Store: unescape characters submitted by post.

formEditor: fixed typo

Store: unescape characters submitted by post.
formEditor: fixed typo
cd98246d · Carsten Rose · 149129d2 · cd98246d · cd98246d · cd98246d
Commit cd98246d authored Feb 11, 2016 by Carsten Rose
--- a/extension/qfq/qfq/Save.php
+++ b/extension/qfq/qfq/Save.php
@@ -76,6 +76,7 @@ class Save {

        $tableColumns = array_keys($this->store->getStore(STORE_TABLE_COLUMN_TYPES));
        $clientValues = $this->store->getStore(STORE_CLIENT);
+
        $sipValues = $this->store->getStore(STORE_SIP);

        // Iterate over all table.columns. Built an assoc array $newValues.

--- a/extension/qfq/qfq/store/Store.php
+++ b/extension/qfq/qfq/store/Store.php
@@ -160,7 +160,7 @@ class Store {
        } catch (\Exception $e) {
            throw new qfq\UserException ("Error read file " . QFQ_INI . ": " . $e->getMessage(), ERROR_READ_FILE);
        }
-        self::setVarArray($config, STORE_SYSTEM,true);
+        self::setVarArray($config, STORE_SYSTEM, true);
    }

    /**
@@ -215,6 +215,11 @@ class Store {
        // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
        $arr = array_merge($_GET, $_POST, $_SERVER);

+        //TODO: CR - I do not understand why the parameter are escaped?! Remove the backslashes.
+        foreach ($arr as $key => $val) {
+            $arr[$key] = stripslashes($val);
+        }
+
        self::setVarArray($arr, STORE_CLIENT, true);
    }

@@ -389,7 +394,7 @@ class Store {
     */
    public static function getStore($store) {
        // Check valid Storename
-        if (!isset(self::$sanatizeStore))
+        if (!isset(self::$sanatizeStore[$store]))
            throw new UserException("Unknown Store: $store", ERROR_UNNOWN_STORE);

        if ($store === STORE_ZERO)

--- a/extension/qfq/sql/formEditor.sql
+++ b/extension/qfq/sql/formEditor.sql
@@ -221,4 +221,4 @@ INSERT INTO FormElement (id, formId, name, label, mode, type, class, ord, size,
 VALUES

  (200, 3, 'name', 'Name', 'show', 'text', 'native', 10, 50, 255, '', '', '', '', '', '', 0, 'no'),
-  (201, 3, 'firstName', 'Firstname', 'show', 'text', 'native', 10, 50, 255, '', '', '', '', '', '', 0, 'no');
+  (201, 3, 'firstname', 'Firstname', 'show', 'text', 'native', 10, 50, 255, '', '', '', '', '', '', 0, 'no');
--- a/extension/qfq/tests/phpunit/StoreTest.php
+++ b/extension/qfq/tests/phpunit/StoreTest.php
@@ -179,6 +179,10 @@ class StoreTest extends \PHPUnit_Framework_TestCase {
        $this->assertEquals(false, $this->store->getVar('apple', STORE_RECORD), "Retrieve a value from store.");
    }

+    /**
+     * @expectedException \qfq\UserException
+     *
+     */
    public function testGetStore() {
        $this->assertEquals(array(), $this->store->getStore('unknownstore'));
    }