Commit 916e539c authored by Carsten  Rose's avatar Carsten Rose
Browse files

Merge branch 'master' into punktetool

parents 7e13b24e 2b414f75
......@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
^^^^^^^^^
Version 0.25.13
---------------
Date: 08.03.18
Notes
^^^^^
Features
^^^^^^^^
* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
* #5603 / Report: final value of report columns (special column name)
* Fabric / delete now triggers form.changed / emojis work again
* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
* #5423 / two new column names 'filesize', 'mimetype'
* #5571 / File Upload: save filesize and mimetype
* STORE_VARS contains now 'mimeType' and 'fileSize'.
* sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
* STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
Bug Fixes
^^^^^^^^^
* Fabric: Corrected resizing with changed width in editor
* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
......
......@@ -47,8 +47,8 @@ Neue Versionsnummer
6) **New Tag**:
git tag v0.25.12
git push -u origin v0.25.12
git tag v0.25.13
git push -u origin v0.25.13
7) PhpStorm: **Sync** all files to VM qfq.
......
......@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
^^^^^^^^^
Version 0.25.13
---------------
Date: 08.03.18
Notes
^^^^^
Features
^^^^^^^^
* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
* #5603 / Report: final value of report columns (special column name)
* Fabric / delete now triggers form.changed / emojis work again
* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
* #5423 / two new column names 'filesize', 'mimetype'
* #5571 / File Upload: save filesize and mimetype
* STORE_VARS contains now 'mimeType' and 'fileSize'.
* sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
* STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
Bug Fixes
^^^^^^^^^
* Fabric: Corrected resizing with changed width in editor
* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
......
......@@ -3,7 +3,7 @@
project = QFQ - Quick Form Query
version = 0.25
release = 0.25.12
release = 0.25.13
t3author = Carsten Rose
copyright = since 2017 by the author
......
......@@ -59,7 +59,7 @@ copyright = u'2017, Carsten Rose'
# The short X.Y version.
version = '0.25'
# The full version, including alpha/beta/rc tags.
release = '0.25.12'
release = '0.25.13'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
......
......@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
^^^^^^^^^
Version 0.25.13
---------------
Date: 08.03.18
Notes
^^^^^
Features
^^^^^^^^
* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
* #5603 / Report: final value of report columns (special column name)
* Fabric / delete now triggers form.changed / emojis work again
* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
* #5423 / two new column names 'filesize', 'mimetype'
* #5571 / File Upload: save filesize and mimetype
* STORE_VARS contains now 'mimeType' and 'fileSize'.
* sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
* STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
Bug Fixes
^^^^^^^^^
* Fabric: Corrected resizing with changed width in editor
* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
......
......@@ -10,6 +10,6 @@ $EM_CONF[$_EXTKEY] = array(
'dependencies' => 'fluid,extbase',
'clearcacheonload' => true,
'state' => 'alpha',
'version' => '0.25.12'
'version' => '0.25.13'
);
......@@ -87,7 +87,7 @@ try {
switch ($modeAnswer) {
case MODE_JSON:
if ($flagSuccess) {
$answer[API_MESSAGE] = 'delete: success';
$answer[API_MESSAGE] = 'Delete';
$answer[API_REDIRECT] = API_ANSWER_REDIRECT_CLIENT;
$answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;
} else {
......
......@@ -63,7 +63,7 @@ try {
$answer[API_REDIRECT_URL] = $arr[API_REDIRECT_URL];
$answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;
$answer[API_MESSAGE] = 'save: success';
$answer[API_MESSAGE] = 'Save';
if (isset($data[API_ELEMENT_UPDATE])) {
$answer[API_ELEMENT_UPDATE] = $data[API_ELEMENT_UPDATE];
}
......
......@@ -1102,7 +1102,7 @@ abstract class AbstractBuildForm {
if ($formElement[FE_MAX_LENGTH] > 0 && $value !== '') {
// crop string only if it's not empty (substr returns false on empty strings)
$value = substr($value, 0, $formElement[FE_MAX_LENGTH]);
$value = mb_substr($value, 0, $formElement[FE_MAX_LENGTH]);
}
// 'maxLength' needs an upper 'L': naming convention for DB tables!
if ($formElement[FE_MAX_LENGTH] > 0) {
......
......@@ -212,7 +212,7 @@ class Evaluate {
$dbIndex = $this->dbIndex;
// Check if the $token starts with '[<int>]...' - yes: open the necessary database.
if ($token[0] === '[') {
if (strlen($token) > 2 && $token[0] === '[') {
if ($token[2] !== ']') {
throw new UserFormException("Missing token ']' in '$token' on position 3", ERROR_TOKEN_MISSING);
}
......@@ -224,6 +224,10 @@ class Evaluate {
}
}
if ($token === '') {
return '';
}
if ($token[0] === '!') {
$token = trim(substr($token, 1));
$sqlMode = ROW_REGULAR;
......
......@@ -116,6 +116,8 @@ class DatabaseUpdate {
if ($dbUpdate === SYSTEM_DB_UPDATE_ALWAYS || ($dbUpdate === SYSTEM_DB_UPDATE_AUTO && $new != $old)) {
$this->dbUpdateStatements($old, $new);
$this->db->playSqlFile(__DIR__ . '/../../sql/formEditor.sql');
// Finally write the latest version number.
$this->setDatabaseVersion($new);
}
}
......@@ -167,6 +169,8 @@ class DatabaseUpdate {
foreach ($sqlStatements as $sql) {
$this->db->sql($sql);
}
// Remember already applied updates - in case something breaks and the update has to be repeated.
$this->setDatabaseVersion($new);
}
}
}
......
......@@ -620,7 +620,6 @@ class Report {
$assoc[REPORT_TOKEN_FINAL_VALUE . $keyAssoc] = $renderedColumn;
}
if ($flagOutput) {
//prints
$content .= $this->variables->doVariables($fsep);
......@@ -659,10 +658,16 @@ class Report {
$flagOutput = true;
$dummy = false;
// Empty column names are allowed: check with isset
// Special column name: '_...'? Empty column names are allowed: check with isset
if (isset($columnName[0]) && $columnName[0] === TOKEN_COLUMN_CTRL) {
$flagControl = true;
$columnName = substr($columnName, 1);
// Special column name and hide output: '__...'? (double '_' at the beginning)
if (isset($columnName[0]) && $columnName[0] === TOKEN_COLUMN_CTRL) {
$flagOutput = false;
$columnName = substr($columnName, 1);
}
}
//TODO: reserved names,not starting with '_' will be still accepted - stop this!
......
......@@ -23,23 +23,31 @@ class Session {
* @throws CodeException
*/
private function __construct($phpUnit = false) {
if (self::$phpUnit !== null) {
throw new CodeException("Try to set flag phpunit again - that should not happen.", ERROR_CODE_SHOULD_NOT_HAPPEN);
}
self::$phpUnit = $phpUnit;
if (self::$phpUnit === true) {
self::$sessionLocal = array();
} else {
ini_set('session.cookie_httponly', 1);
$lifetime = 86400; // one day
$path = $this->getSitePath();
session_set_cookie_params(0, $path);
session_set_cookie_params($lifetime, $path);
$currentCookieParams = session_get_cookie_params();
session_name(SESSION_NAME);
session_start();
// Currently, setcookie() is only called to really extend the lifetime. All other parameter needs to be given again.
setcookie(SESSION_NAME, session_id(), time() + $lifetime, $path, $currentCookieParams['domain'], $currentCookieParams['secure'], true);
self::$sessionId = session_id();
}
......@@ -62,6 +70,7 @@ class Session {
$path = $_SERVER['SCRIPT_NAME'];
$pos = strrpos($path, '/');
if ($pos === false) {
throw new CodeException("Broken _SERVER[SCRIPT_NAME]: $path", ERROR_SESSION_BROKEN_SCRIPT_PATH);
}
......@@ -97,6 +106,7 @@ class Session {
* Destroy a session - this is only needed in case of attacks
*/
public static function destroy() {
session_destroy();
$_SESSION = array();
......@@ -116,6 +126,7 @@ class Session {
*
*/
public static function open() {
if (self::$sessionOpen != true && self::$sessionId != null) {
session_id(self::$sessionId);
session_start();
......@@ -148,9 +159,9 @@ class Session {
$feUidLoggedIn = $feUserUidSession;
}
if ($feUidLoggedIn !== $feUserUidSession) {
if ($feUidLoggedIn != $feUserUidSession) {
// destroy existing session store
Session::clearAll();
// Session::clearAll(); // #5668 / Broken SIP after login - is it really a security improvement to destroy the SIP store in case the feUser changes? Probably not.
// save new feUserUid, feUserName
Session::set(SESSION_FE_USER_UID, $feUidLoggedIn);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment