The check for stringlength was done on the set key range in the class var and not the variable passed on in the method.
So if we cold call randomKey with a key character list and not the default list it failed with invalid max length
Allow parsing of more flexible interval strings including
long names (day, hour, minute, second, millisecond),
negative values, no spaces between components, and
throwing exceptions on invalid input if requested.
The following types are now allowed
- d|day|days
- h|hour|hours
- m|min|mins|minute|minutes
- s|sec|secs|second|seconds
- ms|msec|msecs|msecond|mseconds|millis|millisec|millisecs|millisecond|milliseconds
Also fix the milisecond parsing that was done completly wrong
the milliseoncds where just added after a "." as decimals without converting them at all.
Now the value is divided by 1000 and added to the existing number, and as before only if ms exist
The negative check is now included in the main parse regex, so a second regex check is no longer necessary
Spaces between values, before or anywhere are now more flexible.
Exceptions are thrown if the regex cannot parse anything, or it returns only one master entry and no matches
new "-c" switch for all checking scripts to swtich to the composer version from the phive installed version
NOTE: phpstan plugins only work in the composer version.
Default is the phive version
All tested with PHP 8.4 and PHP 8.3 too
Major changes:
- cube root Math (cbrt) now throws InvalidArgumentException if NAN is returned instead of returning NAN
- Byte convert from string to int will throw errors if value is too large (\LengthException)
- new flag for returning string type but for this bcmath must be installed (\RuntimeException if no bcmath)
- Updated curl class and remove close handler as not needed and deprecated as of PHP 8.5
- Curl phpunit tests: convert string to JSON convert flow for return content check (to avoid per PHP version check)
- image close handler for ImageMagick removed as not needed and deprecated as of PHP 8.5
- updated all check calls too use phive tools if possible (except phpunit) and all scripts can have dynamic php version set
The logging line number and file was for the previous call position, not for
where the actual log entry was called
Also fix for ErrorMessage class calls with shifting the start position up depending on which method is called.
Output shows file and line where the message/log call was done and the function/class method where the log call was done
On default the level for error_log write is Emergency.
This can be changed either on class creation or via set/get methods.
If logging is skipped because the logging level does not match the main logging level the error_log write is also skipped.
Added MARK fields in the Logging class
- ksortArray and sortArray
Sort array and return sorted output in one flow. Allows for case insensitve sort, reverse sort
- selectArrayFromOption
select array blocks based on a "key": "value" match.
Can do recusrive with flat or not flat output, strict matching, case insenstivie
The flat combined character can be changed
- findArraysMissingKey
Search an array for a matching value with optional key match and return array block if in this block a key (or keys) are missing
The matching for key and value is always strict, eg 2 and '2' are different,
Found path is added with ":" separators, can be overridden by parameter
- arraySearchSimple
Allow search values to be array for multiple matching (any match)
NEW:
- remove duplicates in string
- check character string list in other character string list
- build character string from array (or nested array) values
- split string with fixed split length
UPDATE:
- split string with format
* throw exceptions for wrong paramters
* remove the "split chracters", as they get extracted from the format string
Add the full page information and a new file name to cuid lookup to the acl array.
Add a new method to check if a page name is in the list of pages that can be accessed by the user.
The parameter count methods in the PgSQL class have changed
- the function returns a unique list of $ parameters
The count is now done in the DB IO part where it counts over the unique array
Query hash is stored like the query for the current run one (reset on dbExec call).
The method to create the hash is renamed to dbBuildQueryHash instead of "Get".
The dbGetQueryHash function now just returns the last set query hash. There is a matching dbResetQueryHash for unsetting the query hash.
* Correct wrong comment lookup
* simplify regex by excluding comment and string blocks before
* simpler lookup for each type
* update checks for more tests for various special cases
In DB IO
* add a function to return all placeholders found in a query
* only numbered parameters are looked up
Add new constant: STANDARD_HASH for sha256
Deprecate DEFAULT_HASH is now STANDARD_HASH_SHORT
Deprecated
__sha1Short:
replace with __crc32b with the default parameter use_sha false
replace with sha1Short if use_sha is true
__hash:
replace with hashShort if default hash type
replace with hash for all others with new default STANDARD_HASH
__hashLong:
replace with hashLong
New:
hashShort: returns STANDARD_HASH_SHORT which is __hash default type
hashStd: returns STANDARD_HASH sha256
hash: switches to STANDARD_HASH as default type
calcDaysIntervalNamedIndex for force using named index and returning only named index
calcDaysIntervalNumIndex for force using numeric index and returning only numeric index
- remove not used code
- reorder defines for possible clean up targets
- TARGET and HOST_NAME are set early
HOST NAME is set right at the top
TARGET is set after site configs is read
- add more $_ENV reads
DEFAULT_ACL_LEVEL
LOCALE (encoding is read from locale which should be in the format of nn_CT.ENCODING, eg en_US.UTF-8), falls back to UTF-8
ADMIN.STYLESHEET
ADMIN.JAVASCRIPT
Fixed the bad coded include end date with using flags instead
Allow exclude of start date
Reverse counter fixed, and also includes weekend days
Add reverse for weekend in date interval
Login class: add numeric for ACL level
DB IO: some minor code clean up for not needed var set check
Some edit.jq.js clean ups and added
- loadEl: load element by id and return element value or throw error if not found
- goTo: scroll to an element with scroll into view call
INSERT will get a RETURNING added automatically if it has a primary key
This was not checked when query was compared for prepared statements.
Also added a prepared statement status checker
This is still used a lot, and there is no reason to deprecate it so early.
First all the other logic should be brought in to make this an easy
conversion.
For temporary wrapper functions for deprecated calls that need this
PHP 8.4 fputcsv/fgetcsv/str_getcsv encoding default change deprecated warning
Note this does not cover the SqlFileInfo class as this is not used in our code
Fix for default PHP set via getting version from default PHP.
Add a verbose option and remove the fixed verbose setting from the phpunit config
Update the options call to add a usage info block
- phpunit has better options set for testdox/php version
- SmartyExtended has logger class as option (argument 2) and options
- SmartyExtneded can via option set html escape and load of plugins
- plugin array is set of
- file: path to plugin file
- type: what type this is
- tag: tag name
- callable: the callable for the tag name
- will throw exceptions on plugin load
- for all other things will set warning only and skip read
- fix the Smarty call with the logger option
- fix password test for PHP 8.4 password hash change
*IMPORTANT*
SmartyExtended($l10n, $logger, $cache_id, $compile_id)
The second argument is now the Logger class, this MUST be updated for all calls
All key and messages are set SensitiveParameter type
On end, unset the key parameter with sodium mem zero
Get/Compare key set methods
Additional check on empty key
Add missing sodium mem zero for inner function variable clean up
Session:
regenerate session id after some time or random.
Default is 'never', can be 'interval' form 0 to 1h and random from always to 1 in 100
Session also checks that strict session settings are enabled
Login class:
Automatic re-read of acl settings after some time (default 5min, can be chnaged via option).
Default set strict headers, can be turned off via option
Moved various parts into their own methods and cleaned up double call logic.
Login is now recorded in the last login entry
no more debug flags are read from the database anymore
All options are set via array and not with a single option (was auto login)
all action data goes into a JSON block and the old action columns will be deprecated
Same for ip, new ip address block with all possible ip addeses
Additional HTTP_ data goes into the http_data block
new request_schema column to get if the request was done to http or https
All ACL\Login loaded _SESSION vars are now prefixd with LOGIN_
only the language one stay as "DEFAULT_"
Removed DEBUG_ALL/DB_DEBUG as they are now fully removed from everywhere
- removed the edit user entries
- removed from the edit user table
The LANG direct loaded language entries is removed too. We only use locale and encoding.
No more LOCALE_PATH and DEFAULT_DOMAIN _SESSION are set during the option set
make all calls that go through primary keys as deprecated
create CUID calls for all of them
Update phpunit tests with new cuid tests, keep old deprecated tests
create new session on class call, there is no need to delay that at all
new option to auto write close a session
session_id and session_name are stored as class vars
deprecate the __set/__get part because we do not want to set via ->session_var_name
but use the set()/get() methods.
They have been renamed from setS/getS... to set/get alone
Add a UUIDv4 column to edit_generic as cuuid, add the cuid column to all reads with
the cuuid too
The cuuid will replace the cuid and remove the EUID as the session login var
Moved the adbEditLog to login class as writeLog and renamed the current private writeLog to writeEditLog which is only for internal logging in the class
The Backend log class is deprecated and a new get all action var method has been added to get the action vars into the edit log
Add more checks in phpunit for this,
Update the placeholder check and convert and move all regex into the
placeholder convert support class
Move $ placeholder count function to the SQL\PgSQL class
Note: further moves of PgSQL only stuff have to be done for SQLite
SQL class add
Math has a compare with epsilon for float numbers.
