Commit 5d8f31db authored by Carsten  Rose's avatar Carsten Rose
Browse files

Merge branch 'master' into B6467SanitizingAHiddenFieldMakesTheFormUnsubmittable

# Conflicts:
#	extension/qfq/qfq/exceptions/ErrorHandler.php
parents f2a8d43d 2b379f1a
......@@ -247,9 +247,9 @@ Setup a *report* to manage all *forms*:
10 {
# List of Forms: Do not show this list of forms if there is a form given by SIP.
# Table header.
sql = SELECT CONCAT('p:{{pageId:T}}&form=form') as _pagen, '#', 'Name', 'Title', 'Table', '' FROM (SELECT 1) AS fake WHERE '{{form:SE}}'=''
sql = SELECT CONCAT('p:{{pageAlias:T}}&form=form') as _pagen, '#', 'Name', 'Title', 'Table', '' FROM (SELECT 1) AS fake WHERE '{{form:SE}}'=''
head = {{'b|p:id={{pageAlias:T}}&form=copyFormFromExt|t:Copy form from ExtForm' AS _link}}
<table class="table table-hover qfq-table-50">
<table class="table table-hover qfq-table-50 tablesorter tablesorter-filter">
tail = </table>
rbeg = <thead><tr>
rend = </tr></thead>
......@@ -258,7 +258,7 @@ Setup a *report* to manage all *forms*:
10 {
# All forms
sql = SELECT CONCAT('p:{{pageId:T}}&form=form&r=', f.id) as _pagee
sql = SELECT CONCAT('p:{{pageAlias:T}}&form=form&r=', f.id) as _pagee
, f.id, f.name, f.title, f.tableName
, CONCAT('U:form=form&r=', f.id) as _paged
FROM Form AS f
......@@ -358,6 +358,8 @@ Extension Manager: QFQ Configuration
| documentation | http://docs.typo3.org... | Link to the online documentation of QFQ. Every QFQ installation also |
| | | contains a local copy: typo3conf/ext/qfq/Documentation/html/Manual.html |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| flagProduction | yes | yes|no: might be used to differentiate the installation |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| thumbnailDirSecure | fileadmin/protected/qfqThumbnail | Important: secure directory 'protected' (recursive) against direct access. |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| thumbnailDirPublic | typo3temp/qfqThumbnail | Both thumbnail directories will be created if not existing. |
......@@ -384,6 +386,10 @@ Extension Manager: QFQ Configuration
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| Debug |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| throwExceptionGeneralError | auto | | *yes*: 'general errors' in QFQ (PHP) will throw an exception. |
| | | | *auto*: becomes 'yes', if 'flagProduction'!='yes', else 'no'. |
| | | | *no*: 'general errors' in QFQ (PHP) will be silently ignored. |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| sqlLogMode | modify | | *all*: every statement will be logged - this might a lot. |
| | | | *modify*: log only statements who change data. *error*: log only |
| | | DB errors. |
......@@ -461,13 +467,13 @@ Extension Manager: QFQ Configuration
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| cssClassQfqFormBody | qfq-color-grey-2 | Wrap around FormElements: CSS Class, typically a background color. |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| formBsColumns | 12 | The whole form will be wrapped in 'col-md-??'. Default is 12 for 100%. |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| formBsLabelColumns | 3 | Default number of BS columns for the 'label'-column. |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| formBsInputColumns | 6 | Default number of BS columns for the 'input'-column. |
| formBsColumns | col-md-12 col-lg-10 | The whole form will be wrapped. See `bs-custom-field-width`_ |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| formBsNoteColumns | 3 | Default number of BS columns for the 'note'-column. |
| formBsLabelColumns | col-md-3 col-lg-3 | The column get the width. See `bs-custom-field-width`_ |
+-------------------------------+-------------------------------------------------------+ |
| formBsInputColumns | col-md-6 col-lg-6 | |
+-------------------------------+-------------------------------------------------------+ |
| formBsNoteColumns | col-md-3 col-lg-3 | |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
| extraButtonInfoInline | <img src="info.png"> | Image for `extraButtonInfo`_ (inline). |
+-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+
......@@ -601,7 +607,7 @@ To get the name and current period: ::
Typically, it's necessary to offer a 'previous' / 'next' link. In this example, the STORE SIP holds the new periodId: ::
SELECT CONCAT('id={{pageId:T}}&periodId=', {{periodId:SY0}}-1, '|Next') AS _Page, ' ', name, ' ', CONCAT('id={{pageId:T}}&periodId=', {{periodId:SY0}}+1, '|Next') AS _Page FROM Period AS s WHERE s.id={{periodId:SY0}}
SELECT CONCAT('p:{{pageAlias:T}}&periodId=', {{periodId:SY0}}-1, '|Next') AS _page, ' ', name, ' ', CONCAT('p:{{pageAlias:T}}&periodId=', {{periodId:SY0}}+1, '|Next') AS _page FROM Period AS s WHERE s.id={{periodId:SY0}}
Take care for minimum and maximum indexes (do not render the links if out of range).
......@@ -998,7 +1004,7 @@ The following QFQ code could be used for that purpose (put it in a QFQ PageConte
FROM gGroup AS gr
INNER JOIN MailLog AS ml ON ml.grId = gr.id
GROUP BY gr.id
head = <form onchange='this.submit();' class='form-inline'><input type='hidden' name='id' value='{{pageId:T0}}'>Filter By Group: <select name='grId' class='form-control'><option value=''></option>
head = <form onchange='this.submit();' class='form-inline'><input type='hidden' name='id' value='{{pageAlias:T0}}'>Filter By Group: <select name='grId' class='form-control'><option value=''></option>
rbeg = <option value='
rend = </option>
tail = </select>
......@@ -1033,7 +1039,7 @@ For debugging purposes you may like to add a Form Submit Log page in the fronten
The following QFQ code could be used for that purpose (put it in a QFQ PageContent element): ::
# Filters
20.shead = <form onchange='this.submit()' class='form-inline'><input type='hidden' name='id' value='{{pageId:T0}}'>
20.shead = <form onchange='this.submit()' class='form-inline'><input type='hidden' name='id' value='{{pageAlias:T0}}'>
20 {
sql = SELECT id, IF(id = '{{formId:SC0}}', "' selected>", "'>"), name
FROM Form ORDER BY name
......@@ -2113,7 +2119,7 @@ Definition
|BS Label Columns | The bootstrap grid system is based on 12 columns. The sum of *bsLabelColumns*, |
+-------------------------+ *bsInputColumns* and *bsNoteColumns* should be 12. These values here are the base values |
|BS Input Columns | for all *FormElements*. Exceptions per *FormElement* can be specified per *FormElement*. |
+-------------------------+ Default: label=3, input=6, note=3. See `form-layout`_. |
+-------------------------+ Default: label=col-md-3, input=col-md-6, note=col-md-3. See `form-layout`_. |
|BS Note Columns | |
+-------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------+
|multiMode | NOT IMPLEMENTED - 'none, horizontal, vertical' (Default 'none') |
......@@ -2288,7 +2294,7 @@ Parameter
+=============================+========+==========================================================================================================+
| dbIndex | int | Database credential index, given via `config-qfq-php`_ to let the current `Form` operate on the database.|
+-----------------------------+--------+----------------------------------------------------------------------------------------------------------+
| bsColumns | int | Wrap the whole form in '<div class="col-md-??"> |
| bsColumns | string | Wrap the whole form in '<div class="col-md-.. col-lg-..">. See `bs-custom-field-width`_. |
+-----------------------------+--------+----------------------------------------------------------------------------------------------------------+
| maxVisiblePill | int | Show pills upto <maxVisiblePill> as button, all further in a drop-down menu. Eg.: maxVisiblePill=3. |
+-----------------------------+--------+----------------------------------------------------------------------------------------------------------+
......@@ -2484,9 +2490,9 @@ Optional it might be defined via *Form.parameter* ::
The following shows the same *Form* in the `regular`, `readonly` and `requiredOff` mode::
10.sql = SELECT CONCAT('from&form=person&r=', p.id, '|Regular') as _Pagee,
CONCAT('from&form=person&formModeGlobal=readonly&r=', p.id, '|Readonly') as _Pagee,
CONCAT('from&form=person&formModeGlobal=requiredOff&r=', p.id, '|Required off') as _Pagee
10.sql = SELECT CONCAT('p:{{pageAlias:T}}&form=person&r=', p.id, '|Regular') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=readonly&r=', p.id, '|Readonly') as _pagee,
CONCAT('p:{{pageAlias:T}}&form=person&formModeGlobal=requiredOff&r=', p.id, '|Required off') as _pagee
FROM Person AS p
..
......@@ -2698,12 +2704,12 @@ Fields:
|Size | string |Visible length of input element. Might be omitted, depending on the chosen form layout. |
| | |Format: <width>,<height> (in characters) _`field-size` |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|BS Label Columns | string | Number of bootstrap grid columns for label. By default empty, value inherits from the form. |
| | | _`field-bsLabelColumns` |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|BS Input Columns | string | Number of bootstrap grid columns for input. By default empty, value inherits from the form. |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|BS Note Columns | string | Number of bootstrap grid columns for note. By default empty, value inherits from the form. |
|BS Label Columns | string | Number of bootstrap grid columns. By default empty, value inherits from the form. |
| | | _`field-bsLabelColumns`. See `bs-custom-field-width`_ |
+---------------------+-----------------------------+ |
|BS Input Columns | string | |
+---------------------+-----------------------------+ |
|BS Note Columns | string | |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
|Label / Input / Note | enum(...) | Switch on/off opening|closing of bootstrap form classes _`field-rowLabelInputNote` |
+---------------------+-----------------------------+-----------------------------------------------------------------------------------------------------+
......@@ -3967,7 +3973,7 @@ Parameter
`pId` in the link who calls the address form. The following creates a 'new' button for an address for all persons, and
the pId will be automatically saved in the address table: ::
SELECT CONCAT('{{pageAlias:T}}&form=address&r=0&pId=', p.id) AS _pagen FROM Person AS p
SELECT CONCAT('p:{{pageAlias:T}}&form=address&r=0&pId=', p.id) AS _pagen FROM Person AS p
Such parameter, which the form expects to be in the SIP url, should be specified in Form.permitNew and/or Form.permitEdit.
It's only a check for the webmaster, not to forgot a parameter in a SIP url.
......@@ -4154,6 +4160,8 @@ The used default column (=bootstrap grid) width is *3,6,3* (col-md , col-lg) for
A column will be switched off (no wrapping via `<div class='col-md-?>`) by setting a `0` on the respective column.
.. _bs-custom-field-width:
Custom field width
^^^^^^^^^^^^^^^^^^
......@@ -4402,12 +4410,12 @@ QFQ content record::
# Creates a small form that redirects back to this page
10 {
sql = SELECT '_'
head = <form action='#' method='get'><input type='hidden' name='id' value='{{pageId:T}}'>Search: <input type='text' name='search' value='{{search:CE:all}}'><input type='submit' value='Submit'></form>
head = <form action='#' method='get'><input type='hidden' name='id' value='{{pageAlias:T}}'>Search: <input type='text' name='search' value='{{search:CE:all}}'><input type='submit' value='Submit'></form>
}
# SQL statement will find and list all the relevant forms - be careful not to open a cross site scripting door: the parameter 'search' needs to be sanitized.
20 {
sql = SELECT CONCAT('?detail&form=form&r=', f.id) AS _Pagee, f.id, f.name, f.title
sql = SELECT CONCAT('p:{{pageAlias:T}}&form=form&r=', f.id) AS _pagee, f.id, f.name, f.title
FROM Form AS f
WHERE f.name LIKE '%{{search:CE:alnumx}}%'
head = <table class='table'>
......@@ -5397,7 +5405,7 @@ Column: _link
+---+---+--------------+-----------------------------------+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------+
|x | |Mail |m:<email> |m:info@example.com |Default link class: email |
+---+---+--------------+-----------------------------------+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------+
|x | |Page |p:<pageId> |p:impressum |Prepend '?' or '?id=', no hostname qualifier (automatically set by browser), default value: {{pageId}} |
|x | |Page |p:<pageId> |p:impressum |Prepend '?' or '?id=', no hostname qualifier (automatically set by browser) |
+---+---+--------------+-----------------------------------+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------+
|x | |Download |d:[<exportFilename>] |d:complete.pdf |Link points to `api/download.php`. Additional parameter are encoded into a SIP. 'Download' needs an enabled SIP. See `download`_. |
+---+---+--------------+-----------------------------------+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------+
......@@ -5622,22 +5630,22 @@ The colum name is composed of the string *page* and a trailing character to spec
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
| column name | Purpose |default value of question parameter | Mandatory parameters |
+===============+===============================================+=====================================+==============================================+
|_page |Internal link without a grafic |empty |p:<pageId>[&param] |
|_page |Internal link without a grafic |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pagec |Internal link without a grafic, with question |*Please confirm!* |p:<pageId>[&param] |
|_pagec |Internal link without a grafic, with question |*Please confirm!* |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_paged |Internal link with delete icon (trash) |*Delete record ?* | | U:form=<formname>&r=<record id> *or* |
| | | | | U:table=<tablename>&r=<record id> |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pagee |Internal link with edit icon (pencil) |empty |p:<pageId>[&param] |
|_pagee |Internal link with edit icon (pencil) |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pageh |Internal link with help icon (question mark) |empty |p:<pageId>[&param] |
|_pageh |Internal link with help icon (question mark) |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pagei |Internal link with information icon (i) |empty |p:<pageId>[&param] |
|_pagei |Internal link with information icon (i) |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pagen |Internal link with new icon (sheet) |empty |p:<pageId>[&param] |
|_pagen |Internal link with new icon (sheet) |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
|_pages |Internal link with show icon (magnifier) |empty |p:<pageId>[&param] |
|_pages |Internal link with show icon (magnifier) |empty |p:<pageId/pageAlias>[&param] |
+---------------+-----------------------------------------------+-------------------------------------+----------------------------------------------+
......@@ -7388,7 +7396,7 @@ to edit `AutoCron` jobs: ::
10 {
# Table header.
sql = SELECT CONCAT('p:{{pageId:T}}&form=cron') AS _pagen, 'id', 'Next run','Frequency','Comment','Last run','In progress', 'Status' FROM (SELECT 1) AS fake WHERE '{{form:SE}}'=''
sql = SELECT CONCAT('p:{{pageAlias:T}}&form=cron') AS _pagen, 'id', 'Next run','Frequency','Comment','Last run','In progress', 'Status' FROM (SELECT 1) AS fake WHERE '{{form:SE}}'=''
head = <table class='table table-hover qfq-table-50'>
tail = </table>
rbeg = <thead><tr>
......@@ -7406,7 +7414,7 @@ to edit `AutoCron` jobs: ::
IF(c.inProgress!=0 AND DATE_ADD(c.inProgress, INTERVAL 10 MINUTE)<NOW(),'title="inProgress > 10mins"',
IF(c.lastStatus LIKE 'Error%','title="Status: Error"','')),
'>'),
'<td>', CONCAT('p:{{pageId:T}}&form=cron&r=', c.id) AS _pagee, '</td><td>',
'<td>', CONCAT('p:{{pageAlias:T}}&form=cron&r=', c.id) AS _pagee, '</td><td>',
c.id, '</td><td>',
IF(c.nextrun=0,"", DATE_FORMAT(c.nextrun, "%d.%m.%y %H:%i:%s")), '</td><td>',
c.frequency, '</td><td>',
......
......@@ -30,6 +30,14 @@ Date: <date>
Notes
^^^^^
* Existing installations: update QFQ extension config form-layout.formBsColumns/formBsLabelColumns/formBsInputColumns,formBsNoteColumns.
old: 12, new: 'col-md-12 col-lg10' resp. smaller values for individual columnns.
* New config values:
* Config/flagProduction: yes/now - differentiate between development und production system. Will be used for
'throwExceptionGeneralError' too.
* Debug/throwExceptionGeneralError - shows/hide exception of general errors.
Features
^^^^^^^^
......
# cat=config/config; type=string; label=URL QFQ Documentation:Default is 'https://docs.typo3.org/typo3cms/drafts/github/T3DocumentationStarter/Public-Info-053/Manual.html'. Might be changed to a local repo. Every QFQ installation contains a local copy: <site path>/typo3conf/ext/qfq/Documentation/html/Manual.html (corresponds always to the QFQ version).
documentation = https://docs.typo3.org/typo3cms/drafts/github/T3DocumentationStarter/Public-Info-053/Manual.html
# cat=config/config; type=string; label=Marks a production installation:Possible values: 'yes', 'no'. Default is 'yes'. Used to differentiate between development & production systems.
flagProduction = yes
# cat=config/config; type=string; label=Thumbnail directory 'secure':Default is 'fileadmin/protected/qfqThumbnail'. Important: secure the directory (recursive) against direct access. Will be used by a special columnname '_thumbnail'.
thumbnailDirSecure = fileadmin/protected/qfqThumbnail
......@@ -45,6 +48,10 @@ fillStoreSystemBySql3 =
fillStoreSystemBySqlErrorMsg3 =
# cat=debug/debug; type=string; label=Throw exception General Error:Possible values: 'yes', 'no', 'auto'. Default is 'auto'. If a) 'yes' or b) 'auto' and 'flagProduction!=yes', throw an exception in case of a 'General Error'.
throwExceptionGeneralError = auto
# cat=debug/mail; type=string; label=Redirect all mail to ...:Default is empty. If set, redirect all QFQ generated mails (Form, Report) to the specified email address.
redirectAllMailTo =
......
......@@ -564,7 +564,7 @@ abstract class AbstractBuildForm {
$storeRecord = $this->store->getStore(STORE_RECORD);
$value = $this->report->process($this->bodytextParser->process($value));
$this->store->setStore($storeRecord, STORE_RECORD, true);
$this->store->setVar(SYSTEM_REPORT_FULL_LEVEL, '', STORE_SYSTEM);
$this->store->setVar(SYSTEM_REPORT_FULL_LEVEL, '', STORE_SYSTEM); // debug
}
return $value;
......@@ -1264,9 +1264,11 @@ abstract class AbstractBuildForm {
$value = '';
}
if ($formElement[FE_DECIMAL_FORMAT] !== '') {
$decimalScale = explode(',', $formElement[FE_DECIMAL_FORMAT])[1]; // scale: Nachkommastellen
$value = number_format($value, $decimalScale, '.', '');
if ($formElement[FE_DECIMAL_FORMAT] !== '' ) {
if($value!=='') { // empty string causes exception in number_format()
$decimalScale = explode(',', $formElement[FE_DECIMAL_FORMAT])[1]; // scale: Nachkommastellen
$value = number_format($value, $decimalScale, '.', '');
}
}
// In case the user specifies MIN & MAX with numbers, the html tag 'type' has to be 'number', to make the range check work in the browser.
......@@ -2109,7 +2111,7 @@ abstract class AbstractBuildForm {
public function buildExtra(array $formElement, $htmlFormElementName, $value, array &$json, $mode = FORM_LOAD) {
if ($mode === FORM_LOAD) {
$this->store->setVar($formElement[FE_NAME], $value, STORE_SIP, false);
$this->store->setVar($formElement[FE_NAME], $value, STORE_SIP, true);
}
return;
......
......@@ -454,6 +454,9 @@ const SYSTEM_REDIRECT_ALL_MAIL_TO = 'redirectAllMailTo';
const SYSTEM_MAIL_LOG = 'mailLog';
const SYSTEM_MAIL_LOG_FILE = 'fileadmin/protected/log/mail.log';
const SYSTEM_THROW_GENERAL_ERROR = 'throwExceptionGeneralError';
const SYSTEM_FLAG_PRODUCTION = 'flagProduction';
const SYSTEM_SHOW_DEBUG_INFO = 'showDebugInfo';
const SYSTEM_SHOW_DEBUG_INFO_YES = 'yes';
const SYSTEM_SHOW_DEBUG_INFO_NO = 'no';
......@@ -594,10 +597,10 @@ const SYSTEM_FORM_ELEMENT = 'formElement'; // '<formElementName> /
const SYSTEM_FORM_ELEMENT_ID = 'formElementId'; // '<formElementName> / <formElementeId>'
const SYSTEM_FORM_ELEMENT_COLUMN = 'formElementColumn'; // '<columnname of current processed formElement>'
const SYSTEM_FORM_ELEMENT_MESSAGE = 'formElementMessage'; // '<columnname of current processed formElement>'
const SYSTEM_REPORT_COLUMN_INDEX = 'reportColumnIndex'; // Keyname of SQL-column processed at the moment.
const SYSTEM_REPORT_COLUMN_NAME = 'reportColumnName'; // Keyname of SQL-column processed at the moment.
const SYSTEM_REPORT_COLUMN_VALUE = 'reportColumnValue'; // Keyname of SQL-column processed at the moment.
const SYSTEM_REPORT_FULL_LEVEL = 'reportFullLevel'; // Keyname of SQL-column processed at the moment.
const SYSTEM_REPORT_COLUMN_INDEX = 'reportColumnIndex'; // Index of SQL-column processed at the moment.
const SYSTEM_REPORT_COLUMN_NAME = 'reportColumnName'; // Name of SQL-column processed at the moment.
const SYSTEM_REPORT_COLUMN_VALUE = 'reportColumnValue'; // Value of SQL-column processed at the moment.
const SYSTEM_REPORT_FULL_LEVEL = 'reportFullLevel'; // Full level of current report row. E.g.: 10.20.1. Used for error reports.
const SYSTEM_MESSAGE_DEBUG = 'messageDebug';
const SYSTEM_DOWNLOAD_POPUP = 'hasDownloadPopup'; // Marker which is set to 'true' if there is at least one Download Link rendered
const DOWNLOAD_POPUP_REQUEST = 'true';
......
......@@ -375,14 +375,13 @@ class Save {
$pathFileNameTmp=''; // see '4'
} else {
if (empty($pathFileName)) {
$pathFileNameTmp = $primaryRecord[$column]; // see '3'
$pathFileNameTmp = $primaryRecord[$column]??''; // see '3'. Attention: in case of Advanced Upload, $primaryRecord[$column] does not exist.
} else {
$pathFileNameTmp = $pathFileName; // see '1,2,5'
}
}
// Get latest file information
if($pathFileNameTmp=='') {
// No new upload and no existing: take care to remove previous upload file statistics.
$this->store->unsetVar(VAR_FILE_MIME_TYPE, STORE_VAR);
......@@ -392,7 +391,6 @@ class Save {
$this->store->appendToStore($vars, STORE_VAR);
}
// If given: fire a sqlBefore query
$this->evaluate->parse($formElement[FE_SQL_BEFORE]);
......
......@@ -8,6 +8,7 @@
namespace qfq;
require_once(__DIR__ . '/../store/Store.php');
/**
* Class ErrorHandler
......@@ -23,6 +24,8 @@ class ErrorHandler {
* @param $line
* @return bool|string
* @throws CodeException
* @throws UserFormException
* @throws UserReportException
*/
public static function exception_error_handler($severity, $message, $file, $line) {
......@@ -30,11 +33,19 @@ class ErrorHandler {
// This error code is not included in error_reporting
return false;
}
// Do not show too much to the user. E.g. 'ldap_bind()' might have problems, but the user should not see the
// file and line number. Often the filename is part of the message >> don't show the message to the user.
throw new CodeException(json_encode(
[ERROR_MESSAGE_TO_USER => 'General error - please report.',
ERROR_MESSAGE_SUPPORT => "File: $file / Line: $line / $message"]), $severity, null);
$store = Store::getInstance();
if($store->getVar(SYSTEM_THROW_GENERAL_ERROR, STORE_SYSTEM) == 'yes'){
// Do not show too much to the user. E.g. 'ldap_bind()' might have problems, but the user should not see the
// file and line number. Often the filename is part of the message >> don't show the message to the user.
throw new CodeException(json_encode(
[ERROR_MESSAGE_TO_USER => 'General error - please report.',
ERROR_MESSAGE_SUPPORT => "File: $file / Line: $line / $message"]), $severity, null);
}
return true;
}
}
}
\ No newline at end of file
......@@ -351,6 +351,9 @@ class Config {
F_FE_DATA_REQUIRED_ERROR => F_FE_DATA_REQUIRED_ERROR_DEFAULT,
F_FE_DATA_MATCH_ERROR => F_FE_DATA_MATCH_ERROR_DEFAULT,
F_FE_DATA_ERROR => 'error',
SYSTEM_FLAG_PRODUCTION => 'yes',
SYSTEM_THROW_GENERAL_ERROR => 'auto',
];
// To let run legacy code
......
......@@ -300,6 +300,10 @@ class Store {
$config[SYSTEM_DB_1_NAME] = $config[SYSTEM_DB_NAME];
}
if ($config[SYSTEM_THROW_GENERAL_ERROR] == 'auto') {
$config[SYSTEM_THROW_GENERAL_ERROR] = $config[SYSTEM_FLAG_PRODUCTION] == 'yes' ? 'no' : 'yes';
}
return $config;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment