Commit f9a8e5f7 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Merge branch 'master' into F7904RestAPIExportviaForm

parents dba0f5df 2cc4c4da
......@@ -36,6 +36,35 @@ Features
Bug Fixes
^^^^^^^^^
Version 19.2.1
--------------
Date: 16.2.19
Notes
^^^^^
* New default session timeout: if nothing special is needed, leave the config.sessionTimeout empty. If there is an old value
best is to remove it.
* Variables with escape class='p' now hashes the content to be used as T3 FE passwords. This let's QFQ handle FE User
registration or password reset.
Features
^^^^^^^^
* Manual.rst: update pathFilename to pathFileName an all places.
* Apply padding-top|botttom to fieldset via qfq-fieldset class.
* F7165 / fe user registration. New escape type 'p' for T3 passwords.
Bug Fixes
^^^^^^^^^
* #7634 / Session Timeout too short. Annoying 'session expired' message removed. Default timeout now takes the system defautl.
* #7864 / 'required'-FE Elements, deactivated via formModeGlobal=requiredOff missed the read marker. Class
'required-field' is now always assigned. The final 'required' mode is still temporarily disabled.
* #7848 / extraColumName 'paged' - easier handling in case 'r=0' or empty 'U:...' - fixes #7848
Version 19.2.0
--------------
......@@ -44,6 +73,7 @@ Date: 07.02.2019
Bug Fixes
^^^^^^^^^
* #7714 / autocron fails to open logfiles - adjust CWD based on argv(0).
......@@ -64,14 +94,15 @@ Features
* SQL Error / underlining in exception dialog: Add two SQL errors to be underlined in exceptions. Extend to "... in 'order clause'"
* Extend allowed SQL commands in QFQ vars (have been already subscribed in that way in Manual.rst).
* #6914 / Customized typeMessageViolation. Incl. unit tests. New escape mode 'C' - escapes ':' by '\'.' - useful for variables in variable definition.
* New escape mode 'C' - escapes ':' by '\'.' - useful for variables in variable definition.
* fillStoreVar: Replace setStore() with appendToStore()
* #6914 / Customized typeMessageViolation. Incl. unit tests.
* #7743 / Move error messages to Constants.php. Unit tests use those constants now. 'data-pattern-error' only delivered
if a 'pattern' is given. 'required' attribute only delivered is set. Detection of 'pattern error' on per QFQ default,
custom instance wide, per form or per FormElement - per FormElement overwrites other. Move default pattern to constants.
Make default error text more specific (only if default error text is not explicit set in config, form or form-element)
* #7747 / New options to import Excel files: importNamedSheetsOnly, importSetReadDataOnly, importListSheetNames
* #7684 / Optional hide second button (cancel) in link/question alerts.
* fillStoreVar: Replace setStore() with appendToStore()
Bug Fixes
^^^^^^^^^
......
......@@ -53,12 +53,12 @@ Neue Versionsnummer
* Update the version number in this document (topic 6)
* Commit & Push new version changes to master branch:
New version 19.2.0
New version 19.2.1
6) **New Tag**:
git tag v19.2.0
git push -u origin v19.2.0
git tag v19.2.1
git push -u origin v19.2.1
7) Tickets:
* Schliessen und der QFQ Version zuweisen.
......
......@@ -1234,8 +1234,18 @@ Rules for CheckType Auto (by priority):
Escape
------
a) Variables used in SQL Statements might cause trouble by using: NUL (ASCII 0), \\n, \\r, \\, ', ", or Control-Z.
b) Converting content like 'password' hashing.
To 'escape' a character typically means: a character, which have a special meaning/function, should not treated as a special
character.
E.g. a string is surrounded by single ticks '. If such a string should contain a single tick inside (like 'Miller's'),
the inside single tick has to be escaped. This is typically done by a backlash: 'Millers\\'s'.
QFQ offers different ways of escaping. Which of them to use, depends on the situation.
Especially variables used in SQL Statements might cause trouble when using: NUL (ASCII 0), \\n, \\r, \\, ', ", or Control-Z.
Additional there is the escape class 'p' (password hash) which is not 'escape' but hashing. It transforms the value of
the variable into a hash. The hash function is the one used by Typo3 to encrypt and salt a password. This is useful to
manipulate FE user passwords via QFQ. See `setFeUserPassword`_
The following `escape` and `hashing` types are available:
......@@ -1246,7 +1256,7 @@ The following `escape` and `hashing` types are available:
* 'd' - double ticks " will be escaped against \\".
* 'C' - colon ':' will be escaped against \\:.
* 'c' - config - the escape type configured in `configuration`_.
* 'p' - password hashing: depends on the hashing type in the current Typo3 installation, including any salting.
* 'p' - password hashing: depends on the hashing type in the Typo3 installation, includes salting if configured.
* '' - the escape type configured in `configuration`_.
* '-' - no escaping.
......@@ -6381,8 +6391,7 @@ Example: ::
'y:hello world (link)|t:content direct (link)' AS _link,
CONCAT('F:', p.pathFileName,'|t:File (yank)|o:', p.pathFileName) AS _yank,
CONCAT('y|F:', p.pathFileName,'|t:File (link)|o:', p.pathFileName) AS _link
FROM Person AS p
                  
FROM Person AS p  
.. _download:
......@@ -7696,6 +7705,33 @@ To define a typeahead list of T3 page alias names: ::
FE.parameter.typeAheadSql = SELECT p.alias FROM {{dbNameT3:Y}}.pages AS p WHERE p.deleted=0 AND p.alias!='' AND p.alias LIKE ? ORDER BY p.alias LIMIT 20
FE.parameter.typeAheadMinLength = 1
.. _setFeUserPassword:
Set FE-User password
^^^^^^^^^^^^^^^^^^^^
To offer an FE User the possibility to change the own T3 FE password, create a form: ::
f.name = changeFePassword
f.title = Change Password
f.table = Person (QFQ Table, not T3)
f.permitNew = never
f.permitEdit = sip
fe[1].name = myPassword
fe[1].title = Password
fe[1].class = native
fe[1].type = password
fe[1].mode = required
fe[1].parameter = retype
fe[2].class = action
fe[2].type = afterSave
fe[2].parameter = sqlAfter={{UPDATE {{dbNameT3:Y}}.fe_users SET password='{{myPassword:FE:all:p}} WHERE username='{{feUser:T}}' AND deleted=0
Call the form via SIP on an existing record. Often QFQ has an own table for persons and also the current user exist in T3
fe_users table.
Logging
-------
......
......@@ -36,6 +36,35 @@ Features
Bug Fixes
^^^^^^^^^
Version 19.2.1
--------------
Date: 16.2.19
Notes
^^^^^
* New default session timeout: if nothing special is needed, leave the config.sessionTimeout empty. If there is an old value
best is to remove it.
* Variables with escape class='p' now hashes the content to be used as T3 FE passwords. This let's QFQ handle FE User
registration or password reset.
Features
^^^^^^^^
* Manual.rst: update pathFilename to pathFileName an all places.
* Apply padding-top|botttom to fieldset via qfq-fieldset class.
* F7165 / fe user registration. New escape type 'p' for T3 passwords.
Bug Fixes
^^^^^^^^^
* #7634 / Session Timeout too short. Annoying 'session expired' message removed. Default timeout now takes the system defautl.
* #7864 / 'required'-FE Elements, deactivated via formModeGlobal=requiredOff missed the read marker. Class
'required-field' is now always assigned. The final 'required' mode is still temporarily disabled.
* #7848 / extraColumName 'paged' - easier handling in case 'r=0' or empty 'U:...' - fixes #7848
Version 19.2.0
--------------
......
......@@ -2,8 +2,8 @@
[general]
project = QFQ - Quick Form Query
version = 19.2
release = 19.2.0
version = 19.2
release = 19.2.1
t3author = Carsten Rose
copyright = since 2017 by the author
......
......@@ -59,7 +59,7 @@ copyright = u'2017, Carsten Rose'
# The short X.Y version.
version = '19.2'
# The full version, including alpha/beta/rc tags.
release = '19.2.0'
release = '19.2.1'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
......
......@@ -36,6 +36,35 @@ Features
Bug Fixes
^^^^^^^^^
Version 19.2.1
--------------
Date: 16.2.19
Notes
^^^^^
* New default session timeout: if nothing special is needed, leave the config.sessionTimeout empty. If there is an old value
best is to remove it.
* Variables with escape class='p' now hashes the content to be used as T3 FE passwords. This let's QFQ handle FE User
registration or password reset.
Features
^^^^^^^^
* Manual.rst: update pathFilename to pathFileName an all places.
* Apply padding-top|botttom to fieldset via qfq-fieldset class.
* F7165 / fe user registration. New escape type 'p' for T3 passwords.
Bug Fixes
^^^^^^^^^
* #7634 / Session Timeout too short. Annoying 'session expired' message removed. Default timeout now takes the system defautl.
* #7864 / 'required'-FE Elements, deactivated via formModeGlobal=requiredOff missed the read marker. Class
'required-field' is now always assigned. The final 'required' mode is still temporarily disabled.
* #7848 / extraColumName 'paged' - easier handling in case 'r=0' or empty 'U:...' - fixes #7848
Version 19.2.0
--------------
......@@ -44,6 +73,7 @@ Date: 07.02.2019
Bug Fixes
^^^^^^^^^
* #7714 / autocron fails to open logfiles - adjust CWD based on argv(0).
......@@ -64,14 +94,15 @@ Features
* SQL Error / underlining in exception dialog: Add two SQL errors to be underlined in exceptions. Extend to "... in 'order clause'"
* Extend allowed SQL commands in QFQ vars (have been already subscribed in that way in Manual.rst).
* #6914 / Customized typeMessageViolation. Incl. unit tests. New escape mode 'C' - escapes ':' by '\'.' - useful for variables in variable definition.
* New escape mode 'C' - escapes ':' by '\'.' - useful for variables in variable definition.
* fillStoreVar: Replace setStore() with appendToStore()
* #6914 / Customized typeMessageViolation. Incl. unit tests.
* #7743 / Move error messages to Constants.php. Unit tests use those constants now. 'data-pattern-error' only delivered
if a 'pattern' is given. 'required' attribute only delivered is set. Detection of 'pattern error' on per QFQ default,
custom instance wide, per form or per FormElement - per FormElement overwrites other. Move default pattern to constants.
Make default error text more specific (only if default error text is not explicit set in config, form or form-element)
* #7747 / New options to import Excel files: importNamedSheetsOnly, importSetReadDataOnly, importListSheetNames
* #7684 / Optional hide second button (cancel) in link/question alerts.
* fillStoreVar: Replace setStore() with appendToStore()
Bug Fixes
^^^^^^^^^
......
......@@ -12,7 +12,7 @@ $EM_CONF[$_EXTKEY] = array(
'dependencies' => 'fluid,extbase',
'clearcacheonload' => true,
'state' => 'stable',
'version' => '19.2.0',
'version' => '19.2.1',
'constraints' => [
'depends' => [
'typo3' => '6.0.0-9.2.99',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment