CoreLibs/development
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: CoreLibs:v7.0.0
Branches Tags
CoreLibs:master CoreLibs:development CoreLibs:composerLibs CoreLibs:refactor/TTD-3071/php-85-upgrade CoreLibs:feature/TTD-2139/SQLite-basc-class-move-from-jira-csv-project CoreLibs:feature/TTD-2140/DB-IO-SQLite CoreLibs:feature/TTD-2608/LoginACLSetAjaxPageViaClassOption
CoreLibs:v9.40.0 CoreLibs:v9.39.1 CoreLibs:v9.39.0 CoreLibs:v9.38.1 CoreLibs:v9.38.0 CoreLibs:v9.37.0 CoreLibs:v9.36.0 CoreLibs:v9.35.1 CoreLibs:v9.35.0 CoreLibs:v9.34.0 CoreLibs:v9.33.0 CoreLibs:v9.32.1 CoreLibs:v9.32.0 CoreLibs:v9.31.1 CoreLibs:v9.31.0 CoreLibs:v9.30.0 CoreLibs:v9.29.0 CoreLibs:v9.28.1 CoreLibs:v9.28.0 CoreLibs:v9.27.0 CoreLibs:v9.26.8 CoreLibs:v9.26.7.1 CoreLibs:v9.26.7 CoreLibs:v9.26.6.1 CoreLibs:v9.26.6 CoreLibs:v9.26.5 CoreLibs:v9.26.4 CoreLibs:v9.26.3 CoreLibs:v9.26.2 CoreLibs:v9.26.1 CoreLibs:v9.26.0 CoreLibs:v9.25.3 CoreLibs:v2.25.3 CoreLibs:v9.25.2 CoreLibs:v9.25.1 CoreLibs:v9.25.0 CoreLibs:v9.24.1 CoreLibs:v9.24.0 CoreLibs:v9.23.3 CoreLibs:v9.23.2.1 CoreLibs:v9.23.2 CoreLibs:v9.23.1 CoreLibs:v9.23.0 CoreLibs:v9.22.0 CoreLibs:v9.21.1 CoreLibs:v9.21.0 CoreLibs:v9.20.1 CoreLibs:v9.20.0 CoreLibs:v9.19.1 CoreLibs:v9.19.0 CoreLibs:v9.18.1 CoreLibs:v9.18.0 CoreLibs:v9.17.6 CoreLibs:v9.17.5 CoreLibs:v9.17.4 CoreLibs:v9.17.3 CoreLibs:v9.17.2 CoreLibs:v9.17.1 CoreLibs:v9.17.0 CoreLibs:v9.16.0 CoreLibs:v9.14.0 CoreLibs:v9.13.3 CoreLibs:v9.13.2 CoreLibs:v9.13.1 CoreLibs:v9.13.0 CoreLibs:v9.12.2 CoreLibs:v9.12.1 CoreLibs:v9.12.0 CoreLibs:v9.11.1 CoreLibs:v9.11.0 CoreLibs:v9.10.1 CoreLibs:v9.10.0 CoreLibs:v9.9.1 CoreLibs:v9.9.0 CoreLibs:v9.8.3 CoreLibs:v9.8.2 CoreLibs:v9.8.1 CoreLibs:v9.8.0 CoreLibs:v9.7.9 CoreLibs:v9.7.8 CoreLibs:v9.7.7 CoreLibs:v9.7.6 CoreLibs:v9.7.5 CoreLibs:v9.7.4 CoreLibs:v9.7.3 CoreLibs:v9.7.2 CoreLibs:v9.7.1 CoreLibs:v9.7.0 CoreLibs:v9.6.2 CoreLibs:v9.6.1 CoreLibs:v9.6.0 CoreLibs:v9.5.1 CoreLibs:v9.5.0 CoreLibs:v9.4.0 CoreLibs:v9.3.6 CoreLibs:v9.3.5 CoreLibs:v9.3.4 CoreLibs:v9.3.3 CoreLibs:v9.3.2 CoreLibs:v9.3.1 CoreLibs:v9.3.0 CoreLibs:v9.2.0 CoreLibs:v9.1.0 CoreLibs:v9.0.8 CoreLibs:v9.0.7 CoreLibs:v9.0.6 CoreLibs:v9.0.5 CoreLibs:v9.0.4 CoreLibs:v9.0.3 CoreLibs:v9.0.2 CoreLibs:v9.0.1 CoreLibs:v9.0.0 CoreLibs:v8.5.0 CoreLibs:v8.4.0 CoreLibs:v8.3.1 CoreLibs:v8.3.0 CoreLibs:v8.2.2 CoreLibs:v8.2.1 CoreLibs:v8.2.0 CoreLibs:v8.1.4 CoreLibs:v8.1.3 CoreLibs:v8.1.2 CoreLibs:v8.0.7 CoreLibs:v8.0.6 CoreLibs:v8.0.5 CoreLibs:v8.0.4 CoreLibs:v8.0.3 CoreLibs:v8.0.2 CoreLibs:v8.0.1 CoreLibs:v8.0.0 CoreLibs:v7.12.2 CoreLibs:v7.12.1 CoreLibs:v7.12.0 CoreLibs:v7.11.0 CoreLibs:v7.10.8 CoreLibs:v7.10.7 CoreLibs:v7.10.6 CoreLibs:v7.10.5 CoreLibs:v7.10.4 CoreLibs:v7.10.3 CoreLibs:v7.10.2 CoreLibs:v7.10.1 CoreLibs:v7.10.0 CoreLibs:v7.9.2 CoreLibs:v7.9.1 CoreLibs:v7.9.0 CoreLibs:v7.8.0 CoreLibs:v7.7.1 CoreLibs:v7.7.0 CoreLibs:v7.6.0 CoreLibs:v7.5.3 CoreLibs:v7.5.2 CoreLibs:v7.5.1 CoreLibs:v7.5.0 CoreLibs:v7.4.3 CoreLibs:v7.4.2 CoreLibs:v7.4.1 CoreLibs:v7.4.0 CoreLibs:v7.3.3 CoreLibs:v7.3.2 CoreLibs:v7.3.1 CoreLibs:v7.3.0 CoreLibs:v7.2.3 CoreLibs:v7.2.2 CoreLibs:v7.2.1 CoreLibs:v7.2.0 CoreLibs:v7.1.3 CoreLibs:v7.1.2 CoreLibs:v7.1.1 CoreLibs:v7.1.0 CoreLibs:v7.0.0 CoreLibs:v6.10.0 CoreLibs:v6.9.0 CoreLibs:v6.8.1 CoreLibs:v6.8.0 CoreLibs:v6.7.0 CoreLibs:v6.6.0 CoreLibs:v6.5.13 CoreLibs:v6.5.12 CoreLibs:v6.5.11 CoreLibs:v6.5.10 CoreLibs:v6.5.9 CoreLibs:v6.5.8 CoreLibs:v6.5.7 CoreLibs:v6.5.6 CoreLibs:v6.5.5 CoreLibs:v6.5.4 CoreLibs:v6.5.3 CoreLibs:v6.5.2 CoreLibs:v6.5.1 CoreLibs:v6.5.0 CoreLibs:v6.4.1 CoreLibs:v6.4.0 CoreLibs:v6.3.0 CoreLibs:v6.2.0 CoreLibs:v6.1.1 CoreLibs:v6.1.0 CoreLibs:v6.0.0 CoreLibs:v5.4.3 CoreLibs:v5.4.2 CoreLibs:v5.4.1 CoreLibs:v5.4.0 CoreLibs:v5.3.2 CoreLibs:v5.3.1 CoreLibs:v5.3.0 CoreLibs:v5.2.1 CoreLibs:v5.2.0 CoreLibs:v5.1.2 CoreLibs:v5.1.1 CoreLibs:v5.1.0 CoreLibs:v5.0.0 CoreLibs:v4.11.0 CoreLibs:v4.10.0 CoreLibs:v4.9.0 CoreLibs:v4.8.0 CoreLibs:v4.7.9 CoreLibs:v4.7.8 CoreLibs:v4.7.7 CoreLibs:v4.7.6 CoreLibs:v4.7.5 CoreLibs:v4.7.4 CoreLibs:v4.7.3 CoreLibs:v4.7.2 CoreLibs:v4.7.1 CoreLibs:v4.7.0 CoreLibs:v4.6.3 CoreLibs:v4.6.2 CoreLibs:v4.6.1 CoreLibs:v4.6.0 CoreLibs:v4.5.2 CoreLibs:v4.5.1 CoreLibs:v4.5.0 CoreLibs:v4.4.1 CoreLibs:v4.4.0 CoreLibs:v4.3.0 CoreLibs:v4.2.2 CoreLibs:v4.2.1 CoreLibs:v4.2.0 CoreLibs:v4.1.3 CoreLibs:v4.1.2 CoreLibs:v4.1.1 CoreLibs:v4.1.0 CoreLibs:v4.0.0 CoreLibs:v3.2.3 CoreLibs:v3.2.2 CoreLibs:v3.2.1 CoreLibs:v3.2.0 CoreLibs:v3.1.0 CoreLibs:v3.0.1 CoreLibs:v3.0.0 CoreLibs:v2.3.2 CoreLibs:v2.3.1 CoreLibs:v2.3.0 CoreLibs:v2.2.2 CoreLibs:v2.2.1 CoreLibs:v2.2.0 CoreLibs:v2.1.3 CoreLibs:v2.1.2 CoreLibs:v2.1.1 CoreLibs:v2.1.0 CoreLibs:v2.0.0 CoreLibs:v1.3.10 CoreLibs:v1.3.9 CoreLibs:1.3.9 CoreLibs:v1.3.8 CoreLibs:v1.3.7 CoreLibs:v1.3.6 CoreLibs:v1.3.5 CoreLibs:v1.3.4 CoreLibs:v1.3.3 CoreLibs:v1.3.2 CoreLibs:v1.3.1 CoreLibs:v1.3.0 CoreLibs:v1.2.6 CoreLibs:v1.2.5 CoreLibs:v1.2.4 CoreLibs:v1.2.3 CoreLibs:v1.2.2 CoreLibs:v1.2.1 CoreLibs:v1.2.0 CoreLibs:v1.1.1 CoreLibs:v1.1.0 CoreLibs:v1.0.2 CoreLibs:v1.0.1 CoreLibs:v1.0.0
..
compare: CoreLibs:v7.1.0
Branches Tags
CoreLibs:development CoreLibs:master CoreLibs:composerLibs CoreLibs:refactor/TTD-3071/php-85-upgrade CoreLibs:feature/TTD-2139/SQLite-basc-class-move-from-jira-csv-project CoreLibs:feature/TTD-2140/DB-IO-SQLite CoreLibs:feature/TTD-2608/LoginACLSetAjaxPageViaClassOption
CoreLibs:v9.40.0 CoreLibs:v9.39.1 CoreLibs:v9.39.0 CoreLibs:v9.38.1 CoreLibs:v9.38.0 CoreLibs:v9.37.0 CoreLibs:v9.36.0 CoreLibs:v9.35.1 CoreLibs:v9.35.0 CoreLibs:v9.34.0 CoreLibs:v9.33.0 CoreLibs:v9.32.1 CoreLibs:v9.32.0 CoreLibs:v9.31.1 CoreLibs:v9.31.0 CoreLibs:v9.30.0 CoreLibs:v9.29.0 CoreLibs:v9.28.1 CoreLibs:v9.28.0 CoreLibs:v9.27.0 CoreLibs:v9.26.8 CoreLibs:v9.26.7.1 CoreLibs:v9.26.7 CoreLibs:v9.26.6.1 CoreLibs:v9.26.6 CoreLibs:v9.26.5 CoreLibs:v9.26.4 CoreLibs:v9.26.3 CoreLibs:v9.26.2 CoreLibs:v9.26.1 CoreLibs:v9.26.0 CoreLibs:v9.25.3 CoreLibs:v2.25.3 CoreLibs:v9.25.2 CoreLibs:v9.25.1 CoreLibs:v9.25.0 CoreLibs:v9.24.1 CoreLibs:v9.24.0 CoreLibs:v9.23.3 CoreLibs:v9.23.2.1 CoreLibs:v9.23.2 CoreLibs:v9.23.1 CoreLibs:v9.23.0 CoreLibs:v9.22.0 CoreLibs:v9.21.1 CoreLibs:v9.21.0 CoreLibs:v9.20.1 CoreLibs:v9.20.0 CoreLibs:v9.19.1 CoreLibs:v9.19.0 CoreLibs:v9.18.1 CoreLibs:v9.18.0 CoreLibs:v9.17.6 CoreLibs:v9.17.5 CoreLibs:v9.17.4 CoreLibs:v9.17.3 CoreLibs:v9.17.2 CoreLibs:v9.17.1 CoreLibs:v9.17.0 CoreLibs:v9.16.0 CoreLibs:v9.14.0 CoreLibs:v9.13.3 CoreLibs:v9.13.2 CoreLibs:v9.13.1 CoreLibs:v9.13.0 CoreLibs:v9.12.2 CoreLibs:v9.12.1 CoreLibs:v9.12.0 CoreLibs:v9.11.1 CoreLibs:v9.11.0 CoreLibs:v9.10.1 CoreLibs:v9.10.0 CoreLibs:v9.9.1 CoreLibs:v9.9.0 CoreLibs:v9.8.3 CoreLibs:v9.8.2 CoreLibs:v9.8.1 CoreLibs:v9.8.0 