Commit e2892e40 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Define.php: fixed type sanitize

Link: added class global variable $sip, initialized during construct.
Report: call to Link class extended with SIP Parameter.
Variables: removed unused comments
QuickFormQuery: provide the SIP parameter
parent b552c77d
...@@ -319,7 +319,7 @@ class QuickFormQuery { ...@@ -319,7 +319,7 @@ class QuickFormQuery {
* @return string * @return string
*/ */
private function doReport() { private function doReport() {
$report = new Report($this->t3data); $report = new Report($this->t3data, $this->sip);
$html = $report->process(); $html = $report->process();
......
...@@ -33,15 +33,15 @@ define("MERGE_ALL", "merge_all"); ...@@ -33,15 +33,15 @@ define("MERGE_ALL", "merge_all");
define("QUERY", "query"); define("QUERY", "query");
// Definitions for sanatize() strip_tags // Definitions for sanitize() strip_tags
define("TAGS_NONE", "none"); define("TAGS_NONE", "none");
define("TAGS_MARKUP", "markup"); define("TAGS_MARKUP", "markup");
define("TAGS_CUSTOM", "custom"); define("TAGS_CUSTOM", "custom");
define("TAGS_ALL", "all"); define("TAGS_ALL", "all");
// Definitions for sanatize() reaction on changed variables by sanatize them // Definitions for sanitize() reaction on changed variables by sanitize them
define("TAGS_EXCEPTION", "exception"); define("TAGS_EXCEPTION", "exception");
define("TAGS_SANATIZE", "sanatize"); define("TAGS_SANITIZE", "sanitize");
define("TAGS_IGNORE", "ignore"); define("TAGS_IGNORE", "ignore");
// define("LIST_MARKUP_TAGS","<br><p><em><strong><code><samp><kbd><var><cite><dfn><abbr><acronym><q>"); // define("LIST_MARKUP_TAGS","<br><p><em><strong><code><samp><kbd><var><cite><dfn><abbr><acronym><q>");
......
...@@ -71,6 +71,11 @@ class Link { ...@@ -71,6 +71,11 @@ class Link {
private $linkClassSelector = array("i" => "internal", "e" => "external"); private $linkClassSelector = array("i" => "internal", "e" => "external");
private $renderControl, $link = "", $tableName = ""; private $renderControl, $link = "", $tableName = "";
/**
* @var SIP
*/
private $sip = null;
// Simulate global variable: will be set much earlier in other functions. Will be shown in error messages. // Simulate global variable: will be set much earlier in other functions. Will be shown in error messages.
private $fr_error; private $fr_error;
...@@ -95,10 +100,12 @@ class Link { ...@@ -95,10 +100,12 @@ class Link {
* @param string $fr_error * @param string $fr_error
* @param string $dbAlias * @param string $dbAlias
*/ */
public function __construct($fullLevel, $sql, $columnValue, $count, $columnIndex, $fr_error, $dbAlias = '') { public function __construct($fullLevel, $sql, $columnValue, $count, $columnIndex, $fr_error, $dbAlias = '', $sip) {
$this->exceptionBody = "Level: " . $fullLevel . ".sql = " . $sql . "\nRow: " . $count . " , Column: " . $columnIndex . " , Bad link: " . $columnValue . "\n"; $this->exceptionBody = "Level: " . $fullLevel . ".sql = " . $sql . "\nRow: " . $count . " , Column: " . $columnIndex . " , Bad link: " . $columnValue . "\n";
$this->fr_error = $fr_error; $this->fr_error = $fr_error;
$this->dbAlias = $dbAlias; $this->dbAlias = $dbAlias;
$this->sip = $sip;
$this->initRenderControl(); $this->initRenderControl();
} // __construct } // __construct
...@@ -121,7 +128,7 @@ class Link { ...@@ -121,7 +128,7 @@ class Link {
* 3: <a href=url>url</a> * 3: <a href=url>url</a>
* 4: <a href=url>Text</a> * 4: <a href=url>Text</a>
* *
* r=render mode, u=url, t:text und/oder bild * r=render mode, u=url, t:text and/or image.
* *
* [r][u][t] = mode * [r][u][t] = mode
*/ */
...@@ -168,9 +175,6 @@ class Link { ...@@ -168,9 +175,6 @@ class Link {
*/ */
public function renderLink($str, $count, &$hash) { public function renderLink($str, $count, &$hash) {
// fill control array
// $this->initRenderControl();
// str="u:http://www.example.com|c:i|t:delete" // str="u:http://www.example.com|c:i|t:delete"
$parm = explode("|", $str); $parm = explode("|", $str);
......
...@@ -23,6 +23,11 @@ require_once(__DIR__ . '/Sendmail.php'); ...@@ -23,6 +23,11 @@ require_once(__DIR__ . '/Sendmail.php');
class Report { class Report {
/**
* @var SIP
*/
private $sip = null;
/** /**
* @var string * @var string
*/ */
...@@ -74,9 +79,10 @@ class Report { ...@@ -74,9 +79,10 @@ class Report {
* *
* @param array $t3data * @param array $t3data
*/ */
public function __construct(array $t3data) { public function __construct(array $t3data, SIP $sip) {
$this->t3data = $t3data; $this->t3data = $t3data;
$this->sip = $sip;
$this->page_control["msgbox"]["pagec"] = "Please confirm!"; $this->page_control["msgbox"]["pagec"] = "Please confirm!";
...@@ -100,7 +106,7 @@ class Report { ...@@ -100,7 +106,7 @@ class Report {
$this->fr_error["uid"] = $t3data["uid"]; $this->fr_error["uid"] = $t3data["uid"];
$this->fr_error["debug_level"] = 0; $this->fr_error["debug_level"] = 0;
// Sanatize function for POST and GET Parameters. // Sanitize function for POST and GET Parameters.
// Merged URL-Parameter (key1, id etc...) in resultArray. // Merged URL-Parameter (key1, id etc...) in resultArray.
$this->variables->resultArray = array_merge($this->variables->resultArray, array("url." => $this->utils->sanitize()), $this->variables->resultArray = array_merge($this->variables->resultArray, array("url." => $this->utils->sanitize()),
array("global." => $this->variables->collectGlobalVariables())); array("global." => $this->variables->collectGlobalVariables()));
...@@ -158,7 +164,6 @@ class Report { ...@@ -158,7 +164,6 @@ class Report {
// debug(array('function' => 'parseFRLine')); // debug(array('function' => 'parseFRLine'));
} }
// 10.50.5.sql = select ... // 10.50.5.sql = select ...
$arr = explode("=", trim($ttLine), 2); $arr = explode("=", trim($ttLine), 2);
...@@ -380,46 +385,6 @@ class Report { ...@@ -380,46 +385,6 @@ class Report {
// debug(array('full_level' => $full_level)); // debug(array('full_level' => $full_level));
} }
// Do form ?
if (isset($this->frArray[$full_level . "." . "form"])) {
// Trigger 10.form, 20.form...
// Use the form passed by URL via hash
if ($this->frArray[$full_level . "." . "form"] == URL_FORM) {
$hash = $this->variables->resultArray["url."][URL_HASH];
$formName = $_SESSION[FORMREPORT][$hash]['formName'][0];
} else {
// Use the form configured in tt_content
// Replace possible variables for formRecordId
$formRecordId = isset($this->frArray[$full_level . ".formrecordid"]) ? $this->variables->doVariables($this->frArray[$full_level . ".formrecordid"]) : 0;
$formName = $this->frArray[$full_level . ".form"];
// Fill $_SESSION
// If a hash has already been set by url, use that one, otherwise generate a new hash array
if (isset($this->variables->resultArray["url."][URL_HASH])) {
$hash = $this->variables->resultArray["url."][URL_HASH];
// Store all allowed forms in an array
$allowedForms = array();
// If there are already forms in the hash array, keep them
if (is_array($_SESSION[FORMREPORT][$hash]['formName'])) {
$allowedForms = $_SESSION[FORMREPORT][$hash]['formName'];
}
array_push($allowedForms, $formName);
$_SESSION[FORMREPORT][$hash]['formName'] = $allowedForms;
} else {
// Otherwise configure new session array
$hash = $this->form2hash($formName, $formRecordId);
}
}
$full_level = implode(".", $this->indexArray[++$counter]);
continue;
} // Do form
// Prepare SQL: replace variables. // Prepare SQL: replace variables.
$sql = $this->variables->doVariables($this->frArray[$full_level . ".sql"]); $sql = $this->variables->doVariables($this->frArray[$full_level . ".sql"]);
...@@ -435,7 +400,6 @@ class Report { ...@@ -435,7 +400,6 @@ class Report {
//Execute SQL. All errors have been already catched. //Execute SQL. All errors have been already catched.
unset($result); unset($result);
// $this->db->doQueryKeys($this->dbAlias, $sql, $result, $keys, ROW_REGULAR, MERGE_NONE, MYSQL_NUM);
$result = $this->db->sqlKeys($sql, $keys); $result = $this->db->sqlKeys($sql, $keys);
// If an array is returned, $sql was a query, otherwise an 'insert', 'update', 'delete', ... // If an array is returned, $sql was a query, otherwise an 'insert', 'update', 'delete', ...
...@@ -473,9 +437,6 @@ class Report { ...@@ -473,9 +437,6 @@ class Report {
$rowAssoc[$keys[$i]] = $row[$i]; $rowAssoc[$keys[$i]] = $row[$i];
} }
//Fills the Results in the resultArray to substitute variables
// array wird neu einzeln gefuellt $this->tx_fr_variables_pi1->resultArray[$full_level . "."] = $rowAssoc;
// SEP set seperator (empty on first run) // SEP set seperator (empty on first run)
$content .= $columnValueSeperator; $content .= $columnValueSeperator;
$columnValueSeperator = $this->variables->doVariables($this->frArray[$full_level . "." . "sep"]); $columnValueSeperator = $this->variables->doVariables($this->frArray[$full_level . "." . "sep"]);
...@@ -557,31 +518,6 @@ class Report { ...@@ -557,31 +518,6 @@ class Report {
return ($value); return ($value);
} }
/**
* Prepare Session Array with Hash Entry: Only for form
*
* @param $formName
* @param $formRecordId
* @return string
*/
private function form2hash($formName, $formRecordId) {
if ($this->fr_error["debug_level"] >= DEBUG_EXTREME) {
// T3 function: debug()
// debug(array('function' => 'form2hash'));
}
$hash = $this->utils->randomAlphaNumUnique();
$_SESSION[FORMREPORT][$hash]['formName'][0] = $formName;
$_SESSION[FORMREPORT][$hash]['referrer'] = $_SERVER['REQUEST_URI'];
if (is_numeric($formRecordId) && $formRecordId >= 0) {
$_SESSION[FORMREPORT][$hash]['idMap'][1]['recordId'] = $formRecordId;
$_SESSION[FORMREPORT][$hash]['idMap'][1]['param'] = "";
}
return ($hash);
}
/** /**
* Steps through 'row' and collects all columns * Steps through 'row' and collects all columns
* *
...@@ -646,7 +582,7 @@ class Report { ...@@ -646,7 +582,7 @@ class Report {
$content = ""; $content = "";
switch ($columnName) { switch ($columnName) {
case "link": case "link":
$link = new Link($full_level, $this->frArray[$full_level . ".sql"], $columnValue, $rowIndex, $columnIndex, $this->fr_error); $link = new Link($full_level, $this->frArray[$full_level . ".sql"], $columnValue, $rowIndex, $columnIndex, $this->fr_error, $this->sip);
$content .= $link->renderLink($columnValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]); $content .= $link->renderLink($columnValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]);
# unset $link; # unset $link;
break; break;
...@@ -664,7 +600,7 @@ class Report { ...@@ -664,7 +600,7 @@ class Report {
case "Pages": case "Pages":
$linkValue = $this->doFixColPosPage($columnName, $columnValue); $linkValue = $this->doFixColPosPage($columnName, $columnValue);
$link = new Link($full_level, $this->frArray[$full_level . ".sql"], $linkValue, $rowIndex, $columnIndex, $this->fr_error, $this->dbAlias); $link = new Link($full_level, $this->frArray[$full_level . ".sql"], $linkValue, $rowIndex, $columnIndex, $this->fr_error, $this->dbAlias, $this->sip);
$content .= $link->renderLink($linkValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]); $content .= $link->renderLink($linkValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]);
break; break;
...@@ -680,7 +616,7 @@ class Report { ...@@ -680,7 +616,7 @@ class Report {
$linkValue = $this->doPage($columnName, $columnValue); $linkValue = $this->doPage($columnName, $columnValue);
// debug($linkValue); // debug($linkValue);
$link = new Link($full_level, $this->frArray[$full_level . ".sql"], $linkValue, $rowIndex, $columnIndex, $this->fr_error, $this->dbAlias); $link = new Link($full_level, $this->frArray[$full_level . ".sql"], $linkValue, $rowIndex, $columnIndex, $this->fr_error, $this->dbAlias, $this->sip);
$content .= $link->renderLink($linkValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]); $content .= $link->renderLink($linkValue, $rowIndex, $this->frArray[$full_level . "." . "hash." . "$columnIndex"]);
break; break;
...@@ -831,15 +767,6 @@ class Report { ...@@ -831,15 +767,6 @@ class Report {
return $content; return $content;
} }
/**
* The main method of the PlugIn
*
* @param string $content : The PlugIn content
* @param array $conf : The PlugIn configuration
* @return string The content that is displayed on the website
*/
//Checkt ob der Beginn von Array2 gleich ist wie Array1
// gibt true/false zurück
/** /**
* Executes the Command in $cmd * Executes the Command in $cmd
* RC: if RC==0 Returns Output, else 'RC - Output' * RC: if RC==0 Returns Output, else 'RC - Output'
...@@ -867,9 +794,11 @@ class Report { ...@@ -867,9 +794,11 @@ class Report {
* *
* @param string $content : The PlugIn content * @param string $content : The PlugIn content
* @param array $conf : The PlugIn configuration * @param array $conf : The PlugIn configuration
* @return string The content that is displayed on the website * @return string The content that is displayed on the website
*/ */
//Check ob arr1 nur 1 Feld mehr hat als arr2 //Checkt ob der Beginn von Array2 gleich ist wie Array1
// gibt true/false zurück
/** /**
* Renders PageX: convert position content to token content. Respect default values depending on PageX * Renders PageX: convert position content to token content. Respect default values depending on PageX
* *
...@@ -929,6 +858,15 @@ class Report { ...@@ -929,6 +858,15 @@ class Report {
return ($link); return ($link);
} }
/**
* The main method of the PlugIn
*
* @param string $content : The PlugIn content
* @param array $conf : The PlugIn configuration
* @return string The content that is displayed on the website
*/
//Check ob arr1 nur 1 Feld mehr hat als arr2
/** /**
* If there is a value (or a defaultValue): compose it together with qualifier and delimiter. * If there is a value (or a defaultValue): compose it together with qualifier and delimiter.
* *
...@@ -1011,6 +949,31 @@ class Report { ...@@ -1011,6 +949,31 @@ class Report {
return ($columnValue); return ($columnValue);
} }
/**
* Prepare Session Array with Hash Entry: Only for form
*
* @param $formName
* @param $formRecordId
* @return string
*/
private function form2hash($formName, $formRecordId) {
if ($this->fr_error["debug_level"] >= DEBUG_EXTREME) {
// T3 function: debug()
// debug(array('function' => 'form2hash'));
}
$hash = $this->utils->randomAlphaNumUnique();
$_SESSION[FORMREPORT][$hash]['formName'][0] = $formName;
$_SESSION[FORMREPORT][$hash]['referrer'] = $_SERVER['REQUEST_URI'];
if (is_numeric($formRecordId) && $formRecordId >= 0) {
$_SESSION[FORMREPORT][$hash]['idMap'][1]['recordId'] = $formRecordId;
$_SESSION[FORMREPORT][$hash]['idMap'][1]['param'] = "";
}
return ($hash);
}
/** /**
* Generate SortArgument * Generate SortArgument
* *
......
...@@ -132,40 +132,20 @@ class Variables { ...@@ -132,40 +132,20 @@ class Variables {
$arr["t3_name"] = $typo_db; $arr["t3_name"] = $typo_db;
return ($arr); return ($arr);
} // eo collectGlobalVariables }
public function linearizeArray($arr, &$return, $keypath = "") { /**
* @param $arr
* @param $return
* @param string $keyPath
*/
public function linearizeArray($arr, &$return, $keyPath = "") {
if (is_array($arr)) { if (is_array($arr)) {
foreach ($arr as $key => $value) { foreach ($arr as $key => $value) {
$this->linearizeArray($value, $return, $keypath . "_" . $key); $this->linearizeArray($value, $return, $keyPath . "_" . $key);
} }
} else { } else {
$return[ltrim($keypath, "_")] = $arr; $return[ltrim($keyPath, "_")] = $arr;
} }
} // linearizeArray() }
/**
* Method to circumvate 'Undefined index'
*
* @param $varName
* @param $firstLevel
* @return string
*/
// public function get($varName, $firstLevel, $secondLevel = false) {
// if (!isset($this->$varName))
// $this->$varName = array();
//
// if (!isset($this->$varName[$firstLevel]))
// $this->$varName[$firstLevel] = array();
//
// if ($secondLevel !== false && !isset($this->$varName[$firstLevel][$secondLevel]))
// $this->$varName[$firstLevel][$secondLevel] = array();
//
// if ($secondLevel === false) {
// return $this->$varName[$firstLevel];
// } else {
// return $this->$varName[$firstLevel][$secondLevel];
// }
// return '';
// }
} }
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment