Commit c320d88f authored by Carsten  Rose's avatar Carsten Rose
Browse files

Sip: minor doc adjustment.

Store: Removed CLIENT_POST_ID and CLIENT_GET_ID. Various functions: check if supplied store is known. Check that STORE_ZERO never saves a value. New mode for setVar(): overWrite.
Constants: New qfq.log. SQL_FORM_ELEMENT splitted to SQL_FORM_ELEMENT_SPECIFIC_CONTAINER|ALL_CONTAINER. New ROW_INSERT, ROW_UPDATE. Renamed STORE_ZERO to STORE_0.
parent d08f752c
......@@ -8,6 +8,8 @@
const QFQ_INI = "qfq.ini"; // QFQ configuration file: db access
const QFQ_LOG = 'qfq.log';
const FORM_LOAD = 'form_load';
const FORM_SAVE = 'form_save';
const FORM_PERMISSION_SIP = 'sip';
......@@ -21,7 +23,8 @@ const SESSION_FE_USER_UID = 'fe_user_uid';
const RETURN_URL = 'return_url';
const RETURN_SIP = 'return_sip';
const SQL_FORM_ELEMENT = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_SPECIFIC_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_ALL_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
// Sanatize Classifier
const SANATIZE_ALLOW_ALNUMX = "alnumx";
......@@ -45,6 +48,8 @@ const ROW_REGULAR = "regular";
const ROW_IMPLODE_ALL = "implode_all";
const ROW_EXACT_1 = "exact_1";
const ROW_EMPTY_IS_OK = "empty_is_ok";
const ROW_INSERT = "insert";
const ROW_UPDATE = "update";
// KeyValueParser
const IF_VALUE_EMPTY_COPY_KEY = 'if_value_empty_copy_key';
......@@ -94,6 +99,17 @@ const ERROR_RESERVED_KEY_NAME = 1034;
const ERROR_VALUE_HAS_NO_KEY = 1035;
const ERROR_DB_EXECUTE = 1036;
const ERROR_COLUMN_NOT_FOUND_IN_TABLE = 1037;
const ERROR_MISSING_HIDDEN_FIELD_IN_SIP = 1038;
const ERROR_KEY_EXIST_IN_STORE = 1039;
const ERROR_MISSING_MIN_MAX = 1040;
const ERROR_MIN_MAX_VIOLATION = 1041;
const ERROR_UNKNOWN_CHECKTYPE = 1042;
const ERROR_PATTERN_VIOLATION = 1043;
const ERROR_RECORDID_0_FORBIDDEN = 1044;
const ERROR_LOG_NOT_WRITABLE = 1045;
const ERROR_UNNOWN_STORE = 1046;
const ERROR_GET_STORE_ZERO = 1047;
const ERROR_SET_STORE_ZERO = 1048;
// DB Errors
......@@ -112,13 +128,13 @@ const STORE_TABLE_DEFAULT = "D"; // definition of primary table.
const STORE_TABLE_COLUMN_TYPES = "M"; // column types of primary table.
const STORE_CLIENT = "C"; // Client: POST variable, if not found: GET variable
const STORE_TYPO3 = "T"; // Typo3 > Page content record > bodytext
const STORE_ZERO = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string
const STORE_0 = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string
const STORE_SYSTEM = "Y"; // various system values like db connection credentials
const USE_STORE_DEFAULT = "FSRD";
//
// Store: Definitions
// Store: Definitions / Members
//
// URL variables
......@@ -131,9 +147,6 @@ const CLIENT_PAGE_ID = 'pageId';
const CLIENT_PAGE_TYPE = 'pageType';
const CLIENT_PAGE_LANGUAGE = 'pageLanguage';
const CLIENT_GET_SIP = 'getSip';
const CLIENT_POST_SIP = 'postSip';
// ALL $_SERVER variables: http://php.net/manual/en/reserved.variables.server.php
// The following exist and might be the most used ones.
const CLIENT_SCRIPT_URL = 'SCRIPT_URL';
......
......@@ -70,7 +70,7 @@ class Sip {
*/
public function queryStringToSip($queryString, $mode = RETURN_URL) {
// Validation: Check if still the same fe_user is logged in.
// Validate: Check if still the same fe_user is logged in.
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
unset($_SESSION);
......
......@@ -85,8 +85,6 @@ class Store {
// TYPO3_FE_USER_GROUP => SANATIZE_ALLOW_ALNUMX,
CLIENT_SIP => SANATIZE_ALLOW_ALNUMX,
CLIENT_GET_SIP => SANATIZE_ALLOW_DIGIT,
CLIENT_POST_SIP => SANATIZE_ALLOW_DIGIT,
CLIENT_RECORD_ID => SANATIZE_ALLOW_DIGIT,
CLIENT_KEY_SEM_ID => SANATIZE_ALLOW_DIGIT,
CLIENT_KEY_SEM_ID_USER => SANATIZE_ALLOW_DIGIT,
......@@ -140,7 +138,7 @@ class Store {
STORE_TABLE_COLUMN_TYPES => false,
STORE_CLIENT => true,
STORE_TYPO3 => false,
STORE_ZERO => false,
STORE_0 => false,
STORE_SYSTEM => false
];
......@@ -169,6 +167,13 @@ class Store {
* @throws CodeException
*/
public function setVarArray(array $dataArray, $store, $flagOverwrite = false) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("setVarArray() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if ($flagOverwrite && isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) {
throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_VALUE_ALREADY_CODPIED);
......@@ -208,13 +213,6 @@ class Store {
// copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
$arr = array_merge($_GET, $_POST, $_SERVER);
# SIP: if POST exist, this means 'form save'. To distinguish load and save, store both.
if (isset($_GET[CLIENT_SIP]))
$arr[CLIENT_GET_SIP] = $_GET[CLIENT_SIP];
if (isset($_POST[CLIENT_SIP]))
$arr[CLIENT_POST_SIP] = $_POST[CLIENT_SIP];
self::setVarArray($arr, STORE_CLIENT, true);
}
......@@ -267,7 +265,11 @@ class Store {
$useStores = substr($useStores, 1); // shift left remaining stores
if (!isset(self::$raw[$store][$key])) {
continue; // no value provided
if ($store === STORE_0) {
return 0;
} else {
continue; // no value provided
}
}
$rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null;
......@@ -312,6 +314,13 @@ class Store {
* @param $store
*/
public static function unsetStore($store) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("unsetStore() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if (isset(self::$raw[$store])) {
self::$raw[$store] = array();
}
......@@ -354,9 +363,20 @@ class Store {
* @param $key
* @param $value
* @param $store
* @throws CodeException
* @param bool|true $overWrite
* @throws UserException
*/
public static function setVar($key, $value, $store) {
public static function setVar($key, $value, $store, $overWrite = true) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("setVar() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if ($overWrite === false && isset(self::$raw[$store][$key])) {
throw new UserException("Value of '$key' already be set in store '$store'.", ERROR_KEY_EXIST_IN_STORE);
}
self::$raw[$store][$key] = $value;
}
......@@ -366,13 +386,23 @@ class Store {
* @return mixed
*/
public static function getStore($store) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("getStore() for STORE_ZERO is impossible - there are no values saved.", ERROR_GET_STORE_ZERO);
if (isset(self::$raw[$store])) {
return self::$raw[$store];
}
return array();
}
/**
* Fills STORE_TABLE_DEFAULT and STORE_TABLE_COLUMN_TYPES
*
* @param $tableName
* @throws CodeException
*/
......@@ -383,7 +413,6 @@ class Store {
self::setVarArray(array_column($tableDefinition, 'Default', 'Field'), STORE_TABLE_DEFAULT);
self::setVarArray(array_column($tableDefinition, 'Type', 'Field'), STORE_TABLE_COLUMN_TYPES);
}
}
......
......@@ -153,7 +153,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase {
public function testGetVarStoreZero() {
//default prio FSRD
$this->assertEquals(0, $this->store->getVar('fakename', '', STORE_ZERO), "Retrieve anything from STORE_ZERO");
$this->assertEquals(0, $this->store->getVar('fakename', '', STORE_0), "Retrieve anything from STORE_ZERO");
}
public function testUnsetStore() {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment