1. 05 Jun, 2017 1 commit
    • Carsten  Rose's avatar
      #3568 / Form: fuer alle Buttons (save, close, new, delete) eine optionale... · 61d75fbb
      Carsten Rose authored
      #3568 / Form: fuer alle Buttons (save, close, new, delete) eine optionale class & text konfigurierbar machen
      Manual.rst: new configuration options listed at config.qfq.ini and Form.paramtert.
      Config.php: Defaults configured for F_SAVE|CLOSE|DELETE|NEW_BUTTON_TEXT|TOOLTIP|CLASS|GLYPH_ICON.
      BuildFormBootstrap.php: Changed code to take values from config.qfq.ini or (if given) from form.parameter definitions.
      QuickFormQuery.php: Copy new setup values from config.qfq.ini to Form.
      StoreTest.php: update unit test for new global configuration values
      config.qfq.example.ini: fill with new commented key/value pairs.
      61d75fbb
  2. 04 Jun, 2017 1 commit
  3. 01 Jun, 2017 1 commit
  4. 27 May, 2017 1 commit
  5. 25 May, 2017 2 commits
  6. 20 May, 2017 3 commits
    • Carsten  Rose's avatar
      New Version number v0.17.4 · 076b88fa
      Carsten Rose authored
      076b88fa
    • Carsten  Rose's avatar
      #3769 / Allow specific GET variables longer than SECURITY_GET_MAX_LENGTH. · c11f75ad
      Carsten Rose authored
      Manual.rst: notes how to setup length-exceptions to SECURITY_GET_MAX_LENGTH
      config.php: implemented special handling of GET vars, named with '..._<num>'.
      c11f75ad
    • Carsten  Rose's avatar
      #3766 / SQL_LOG per tt_content record einstellbar machen · 4b0d1413
      Carsten Rose authored
      Add `sqlLog` and `sqlLogMode` to QFQ tt-content records.
      Add mode 'error' and `none` to sqlLogMode.
      Manual.rst: Added explanations for SQL_LOG, SQL_LOG_MODE, and tt-content pendants sqlLog, sqlLogMode. Update config.qfq.ini to latest attributes.
      Database.php: rename $mode to $currentQueryMode to make it more descriptive. Recode dbLog().
      Logger.php: do nothing if there is no file defined.
      Report.php: new function checkUpdateLog().
      Config.php: Set defaults for config.qfq.ini SQL_LOG and SQL_LOG_MODE
      Store.php: Fix problem that an empty SQL_LOG will be prependad with SYSTEM_PATH_EXT.
      4b0d1413
  7. 19 May, 2017 4 commits
  8. 18 May, 2017 3 commits
  9. 12 May, 2017 4 commits
  10. 10 May, 2017 2 commits
  11. 09 May, 2017 1 commit
    • Carsten  Rose's avatar
      #3679: Automatic DB Update · d1b203dd
      Carsten Rose authored
      Fixed: unnecessary exception if there is no Form / FormElement table
      Database.php: New function playSqlFile().
      DatabaseUpdate.php: missing table Form won't throw an exception anymore.
      Manual.rst: note that formEditor.sql will be played automatically.
      d1b203dd
  12. 04 May, 2017 2 commits
  13. 03 May, 2017 3 commits
  14. 01 May, 2017 1 commit
  15. 30 Apr, 2017 1 commit
  16. 26 Apr, 2017 1 commit
  17. 24 Apr, 2017 3 commits
    • Carsten  Rose's avatar
    • Carsten  Rose's avatar
      Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
      Carsten Rose authored
      Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
      Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
      
      Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
      Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
      Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
      Evaluate.php: Respect global escapeTypeDefault. Implement
      formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
      ba817c0e
    • Carsten  Rose's avatar
      Security: Encoding and Honepot vars. · bd606a8f
      Carsten Rose authored
      Manual.rst: small abstract about implemented security enhancements in QFQ.
      Sanatize.php: New function urlDecodeArr(). Decode all _GET vars.
      AbstractBuildForm.php, BuildFormBootstrap.php: form head now contains the honeypot vars.
      bd606a8f
  18. 23 Apr, 2017 5 commits
  19. 22 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      #3218 / download.php / export · e10937b6
      Carsten Rose authored
      * Recode the '_link' notation for download
      * Add 'ZIP' as export format
      * Add 'parameter' to wkhtmltopdf
      * Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP' for detecting if there are download links on the page. This eleminates passing parameters through dozens of functions.
      * Report/Columntype '_dDownload' broken!
      Coding.md: described `download` from a coding point of view.
      Manual.rst: Update '_link' to latest notation of 'download'.
      download.php: implemented catching of 'Undefined index'. Added further exceptions.
      Download.php: Added cache=off for downloading. Rename getFile() to getElement(). Make getElement() more generic. Add zipFiles(). Implement 'downloadMode' in doElements().
      Html2Pdf.php: recode to new download notation. Parameter to wkhtmltopdf implemented.
      Link.php: New TOKEN_* and NAME_DOWNLOAD_*, NAME_FILE. Move TOKEN_* to Constants.php. Will be used in Download.php too. Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'. Implemented BASE64 encoding of multiple 'U' and 'u'.
      Report.php: Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'.
      Sip.php: implement debugSip() to show Sip. New: base64 encoded parameter will be shown in clear.
      Store.php: some functions missed keyword 'static'. getVar() and getStore automatically decode base64 parameter.
      QuickFormQuery.php: Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'.
      e10937b6