Use this for fixing sligth color conversion issues.
NOTE: this might need some adjustment over time
All phpunint tests written and checked
move creation into the main constructor and do not rely on "::create" or
any other pass through creation.
Make all constructors equal with options array so we can create an Interface
Remove all outsite setters. Once a color is set this color stays
Also fixes for various things that come up during test writing
Test phpunit not yet finished (exceptions, etc)
Note: a lot of checks for extreme values are (int) so we do not fail
for small float values
Clean up old Colors class with calling new class calls
Test all and set phpstan deprecated messages
Add all missing convert functions for oklab/cielab/oklch/cielch calls
Prepare for test run creation
change the curlRequest call to options array and build the options array
there.
Remove any options check + pre build from the get/request calls
Update phpunit tests with string type body return
Removed the parseHeaders public call, headers must be set as array
Throw errors on invalid headers before sending them: Key/Value check
Add headers invalid check in phpunit
Auth headers can be set per call and will override global settings if matching
Header default build was not done well, pass original headers inside and
set them. On new default start with empty array.
Switch to CoreLibs Json calls, because we use this libarary anyway already
Instead of just throwing exception on 401 auth, throw exception for any
error code from 400 on
This can be turned off with the option "http_errors" set to false
Also updaed the exception content to match 400 or 500 error type with
more information attached
General Exception error codes:
Cnnn: Curl errors (FAILURE)
Rnnn: general class errors (ERROR)
Hnnn: http response errors (ERROR)
Move the build auth content to dedicated variables
Add a default User-Agent that is always sent
Default headers like Authorization and User-Agent are always set, even when
request is sent with headers null
Fix timeout, was sent as is and not converted to milliseconds
Fix headers not correctly set to null if array entry was set to null
Basic interface class to CURL calls
Open:
clean up and check code is neutral
write tests, for this we need a running localhost server for tests to request to
the not filled data or data_binary part is a JSON with "type" set to the
type that is used with a general message
To decode try to read both sides if data = JSON + "type" and "message" set
then data is in data_binary else data_binary holds the type on the left side
All queries uses now Params
On load checks for valid write types for edit log write, eg if bzip and lzip compression
are avaiable
adbEditLog:
Also add JSON type encoding for data outside STRING/SERIAL and BINARY/BZIP (bzip compressed)
Add ZLIB as altnerative to BZIP
Add alert if invalid type was set
Auto fallback to JSON if other write types are not available
adbLiveQueue:
Also convert the live queue query to a params style call
On default it still auto loads the _POST vars for backwards compatible, but add a load class
flag to ignore it "init_action_vars"
also add a get vor tha "acl" array adbGetAcl()
The Logger/MessageLevel gets "success" as level 110 to something a bit
heigher than "ok" which is the general "OK" for anything ending without
an error. The "success" is currently only used in file uploads with the
java script ajax file uploader
Fix any "type $var = null" with correctly "?type $var = null" for PHP 8.4 (phphan)
Fix preg match no return catches for DB IO compare version and for language
look up.
Add the following new static methods
Convert\Strings::stripUTF8BomBytes: removes the UTF8 BOM bytes from the beginning of a line
Used for CSV files created in Excel for the first header entry (line 0/row 0)
Get\Systen::getIpAddresses: gets all IP addresses for the the current access user
and returns an array
Moved the frontend folder detection from the first load config to the config.path.php
Cleaned up the translations JS scripts
Changed Params form ENT_COMPAT | ENT_HTML401 to ENT_QUOTES | ENT_HTML5
Flags can be overwritten on call
Logic clean up for return flow
HTML::checked gets logic updated with less nested ifs
In the past we had a special function to do mb_encode_mimeheader correctly.
Since PHP 8.2 this works perfectly fine, so all the code was removed and
replaced with just the normal "mb_encode_mimeheader" call with the same
settings as before:
- set global encoding to parameter
- run encoding with charset, 'B' for transfer and use the line break given in parameter
- reset the global encoding to previous set
new method to replace old timeStringFormat method:
- has year/month data too
- can format with natural names (minutes, seconds, etc)
- can have normal naming (5 hours, 1 minute and 10 seconds)
- skip or not skip zero values in between (6h 0m 1s -> 6h 1s)
- skip or add trailing zero values (6m 0s -> 6m)
- add or not add milliseconds with decimal nano seconds
- drop nano seconds (115.55ms -> 115ms)
- truncate value after a certain part (eg only show up to days)
- add leading 0s to only milli seconds values (115ms -> 0s 115ms)
- namespace separator (6h -> 6 h)
Bug fix for timeStringFormat
- 1.5s and 1.05s and 1.005s all where 5ms -> fixed to 500ms, 50ms 5ms
- bug fix for 0ms drop even thought show ms is requested
Start unit testing part
All errors have context that is used to add query, params, etc info
for logging into the DB.
Avoid double logging for PostGreSQL direct errors as those will be
logged now in context to the actual error log
Remove error: 16 missing/empty dbh has this is handled with error 14
in the connect method.
Auto convert ?, :named to $numbered, default off. Activate with
'db_convert_placeholder' flag or method dbSetConvertPlaceholder.
Converted result data for single queries in dbGetPlaceholderConverted
or in the cursor_ext array in placeholer_converted key
Do not auto translate debug queries with placeholder values in query
but keep them in the array in the context array. If needed
'db_debug_replace_placeholder' can be set to show prepared query
with placeholder replaced in the context
New methods:
public function dbSetConvertPlaceholder(bool $flag): void
public function dbGetConvertPlaceholder(): bool
public function dbSetConvertPlaceholderTarget(string $target): bool
public function dbGetConvertPlaceholderTarget(): string
public function dbSetDebugReplacePlaceholder(bool $flag): void
public function dbGetDebugReplacePlaceholder(): bool
public function dbGetPlaceholderConverted(): array
Chagned to public:
public function dbCheckQueryForSelect(string $query): bool
public function dbCheckQueryForInsert(string $query, bool $pure = false): bool
public function dbCheckQueryForUpdate(string $query): bool
- Fix the regex to proper match $n params in al;l kind of combinations
- Move the count into a sub private method and use this instead of using
the same code twice
So we can have different stylesheets for the levels like in the error
messages.
Output changes to ...[$target] = ['info' ..., 'level'] and on return
this is converted into an array for each entry so it can be handled
like the error msg return string
if log level is debug, automatically log the error messages.
We still skip warn and info levels from logging.
The rest is based on the logging level (notice eg only gets logged if
log level is at least notice)
Move DB\Extend\ArrayIO to internal class in variable and do not extend
Form\Generate from it (as we do not have a base class anymore, this is
no longer neded)
Update all calls in connected classes.
Add interface methods for DB\Extend\ArrayIO to interface with all class
vars that are now all private
string: if it is stringable in anyway, set string (it converts)
this is not check IF it is a string value as it was before
int/float: same, if it is numerc it will be convert to int or float
All other stay the same
Note "set ..." imply to set, and not to convert to 0 if it is int
string that can be covnerted to int
DB Class throws Exception if on init it fails to connect to the DB,
will not throw Exception if failed connection during execution but
will do the normal retry and soft failure run
DB\ArrayIO will throw Exception on missing table array and table name
All Exceptions have a code set
All Color methods will throw Exceptions:
LengthException,
InvalidArgumentException,
UnexpectedValueException
instead of returning bool: false
All methods will return valid color data as expected only
exit will add message as first parameter (string) next to code (int)
Log this to info or critical.
3000 -> 100: info
rest >=1000: critical
previous 4000 = 3000 (options not set)
update unit tests for this
Possible change idea: critical abort throw error?
Make sure cursor_ext is set before we access it, else return null for
not set yet.
false for errors, else data value
Other class var access checks to be sure to never fail
Debug Support:
getCallerClass now returns level 1 class from the trace like the
getCallerMethod. There is also a new getCallerClassMethod that returns
namespace\class->method (or :: for static).
getCallerTopLevelClass works like getCallerClass did before and returns
the TOP level (first entry on the call stack that has a set class name)
Logging:
Do not use the Support getCallerClass/Method/File but call it inside
and use level 2 in trace to get the data we need For the last call
before debug call
Also update the strack trace for the debug call to use ->/:: for method
type
All convert color either return the color value or false.
To make sure any checker knows that we only return "value" or "false"
change all return bool to false
It has to be int or null but because the SQL result is undefined (string)
it needs to be converted on return if it is a numeric value, else
null will be returned (it is the edit access id PK so it has to be
numeric)
on Admin\Backend init check that the provided default acl level is valid
DB\IO warning and error drop the "db :" prefix part as this is not needed
we have [DB_ERROR] and [DB_WARNING] sub prefixes anyway, also we run
dedicated log level alerts with context
We do not return old style bool on error, we throw Exceptions: HtmlBuilderExcpetion
Element has more classes to set tag, id, etc with basic checks for valid data
String Replace to set strings is one array with key -> value entries
Errors thrown on index for element/replace blocks
Object build is a replicata from the JS one
Array is similar but build on pure Array elements
String replace is just a simple string replacer for now
General\Error for overall error handling
General\Settings for Object/Array based checks and settings
set via db options "db_convert_type" as array with "on", "json", "numeric",
"bytea"
"on" only converts know good types: "bool", "int"
"json" will convert json/jsonb to array
"bytea" will decode escaped bytea to string (note: this might change to resource)
"numeric" will convert to float.
NOTE: if a numeric number is too large a covnersion might drop data.
Use with care.
Convert flags can be chagned with dbSetConvertFlag and dbUnsetConvertFlag
All convert flags are in "DB\Options\Convert" as enum.
the params order is the actual correct one:
log level, message, context, group_id, prefix
not that group_id and prefix are only used if log level is debug
Switched debug params order for context and prefix so prefix is last
if setFlag was set for per_run or per_date the init values where not set
Fixed that on setFlag it is checked if we have per_date or per_run and
then set if not set.
Not that for date, set the flag will set a new date, for per run no.
- Removed echo from Support Debug dumpVar call
- deprecated DB\IO toggle dbDebug and changed set/get to be like normal
ones where set just sets and doesn't return anything
- Renamed the logJsDebug to loggingLevelIsDebug
(other levels can be checked with ->getLoggingLevel()->includes(Level::...))
Adjusted tests for all changes
All variable declarations in all classes have a strict type set
Exception: constants (will be setable from PHP 8.3 on), resources (no type)
Debug\LoggingLegacy is kept as is, will be deprecated
old Debug\Logging is in Debug\LoggingLegacy and Debug\Logging extends
Logging\Logging
Logging\Logging is a new class with most of the functionality except
there is no more print/outout to screen, but we use the default log
levels (RFC5424)
The plan is to be a frontend between the old type class and
Monolog\Monolog
Updated all other classes to use new class interface
Move Passwords from Check to Security and deprecate old
Add new SymmetricEncryption and CreateKey
CreateKey class just creates keys for the SymmetricEncryption
SymmetricEncryption uses the hex2bin calls to convert the hex key to the
internal binary key
Example:
$key = CreateKey::generateRandomKey();
$encrypted = SymmetricEncryption::encrypt($string, $key);
$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
Above $key must be stored in some secure location (.env file)
On error with query with params the query was sent to the server and
if ther query itself is ok but there is a problem with the parameters
a wrong error message ($1 not found) will be returned
Add pg_last_error reporting to catch this too.
Update both error reporting to return not string and prefix combined
but prefix + error string in array
In error return check that both strings are not equal, so we do not
return the same error string twice.
Also default set dbh variable in the PgSQL class to false so it will
skip last error report if there is no dbh set yet.
Bug fix for db query with params debug output. if there are more than 9
entries the $1 of eg $10 is replaced with $1 entry again. Changed to
'#' instead '$' to avoid this.
Other:
ACL\Login: replace EOM with HTML
config.master: replace list() with []
Add single DB tester where we can test single db calls without adding
more to the general test run
On error with query with params the query was sent to the server and
if ther query itself is ok but there is a problem with the parameters
a wrong error message ($1 not found) will be returned
Add pg_last_error reporting to catch this too.
Update both error reporting to return not string and prefix combined
but prefix + error string in array
In error return check that both strings are not equal, so we do not
return the same error string twice.
Also default set dbh variable in the PgSQL class to false so it will
skip last error report if there is no dbh set yet.
Bug fix for db query with params debug output. if there are more than 9
entries the $1 of eg $10 is replaced with $1 entry again. Changed to
'#' instead '$' to avoid this.
Other:
ACL\Login: replace EOM with HTML
config.master: replace list() with []
Add single DB tester where we can test single db calls without adding
more to the general test run
search in an array in any format and returns value of key if found.
Either as set with path to key, or as flat with only values.
Optional possible to prefix with the search keys to group found entries
in dbReturn with params on not matching param the system exited on fail
without printing the query making it hard to find where the error is.
Added debug output in case the params count is not matching.
Same move in the dbExecute call
removed param count check from dbReturnRow/dbReturnArray as this check
is done in the dbExecParams call anyway
Param detection found too many params, for example '$1'.
Fixed the regex to only allow params that are no preceeded by '
And must start with space/tab, =, (
Removed cms object from Frontend and replaced with optional smarty data
array (HEADER, DATA, DEBUG_DATA)
Updated admin call that if $cms is given above data will be extracted.
Added a CONTENT_PATH option for admin, must be set if $cms is set
Is used for the adbTopMenu call
Moved the $cms global check and trigger to the admin call branch only
Instead of having each parameter single, group them into an options array
so we do not have to worry about updating the whole function call.
Keep the main core call as is
If ACL\Login is used, the loginGetLocale() call should be used to fetch
the locale data set during login
Language\L10n now has new encoding/charset optional parameter 4
If the locale does not have a charset set the defautl charset is UTF-8
unless set via the new parameter or setOverrideEncoding()
Because of the deprecation of the getLocales call the following methods
do no longer need $locales
- Admin\Backend
- Admin\EditBase
- Output\Form\Generate
- Template\SmartyExtend
They all use the new l10n->getLocaleAsArray() call to set all the local
variables
* Admin\EditBase has new parameter "options" to set
- cache_id
- compile_id
which must be passed on the SmartyExtend class init
Remove unused code and classes.
Clean up code to remove all named constant from them and throw
deprecation alerts if used.
Add basic psalm setup in root folder and remove from www folder
Also split all queries into multi line ones
Fixes in Form\Generate for TableArray Interface location move
Update EditBase to new and old edit schema (scheme) file name
Convert\VarSetType for always return type expected (eg string will be string)
or Convert\VarSetTypeNull to return string or null on failure
The return value for failure if not matching type can be set for both, but
only for Convert\VarSetTypeNull the return value can be set to null.
Fix for basic query detection:
Simeple starts with
SELECT/WITH/SHOW
INSERT INTO/UPDATE/DELETE FROM
UPDATE
Above does no complex query detection, just if the string starts with this
Fix form table detection for primary key auto set trial.
missed two table arrays as class EditVisibleGroup and EditAccess
also fix wrong name for EditSchemas (wrong: EditSchemes) with a shim
lookup.
edit_schemes.php file will stay the same for now.
also remove the legacy edit_base.LEGACY.php file
All previous includes/table_arrays load via include are now moved to a
class system so we have all implemented in one folder and can easy update
and add unit tests to it.
- remove auto load _POST vars
- Update color settings to # leading 6/8 digit hex code
- remove any global variable calls/requests
- fix some isset/empty clean ups (isset + set = !empty)
- fix on delete of reference data that loaded data was not shown again
- fix on reference data save error that wrong data is still shown and not removed
- do not sync .user.ini file in sync template
- add PHP 8.2 for test target phpunit
- cel/phfo builder update to not close br or img tags (besides input)
- psalm settings update
- add doctype to all base templates
create_mo:
set auto base folder bases on current location so we do not need do
adjust paths in script
phpstan fixes:
edit_base.php
CoreLibs/Basci.php
CoreLibs/DB/SQL/PgSQL.php
Update documentation in method headers
CoreLibs/Combined/DateTime.php
Fixed phpunit test runs with encoding test run and not resetting the
subsitute character back to default
Note: There are mime encoding failures for php 7.4 and 8.0 and one ACL
login failure test for php 7.4
update debug support to add html escape for html strings on request.
Default is keep as is. debugString gets new third parameter for this as
bool flag.
Add Create\Email to send basic text emails to several too addresses.
Content replace in subject and body is possible with {} entries.
Default encoding is UTF-8 but others can be set and content will be
converted to this.
The dynamic replace works on all data or can be set per receiver.
the former public var $login is now private and if it is set can be
checked with loginActionSet (true if login_login was in _POST as login
action.
Some info update for phpUnit ACL\Login test file
- DB function had wrong column name
- Queries in ACL\Login had wrong column name
- Renamed from login_user_id_last_login to login_user_id_last_revalidate
to make it more clear what this column is
- add edit_user admin page output for this column
- add phpUnit test case for revalidate is needed and login with next
loginUserId is ok again
After revalidate time was reached, it was never reset because it used
the original loginUserId set date.
A new column has been added that gets reset every time the user logs in
with username and password if a loginUserId is set in the database
Form\Generate for intervals also allows day(s), month(s), year(s), call
case insensitive
ArrayIO fix for missing escale literal for
date/datetime/interval/emptynull text type
login_user_id is unique if not null (as index, constraint only with
PostgreSQL 15)
login_user_id_revalidate_after is not longer not null and default set,
no need for this
DB\Extended\ArrayIO:
add sql_read for datetime fields to change amount of data (eg only up
to minute) with to_char() method. sample: YYYY-MM-DD HH24:MI
Add date/datetime/emptynull for setting empty fields to null and not
empty string
Output\From\Generate:
Remove all fill for spacer and change them to placeholder html types.
Add datetime check next to date, time only checks
edit_user Admin Form:
add all new columns there
loginUserId parameter in _GET or _POST for direct login without username
and password.
This can be secured by:
- must login after x days from set loginUserId on
- can only login with loginUserId in given time range
- flag lock loginUserId
previous named Get\ReadEnvFile is no Get\DotEnv, static method is the
same.
Update for not parsing comments at the end of a line if the line was not
in quotes. Strips everything after comment mark and also right trims any
trailing spaces
Old:
FOO=Test # Comment -> $_ENV['FOO'] = "Test # Comment"
New:
FOO=Test # Comment -> $_ENV['FOO'] = "Test"
Add phpUnit tests for DotEnv class.
Update config.php with new class name
The old class name exists and is markted as deprecated until next major
release
Move logic from constructor to separate function
Add more public access methods for internal variable access (password
min length settings, error login code, error login string error)
All error messages are declared in constructor with wrapper function to
create html error string for template creation
Add wrapper function for exit/abort and page name read for easier mocking
in testing
Fixes for multi login main function caller and cached query problem: do
not cache query for login
Add reverse default access list SESSION variable and public readers
Update logout with unset of full SESSION array to empty, use external
session class for all session calls. Also unset euid on logout
Switch the code point for these below for logic reasons
CLEAR_CACHE 1 => 2 (clear cache AFTER END read)
READ_NEW 2 => 1 (clear cache BEFORE first read)
in dbReturn cursor ext array:
remove firstcall entry because it is not needed
add new:
- cache_flag: $cache method call number
- assoc_flag: the assoc read flag from the method call
- cached: if there is data cached in the cursor ext array this is true
- finished: true if the last read was false
- db_read_finished: if true the db read has fiinished (read_rows =
num_rows)
- read_finished: if true the current read (cache or db) via pos =
num_rows is done
- log_pos: sequential number for each call with the same query hash
- log: array with current actions done in the last read
Update DB IO class test with all cursor, cursor ext, read single step,
read in loop, read again, etc tests
in the Debug\Support add printBool to print out bool as string.
Same as printAsString with bool alone but you can control prefix name,
and true/false string names
Add printArray alias to prAr
Instead of ending with the second hr timer call, we print out difference
to the last one.
Add new method to print out from start time difference and add a reset
method
- import script with write to file option
- fix file names for functions
- add generic (non edit tables) for only set date, set uid or combine
- fix edit table edit_language insert data
- all trigger create remove the drop on exists, as in the flow the trigger will never exists
DB\IO Tester now has correct testing for pgVersion string compare. Uses
mocked pgVersion return for this
Session class update with full magic set/get or method set/get for
_SESSION var. Also added full testing for this
All static Session:: calls (except for checking valid session name) are
converted to object type. This Object is passed on to Login, Admin
Backend and any other class that needs basic session checking
Update edit_access_data table and set unique check for edit_access_id +
name so we do not have two identical keys for one edit access set
Update config host and add more test domains for various access tests
Update Session and move cli check to Get\System class. Some other minor
session info updates
New method \Get\System::checkCLI() returns true if the sapi name has
cli inside, else false
Add a write close session call to end a session for AJAX calls
Add error strings to session start method
Add check call for session names that they are valid
symlink_file[0]=$(echo${template_file_stump}| sed -e "s/##SUFFIX##/${suffix}_/"| sed -e "s/##LANGUAGE##/${LANG}/"| sed -e 's/\.TMP//g');
# create second one with lang (no country) + encoding
symlink_file[1]=$(echo${template_file_stump}| sed -e "s/##SUFFIX##/${suffix}_/"| sed -e "s/##LANGUAGE##/${LANGUAGE}\.${ENCODING}/"| sed -e 's/\.TMP//g');
for template_file in "${symlink_file[@]}";do
# if this is not symlink, create them
if[ ! -h "${template_file}"];then
echo"Create symlink: ${template_file}";
# symlik to original
cd"${target_folder}"|| exit;
ln -sf "${original_file}""${template_file}";
cd - >/dev/null || exit;
fi;
done;
done;
done;
if["${FILE_MOVE}" -eq 0];then
echo"";
echo"-- IN FOLDER: ${target_folder}";
echo"-- START: copy lines below to copy created over original --";
echo"${quick_copy}";
echo"-- END ----------------------------------------------------";
@@ -9,142 +9,142 @@ CREATE OR REPLACE FUNCTION edit_log_insert_trigger ()
RETURNSTRIGGERAS
$$
DECLARE
start_dateDATE:='2010-01-01';
end_dateDATE;
timeformatTEXT:='YYYY';
selectorTEXT:='year';
base_tableTEXT:='edit_log';
_intervalINTERVAL:='1 '||selector;
_interval_nextINTERVAL:='2 '||selector;
table_nameTEXT;
-- compare date column
compare_dateDATE:=NEW.event_date;
compare_date_nameTEXT:='event_date';
-- the create commands
command_create_tableTEXT:='CREATE TABLE IF NOT EXISTS {TABLE_NAME} (CHECK({COMPARE_DATE_NAME} >= {START_DATE} AND {COMPARE_DATE_NAME} < {END_DATE})) INHERITS ({BASE_NAME})';
command_create_foreign_key_1TEXT:='ALTER TABLE {TABLE_NAME} ADD CONSTRAINT {TABLE_NAME}_euid_fkey FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL';
command_create_trigger_1TEXT='CREATE TRIGGER trg_{TABLE_NAME} BEFORE INSERT OR UPDATE ON {TABLE_NAME} FOR EACH ROW EXECUTE PROCEDURE set_edit_generic()';
start_dateDATE:='2010-01-01';
end_dateDATE;
timeformatTEXT:='YYYY';
selectorTEXT:='year';
base_tableTEXT:='edit_log';
_intervalINTERVAL:='1 '||selector;
_interval_nextINTERVAL:='2 '||selector;
table_nameTEXT;
-- compare date column
compare_dateDATE:=NEW.event_date;
compare_date_nameTEXT:='event_date';
-- the create commands
command_create_tableTEXT:='CREATE TABLE IF NOT EXISTS {TABLE_NAME} (CHECK({COMPARE_DATE_NAME} >= {START_DATE} AND {COMPARE_DATE_NAME} < {END_DATE})) INHERITS ({BASE_NAME})';
command_create_foreign_key_1TEXT:='ALTER TABLE {TABLE_NAME} ADD CONSTRAINT {TABLE_NAME}_euid_fkey FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL';
command_create_trigger_1TEXT='CREATE TRIGGER trg_{TABLE_NAME} BEFORE INSERT OR UPDATE ON {TABLE_NAME} FOR EACH ROW EXECUTE PROCEDURE set_edit_generic()';
COMMENTONCOLUMNedit_user.password_reset_uidIS'Password reset page uid, one time, invalid after reset successful or time out';
COMMENTONCOLUMNedit_user.login_user_idIS'Min 32 character UID to be used to login without password. Via GET/POST parameter';
COMMENTONCOLUMNedit_user.login_user_id_set_dateIS'loginUserId was set at what date';
COMMENTONCOLUMNedit_user.login_user_id_last_revalidateIS'set when username/password login is done and loginUserId is set';
COMMENTONCOLUMNedit_user.login_user_id_valid_fromIS'loginUserId is valid from this date, >=';
COMMENTONCOLUMNedit_user.login_user_id_valid_untilIS'loginUserId is valid until this date, <=';
COMMENTONCOLUMNedit_user.login_user_id_revalidate_afterIS'If set to a number greater 0 then user must login after given amount of days to revalidate the loginUserId, set to 0 for valid forver';
COMMENTONCOLUMNedit_user.login_user_id_lockedIS'A separte lock flag for loginUserId, user can still login normal';
COMMENTONCOLUMNedit_user.additional_aclIS'Additional Access Control List stored in JSON format';
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
