1. 01 Feb, 2018 2 commits
  2. 31 Jan, 2018 2 commits
  3. 30 Jan, 2018 1 commit
  4. 29 Jan, 2018 6 commits
  5. 28 Jan, 2018 1 commit
  6. 04 Dec, 2017 1 commit
  7. 02 Nov, 2017 1 commit
  8. 28 Aug, 2017 1 commit
  9. 30 Jun, 2017 1 commit
  10. 27 Jun, 2017 1 commit
    • Carsten  Rose's avatar
      Feature #3982 / Filename Sanatize: remove spaces. · c217dd61
      Carsten Rose authored
      Specify content disposition header filename in '"'. Remove none alnum chars from filename.
      Sanitize.php: update doc
      Download.php: Implement filename to be enclosed by ". Sanatize filename.
      SanitizeTest.php: unittest for safeFilename().
      c217dd61
  11. 04 May, 2017 1 commit
  12. 24 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      Security: Encoding and Honepot vars. · bd606a8f
      Carsten Rose authored
      Manual.rst: small abstract about implemented security enhancements in QFQ.
      Sanatize.php: New function urlDecodeArr(). Decode all _GET vars.
      AbstractBuildForm.php, BuildFormBootstrap.php: form head now contains the honeypot vars.
      bd606a8f
  13. 23 Apr, 2017 1 commit
  14. 24 Feb, 2017 1 commit
  15. 11 Feb, 2017 3 commits
  16. 08 Feb, 2017 1 commit
  17. 17 Dec, 2016 1 commit
  18. 29 Nov, 2016 1 commit
  19. 27 Apr, 2016 1 commit
    • Carsten  Rose's avatar
      Upload: first version which really uploads file, saving to destination. · 9c24d2d3
      Carsten Rose authored
      Sanitize.php: new sanitize class ALLBUT. New function safeFilename().
      Support.php: New function mkDirParent().
      Store.php: new system config variable SYSTEM_SITE_PATH.
      QuickFormQuery.php: fills STORE_RECORD before saving the current record.
      Save.php: moving the file to the final destination.
      9c24d2d3
  20. 26 Apr, 2016 1 commit
    • Carsten  Rose's avatar
      New sanatize class 'allbut'. · ed9bd193
      Carsten Rose authored
      Sanitize.php, Constants.php: allbut implemented.
      Support.php: Date regexp corrected to accept years 0001-1000.
      AbstractBuildForm.php: Code reformatted
      ed9bd193
  21. 25 Apr, 2016 1 commit
    • Carsten  Rose's avatar
      Input Field date / datetime / time implemented. · d28b523a
      Carsten Rose authored
      AdministratorManual/index.rst, UsersManual/index.rst: Configuration & Documentation.
      Sanitize.php: code rewrote to use Support::dateTime2mysql().
      Support.php: add dateTimeTegexp()
      FillStoreForm.php: use of Support::setFeDefaults($formElement). Format date/datetime/time values
      Store.php: redefined various functions to be 'static'
      AbstractBuildForm.php, Constants.php: added date/datetime/time to tables. Various new functions.
      Save.php: FE die nicht uebertragen wurden (typsicherweise weil leer) werden neu mit eimem leer String gesschrieben - sonst ist es nicht moeglich  Eingaben wieder zu loeschen.
      formEditor.sql: Felder date/datetime/time neun implementiert.
      d28b523a
  22. 18 Apr, 2016 2 commits
  23. 01 Apr, 2016 1 commit
  24. 29 Mar, 2016 1 commit
  25. 25 Mar, 2016 1 commit
  26. 24 Mar, 2016 1 commit
    • Carsten  Rose's avatar
      Refactored sanitize functionality: Form save, form update and client are now... · 0f2d60c4
      Carsten Rose authored
      Refactored sanitize functionality: Form save, form update and client are now handled with the same regexp. Form save and update use the same code to sanatize. SANITIZE names are now equal in FormEditor and in Store. New class SANITIZE_ALL_MIN_MAX_DATE.
      
      OnArray.php: moved inputCheckPatternArray() to Sanatize.
      Sanatize.php: complete rewrote of sanitize(). Everything is regexp based now.
      FillStore.php: validateValue() removed, use of Sanitize::sanitize instead.
      Store.php: adjusted change of Sanitize:sanitize signature.
      AbstractBuildForm.php: defined class global variable $inputCheckPattern and initialize them during construct(). Variables, submitted by POST, are now correctly sanatized according their FormElement definition. getInputCheckPattern() adjusted to new/changed SANITIZE definitions.
      Constants.php: added SANTIZE_ALLOW_: MIN_MAX, MIN_MAX_DATE, EMAIL, PATTERN, SANITIZE_EXCEPTION, SANITIZE_EMPTY_STRING
      Save.php: use of Sanitize::sanitize instead of validateValue()
      formEditor.sql: order of FormElement.checkType changed to 'most used first'.
      0f2d60c4
  27. 26 Feb, 2016 1 commit
  28. 09 Feb, 2016 1 commit
  29. 29 Jan, 2016 1 commit
  30. 25 Jan, 2016 1 commit