table tablesorter tablesorter-pager tablesorter-filter
subrecordTableClass = table table-hover qfq-subrecord-table tablesorter tablesorter-pager tablesorter-filter
* *subrecordColumnTitleEdit*: Optional. Will be rendered as the column title for the new/edit column.
* *subrecordColumnTitleDelete*: Optional. Will be rendered as the column title for the delete column.
......@@ -3553,8 +3557,8 @@ and will be processed after saving the primary record and before any action Form
* *FormElement.value* = `<string>` - By default, the full path of any already uploaded file is shown. To show something
different, e.g. only the filename, define: ::
a) {{filenameBase:V}}
b) {{SELECT SUBSTRING_INDEX( '{{pathFileName:R}}', '/', -1) }}
a) {{filenameBase:V}}
b) {{SELECT SUBSTRING_INDEX( '{{pathFileName:R}}', '/', -1) }}
See also `downloadButton`_ to offer a download of an uploaded file.
......@@ -4051,7 +4055,7 @@ Parameter
`pId` in the link who calls the address form. The following creates a 'new' button for an address for all persons, and
the pId will be automatically saved in the address table: ::
SELECT CONCAT('p:{{pageAlias:T}}&form=address&r=0&pId=', p.id) AS _pagen FROM Person AS p
SELECT CONCAT('p:{{pageAlias:T}}&form=address&r=0&pId=', p.id) AS _pagen FROM Person AS p
Such parameter, which the form expects to be in the SIP url, should be specified in Form.permitNew and/or Form.permitEdit.
It's only a check for the webmaster, not to forgot a parameter in a SIP url.
......@@ -4108,11 +4112,11 @@ Assuming the Typo3 page has the
Configuration in configuration_: ::
formLanguageAId = 1
formLanguageALabel = English
formLanguageAId = 1
formLanguageALabel = English
formLanguageBId = 2
formLanguageBLabel = Spanish
formLanguageBId = 2
formLanguageBLabel = Spanish
The default language is not covered in configuration_.
......@@ -4122,31 +4126,31 @@ missing definition means 'take the default'. E.g.:
* Form: 'person'
+--------------------+--------------------------+
| Column | Value |
+====================+==========================+
| title | Eingabe Person |
+--------------------+--------------------------+
| languageParameterA | title=Input Person |
+--------------------+--------------------------+
| languageParameterB | title=Persona de entrada |
+--------------------+--------------------------+
+--------------------+--------------------------+
| Column | Value |
+====================+==========================+
| title | Eingabe Person |
+--------------------+--------------------------+
| languageParameterA | title=Input Person |
+--------------------+--------------------------+
| languageParameterB | title=Persona de entrada |
+--------------------+--------------------------+
* FormElement 'firstname' in Form 'person':
+--------------------+------------------------------------------------+
| Column | Value |
+====================+================================================+
| title | Vorname |
+--------------------+------------------------------------------------+
| note | Bitte alle Vornamen erfassen |
+--------------------+------------------------------------------------+
| languageParameterA | | title=Firstname |
| | | note=Please give all firstnames |
+--------------------+------------------------------------------------+
| languageParameterB | | title=Persona de entrada |
| | | note=Por favor, introduzca todos los nombres |
+--------------------+------------------------------------------------+
+--------------------+------------------------------------------------+
| Column | Value |
+====================+================================================+
| title | Vorname |
+--------------------+------------------------------------------------+
| note | Bitte alle Vornamen erfassen |
+--------------------+------------------------------------------------+
| languageParameterA | | title=Firstname |
| | | note=Please give all firstnames |
+--------------------+------------------------------------------------+
| languageParameterB | | title=Persona de entrada |
| | | note=Por favor, introduzca todos los nombres |
+--------------------+------------------------------------------------+
The following fields are possible:
......@@ -4948,8 +4952,8 @@ Table: Person
# Typeahead
typeAheadLdapSearch = (|(cn=*?*)(mail=*?*))
typeAheadLdapValuePrintf ‘%s / %s’, cn, email
typeAheadLdapIdPrintf ‘%s’, email
typeAheadLdapValuePrintf ‘%s / %s’, cn, email
typeAheadLdapIdPrintf ‘%s’, email
# dynamicUpdate: show note
fillStoreLdap
......@@ -5100,9 +5104,9 @@ Only SELECT and SHOW queries will fire subqueries.
Processing of the resulting rows and columns:
* In general, all columns of all rows will be printed out sequentially.
* On a per column base, printing of columns can be suppressed by starting the column name with an underscore '_'. E.g.
`SELECT id AS _id`.
* In general, all columns of all rows will be printed out sequentially.
* On a per column base, printing of columns can be suppressed by starting the column name with an underscore '_'. E.g.
`SELECT id AS _id`.
This might be useful to store values, which will be used later on in another query via the `{{id:R}}` or
`{{<level>.columnName}}` variable. To suppress printing of a column, use a underscore as column name prefix. E.g.
......@@ -5250,9 +5254,9 @@ Leading / trailing spaces
By default, leading or trailing whitespaces are removed from strings behind '='. E.g. 'rend = test ' becomes 'test' for
rend. To prevent any leading or trailing spaces, surround them by using single or double ticks. Example: ::
10.sql = SELECT name FROM Person
10.rsep = ' '
10.head = "Names: "
10.sql = SELECT name FROM Person
10.rsep = ' '
10.head = "Names: "
Braces character for nesting
......@@ -6081,23 +6085,23 @@ Optional any number of sources can be concatenated to a single PDF file: 'C|F:<f
Examples in Report::
# One file attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf" AS _sendmail
# One file attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf" AS _sendmail
# Two files attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf|F:fileadmin/detail.pdf" AS _sendmail
# Two files attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf|F:fileadmin/detail.pdf" AS _sendmail
# Two files and a webpage (converted to PDF) are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf|F:fileadmin/detail.pdf|p:?id=export&r=123|d:person.pdf" AS _sendmail
# Two files and a webpage (converted to PDF) are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|F:fileadmin/summary.pdf|F:fileadmin/detail.pdf|p:?id=export&r=123|d:person.pdf" AS _sendmail
# Two webpages (converted to PDF) are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|p:?id=export&r=123|d:person123.pdf|p:?id=export&r=234|d:person234.pdf" AS _sendmail
# Two webpages (converted to PDF) are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|p:?id=export&r=123|d:person123.pdf|p:?id=export&r=234|d:person234.pdf" AS _sendmail
# One file and two webpages (converted to PDF) are *concatenated* to one PDF and attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|C|F:fileadmin/summary.pdf|p:?id=export&r=123|p:?id=export&r=234|d:complete.pdf" AS _sendmail
# One file and two webpages (converted to PDF) are *concatenated* to one PDF and attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|C|F:fileadmin/summary.pdf|p:?id=export&r=123|p:?id=export&r=234|d:complete.pdf" AS _sendmail
# One T3 webpage, protected by a SIP, are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|p:?id=export&r=123&_sip=1|d:person123.pdf" AS _sendmail
# One T3 webpage, protected by a SIP, are attached.
10.sql = SELECT "t:john.doe@example.com|f:company@example.com|s:Latest News|b:The new version is now available.|p:?id=export&r=123&_sip=1|d:person123.pdf" AS _sendmail
.. _column_img:
......@@ -6212,15 +6216,15 @@ Most of the other Link-Class attributes can be used to customize the link. ::
* For column `_pdf` and `_zip`, the element sources `p:...`, `U:...`, `u:...`, `F:...` might repeated multiple times.
