1. 08 Aug, 2017 1 commit
  2. 07 Aug, 2017 1 commit
    • Carsten  Rose's avatar
      #4185 / Detect modified record · b084998a
      Carsten Rose authored
      modifiedRecord.pu: State Diagram
      Dirty.php: implement $recordHashMd5 to detect modified records.
      OnArray.php: new getMd5()
      AbstractBuildForm.php: implemented but not working update of hidden input 'recordHashMd5'. Add hidden input 'recordHashMd5'.
      BuildFormBootstrap:  Add hidden input 'recordHashMd5'.
      formEditor.sql: Rename 'Dirty.recordModified' to 'Dirty.recordHashMd5'.
      b084998a
  3. 02 Aug, 2017 2 commits
  4. 09 Jul, 2017 1 commit
  5. 22 Jun, 2017 1 commit
  6. 14 Jun, 2017 1 commit
    • Carsten  Rose's avatar
      Feature #3906 / Mark required inputs with an asterik · 1ccc6b9c
      Carsten Rose authored
      Implemented by using a new class ''.required-field'. The class has to be applied to the label. Not implemented is the option, to render the asterix directly on/beside the input (not the label) - probably solved later.
      qfq-bs.css.les: New CSS class required-field
      AbstractBuildForm.php: extended buildLable() with new parameter $addClass.
      BuildFormBootstrap.php: Assign class 'required-field' to label for required fields.
      1ccc6b9c
  7. 11 Jun, 2017 1 commit
    • Carsten  Rose's avatar
      #3875 / FormElement 'extra': Fehler bei neuen Records. · 1117d36b
      Carsten Rose authored
      QFQ complains that the given SIP parameter is already defined. Problem is the pre filling of Store SIP, which normally happens only during form load. But the new 'saving a new record (r=0) and redirecting the browser to the same page with the new record id', requires a new SIP. That SIP is calculated before form-load and causes the exception. Fix: defined parameter in a store, which will be redefined with the same value, wont' throw an exception anymore.
      Store.php: compare old and new value and only if they differ throw an exception.
      1117d36b
  8. 10 Jun, 2017 3 commits
  9. 05 Jun, 2017 3 commits
  10. 04 Jun, 2017 1 commit
  11. 03 Jun, 2017 3 commits
  12. 01 Jun, 2017 1 commit
  13. 27 May, 2017 1 commit
  14. 24 May, 2017 4 commits
  15. 23 May, 2017 2 commits
  16. 22 May, 2017 1 commit
  17. 18 May, 2017 2 commits
  18. 12 May, 2017 2 commits
  19. 09 May, 2017 1 commit
    • Carsten  Rose's avatar
      #3679, Automatic DB update - Schema & FormEditor · 05b32a30
      Carsten Rose authored
      For updates of QFQ prior to 0.17.0, do:   ALTER TABLE  `Form` COMMENT =  'Version=<your old QFQ version>'
      DatabaseUpdate.php, DatabaseUpdateData.php: new class.
      QuickFormQuery.php: Add DB UpdateCheck
      Database.php: moved to new subdirectory `database`. Add 'ALTER' as a new SQL command.
      FormAction.php, TypeAhead.php, Report.php, Sendmail.php, FillStoreForm.php, Store.php, AbstractBuild.php, Delete.php, Evaluate.php: Update path to Database.php.
      05b32a30
  20. 24 Apr, 2017 2 commits
    • Carsten  Rose's avatar
      Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
      Carsten Rose authored
      Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
      Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
      
      Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
      Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
      Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
      Evaluate.php: Respect global escapeTypeDefault. Implement
      formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
      ba817c0e
    • Carsten  Rose's avatar
      Security: Encoding and Honepot vars. · bd606a8f
      Carsten Rose authored
      Manual.rst: small abstract about implemented security enhancements in QFQ.
      Sanatize.php: New function urlDecodeArr(). Decode all _GET vars.
      AbstractBuildForm.php, BuildFormBootstrap.php: form head now contains the honeypot vars.
      bd606a8f
  21. 23 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      Implement 'encode=specialchar' - new option per formElement. · 434cac36
      Carsten Rose authored
      Play: ALTER TABLE  `FormElement` ADD  `encode` ENUM(  'none',  'specialchar' ) NOT NULL DEFAULT  'specialchar' AFTER  `subrecordOption` ;
      Play: formEditor.sql
      
      Attention: FEs with text=editor needs actions - the default of 'specialchar' prohibits saving of HTML tags.
      
      FillStoreForm.php: Submitted values will be specialchars() before copying to STORE_FORM.
      AbstractBuildForm.php: Counterpart of FillStoreForm.php - will htmlspecialchars_decode() values read from database. Replace 'checkType' and 'checkPattern' with CONSTANTS.
      formEditor.sql: Added new column in FormElement. Add new FormElement 'encode' in FormElement-Editor. Add column 'encode' to all FormElement records.
      434cac36
  22. 13 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3573 / TypeaheadLdap: Prefetch funktioniert nicht · d645dee0
      Carsten Rose authored
      Manual.rst: Prefetch doc enhanced.
      Ldap.php: replacement of '?' in LDAP search not processed with MODE_LDAP_PREFETCH - fixed. FE_TYPEAHEAD_LDAP_KEY_PRINTF renamed to FE_TYPEAHEAD_LDAP_ID_PRINTF
      AbstractBuildForm.php: copy 'FE_TYPEAHEAD_LDAP_ID_PRINTF' to SIP seems never be done - fixed
      d645dee0
  23. 12 Apr, 2017 1 commit
  24. 10 Apr, 2017 1 commit
  25. 09 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3536 / a) Datum (datetime / timestamp) werden nicht angezeigt, b) Angezeigte... · 502efdb9
      Carsten Rose authored
      #3536 / a) Datum (datetime / timestamp) werden nicht angezeigt, b) Angezeigte Datumsformat String und aktzeptierte Eingabe matchen nicht
      Neu wird bei QFQ date/time/datetime kein HTML INPUT type=date|time|datetime-local mehr generiert, sondern ein 'text' - damit verlieren wir die Browserinternen Datepicker (Chrome, Opera) aber gewinnen die Kontrolle die Datumsformateingabe zurueck.
      502efdb9
  26. 05 Apr, 2017 1 commit