CoreLibs/development
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Form\Generate update

Browse Source 
- remove auto load _POST vars
- Update color settings to # leading 6/8 digit hex code
- remove any global variable calls/requests
- fix some isset/empty clean ups (isset + set = !empty)
- fix on delete of reference data that loaded data was not shown again
- fix on reference data save error that wrong data is still shown and not removed
This commit is contained in:
Clemens Schwaighofer
2023-01-10 11:22:04 +09:00
parent df2ae66942
commit 53813261fb
13 changed files with 212 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
4dev/update/20230106_edit_page_update/20230110_edit_table_column_fix.sql Normal file
View File

@@ -0,0 +1,25 @@
-- Fixes for column types
-- edit group
ALTER TABLE edit_group ALTER name TYPE VARCHAR;
-- edit language
ALTER TABLE edit_language ALTER short_name TYPE VARCHAR;
ALTER TABLE edit_language ALTER long_name TYPE VARCHAR;
ALTER TABLE edit_language ALTER iso_name TYPE VARCHAR;
-- edit menu group
ALTER TABLE edit_menu_group ALTER name TYPE VARCHAR;
ALTER TABLE edit_menu_group ALTER flag TYPE VARCHAR;
-- edit page
ALTER TABLE edit_page ALTER filename TYPE VARCHAR;
ALTER TABLE edit_page ALTER name TYPE VARCHAR;
-- edit query string
ALTER TABLE edit_query_string ALTER name TYPE VARCHAR;
ALTER TABLE edit_query_string ALTER value TYPE VARCHAR;
-- edit scheme
ALTER TABLE edit_scheme ALTER name TYPE VARCHAR;
ALTER TABLE edit_scheme ALTER header_color TYPE VARCHAR;
ALTER TABLE edit_scheme ALTER css_file TYPE VARCHAR;
ALTER TABLE edit_scheme ALTER template TYPE VARCHAR;
-- edit visible group
ALTER TABLE edit_visible_group ALTER name TYPE VARCHAR;
ALTER TABLE edit_visible_group ALTER flag TYPE VARCHAR;

4
www/includes/edit_base.php
View File

@@ -58,10 +58,6 @@ $l10n = new \CoreLibs\Language\L10n(
// flush and start
ob_end_flush();
// FIXME: only extract _POST data that is needed
// FIXME: update table_arrays reader to use other than $_GLOBALS
extract($_POST, EXTR_SKIP);
// init smarty and form class
$edit_base = new CoreLibs\Admin\EditBase(DB_CONFIG, $log, $l10n, $locale);
// creates edit pages and runs actions

23
www/includes/table_arrays/array_edit_access.php
View File

@@ -5,35 +5,36 @@ declare(strict_types=1);
$edit_access = [
'table_array' => [
'edit_access_id' => [
'value' => $GLOBALS['edit_access_id'] ?? '',
'value' => $_POST['edit_access_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Access Group Name',
'mandatory' => 1,
'type' => 'text',
'error_check' => 'alphanumericspace|unique'
],
'description' => [
'value' => $GLOBALS['description'] ?? '',
'value' => $_POST['description'] ?? '',
'output_name' => 'Description',
'type' => 'textarea'
],
'color' => [
'value' => $GLOBALS['color'] ?? '',
'value' => $_POST['color'] ?? '',
'output_name' => 'Color',
'mandatory' => 0,
'type' => 'text',
'size' => 6,
'length' => 6,
'size' => 10,
'length' => 9,
'error_check' => 'custom',
'error_regex' => "/[\dA-Fa-f]{6}/",
'error_example' => 'F6A544'
// FIXME: update regex check for hex/rgb/hsl with color check class
'error_regex' => '/^#([\dA-Fa-f]{6}|[\dA-Fa-f]{8})$/',
'error_example' => '#F6A544'
],
'enabled' => [
'value' => $GLOBALS['enabled'] ?? 0,
'value' => $_POST['enabled'] ?? 0,
'output_name' => 'Enabled',
'type' => 'binary',
'int' => 1, // OR 'bool' => 1
@@ -43,7 +44,7 @@ $edit_access = [
],
],
'protected' => [
'value' => $GLOBALS['protected'] ?? 0,
'value' => $_POST['protected'] ?? 0,
'output_name' => 'Protected',
'type' => 'binary',
'int' => 1,
@@ -53,7 +54,7 @@ $edit_access = [
],
],
'additional_acl' => [
'value' => $GLOBALS['additional_acl'] ?? '',
'value' => $_POST['additional_acl'] ?? '',
'output_name' => 'Additional ACL (as JSON)',
'type' => 'textarea',
'error_check' => 'json',

12
www/includes/table_arrays/array_edit_groups.php
View File

@@ -5,12 +5,12 @@ declare(strict_types=1);
$edit_groups = [
'table_array' => [
'edit_group_id' => [
'value' => $GLOBALS['edit_group_id'] ?? '',
'value' => $_POST['edit_group_id'] ?? '',
'pk' => 1,
'type' => 'hidden'
],
'enabled' => [
'value' => $GLOBALS['enabled'] ?? '',
'value' => $_POST['enabled'] ?? '',
'output_name' => 'Enabled',
'int' => 1,
'type' => 'binary',
@@ -20,13 +20,13 @@ $edit_groups = [
],
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Group Name',
'type' => 'text',
'mandatory' => 1
],
'edit_access_right_id' => [
'value' => $GLOBALS['edit_access_right_id'] ?? '',
'value' => $_POST['edit_access_right_id'] ?? '',
'output_name' => 'Group Level',
'mandatory' => 1,
'int' => 1,
@@ -34,14 +34,14 @@ $edit_groups = [
'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
],
'edit_scheme_id' => [
'value' => $GLOBALS['edit_scheme_id'] ?? '',
'value' => $_POST['edit_scheme_id'] ?? '',
'output_name' => 'Group Scheme',
'int_null' => 1,
'type' => 'drop_down_db',
'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
],
'additional_acl' => [
'value' => $GLOBALS['additional_acl'] ?? '',
'value' => $_POST['additional_acl'] ?? '',
'output_name' => 'Additional ACL (as JSON)',
'type' => 'textarea',
'error_check' => 'json',

14
www/includes/table_arrays/array_edit_languages.php
View File

@@ -5,12 +5,12 @@ declare(strict_types=1);
$edit_languages = [
'table_array' => [
'edit_language_id' => [
'value' => $GLOBALS['edit_language_id'] ?? '',
'value' => $_POST['edit_language_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'short_name' => [
'value' => $GLOBALS['short_name'] ?? '',
'value' => $_POST['short_name'] ?? '',
'output_name' => 'Language (short)',
'mandatory' => 1,
'type' => 'text',
@@ -18,25 +18,25 @@ $edit_languages = [
'length' => 2
],
'long_name' => [
'value' => $GLOBALS['long_name'] ?? '',
'value' => $_POST['long_name'] ?? '',
'output_name' => 'Language (long)',
'mandatory' => 1,
'type' => 'text',
'size' => 40
],
'iso_name' => [
'value' => $GLOBALS['iso_name'] ?? '',
'value' => $_POST['iso_name'] ?? '',
'output_name' => 'ISO Code',
'mandatory' => 1,
'type' => 'text'
],
'order_number' => [
'value' => $GLOBALS['order_number'] ?? '',
'value' => $_POST['order_number'] ?? '',
'int' => 1,
'order' => 1
],
'enabled' => [
'value' => $GLOBALS['enabled'] ?? '',
'value' => $_POST['enabled'] ?? '',
'output_name' => 'Enabled',
'int' => 1,
'type' => 'binary',
@@ -46,7 +46,7 @@ $edit_languages = [
],
],
'lang_default' => [
'value' => $GLOBALS['lang_default'] ?? '',
'value' => $_POST['lang_default'] ?? '',
'output_name' => 'Default Language',
'int' => 1,
'type' => 'binary',

8
www/includes/table_arrays/array_edit_menu_group.php
View File

@@ -5,25 +5,25 @@ declare(strict_types=1);
$edit_menu_group = [
'table_array' => [
'edit_menu_group_id' => [
'value' => $GLOBALS['edit_menu_group_id'] ?? '',
'value' => $_POST['edit_menu_group_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Group name',
'mandatory' => 1,
'type' => 'text'
],
'flag' => [
'value' => $GLOBALS['flag'] ?? '',
'value' => $_POST['flag'] ?? '',
'output_name' => 'Flag',
'mandatory' => 1,
'type' => 'text',
'error_check' => 'alphanumeric|unique'
],
'order_number' => [
'value' => $GLOBALS['order_number'] ?? '',
'value' => $_POST['order_number'] ?? '',
'output_name' => 'Group order',
'type' => 'order',
'int' => 1,

33
www/includes/table_arrays/array_edit_pages.php
View File

@@ -5,40 +5,41 @@ declare(strict_types=1);
$edit_pages = [
'table_array' => [
'edit_page_id' => [
'value' => $GLOBALS['edit_page_id'] ?? '',
'value' => $_POST['edit_page_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'filename' => [
'value' => $GLOBALS['filename'] ?? '',
'value' => $_POST['filename'] ?? '',
'output_name' => 'Add File ...',
'mandatory' => 1,
'type' => 'drop_down_db',
'query' => "SELECT DISTINCT temp_files.filename AS id, temp_files.folder || temp_files.filename AS name "
'query' => "SELECT DISTINCT temp_files.filename AS id, "
. "temp_files.folder || temp_files.filename AS name "
. "FROM temp_files "
. "LEFT JOIN edit_page ep ON temp_files.filename = ep.filename "
. "WHERE ep.filename IS NULL"
],
'hostname' => [
'value' => $GLOBALS['hostname'] ?? '',
'value' => $_POST['hostname'] ?? '',
'output_name' => 'Hostname or folder',
'type' => 'text'
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Page name',
'mandatory' => 1,
'type' => 'text'
],
'order_number' => [
'value' => $GLOBALS['order_number'] ?? '',
'value' => $_POST['order_number'] ?? '',
'output_name' => 'Page order',
'type' => 'order',
'int' => 1,
'order' => 1
],
/* 'flag' => [
'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
'value' => $_POST['flag']) ?? '',
'output_name' => 'Page Flag',
'type' => 'drop_down_array',
'query' => [
@@ -51,7 +52,7 @@ $edit_pages = [
],
],*/
'online' => [
'value' => $GLOBALS['online'] ?? '',
'value' => $_POST['online'] ?? '',
'output_name' => 'Online',
'int' => 1,
'type' => 'binary',
@@ -61,7 +62,7 @@ $edit_pages = [
],
],
'menu' => [
'value' => $GLOBALS['menu'] ?? '',
'value' => $_POST['menu'] ?? '',
'output_name' => 'Menu',
'int' => 1,
'type' => 'binary',
@@ -71,7 +72,7 @@ $edit_pages = [
],
],
'popup' => [
'value' => $GLOBALS['popup'] ?? '',
'value' => $_POST['popup'] ?? '',
'output_name' => 'Popup',
'int' => 1,
'type' => 'binary',
@@ -81,7 +82,7 @@ $edit_pages = [
],
],
'popup_x' => [
'value' => $GLOBALS['popup_x'] ?? '',
'value' => $_POST['popup_x'] ?? '',
'output_name' => 'Popup Width',
'int_null' => 1,
'type' => 'text',
@@ -89,7 +90,7 @@ $edit_pages = [
'length' => 4
],
'popup_y' => [
'value' => $GLOBALS['popup_y'] ?? '',
'value' => $_POST['popup_y'] ?? '',
'output_name' => 'Popup Height',
'int_null' => 1,
'type' => 'text',
@@ -97,7 +98,7 @@ $edit_pages = [
'length' => 4
],
'content_alias_edit_page_id' => [
'value' => $GLOBALS['content_alias_edit_page_id'] ?? '',
'value' => $_POST['content_alias_edit_page_id'] ?? '',
'output_name' => 'Content Alias Source',
'int_null' => 1,
'type' => 'drop_down_db',
@@ -110,7 +111,7 @@ $edit_pages = [
'order_by' => 'order_number'
// 'query' => "SELECT edit_page_id AS content_alias_edit_page_id, name ".
// "FROM edit_page ".
// (isset($GLOBALS['edit_page_id']) ? " WHERE edit_page_id <> ".$GLOBALS['edit_page_id'] : "")." ".
// (!empty($_POST['edit_page_id']) ? " WHERE edit_page_id <> ".$_POST['edit_page_id'] : "")." ".
// "ORDER BY order_number"
],
],
@@ -151,7 +152,7 @@ $edit_pages = [
'output_name' => 'Visible Groups (access)',
'mandatory' => 1,
'select_size' => 10,
'selected' => $GLOBALS['edit_visible_group_id'] ?? '',
'selected' => $_POST['edit_visible_group_id'] ?? '',
'query' => "SELECT edit_visible_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag "
. "FROM edit_visible_group ORDER BY name"
],
@@ -161,7 +162,7 @@ $edit_pages = [
'output_name' => 'Menu Groups (grouping)',
'mandatory' => 1,
'select_size' => 10,
'selected' => $GLOBALS['edit_menu_group_id'] ?? '',
'selected' => $_POST['edit_menu_group_id'] ?? '',
'query' => "SELECT edit_menu_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag "
. "FROM edit_menu_group ORDER BY order_number"
],

19
www/includes/table_arrays/array_edit_schemes.php
View File

@@ -5,29 +5,30 @@ declare(strict_types=1);
$edit_schemes = [
'table_array' => [
'edit_scheme_id' => [
'value' => $GLOBALS['edit_scheme_id'] ?? '',
'value' => $_POST['edit_scheme_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Scheme Name',
'mandatory' => 1,
'type' => 'text'
],
'header_color' => [
'value' => $GLOBALS['header_color'] ?? '',
'value' => $_POST['header_color'] ?? '',
'output_name' => 'Header Color',
'mandatory' => 1,
'type' => 'text',
'size' => 6,
'length' => 6,
'size' => 10,
'length' => 9,
'error_check' => 'custom',
'error_regex' => '/[\dA-Fa-f]{6}/',
'error_example' => 'F6A544'
// FIXME: update regex check for hex/rgb/hsl with color check class
'error_regex' => '/^#([\dA-Fa-f]{6}|[\dA-Fa-f]{8})$/',
'error_example' => '#F6A544'
],
'enabled' => [
'value' => $GLOBALS['enabled'] ?? '',
'value' => $_POST['enabled'] ?? '',
'output_name' => 'Enabled',
'int' => 1,
'type' => 'binary',
@@ -37,7 +38,7 @@ $edit_schemes = [
],
],
'template' => [
'value' => $GLOBALS['template'] ?? '',
'value' => $_POST['template'] ?? '',
'output_name' => 'Template',
'type' => 'text'
],

72
www/includes/table_arrays/array_edit_users.php
View File

@@ -5,13 +5,13 @@ declare(strict_types=1);
$edit_users = [
'table_array' => [
'edit_user_id' => [
'value' => $GLOBALS['edit_user_id'] ?? '',
'value' => $_POST['edit_user_id'] ?? '',
'type' => 'hidden',
'pk' => 1,
'int' => 1
],
'username' => [
'value' => $GLOBALS['username'] ?? '',
'value' => $_POST['username'] ?? '',
'output_name' => 'Username',
'mandatory' => 1,
'error_check' => 'unique|alphanumericextended',
@@ -22,9 +22,9 @@ $edit_users = [
'min_show_acl' => '-1',
],
'password' => [
'value' => $GLOBALS['password'] ?? '',
'HIDDEN_value' => $GLOBALS['HIDDEN_password'] ?? '',
'CONFIRM_value' => $GLOBALS['CONFIRM_password'] ?? '',
'value' => $_POST['password'] ?? '',
'HIDDEN_value' => $_POST['HIDDEN_password'] ?? '',
'CONFIRM_value' => $_POST['CONFIRM_password'] ?? '',
'output_name' => 'Password',
'mandatory' => 1,
'type' => 'password', // later has to be password for encryption in database
@@ -40,7 +40,7 @@ $edit_users = [
// password date when first insert and password is set, needs special field with connection to password
// password reset force interval, if set, user needs to reset password after X time period
'password_change_interval' => [
'value' => $GLOBALS['password_change_interval'] ?? '',
'value' => $_POST['password_change_interval'] ?? '',
'output_name' => 'Password change interval',
// can be any date length format. n Y/M/D [not H/M/S], only one set, no combination
'error_check' => 'intervalshort',
@@ -52,7 +52,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'enabled' => [
'value' => $GLOBALS['enabled'] ?? '',
'value' => $_POST['enabled'] ?? '',
'output_name' => 'Enabled',
'type' => 'binary',
'int' => 1,
@@ -64,7 +64,7 @@ $edit_users = [
'min_show_acl' => '-1',
],
'deleted' => [
'value' => $GLOBALS['deleted'] ?? '',
'value' => $_POST['deleted'] ?? '',
'output_name' => 'Deleted',
'type' => 'binary',
'int' => 1,
@@ -76,7 +76,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'strict' => [
'value' => $GLOBALS['strict'] ?? '',
'value' => $_POST['strict'] ?? '',
'output_name' => 'Strict (Lock after errors)',
'type' => 'binary',
'int' => 1,
@@ -88,7 +88,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'locked' => [
'value' => $GLOBALS['locked'] ?? '',
'value' => $_POST['locked'] ?? '',
'output_name' => 'Locked (auto set if strict with errors)',
'type' => 'binary',
'int' => 1,
@@ -100,7 +100,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'admin' => [
'value' => $GLOBALS['admin'] ?? '',
'value' => $_POST['admin'] ?? '',
'output_name' => 'Admin',
'type' => 'binary',
'int' => 1,
@@ -112,7 +112,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'debug' => [
'value' => $GLOBALS['debug'] ?? '',
'value' => $_POST['debug'] ?? '',
'output_name' => 'Debug',
'type' => 'binary',
'int' => 1,
@@ -124,7 +124,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'db_debug' => [
'value' => $GLOBALS['db_debug'] ?? '',
'value' => $_POST['db_debug'] ?? '',
'output_name' => 'DB Debug',
'type' => 'binary',
'int' => 1,
@@ -136,7 +136,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'email' => [
'value' => $GLOBALS['email'] ?? '',
'value' => $_POST['email'] ?? '',
'output_name' => 'E-Mail',
'type' => 'text',
'error_check' => 'email',
@@ -144,21 +144,21 @@ $edit_users = [
'min_show_acl' => '100',
],
'last_name' => [
'value' => $GLOBALS['last_name'] ?? '',
'value' => $_POST['last_name'] ?? '',
'output_name' => 'Last Name',
'type' => 'text',
'min_edit_acl' => '100',
'min_show_acl' => '100',
],
'first_name' => [
'value' => $GLOBALS['first_name'] ?? '',
'value' => $_POST['first_name'] ?? '',
'output_name' => 'First Name',
'type' => 'text',
'min_edit_acl' => '100',
'min_show_acl' => '100',
],
'lock_until' => [
'value' => $GLOBALS['lock_until'] ?? '',
'value' => $_POST['lock_until'] ?? '',
'output_name' => 'Lock account until',
'type' => 'datetime',
'error_check' => 'datetime',
@@ -168,7 +168,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'lock_after' => [
'value' => $GLOBALS['lock_after'] ?? '',
'value' => $_POST['lock_after'] ?? '',
'output_name' => 'Lock account after',
'type' => 'datetime',
'error_check' => 'datetime',
@@ -177,7 +177,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'login_user_id' => [
'value' => $GLOBALS['login_user_id'] ?? '',
'value' => $_POST['login_user_id'] ?? '',
'output_name' => '_GET/_POST loginUserId direct login ID',
'type' => 'text',
'error_check' => 'unique|custom',
@@ -187,20 +187,20 @@ $edit_users = [
],
'login_user_id_set_date' => [
'output_name' => 'loginUserId set date',
'value' => $GLOBALS['login_user_id_set_date'] ?? '',
'value' => $_POST['login_user_id_set_date'] ?? '',
'type' => 'view',
'empty' => '-',
'min_show_acl' => '100',
],
'login_user_id_last_revalidate' => [
'output_name' => 'loginUserId last revalidate date',
'value' => $GLOBALS['login_user_id_last_revalidate'] ?? '',
'value' => $_POST['login_user_id_last_revalidate'] ?? '',
'type' => 'view',
'empty' => '-',
'min_show_acl' => '100',
],
'login_user_id_locked' => [
'value' => $GLOBALS['login_user_id_locked'] ?? '',
'value' => $_POST['login_user_id_locked'] ?? '',
'output_name' => 'loginUserId usage locked',
'type' => 'binary',
'int' => 1,
@@ -212,7 +212,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'login_user_id_revalidate_after' => [
'value' => $GLOBALS['login_user_id_revalidate_after'] ?? '',
'value' => $_POST['login_user_id_revalidate_after'] ?? '',
'output_name' => 'loginUserId, User must login after n days',
'type' => 'text',
'error_check' => 'intervalshort',
@@ -223,7 +223,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'login_user_id_valid_from' => [
'value' => $GLOBALS['login_user_id_valid_from'] ?? '',
'value' => $_POST['login_user_id_valid_from'] ?? '',
'output_name' => 'loginUserId valid from',
'type' => 'datetime',
'error_check' => 'datetime',
@@ -233,7 +233,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'login_user_id_valid_until' => [
'value' => $GLOBALS['login_user_id_valid_until'] ?? '',
'value' => $_POST['login_user_id_valid_until'] ?? '',
'output_name' => 'loginUserId valid until',
'type' => 'datetime',
'error_check' => 'datetime',
@@ -243,7 +243,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'edit_language_id' => [
'value' => $GLOBALS['edit_language_id'] ?? '',
'value' => $_POST['edit_language_id'] ?? '',
'output_name' => 'Language',
'mandatory' => 1,
'int' => 1,
@@ -253,7 +253,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'edit_scheme_id' => [
'value' => $GLOBALS['edit_scheme_id'] ?? '',
'value' => $_POST['edit_scheme_id'] ?? '',
'output_name' => 'Scheme',
'int_null' => 1,
'type' => 'drop_down_db',
@@ -262,7 +262,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'edit_group_id' => [
'value' => $GLOBALS['edit_group_id'] ?? '',
'value' => $_POST['edit_group_id'] ?? '',
'output_name' => 'Group',
'int' => 1,
'type' => 'drop_down_db',
@@ -272,7 +272,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'edit_access_right_id' => [
'value' => $GLOBALS['edit_access_right_id'] ?? '',
'value' => $_POST['edit_access_right_id'] ?? '',
'output_name' => 'User Level',
'mandatory' => 1,
'int' => 1,
@@ -283,27 +283,27 @@ $edit_users = [
],
'login_error_count' => [
'output_name' => 'Login error count',
'value' => $GLOBALS['login_error_count'] ?? '',
'value' => $_POST['login_error_count'] ?? '',
'type' => 'view',
'empty' => '0',
'min_show_acl' => '100',
],
'login_error_date_last' => [
'output_name' => 'Last login error',
'value' => $GLOBALS['login_error_date_liast'] ?? '',
'value' => $_POST['login_error_date_liast'] ?? '',
'type' => 'view',
'empty' => '-',
'min_show_acl' => '100',
],
'login_error_date_first' => [
'output_name' => 'First login error',
'value' => $GLOBALS['login_error_date_first'] ?? '',
'value' => $_POST['login_error_date_first'] ?? '',
'type' => 'view',
'empty' => '-',
'min_show_acl' => '100',
],
'protected' => [
'value' => $GLOBALS['protected'] ?? '',
'value' => $_POST['protected'] ?? '',
'output_name' => 'Protected',
'type' => 'binary',
'int' => 1,
@@ -315,7 +315,7 @@ $edit_users = [
'min_show_acl' => '100',
],
'additional_acl' => [
'value' => $GLOBALS['additional_acl'] ?? '',
'value' => $_POST['additional_acl'] ?? '',
'output_name' => 'Additional ACL (as JSON)',
'type' => 'textarea',
'error_check' => 'json',
@@ -331,10 +331,10 @@ $edit_users = [
// if base acl is not 90 only list enabled
// if not admin flag, do not list admin flagged
. (
!$GLOBALS['acl_admin'] ?
!$_POST['acl_admin'] ?
"WHERE admin = 0 "
. (
$GLOBALS['base_acl_level'] < 90 ?
$_POST['base_acl_level'] < 90 ?
"AND enabled = 1 " :
""
)

6
www/includes/table_arrays/array_edit_visible_group.php
View File

@@ -5,18 +5,18 @@ declare(strict_types=1);
$edit_visible_group = [
'table_array' => [
'edit_visible_group_id' => [
'value' => $GLOBALS['edit_visible_group_id'] ?? '',
'value' => $_POST['edit_visible_group_id'] ?? '',
'type' => 'hidden',
'pk' => 1
],
'name' => [
'value' => $GLOBALS['name'] ?? '',
'value' => $_POST['name'] ?? '',
'output_name' => 'Group name',
'mandatory' => 1,
'type' => 'text'
],
'flag' => [
'value' => $GLOBALS['flag'] ?? '',
'value' => $_POST['flag'] ?? '',
'output_name' => 'Flag',
'mandatory' => 1,
'type' => 'text',

12
www/lib/CoreLibs/ACL/Login.php
View File

@@ -677,9 +677,19 @@ class Login
$_SESSION['GROUP_ACL_TYPE'] = $res['group_type'];
// deprecated TEMPLATE setting
$_SESSION['TEMPLATE'] = $res['template'] ? $res['template'] : '';
$_SESSION['HEADER_COLOR'] = $res['second_header_color'] ?
$_SESSION['HEADER_COLOR'] = !empty($res['second_header_color']) ?
$res['second_header_color'] :
$res['first_header_color'];
// missing # before, this is for legacy data, will be deprecated
if (preg_match("/^[\dA-Fa-f]{6,8}$/", $_SESSION['HEADER_COLOR'])) {
$_SESSION['HEADER_COLOR'] = '#' . $_SESSION['HEADER_COLOR'];
}
// TODO: make sure that header color is valid:
// # + 6 hex
// # + 8 hex (alpha)
// rgb(), rgba(), hsl(), hsla()
// rgb: nnn.n for each
// hsl: nnn.n for first, nnn.n% for 2nd, 3rd
$_SESSION['LANG'] = $res['locale'] ?? 'en';
$_SESSION['DEFAULT_CHARSET'] = $res['encoding'] ?? 'UTF-8';
$_SESSION['DEFAULT_LOCALE'] = $_SESSION['LANG']

30
www/lib/CoreLibs/DB/Extended/ArrayIO.php
View File

@@ -12,7 +12,7 @@
* you don't have to write any SQL queries, worry over update/insert
*
* HISTORY:
* 2019/9/11 (cs) error string 21->91, 22->92 for not overlapping with IO
* 2019/9/11 (cs) error string 21->1021, 22->1022 for not overlapping with IO
* 2005/07/07 (cs) updated array class for postgres: set 0 & NULL if int field given, insert uses () values () syntax
* 2005/03/31 (cs) fixed the class call with all debug vars
* 2003-03-10: error_ids where still wrong chagned 11->21 and 12->22
@@ -72,20 +72,24 @@ class ArrayIO extends \CoreLibs\DB\IO
// instance db_io class
parent::__construct($db_config, $log ?? new \CoreLibs\Debug\Logging());
// more error vars for this class
$this->error_string['91'] = 'No Primary Key given';
$this->error_string['92'] = 'Could not run Array Query';
$this->error_string['1999'] = 'No table array or table name set';
$this->error_string['1021'] = 'No Primary Key given';
$this->error_string['1022'] = 'Could not run Array Query';
$this->table_array = $table_array;
$this->table_name = $table_name;
// error abort if no table array or no table name
if (empty($table_array) || empty($table_name)) {
$this->__dbError(1999, false, 'MAJOR ERROR: Core settings missing');
}
// set primary key for given table_array
if (is_array($this->table_array)) {
foreach ($this->table_array as $key => $value) {
if (isset($value['pk'])) {
$this->pk_name = $key;
}
foreach ($this->table_array as $key => $value) {
if (!empty($value['pk'])) {
$this->pk_name = $key;
}
} // set pk_name IF table_array was given
}
$this->dbArrayIOSetAcl($base_acl_level, $acl_admin);
}
@@ -197,7 +201,7 @@ class ArrayIO extends \CoreLibs\DB\IO
// if not set ... produce error
if (!$this->table_array[$this->pk_name]['value']) {
// if no PK found, error ...
$this->__dbError(91);
$this->__dbError(1021);
return false;
} else {
return true;
@@ -282,7 +286,7 @@ class ArrayIO extends \CoreLibs\DB\IO
// if 0, error
$this->pk_id = null;
if (!$this->dbExec($q)) {
$this->__dbError(92);
$this->__dbError(1022);
}
return $this->table_array;
}
@@ -369,7 +373,7 @@ class ArrayIO extends \CoreLibs\DB\IO
// possible dbFetchArray errors ...
$this->pk_id = $this->table_array[$this->pk_name]['value'];
} else {
$this->__dbError(92);
$this->__dbError(1022);
}
return $this->table_array;
}
@@ -631,7 +635,7 @@ class ArrayIO extends \CoreLibs\DB\IO
}
// return success or not
if (!$this->dbExec($q)) {
$this->__dbError(92);
$this->__dbError(1022);
}
// set primary key
if ($insert) {

91
www/lib/CoreLibs/Output/Form/Generate.php
View File

@@ -307,19 +307,21 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
* @param \CoreLibs\Language\L10n|null $l10n l10n language class, null auto set
* @param array<string,string>|null $locale locale array from ::setLocale,
* null auto set
* @param array<mixed>|null $table_arrays Override table array data
* instead of try to load from
* include file
*/
public function __construct(
array $db_config,
?\CoreLibs\Debug\Logging $log = null,
?\CoreLibs\Language\L10n $l10n = null,
?array $locale = null
?array $locale = null,
?array $table_arrays = null,
) {
// don't log per class
if ($log !== null) {
$log->setLogPer('class', false);
}
// if set global table array variable
global $table_arrays;
// replace any non valid variable names
// TODO extract only alphanumeric and _ after . to _ replacement
$this->my_page_name = str_replace(['.'], '_', System::getPageName(System::NO_EXTENSION));
@@ -346,15 +348,9 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
// security settings
$this->base_acl_level = (int)$_SESSION['BASE_ACL_LEVEL'];
$this->acl_admin = (int)$_SESSION['ADMIN'];
$GLOBALS['base_acl_level'] = $this->base_acl_level;
$GLOBALS['acl_admin'] = $this->acl_admin;
// first check if we have a in page override as $table_arrays[page name]
if (
/* isset($GLOBALS['table_arrays']) &&
is_array($GLOBALS['table_arrays']) &&
isset($GLOBALS['table_arrays'][System::getPageName(System::NO_EXTENSION)]) &&
is_array($GLOBALS['table_arrays'][System::getPageName(System::NO_EXTENSION)]) */
isset($table_arrays[System::getPageName(System::NO_EXTENSION)]) &&
is_array($table_arrays[System::getPageName(System::NO_EXTENSION)])
) {
@@ -1480,7 +1476,8 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
// $this->log->debug('edit_error', 'QS: <pre>' . print_r($_POST, true) . '</pre>');
if (is_array($this->element_list)) {
// check the mandatory stuff
// if mandatory, check that at least on pk exists or if at least the mandatory field is filled
// if mandatory, check that at least on pk exists or
// if at least the mandatory field is filled
foreach ($this->element_list as $table_name => $reference_array) {
if (!is_array($reference_array)) {
$reference_array = [];
@@ -1520,7 +1517,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
// . count($_POST[$prfx.$key]) . ' | M: $max');
// $this->log->debug('edit_error_chk', 'K: ' . $_POST[$prfx.$key] . ' | ' . $_POST[$prfx.$key][0]);
}
$this->log->debug('POST ARRAY', $this->log->prAr($_POST));
// $this->log->debug('POST ARRAY', $this->log->prAr($_POST));
// init variables before inner loop run
$mand_okay = 0;
$mand_name = '';
@@ -1532,15 +1529,17 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
for ($i = 0; $i < $max; $i++) {
// either one of the post pks is set, or the mandatory
foreach ($reference_array['elements'] as $el_name => $data_array) {
if (isset($data_array['mandatory']) && $data_array['mandatory']) {
if (
isset($data_array['mandatory']) &&
$data_array['mandatory']
) {
$mand_name = $data_array['output_name'];
}
// check if there is a primary ket inside, so it is okay
if (
isset($data_array['pk_id']) &&
count($_POST[$prfx . $el_name]) &&
isset($reference_array['mandatory']) &&
$reference_array['mandatory']
!empty($reference_array['mandatory'])
) {
$mand_okay = 1;
}
@@ -1551,15 +1550,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
// . $_POST[$prfx . $el_name] . ' - ' . $reference_array['enable_name'] . ' - '
// . $_POST[$reference_array['enable_name']][$_POST[$prfx . $el_name][$i]]);
if (
isset($data_array['mandatory']) &&
$data_array['mandatory'] &&
isset($_POST[$prfx . $el_name][$i]) &&
$_POST[$prfx . $el_name][$i]
!empty($data_array['mandatory']) &&
!empty($_POST[$prfx . $el_name][$i])
) {
$mand_okay = 1;
$row_okay[$i] = 1;
} elseif (
!empty($data_array['type']) && $data_array['type'] == 'radio_group' &&
!empty($data_array['type']) &&
$data_array['type'] == 'radio_group' &&
!isset($_POST[$prfx . $el_name])
) {
// radio group and set where one not active
@@ -1567,20 +1565,22 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
$row_okay[$_POST[$prfx . $el_name][$i] ?? 0] = 0;
$default_wrong[$_POST[$prfx . $el_name][$i] ?? 0] = 1;
$error[$_POST[$prfx . $el_name][$i] ?? 0] = 1;
} elseif (isset($_POST[$prfx . $el_name][$i]) && !isset($error[$i])) {
} elseif (
isset($_POST[$prfx . $el_name][$i]) &&
!isset($error[$i])
) {
// $this->log->debug('edit_error_chk', '[$i]');
$element_set[$i] = 1;
$row_okay[$i] = 1;
} elseif (
isset($data_array['mandatory']) &&
$data_array['mandatory'] &&
!empty($data_array['mandatory']) &&
!$_POST[$prfx . $el_name][$i]
) {
$row_okay[$i] = 0;
}
// do optional error checks like for normal fields
// currently active: unique/alphanumeric
if (isset($data_array['error_check'])) {
if (!empty($data_array['error_check'])) {
foreach (explode('|', $data_array['error_check']) as $error_check) {
switch ($error_check) {
// check unique, check if field is filled and not same in _POST set
@@ -1599,6 +1599,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
$reference_array['output_name'],
$i
);
$_POST['ERROR'][$prfx][$i] = 1;
}
break;
case 'alphanumericspace':
@@ -1614,6 +1615,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
$reference_array['output_name'],
$i
);
$_POST['ERROR'][$prfx][$i] = 1;
}
break;
}
@@ -1625,8 +1627,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
// main mandatory is met -> error msg
if (
!$mand_okay &&
isset($reference_array['mandatory']) &&
$reference_array['mandatory']
!empty($reference_array['mandatory'])
) {
$this->msg .= sprintf(
$this->l->__('You need to enter at least one data set for field <b>%s</b>!<br>'),
@@ -2535,12 +2536,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
}
// $this->log->debug('CFG QUERY', 'Q: ' . $q);
// only run if we have query strnig
$written_pos = [];
if (isset($q)) {
$prfx = $data['prefix']; // short
$pos = 0; // position in while for overwrite if needed
// read out the list and add the selected data if needed
while (is_array($res = $this->dbReturn($q))) {
$_data = [];
$prfx = $data['prefix']; // short
// go through each res
for ($i = 0, $i_max = count($q_select); $i < $i_max; $i++) {
// query select part, set to the element name
@@ -2570,13 +2572,48 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
}
$data['content'][] = $_data;
$data['pos'][] = [0 => $pos]; // this is for the checkboxes
$written_pos[] = $pos;
$pos++; // move up one
// reset and unset before next run
unset($_data);
}
}
// add lost error ones
$this->log->debug('ERROR', 'P: ' . $data['prefix'] . ', '
. $this->log->prAr($_POST['ERROR'][$data['prefix']] ?? []));
if ($this->error && !empty($_POST['ERROR'][$data['prefix']])) {
$prfx = $data['prefix']; // short
$_post_data = [];
// MAX entries defined via $data['pk_name'] entry (must exist)
$_max_pos = count($_POST[$data['pk_name']] ?? []);
// write all excte previous loaded @ $pos
foreach ($q_select as $_el_name) {
for ($_pos = 0; $_pos <= $_max_pos; $_pos++) {
// if not in data pos
if (!in_array($_pos, $written_pos)) {
$_post_data[$_pos][$prfx . $_el_name] =
$_POST[$prfx . $_el_name][$_pos] ?? '';
}
}
}
// only add if all fields in data are filled, else skip
// pk_name field is excluded of check
foreach ($_post_data as $_pos => $_data) {
$filled = false;
foreach ($_data as $_name => $_value) {
if ($_name != $data['pk_name'] && !empty($_value)) {
$filled = true;
}
}
if ($filled == true) {
$data['content'][] = $_data;
$data['pos'][] = [0 => $_pos];
}
}
}
// if this is normal single reference data check the content on the element count
// if there is a max_empty is set, then fill up new elements (unfilled) until we reach max empty
// if there is a max_empty is set, then fill up new elements (unfilled)
// until we reach max empty
if (
/*isset($this->element_list[$table_name]['type']) &&
$this->element_list[$table_name]['type'] == 'reference_data' &&*/