Sanitize.php, FillStoreForm.php, Store.php, Manual.rst: Corrections. Replace...

Sanitize.php, FillStoreForm.php, Store.php, Manual.rst: Corrections. Replace 'sanatize' against 'sanitize'.

Sanitize.php, FillStoreForm.php, Store.php, Manual.rst: Corrections. Replace...
Sanitize.php, FillStoreForm.php, Store.php, Manual.rst: Corrections. Replace 'sanatize' against 'sanitize'.
fa36ff58 · Carsten Rose · 670e6276 · fa36ff58 · fa36ff58 · fa36ff58
Commit fa36ff58 authored Jun 30, 2017 by Carsten Rose
--- a/doc/PROTOCOL.md
+++ b/doc/PROTOCOL.md
@@ -356,7 +356,7 @@ Server Response
 ## Glossary

 SIP
-:   tbd
+:   Server Id Pairs 

 HTML Form Element
 :   Any `<input>` or `<select>` HTML tag. Synonymous to *Form Element*.

--- a/extension/Documentation/Manual.rst
+++ b/extension/Documentation/Manual.rst
@@ -750,7 +750,7 @@ defining the `escape` modifier `m`.

 **QFQ notice**:

-* Variables passed by the client (=Browser) are untrusted and use the default sanatize class 'digit' (if nothing else is
+* Variables passed by the client (=Browser) are untrusted and use the default sanitize class 'digit' (if nothing else is
  specified). If alpha characters are submitted, the content violates `digit` and becomes therefore empty - there is no
  error message. Best is to always use SIP or digits.

@@ -903,7 +903,7 @@ Predefined variable names
 Store: *FORM* - F
 ^^^^^^^^^^^^^^^^^

-* Sanatized: *yes*
+* Sanitized: *yes*
 * Represents the values in the form, typically before saving them.
 * Used for:

@@ -922,7 +922,7 @@ Store: *FORM* - F
 Store: *SIP* - S
 ^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*
 * Filled automatically by creating links. E.g.:

  * in `Report` by using `_page?` or `_link` (with active 's')
@@ -949,7 +949,7 @@ Store: *SIP* - S
 Store: *RECORD* - R
 ^^^^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*
 * Current record loaded in Form.
 * If r=0, all values are empty.

@@ -964,7 +964,7 @@ Store: *RECORD* - R
 Store: *BEFORE* - B
 ^^^^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*
 * Current record loaded in Form without any modification.
 * If r=0, all values are empty.

@@ -981,7 +981,7 @@ This store is handy to compare new and old values of a form.
 Store: *CLIENT* - C
 ^^^^^^^^^^^^^^^^^^^

-* Sanatized: *yes*
+* Sanitized: *yes*

 +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
 | Name                    | Explanation                                                                                                                              |
@@ -1012,7 +1012,7 @@ Store: *CLIENT* - C
 Store: *TYPO3* (Bodytext) - T
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*

 +-------------------------+-------------------------------------------------------------------+----------+
 | Name                    | Explanation                                                       | Note     |
@@ -1046,7 +1046,7 @@ Store: *TYPO3* (Bodytext) - T
 Store: *VARS* - V
 ^^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*

 +-------------------------+--------------------------------------------------------------------------------------------------------------------------------------------+
 | Name                    | Explanation                                                                                                                                |
@@ -1065,7 +1065,7 @@ Store: *VARS* - V
 Store: *LDAP* - L
 ^^^^^^^^^^^^^^^^^

-* Sanatized: *yes*
+* Sanitized: *yes*
 * See also :ref:`LDAP`:

 +-------------------------+--------------------------------------------------------------------------------------------------------------------------------------------+
@@ -1081,7 +1081,7 @@ Store: *LDAP* - L
 Store: *SYSTEM* - Y
 ^^^^^^^^^^^^^^^^^^^

-* Sanatized: *no*
+* Sanitized: *no*

 +-------------------------+--------------------------------------------------------------------------+
 | Name                    | Explanation                                                              |
@@ -1329,7 +1329,7 @@ accessing STORE_LDAP easily, the keys are implemented case insensitive for this

 The FLS happens *before* the main *FormElement* processing starts. Therefore the fetched LDAP data (specified by *ldapAttributes*),
 are available via `{{<attributename>:L:allbut:s}}` during the regular *FormElement* processing. Take care to specify
-a sanatize class and optional escaping on further processing of those data.
+a sanitize class and optional escaping on further processing of those data.

 Important: LDAP access might slow down the *Form* processing on load, update or save! The timeout (default: 3 seconds) have
 to be multiplied by the number of accesses. E.g. a broken LDAP connection and 3 *FormELements* with *FSL*
@@ -2141,7 +2141,7 @@ Note: If there are multiple pills defined on a form, only the first pill will be
 extraButtonLock
 ;;;;;;;;;;;;;;;

-* The user has to click on the lock, before it's possible to change the value. This will protect data against unwanted modifcation.
+* The user has to click on the lock, before it's possible to change the value. This will protect data against unwanted modification.
 * After Form load, the value is shown, but not editable.
 * Shows a 'lock' on the right side of an input element of type `text`, `date`, `time` or `datetime`.
 * This option is not available for FormElements with `mode=readonly`.
@@ -2598,7 +2598,7 @@ and will be processed after saving the primary record and before any action Form

        fileDestination={{SELECT 'fileadmin/user/pictures/', p.name, '-{{filename}}' FROM Person AS p WHERE p.id={{id:R0}} }}

-      * The original filename will be sanatized: only alnum characters are allowed. German 'umlaut' will be replaced by
+      * The original filename will be sanitized: only alnum characters are allowed. German 'umlaut' will be replaced by
        'ae', 'ue', 'oe'. All non valid characters will be replaced by '-'.

    * If a file already exist under `fileDestination`, an error message is shown and 'save' is aborted. The user has no
@@ -2935,7 +2935,7 @@ To make a form dynamic:

 See #3426 / Dynamic Update: Inputs loose the new content and shows the old value:

-* On **all** `dynamic update` *FormElements* an explicit definition of `value`, including a sanatize class, is necessary
+* On **all** `dynamic update` *FormElements* an explicit definition of `value`, including a sanitize class, is necessary
  (except the field is numeric). **A missing definition let's the content overwrite all the time with the old value**.
  A typical definition for `value` looks like::

@@ -2948,8 +2948,8 @@ See #3426 / Dynamic Update: Inputs loose the new content and shows the old value

    [receiving *FormElement*].parameter: itemList={{ SELECT IF({{carPriceRange:FE:alnumx}}='expensive','Ferrari,Tesla,Jaguar','General Motors,Honda,Seat,Fiat') }}

-  Remember to specify a 'sanatize' class - a missing sanatize class means 'digit', every content, which is not numeric,
-  violates the sanatize class and becomes therefore an empty string!
+  Remember to specify a 'sanitize' class - a missing sanitize class means 'digit', every content, which is not numeric,
+  violates the sanitize class and becomes therefore an empty string!


 Examples
@@ -3680,8 +3680,8 @@ FAQ

 * Q: A variable {{<var>}} is shown as empty string, but there should be a value.

-   * A: The sanatize rule is violeted and therefore the value has been removed. Set {{<var>:<store>:all}} as a test.
-     Only STORE_CLIENT and STORE_FORM will be sanatized.
+   * A: The sanitize rule is violeted and therefore the value has been removed. Set {{<var>:<store>:all}} as a test.
+     Only STORE_CLIENT and STORE_FORM will be sanitized.


 Report
@@ -5304,5 +5304,5 @@ QFQ specific
 Variable empty: {{...}}
 ^^^^^^^^^^^^^^^^^^^^^^^

-Specify the required sanatize class. Remember: for STORE_FORM and STORE_CLIENT the default is `digit`. This means if
-the variable content is a string, this violates the sanatize class and the replaced content will be an empty string!
\ No newline at end of file
+Specify the required sanitize class. Remember: for STORE_FORM and STORE_CLIENT the default is `digit`. This means if
+the variable content is a string, this violates the sanitize class and the replaced content will be an empty string!
\ No newline at end of file
--- a/extension/qfq/qfq/Constants.php
+++ b/extension/qfq/qfq/Constants.php
@@ -66,8 +66,8 @@ const SANITIZE_ALLOW_ALLBUT = "allbut";
 const SANITIZE_ALLOW_ALL = "all";
 const SANITIZE_DEFAULT = SANITIZE_ALLOW_DIGIT;

-const SANATIZE_EXCEPTION = 'exception';
-const SANATIZE_EMPTY_STRING = 'empty string';
+const SANITIZE_EXCEPTION = 'exception';
+const SANITIZE_EMPTY_STRING = 'empty string';

 // Index wrap setup table
 const WRAP_SETUP_TITLE = 'title';

--- a/extension/qfq/qfq/helper/Sanitize.php
+++ b/extension/qfq/qfq/helper/Sanitize.php
@@ -32,14 +32,14 @@ class Sanitize {
     *   If check fails, depending on $mode, throws an UserException or return an empty string.
     *
     * @param string $value value to check
-     * @param string $sanatizeClass SANITIZE_ALLOW_*
+     * @param string $sanitizeClass SANITIZE_ALLOW_*
     * @param string $patternOrRange Pattern as regexp or MIN|MAX values
-     * @param string $mode SANATIZE_EXCEPTION | SANATIZE_EMPTY_STRING
+     * @param string $mode SANITIZE_EXCEPTION | SANITIZE_EMPTY_STRING
     * @return string
     * @throws UserFormException
     * @throws \qfq\CodeException
     */
-    public static function sanitize($value, $sanatizeClass = SANITIZE_DEFAULT, $patternOrRange = '', $mode = SANATIZE_EMPTY_STRING) {
+    public static function sanitize($value, $sanitizeClass = SANITIZE_DEFAULT, $patternOrRange = '', $mode = SANITIZE_EMPTY_STRING) {
        $pattern = '';
        $minMax = array();
        $valueCompare = '';
@@ -47,7 +47,7 @@ class Sanitize {
        $errorText = '';

        // Prepare MIN|MAX
-        switch ($sanatizeClass) {
+        switch ($sanitizeClass) {
            case SANITIZE_ALLOW_MIN_MAX:
                $minMax = explode('|', $patternOrRange);
                $valueCompare = $value;
@@ -79,7 +79,7 @@ class Sanitize {
        }

        // Prepare Check
-        switch ($sanatizeClass) {
+        switch ($sanitizeClass) {
            case SANITIZE_ALLOW_MIN_MAX:
            case SANITIZE_ALLOW_MIN_MAX_DATE:

@@ -104,14 +104,14 @@ class Sanitize {
            case SANITIZE_ALLOW_ALNUMX:
            case SANITIZE_ALLOW_ALLBUT:
                $arr = self::inputCheckPatternArray();
-                $pattern = $arr[$sanatizeClass];
+            $pattern = $arr[$sanitizeClass];
                break;

            case SANITIZE_ALLOW_ALL: // no checktype specified.
                return $value;

            default:
-                throw new CodeException("Unknown checkType: " . $sanatizeClass, ERROR_UNKNOWN_CHECKTYPE);
+                throw new CodeException("Unknown checkType: " . $sanitizeClass, ERROR_UNKNOWN_CHECKTYPE);
        }

        // No error until here: do a final check
@@ -122,9 +122,9 @@ class Sanitize {
                $errorCode = ERROR_PATTERN_VIOLATION;
        }

-        if ($mode === SANATIZE_EXCEPTION) {
+        if ($mode === SANITIZE_EXCEPTION) {
            if ($errorText === '')
-                $errorText = "Value '$value' violates checkrule " . $sanatizeClass . " with pattern '$pattern'.";
+                $errorText = "Value '$value' violates checkrule " . $sanitizeClass . " with pattern '$pattern'.";
            throw new UserFormException($errorText, $errorCode);
        }


--- a/extension/qfq/qfq/store/FillStoreForm.php
+++ b/extension/qfq/qfq/store/FillStoreForm.php
@@ -223,7 +223,7 @@ class FillStoreForm {
                            $val = $clientValues[$clientFieldName];
                            // Check only if their is something
                            if ($val !== '') {
-                                $val = Sanitize::sanitize($val, $formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN], SANATIZE_EXCEPTION);
+                                $val = Sanitize::sanitize($val, $formElement[FE_CHECK_TYPE], $formElement[FE_CHECK_PATTERN], SANITIZE_EXCEPTION);
                                if ($formElement[FE_ENCODE] === FE_ENCODE_SPECIALCHAR) {
                                    $val = htmlspecialchars($val, ENT_QUOTES);
                                }

--- a/extension/qfq/qfq/store/Store.php
+++ b/extension/qfq/qfq/store/Store.php
@@ -459,7 +459,7 @@ class Store {
                    // We do not have any pattern or min|max values at this point. For those who be affected, they already checked earlier. So set 'no check'
                    $sanitizeClass = SANITIZE_ALLOW_ALL;
                }
-                return \qfq\Sanitize::sanitize($rawVal, $sanitizeClass, '', SANATIZE_EMPTY_STRING);
+                return \qfq\Sanitize::sanitize($rawVal, $sanitizeClass, '', SANITIZE_EMPTY_STRING);
            } else {
                if ($store == STORE_SIP && (substr($key, 0, $len) == SIP_PREFIX_BASE64)) {
                    $rawVal = base64_decode($rawVal);

--- a/extension/qfq/tests/phpunit/SanitizeTest.php
+++ b/extension/qfq/tests/phpunit/SanitizeTest.php
@@ -263,7 +263,7 @@ class SanitizeTest extends \PHPUnit_Framework_TestCase {
     * @expectedException \qfq\UserFormException
     */
    public function testSanitizeExceptionCheckFailed() {
-        Sanitize::sanitize('string', SANITIZE_ALLOW_DIGIT, '', SANATIZE_EXCEPTION);
+        Sanitize::sanitize('string', SANITIZE_ALLOW_DIGIT, '', SANITIZE_EXCEPTION);
    }

    /**