* Example: ::
10.sql = SELECT "F:fileadmin/test.pdf" as _pdf, "F:fileadmin/test.pdf" as _file, "F:fileadmin/test.pdf" as _zip
10.sql = SELECT "p:id=export&r=1" as _pdf, "p:id=export&r=1" as _file, "p:id=export&r=1" as _zip
10.sql = SELECT "F:fileadmin/test.pdf" as _pdf, "F:fileadmin/test.pdf" as _file, "F:fileadmin/test.pdf" as _zip
10.sql = SELECT "p:id=export&r=1" as _pdf, "p:id=export&r=1" as _file, "p:id=export&r=1" as _zip
10.sql = SELECT "t:Download PDF|F:fileadmin/test.pdf" as _pdf, "t:Download PDF|F:fileadmin/test.pdf" as _file, "t:Download ZIP|F:fileadmin/test.pdf" as _zip
10.sql = SELECT "t:Download PDF|p:id=export&r=1" as _pdf, "t:Download PDF|p:id=export&r=1" as _file, "t:Download ZIP|p:id=export&r=1" as _zip
10.sql = SELECT "t:Download PDF|F:fileadmin/test.pdf" as _pdf, "t:Download PDF|F:fileadmin/test.pdf" as _file, "t:Download ZIP|F:fileadmin/test.pdf" as _zip
10.sql = SELECT "t:Download PDF|p:id=export&r=1" as _pdf, "t:Download PDF|p:id=export&r=1" as _file, "t:Download ZIP|p:id=export&r=1" as _zip
10.sql = SELECT "d:complete.pdf|t:Download PDF|F:fileadmin/test1.pdf|F:fileadmin/test2.pdf" as _pdf, "d:complete.zip|t:Download ZIP|F:fileadmin/test1.pdf|F:fileadmin/test2.pdf" as _zip
10.sql = SELECT "d:complete.pdf|t:Download PDF|F:fileadmin/test1.pdf|F:fileadmin/test2.pdf" as _pdf, "d:complete.zip|t:Download ZIP|F:fileadmin/test1.pdf|F:fileadmin/test2.pdf" as _zip
10.sql = SELECT "d:complete.pdf|t:Download PDF|F:fileadmin/test.pdf|p:id=export&r=1|u:www.example.com" AS _pdf
10.sql = SELECT "d:complete.pdf|t:Download PDF|F:fileadmin/test.pdf|p:id=export&r=1|u:www.example.com" AS _pdf
.. _column-save-pdf:
......@@ -6242,8 +6246,8 @@ Tips:
Examples: ::
SELECT "d:fileadmin/result.pdf|F:fileadmin/_temp_/test.pdf" AS _savePdf
SELECT "d:fileadmin/result.pdf|F:fileadmin/_temp_/test.pdf|U:id=test&--orientation=landscape" AS _savePdf
SELECT "d:fileadmin/result.pdf|F:fileadmin/_temp_/test.pdf" AS _savePdf
SELECT "d:fileadmin/result.pdf|F:fileadmin/_temp_/test.pdf|U:id=test&--orientation=landscape" AS _savePdf
.. _column-thumbnail:
......@@ -6289,17 +6293,17 @@ tag. Something like `<body style="background-image:url(bgimage.jpg)">` could be
Example: ::
# SIP protected, IMG tag, thumbnail width 150px
10.sql = SELECT 'T:fileadmin/file3.pdf' AS _thumbnail
# SIP protected, IMG tag, thumbnail width 150px
10.sql = SELECT 'T:fileadmin/file3.pdf' AS _thumbnail
# SIP protected, IMG tag, thumbnail width 50px
20.sql = SELECT 'T:fileadmin/file3.pdf|W:50' AS _thumbnail
# SIP protected, IMG tag, thumbnail width 50px
20.sql = SELECT 'T:fileadmin/file3.pdf|W:50' AS _thumbnail
# No SIP protection, IMG tag, thumbnail width 150px
30.sql = SELECT 'T:fileadmin/file3.pdf|s:0' AS _thumbnail
# No SIP protection, IMG tag, thumbnail width 150px
30.sql = SELECT 'T:fileadmin/file3.pdf|s:0' AS _thumbnail
# SIP protected, only the URL to the image, thumbnail width 150px
40.sql = SELECT 'T:fileadmin/file3.pdf|s:1|r:7' AS _thumbnail
# SIP protected, only the URL to the image, thumbnail width 150px
40.sql = SELECT 'T:fileadmin/file3.pdf|s:1|r:7' AS _thumbnail
Dimension
......@@ -6314,7 +6318,7 @@ Cleaning
By default, the thumbnail directories are never cleaned. It's a good idea to install a cronjob which purges all files
older than 1 year: ::
find /path/to/files -type f -mtime +365 -delete
find /path/to/files -type f -mtime +365 -delete
Render
''''''
......@@ -6337,7 +6341,7 @@ The secure path needs to be protected against direct file access by the webmaste
QFQ returns a HTML 'img'-tag: ::
<img src="api/download.php?s=badcaffee1234">
<img src="api/download.php?s=badcaffee1234">
Thumbnail: public
'''''''''''''''''
......@@ -6490,49 +6494,49 @@ Parameter and (element) sources
the key/value tuple in `p:...`, `u:...` or `U:...` has to be separated by '='. Please see last example below.
* If an option contains an '&' it must be escaped with double '\\'. See example.
Most of the other Link-Class attributes can be used to customize the link as well.
Most of the other Link-Class attributes can be used to customize the link as well.
Example `_link`: ::
# single `file`. Specifying a popup message window text is not necessary, cause a file directly accessed is fast.
SELECT "d:file.pdf|s|t:Download|F:fileadmin/pdf/test.pdf" AS _link
# single `file`. Specifying a popup message window text is not necessary, cause a file directly accessed is fast.
SELECT "d:file.pdf|s|t:Download|F:fileadmin/pdf/test.pdf" AS _link
# single `file`, with mode
SELECT "d:file.pdf|M:pdf|s|t:Download|F:fileadmin/pdf/test.pdf" AS _link
# single `file`, with mode
SELECT "d:file.pdf|M:pdf|s|t:Download|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file, parameter to wkhtml will be SIP encoded
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1&_sip=1|p:id=detail2&r=1&_sip=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file, parameter to wkhtml will be SIP encoded
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1&_sip=1|p:id=detail2&r=1&_sip=1|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file, the second page will be in landscape and pagesize A3
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1&--orientation=Landscape&--page-size=A3|F:fileadmin/pdf/test.pdf" AS _link
# three sources: two pages and one file, the second page will be in landscape and pagesize A3
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail&r=1|p:id=detail2&r=1&--orientation=Landscape&--page-size=A3|F:fileadmin/pdf/test.pdf" AS _link
# One source and a header file. Note: the parameter to the header URL is escaped with double backslash.
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail2&r=1&--orientation=Landscape&--header={{URL:R}}?indexp.php?id=head\\&L=1|F:fileadmin/pdf/test.pdf" AS _link
# One source and a header file. Note: the parameter to the header URL is escaped with double backslash.
SELECT "d:complete.pdf|s|t:Complete PDF|p:id=detail2&r=1&--orientation=Landscape&--header={{URL:R}}?indexp.php?id=head\\&L=1|F:fileadmin/pdf/test.pdf" AS _link
..
