Commit c320d88f authored by Carsten  Rose's avatar Carsten Rose
Browse files

Sip: minor doc adjustment.

Store: Removed CLIENT_POST_ID and CLIENT_GET_ID. Various functions: check if supplied store is known. Check that STORE_ZERO never saves a value. New mode for setVar(): overWrite.
Constants: New qfq.log. SQL_FORM_ELEMENT splitted to SQL_FORM_ELEMENT_SPECIFIC_CONTAINER|ALL_CONTAINER. New ROW_INSERT, ROW_UPDATE. Renamed STORE_ZERO to STORE_0.
parent d08f752c
...@@ -8,6 +8,8 @@ ...@@ -8,6 +8,8 @@
const QFQ_INI = "qfq.ini"; // QFQ configuration file: db access const QFQ_INI = "qfq.ini"; // QFQ configuration file: db access
const QFQ_LOG = 'qfq.log';
const FORM_LOAD = 'form_load'; const FORM_LOAD = 'form_load';
const FORM_SAVE = 'form_save'; const FORM_SAVE = 'form_save';
const FORM_PERMISSION_SIP = 'sip'; const FORM_PERMISSION_SIP = 'sip';
...@@ -21,7 +23,8 @@ const SESSION_FE_USER_UID = 'fe_user_uid'; ...@@ -21,7 +23,8 @@ const SESSION_FE_USER_UID = 'fe_user_uid';
const RETURN_URL = 'return_url'; const RETURN_URL = 'return_url';
const RETURN_SIP = 'return_sip'; const RETURN_SIP = 'return_sip';
const SQL_FORM_ELEMENT = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id"; const SQL_FORM_ELEMENT_SPECIFIC_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.feIdContainer = ? AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
const SQL_FORM_ELEMENT_ALL_CONTAINER = "SELECT *, ? AS 'nestedInFieldSet' FROM FormElement AS fe WHERE fe.formId = ? AND fe.deleted = 'no' AND FIND_IN_SET(fe.class, ? ) AND fe.enabled='yes' ORDER BY fe.ord, fe.id";
// Sanatize Classifier // Sanatize Classifier
const SANATIZE_ALLOW_ALNUMX = "alnumx"; const SANATIZE_ALLOW_ALNUMX = "alnumx";
...@@ -45,6 +48,8 @@ const ROW_REGULAR = "regular"; ...@@ -45,6 +48,8 @@ const ROW_REGULAR = "regular";
const ROW_IMPLODE_ALL = "implode_all"; const ROW_IMPLODE_ALL = "implode_all";
const ROW_EXACT_1 = "exact_1"; const ROW_EXACT_1 = "exact_1";
const ROW_EMPTY_IS_OK = "empty_is_ok"; const ROW_EMPTY_IS_OK = "empty_is_ok";
const ROW_INSERT = "insert";
const ROW_UPDATE = "update";
// KeyValueParser // KeyValueParser
const IF_VALUE_EMPTY_COPY_KEY = 'if_value_empty_copy_key'; const IF_VALUE_EMPTY_COPY_KEY = 'if_value_empty_copy_key';
...@@ -94,6 +99,17 @@ const ERROR_RESERVED_KEY_NAME = 1034; ...@@ -94,6 +99,17 @@ const ERROR_RESERVED_KEY_NAME = 1034;
const ERROR_VALUE_HAS_NO_KEY = 1035; const ERROR_VALUE_HAS_NO_KEY = 1035;
const ERROR_DB_EXECUTE = 1036; const ERROR_DB_EXECUTE = 1036;
const ERROR_COLUMN_NOT_FOUND_IN_TABLE = 1037; const ERROR_COLUMN_NOT_FOUND_IN_TABLE = 1037;
const ERROR_MISSING_HIDDEN_FIELD_IN_SIP = 1038;
const ERROR_KEY_EXIST_IN_STORE = 1039;
const ERROR_MISSING_MIN_MAX = 1040;
const ERROR_MIN_MAX_VIOLATION = 1041;
const ERROR_UNKNOWN_CHECKTYPE = 1042;
const ERROR_PATTERN_VIOLATION = 1043;
const ERROR_RECORDID_0_FORBIDDEN = 1044;
const ERROR_LOG_NOT_WRITABLE = 1045;
const ERROR_UNNOWN_STORE = 1046;
const ERROR_GET_STORE_ZERO = 1047;
const ERROR_SET_STORE_ZERO = 1048;
// DB Errors // DB Errors
...@@ -112,13 +128,13 @@ const STORE_TABLE_DEFAULT = "D"; // definition of primary table. ...@@ -112,13 +128,13 @@ const STORE_TABLE_DEFAULT = "D"; // definition of primary table.
const STORE_TABLE_COLUMN_TYPES = "M"; // column types of primary table. const STORE_TABLE_COLUMN_TYPES = "M"; // column types of primary table.
const STORE_CLIENT = "C"; // Client: POST variable, if not found: GET variable const STORE_CLIENT = "C"; // Client: POST variable, if not found: GET variable
const STORE_TYPO3 = "T"; // Typo3 > Page content record > bodytext const STORE_TYPO3 = "T"; // Typo3 > Page content record > bodytext
const STORE_ZERO = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string const STORE_0 = "0"; // value: 0, might helpfull if variable is empty but used in an SQL statement, which might produce a SQL error otherwise if substituted with an empty string
const STORE_SYSTEM = "Y"; // various system values like db connection credentials const STORE_SYSTEM = "Y"; // various system values like db connection credentials
const USE_STORE_DEFAULT = "FSRD"; const USE_STORE_DEFAULT = "FSRD";
// //
// Store: Definitions // Store: Definitions / Members
// //
// URL variables // URL variables
...@@ -131,9 +147,6 @@ const CLIENT_PAGE_ID = 'pageId'; ...@@ -131,9 +147,6 @@ const CLIENT_PAGE_ID = 'pageId';
const CLIENT_PAGE_TYPE = 'pageType'; const CLIENT_PAGE_TYPE = 'pageType';
const CLIENT_PAGE_LANGUAGE = 'pageLanguage'; const CLIENT_PAGE_LANGUAGE = 'pageLanguage';
const CLIENT_GET_SIP = 'getSip';
const CLIENT_POST_SIP = 'postSip';
// ALL $_SERVER variables: http://php.net/manual/en/reserved.variables.server.php // ALL $_SERVER variables: http://php.net/manual/en/reserved.variables.server.php
// The following exist and might be the most used ones. // The following exist and might be the most used ones.
const CLIENT_SCRIPT_URL = 'SCRIPT_URL'; const CLIENT_SCRIPT_URL = 'SCRIPT_URL';
......
...@@ -70,7 +70,7 @@ class Sip { ...@@ -70,7 +70,7 @@ class Sip {
*/ */
public function queryStringToSip($queryString, $mode = RETURN_URL) { public function queryStringToSip($queryString, $mode = RETURN_URL) {
// Validation: Check if still the same fe_user is logged in. // Validate: Check if still the same fe_user is logged in.
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) { if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) { if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
unset($_SESSION); unset($_SESSION);
......
...@@ -85,8 +85,6 @@ class Store { ...@@ -85,8 +85,6 @@ class Store {
// TYPO3_FE_USER_GROUP => SANATIZE_ALLOW_ALNUMX, // TYPO3_FE_USER_GROUP => SANATIZE_ALLOW_ALNUMX,
CLIENT_SIP => SANATIZE_ALLOW_ALNUMX, CLIENT_SIP => SANATIZE_ALLOW_ALNUMX,
CLIENT_GET_SIP => SANATIZE_ALLOW_DIGIT,
CLIENT_POST_SIP => SANATIZE_ALLOW_DIGIT,
CLIENT_RECORD_ID => SANATIZE_ALLOW_DIGIT, CLIENT_RECORD_ID => SANATIZE_ALLOW_DIGIT,
CLIENT_KEY_SEM_ID => SANATIZE_ALLOW_DIGIT, CLIENT_KEY_SEM_ID => SANATIZE_ALLOW_DIGIT,
CLIENT_KEY_SEM_ID_USER => SANATIZE_ALLOW_DIGIT, CLIENT_KEY_SEM_ID_USER => SANATIZE_ALLOW_DIGIT,
...@@ -140,7 +138,7 @@ class Store { ...@@ -140,7 +138,7 @@ class Store {
STORE_TABLE_COLUMN_TYPES => false, STORE_TABLE_COLUMN_TYPES => false,
STORE_CLIENT => true, STORE_CLIENT => true,
STORE_TYPO3 => false, STORE_TYPO3 => false,
STORE_ZERO => false, STORE_0 => false,
STORE_SYSTEM => false STORE_SYSTEM => false
]; ];
...@@ -169,6 +167,13 @@ class Store { ...@@ -169,6 +167,13 @@ class Store {
* @throws CodeException * @throws CodeException
*/ */
public function setVarArray(array $dataArray, $store, $flagOverwrite = false) { public function setVarArray(array $dataArray, $store, $flagOverwrite = false) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("setVarArray() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if ($flagOverwrite && isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) { if ($flagOverwrite && isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) {
throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_VALUE_ALREADY_CODPIED); throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_VALUE_ALREADY_CODPIED);
...@@ -208,13 +213,6 @@ class Store { ...@@ -208,13 +213,6 @@ class Store {
// copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
$arr = array_merge($_GET, $_POST, $_SERVER); $arr = array_merge($_GET, $_POST, $_SERVER);
# SIP: if POST exist, this means 'form save'. To distinguish load and save, store both.
if (isset($_GET[CLIENT_SIP]))
$arr[CLIENT_GET_SIP] = $_GET[CLIENT_SIP];
if (isset($_POST[CLIENT_SIP]))
$arr[CLIENT_POST_SIP] = $_POST[CLIENT_SIP];
self::setVarArray($arr, STORE_CLIENT, true); self::setVarArray($arr, STORE_CLIENT, true);
} }
...@@ -267,7 +265,11 @@ class Store { ...@@ -267,7 +265,11 @@ class Store {
$useStores = substr($useStores, 1); // shift left remaining stores $useStores = substr($useStores, 1); // shift left remaining stores
if (!isset(self::$raw[$store][$key])) { if (!isset(self::$raw[$store][$key])) {
continue; // no value provided if ($store === STORE_0) {
return 0;
} else {
continue; // no value provided
}
} }
$rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null; $rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null;
...@@ -312,6 +314,13 @@ class Store { ...@@ -312,6 +314,13 @@ class Store {
* @param $store * @param $store
*/ */
public static function unsetStore($store) { public static function unsetStore($store) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("unsetStore() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if (isset(self::$raw[$store])) { if (isset(self::$raw[$store])) {
self::$raw[$store] = array(); self::$raw[$store] = array();
} }
...@@ -354,9 +363,20 @@ class Store { ...@@ -354,9 +363,20 @@ class Store {
* @param $key * @param $key
* @param $value * @param $value
* @param $store * @param $store
* @throws CodeException * @param bool|true $overWrite
* @throws UserException
*/ */
public static function setVar($key, $value, $store) { public static function setVar($key, $value, $store, $overWrite = true) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("setVar() for STORE_ZERO is impossible - there are no values.", ERROR_SET_STORE_ZERO);
if ($overWrite === false && isset(self::$raw[$store][$key])) {
throw new UserException("Value of '$key' already be set in store '$store'.", ERROR_KEY_EXIST_IN_STORE);
}
self::$raw[$store][$key] = $value; self::$raw[$store][$key] = $value;
} }
...@@ -366,13 +386,23 @@ class Store { ...@@ -366,13 +386,23 @@ class Store {
* @return mixed * @return mixed
*/ */
public static function getStore($store) { public static function getStore($store) {
// Check valid Storename
if (!isset(self::$sanatizeStore))
throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);
if ($store === STORE_0)
throw new CodeException("getStore() for STORE_ZERO is impossible - there are no values saved.", ERROR_GET_STORE_ZERO);
if (isset(self::$raw[$store])) { if (isset(self::$raw[$store])) {
return self::$raw[$store]; return self::$raw[$store];
} }
return array(); return array();
} }
/** /**
* Fills STORE_TABLE_DEFAULT and STORE_TABLE_COLUMN_TYPES
*
* @param $tableName * @param $tableName
* @throws CodeException * @throws CodeException
*/ */
...@@ -383,7 +413,6 @@ class Store { ...@@ -383,7 +413,6 @@ class Store {
self::setVarArray(array_column($tableDefinition, 'Default', 'Field'), STORE_TABLE_DEFAULT); self::setVarArray(array_column($tableDefinition, 'Default', 'Field'), STORE_TABLE_DEFAULT);
self::setVarArray(array_column($tableDefinition, 'Type', 'Field'), STORE_TABLE_COLUMN_TYPES); self::setVarArray(array_column($tableDefinition, 'Type', 'Field'), STORE_TABLE_COLUMN_TYPES);
} }
} }
......
...@@ -153,7 +153,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase { ...@@ -153,7 +153,7 @@ class StoreTest extends \PHPUnit_Framework_TestCase {
public function testGetVarStoreZero() { public function testGetVarStoreZero() {
//default prio FSRD //default prio FSRD
$this->assertEquals(0, $this->store->getVar('fakename', '', STORE_ZERO), "Retrieve anything from STORE_ZERO"); $this->assertEquals(0, $this->store->getVar('fakename', '', STORE_0), "Retrieve anything from STORE_ZERO");
} }
public function testUnsetStore() { public function testUnsetStore() {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment