1. 24 Apr, 2017 1 commit
    • Carsten  Rose's avatar
      Implemented new escape class 'mysql' (realEscapeString). · ba817c0e
      Carsten Rose authored
      Implemented defaultEscapeType. configurable via config.qfq.ini (global) and per Form.
      Implemented max GET parameter lenght. Default: 50. BTW: in phpunit test there have been a parameter 'file' which exceeds the limit of 32.
      
      Config.qfq: Skip empty variable names - happens in phpunit tests. Read new `systemEscapeTypeDefault`.
      Constants.php: renamed  TOKEN_LDAP_ESCAPE_* to TOKEN_ESCAPE_LDAP_*. Add TOKEN_ESCAPE_MYSQL, TOKEN_ESCAPE_NONE
      Database.php: Set charset to real_escape_string() functions properly. Proxy for mysqli::real_escape_string()
      Evaluate.php: Respect global escapeTypeDefault. Implement
      formEditor.sql: add column `escapeTypeDefault`. Add FormElement 'escapeTypeDefault'.
      ba817c0e
  2. 25 Mar, 2017 1 commit
  3. 19 Mar, 2017 1 commit
  4. 24 Feb, 2017 1 commit
  5. 15 Feb, 2017 1 commit
    • Carsten  Rose's avatar
      CODING.md: small updates in upload part · 1467b137
      Carsten Rose authored
      Support.php, AbstractBuildForm.php: new function falseemptyToZero().
      Constants.php: New UPLOAD_MODE_*
      Evaluate.php: fixed bug in 'skip' logic of evaluate->parseArray()
      Save.php: doUpload() now returns $modeUpload, which are needed in doUploadSlave(), rewrote logic of doUploadSlave(),
      1467b137
  6. 14 Feb, 2017 1 commit
    • Carsten  Rose's avatar
      'Upload advanced mode' implementiert. V2 (kein FormElement Action 'afterSave' mehr noetig) · 2e7b75b6
      Carsten Rose authored
      Default fuer Store Prioritaet hat sich geaendert: alt='FSRD', neu='FSRVD' - damit wird ist es ueberfluessig den V Store anzugeben.
      Variable '_filename' umbenannt in 'filename' und verschoben von STORE_FORM nach STORE_VARS. Damit ist es ueberfluessig eine Sanatize Klasse anzugeben.
      STORE_VAR hat zwei neue Variablen: 'filename', 'fileDestination'.
      Bei Form-Action Elemente gibt es zwei neue Typen: 'sqlBefore' und 'sqlAfter'
      
      Index.rst: Dokumentation auf V2 angepasst. Doku fuer V1 hat es nie gegeben.
      FormAction.php: Moved function initActionFormElement to HelperFormElement::initActionFormElement(), Implement sqlBefore & sqlAfter for Action Elemente.
      HelperFormElement.php: new class initActionFormElement(), initUploadFormElement().
      FillStoreForm.php, AbstractBuildForm.php, Evaluate.php: Implemented the $skip parameter to suppress unwanted variable expansion during form load.
      Constants.php: New STORE_USE_DEFAULT, VAR_FILE_DESTINATION, VAR_FILENAME,FE_SQL_AFTER, FE_SQL_BEOFRE, FE_TYPE_UPLOAD.
      Evaluate.php: moved 'decryptCurlyBraces()' up, in order to  create better error messages.
      Save.php: new doUploadSlave(), implement 'Upload advanced mode'.
      2e7b75b6
  7. 10 Jan, 2017 1 commit
  8. 30 May, 2016 2 commits
  9. 29 Apr, 2016 1 commit
  10. 11 Apr, 2016 1 commit
    • Carsten  Rose's avatar
      AbstractBuildForm.php: Aufruf von Support::appendToolTip() - neu kein Aufruf... · a4a61875
      Carsten Rose authored
      AbstractBuildForm.php: Aufruf von Support::appendToolTip() - neu kein Aufruf von htmlentitities vorher, damit Ticks nicht kodiert werden nach '"'. Durch Verwenddung von Support::appendTooltip() sollten single ticks im Code automatisch escaped werden.
      Evaluate.php: In debugstack eine Freizeile eingebaut zur besseren Lesbarkeit.
      a4a61875
  11. 07 Apr, 2016 1 commit
  12. 01 Apr, 2016 1 commit
  13. 24 Mar, 2016 1 commit
    • Carsten  Rose's avatar
      Dynamic Update implemented · b31fb9eb
      Carsten Rose authored
      load.php: implemented
      FillStoreForm.php: implemented
      Store.php: phpunit test complains about 'store already filled'. Option set to explicitly allow rewrite.
      AbstractBuildForm.php: Added new mode 'FORM_UPDATE'. Elements additionaly create json code. 'data-load' attribute will be added to form elements, if 'dynamicUpdate=yes'
        elements(): added call by reference parameter $json, to return the generated json code.
      BodyTextParse.php: added 'r =' as a new 'start new line' indicator. This was necessary at least for phpunit tests to run.
      BuildFormBootstrap.php: buildPill() passes json data structure.
      BuildFormPlain, BuildFormTable.php: doSubrecords()  passes json data structure.
      Constants.php: New FORM_UPDATE, SQL_FORM_ELEMENT_SIMPLE_ALL_CONTAINER, ERROR_FORM_NOT_FOUND, API_FORM_UPDATE
      Evaluate.php: Exception text enhanced.
      QuickFormQuery.php: FillStoreForm.php included. Automatic detection of FORM_LOAD and FORM_SAVE removed. Instead the mode are given explicitly. mode=FORM_UPDATE implemented.
      Save.php: added TODOs in code.
      formEditor.sql: reformat code. Add 'FormElement.dynamicUpdate'. 'FormElemente.checkType': 'number' replaced by 'digit'. Added 'alnumx', 'digit'. Form 'form', 'formElement': output of 'title' replaced by 'name' - outputting 'title' confuses the user (tries to show records which do fit to the formEditor) and might produce recursion in evaluation (did not understand why, but happens). FormEditor: implemented 'dynamicUpdate', escpecially the 'type' select list will be adjusted dynamically.
      b31fb9eb
  14. 09 Mar, 2016 1 commit
    • Carsten  Rose's avatar
      Store: check for missing sanitize arg extented to null · ea3d6806
      Carsten Rose authored
      Evaluate: parse() and evaluate() will return the last used Store
      QuickFormQuery: getFormName() extended to interpret form = {{form}} correctly
      Makefile: T# Extension ZIP - config.ini excluded, Documentation included
      README.md: adjusted to renamed CSS and JS files: qfq-bs.css, qfq-nin.js
      ea3d6806
  15. 26 Feb, 2016 1 commit
  16. 25 Feb, 2016 1 commit
    • Carsten  Rose's avatar
      Store: determine 'SHOW_DEBUG_INFO' and set it to 'yes' or 'no'. · 9029bcbb
      Carsten Rose authored
      AbstractBuildForm: Show 'formEditLink' incl. SIP Parameter.
      BuildFormBootstrap: Added Icon in buildButton to edit form.
      Evaluate: reformat Debug info.
      formEditor.sql: showDebugInfo removed from table - now implemented by checking if BE User is logged in.
      9029bcbb
  17. 24 Feb, 2016 1 commit
  18. 09 Feb, 2016 1 commit
  19. 29 Jan, 2016 1 commit
  20. 28 Jan, 2016 1 commit
  21. 26 Jan, 2016 1 commit
  22. 25 Jan, 2016 1 commit
  23. 17 Jan, 2016 1 commit
  24. 16 Jan, 2016 1 commit
  25. 15 Jan, 2016 1 commit