.. ================================================== .. Header hierarchy .. == .. -- .. ^^ .. "" .. ;; .. ,, .. .. -------------------------------------------------- .. Best Practice T3 reST: https://docs.typo3.org/m/typo3/docs-how-to-document/master/en-us/WritingReST/CheatSheet.html .. Reference: https://docs.typo3.org/m/typo3/docs-how-to-document/master/en-us/WritingReST/Index.html .. Italic *italic*are part of key or value .. Bold **bold** .. Code ``text`` .. External Links: `Bootstrap `_ .. Add Images: .. image:: ../images/a4.jpg .. .. .. Admonitions .. .. note:: .. important:: .. tip:: .. warning:: .. Color: (grey) (orange) (green) (red) .. .. Definition: .. some text becomes strong (only one line) .. description has to indented .. -*- coding: utf-8 -*- with BOM. .. include:: Includes.txt .. _general: General ======= * Project homepage: https://qfq.io * Latest releases: https://qfq.io/download * Development: https://git.math.uzh.ch/typo3/qfq * Slack: https://qfq-io.slack.com .. _installation: Installation ============ The following features are only tested / supported on linux hosts: * General: QFQ is coded to run on Linux hosts, preferable on Debian derivates like Ubuntu. * HTML to PDF conversion - command `wkhtmltopdf`. * Concatenation of PDF files - command `pdfunite`. * Mime type detection for uploads - command `file`. .. _`preparation`: Preparation ----------- Report & Form ^^^^^^^^^^^^^ To normalize UTF8 input, *php-intl* package is needed by * normalizer::normalize() For the `download`_ function, the programs `pdfunite` and `file` are necessary to concatenate PDF files. Preparation for Ubuntu:: sudo apt install php-intl sudo apt install poppler-utils libxrender1 file pdf2svg # for file upload, PDF and 'HTML to PDF' (wkhtmltopdf), PDF split sudo apt install inkscape imagemagick # to render thumbnails .. _wkhtml: wkhtmltopdf ^^^^^^^^^^^ `wkhtmltopdf `_ will be used by QFQ to offer 'website print' and 'HTML to PDF' conversion. The program is not included in QFQ and has to be manually installed. * The Ubuntu package `wkhtmltopdf` needs a running Xserver - this does not work on a headless webserver. * Best is to install the QT version from the named website above. * In case of trouble with wkhtmltopdf, also install 'libxrender1'. * The current version 0.12.4 might have trouble with https connections. Version 0.12.5-dev (github master branch) seems more reliable. Please contact the QFQ authors if you need a compiled Ubuntu version of wkhtmltopdf. In configuration_ specify:: config.cmdWkhtmltopdf: /opt/wkhtmltox/bin/wkhtmltopdf config.baseUrl: http://www.example.com/ If wkhtml has been compiled with dedicated libraries (not part of LD_LIBRARY_PATH), specify the LD_LIBRARY_PATH together with the path-filename:: config.cmdWkhtmltopdf: LD_LIBRARY_PATH=/opt/wkhtmltox/lib /opt/wkhtmltox/bin/wkhtmltopdf .. important:: To access FE_GROUP protected pages or content, it's necessary to disable the `[FE][lockIP]` check! `wkhtml` will access the Typo3 page locally (localhost) and that IP address is different from the client (=user) IP. Configure via Typo3 Installtool `All configuration > $TYPO3_CONF_VARS['FE']`: :: [FE][lockIP] = 0 .. warning:: ``[FE][lockIP] = 0`` disables an important anti-'session hijacking' protection. The security level of the whole installation will be *lowered*! Again, this is only needed if `wkhtml` needs access to FE_GROUP protected pages & content. As an alternative to lower the security level, create a separated page subtree which is only accessible (configured via Typoscript) from specific IPs **or** if a FE-User is logged in. If there are problems with converting/downloading FE_GROUP protected pages, check `SHOW_DEBUG_INFO = download` to debug. .. note:: Converting HTML to PDF gives no error message but RC=-1? Check carefully all includes of CSS, JS, images and so on! Typically some of them fails to load and wkhtml stops running! HTML to PDF conversion """""""""""""""""""""" `wkhtmltopdf` converts a website (local or remote) to a (multi)-page PDF file. It's mainly used in `download`_. Print """"" Different browser prints the same page in different variations. To prevent this, QFQ implements a small PHP wrapper `print.php` with uses `wkhtmltopdf` to convert HTML to PDF. Provide a `print this page`-link (replace 'current pageId' ):: Print this page Any parameter specified after `print.php` will be delivered to `wkhtmltopdf` as part of the URL. Typoscript code to implement a print link on every page:: 10 = TEXT 10 { wrap = Printview data = page:uid } Send Email ^^^^^^^^^^ QFQ sends mail via `sendEmail` http://caspian.dotconf.net/menu/Software/SendEmail/ - a small perl script without a central configuration. By default, `sendEmail` uses the local installed MTA, writes a logfile to `fileadmin/protected/log/mail.log` and handles attachments via commandline options. A basic HTML email support is implemented. The latest version is v1.56, which has at least one bug. That one is patched in the QFQ internal version v1.56p1 (see QFQ GIT sources in directory 'patches/sendEmail.patch'). Nevertheless, on latest system the TLS support is broken - please check sendEmailProblem_. The Typo3 sendmail eco-system is not used at all by QFQ. Thumbnail ^^^^^^^^^ Thumbnails will be rendered via ImageMagick (https://www.imagemagick.org/) 'convert' and 'inkscape' (https://inkscape.org). 'inkscape' is only used for '.svg' files. The Typo3 graphic eco-system is not used at all by QFQ. Usage: `column-thumbnail`_. Setup ----- * Install the extension via the Extension Manager. * If you install the extension by manual download/upload and get an error message "can't activate extension": rename the downloaded zip file to `qfq.zip` or `qfq_.zip` (e.g. version: 18.12.0). * If the Extension Manager stops after importing: check your memory limit in php.ini. * Copy/rename the file */typo3conf/ext/qfq/config.example.qfq.php* to */typo3conf/config.qfq.php*. Configure the necessary settings `configuration`_ The configuration file is outside of the extension directory, to not loose it during de-install and install again. * When the QFQ Extension is called the first time on the Typo3 frontend, the file */qfq/sql/formEditor.sql* will played and fills the database with the *Form editor* records. This also happens automatically after each update of QFQ. * Configure Typoscript to include Bootstrap, jQuery, QFQ javascript and CSS files. .. _setup-css-js: Setup CSS & JS ^^^^^^^^^^^^^^ :: page.meta { X-UA-Compatible = IE=edge X-UA-Compatible.attribute = http-equiv viewport=width=device-width, initial-scale=1 } page.includeCSS { file01 = typo3conf/ext/qfq/Resources/Public/Css/bootstrap.min.css file02 = typo3conf/ext/qfq/Resources/Public/Css/bootstrap-theme.min.css file03 = typo3conf/ext/qfq/Resources/Public/Css/jqx.base.css file04 = typo3conf/ext/qfq/Resources/Public/Css/jqx.bootstrap.css file05 = typo3conf/ext/qfq/Resources/Public/Css/qfq-bs.css file06 = typo3conf/ext/qfq/Resources/Public/Css/tablesorter-bootstrap.css } page.includeJS { file01 = typo3conf/ext/qfq/Resources/Public/JavaScript/jquery.min.js file02 = typo3conf/ext/qfq/Resources/Public/JavaScript/bootstrap.min.js file03 = typo3conf/ext/qfq/Resources/Public/JavaScript/validator.min.js file04 = typo3conf/ext/qfq/Resources/Public/JavaScript/jqx-all.js file05 = typo3conf/ext/qfq/Resources/Public/JavaScript/globalize.js file06 = typo3conf/ext/qfq/Resources/Public/JavaScript/tinymce.min.js file07 = typo3conf/ext/qfq/Resources/Public/JavaScript/EventEmitter.min.js file08 = typo3conf/ext/qfq/Resources/Public/JavaScript/typeahead.bundle.min.js file09 = typo3conf/ext/qfq/Resources/Public/JavaScript/qfq.min.js file10 = typo3conf/ext/qfq/Resources/Public/JavaScript/jquery.tablesorter.combined.min.js file11 = typo3conf/ext/qfq/Resources/Public/JavaScript/jquery.tablesorter.pager.min.js file12 = typo3conf/ext/qfq/Resources/Public/JavaScript/widget-columnSelector.min.js # Only needed in case FormElement 'annotate' is used. file20 = typo3conf/ext/qfq/Resources/Public/JavaScript/fabric.min.js file21 = typo3conf/ext/qfq/Resources/Public/JavaScript/qfq.fabric.min.js } .. _form-editor: FormEditor ---------- Setup a *report* to manage all *forms*: * Create a Typo3 page. * Set the 'URL Alias' to `form` (recommended) or the individual defined value in parameter `editFormPage` (configuration_). * Insert a content record of type *qfq*. * In the bodytext insert the following code:: # If there is a form given by SIP: show form={{form:SE}} # In case indexQfq != indexData, set dbIndex=indexQfq. dbIndex = {{indexQfq:Y}} 10 { # List of Forms: Do not show this list of forms if there is a form given by SIP. # Table header. sql = SELECT CONCAT('p:{{pageAlias:T}}&form=form') as _pagen, '#', 'Name', 'Title', 'Table', '' FROM (SELECT 1) AS fake WHERE '{{form:SE}}'='' head = {{'b|p:id={{pageAlias:T}}&form=copyFormFromExt|t:Copy form from ExtForm' AS _link}} tail =
rbeg = rend = fbeg = fend = 10 { # All forms sql = SELECT CONCAT('p:{{pageAlias:T}}&form=form&r=', f.id) as _pagee , f.id, f.name, f.title AS '_striptags', f.tableName , CONCAT('U:form=form&r=', f.id) as _paged FROM Form AS f ORDER BY f.name rbeg = rend = fbeg = fend = } } .. _install-checklist: Installation: Check List ------------------------ * Protect the directory `/fileadmin/protected` in Apache against direct file access. * `/fileadmin/protected/` should be used for confidential (uploaded / generated) data. * `/fileadmin/protected/log/...` is the default place for QFQ log files. * Protect the directory `/fileadmin` in Apache to not execute PHP Scripts - malicious uploads won't be executed. * Setup a log rotation rule for `sqlLog`. * Check that `sqlLogMode` is set to `modify` on productive sites. With `none` you have no chance to find out who changed which data and `all` really logs a mass of data. .. _configuration: Configuration ------------- .. _config-qfq-php: config.qfq.php ^^^^^^^^^^^^^^ +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Keyword | Example | Description | +===============================+=======================================================+============================================================================+ | DB__USER | DB_1_USER=qfqUser | Credentials configured in MySQL | +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | DB__PASSWORD | DB_1_PASSWORD=1234567890 | Credentials configured in MySQL | +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | DB__SERVER | DB_1_SERVER=localhost | Hostname of MySQL Server | +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | DB__NAME | DB_1_NAME=qfq_db | Database name | +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | LDAP_1_RDN | LDAP_1_RDN='ou=Admin,ou=example,dc=com' | Credentials for non-anonymous LDAP access. Only one set supported. | | LDAP_1_PASSWORD | LDAP_1_PASSWORD='mySecurePassword' | | +-------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ Example: *typo3conf/config.qfq.php*: :: /typo3conf/config.qfq.php return [ 'DB_1_USER' => '', 'DB_1_SERVER' => '', 'DB_1_PASSWORD' => '', 'DB_1_NAME' => '', //DB_2_USER => //DB_2_SERVER => //DB_2_PASSWORD => //DB_2_NAME => // DB_n ... // ... // LDAP_1_RDN => 'ou=Admin,ou=example,dc=com' // LDAP_1_PASSWORD => 'mySecurePassword' ]; .. _extension-manager-qfq-configuration: Extension Manager: QFQ Configuration ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Keyword | Default / Example | Description | +===================================+=======================================================+============================================================================+ | Config | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | flagProduction | yes | yes|no: used to differentiate production and development site. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | maxFileSize | 10M | If empty, take minimum of 'post_max_size' and 'upload_max_filesize'. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | baseUrl | http://example.com | URL where wkhtmltopdf will fetch the HTML (no parameter, those comes later)| +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | dateFormat | yyyy-mm-dd | Possible options: yyyy-mm-dd, dd.mm.yyyy. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | thumbnailDirSecure | fileadmin/protected/qfqThumbnail | Important: secure directory 'protected' (recursive) against direct access. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | thumbnailDirPublic | typo3temp/qfqThumbnail | Both thumbnail directories will be created if not existing. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cmdInkscape | inkscape | If inkscape is not available, specify an empty string. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cmdConvert | convert | GraphicsMagics 'convert' is recommended. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cmdWkhtmltopdf | /usr/bin/wkhtmltopdf | PathFilename of wkhtmltopdf. Optional variables like LD_LIBRARY_PATH=... | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | sendEMailOptions | -o tls=yes | General options. Check: http://caspian.dotconf.net/menu/Software/SendEmail | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | documentation | http://docs.typo3.org... | Link to the online documentation of QFQ. Every QFQ installation also | | | | contains a local copy: typo3conf/ext/qfq/Documentation/html/Manual.html | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Dynamic | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | fillStoreSystemBySql1/2/3 | SELECT s.id AS ... | Specific values read from the database to fill the system store during QFQ | | | | load. See `fillStoreSystemBySql`_ for a usecase. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | fillStoreSystemBySqlErrorMsg1/2/3 | No current period found | Only define an error message, if QFQ should stop running | | | | in case of an SQL error or not exact one record. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Debug | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | throwExceptionGeneralError | auto | | *yes*: 'general errors' in QFQ (PHP) will throw an exception. | | | | | *auto*: becomes 'yes', if 'flagProduction'!='yes', else 'no'. | | | | | *no*: 'general errors' in QFQ (PHP) will be silently ignored. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formSubmitLogMode | all | | *all*: every form submission will be logged. | | | | | *none*: no logging. | | | | | See `form-submit-log-page`_ for example QFQ code to display the log. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | redirectAllMailTo | john@doe.com | If set, redirect all QFQ generated mails (Form, Report) to the specified. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | sqlLogMode | modify | | *all*: every statement will be logged - this might a lot. | | | | | *modify*: log only statements who change data. *error*: log only | | | | DB errors. | | | | | *none*: no SQL log at all. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | sqlLog | fileadmin/protected/log/sql.log | Filename to log SQL commands: relative to or absolute. If the | | | | directory does not exist, create it. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | qfqLog | fileadmin/protected/log/qfq.log | Filename to log general QFQ events:relative to or absolute. | | | | If the directory does not exist, create it. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | mailLog | fileadmin/protected/log/mail.log | Filename to log `sendEmail` commands: relative to or absolute. | | | | If the directory does not exist, create it. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | showDebugInfo | auto | FE - Possible values: yes|no|auto|download. For 'auto': If a BE User is | | | | logged in, a debug information will be shown on the FE. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Database | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | init | init=SET names utf8; SET sql_mode = | Global init for using the database. For 'sql_mode="NO_ENGINE_SUBSTITUTION"'| | | "NO_ENGINE_SUBSTITUTION" | see #7407. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | update | auto | | *auto*: apply DB Updates only if there is a newer version. | | | | | *always*: apply DB Updates always, especially play formEditor.sql every | | | | time QFQ is called - *not* recommended! | | | | | *never*: never apply DB Updates. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | indexData | 1 | Optional. Default: 1. Retrieve the current setting via {{dbNameData:Y}}. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | indexQfq | 1 | Optional. Default: 1. Retrieve the current setting via {{dbNameQfq:Y}}. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Security | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | escapeTypeDefault | m | All variables `{{...}}` get this escape class by default. | | | | See `variable-escape`_. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | securityVarsHoneypot | email,username,password | If empty: no check. All named variables will rendered as INPUT elements. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | securityAttackDelay | 5 | If an attack is detected, sleep 'x' seconds and exit PHP process. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | securityShowMessage | true | If an attack is detected, show a message. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | securityGetMaxLength | 50 | GET vars longer than 'x' chars triggers an `attack-recognized`. | | | | `ExceptionMaxLength`_. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | securityFailedAuthDelay | 3 | If REST authorization fails, sleep 'x' seconds before answering. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Form-Config | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | recordLockTimeoutSeconds | 900 | Timeout for record locking. After this time, a record will be replaced. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | sessionTimeoutSeconds | 1800 | Timeout for FE User session. See sessionTimeoutSeconds_ | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | enterAsSubmit | enterAsSubmit = 1 | 0: off, 1: Pressing *enter* in a form means *save* and *close*. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | editFormPage | form | T3 Pagealias to edit a form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formDataPatternError | please check pattern error | Customizable error message used in validator.js. 'pattern' violation. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formDataRequiredError | missing value | Customizable error message used in validator.js. 'required' fields. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formDataMatchError | type error | Customizable error message used in validator.js. 'match' retype mismatch. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formDataError | generic error | Customizable error message used in validator.js. 'no specific' given. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Form-Layout | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | labelAlign | left | Label align (left/center/right)/ Default: left. Will be inherited to Form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cssClassQfqContainer | container | | QFQ with own Bootstrap: 'container'. | | | | | QFQ already nested in Bootstrap of mainpage: . | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cssClassQfqForm | qfq-color-base | Wrap around QFQ 'Form'. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cssClassQfqFormPill | qfq-color-grey-1 | Wrap around title bar for pills: CSS Class, typically a background color. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cssClassQfqFormBody | qfq-color-grey-2 | Wrap around FormElements: CSS Class, typically a background color. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formBsColumns | col-md-12 col-lg-10 | The whole form will be wrapped. See `bs-custom-field-width`_ | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formBsLabelColumns | col-md-3 col-lg-3 | The column get the width. See `bs-custom-field-width`_ | +-----------------------------------+-------------------------------------------------------+ | | formBsInputColumns | col-md-6 col-lg-6 | | +-----------------------------------+-------------------------------------------------------+ | | formBsNoteColumns | col-md-3 col-lg-3 | | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | extraButtonInfoInline | | Image for `extraButtonInfo`_ (inline). | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | extraButtonInfoBelow | | Image for `extraButtonInfo`_ (below). | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | extraButtonInfoPosition | below | 'auto' (default) or 'below'. See `extraButtonInfo`_. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | extraButtonInfoClass | pull-right | '' (default) or 'pull-right'. See `extraButtonInfo`_. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | Form-Language | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formLanguage[ABCD]Id | E.g.: 1 | In Typo3 configured pageLanguage id. The number after the 'L' parameter. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | formLanguage[ABCD]Label | E.G.: english | Label shown in *Form editor*, on the 'basic' tab. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | saveButtonText | | Text on the form save button. Typically none. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | saveButtonTooltip | Save | Tooltip on the form save button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | saveButtonClass | btn btn-default navbar-btn | Bootstrap CSS class for save button on top of the form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | buttonOnChangeClass | alert-info btn-info | Bootstrap CSS class for save button showing 'data changed'. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | saveButtonGlyphIcon | glyphicon-ok | Icon for the form save button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | closeButtonText | | Text on the form close button. Typically none. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | closeButtonTooltip | close | Tooltip on the form close button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | closeButtonClass | btn btn-default navbar-btn | Bootstrap CSS class for close button on top of the form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | closeButtonGlyphIcon | glyphicon-remove | Icon for the form close button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | deleteButtonText | | Text on the form delete button. Typically none. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | deleteButtonTooltip | delete | Tooltip on the form delete button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | deleteButtonClass | btn btn-default navbar-btn | Bootstrap CSS class for delete button on top of the form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | deleteButtonGlyphIcon | glyphicon-trash | Icon for the form delete button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | newButtonText | | Text on the form new button. Typically none. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | newButtonTooltip | new | Tooltip on the form new button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | newButtonClass | btn btn-default navbar-btn | Bootstrap CSS class for new button on top of the form. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | newButtonGlyphIcon | glyphicon-plus | Icon for the form new button. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | showIdInFormTitle | 0 (off), 1 (on) | Append at the form title the current record id. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ | cssClassColumnId | text-muted | A column in a subrecord with the name id|ID|Id gets this class. | +-----------------------------------+-------------------------------------------------------+----------------------------------------------------------------------------+ After parsing the configuration, the following variables will be set automatically in STORE_SYSTEM: +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ | Keyword | Description | +===============================+====================================================================================================================================+ | dbNameData | Name of the 'data'-database. '{{dbNameData:Y}} | +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ | dbNameQfq | Name of the 'QFQ'-database. '{{dbNameQfq:Y}} | +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ | dbNameT3 | Name of the 'T3'-database. '{{dbNameT3:Y}} | +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ | sitePath | Absolute path of the current T3 instance. '{{sitePath:Y}} | +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ | extPath | Absolute path of the QFQ extension. '{{extPath:Y}} | +-------------------------------+------------------------------------------------------------------------------------------------------------------------------------+ .. _`CustomVariables`: Custom variables ^^^^^^^^^^^^^^^^ Up to 30 custom variables can be defined in `configuration`_. E.g. to setup a contact address and reuse the information inside your installation do: :: custom1: ADMINISTRATIVE_CONTACT = john@doe.com custom2: ADMINISTRATIVE_ADDRESS = John Doe, Hollywood Blvd. 1, L.A. custom3: ADMINISTRATIVE_NAME = John Doe * Somewhere in a `Form` or in `Report`:: {{ADMINISTRATIVE_CONTACT:Y}}, {{ADMINISTRATIVE_ADDRESS:Y}}, {{ADMINISTRATIVE_NAME}} It's also possible to configure such variables directly in `config.qfq.php`_. .. _`fillStoreSystemBySql`: Fill STORE_SYSTEM by SQL ^^^^^^^^^^^^^^^^^^^^^^^^ A specified SELECT statement in `configuration`_ in variable `fillStoreSystemBySql1` (or `2`, or `3`) will be fired. The query should have 0 (nothing happens) or 1 row. All columns will be **added** to the existing STORE_SYSTEM. Existing variables will be overwritten. Be careful not to overwrite system values. This option is useful to make generic custom values, saved in the database, accessible to all QFQ Report and Forms. Access such variables via `{{:Y}}`. In case QFQ should stop working if a given query does not select exact one record (e.g. a missing period), define an error message: :: fillStoreSystemBySql1: SELECT name FROM Person WHERE name='Doe' fillStoreSystemBySqlErrorMsg1: Too many or to few "Doe's" in our database .. _`periodId`: periodId """""""" This is * a usecase, implemented via `fillStoreSystemBySql`_, * a way to access `Period.id` with respect to the current period (the period itself is custom defined). After a full QFQ installation: * a table `Period` (extend / change it to your needs, fill them with your periods), * one sample record in table `Period`, Websites, delivering semester data, school year schedules, or any other type or periods, often need an index to the *current* period. In configuration_: :: fillStoreSystemBySql1: SELECT id AS periodId FROM Period WHERE start<=NOW() ORDER BY start DESC LIMIT 1 a variable 'periodId' will automatically computed and filled in STORE SYSTEM. Access it via `{{periodId:Y0}}`. To get the name and current period: :: SELECT name, ' / ', start FROM Period WHERE id={{periodId:Y0}} Typically, it's necessary to offer a 'previous' / 'next' link. In this example, the STORE SIP holds the new periodId: :: SELECT CONCAT('p:{{pageAlias:T}}&periodId=', {{periodId:SY0}}-1, '|Next') AS _page, ' ', name, ' ', CONCAT('p:{{pageAlias:T}}&periodId=', {{periodId:SY0}}+1, '|Next') AS _page FROM Period AS s WHERE s.id={{periodId:SY0}} Take care for minimum and maximum indexes (do not render the links if out of range). .. _`DbUserPrivileges`: DB USER privileges ^^^^^^^^^^^^^^^^^^ The specified DB User needs privileges to the database of at least: SELECT / INSERT / UPDATE / DELETE / SHOW. To apply automatically QFQ-'DB UPDATE' the following rights are mandatory too: CREATE / ALTER To get access to the Typo3 installation, 'dbuser' should also have access to the Typo3 Database with at least SELECT / INSERT / UPDATE / DELETE. .. _`ExceptionMaxLength`: Exception for SECURITY_GET_MAX_LENGTH ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If it is necessary to use a GET variable which exceeds `securityGetMaxLength` limit, name the variable with '_' at the end. E.g. `my_long_variable_130`. Such a variable has an allowed length of 130 chars. Access the variable as usual with the variable name: `{{my_long_variable_130:C:...}}`. .. _`sessionTimeoutSeconds`: FE-User: Session timeout seconds ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ There is no timeout for website users who are not logged in (but typically those users don't have access to protected content). For logged in users, the default timeout is the php.ini settings for `session.cookie_lifetime` and `session.gc_maxlifetime` (minimum of both). These timeout only affects QFQ related content and can be specified a) globally (QFQ configuration) and b) specific per Form. The maximum timeout depends on the minimal value of php.ini `session.cookie_lifetime` and `session.gc_maxlifetime`. Specifying a higher value produces an error in the front end. Every access to QFQ related content resets the timeout. After FE login, the next access to QFQ related content starts the timeout counter. .. _local-documentation: Local Documentation ------------------- A HTML rendered version is available under: /typo3conf/ext/qfq/Documentation/html/Index.html If you get a 'Page forbidden / not found' there might be some Webserver restrictions. E.g. the Typo3 example of `.htaccess` in the Typo3 installation folder will forbid access to any extension documentation (which is a good idea on a productive server). For a development server instead, deactivate the forbid rule of 'documentation'. In `.htaccess` (snippet from Typo3 7.6 _.htaccess): :: production: RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F] development: RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|docs?)/ - [F] .. _concept: Concept ======= SIPs ---- The following is a technical background information. Not needed to just use QFQ. The SIPs (=Server Id Pairs) are uniq timestamps, created/registered on the fly for a specific browser session (=user). Every SIP is registered on the server (= stored in a browser session) and contains one or more key/value pairs. The key/value pairs never leave the server. The SIPs will be used: * to protect values not to be spoofed by anyone, * to protect values not to be altered by anyone, * to grant access, e.g.: * load and save forms, * upload files, * download files, * PHP AJAX pages. SIPs becomes invalid, as soon as the current browser session is destroyed. The client (= user) can't manipulate the content of SIPs - it's only possible to reuse already registered SIPs by the user, who already owns the session. Access privileges ----------------- The Typo3 FE Groups can be used to implement access privileges. Such groups are assigned to * Typo3 FE users, * Typo3 pages, * and/or Typo3 content records (e.g. QFQ records). This will be used for general page structure privileges. A `record base` privileges controlling (e.g. which user can edit which person record) will be implicit configured, by the way that records are viewable / editable (or not) through SQL in the specific QFQ tt-content statements. Typo3 QFQ content element ------------------------- Insert one or more QFQ content elements on a Typo3 page. Specify column and language per content record as wished. The title of the QFQ content element will not be rendered on the frontend. It's only visible to the webmaster in the backend for orientation. QFQ Keywords (Bodytext) ^^^^^^^^^^^^^^^^^^^^^^^ **All of the named parameter are optional.** +-------------------+---------------------------------------------------------------------------------+ | Name | Explanation | +===================+=================================================================================+ | form | | Formname. | | | | Static: **form = person** | | | | By SIP: **form = {{form:SE}}** | | | | By SQL: **form = {{SELECT c.form FROM config AS c WHERE c.id={{a:C}} }}** | +-------------------+---------------------------------------------------------------------------------+ | r | | . The form will load the record with the specified id. | | | | Static: **r = 123** | | | | By SQL: **r = {{SELECT ...}}** | | | | If not specified, the SIP parameter 'r' is used. | +-------------------+---------------------------------------------------------------------------------+ | dbIndex | E.g. `dbIndex = {{indexQfq:Y}}` Select a DB index. Only necessary if a | | | different than the standard DB should be used. | +-------------------+---------------------------------------------------------------------------------+ | debugShowBodyText | If='1' and configuration_:*showDebugInfo: yes*, shows a tooltip with bodytext | +-------------------+---------------------------------------------------------------------------------+ | sqlLog | Overwrites configuration_: `SQL_LOG`_ . Only affects `Report`, not `Form`. | +-------------------+---------------------------------------------------------------------------------+ | sqlLogMode | Overwrites configuration_: `SQL_LOG_MODE`_ . Only affects `Report`, not `Form`. | +-------------------+---------------------------------------------------------------------------------+ | .fbeg | Start token for every field (=column) | +-------------------+---------------------------------------------------------------------------------+ | .fend | End token for every field (=column) | +-------------------+---------------------------------------------------------------------------------+ | .fsep | Separator token between fields (=columns) | +-------------------+---------------------------------------------------------------------------------+ | .fskipwrap | Comma separated list of column id's. Skip wrapping of indexed columns. | +-------------------+---------------------------------------------------------------------------------+ | .shead | Static start token for whole , independent if records are selected | | | Shown before `head`. | +-------------------+---------------------------------------------------------------------------------+ | .stail | Static end token for whole , independent if records are selected. | | | Shown after `tail`. | +-------------------+---------------------------------------------------------------------------------+ | .head | Dynamic start token for whole . Only if at least one record is select. | +-------------------+---------------------------------------------------------------------------------+ | .tail | Dynamic end token for whole . Only if at least one record is select. | +-------------------+---------------------------------------------------------------------------------+ | .rbeg | Start token for row. | +-------------------+---------------------------------------------------------------------------------+ | .rbgd | Alternating (per row) token. | +-------------------+---------------------------------------------------------------------------------+ | .rend | End token for row. Will be rendered **before** subsequent levels are processed | +-------------------+---------------------------------------------------------------------------------+ | .renr | End token for row. Will be rendered **after** subsequent levels are processed | +-------------------+---------------------------------------------------------------------------------+ | .rsep | Seperator token between rows | +-------------------+---------------------------------------------------------------------------------+ | .sql | SQL Query | +-------------------+---------------------------------------------------------------------------------+ | .althead | If .sql is empty, these token will be rendered. | +-------------------+---------------------------------------------------------------------------------+ | .altsql | If .sql is empty, these query will be fired. No sub queries. | | | Shown after `althead` | +-------------------+---------------------------------------------------------------------------------+ | .content | | *show* (default): content of current and sub level are directly shown. | | | | *hide*: content of current and sub levels are stored and not shown. | | | | *store*: content of current and sub levels are stored and shown. | | | | To retrieve the content: `{{.line.content}}`. See `syntax-of-report`_ | +-------------------+---------------------------------------------------------------------------------+ .. _`qfq-database`: QFQ Database ------------ Recommended setup for Typo3 & QFQ Installation is with *two* databases. One for the Typo3 installation and one for QFQ. A good practice is to name both databases equal, appending the suffix '_t3' and '_db'. When QFQ is called, it checks for QFQ system tables. If they do not exist or have a lower version than the installed QFQ version, the system tables will be automatically installed or updated. .. _`system-tables`: System tables ^^^^^^^^^^^^^ +---------------+------------+------------+ | Name | Use | Database | +===============+============+============+ | Clipboard | Temporary | QFQ | +---------------+------------+------------+ | Cron | Persistent | QFQ | +---------------+------------+------------+ | Dirty | Temporary | QFQ | Data | +---------------+------------+------------+ | Form | Persistent | QFQ | +---------------+------------+------------+ | FormElement | Persistent | QFQ | +---------------+------------+------------+ | FormSubmitLog | Persistent | QFQ | Data | +---------------+------------+------------+ | MailLog | Persistent | QFQ | Data | +---------------+------------+------------+ | Period | Persistent | Data | +---------------+------------+------------+ | Split | Persistent | Data | +---------------+------------+------------+ See `mail-log-page`_ and `form-submit-log-page`_ for some Frontend views for these tables. * Check Bug #5459 / support of system tables in different DBs not supported. .. _`multi-database`: Multi Database ^^^^^^^^^^^^^^ Base: T3 & QFQ """""""""""""" QFQ typically interacts with one database, the QFQ database. The database used by Typo3 is typically a separate one. Theoretically it might be the same (never tested), but it's strongly recommended to use a separated QFQ database to have no problems on Typo3 updates and to have a clean separation between Typo3 and QFQ. QFQ: System & Data """""""""""""""""" QFQ itself can be separated in 'QFQ system' (see `system-tables`_) and 'QFQ data' databases (even more than one are possible). The 'QFQ system' stores the forms, record locking, log tables and so on - `QFQ data` is for the rest. A `Multi Database` setup is given, if 'QFQ system' is different from 'QFQ data'. Data: Data1, Data2, ..., Data n """"""""""""""""""""""""""""""" Every database needs to be configured via `configuration`_ with it's own `index`. `QFQ data` might switch between different 'data'-databases. In configuration_ one main `QFQ data` index will be specified in `indexQfq`. If specific forms or reports should use a different database than that, `dbIndex` might change `indexData` temporarily. `dbIndex`: A `Report` (field `dbIndex`) as well as a `Form` (field `parameter`.`dbIndex`) can operate on a specific database. A `Form` will: * load the form-definition from `indexQfq` (table `Form` and `FormElement`), * loads and save data from/in `indexData` (config.qfq.php) / `dbIndex` (form.parameter.dbIndex), * retrieve extra information via `dbIndexExtra` - this is useful to offer information from a database and save them in a different one. The simplest setup, QFQ system & data in the same database, needs no `indexQfq / indexData` definition in configuration_ or one or both of them set to '1' To separate QFQ system and data, indexQfq and indexData will have different indexes. A Multi Database setup might be useful for: * several independent Typo3 QFQ installations (each have it's own form repository) and one central database, or * one QFQ installation which should display / load /save records from different databases, or * a combination of the above two. Note: * Option 'A' is the most simple and commonly used. * Option 'B' separate the T3 and QFQ databases on two database hosts. * Option 'C' is like 'B' but with a shared 'QFQ data'-database between three 'Typo3 / QFQ' instances. * Further variants are possible. +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | | Domain | Website Host | T3 | QFQ system | QFQ data | +===+================+==============+===============================+==============================+==================================+ | A | standalone.edu | 'w' | , _t3, _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | B | appB1.edu | 'wApp' | , _t3 | , _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | B | appB2.edu | 'wApp' | , _t3 | , _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | C | appC1.edu | 'wAppC' | , _t3 | , _db | _db, _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | C | appC2.edu | 'wAppC' | , _t3 | , _db | _db, _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ | C | appC3.edu | 'wAppC3' | , _t3 | , _db | _db, _db | +---+----------------+--------------+-------------------------------+------------------------------+----------------------------------+ In config-qfq-php_ mutliple database credentials can be prepared. Mandatory is at least one credential setup like `DB_1_USER`, `DB_1_SERVER`, `DB_1_PASSWORD`, `DB_1_NAME`. The number '1' indicates the `dbIndex`. Increment the number to specify further database credential setups. Typically the credentials for `DB_1` also have access to the T3 database. Different QFQ versions, shared database ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When using different QFQ versions and a shared 'QFQ data'-database, there is some risk of conflicting 'QFQ system' tables. Best is to always use the same QFQ version on all instances or use a Multi Database setup. .. _debug: Debug ===== SQL Logging ----------- Setup in configuration_ .. _SQL_LOG: * *sqlLog* * Filename where to log SQL queries and statistical data. * File is relative to the `` or absolute (starting with '/'). * Content: SQL queries and timestamp, formName/formId, fe_user, success, affected rows, newly created record id's and accessed from IP. * The global setting can be overwritten by defining `sqlLog` inside of a QFQ tt-content record. .. _SQL_LOG_MODE: * *sqlLogMode: all|modify|error|none* * *all*: logs every SQL statement. * *modify*: logs only statements who might potentially change data. * *error*: logs only queries which generate SQL errors. * *none*: no query logging at all. * The global setting can be overwritten by defining `sqlLogMode` inside of a QFQ tt-content record. * *showDebugInfo = [yes|no|auto],[download]* If active, displays additional information in the Frontend (FE). This is typically helpful during development. * *yes*: * Form: * For every internal link/button, show tooltips with decoded SIP on mouseover. * Shows an 'Edit form'-button (wrench symbol) on a form. The link points to the T3 page with the :ref:`form-editor`. * Report: Will be configured per tt-content record. *debugShowBodyText = 1* * *no*: No debug info. * *auto*: Depending if there is a Typo3 BE session, set internally: * *showDebugInfo = yes* (BE session exist) * *showDebugInfo = no* (no BE session) * *download*: * During a download (especially by using wkhtml), temporary files are not deleted automatically. Also the ``wkhtmltopdf`` and ``pdfunite`` command lines will be logged to `SQL_LOG`_. Use this only to debug problems on download. .. _REDIRECT_ALL_MAIL_TO: Redirect all mail to (catch all) -------------------------------- Setup in configuration_ * *redirectAllMailTo=john@doe.com* * During the development, it might be helpful to configure a 'catch all' email address, which QFQ uses as the final receiver instead of the original intended one. * The setting will: * Replace the 'To' with the configured one. * Clear 'CC' and 'Bcc' * Write a note and the original configured receiver at the top of the email body. _`mail-log-page` Mail Log page ------------- For debugging purposes you may like to add a Mail Log page in the frontend. The following QFQ code could be used for that purpose (put it in a QFQ PageContent element):: # Page parameters 1.sql = SELECT @grId := '{{grId:C0:digit}}' AS _grId 2.sql = SELECT @summary := IF('{{summary:CE:alnumx}}' = 'true', 'true', 'false') AS _s # Filters 10 { sql = SELECT gr.id, IF(gr.id = @grId, "' selected>", "'>"), gr.value, ' (Id: ', gr.id, ')' FROM gGroup AS gr INNER JOIN MailLog AS ml ON ml.grId = gr.id GROUP BY gr.id head =
Filter By Group: Summary
} # Mail Log 50 { sql = SELECT id, '', grId, '', xId, '', REPLACE(receiver, ',', '
'), '', REPLACE(sender, ',', '
'), '', DATE_FORMAT(modified, '%d.%m.%Y
%H:%i:%s'), '', CONCAT('', subject, '
', IF(@summary = 'true', CONCAT(SUBSTR(body, 1, LEAST(IF(INSTR(body, '\n') = 0, 50, INSTR(body, '\n')), IF(INSTR(body, '
') = 0, 50, INSTR(body, '
')))-1), ' ...'), CONCAT('
', REPLACE(body, '\n', '
'))) ) FROM MailLog WHERE (grId = @grId OR @grId = 0) ORDER BY modified DESC LIMIT 100 head = tail =
IdgrIdxIdToFromDateE-Mail
rbeg = rend = } _`form-submit-log-page` Form Submit Log page -------------------- For debugging purposes you may like to add a Form Submit Log page in the frontend. The following QFQ code could be used for that purpose (put it in a QFQ PageContent element):: # Filters 20.shead =
20 { sql = SELECT id, IF(id = '{{formId:SC0}}', "' selected>", "'>"), name FROM Form ORDER BY name head = rbeg =