diff --git a/CHANGELOG.md b/CHANGELOG.md
index b58e19b992eab1c89237468e2e01e16e5846d443..787c6bfa4057289780ad3e9b4a3128f89a8d6a0e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
+^^^^^^^^^
+
+
+Version 0.25.13
+---------------
+
+Date: 08.03.18
+
+Notes
+^^^^^
+
+Features
+^^^^^^^^
+* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
+* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
+* #5603 / Report: final value of report columns (special column name)
+* Fabric / delete now triggers form.changed / emojis work again
+* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
+* #5423 / two new column names 'filesize', 'mimetype'
+* #5571 / File Upload: save filesize and mimetype
+
+ * STORE_VARS contains now 'mimeType' and 'fileSize'.
+ * sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
+ * STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
+
+Bug Fixes
^^^^^^^^^
+* Fabric: Corrected resizing with changed width in editor
+* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
diff --git a/doc/NewVersion.md b/doc/NewVersion.md
index 3b3353992ba6d5c3cca2135c77f02e5f732bc1d5..9bc88fb75121f6b8552cec46f0c41dfbd72d0e37 100644
--- a/doc/NewVersion.md
+++ b/doc/NewVersion.md
@@ -47,8 +47,8 @@ Neue Versionsnummer
6) **New Tag**:
- git tag v0.25.12
- git push -u origin v0.25.12
+ git tag v0.25.13
+ git push -u origin v0.25.13
7) PhpStorm: **Sync** all files to VM qfq.
diff --git a/extension/Documentation/Release.rst b/extension/Documentation/Release.rst
index b58e19b992eab1c89237468e2e01e16e5846d443..787c6bfa4057289780ad3e9b4a3128f89a8d6a0e 100644
--- a/extension/Documentation/Release.rst
+++ b/extension/Documentation/Release.rst
@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
+^^^^^^^^^
+
+
+Version 0.25.13
+---------------
+
+Date: 08.03.18
+
+Notes
+^^^^^
+
+Features
+^^^^^^^^
+* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
+* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
+* #5603 / Report: final value of report columns (special column name)
+* Fabric / delete now triggers form.changed / emojis work again
+* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
+* #5423 / two new column names 'filesize', 'mimetype'
+* #5571 / File Upload: save filesize and mimetype
+
+ * STORE_VARS contains now 'mimeType' and 'fileSize'.
+ * sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
+ * STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
+
+Bug Fixes
^^^^^^^^^
+* Fabric: Corrected resizing with changed width in editor
+* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
diff --git a/extension/Documentation/Settings.cfg b/extension/Documentation/Settings.cfg
index f0116a3aee946fccab4846d5923f4fad6365700e..75adbdbaca46cea14434bbb287f5e4e6e4831cd0 100644
--- a/extension/Documentation/Settings.cfg
+++ b/extension/Documentation/Settings.cfg
@@ -3,7 +3,7 @@
project = QFQ - Quick Form Query
version = 0.25
-release = 0.25.12
+release = 0.25.13
t3author = Carsten Rose
copyright = since 2017 by the author
diff --git a/extension/Documentation/_make/conf.py b/extension/Documentation/_make/conf.py
index 3dc87e1b1ca01b5b8fe5945d2262d9a31729ea2f..ee864d7757ac332405c2998816a40912bba77dc7 100644
--- a/extension/Documentation/_make/conf.py
+++ b/extension/Documentation/_make/conf.py
@@ -59,7 +59,7 @@ copyright = u'2017, Carsten Rose'
# The short X.Y version.
version = '0.25'
# The full version, including alpha/beta/rc tags.
-release = '0.25.12'
+release = '0.25.13'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
diff --git a/extension/RELEASE.txt b/extension/RELEASE.txt
index b58e19b992eab1c89237468e2e01e16e5846d443..787c6bfa4057289780ad3e9b4a3128f89a8d6a0e 100644
--- a/extension/RELEASE.txt
+++ b/extension/RELEASE.txt
@@ -34,9 +34,37 @@ Features
^^^^^^^^
Bug Fixes
+^^^^^^^^^
+
+
+Version 0.25.13
+---------------
+
+Date: 08.03.18
+
+Notes
+^^^^^
+
+Features
+^^^^^^^^
+* AutoCron: Added doc for autocron. Extend AutoCron.php to be MultiDB aware. Update der AutoCron form.
+* #4720 / Separate Database for Form & FormElement - Multi DB - fixed problem that 'Quick Edit Form / FormElement' has been broken in MultiDB Setup.
+* #5603 / Report: final value of report columns (special column name)
+* Fabric / delete now triggers form.changed / emojis work again
+* #5571 / File Upload: save filesize and mimetype automatically in 'upload mode simple',if those columns exist.
+* #5423 / two new column names 'filesize', 'mimetype'
+* #5571 / File Upload: save filesize and mimetype
+
+ * STORE_VARS contains now 'mimeType' and 'fileSize'.
+ * sqlBefore and sqlAfter will be fired in Upload Advanced and new in Upload Simple as well.
+ * STORE_VARS contains now `filenameOnly`. It can be used in downloadButton=....
+
+Bug Fixes
^^^^^^^^^
+* Fabric: Corrected resizing with changed width in editor
+* #5640 / UTF8 encoded strings: MAX LENGTH wrong
Version 0.25.12
---------------
diff --git a/extension/ext_emconf.php b/extension/ext_emconf.php
index ad61b7db9c8a1485441443f2e46a222da8c73863..e72f80b395b23821e114aafb99eeab2908e35396 100644
--- a/extension/ext_emconf.php
+++ b/extension/ext_emconf.php
@@ -10,6 +10,6 @@ $EM_CONF[$_EXTKEY] = array(
'dependencies' => 'fluid,extbase',
'clearcacheonload' => true,
'state' => 'alpha',
- 'version' => '0.25.12'
+ 'version' => '0.25.13'
);
diff --git a/extension/qfq/api/delete.php b/extension/qfq/api/delete.php
index 61dc2a0cefaf352d1b74b46733b7c7a8ed194d9d..b107ff6eca10b7478d698fde66c2153e07d148bd 100644
--- a/extension/qfq/api/delete.php
+++ b/extension/qfq/api/delete.php
@@ -87,7 +87,7 @@ try {
switch ($modeAnswer) {
case MODE_JSON:
if ($flagSuccess) {
- $answer[API_MESSAGE] = 'delete: success';
+ $answer[API_MESSAGE] = 'Delete';
$answer[API_REDIRECT] = API_ANSWER_REDIRECT_CLIENT;
$answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;
} else {
diff --git a/extension/qfq/api/save.php b/extension/qfq/api/save.php
index 9e9dc739e7c1faa072222d0a9830021b5821b844..7683a4e05f345d7f80ff02aa091a8c3f72995176 100644
--- a/extension/qfq/api/save.php
+++ b/extension/qfq/api/save.php
@@ -63,7 +63,7 @@ try {
$answer[API_REDIRECT_URL] = $arr[API_REDIRECT_URL];
$answer[API_STATUS] = API_ANSWER_STATUS_SUCCESS;
- $answer[API_MESSAGE] = 'save: success';
+ $answer[API_MESSAGE] = 'Save';
if (isset($data[API_ELEMENT_UPDATE])) {
$answer[API_ELEMENT_UPDATE] = $data[API_ELEMENT_UPDATE];
}
diff --git a/extension/qfq/qfq/AbstractBuildForm.php b/extension/qfq/qfq/AbstractBuildForm.php
index 35154dd51d62e64abb482dc45b9da33609bd6023..acd4174fcbe9d7a5c7a331ac2152937f44991be8 100644
--- a/extension/qfq/qfq/AbstractBuildForm.php
+++ b/extension/qfq/qfq/AbstractBuildForm.php
@@ -1102,7 +1102,7 @@ abstract class AbstractBuildForm {
if ($formElement[FE_MAX_LENGTH] > 0 && $value !== '') {
// crop string only if it's not empty (substr returns false on empty strings)
- $value = substr($value, 0, $formElement[FE_MAX_LENGTH]);
+ $value = mb_substr($value, 0, $formElement[FE_MAX_LENGTH]);
}
// 'maxLength' needs an upper 'L': naming convention for DB tables!
if ($formElement[FE_MAX_LENGTH] > 0) {
diff --git a/extension/qfq/qfq/Evaluate.php b/extension/qfq/qfq/Evaluate.php
index a2db010070445abdbc322bb9984792bd72d45f72..5aaf8ae477e24e56e7d29e87a18049cfe9ee46dc 100644
--- a/extension/qfq/qfq/Evaluate.php
+++ b/extension/qfq/qfq/Evaluate.php
@@ -212,7 +212,7 @@ class Evaluate {
$dbIndex = $this->dbIndex;
// Check if the $token starts with '[<int>]...' - yes: open the necessary database.
- if ($token[0] === '[') {
+ if (strlen($token) > 2 && $token[0] === '[') {
if ($token[2] !== ']') {
throw new UserFormException("Missing token ']' in '$token' on position 3", ERROR_TOKEN_MISSING);
}
@@ -224,6 +224,10 @@ class Evaluate {
}
}
+ if ($token === '') {
+ return '';
+ }
+
if ($token[0] === '!') {
$token = trim(substr($token, 1));
$sqlMode = ROW_REGULAR;
diff --git a/extension/qfq/qfq/database/DatabaseUpdate.php b/extension/qfq/qfq/database/DatabaseUpdate.php
index 248aa895fe41af5f957b9f0e370eaa2cf09d90b3..4278bb8f8cda514cd0918503cacef2dd216f55d5 100644
--- a/extension/qfq/qfq/database/DatabaseUpdate.php
+++ b/extension/qfq/qfq/database/DatabaseUpdate.php
@@ -116,6 +116,8 @@ class DatabaseUpdate {
if ($dbUpdate === SYSTEM_DB_UPDATE_ALWAYS || ($dbUpdate === SYSTEM_DB_UPDATE_AUTO && $new != $old)) {
$this->dbUpdateStatements($old, $new);
$this->db->playSqlFile(__DIR__ . '/../../sql/formEditor.sql');
+
+ // Finally write the latest version number.
$this->setDatabaseVersion($new);
}
}
@@ -167,6 +169,8 @@ class DatabaseUpdate {
foreach ($sqlStatements as $sql) {
$this->db->sql($sql);
}
+ // Remember already applied updates - in case something breaks and the update has to be repeated.
+ $this->setDatabaseVersion($new);
}
}
}
diff --git a/extension/qfq/qfq/report/Report.php b/extension/qfq/qfq/report/Report.php
index 5aa4aee698185cfc353bbce2bf87889e5ab30ce4..2483a5bf18cf5c1b401056fae86aa7662d5babc3 100644
--- a/extension/qfq/qfq/report/Report.php
+++ b/extension/qfq/qfq/report/Report.php
@@ -620,7 +620,6 @@ class Report {
$assoc[REPORT_TOKEN_FINAL_VALUE . $keyAssoc] = $renderedColumn;
}
-
if ($flagOutput) {
//prints
$content .= $this->variables->doVariables($fsep);
@@ -659,10 +658,16 @@ class Report {
$flagOutput = true;
$dummy = false;
- // Empty column names are allowed: check with isset
+ // Special column name: '_...'? Empty column names are allowed: check with isset
if (isset($columnName[0]) && $columnName[0] === TOKEN_COLUMN_CTRL) {
$flagControl = true;
$columnName = substr($columnName, 1);
+
+ // Special column name and hide output: '__...'? (double '_' at the beginning)
+ if (isset($columnName[0]) && $columnName[0] === TOKEN_COLUMN_CTRL) {
+ $flagOutput = false;
+ $columnName = substr($columnName, 1);
+ }
}
//TODO: reserved names,not starting with '_' will be still accepted - stop this!
diff --git a/extension/qfq/qfq/store/Session.php b/extension/qfq/qfq/store/Session.php
index c0ef096bdfbc1fb2889ebe4c6a7956c5f5483a3d..45a0f3c75957cf8c6bbe235a8849c95537816277 100644
--- a/extension/qfq/qfq/store/Session.php
+++ b/extension/qfq/qfq/store/Session.php
@@ -23,23 +23,31 @@ class Session {
* @throws CodeException
*/
private function __construct($phpUnit = false) {
+
if (self::$phpUnit !== null) {
throw new CodeException("Try to set flag phpunit again - that should not happen.", ERROR_CODE_SHOULD_NOT_HAPPEN);
}
self::$phpUnit = $phpUnit;
+
if (self::$phpUnit === true) {
self::$sessionLocal = array();
} else {
ini_set('session.cookie_httponly', 1);
+ $lifetime = 86400; // one day
+
$path = $this->getSitePath();
- session_set_cookie_params(0, $path);
+ session_set_cookie_params($lifetime, $path);
+ $currentCookieParams = session_get_cookie_params();
session_name(SESSION_NAME);
session_start();
+ // Currently, setcookie() is only called to really extend the lifetime. All other parameter needs to be given again.
+ setcookie(SESSION_NAME, session_id(), time() + $lifetime, $path, $currentCookieParams['domain'], $currentCookieParams['secure'], true);
+
self::$sessionId = session_id();
}
@@ -62,6 +70,7 @@ class Session {
$path = $_SERVER['SCRIPT_NAME'];
$pos = strrpos($path, '/');
+
if ($pos === false) {
throw new CodeException("Broken _SERVER[SCRIPT_NAME]: $path", ERROR_SESSION_BROKEN_SCRIPT_PATH);
}
@@ -97,6 +106,7 @@ class Session {
* Destroy a session - this is only needed in case of attacks
*/
public static function destroy() {
+
session_destroy();
$_SESSION = array();
@@ -116,6 +126,7 @@ class Session {
*
*/
public static function open() {
+
if (self::$sessionOpen != true && self::$sessionId != null) {
session_id(self::$sessionId);
session_start();
@@ -148,9 +159,9 @@ class Session {
$feUidLoggedIn = $feUserUidSession;
}
- if ($feUidLoggedIn !== $feUserUidSession) {
+ if ($feUidLoggedIn != $feUserUidSession) {
// destroy existing session store
- Session::clearAll();
+// Session::clearAll(); // #5668 / Broken SIP after login - is it really a security improvement to destroy the SIP store in case the feUser changes? Probably not.
// save new feUserUid, feUserName
Session::set(SESSION_FE_USER_UID, $feUidLoggedIn);
diff --git a/version b/version
index a5c3b469ad19d6f599e9439004170c449e63b932..0c17dbff1bf4a24c230fa3fe55cc1b9f47901db2 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-0.25.12
+0.25.13