FE_PARAMETER: extraButtonLock / extraButtonPassword:

Config.php: new function attackDetectedExitNow().
Sip.php: replace local sleep(PENALTY_TIME_BROKEN_SIP) with central function attackDetectedExitNow().

Manual.rst: notes how to setup length-exceptions to SECURITY_GET_MAX_LENGTH
config.php: implemented special handling of GET vars, named with '..._<num>'.

Add `sqlLog` and `sqlLogMode` to QFQ tt-content records.
Add mode 'error' and `none` to sqlLogMode.
Manual.rst: Added explanations for SQL_LOG, SQL_LOG_MODE, and tt-content pendants sqlLog, sqlLogMode. Update config.qfq.ini to latest attributes.
Database.php: rename $mode to $currentQueryMode to make it more descriptive. Recode dbLog().
Logger.php: do nothing if there is no file defined.
Report.php: new function checkUpdateLog().
Config.php: Set defaults for config.qfq.ini SQL_LOG and SQL_LOG_MODE
Store.php: Fix problem that an empty SQL_LOG will be prependad with SYSTEM_PATH_EXT.

Implement additional 'SHOW_DEBUG_INFO = download' to track down problems with 'session forwarding'.
Configure constants for SHOW_DEBUG_INFO for yes|no|auto

Manual.rst: add description for new attribute 'capture'.
AbstractBuildForm.php: implement adding attribute.

Implemented: file upload check for mime type and max file size.
File.php, AbstractBuildForm.php: Implement FE_FILE_MIME_TYPE_ACCEPT and FE_FILE_MAX_FILE_SIZE

config.qfq.ini: REDIRECT_ALL_MAIL_TO = john@doe.com
All emails, sent bey QFQ will not be sent to the given receiver, instead they are delivered to 'catch all email' address.
Sendmail.php: Check config.qfq.ini setting for REDIRECT_ALL_MAIL_TO - if set take that address as real receiver for all mails from Form and Report.

DatabaseUpdateData.php, QuickFormQuery.php, formEditor.sql, TestFormEditor.sql: set new escapeDefaultSetting in Schema.

Fixed: unnecessary exception if there is no Form / FormElement table
Database.php: New function playSqlFile().
DatabaseUpdate.php: missing table Form won't throw an exception anymore.
Manual.rst: note that formEditor.sql will be played automatically.

For updates of QFQ prior to 0.17.0, do:   ALTER TABLE  `Form` COMMENT =  'Version=<your old QFQ version>'
DatabaseUpdate.php, DatabaseUpdateData.php: new class.
QuickFormQuery.php: Add DB UpdateCheck
Database.php: moved to new subdirectory `database`. Add 'ALTER' as a new SQL command.
FormAction.php, TypeAhead.php, Report.php, Sendmail.php, FillStoreForm.php, Store.php, AbstractBuild.php, Delete.php, Evaluate.php: Update path to Database.php.

 #3659 / Bootstrap default view: 'small' - fixed. By default '--viewport-size=1280x1024' will be set to wkhtml. This moves BS rendering 'xs' to 'md'.

Html2Pdf.php: Fake the current 'user-agent' and add it as '--custom-header ...' AND '--custom-header-propagation' option to the wkhtmltopdf call. Without, T3 will deny FE Group access. The --custom-header-propagation seems to be necessary.

Manual.rst: describe new urlParam parameter `_sip`
Html2Pdf.php: optional SIP encoding

Html2Pdf.php: Add SIP support wkhtmltopdf URLs. Move cookies for wkhtmltopdf from commandline arguments to filebased.

Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.

Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
Evaluate.php: Respect global escapeTypeDefault. Implement
formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.

Config.php: Defaults are now set in Config.php, not in Store.php anymore. New function setDefaults(), checkForAttack().

Play: ALTER TABLE  `FormElement` ADD  `encode` ENUM(  'none',  'specialchar' ) NOT NULL DEFAULT  'specialchar' AFTER  `subrecordOption` ;
Play: formEditor.sql

Attention: FEs with text=editor needs actions - the default of 'specialchar' prohibits saving of HTML tags.

FillStoreForm.php: Submitted values will be specialchars() before copying to STORE_FORM.
AbstractBuildForm.php: Counterpart of FillStoreForm.php - will htmlspecialchars_decode() values read from database. Replace 'checkType' and 'checkPattern' with CONSTANTS.
formEditor.sql: Added new column in FormElement. Add new FormElement 'encode' in FormElement-Editor. Add column 'encode' to all FormElement records.

Handling of filenames in Zip's optimized. Spoken filename (no cryptic tempnames anymore). Correct filename extension, based on the mimetype.

Manual.rst: updated doc for columns  _pPdf,_zZip, _fFile. Remove doc for '_dDownload'.
Download.php: new function targetFilenameExtension(). Replace cryptic temporary filenames against file-1, ...
Link.php: reorder param array, to make TOKEN_DOWNLOAD position independet
Report.php: Implemented _pPdf,_zZip, _fFile.

Link.php: If there is no output filename defined, the default is now computed in Download.php, not in Link.php as before.
Download.php: Extract filename extension from mimetype, compare it with output filename, if it does not match, append the computed extension. This forces the filemanager to open the correct application after download.

* Recode the '_link' notation for download
* Add 'ZIP' as export format
* Add 'parameter' to wkhtmltopdf
* Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP' for detecting if there are download links on the page. This eleminates passing parameters through dozens of functions.
* Report/Columntype '_dDownload' broken!
Coding.md: described `download` from a coding point of view.
Manual.rst: Update '_link' to latest notation of 'download'.
download.php: implemented catching of 'Undefined index'. Added further exceptions.
Download.php: Added cache=off for downloading. Rename getFile() to getElement(). Make getElement() more generic. Add zipFiles(). Implement 'downloadMode' in doElements().
Html2Pdf.php: recode to new download notation. Parameter to wkhtmltopdf implemented.
Link.php: New TOKEN_* and NAME_DOWNLOAD_*, NAME_FILE. Move TOKEN_* to Constants.php. Will be used in Download.php too. Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'. Implemented BASE64 encoding of multiple 'U' and 'u'.
Report.php: Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'.
Sip.php: implement debugSip() to show Sip. New: base64 encoded parameter will be shown in clear.
Store.php: some functions missed keyword 'static'. getVar() and getStore automatically decode base64 parameter.
QuickFormQuery.php: Implemented 'SYSTEM_STORE / SYSTEM_DOWNLOAD_POPUP'.

Implemented spinning wheel (hourglass) displayed during rendering and downloading PDF.
Link.php, Report.php: New $vars[NAME_EXTRA_CONTENT_WRAP] which holds a '<button>' definition with necesary 'data-*' attributes. The Modal Dialog needs a uniq html id (derived from ttContentUid). That one is returned to Report() if there is at least one download element.

Implemented download.php to offer SIP protected downloads for single files (any filetype) as well as concatenated PDF files and converted HTML pages.
download.php: API Interface
DownloadException.php: New exception class for downloads - might be extended for better error handling.
OnArray.php: new function getArrayItemKeyNameStartWith() to filter for specific elements in an array. New function arrayEscapeshellarg() to escape args
Download.php: Main class.
Link.php, Report.php: implemented new link type 'd' (=download)

Manual.rst: Prefetch doc enhanced.
Ldap.php: replacement of '?' in LDAP search not processed with MODE_LDAP_PREFETCH - fixed. FE_TYPEAHEAD_LDAP_KEY_PRINTF renamed to FE_TYPEAHEAD_LDAP_ID_PRINTF
AbstractBuildForm.php: copy 'FE_TYPEAHEAD_LDAP_ID_PRINTF' to SIP seems never be done - fixed

#3552 / typeAheadLdapSearchPerToken - webpass kann nicht gleichzeitig nach Vornamen und Nachnamen suchen
Neuen Modus 'typeAheadLdapSearchPerToken' implementiert.
Manual.rst: neues Feature dokumentiert.
Ldap.php: Neue Funktion 'explodePermutSearch()'.

During expanding of templateGroups, existing FE with no meaning for save (like note, subrecord, ...) has been created, filled with empty values and saved. Fixed for FEs with type 'subrecord' and 'note' - needs more investigation to check for further sideeffects.

Action elements, assigned to a container which are not a templategroup, threw an exception. In general, it makes no sense (at the time of writing this) to assign an action element to a pill or fieldset, but it should not throw an exception. Fixed - just ignore such assignment.

Implemented.

Exception: rewrote getting T3 parameter without using Store(). Always report pages.uid, tt_content.uid.
 T3Info.php: new class
 Sip.php: penalty time for broken sip.
 Store.php: moved T3 code to T3Info.php

#3502 / TemplateGroups: Checkboxen werden beim ersten Speichern (insert) nicht geschrieben - ein anschliessendes Update ist ok
Das Problem tritt nur auf bei MultiCheckboxen. Neu werden im Store  STORE_ADDITIONAL_FORM_ELEMENTS (ist bereits frueher, extra fuer Checkboxen, eingefuehrt worden) fuer alle TemplateGroup FEs (type=checkbox) die Fake Elemente angelegt. Dazu wird neu NAME_TG_COPIES in dem FEs gefuellt mit dem 'TG max copies'-Wert.

Manual.rst: update doc how to insert/update/delete non primary templateGroup records.
FormAction.php: removed $templateGroupIndex - solved implicit by defining a LIMIT on 'slaveId' . Implemented '%D' (one below %d). Implemented FE_SQL_HONOR_FORM_ELEMENTS - reduces unecassary SQL queries.
HelperFormElement.php: moved function 'explodeTemplateGroupElements()' to 'QuickFormQuery.php'
Database.php: remove call to explodeTemplateGroupElements() - not necessary at that place.
QuickFormQuery.php: fill STORE_RECORD during Formload - to read templateGroup records very early. Local copy of `getNativeFormElements()`, new `explodeTemplateGroupElements()`

Mode: typeAheadPedantic
TypeAhead.php: Implemented new parameter  TYPEAHEAD_API_PREFETCH.
Ldap.php: add new mode MODE_LDAP_PREFETCH
AbstractBuildForm.php: If FE_TYPEAHEAD_PEDANTIC is specified, add attribute DATA_TYPEAHEAD_PEDANTIC,'true'

Implementation started - code is broken

Neu: Form.parameter.saveButtonActive - if this attribute is set, the save button will be enabled directly on form load.
Manual.rst: update doc
BuildFormBootstrap.php:: Add new attribute to 'form'-tag

Implemented the option to make a form `readonly`. this can be done statically or dynamically via variable (e.g. SIP).
QuickFormQuery.php, AbstractBuildForm.php: Force 'readonly' by overwriting FormElement individual 'mode' setting.
BuildFormBootstrap.php: Introduced new variable F_SHOW_BUTTON.

#3447 / Icons das man im FrontEnd direkt das gewaehlte FormElement im Formulareditor bearbeiten kann.
AbstractBuildForm.php: Add checkbox left to the 'EditForm'-Button to toogle the 'FormElemnt'-Icons -as the regular 'Form Edit'-Pencil, the 'FormElement Checkbox' is only displayed if the user is logged in BE.
BuildFormBootstrap.php: new function 'buildEditFormElementCheckbos()'

Manual.rst: Updated doc for a) config.qfq.ini: LDAP_1_RDN, LDAP_1_PASSWORD, b) Form.parameter|FormElement.parameter: ldapUseBindCredentials
ErrorHandler.php: removed details - the end user should not too many details.
FormAction.php, Ldap.php, QuickFormQuery.php: implement 'ldapUseBindCredentials'
Ldap.php: set_error_handler() to catch ldap_bind() problems. Always set LDAP_OPT_PROTOCOL_VERSION=3 - this might cause problems with som LDAP Servers - we will see.

#3447 / Icons das man im FrontEnd direkt das gewaehlte FormElement im Formulareditor bearbeiten kann
AbstractBuildForm.php, BuildFormBootstrap.php, BuildFormTable.php: Function createFormEditorUrl extended to accept parameter, to make it more generic (best would be to use the 'Link' class). Build the FormElement Edit symbol as together with debug stack symbols