1. 20 May, 2017 1 commit
    • Carsten  Rose's avatar
      #3766 / SQL_LOG per tt_content record einstellbar machen · 4b0d1413
      Carsten Rose authored
      Add `sqlLog` and `sqlLogMode` to QFQ tt-content records.
      Add mode 'error' and `none` to sqlLogMode.
      Manual.rst: Added explanations for SQL_LOG, SQL_LOG_MODE, and tt-content pendants sqlLog, sqlLogMode. Update config.qfq.ini to latest attributes.
      Database.php: rename $mode to $currentQueryMode to make it more descriptive. Recode dbLog().
      Logger.php: do nothing if there is no file defined.
      Report.php: new function checkUpdateLog().
      Config.php: Set defaults for config.qfq.ini SQL_LOG and SQL_LOG_MODE
      Store.php: Fix problem that an empty SQL_LOG will be prependad with SYSTEM_PATH_EXT.
      4b0d1413
  2. 19 May, 2017 1 commit
  3. 18 May, 2017 2 commits
  4. 10 May, 2017 1 commit
  5. 24 Apr, 2017 2 commits
    • Carsten  Rose's avatar
      Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
      Carsten Rose authored
      Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
      Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
      
      Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
      Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
      Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
      Evaluate.php: Respect global escapeTypeDefault. Implement
      formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
      ba817c0e
    • Carsten  Rose's avatar
      Security: Honeypot vars - check if any of the honeypot vars is filled - if yes, it's an attack. · f5d7ba73
      Carsten Rose authored
      Config.php: Defaults are now set in Config.php, not in Store.php anymore. New function setDefaults(), checkForAttack().
      f5d7ba73
  6. 28 Mar, 2017 1 commit
    • Carsten  Rose's avatar
      #3456 / LDAP: with Credentials to access 'webpass' · 8cb94e92
      Carsten Rose authored
      Manual.rst: Updated doc for a) config.qfq.ini: LDAP_1_RDN, LDAP_1_PASSWORD, b) Form.parameter|FormElement.parameter: ldapUseBindCredentials
      ErrorHandler.php: removed details - the end user should not too many details.
      FormAction.php, Ldap.php, QuickFormQuery.php: implement 'ldapUseBindCredentials'
      Ldap.php: set_error_handler() to catch ldap_bind() problems. Always set LDAP_OPT_PROTOCOL_VERSION=3 - this might cause problems with som LDAP Servers - we will see.
      8cb94e92
  7. 25 Mar, 2017 1 commit
  8. 06 Mar, 2017 1 commit
  9. 12 Feb, 2017 1 commit
    • Carsten  Rose's avatar
      AdminstratorManual/Index.rst: Update config.qfq.ini description to new... · 7e49d63f
      Carsten Rose authored
      AdminstratorManual/Index.rst: Update config.qfq.ini description to new parameter 'class'. Remove 'DB_NAME_TEST' cause that is only interesting to PHP Unit Tests and not to enduser.
      UserManual/Index.rst: Update STORE_SYSTEM description of known variables.
      Store.php, QuickFormQuery.php: Refactor building STORE_SYSTEM. Make it more generic if new parameters are introduced. Setting up new config.qfq.ini built in defaults and form defaults at one place. Renaming of parameter names in config.qfq.ini to STORE_SYSTEM at one place implemented with an extensible array.
      AbstractBuildForm.php, BuildFormBootstrap.php, BuildFormTable.php: User constant F_CLASS  in $this->formSpec['class']
      config.qfq.example.ini: comment empty variables - the new default setting is, that empty parameter in config.qfq.ini means EMPTY, not UNDEFINED.
      7e49d63f
  10. 10 Feb, 2017 1 commit
    • Carsten  Rose's avatar
      User Input will be UTF8 normalized - Webserver needs package php5-intl or php7.0-intl. · 7eeed2a8
      Carsten Rose authored
      Add FORM_BS_LABEL_COLUMNS, FORM_BS_INPUT_COLUMNS, FORM_BS_NOTE_COLUMNS to config.qfq.ini.
      
      AdministratorManual/Index.rst: added notes to install php-intl, new config.qfq.ini parameter (see above).
      UserManual/index.rst: Fix wrong store name SYSTEM: S > Y. Add new config.qfq.ini parameter (see above).
      Store.php: new general function to translate upper case config prameter names to to camel hook FormElement names. Split function fillSystemStore(). Add function normalizeArray().
      Constants.php: add new error, renumber error codes 1056-1073. Introduce new config.qfq.ini parameter SYSTEM_FORM_BS_*
      QuickFormQuery.php: Use of new bs*Column values defined in config.qfq.inc (not hardcoded here anymore)
      7eeed2a8
  11. 07 Feb, 2017 1 commit
    • Carsten  Rose's avatar
      Added validator.js attributes 'data-pattern-error', 'data-rquired-error',... · 372993e5
      Carsten Rose authored
      Added validator.js attributes 'data-pattern-error', 'data-rquired-error', 'data-match-error', 'data-error' to be specified in config.qfq.ini, Form or FormElement. Detailed setting will overwrite generic setting. If none is specified, take validator.js defaults.
      
      HelperFormElement.php, AbstractBuildForm.php, Constants.php, QuickFormQuery.php.
      372993e5
  12. 14 Jan, 2017 2 commits
  13. 13 Jan, 2017 1 commit
  14. 29 Nov, 2016 1 commit
  15. 29 May, 2016 1 commit
    • Carsten  Rose's avatar
      Fixed 'Unknown SIP after login/logout' · 75c7f039
      Carsten Rose authored
      Report.php, Store.php, QuickFormQuery.php: configuration option 'SESSION_NAME' removed and hard coded to 'qfq'.
      Session.php, Sip.php: function checkFeUserUid() moved from Sip to Session. Will be called by using 'Session'. SIP's now stored one level deeper in $_SESSION['qfq'][...]. This makes it easier to destroy the SIP cachae in case of login/logout. Destroying the whole $_SESSION var is not a good idea.
      75c7f039
  16. 11 May, 2016 1 commit
  17. 25 Apr, 2016 1 commit
    • Carsten  Rose's avatar
      Input Field date / datetime / time implemented. · d28b523a
      Carsten Rose authored
      AdministratorManual/index.rst, UsersManual/index.rst: Configuration & Documentation.
      Sanitize.php: code rewrote to use Support::dateTime2mysql().
      Support.php: add dateTimeTegexp()
      FillStoreForm.php: use of Support::setFeDefaults($formElement). Format date/datetime/time values
      Store.php: redefined various functions to be 'static'
      AbstractBuildForm.php, Constants.php: added date/datetime/time to tables. Various new functions.
      Save.php: FE die nicht uebertragen wurden (typsicherweise weil leer) werden neu mit eimem leer String gesschrieben - sonst ist es nicht moeglich  Eingaben wieder zu loeschen.
      formEditor.sql: Felder date/datetime/time neun implementiert.
      d28b523a
  18. 21 Mar, 2016 1 commit
  19. 16 Mar, 2016 1 commit
    • Carsten  Rose's avatar
      Sip: phpdoc · c2809cfb
      Carsten Rose authored
      Constants, Store: added TYPO3_PAGE_TYPE to STORE_TYPO3
      AbstractBuildForm: recode to use global $showDebugInfo. IMplemented deriveNewRecrdUrlFromExistingSip(). Added parameter $toolTip to createFormLink(). Rewrap Editlink
      BuildFormBootstrap: recode buildButton().
      QuickFormQuery: code to set session lifetime disabled: useless
      c2809cfb
  20. 11 Mar, 2016 1 commit
  21. 02 Mar, 2016 1 commit
  22. 01 Mar, 2016 1 commit
    • Carsten  Rose's avatar
      Db, Link, Report, Utils: renamed FALSE to false · c10434ef
      Carsten Rose authored
      Link: replaced TYPO3_CONF_VARS by STORE_SYSTEM
      Sip, Store: PhpDoc
      AbstractBuildForm, BuildFormBootstrap, Constants: implemented constant SYSTEM_SHOW_DEBUG_INFO
      Database: rewrote errormessage
      c10434ef
  23. 25 Feb, 2016 1 commit
    • Carsten  Rose's avatar
      Store: determine 'SHOW_DEBUG_INFO' and set it to 'yes' or 'no'. · 9029bcbb
      Carsten Rose authored
      AbstractBuildForm: Show 'formEditLink' incl. SIP Parameter.
      BuildFormBootstrap: Added Icon in buildButton to edit form.
      Evaluate: reformat Debug info.
      formEditor.sql: showDebugInfo removed from table - now implemented by checking if BE User is logged in.
      9029bcbb
  24. 17 Feb, 2016 1 commit
  25. 09 Feb, 2016 1 commit
  26. 03 Jan, 2016 1 commit