Sip: minor doc adjustment.

Store: Removed CLIENT_POST_ID and CLIENT_GET_ID. Various functions: check if supplied store is known. Check that STORE_ZERO never saves a value. New mode for setVar(): overWrite.
Constants: New qfq.log. SQL_FORM_ELEMENT splitted to SQL_FORM_ELEMENT_SPECIFIC_CONTAINER|ALL_CONTAINER. New ROW_INSERT, ROW_UPDATE. Renamed STORE_ZERO to STORE_0.

qfq/Constants.php

@@ -8,6 +8,8 @@
 
 const QFQ_INI = "qfq.ini";  // QFQ configuration file: db access
 
+const QFQ_LOG = 'qfq.log';
+
 const FORM_LOAD = 'form_load';
 const FORM_SAVE = 'form_save';
 const FORM_PERMISSION_SIP = 'sip';
@@ -21,7 +23,8 @@ const SESSION_FE_USER_UID = 'fe_user_uid';
 const RETURN_URL = 'return_url';
 const RETURN_SIP = 'return_sip';
 
-const SQL_FORM_ELEMENT = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
+const SQL_FORM_ELEMENT_SPECIFIC_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
+const SQL_FORM_ELEMENT_ALL_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
 
 // Sanatize Classifier
 const SANATIZE_ALLOW_ALNUMX = "alnumx";
@@ -45,6 +48,8 @@ const ROW_REGULAR = "regular";
 const ROW_IMPLODE_ALL = "implode_all";
 const ROW_EXACT_1 = "exact_1";
 const ROW_EMPTY_IS_OK = "empty_is_ok";
+const ROW_INSERT = "insert";
+const ROW_UPDATE = "update";
 
 // KeyValueParser
 const IF_VALUE_EMPTY_COPY_KEY = 'if_value_empty_copy_key';
@@ -94,6 +99,17 @@ const ERROR_RESERVED_KEY_NAME = 1034;
 const ERROR_VALUE_HAS_NO_KEY = 1035;
 const ERROR_DB_EXECUTE = 1036;
 const ERROR_COLUMN_NOT_FOUND_IN_TABLE = 1037;
+const ERROR_MISSING_HIDDEN_FIELD_IN_SIP = 1038;
+const ERROR_KEY_EXIST_IN_STORE = 1039;
+const ERROR_MISSING_MIN_MAX = 1040;
+const ERROR_MIN_MAX_VIOLATION = 1041;
+const ERROR_UNKNOWN_CHECKTYPE = 1042;
+const ERROR_PATTERN_VIOLATION = 1043;
+const ERROR_RECORDID_0_FORBIDDEN = 1044;
+const ERROR_LOG_NOT_WRITABLE = 1045;
+const ERROR_UNNOWN_STORE = 1046;
+const ERROR_GET_STORE_ZERO = 1047;
+const ERROR_SET_STORE_ZERO = 1048;
 
 
 // DB Errors
@@ -112,13 +128,13 @@ const STORE_TABLE_DEFAULT = "D"; // definition of primary table.
 const STORE_TABLE_COLUMN_TYPES = "M"; // column types of primary table.
 const STORE_CLIENT = "C"; // Client: POST variable, if not found: GET variable
 const STORE_TYPO3 = "T"; // Typo3 > Page content record > bodytext
-const STORE_ZERO = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string
+const STORE_0 = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string
 const STORE_SYSTEM = "Y"; // various system values like db connection credentials
 
 const USE_STORE_DEFAULT = "FSRD";
 
 //
-// Store: Definitions
+// Store: Definitions / Members
 //
 
 // URL variables
@@ -131,9 +147,6 @@ const CLIENT_PAGE_ID = 'pageId';
 const CLIENT_PAGE_TYPE = 'pageType';
 const CLIENT_PAGE_LANGUAGE = 'pageLanguage';
 
-const CLIENT_GET_SIP = 'getSip';
-const CLIENT_POST_SIP = 'postSip';
-
 // ALL $_SERVER variables: http://php.net/manual/en/reserved.variables.server.php
 // The following exist and might be the most used ones.
 const CLIENT_SCRIPT_URL = 'SCRIPT_URL';

qfq/store/Sip.php

@@ -70,7 +70,7 @@ class Sip {
      */
     public function queryStringToSip($queryString, $mode = RETURN_URL) {
 
-        // Validation: Check if still the same fe_user is logged in.
+        // Validate: Check if still the same fe_user is logged in.
         if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
             if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
                 unset($_SESSION);

qfq/store/Store.php

@@ -85,8 +85,6 @@ class Store {
 //            TYPO3_FE_USER_GROUP => SANATIZE_ALLOW_ALNUMX,
 
             CLIENT_SIP => SANATIZE_ALLOW_ALNUMX,
-            CLIENT_GET_SIP => SANATIZE_ALLOW_DIGIT,
-            CLIENT_POST_SIP => SANATIZE_ALLOW_DIGIT,
             CLIENT_RECORD_ID => SANATIZE_ALLOW_DIGIT,
             CLIENT_KEY_SEM_ID => SANATIZE_ALLOW_DIGIT,
             CLIENT_KEY_SEM_ID_USER => SANATIZE_ALLOW_DIGIT,
@@ -140,7 +138,7 @@ class Store {
             STORE_TABLE_COLUMN_TYPES => false,
             STORE_CLIENT => true,
             STORE_TYPO3 => false,
-            STORE_ZERO => false,
+            STORE_0 => false,
             STORE_SYSTEM => false
         ];
 
@@ -169,6 +167,13 @@ class Store {
      * @throws CodeException
      */
     public function setVarArray(array $dataArray, $store, $flagOverwrite = false) {
+        // Check valid Storename
+        if (!isset(self::$sanatizeStore))
+            throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
+
+
+        if ($store === STORE_0)
+            throw new CodeException("setVarArray() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
 
         if ($flagOverwrite && isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) {
             throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_VALUE_ALREADY_CODPIED);
@@ -208,13 +213,6 @@ class Store {
         // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
         $arr = array_merge($_GET, $_POST, $_SERVER);
 
-        # SIP: if POST exist, this means 'form save'. To distinguish load and save, store both.
-        if (isset($_GET[CLIENT_SIP]))
-            $arr[CLIENT_GET_SIP] = $_GET[CLIENT_SIP];
-
-        if (isset($_POST[CLIENT_SIP]))
-            $arr[CLIENT_POST_SIP] = $_POST[CLIENT_SIP];
-
         self::setVarArray($arr, STORE_CLIENT, true);
     }
 
@@ -267,7 +265,11 @@ class Store {
             $useStores = substr($useStores, 1); // shift left remaining stores
 
             if (!isset(self::$raw[$store][$key])) {
-                continue; // no value provided
+                if ($store === STORE_0) {
+                    return 0;
+                } else {
+                    continue; // no value provided
+                }
             }
 
             $rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null;
@@ -312,6 +314,13 @@ class Store {
      * @param $store
      */
     public static function unsetStore($store) {
+        // Check valid Storename
+        if (!isset(self::$sanatizeStore))
+            throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
+
+        if ($store === STORE_0)
+            throw new CodeException("unsetStore() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
+
         if (isset(self::$raw[$store])) {
             self::$raw[$store] = array();
         }
@@ -354,9 +363,20 @@ class Store {
      * @param $key
      * @param $value
      * @param $store
-     * @throws CodeException
+     * @param bool|true $overWrite
+     * @throws UserException
      */
-    public static function setVar($key, $value, $store) {
+    public static function setVar($key, $value, $store, $overWrite = true) {
+        // Check valid Storename
+        if (!isset(self::$sanatizeStore))
+            throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
+
+        if ($store === STORE_0)
+            throw new CodeException("setVar() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
+
+        if ($overWrite === false && isset(self::$raw[$store][$key])) {
+            throw new UserException("Value of '$key' already be set in store '$store'.", ERROR_KEY_EXIST_IN_STORE);
+        }
 
         self::$raw[$store][$key] = $value;
     }
@@ -366,13 +386,23 @@ class Store {
      * @return mixed
      */
     public static function getStore($store) {
+        // Check valid Storename
+        if (!isset(self::$sanatizeStore))
+            throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
+
+        if ($store === STORE_0)
+            throw new CodeException("getStore() for STORE_ZERO is impossible - there are no values saved.", ERROR_GET_STORE_ZERO);
+
         if (isset(self::$raw[$store])) {
             return self::$raw[$store];
         }
         return array();
     }
 
+
     /**
+     * Fills STORE_TABLE_DEFAULT and STORE_TABLE_COLUMN_TYPES
+     *
      * @param $tableName
      * @throws CodeException
      */
@@ -383,7 +413,6 @@ class Store {
 
         self::setVarArray(array_column($tableDefinition, 'Default', 'Field'), STORE_TABLE_DEFAULT);
         self::setVarArray(array_column($tableDefinition, 'Type', 'Field'), STORE_TABLE_COLUMN_TYPES);
-
     }
 }
 

tests/phpunit/StoreTest.php

@@ -153,7 +153,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase {
     public function testGetVarStoreZero() {
         //default prio  FSRD
 
-        $this->assertEquals(0, $this->store->getVar('fakename', '', STORE_ZERO), "Retrieve anything from STORE_ZERO");
+        $this->assertEquals(0, $this->store->getVar('fakename', '', STORE_0), "Retrieve anything from STORE_ZERO");
     }
 
     public function testUnsetStore() {