Commit 7271172a authored by Carsten  Rose's avatar Carsten Rose
Browse files

Bug: SIP Parameter have been urlencoded before put, but not urldecoded after...

Bug: SIP Parameter have been urlencoded before put, but not urldecoded after get. New: SIP Parameter will be URL decoded before put!. Before creating the SIP it's hard to determine if a parameter is a SIP or not.
General: All 'href' attributes are not wrapped by Support::doAttribute().
Sip.php: urldecode.
AbstractBuildForm.php, BuildFormBootstrap.php, BuildFormTable.php: wrapped href in Support::doAttribute()
parent 40687415
......@@ -194,7 +194,7 @@ abstract class AbstractBuildForm {
$sipParamString = OnArray::toString($this->store->getStore(STORE_SIP), ':', ', ', "'");
$formEditUrl = $this->createFormEditUrl();
$html .= "<p><a href='$formEditUrl'>Edit</a> <small>[$sipParamString]</small></p>";
$html .= "<p><a " . Support::doAttribute('href', $formEditUrl) . ">Edit</a> <small>[$sipParamString]</small></p>";
$html .= $this->wrapItem(WRAP_SETUP_TITLE, $this->formSpec['title'], true);
......@@ -1539,7 +1539,7 @@ abstract class AbstractBuildForm {
$sip = $this->store->getSipInstance();
$url = $sip->queryStringToSip($queryString);
return Support::wrapTag('<a class="btn btn-default" href="' . $url . '" title="' . $toolTip . '">', $symbol);
return Support::wrapTag('<a class="btn btn-default" ' . Support::doAttribute('href', $url) . ' title="' . $toolTip . '">', $symbol);
}
/**
......@@ -1668,11 +1668,11 @@ abstract class AbstractBuildForm {
}
if (isset($control['mailto'][$columnName])) {
$cell = "<a href='mailto:$arr[0]'>$arr[1]</a>";
$cell = "<a " . Support::doAttribute('href', "mailto:$arr[0]") . ">$arr[1]</a>";
}
if (isset($control['url'][$columnName])) {
$cell = "<a href='$arr[0]'>$arr[1]</a>";
$cell = "<a " . Support::doAttribute('href', $arr[0]) . ">$arr[1]</a>";
}
return $cell;
......@@ -2051,7 +2051,7 @@ abstract class AbstractBuildForm {
$url = $this->createDeleteUrl($table, $recordId);
return Support::wrapTag('<a href="' . $url . '" title="' . $toolTip . '">', $symbol);
return Support::wrapTag('<a ' . Support::doAttribute('href', $url) . ' title="' . $toolTip . '">', $symbol);
}
......
......@@ -201,7 +201,7 @@ class BuildFormBootstrap extends AbstractBuildForm {
* @return string
*/
private function buildButtonAnchor($id, $url, $title, $icon, $disabled = '') {
return "<a href='$url' id='$id' class='btn btn-default navbar-btn $disabled' " . Support::doAttribute('title', $title) . "><span class='glyphicon $icon'></span></a>";
return "<a " . Support::doAttribute('href', $url) . " id='$id' class='btn btn-default navbar-btn $disabled' " . Support::doAttribute('title', $title) . "><span class='glyphicon $icon'></span></a>";
}
/**
......@@ -243,7 +243,7 @@ class BuildFormBootstrap extends AbstractBuildForm {
}
// Anker for pill navigation
$a = '<a href="#' . $this->createAnker($formElement['id']) . '" data-toggle="tab">' . $formElement['label'] . '</a>';
$a = '<a ' . Support::doAttribute('href', '#' . $this->createAnker($formElement['id'])) . ' data-toggle="tab">' . $formElement['label'] . '</a>';
if ($ii <= $maxVisiblePill) {
$pillButton .= '<li role="presentation" ' . $active . '>' . $a . '</li>';
......
......@@ -75,10 +75,10 @@ class BuildFormTable extends AbstractBuildForm {
// Logged in BE User will see a FormEdit Link
$sipParamString = OnArray::toString($this->store->getStore(STORE_SIP), ':', ', ', "'");
$formEditUrl = $this->createFormEditUrl();
$html .= "<p><a href='$formEditUrl'>Edit</a><small>[$sipParamString]</small></p>";
$html .= "<p><a " . Support::doAttribute('href', $formEditUrl) . ">Edit</a><small>[$sipParamString]</small></p>";
$deleteUrl = $this->createDeleteUrl($this->formSpec['tableName'], $this->store->getVar(SIP_RECORD_ID, STORE_SIP));
$html .= "<p><a href='$deleteUrl'>Delete</a>";
$html .= "<p><a " . Support::doAttribute('href', $deleteUrl) . ">Delete</a>";
$html .= $this->wrapItem(WRAP_SETUP_TITLE, $this->formSpec['title'], true);
$html .= $this->getFormTag();
......
......@@ -94,7 +94,7 @@ class Support {
return '';
}
switch ($type) {
switch (strtolower($type)) {
case 'size':
case 'maxlength':
// empty or '0' for attributes of type 'size' or 'maxlenght' result in unsuable input elements: skip this.
......@@ -102,6 +102,11 @@ class Support {
return '';
}
break;
// Bad idea to do urlencode on this place: it will convert ?, &, ... which are necessary for a proper URL.
// Instead the value of a parameter needs to encode. Unfortunately, it's too late on this place.
// case 'href':
// $value = urlencode($value);
// break;
default:
break;
}
......
......@@ -187,7 +187,8 @@ class Sip {
case CLIENT_SIP:
throw new CodeException('SIP Parameter ist not allowed to be stored as a regular URL Parameter', ERROR_SIP_NOT_ALLOWED_AS_PARAM);
default:
$sipArray[$key] = $value;
// Values in SIP should not urlencoded.
$sipArray[$key] = urldecode($value);
break;
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment