1. 11 Jun, 2017 1 commit
    • Carsten  Rose's avatar
      #3875 / FormElement 'extra': Fehler bei neuen Records. · 1117d36b
      Carsten Rose authored
      QFQ complains that the given SIP parameter is already defined. Problem is the pre filling of Store SIP, which normally happens only during form load. But the new 'saving a new record (r=0) and redirecting the browser to the same page with the new record id', requires a new SIP. That SIP is calculated before form-load and causes the exception. Fix: defined parameter in a store, which will be redefined with the same value, wont' throw an exception anymore.
      Store.php: compare old and new value and only if they differ throw an exception.
      1117d36b
  2. 10 Jun, 2017 3 commits
  3. 05 Jun, 2017 3 commits
  4. 04 Jun, 2017 1 commit
  5. 03 Jun, 2017 3 commits
  6. 01 Jun, 2017 1 commit
  7. 27 May, 2017 1 commit
  8. 24 May, 2017 4 commits
  9. 23 May, 2017 2 commits
  10. 22 May, 2017 1 commit
  11. 18 May, 2017 2 commits
  12. 12 May, 2017 2 commits
  13. 09 May, 2017 1 commit
    • Carsten  Rose's avatar
      #3679, Automatic DB update - Schema & FormEditor · 05b32a30
      Carsten Rose authored
      For updates of QFQ prior to 0.17.0, do:   ALTER TABLE  `Form` COMMENT =  'Version=<your old QFQ version>'
      DatabaseUpdate.php, DatabaseUpdateData.php: new class.
      QuickFormQuery.php: Add DB UpdateCheck
      Database.php: moved to new subdirectory `database`. Add 'ALTER' as a new SQL command.
      FormAction.php, TypeAhead.php, Report.php, Sendmail.php, FillStoreForm.php, Store.php, AbstractBuild.php, Delete.php, Evaluate.php: Update path to Database.php.
      05b32a30
  14. 24 Apr, 2017 2 commits
    • Carsten  Rose's avatar
      Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
      Carsten Rose authored
      Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
      Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
      
      Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
      Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
      Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
      Evaluate.php: Respect global escapeTypeDefault. Implement
      formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
      ba817c0e
    • Carsten  Rose's avatar
      Security: Encoding and Honepot vars. · bd606a8f
      Carsten Rose authored
      Manual.rst: small abstract about implemented security enhancements in QFQ.
      Sanatize.php: New function urlDecodeArr(). Decode all _GET vars.
      AbstractBuildForm.php, BuildFormBootstrap.php: form head now contains the honeypot vars.
      bd606a8f
  15. 23 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      Implement 'encode=specialchar' - new option per formElement. · 434cac36
      Carsten Rose authored
      Play: ALTER TABLE  `FormElement` ADD  `encode` ENUM(  'none',  'specialchar' ) NOT NULL DEFAULT  'specialchar' AFTER  `subrecordOption` ;
      Play: formEditor.sql
      
      Attention: FEs with text=editor needs actions - the default of 'specialchar' prohibits saving of HTML tags.
      
      FillStoreForm.php: Submitted values will be specialchars() before copying to STORE_FORM.
      AbstractBuildForm.php: Counterpart of FillStoreForm.php - will htmlspecialchars_decode() values read from database. Replace 'checkType' and 'checkPattern' with CONSTANTS.
      formEditor.sql: Added new column in FormElement. Add new FormElement 'encode' in FormElement-Editor. Add column 'encode' to all FormElement records.
      434cac36
  16. 13 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3573 / TypeaheadLdap: Prefetch funktioniert nicht · d645dee0
      Carsten Rose authored
      Manual.rst: Prefetch doc enhanced.
      Ldap.php: replacement of '?' in LDAP search not processed with MODE_LDAP_PREFETCH - fixed. FE_TYPEAHEAD_LDAP_KEY_PRINTF renamed to FE_TYPEAHEAD_LDAP_ID_PRINTF
      AbstractBuildForm.php: copy 'FE_TYPEAHEAD_LDAP_ID_PRINTF' to SIP seems never be done - fixed
      d645dee0
  17. 12 Apr, 2017 1 commit
  18. 10 Apr, 2017 1 commit
  19. 09 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3536 / a) Datum (datetime / timestamp) werden nicht angezeigt, b) Angezeigte... · 502efdb9
      Carsten Rose authored
      #3536 / a) Datum (datetime / timestamp) werden nicht angezeigt, b) Angezeigte Datumsformat String und aktzeptierte Eingabe matchen nicht
      Neu wird bei QFQ date/time/datetime kein HTML INPUT type=date|time|datetime-local mehr generiert, sondern ein 'text' - damit verlieren wir die Browserinternen Datepicker (Chrome, Opera) aber gewinnen die Kontrolle die Datumsformateingabe zurueck.
      502efdb9
  20. 05 Apr, 2017 1 commit
  21. 04 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3502 / TemplateGroups: Checkboxen werden beim ersten Speichern (insert) nicht... · 246aeeab
      Carsten Rose authored
      #3502 / TemplateGroups: Checkboxen werden beim ersten Speichern (insert) nicht geschrieben - ein anschliessendes Update ist ok
      Das Problem tritt nur auf bei MultiCheckboxen. Neu werden im Store  STORE_ADDITIONAL_FORM_ELEMENTS (ist bereits frueher, extra fuer Checkboxen, eingefuehrt worden) fuer alle TemplateGroup FEs (type=checkbox) die Fake Elemente angelegt. Dazu wird neu NAME_TG_COPIES in dem FEs gefuellt mit dem 'TG max copies'-Wert.
      246aeeab
  22. 03 Apr, 2017 1 commit
  23. 02 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3385 / templateGroup: insert/update/delete non primary records · 8db50d60
      Carsten Rose authored
      Manual.rst: update doc how to insert/update/delete non primary templateGroup records.
      FormAction.php: removed $templateGroupIndex - solved implicit by defining a LIMIT on 'slaveId' . Implemented '%D' (one below %d). Implemented FE_SQL_HONOR_FORM_ELEMENTS - reduces unecassary SQL queries.
      HelperFormElement.php: moved function 'explodeTemplateGroupElements()' to 'QuickFormQuery.php'
      Database.php: remove call to explodeTemplateGroupElements() - not necessary at that place.
      QuickFormQuery.php: fill STORE_RECORD during Formload - to read templateGroup records very early. Local copy of `getNativeFormElements()`, new `explodeTemplateGroupElements()`
      8db50d60
  24. 30 Mar, 2017 1 commit
  25. 29 Mar, 2017 2 commits
    • Carsten  Rose's avatar
      #3463 / form.mode=readonly · d84dad1a
      Carsten Rose authored
      Implemented the option to make a form `readonly`. this can be done statically or dynamically via variable (e.g. SIP).
      QuickFormQuery.php, AbstractBuildForm.php: Force 'readonly' by overwriting FormElement individual 'mode' setting.
      BuildFormBootstrap.php: Introduced new variable F_SHOW_BUTTON.
      d84dad1a
    • Carsten  Rose's avatar
      #3447 / Icons das man im FrontEnd direkt das gewaehlte FormElement im... · e96bb108
      Carsten Rose authored
      #3447 / Icons das man im FrontEnd direkt das gewaehlte FormElement im Formulareditor bearbeiten kann.
      AbstractBuildForm.php: Add checkbox left to the 'EditForm'-Button to toogle the 'FormElemnt'-Icons -as the regular 'Form Edit'-Pencil, the 'FormElement Checkbox' is only displayed if the user is logged in BE.
      BuildFormBootstrap.php: new function 'buildEditFormElementCheckbos()'
      e96bb108
  26. 28 Mar, 2017 1 commit
    • Carsten  Rose's avatar
      #3456 / LDAP: with Credentials to access 'webpass' · 8cb94e92
      Carsten Rose authored
      Manual.rst: Updated doc for a) config.qfq.ini: LDAP_1_RDN, LDAP_1_PASSWORD, b) Form.parameter|FormElement.parameter: ldapUseBindCredentials
      ErrorHandler.php: removed details - the end user should not too many details.
      FormAction.php, Ldap.php, QuickFormQuery.php: implement 'ldapUseBindCredentials'
      Ldap.php: set_error_handler() to catch ldap_bind() problems. Always set LDAP_OPT_PROTOCOL_VERSION=3 - this might cause problems with som LDAP Servers - we will see.
      8cb94e92