From 53813261fbae972ee38a02b73e86349069a1a838 Mon Sep 17 00:00:00 2001 From: Clemens Schwaighofer Date: Tue, 10 Jan 2023 11:22:04 +0900 Subject: [PATCH] Form\Generate update - remove auto load _POST vars - Update color settings to # leading 6/8 digit hex code - remove any global variable calls/requests - fix some isset/empty clean ups (isset + set = !empty) - fix on delete of reference data that loaded data was not shown again - fix on reference data save error that wrong data is still shown and not removed --- .../20230110_edit_table_column_fix.sql | 25 +++++ www/includes/edit_base.php | 4 - .../table_arrays/array_edit_access.php | 23 ++--- .../table_arrays/array_edit_groups.php | 12 +-- .../table_arrays/array_edit_languages.php | 14 +-- .../table_arrays/array_edit_menu_group.php | 8 +- .../table_arrays/array_edit_pages.php | 33 +++---- .../table_arrays/array_edit_schemes.php | 19 ++-- .../table_arrays/array_edit_users.php | 72 +++++++-------- .../table_arrays/array_edit_visible_group.php | 6 +- www/lib/CoreLibs/ACL/Login.php | 12 ++- www/lib/CoreLibs/DB/Extended/ArrayIO.php | 30 +++--- www/lib/CoreLibs/Output/Form/Generate.php | 91 +++++++++++++------ 13 files changed, 212 insertions(+), 137 deletions(-) create mode 100644 4dev/update/20230106_edit_page_update/20230110_edit_table_column_fix.sql diff --git a/4dev/update/20230106_edit_page_update/20230110_edit_table_column_fix.sql b/4dev/update/20230106_edit_page_update/20230110_edit_table_column_fix.sql new file mode 100644 index 00000000..64f1f74c --- /dev/null +++ b/4dev/update/20230106_edit_page_update/20230110_edit_table_column_fix.sql @@ -0,0 +1,25 @@ +-- Fixes for column types + +-- edit group +ALTER TABLE edit_group ALTER name TYPE VARCHAR; +-- edit language +ALTER TABLE edit_language ALTER short_name TYPE VARCHAR; +ALTER TABLE edit_language ALTER long_name TYPE VARCHAR; +ALTER TABLE edit_language ALTER iso_name TYPE VARCHAR; +-- edit menu group +ALTER TABLE edit_menu_group ALTER name TYPE VARCHAR; +ALTER TABLE edit_menu_group ALTER flag TYPE VARCHAR; +-- edit page +ALTER TABLE edit_page ALTER filename TYPE VARCHAR; +ALTER TABLE edit_page ALTER name TYPE VARCHAR; +-- edit query string +ALTER TABLE edit_query_string ALTER name TYPE VARCHAR; +ALTER TABLE edit_query_string ALTER value TYPE VARCHAR; +-- edit scheme +ALTER TABLE edit_scheme ALTER name TYPE VARCHAR; +ALTER TABLE edit_scheme ALTER header_color TYPE VARCHAR; +ALTER TABLE edit_scheme ALTER css_file TYPE VARCHAR; +ALTER TABLE edit_scheme ALTER template TYPE VARCHAR; +-- edit visible group +ALTER TABLE edit_visible_group ALTER name TYPE VARCHAR; +ALTER TABLE edit_visible_group ALTER flag TYPE VARCHAR; diff --git a/www/includes/edit_base.php b/www/includes/edit_base.php index 81aa774d..31f07e5c 100644 --- a/www/includes/edit_base.php +++ b/www/includes/edit_base.php @@ -58,10 +58,6 @@ $l10n = new \CoreLibs\Language\L10n( // flush and start ob_end_flush(); -// FIXME: only extract _POST data that is needed -// FIXME: update table_arrays reader to use other than $_GLOBALS -extract($_POST, EXTR_SKIP); - // init smarty and form class $edit_base = new CoreLibs\Admin\EditBase(DB_CONFIG, $log, $l10n, $locale); // creates edit pages and runs actions diff --git a/www/includes/table_arrays/array_edit_access.php b/www/includes/table_arrays/array_edit_access.php index c3c483a8..5d58c55f 100644 --- a/www/includes/table_arrays/array_edit_access.php +++ b/www/includes/table_arrays/array_edit_access.php @@ -5,35 +5,36 @@ declare(strict_types=1); $edit_access = [ 'table_array' => [ 'edit_access_id' => [ - 'value' => $GLOBALS['edit_access_id'] ?? '', + 'value' => $_POST['edit_access_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Access Group Name', 'mandatory' => 1, 'type' => 'text', 'error_check' => 'alphanumericspace|unique' ], 'description' => [ - 'value' => $GLOBALS['description'] ?? '', + 'value' => $_POST['description'] ?? '', 'output_name' => 'Description', 'type' => 'textarea' ], 'color' => [ - 'value' => $GLOBALS['color'] ?? '', + 'value' => $_POST['color'] ?? '', 'output_name' => 'Color', 'mandatory' => 0, 'type' => 'text', - 'size' => 6, - 'length' => 6, + 'size' => 10, + 'length' => 9, 'error_check' => 'custom', - 'error_regex' => "/[\dA-Fa-f]{6}/", - 'error_example' => 'F6A544' + // FIXME: update regex check for hex/rgb/hsl with color check class + 'error_regex' => '/^#([\dA-Fa-f]{6}|[\dA-Fa-f]{8})$/', + 'error_example' => '#F6A544' ], 'enabled' => [ - 'value' => $GLOBALS['enabled'] ?? 0, + 'value' => $_POST['enabled'] ?? 0, 'output_name' => 'Enabled', 'type' => 'binary', 'int' => 1, // OR 'bool' => 1 @@ -43,7 +44,7 @@ $edit_access = [ ], ], 'protected' => [ - 'value' => $GLOBALS['protected'] ?? 0, + 'value' => $_POST['protected'] ?? 0, 'output_name' => 'Protected', 'type' => 'binary', 'int' => 1, @@ -53,7 +54,7 @@ $edit_access = [ ], ], 'additional_acl' => [ - 'value' => $GLOBALS['additional_acl'] ?? '', + 'value' => $_POST['additional_acl'] ?? '', 'output_name' => 'Additional ACL (as JSON)', 'type' => 'textarea', 'error_check' => 'json', diff --git a/www/includes/table_arrays/array_edit_groups.php b/www/includes/table_arrays/array_edit_groups.php index ac7d29f1..49ba7048 100644 --- a/www/includes/table_arrays/array_edit_groups.php +++ b/www/includes/table_arrays/array_edit_groups.php @@ -5,12 +5,12 @@ declare(strict_types=1); $edit_groups = [ 'table_array' => [ 'edit_group_id' => [ - 'value' => $GLOBALS['edit_group_id'] ?? '', + 'value' => $_POST['edit_group_id'] ?? '', 'pk' => 1, 'type' => 'hidden' ], 'enabled' => [ - 'value' => $GLOBALS['enabled'] ?? '', + 'value' => $_POST['enabled'] ?? '', 'output_name' => 'Enabled', 'int' => 1, 'type' => 'binary', @@ -20,13 +20,13 @@ $edit_groups = [ ], ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Group Name', 'type' => 'text', 'mandatory' => 1 ], 'edit_access_right_id' => [ - 'value' => $GLOBALS['edit_access_right_id'] ?? '', + 'value' => $_POST['edit_access_right_id'] ?? '', 'output_name' => 'Group Level', 'mandatory' => 1, 'int' => 1, @@ -34,14 +34,14 @@ $edit_groups = [ 'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level" ], 'edit_scheme_id' => [ - 'value' => $GLOBALS['edit_scheme_id'] ?? '', + 'value' => $_POST['edit_scheme_id'] ?? '', 'output_name' => 'Group Scheme', 'int_null' => 1, 'type' => 'drop_down_db', 'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name" ], 'additional_acl' => [ - 'value' => $GLOBALS['additional_acl'] ?? '', + 'value' => $_POST['additional_acl'] ?? '', 'output_name' => 'Additional ACL (as JSON)', 'type' => 'textarea', 'error_check' => 'json', diff --git a/www/includes/table_arrays/array_edit_languages.php b/www/includes/table_arrays/array_edit_languages.php index 7f4632e0..dc778e59 100644 --- a/www/includes/table_arrays/array_edit_languages.php +++ b/www/includes/table_arrays/array_edit_languages.php @@ -5,12 +5,12 @@ declare(strict_types=1); $edit_languages = [ 'table_array' => [ 'edit_language_id' => [ - 'value' => $GLOBALS['edit_language_id'] ?? '', + 'value' => $_POST['edit_language_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'short_name' => [ - 'value' => $GLOBALS['short_name'] ?? '', + 'value' => $_POST['short_name'] ?? '', 'output_name' => 'Language (short)', 'mandatory' => 1, 'type' => 'text', @@ -18,25 +18,25 @@ $edit_languages = [ 'length' => 2 ], 'long_name' => [ - 'value' => $GLOBALS['long_name'] ?? '', + 'value' => $_POST['long_name'] ?? '', 'output_name' => 'Language (long)', 'mandatory' => 1, 'type' => 'text', 'size' => 40 ], 'iso_name' => [ - 'value' => $GLOBALS['iso_name'] ?? '', + 'value' => $_POST['iso_name'] ?? '', 'output_name' => 'ISO Code', 'mandatory' => 1, 'type' => 'text' ], 'order_number' => [ - 'value' => $GLOBALS['order_number'] ?? '', + 'value' => $_POST['order_number'] ?? '', 'int' => 1, 'order' => 1 ], 'enabled' => [ - 'value' => $GLOBALS['enabled'] ?? '', + 'value' => $_POST['enabled'] ?? '', 'output_name' => 'Enabled', 'int' => 1, 'type' => 'binary', @@ -46,7 +46,7 @@ $edit_languages = [ ], ], 'lang_default' => [ - 'value' => $GLOBALS['lang_default'] ?? '', + 'value' => $_POST['lang_default'] ?? '', 'output_name' => 'Default Language', 'int' => 1, 'type' => 'binary', diff --git a/www/includes/table_arrays/array_edit_menu_group.php b/www/includes/table_arrays/array_edit_menu_group.php index c45e8c74..3bb1a4bf 100644 --- a/www/includes/table_arrays/array_edit_menu_group.php +++ b/www/includes/table_arrays/array_edit_menu_group.php @@ -5,25 +5,25 @@ declare(strict_types=1); $edit_menu_group = [ 'table_array' => [ 'edit_menu_group_id' => [ - 'value' => $GLOBALS['edit_menu_group_id'] ?? '', + 'value' => $_POST['edit_menu_group_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Group name', 'mandatory' => 1, 'type' => 'text' ], 'flag' => [ - 'value' => $GLOBALS['flag'] ?? '', + 'value' => $_POST['flag'] ?? '', 'output_name' => 'Flag', 'mandatory' => 1, 'type' => 'text', 'error_check' => 'alphanumeric|unique' ], 'order_number' => [ - 'value' => $GLOBALS['order_number'] ?? '', + 'value' => $_POST['order_number'] ?? '', 'output_name' => 'Group order', 'type' => 'order', 'int' => 1, diff --git a/www/includes/table_arrays/array_edit_pages.php b/www/includes/table_arrays/array_edit_pages.php index 3198eda6..e14cc5ee 100644 --- a/www/includes/table_arrays/array_edit_pages.php +++ b/www/includes/table_arrays/array_edit_pages.php @@ -5,40 +5,41 @@ declare(strict_types=1); $edit_pages = [ 'table_array' => [ 'edit_page_id' => [ - 'value' => $GLOBALS['edit_page_id'] ?? '', + 'value' => $_POST['edit_page_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'filename' => [ - 'value' => $GLOBALS['filename'] ?? '', + 'value' => $_POST['filename'] ?? '', 'output_name' => 'Add File ...', 'mandatory' => 1, 'type' => 'drop_down_db', - 'query' => "SELECT DISTINCT temp_files.filename AS id, temp_files.folder || temp_files.filename AS name " + 'query' => "SELECT DISTINCT temp_files.filename AS id, " + . "temp_files.folder || temp_files.filename AS name " . "FROM temp_files " . "LEFT JOIN edit_page ep ON temp_files.filename = ep.filename " . "WHERE ep.filename IS NULL" ], 'hostname' => [ - 'value' => $GLOBALS['hostname'] ?? '', + 'value' => $_POST['hostname'] ?? '', 'output_name' => 'Hostname or folder', 'type' => 'text' ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Page name', 'mandatory' => 1, 'type' => 'text' ], 'order_number' => [ - 'value' => $GLOBALS['order_number'] ?? '', + 'value' => $_POST['order_number'] ?? '', 'output_name' => 'Page order', 'type' => 'order', 'int' => 1, 'order' => 1 ], /* 'flag' => [ - 'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '', + 'value' => $_POST['flag']) ?? '', 'output_name' => 'Page Flag', 'type' => 'drop_down_array', 'query' => [ @@ -51,7 +52,7 @@ $edit_pages = [ ], ],*/ 'online' => [ - 'value' => $GLOBALS['online'] ?? '', + 'value' => $_POST['online'] ?? '', 'output_name' => 'Online', 'int' => 1, 'type' => 'binary', @@ -61,7 +62,7 @@ $edit_pages = [ ], ], 'menu' => [ - 'value' => $GLOBALS['menu'] ?? '', + 'value' => $_POST['menu'] ?? '', 'output_name' => 'Menu', 'int' => 1, 'type' => 'binary', @@ -71,7 +72,7 @@ $edit_pages = [ ], ], 'popup' => [ - 'value' => $GLOBALS['popup'] ?? '', + 'value' => $_POST['popup'] ?? '', 'output_name' => 'Popup', 'int' => 1, 'type' => 'binary', @@ -81,7 +82,7 @@ $edit_pages = [ ], ], 'popup_x' => [ - 'value' => $GLOBALS['popup_x'] ?? '', + 'value' => $_POST['popup_x'] ?? '', 'output_name' => 'Popup Width', 'int_null' => 1, 'type' => 'text', @@ -89,7 +90,7 @@ $edit_pages = [ 'length' => 4 ], 'popup_y' => [ - 'value' => $GLOBALS['popup_y'] ?? '', + 'value' => $_POST['popup_y'] ?? '', 'output_name' => 'Popup Height', 'int_null' => 1, 'type' => 'text', @@ -97,7 +98,7 @@ $edit_pages = [ 'length' => 4 ], 'content_alias_edit_page_id' => [ - 'value' => $GLOBALS['content_alias_edit_page_id'] ?? '', + 'value' => $_POST['content_alias_edit_page_id'] ?? '', 'output_name' => 'Content Alias Source', 'int_null' => 1, 'type' => 'drop_down_db', @@ -110,7 +111,7 @@ $edit_pages = [ 'order_by' => 'order_number' // 'query' => "SELECT edit_page_id AS content_alias_edit_page_id, name ". // "FROM edit_page ". - // (isset($GLOBALS['edit_page_id']) ? " WHERE edit_page_id <> ".$GLOBALS['edit_page_id'] : "")." ". + // (!empty($_POST['edit_page_id']) ? " WHERE edit_page_id <> ".$_POST['edit_page_id'] : "")." ". // "ORDER BY order_number" ], ], @@ -151,7 +152,7 @@ $edit_pages = [ 'output_name' => 'Visible Groups (access)', 'mandatory' => 1, 'select_size' => 10, - 'selected' => $GLOBALS['edit_visible_group_id'] ?? '', + 'selected' => $_POST['edit_visible_group_id'] ?? '', 'query' => "SELECT edit_visible_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag " . "FROM edit_visible_group ORDER BY name" ], @@ -161,7 +162,7 @@ $edit_pages = [ 'output_name' => 'Menu Groups (grouping)', 'mandatory' => 1, 'select_size' => 10, - 'selected' => $GLOBALS['edit_menu_group_id'] ?? '', + 'selected' => $_POST['edit_menu_group_id'] ?? '', 'query' => "SELECT edit_menu_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag " . "FROM edit_menu_group ORDER BY order_number" ], diff --git a/www/includes/table_arrays/array_edit_schemes.php b/www/includes/table_arrays/array_edit_schemes.php index fa137469..b4051b95 100644 --- a/www/includes/table_arrays/array_edit_schemes.php +++ b/www/includes/table_arrays/array_edit_schemes.php @@ -5,29 +5,30 @@ declare(strict_types=1); $edit_schemes = [ 'table_array' => [ 'edit_scheme_id' => [ - 'value' => $GLOBALS['edit_scheme_id'] ?? '', + 'value' => $_POST['edit_scheme_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Scheme Name', 'mandatory' => 1, 'type' => 'text' ], 'header_color' => [ - 'value' => $GLOBALS['header_color'] ?? '', + 'value' => $_POST['header_color'] ?? '', 'output_name' => 'Header Color', 'mandatory' => 1, 'type' => 'text', - 'size' => 6, - 'length' => 6, + 'size' => 10, + 'length' => 9, 'error_check' => 'custom', - 'error_regex' => '/[\dA-Fa-f]{6}/', - 'error_example' => 'F6A544' + // FIXME: update regex check for hex/rgb/hsl with color check class + 'error_regex' => '/^#([\dA-Fa-f]{6}|[\dA-Fa-f]{8})$/', + 'error_example' => '#F6A544' ], 'enabled' => [ - 'value' => $GLOBALS['enabled'] ?? '', + 'value' => $_POST['enabled'] ?? '', 'output_name' => 'Enabled', 'int' => 1, 'type' => 'binary', @@ -37,7 +38,7 @@ $edit_schemes = [ ], ], 'template' => [ - 'value' => $GLOBALS['template'] ?? '', + 'value' => $_POST['template'] ?? '', 'output_name' => 'Template', 'type' => 'text' ], diff --git a/www/includes/table_arrays/array_edit_users.php b/www/includes/table_arrays/array_edit_users.php index d311b264..0985507c 100644 --- a/www/includes/table_arrays/array_edit_users.php +++ b/www/includes/table_arrays/array_edit_users.php @@ -5,13 +5,13 @@ declare(strict_types=1); $edit_users = [ 'table_array' => [ 'edit_user_id' => [ - 'value' => $GLOBALS['edit_user_id'] ?? '', + 'value' => $_POST['edit_user_id'] ?? '', 'type' => 'hidden', 'pk' => 1, 'int' => 1 ], 'username' => [ - 'value' => $GLOBALS['username'] ?? '', + 'value' => $_POST['username'] ?? '', 'output_name' => 'Username', 'mandatory' => 1, 'error_check' => 'unique|alphanumericextended', @@ -22,9 +22,9 @@ $edit_users = [ 'min_show_acl' => '-1', ], 'password' => [ - 'value' => $GLOBALS['password'] ?? '', - 'HIDDEN_value' => $GLOBALS['HIDDEN_password'] ?? '', - 'CONFIRM_value' => $GLOBALS['CONFIRM_password'] ?? '', + 'value' => $_POST['password'] ?? '', + 'HIDDEN_value' => $_POST['HIDDEN_password'] ?? '', + 'CONFIRM_value' => $_POST['CONFIRM_password'] ?? '', 'output_name' => 'Password', 'mandatory' => 1, 'type' => 'password', // later has to be password for encryption in database @@ -40,7 +40,7 @@ $edit_users = [ // password date when first insert and password is set, needs special field with connection to password // password reset force interval, if set, user needs to reset password after X time period 'password_change_interval' => [ - 'value' => $GLOBALS['password_change_interval'] ?? '', + 'value' => $_POST['password_change_interval'] ?? '', 'output_name' => 'Password change interval', // can be any date length format. n Y/M/D [not H/M/S], only one set, no combination 'error_check' => 'intervalshort', @@ -52,7 +52,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'enabled' => [ - 'value' => $GLOBALS['enabled'] ?? '', + 'value' => $_POST['enabled'] ?? '', 'output_name' => 'Enabled', 'type' => 'binary', 'int' => 1, @@ -64,7 +64,7 @@ $edit_users = [ 'min_show_acl' => '-1', ], 'deleted' => [ - 'value' => $GLOBALS['deleted'] ?? '', + 'value' => $_POST['deleted'] ?? '', 'output_name' => 'Deleted', 'type' => 'binary', 'int' => 1, @@ -76,7 +76,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'strict' => [ - 'value' => $GLOBALS['strict'] ?? '', + 'value' => $_POST['strict'] ?? '', 'output_name' => 'Strict (Lock after errors)', 'type' => 'binary', 'int' => 1, @@ -88,7 +88,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'locked' => [ - 'value' => $GLOBALS['locked'] ?? '', + 'value' => $_POST['locked'] ?? '', 'output_name' => 'Locked (auto set if strict with errors)', 'type' => 'binary', 'int' => 1, @@ -100,7 +100,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'admin' => [ - 'value' => $GLOBALS['admin'] ?? '', + 'value' => $_POST['admin'] ?? '', 'output_name' => 'Admin', 'type' => 'binary', 'int' => 1, @@ -112,7 +112,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'debug' => [ - 'value' => $GLOBALS['debug'] ?? '', + 'value' => $_POST['debug'] ?? '', 'output_name' => 'Debug', 'type' => 'binary', 'int' => 1, @@ -124,7 +124,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'db_debug' => [ - 'value' => $GLOBALS['db_debug'] ?? '', + 'value' => $_POST['db_debug'] ?? '', 'output_name' => 'DB Debug', 'type' => 'binary', 'int' => 1, @@ -136,7 +136,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'email' => [ - 'value' => $GLOBALS['email'] ?? '', + 'value' => $_POST['email'] ?? '', 'output_name' => 'E-Mail', 'type' => 'text', 'error_check' => 'email', @@ -144,21 +144,21 @@ $edit_users = [ 'min_show_acl' => '100', ], 'last_name' => [ - 'value' => $GLOBALS['last_name'] ?? '', + 'value' => $_POST['last_name'] ?? '', 'output_name' => 'Last Name', 'type' => 'text', 'min_edit_acl' => '100', 'min_show_acl' => '100', ], 'first_name' => [ - 'value' => $GLOBALS['first_name'] ?? '', + 'value' => $_POST['first_name'] ?? '', 'output_name' => 'First Name', 'type' => 'text', 'min_edit_acl' => '100', 'min_show_acl' => '100', ], 'lock_until' => [ - 'value' => $GLOBALS['lock_until'] ?? '', + 'value' => $_POST['lock_until'] ?? '', 'output_name' => 'Lock account until', 'type' => 'datetime', 'error_check' => 'datetime', @@ -168,7 +168,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'lock_after' => [ - 'value' => $GLOBALS['lock_after'] ?? '', + 'value' => $_POST['lock_after'] ?? '', 'output_name' => 'Lock account after', 'type' => 'datetime', 'error_check' => 'datetime', @@ -177,7 +177,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'login_user_id' => [ - 'value' => $GLOBALS['login_user_id'] ?? '', + 'value' => $_POST['login_user_id'] ?? '', 'output_name' => '_GET/_POST loginUserId direct login ID', 'type' => 'text', 'error_check' => 'unique|custom', @@ -187,20 +187,20 @@ $edit_users = [ ], 'login_user_id_set_date' => [ 'output_name' => 'loginUserId set date', - 'value' => $GLOBALS['login_user_id_set_date'] ?? '', + 'value' => $_POST['login_user_id_set_date'] ?? '', 'type' => 'view', 'empty' => '-', 'min_show_acl' => '100', ], 'login_user_id_last_revalidate' => [ 'output_name' => 'loginUserId last revalidate date', - 'value' => $GLOBALS['login_user_id_last_revalidate'] ?? '', + 'value' => $_POST['login_user_id_last_revalidate'] ?? '', 'type' => 'view', 'empty' => '-', 'min_show_acl' => '100', ], 'login_user_id_locked' => [ - 'value' => $GLOBALS['login_user_id_locked'] ?? '', + 'value' => $_POST['login_user_id_locked'] ?? '', 'output_name' => 'loginUserId usage locked', 'type' => 'binary', 'int' => 1, @@ -212,7 +212,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'login_user_id_revalidate_after' => [ - 'value' => $GLOBALS['login_user_id_revalidate_after'] ?? '', + 'value' => $_POST['login_user_id_revalidate_after'] ?? '', 'output_name' => 'loginUserId, User must login after n days', 'type' => 'text', 'error_check' => 'intervalshort', @@ -223,7 +223,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'login_user_id_valid_from' => [ - 'value' => $GLOBALS['login_user_id_valid_from'] ?? '', + 'value' => $_POST['login_user_id_valid_from'] ?? '', 'output_name' => 'loginUserId valid from', 'type' => 'datetime', 'error_check' => 'datetime', @@ -233,7 +233,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'login_user_id_valid_until' => [ - 'value' => $GLOBALS['login_user_id_valid_until'] ?? '', + 'value' => $_POST['login_user_id_valid_until'] ?? '', 'output_name' => 'loginUserId valid until', 'type' => 'datetime', 'error_check' => 'datetime', @@ -243,7 +243,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'edit_language_id' => [ - 'value' => $GLOBALS['edit_language_id'] ?? '', + 'value' => $_POST['edit_language_id'] ?? '', 'output_name' => 'Language', 'mandatory' => 1, 'int' => 1, @@ -253,7 +253,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'edit_scheme_id' => [ - 'value' => $GLOBALS['edit_scheme_id'] ?? '', + 'value' => $_POST['edit_scheme_id'] ?? '', 'output_name' => 'Scheme', 'int_null' => 1, 'type' => 'drop_down_db', @@ -262,7 +262,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'edit_group_id' => [ - 'value' => $GLOBALS['edit_group_id'] ?? '', + 'value' => $_POST['edit_group_id'] ?? '', 'output_name' => 'Group', 'int' => 1, 'type' => 'drop_down_db', @@ -272,7 +272,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'edit_access_right_id' => [ - 'value' => $GLOBALS['edit_access_right_id'] ?? '', + 'value' => $_POST['edit_access_right_id'] ?? '', 'output_name' => 'User Level', 'mandatory' => 1, 'int' => 1, @@ -283,27 +283,27 @@ $edit_users = [ ], 'login_error_count' => [ 'output_name' => 'Login error count', - 'value' => $GLOBALS['login_error_count'] ?? '', + 'value' => $_POST['login_error_count'] ?? '', 'type' => 'view', 'empty' => '0', 'min_show_acl' => '100', ], 'login_error_date_last' => [ 'output_name' => 'Last login error', - 'value' => $GLOBALS['login_error_date_liast'] ?? '', + 'value' => $_POST['login_error_date_liast'] ?? '', 'type' => 'view', 'empty' => '-', 'min_show_acl' => '100', ], 'login_error_date_first' => [ 'output_name' => 'First login error', - 'value' => $GLOBALS['login_error_date_first'] ?? '', + 'value' => $_POST['login_error_date_first'] ?? '', 'type' => 'view', 'empty' => '-', 'min_show_acl' => '100', ], 'protected' => [ - 'value' => $GLOBALS['protected'] ?? '', + 'value' => $_POST['protected'] ?? '', 'output_name' => 'Protected', 'type' => 'binary', 'int' => 1, @@ -315,7 +315,7 @@ $edit_users = [ 'min_show_acl' => '100', ], 'additional_acl' => [ - 'value' => $GLOBALS['additional_acl'] ?? '', + 'value' => $_POST['additional_acl'] ?? '', 'output_name' => 'Additional ACL (as JSON)', 'type' => 'textarea', 'error_check' => 'json', @@ -331,10 +331,10 @@ $edit_users = [ // if base acl is not 90 only list enabled // if not admin flag, do not list admin flagged . ( - !$GLOBALS['acl_admin'] ? + !$_POST['acl_admin'] ? "WHERE admin = 0 " . ( - $GLOBALS['base_acl_level'] < 90 ? + $_POST['base_acl_level'] < 90 ? "AND enabled = 1 " : "" ) diff --git a/www/includes/table_arrays/array_edit_visible_group.php b/www/includes/table_arrays/array_edit_visible_group.php index 80492f6a..6404c973 100644 --- a/www/includes/table_arrays/array_edit_visible_group.php +++ b/www/includes/table_arrays/array_edit_visible_group.php @@ -5,18 +5,18 @@ declare(strict_types=1); $edit_visible_group = [ 'table_array' => [ 'edit_visible_group_id' => [ - 'value' => $GLOBALS['edit_visible_group_id'] ?? '', + 'value' => $_POST['edit_visible_group_id'] ?? '', 'type' => 'hidden', 'pk' => 1 ], 'name' => [ - 'value' => $GLOBALS['name'] ?? '', + 'value' => $_POST['name'] ?? '', 'output_name' => 'Group name', 'mandatory' => 1, 'type' => 'text' ], 'flag' => [ - 'value' => $GLOBALS['flag'] ?? '', + 'value' => $_POST['flag'] ?? '', 'output_name' => 'Flag', 'mandatory' => 1, 'type' => 'text', diff --git a/www/lib/CoreLibs/ACL/Login.php b/www/lib/CoreLibs/ACL/Login.php index 732cd8d9..c46671d2 100644 --- a/www/lib/CoreLibs/ACL/Login.php +++ b/www/lib/CoreLibs/ACL/Login.php @@ -677,9 +677,19 @@ class Login $_SESSION['GROUP_ACL_TYPE'] = $res['group_type']; // deprecated TEMPLATE setting $_SESSION['TEMPLATE'] = $res['template'] ? $res['template'] : ''; - $_SESSION['HEADER_COLOR'] = $res['second_header_color'] ? + $_SESSION['HEADER_COLOR'] = !empty($res['second_header_color']) ? $res['second_header_color'] : $res['first_header_color']; + // missing # before, this is for legacy data, will be deprecated + if (preg_match("/^[\dA-Fa-f]{6,8}$/", $_SESSION['HEADER_COLOR'])) { + $_SESSION['HEADER_COLOR'] = '#' . $_SESSION['HEADER_COLOR']; + } + // TODO: make sure that header color is valid: + // # + 6 hex + // # + 8 hex (alpha) + // rgb(), rgba(), hsl(), hsla() + // rgb: nnn.n for each + // hsl: nnn.n for first, nnn.n% for 2nd, 3rd $_SESSION['LANG'] = $res['locale'] ?? 'en'; $_SESSION['DEFAULT_CHARSET'] = $res['encoding'] ?? 'UTF-8'; $_SESSION['DEFAULT_LOCALE'] = $_SESSION['LANG'] diff --git a/www/lib/CoreLibs/DB/Extended/ArrayIO.php b/www/lib/CoreLibs/DB/Extended/ArrayIO.php index 51432224..3044d414 100644 --- a/www/lib/CoreLibs/DB/Extended/ArrayIO.php +++ b/www/lib/CoreLibs/DB/Extended/ArrayIO.php @@ -12,7 +12,7 @@ * you don't have to write any SQL queries, worry over update/insert * * HISTORY: -* 2019/9/11 (cs) error string 21->91, 22->92 for not overlapping with IO +* 2019/9/11 (cs) error string 21->1021, 22->1022 for not overlapping with IO * 2005/07/07 (cs) updated array class for postgres: set 0 & NULL if int field given, insert uses () values () syntax * 2005/03/31 (cs) fixed the class call with all debug vars * 2003-03-10: error_ids where still wrong chagned 11->21 and 12->22 @@ -72,20 +72,24 @@ class ArrayIO extends \CoreLibs\DB\IO // instance db_io class parent::__construct($db_config, $log ?? new \CoreLibs\Debug\Logging()); // more error vars for this class - $this->error_string['91'] = 'No Primary Key given'; - $this->error_string['92'] = 'Could not run Array Query'; + $this->error_string['1999'] = 'No table array or table name set'; + $this->error_string['1021'] = 'No Primary Key given'; + $this->error_string['1022'] = 'Could not run Array Query'; $this->table_array = $table_array; $this->table_name = $table_name; + // error abort if no table array or no table name + if (empty($table_array) || empty($table_name)) { + $this->__dbError(1999, false, 'MAJOR ERROR: Core settings missing'); + } + // set primary key for given table_array - if (is_array($this->table_array)) { - foreach ($this->table_array as $key => $value) { - if (isset($value['pk'])) { - $this->pk_name = $key; - } + foreach ($this->table_array as $key => $value) { + if (!empty($value['pk'])) { + $this->pk_name = $key; } - } // set pk_name IF table_array was given + } $this->dbArrayIOSetAcl($base_acl_level, $acl_admin); } @@ -197,7 +201,7 @@ class ArrayIO extends \CoreLibs\DB\IO // if not set ... produce error if (!$this->table_array[$this->pk_name]['value']) { // if no PK found, error ... - $this->__dbError(91); + $this->__dbError(1021); return false; } else { return true; @@ -282,7 +286,7 @@ class ArrayIO extends \CoreLibs\DB\IO // if 0, error $this->pk_id = null; if (!$this->dbExec($q)) { - $this->__dbError(92); + $this->__dbError(1022); } return $this->table_array; } @@ -369,7 +373,7 @@ class ArrayIO extends \CoreLibs\DB\IO // possible dbFetchArray errors ... $this->pk_id = $this->table_array[$this->pk_name]['value']; } else { - $this->__dbError(92); + $this->__dbError(1022); } return $this->table_array; } @@ -631,7 +635,7 @@ class ArrayIO extends \CoreLibs\DB\IO } // return success or not if (!$this->dbExec($q)) { - $this->__dbError(92); + $this->__dbError(1022); } // set primary key if ($insert) { diff --git a/www/lib/CoreLibs/Output/Form/Generate.php b/www/lib/CoreLibs/Output/Form/Generate.php index 54b2c815..94e2c83c 100644 --- a/www/lib/CoreLibs/Output/Form/Generate.php +++ b/www/lib/CoreLibs/Output/Form/Generate.php @@ -307,19 +307,21 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO * @param \CoreLibs\Language\L10n|null $l10n l10n language class, null auto set * @param array|null $locale locale array from ::setLocale, * null auto set + * @param array|null $table_arrays Override table array data + * instead of try to load from + * include file */ public function __construct( array $db_config, ?\CoreLibs\Debug\Logging $log = null, ?\CoreLibs\Language\L10n $l10n = null, - ?array $locale = null + ?array $locale = null, + ?array $table_arrays = null, ) { // don't log per class if ($log !== null) { $log->setLogPer('class', false); } - // if set global table array variable - global $table_arrays; // replace any non valid variable names // TODO extract only alphanumeric and _ after . to _ replacement $this->my_page_name = str_replace(['.'], '_', System::getPageName(System::NO_EXTENSION)); @@ -346,15 +348,9 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO // security settings $this->base_acl_level = (int)$_SESSION['BASE_ACL_LEVEL']; $this->acl_admin = (int)$_SESSION['ADMIN']; - $GLOBALS['base_acl_level'] = $this->base_acl_level; - $GLOBALS['acl_admin'] = $this->acl_admin; // first check if we have a in page override as $table_arrays[page name] if ( - /* isset($GLOBALS['table_arrays']) && - is_array($GLOBALS['table_arrays']) && - isset($GLOBALS['table_arrays'][System::getPageName(System::NO_EXTENSION)]) && - is_array($GLOBALS['table_arrays'][System::getPageName(System::NO_EXTENSION)]) */ isset($table_arrays[System::getPageName(System::NO_EXTENSION)]) && is_array($table_arrays[System::getPageName(System::NO_EXTENSION)]) ) { @@ -1480,7 +1476,8 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO // $this->log->debug('edit_error', 'QS: 
' . print_r($_POST, true) . '
'); if (is_array($this->element_list)) { // check the mandatory stuff - // if mandatory, check that at least on pk exists or if at least the mandatory field is filled + // if mandatory, check that at least on pk exists or + // if at least the mandatory field is filled foreach ($this->element_list as $table_name => $reference_array) { if (!is_array($reference_array)) { $reference_array = []; @@ -1520,7 +1517,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO // . count($_POST[$prfx.$key]) . ' | M: $max'); // $this->log->debug('edit_error_chk', 'K: ' . $_POST[$prfx.$key] . ' | ' . $_POST[$prfx.$key][0]); } - $this->log->debug('POST ARRAY', $this->log->prAr($_POST)); + // $this->log->debug('POST ARRAY', $this->log->prAr($_POST)); // init variables before inner loop run $mand_okay = 0; $mand_name = ''; @@ -1532,15 +1529,17 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO for ($i = 0; $i < $max; $i++) { // either one of the post pks is set, or the mandatory foreach ($reference_array['elements'] as $el_name => $data_array) { - if (isset($data_array['mandatory']) && $data_array['mandatory']) { + if ( + isset($data_array['mandatory']) && + $data_array['mandatory'] + ) { $mand_name = $data_array['output_name']; } // check if there is a primary ket inside, so it is okay if ( isset($data_array['pk_id']) && count($_POST[$prfx . $el_name]) && - isset($reference_array['mandatory']) && - $reference_array['mandatory'] + !empty($reference_array['mandatory']) ) { $mand_okay = 1; } @@ -1551,15 +1550,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO // . $_POST[$prfx . $el_name] . ' - ' . $reference_array['enable_name'] . ' - ' // . $_POST[$reference_array['enable_name']][$_POST[$prfx . $el_name][$i]]); if ( - isset($data_array['mandatory']) && - $data_array['mandatory'] && - isset($_POST[$prfx . $el_name][$i]) && - $_POST[$prfx . $el_name][$i] + !empty($data_array['mandatory']) && + !empty($_POST[$prfx . $el_name][$i]) ) { $mand_okay = 1; $row_okay[$i] = 1; } elseif ( - !empty($data_array['type']) && $data_array['type'] == 'radio_group' && + !empty($data_array['type']) && + $data_array['type'] == 'radio_group' && !isset($_POST[$prfx . $el_name]) ) { // radio group and set where one not active @@ -1567,20 +1565,22 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $row_okay[$_POST[$prfx . $el_name][$i] ?? 0] = 0; $default_wrong[$_POST[$prfx . $el_name][$i] ?? 0] = 1; $error[$_POST[$prfx . $el_name][$i] ?? 0] = 1; - } elseif (isset($_POST[$prfx . $el_name][$i]) && !isset($error[$i])) { + } elseif ( + isset($_POST[$prfx . $el_name][$i]) && + !isset($error[$i]) + ) { // $this->log->debug('edit_error_chk', '[$i]'); $element_set[$i] = 1; $row_okay[$i] = 1; } elseif ( - isset($data_array['mandatory']) && - $data_array['mandatory'] && + !empty($data_array['mandatory']) && !$_POST[$prfx . $el_name][$i] ) { $row_okay[$i] = 0; } // do optional error checks like for normal fields // currently active: unique/alphanumeric - if (isset($data_array['error_check'])) { + if (!empty($data_array['error_check'])) { foreach (explode('|', $data_array['error_check']) as $error_check) { switch ($error_check) { // check unique, check if field is filled and not same in _POST set @@ -1599,6 +1599,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $reference_array['output_name'], $i ); + $_POST['ERROR'][$prfx][$i] = 1; } break; case 'alphanumericspace': @@ -1614,6 +1615,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $reference_array['output_name'], $i ); + $_POST['ERROR'][$prfx][$i] = 1; } break; } @@ -1625,8 +1627,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO // main mandatory is met -> error msg if ( !$mand_okay && - isset($reference_array['mandatory']) && - $reference_array['mandatory'] + !empty($reference_array['mandatory']) ) { $this->msg .= sprintf( $this->l->__('You need to enter at least one data set for field %s!
'), @@ -2535,12 +2536,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO } // $this->log->debug('CFG QUERY', 'Q: ' . $q); // only run if we have query strnig + $written_pos = []; if (isset($q)) { + $prfx = $data['prefix']; // short $pos = 0; // position in while for overwrite if needed // read out the list and add the selected data if needed while (is_array($res = $this->dbReturn($q))) { $_data = []; - $prfx = $data['prefix']; // short // go through each res for ($i = 0, $i_max = count($q_select); $i < $i_max; $i++) { // query select part, set to the element name @@ -2570,13 +2572,48 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO } $data['content'][] = $_data; $data['pos'][] = [0 => $pos]; // this is for the checkboxes + $written_pos[] = $pos; $pos++; // move up one // reset and unset before next run unset($_data); } } + // add lost error ones + $this->log->debug('ERROR', 'P: ' . $data['prefix'] . ', ' + . $this->log->prAr($_POST['ERROR'][$data['prefix']] ?? [])); + if ($this->error && !empty($_POST['ERROR'][$data['prefix']])) { + $prfx = $data['prefix']; // short + $_post_data = []; + // MAX entries defined via $data['pk_name'] entry (must exist) + $_max_pos = count($_POST[$data['pk_name']] ?? []); + // write all excte previous loaded @ $pos + foreach ($q_select as $_el_name) { + for ($_pos = 0; $_pos <= $_max_pos; $_pos++) { + // if not in data pos + if (!in_array($_pos, $written_pos)) { + $_post_data[$_pos][$prfx . $_el_name] = + $_POST[$prfx . $_el_name][$_pos] ?? ''; + } + } + } + // only add if all fields in data are filled, else skip + // pk_name field is excluded of check + foreach ($_post_data as $_pos => $_data) { + $filled = false; + foreach ($_data as $_name => $_value) { + if ($_name != $data['pk_name'] && !empty($_value)) { + $filled = true; + } + } + if ($filled == true) { + $data['content'][] = $_data; + $data['pos'][] = [0 => $_pos]; + } + } + } // if this is normal single reference data check the content on the element count - // if there is a max_empty is set, then fill up new elements (unfilled) until we reach max empty + // if there is a max_empty is set, then fill up new elements (unfilled) + // until we reach max empty if ( /*isset($this->element_list[$table_name]['type']) && $this->element_list[$table_name]['type'] == 'reference_data' &&*/