Example `_pdf`, `_zip`: ::
# File 1: p:id=1&--orientation=Landscape&--page-size=A3
# File 2: p:id=form
# File 3: F:fileadmin/file.pdf
SELECT 't:PDF|a:Creating a new PDF|p:id=1&--orientation=Landscape&--page-size=A3|p:id=form|F:fileadmin/file.pdf' AS _pdf
# File 1: p:id=1&--orientation=Landscape&--page-size=A3
# File 2: p:id=form
# File 3: F:fileadmin/file.pdf
SELECT 't:PDF|a:Creating a new PDF|p:id=1&--orientation=Landscape&--page-size=A3|p:id=form|F:fileadmin/file.pdf' AS _pdf
# File 1: p:id=1
# File 2: u:http://www.example.com
# File 3: F:fileadmin/file.pdf
SELECT 't:PDF - 3 Files|a:Please be patient|p:id=1|u:http://www.example.com|F:fileadmin/file.pdf' AS _pdf
# File 1: p:id=1
# File 2: u:http://www.example.com
# File 3: F:fileadmin/file.pdf
SELECT 't:PDF - 3 Files|a:Please be patient|p:id=1|u:http://www.example.com|F:fileadmin/file.pdf' AS _pdf
# File 1: p:id=1
# File 2: p:id=form
# File 3: F:fileadmin/file.pdf
SELECT CONCAT('t:ZIP - 3 Pages|a:Please be patient|p:id=1|p:id=form|F:', p.pathFileName) AS _zip
# File 1: p:id=1
# File 2: p:id=form
# File 3: F:fileadmin/file.pdf
SELECT CONCAT('t:ZIP - 3 Pages|a:Please be patient|p:id=1|p:id=form|F:', p.pathFileName) AS _zip
..
......@@ -6551,65 +6555,65 @@ Best practice:
#. Create a clean (=no menu, no website layout) letter layout in a separated T3 branch: ::
page = PAGE
page.typeNum = 0
page.includeCSS {
10 = typo3conf/ext/qfq/Resources/Public/Css/qfq-letter.css
}
page = PAGE
page.typeNum = 0
page.includeCSS {
10 = typo3conf/ext/qfq/Resources/Public/Css/qfq-letter.css
}
// Grant access to any logged in user or specific development IPs
[usergroup = *] || [IP = 127.0.0.1,192.168.1.* ]
page.10 < styles.content.get
[else]
page.10 = TEXT
page.10.value = access forbidden
[global]
// Grant access to any logged in user or specific development IPs
[usergroup = *] || [IP = 127.0.0.1,192.168.1.* ]
page.10 < styles.content.get
[else]
page.10 = TEXT
page.10.value = access forbidden
[global]
#. Create a T3 `body` page (e.g. page alias: 'letterbody') with some content. Example static HTML content: ::
<div class="letter-receiver">
<p>Address</p>
</div>
<div class="letter-sender">
<p><b>firstName name</b><br>
Phone +00 00 000 00 00<br>
Fax +00 00 000 00 00<br>
</p>
</div>
<div class="letter-date">
Zurich, 01.12.2017
</div>
<div class="letter-body">
<h1>Subject</h1>
<p>Dear Mrs...</p>
<p>Lucas ipsum dolor sit amet organa solo skywalker darth c-3p0 anakin jabba mara greedo skywalker.</p>
<div class="letter-no-break">
<p>Regards</p>
<p>Company</p>
<img class="letter-signature" src="">
<p>Firstname Name<br>Function</p>
</div>
</div>
<div class="letter-receiver">
<p>Address</p>
</div>
<div class="letter-sender">
<p><b>firstName name</b><br>
Phone +00 00 000 00 00<br>
Fax +00 00 000 00 00<br>
</p>
</div>
<div class="letter-date">
Zurich, 01.12.2017
</div>
<div class="letter-body">
<h1>Subject</h1>
<p>Dear Mrs...</p>
<p>Lucas ipsum dolor sit amet organa solo skywalker darth c-3p0 anakin jabba mara greedo skywalker.</p>
<div class="letter-no-break">
<p>Regards</p>
<p>Company</p>
<img class="letter-signature" src="">
<p>Firstname Name<br>Function</p>
</div>
</div>
#. Create a T3 letter-`header` page (e.g. page alias: 'letterheader') , with only the header information: ::
<header>
<img src="fileadmin/logo.png" class="letter-logo">
<div class="letter-unit">
<p class="letter-title">Department</p>
<p>
Company name<br>
Company department<br>
Street<br>
City
</p>
</div>
</header>
<header>
<img src="fileadmin/logo.png" class="letter-logo">
<div class="letter-unit">
<p class="letter-title">Department</p>
<p>
Company name<br>