CoreLibs:v9.7.9 CoreLibs:v9.7.8 CoreLibs:v9.7.7 CoreLibs:v9.7.6 CoreLibs:v9.7.5 CoreLibs:v9.7.4 CoreLibs:v9.7.3 CoreLibs:v9.7.2 CoreLibs:v9.7.1 CoreLibs:v9.7.0 CoreLibs:v9.6.2 CoreLibs:v9.6.1 CoreLibs:v9.6.0 CoreLibs:v9.5.1 CoreLibs:v9.5.0 CoreLibs:v9.4.0 CoreLibs:v9.3.6 CoreLibs:v9.3.5 CoreLibs:v9.3.4 CoreLibs:v9.3.3 CoreLibs:v9.3.2 CoreLibs:v9.3.1 CoreLibs:v9.3.0 CoreLibs:v9.2.0 CoreLibs:v9.1.0 CoreLibs:v9.0.8 CoreLibs:v9.0.7 CoreLibs:v9.0.6 CoreLibs:v9.0.5 CoreLibs:v9.0.4 CoreLibs:v9.0.3 CoreLibs:v9.0.2 CoreLibs:v9.0.1 CoreLibs:v9.0.0 CoreLibs:v8.5.0 CoreLibs:v8.4.0 CoreLibs:v8.3.1 CoreLibs:v8.3.0 CoreLibs:v8.2.2 CoreLibs:v8.2.1 CoreLibs:v8.2.0 CoreLibs:v8.1.4 CoreLibs:v8.1.3 CoreLibs:v8.1.2 CoreLibs:v8.0.7 CoreLibs:v8.0.6 CoreLibs:v8.0.5 CoreLibs:v8.0.4 CoreLibs:v8.0.3 CoreLibs:v8.0.2 CoreLibs:v8.0.1 CoreLibs:v8.0.0 CoreLibs:v7.12.2 CoreLibs:v7.12.1 CoreLibs:v7.12.0 CoreLibs:v7.11.0 CoreLibs:v7.10.8 CoreLibs:v7.10.7 CoreLibs:v7.10.6 CoreLibs:v7.10.5 CoreLibs:v7.10.4 CoreLibs:v7.10.3 CoreLibs:v7.10.2 CoreLibs:v7.10.1 CoreLibs:v7.10.0 CoreLibs:v7.9.2 CoreLibs:v7.9.1 CoreLibs:v7.9.0 CoreLibs:v7.8.0 CoreLibs:v7.7.1 CoreLibs:v7.7.0 CoreLibs:v7.6.0 CoreLibs:v7.5.3 CoreLibs:v7.5.2 CoreLibs:v7.5.1 CoreLibs:v7.5.0 CoreLibs:v7.4.3 CoreLibs:v7.4.2 CoreLibs:v7.4.1 CoreLibs:v7.4.0 CoreLibs:v7.3.3 CoreLibs:v7.3.2 CoreLibs:v7.3.1 CoreLibs:v7.3.0 CoreLibs:v7.2.3 CoreLibs:v7.2.2 CoreLibs:v7.2.1 CoreLibs:v7.2.0 CoreLibs:v7.1.3 CoreLibs:v7.1.2 CoreLibs:v7.1.1 CoreLibs:v7.1.0 CoreLibs:v7.0.0 CoreLibs:v6.10.0 CoreLibs:v6.9.0 CoreLibs:v6.8.1 CoreLibs:v6.8.0 CoreLibs:v6.7.0 CoreLibs:v6.6.0 CoreLibs:v6.5.13 CoreLibs:v6.5.12 CoreLibs:v6.5.11 CoreLibs:v6.5.10 CoreLibs:v6.5.9 CoreLibs:v6.5.8 CoreLibs:v6.5.7 CoreLibs:v6.5.6 CoreLibs:v6.5.5 CoreLibs:v6.5.4 CoreLibs:v6.5.3 CoreLibs:v6.5.2 CoreLibs:v6.5.1 CoreLibs:v6.5.0 CoreLibs:v6.4.1 CoreLibs:v6.4.0 CoreLibs:v6.3.0 CoreLibs:v6.2.0 CoreLibs:v6.1.1 CoreLibs:v6.1.0 CoreLibs:v6.0.0 CoreLibs:v5.4.3 CoreLibs:v5.4.2 CoreLibs:v5.4.1 CoreLibs:v5.4.0 CoreLibs:v5.3.2 CoreLibs:v5.3.1 CoreLibs:v5.3.0 CoreLibs:v5.2.1 CoreLibs:v5.2.0 CoreLibs:v5.1.2 CoreLibs:v5.1.1 CoreLibs:v5.1.0 CoreLibs:v5.0.0 CoreLibs:v4.11.0 CoreLibs:v4.10.0 CoreLibs:v4.9.0 CoreLibs:v4.8.0 CoreLibs:v4.7.9 CoreLibs:v4.7.8 CoreLibs:v4.7.7 CoreLibs:v4.7.6 CoreLibs:v4.7.5 CoreLibs:v4.7.4 CoreLibs:v4.7.3 CoreLibs:v4.7.2 CoreLibs:v4.7.1 CoreLibs:v4.7.0 CoreLibs:v4.6.3 CoreLibs:v4.6.2 CoreLibs:v4.6.1 CoreLibs:v4.6.0 CoreLibs:v4.5.2 CoreLibs:v4.5.1 CoreLibs:v4.5.0 CoreLibs:v4.4.1 CoreLibs:v4.4.0 CoreLibs:v4.3.0 CoreLibs:v4.2.2 CoreLibs:v4.2.1 CoreLibs:v4.2.0 CoreLibs:v4.1.3 CoreLibs:v4.1.2 CoreLibs:v4.1.1 CoreLibs:v4.1.0 CoreLibs:v4.0.0 CoreLibs:v3.2.3 CoreLibs:v3.2.2 CoreLibs:v3.2.1 CoreLibs:v3.2.0 CoreLibs:v3.1.0 CoreLibs:v3.0.1 CoreLibs:v3.0.0 CoreLibs:v2.3.2 CoreLibs:v2.3.1 CoreLibs:v2.3.0 CoreLibs:v2.2.2 CoreLibs:v2.2.1 CoreLibs:v2.2.0 CoreLibs:v2.1.3 CoreLibs:v2.1.2 CoreLibs:v2.1.1 CoreLibs:v2.1.0 CoreLibs:v2.0.0 CoreLibs:v1.3.10 CoreLibs:v1.3.9 CoreLibs:1.3.9 CoreLibs:v1.3.8 CoreLibs:v1.3.7 CoreLibs:v1.3.6 CoreLibs:v1.3.5 CoreLibs:v1.3.4 CoreLibs:v1.3.3 CoreLibs:v1.3.2 CoreLibs:v1.3.1 CoreLibs:v1.3.0 CoreLibs:v1.2.6 CoreLibs:v1.2.5 CoreLibs:v1.2.4 CoreLibs:v1.2.3 CoreLibs:v1.2.2 CoreLibs:v1.2.1 CoreLibs:v1.2.0 CoreLibs:v1.1.1 CoreLibs:v1.1.0 CoreLibs:v1.0.2 CoreLibs:v1.0.1 CoreLibs:v1.0.0

5 Commits
v7.0.0 ... v7.1.0

Author SHA1 Message Date
Clemens Schwaighofer
0f823bd283 Just minor line length fixes in ArrayIO class 2022-06-22 18:10:23 +09:00
Clemens Schwaighofer
6385a48824 add back unique constraint because null login_user_id are allowed 2022-06-22 16:56:51 +09:00
Clemens Schwaighofer
a754d897cf Bug fixes for emptynull type in ArrayIO, Form\Generate interval 
Form\Generate for intervals also allows day(s), month(s), year(s), call
case insensitive

ArrayIO fix for missing escale literal for
date/datetime/interval/emptynull text type
 2022-06-22 16:17:16 +09:00
Clemens Schwaighofer
4600f8f7bf Update edit_user form page and also minor updates to Form and ArraIO 
login_user_id is unique if not null (as index, constraint only with
PostgreSQL 15)
login_user_id_revalidate_after is not longer not null and default set,
no need for this

DB\Extended\ArrayIO:
add sql_read for datetime fields to change amount of data (eg only up
to minute) with to_char() method. sample: YYYY-MM-DD HH24:MI
Add date/datetime/emptynull for setting empty fields to null and not
empty string

Output\From\Generate:
Remove all fill for spacer and change them to placeholder html types.
Add datetime check next to date, time only checks

edit_user Admin Form:
add all new columns there
 2022-06-22 15:50:07 +09:00
Clemens Schwaighofer
04e4fe46f2 Update ACL\Login class with _GET/_POST login parameter 
loginUserId parameter in _GET or _POST for direct login without username
and password.

This can be secured by:
- must login after x days from set loginUserId on
- can only login with loginUserId in given time range
- flag lock loginUserId
 2022-06-22 13:52:47 +09:00
26 changed files with 1755 additions and 310 deletions
Expand all files Collapse all files

1
4dev/database/ORDER
View File

@@ -5,6 +5,7 @@ function/set_edit_generic.sql
function/edit_access_set_uid.sql
function/edit_group_set_uid.sql
function/edit_log_partition_insert.sql
function/edit_user_set_login_user_id_set_date.sql
# generic tables
table/edit_temp_files.sql
table/edit_generic.sql

208
4dev/database/database_create_data.sql
View File

@@ -2,7 +2,8 @@
-- create random string with length X
CREATE FUNCTION random_string(randomLength int)
RETURNS text AS $$
RETURNS text AS
$$
SELECT array_to_string(
ARRAY(
SELECT substring(
@@ -14,53 +15,58 @@ SELECT array_to_string(
),
''
)
$$ LANGUAGE SQL
$$
LANGUAGE SQL
RETURNS NULL ON NULL INPUT
VOLATILE; -- LEAKPROOF;-- END: function/random_string.sql
VOLATILE; -- LEAKPROOF;
-- END: function/random_string.sql
-- START: function/set_edit_generic.sql
-- adds the created or updated date tags
CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.date_created := ''now'';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = ''UPDATE'' THEN
NEW.date_updated := ''now'';
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
CREATE OR REPLACE FUNCTION set_edit_generic()
RETURNS TRIGGER AS
$$
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.date_created := 'now';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = 'UPDATE' THEN
NEW.date_updated := 'now';
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/set_edit_generic.sql
-- START: function/edit_access_set_uid.sql
-- add uid add for edit_access table
CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_access_set_uid.sql
@@ -69,28 +75,28 @@ $$
CREATE OR REPLACE FUNCTION set_edit_group_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_group_set_uid.sql
@@ -246,6 +252,32 @@ END
$$
LANGUAGE 'plpgsql';
-- END: function/edit_log_partition_insert.sql
-- START: function/edit_user_set_login_user_id_set_date.sql
-- set edit user login_user_id_set_date if login_user_id is set
-- NOW() if not empty
CREATE OR REPLACE FUNCTION set_login_user_id_set_date()
RETURNS TRIGGER AS
$$
BEGIN
-- if new is not null/empty
-- and old one is null or old one different new one
-- set NOW()
-- if new one is NULL
-- set NULL
IF
NEW.login_user_id IS NOT NULL AND NEW.login_user_id <> '' AND
(OLD.login_user_id IS NULL OR NEW.login_user_id <> OLD.login_user_id)
THEN
NEW.login_user_id_set_date = NOW();
ELSIF NEW.login_user_id IS NULL OR NEW.login_user_id = '' THEN
NEW.login_user_id_set_date = NULL;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_user_set_login_user_id_set_date.sql
-- START: table/edit_temp_files.sql
-- AUTHOR: Clemens Schwaighofer
-- DATE: 2005/07/08
@@ -526,34 +558,83 @@ CREATE TABLE edit_user (
FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
edit_access_right_id INT NOT NULL,
FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- username/password
username VARCHAR UNIQUE,
password VARCHAR,
-- name block
first_name VARCHAR,
last_name VARCHAR,
first_name_furigana VARCHAR,
last_name_furigana VARCHAR,
-- email
email VARCHAR,
-- eanbled/deleted flag
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- general flags
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
protected SMALLINT NOT NULL DEFAULT 0,
-- legacy, debug flags
debug SMALLINT NOT NULL DEFAULT 0,
db_debug SMALLINT NOT NULL DEFAULT 0,
email VARCHAR,
protected SMALLINT NOT NULL DEFAULT 0,
-- is admin user
admin SMALLINT NOT NULL DEFAULT 0,
-- last login log
last_login TIMESTAMP WITHOUT TIME ZONE,
-- login error
login_error_count INT DEFAULT 0,
login_error_date_last TIMESTAMP WITHOUT TIME ZONE,
login_error_date_first TIMESTAMP WITHOUT TIME ZONE,
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
-- time locked
lock_until TIMESTAMP WITHOUT TIME ZONE,
lock_after TIMESTAMP WITHOUT TIME ZONE,
-- password change
password_change_date TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
password_change_interval INTERVAL, -- null if no change is needed, or d/m/y time interval
password_reset_time TIMESTAMP WITHOUT TIME ZONE, -- when the password reset was requested
password_reset_uid VARCHAR, -- the uid to access the password reset page
-- _GET login id for direct login
login_user_id VARCHAR UNIQUE, -- the login uid, at least 32 chars
login_user_id_set_date TIMESTAMP WITHOUT TIME ZONE, -- when above uid was set
login_user_id_valid_from TIMESTAMP WITHOUT TIME ZONE, -- if set, from when the above uid is valid
login_user_id_valid_until TIMESTAMP WITHOUT TIME ZONE, -- if set, until when the above uid is valid
login_user_id_revalidate_after INTERVAL, -- user must login to revalidated login id after set days, 0 for forever
login_user_id_locked SMALLINT DEFAULT 0, -- lock for login user id, but still allow normal login
-- additional ACL json block
additional_acl JSONB -- additional ACL as JSON string (can be set by other pages)
) INHERITS (edit_generic) WITHOUT OIDS;
-- create unique index
-- CREATE UNIQUE INDEX edit_user_login_user_id_key ON edit_user (login_user_id) WHERE login_user_id IS NOT NULL;
COMMENT ON COLUMN edit_user.username IS 'Login username, must set';
COMMENT ON COLUMN edit_user.password IS 'Login password, must set';
COMMENT ON COLUMN edit_user.enabled IS 'Login is enabled (master switch)';
COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overrides all other';
COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
COMMENT ON COLUMN edit_user.login_error_date_last IS 'Last login error date';
COMMENT ON COLUMN edit_user.login_error_date_first IS 'First login error date, reset on successfull login';
COMMENT ON COLUMN edit_user.lock_until IS 'Account is locked until this date, <';
COMMENT ON COLUMN edit_user.lock_after IS 'Account is locked after this date, >';
COMMENT ON COLUMN edit_user.password_change_date IS 'Password was changed on';
COMMENT ON COLUMN edit_user.password_change_interval IS 'After how many days the password has to be changed';
COMMENT ON COLUMN edit_user.password_reset_time IS 'When the password reset was requested. For reset page uid valid check';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid, one time, invalid after reset successful or time out';
COMMENT ON COLUMN edit_user.login_user_id IS 'Min 32 character UID to be used to login without password. Via GET/POST parameter';
COMMENT ON COLUMN edit_user.login_user_id_set_date IS 'login id was set at what date';
COMMENT ON COLUMN edit_user.login_user_id_valid_from IS 'login id is valid from this date, >=';
COMMENT ON COLUMN edit_user.login_user_id_valid_until IS 'login id is valid until this date, <=';
COMMENT ON COLUMN edit_user.login_user_id_revalidate_after IS 'If set to a number greater 0 then user must login after given amount of days to revalidate, set to 0 for valid forver';
COMMENT ON COLUMN edit_user.login_user_id_locked IS 'A separte lock flag for login id, user can still login normal';
COMMENT ON COLUMN edit_user.additional_acl IS 'Additional Access Control List stored in JSON format';
-- END: table/edit_user.sql
-- START: table/edit_log.sql
-- AUTHOR: Clemens Schwaighofer
@@ -774,6 +855,11 @@ FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
CREATE TRIGGER trg_edit_user
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
-- DROP TRIGGER IF EXISTS trg_edit_user_set_login_user_id_set_date ON edit_user;
CREATE TRIGGER trg_edit_user_set_login_user_id_set_date
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_login_user_id_set_date();
-- END: trigger/trg_edit_user.sql
-- START: trigger/trg_edit_visible_group.sql
-- DROP TRIGGER IF EXISTS trg_edit_visible_group ON edit_visible_group;

38
4dev/database/function/edit_access_set_uid.sql
View File

@@ -2,27 +2,27 @@
CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

38
4dev/database/function/edit_group_set_uid.sql
View File

@@ -2,27 +2,27 @@
CREATE OR REPLACE FUNCTION set_edit_group_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

24
4dev/database/function/edit_user_set_login_user_id_set_date.sql Normal file
View File

@@ -0,0 +1,24 @@
-- set edit user login_user_id_set_date if login_user_id is set
-- NOW() if not empty
CREATE OR REPLACE FUNCTION set_login_user_id_set_date()
RETURNS TRIGGER AS
$$
BEGIN
-- if new is not null/empty
-- and old one is null or old one different new one
-- set NOW()
-- if new one is NULL
-- set NULL
IF
NEW.login_user_id IS NOT NULL AND NEW.login_user_id <> '' AND
(OLD.login_user_id IS NULL OR NEW.login_user_id <> OLD.login_user_id)
THEN
NEW.login_user_id_set_date = NOW();
ELSIF NEW.login_user_id IS NULL OR NEW.login_user_id = '' THEN
NEW.login_user_id_set_date = NULL;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

8
4dev/database/function/random_string.sql
View File

@@ -1,7 +1,8 @@
-- create random string with length X
CREATE FUNCTION random_string(randomLength int)
RETURNS text AS $$
RETURNS text AS
$$
SELECT array_to_string(
ARRAY(
SELECT substring(
@@ -13,6 +14,7 @@ SELECT array_to_string(
),
''
)
$$ LANGUAGE SQL
$$
LANGUAGE SQL
RETURNS NULL ON NULL INPUT
VOLATILE; -- LEAKPROOF;
VOLATILE; -- LEAKPROOF;

23
4dev/database/function/set_date.sql
View File

@@ -1,12 +1,15 @@
-- adds the created or updated date tags
CREATE OR REPLACE FUNCTION set_date() RETURNS TRIGGER AS '
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.date_created := ''now'';
ELSIF TG_OP = ''UPDATE'' THEN
NEW.date_updated := ''now'';
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
CREATE OR REPLACE FUNCTION set_date()
RETURNS TRIGGER AS
$$
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.date_created := 'now';
ELSIF TG_OP = 'UPDATE' THEN
NEW.date_updated := 'now';
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

29
4dev/database/function/set_edit_generic.sql
View File

@@ -1,15 +1,18 @@
-- adds the created or updated date tags
CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.date_created := ''now'';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = ''UPDATE'' THEN
NEW.date_updated := ''now'';
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
CREATE OR REPLACE FUNCTION set_edit_generic()
RETURNS TRIGGER AS
$$
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.date_created := 'now';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = 'UPDATE' THEN
NEW.date_updated := 'now';
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

31
4dev/database/function/set_generic_uid.sql
View File

@@ -1,18 +1,21 @@
-- set generic with date and uid combined
-- don't use with set_generic/set_uid together
CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '
DECLARE
random_length INT = 32; -- long for massive data
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.date_created := ''now'';
IF NEW.uid IS NULL THEN
NEW.uid := random_string(random_length);
END IF;
ELSIF TG_OP = ''UPDATE'' THEN
NEW.date_updated := ''now'';
CREATE OR REPLACE FUNCTION set_generic()
RETURNS TRIGGER AS
$$
DECLARE
random_length INT = 32; -- long for massive data
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.date_created := 'now';
IF NEW.uid IS NULL THEN
NEW.uid := random_string(random_length);
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
ELSIF TG_OP = 'UPDATE' THEN
NEW.date_updated := 'now';
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

23
4dev/database/function/set_uid.sql
View File

@@ -1,12 +1,15 @@
-- adds the created or updated date tags
CREATE OR REPLACE FUNCTION set_uid() RETURNS TRIGGER AS '
DECLARE
random_length INT = 32; -- that should be long enough
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.uid := random_string(random_length);
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
CREATE OR REPLACE FUNCTION set_uid()
RETURNS TRIGGER AS
$$
DECLARE
random_length INT = 32; -- that should be long enough
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.uid := random_string(random_length);
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';

27
4dev/database/function/update_function.sql
View File

@@ -2,15 +2,18 @@
-- OLD, DEPRECATED, use set_generic.sql
-- CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '
-- BEGIN
-- IF TG_OP = ''INSERT'' THEN
-- NEW.date_created := clock_timestamp();
-- NEW.user_created := current_user;
-- ELSIF TG_OP = ''UPDATE'' THEN
-- NEW.date_updated := clock_timestamp();
-- NEW.user_updated := current_user;
-- END IF;
-- RETURN NEW;
-- END;
-- ' LANGUAGE 'plpgsql';
-- CREATE OR REPLACE FUNCTION set_generic()
-- RETURNS TRIGGER AS
-- $$
-- BEGIN
-- IF TG_OP = 'INSERT' THEN
-- NEW.date_created := clock_timestamp();
-- NEW.user_created := current_user;
-- ELSIF TG_OP = 'UPDATE' THEN
-- NEW.date_updated := clock_timestamp();
-- NEW.user_updated := current_user;
-- END IF;
-- RETURN NEW;
-- END;
-- $$
-- LANGUAGE 'plpgsql';

63
4dev/database/table/edit_user.sql
View File

@@ -18,31 +18,80 @@ CREATE TABLE edit_user (
FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
edit_access_right_id INT NOT NULL,
FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- username/password
username VARCHAR UNIQUE,
password VARCHAR,
-- name block
first_name VARCHAR,
last_name VARCHAR,
first_name_furigana VARCHAR,
last_name_furigana VARCHAR,
-- email
email VARCHAR,
-- eanbled/deleted flag
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- general flags
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
protected SMALLINT NOT NULL DEFAULT 0,
-- legacy, debug flags
debug SMALLINT NOT NULL DEFAULT 0,
db_debug SMALLINT NOT NULL DEFAULT 0,
email VARCHAR,
protected SMALLINT NOT NULL DEFAULT 0,
-- is admin user
admin SMALLINT NOT NULL DEFAULT 0,
-- last login log
last_login TIMESTAMP WITHOUT TIME ZONE,
-- login error
login_error_count INT DEFAULT 0,
login_error_date_last TIMESTAMP WITHOUT TIME ZONE,
login_error_date_first TIMESTAMP WITHOUT TIME ZONE,
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
-- time locked
lock_until TIMESTAMP WITHOUT TIME ZONE,
lock_after TIMESTAMP WITHOUT TIME ZONE,
-- password change
password_change_date TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
password_change_interval INTERVAL, -- null if no change is needed, or d/m/y time interval
password_reset_time TIMESTAMP WITHOUT TIME ZONE, -- when the password reset was requested
password_reset_uid VARCHAR, -- the uid to access the password reset page
-- _GET login id for direct login
login_user_id VARCHAR UNIQUE, -- the login uid, at least 32 chars
login_user_id_set_date TIMESTAMP WITHOUT TIME ZONE, -- when above uid was set
login_user_id_valid_from TIMESTAMP WITHOUT TIME ZONE, -- if set, from when the above uid is valid
login_user_id_valid_until TIMESTAMP WITHOUT TIME ZONE, -- if set, until when the above uid is valid
login_user_id_revalidate_after INTERVAL, -- user must login to revalidated login id after set days, 0 for forever
login_user_id_locked SMALLINT DEFAULT 0, -- lock for login user id, but still allow normal login
-- additional ACL json block
additional_acl JSONB -- additional ACL as JSON string (can be set by other pages)
) INHERITS (edit_generic) WITHOUT OIDS;
-- create unique index
-- CREATE UNIQUE INDEX edit_user_login_user_id_key ON edit_user (login_user_id) WHERE login_user_id IS NOT NULL;
COMMENT ON COLUMN edit_user.username IS 'Login username, must set';
COMMENT ON COLUMN edit_user.password IS 'Login password, must set';
COMMENT ON COLUMN edit_user.enabled IS 'Login is enabled (master switch)';
COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overrides all other';
COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
COMMENT ON COLUMN edit_user.login_error_date_last IS 'Last login error date';
COMMENT ON COLUMN edit_user.login_error_date_first IS 'First login error date, reset on successfull login';
COMMENT ON COLUMN edit_user.lock_until IS 'Account is locked until this date, <';
COMMENT ON COLUMN edit_user.lock_after IS 'Account is locked after this date, >';
COMMENT ON COLUMN edit_user.password_change_date IS 'Password was changed on';
COMMENT ON COLUMN edit_user.password_change_interval IS 'After how many days the password has to be changed';
COMMENT ON COLUMN edit_user.password_reset_time IS 'When the password reset was requested. For reset page uid valid check';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid, one time, invalid after reset successful or time out';
COMMENT ON COLUMN edit_user.login_user_id IS 'Min 32 character UID to be used to login without password. Via GET/POST parameter';
COMMENT ON COLUMN edit_user.login_user_id_set_date IS 'login id was set at what date';
COMMENT ON COLUMN edit_user.login_user_id_valid_from IS 'login id is valid from this date, >=';
COMMENT ON COLUMN edit_user.login_user_id_valid_until IS 'login id is valid until this date, <=';
COMMENT ON COLUMN edit_user.login_user_id_revalidate_after IS 'If set to a number greater 0 then user must login after given amount of days to revalidate, set to 0 for valid forver';
COMMENT ON COLUMN edit_user.login_user_id_locked IS 'A separte lock flag for login id, user can still login normal';
COMMENT ON COLUMN edit_user.additional_acl IS 'Additional Access Control List stored in JSON format';

5
4dev/database/trigger/trg_edit_user.sql
View File

@@ -2,3 +2,8 @@
CREATE TRIGGER trg_edit_user
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
-- DROP TRIGGER IF EXISTS trg_edit_user_set_login_user_id_set_date ON edit_user;
CREATE TRIGGER trg_edit_user_set_login_user_id_set_date
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_login_user_id_set_date();

0
4dev/database/update/edit_update_missing_cuid.sql → 4dev/database/update/20190910-edit_update_missing_cuid.sql
View File

0
4dev/database/update/edit_tables_missing_columns.sql → 4dev/database/update/20191211-edit_tables_missing_columns.sql
View File

48
4dev/database/update/20220617-edit_user_login_user_id_add.sql Normal file
View File

@@ -0,0 +1,48 @@
-- 2022/6/17 update edit_user with login uid
-- the login uid, at least 32 chars
ALTER TABLE edit_user ADD login_user_id VARCHAR UNIQUE;
-- CREATE UNIQUE INDEX edit_user_login_user_id_key ON edit_user (login_user_id) WHERE login_user_id IS NOT NULL;
-- ALTER TABLE edit_user ADD CONSTRAINT edit_user_login_user_id_key UNIQUE (login_user_id);
-- when above uid was set
ALTER TABLE edit_user ADD login_user_id_set_date TIMESTAMP WITHOUT TIME ZONE;
-- if set, from/until when the above uid is valid
ALTER TABLE edit_user ADD login_user_id_valid_from TIMESTAMP WITHOUT TIME ZONE;
ALTER TABLE edit_user ADD login_user_id_valid_until TIMESTAMP WITHOUT TIME ZONE;
-- user must login to revalidated login id after set days, 0 for forever
ALTER TABLE edit_user ADD login_user_id_revalidate_after INTERVAL;
-- lock for login user id, but still allow normal login
ALTER TABLE edit_user ADD login_user_id_locked SMALLINT NOT NULL DEFAULT 0;
-- disable login before date
ALTER TABLE edit_user ADD lock_until TIMESTAMP WITHOUT TIME ZONE;
-- disable login after date
ALTER TABLE edit_user ADD lock_after TIMESTAMP WITHOUT TIME ZONE;
CREATE OR REPLACE FUNCTION set_login_user_id_set_date()
RETURNS TRIGGER AS
$$
BEGIN
-- if new is not null/empty
-- and old one is null or old one different new one
-- set NOW()
-- if new one is NULL
-- set NULL
IF
NEW.login_user_id IS NOT NULL AND NEW.login_user_id <> '' AND
(OLD.login_user_id IS NULL OR NEW.login_user_id <> OLD.login_user_id)
THEN
NEW.login_user_id_set_date = NOW();
ELSIF NEW.login_user_id IS NULL OR NEW.login_user_id = '' THEN
NEW.login_user_id_set_date = NULL;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
CREATE TRIGGER trg_edit_user_set_login_user_id_set_date
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_login_user_id_set_date();
-- __END__

712
4dev/tests/CoreLibsACLLoginTest.php
View File

@@ -16,8 +16,6 @@ final class CoreLibsACLLoginTest extends TestCase
{
private static $db;
private static $log;
/** @var \CoreLibs\Create\Session&MockObject */
private static $session;
/**
* start DB conneciton, setup DB, etc
@@ -101,6 +99,8 @@ final class CoreLibsACLLoginTest extends TestCase
'Cannot find edit_user table in ACL\Login database for testing'
);
}
// always disable max query calls
self::$db->dbSetMaxQueryCall(-1);
// insert additional content for testing (locked user, etc)
$queries = [
"INSERT INTO edit_access_data "
@@ -158,6 +158,7 @@ final class CoreLibsACLLoginTest extends TestCase
public function loginProvider(): array
{
// 0: mock settings/override flag settings
// 2: get array IN
// 1: post array IN
// login_login, login_username, login_password, login_logout
// change_password, pw_username, pw_old_password, pw_new_password,
@@ -174,6 +175,7 @@ final class CoreLibsACLLoginTest extends TestCase
],
[],
[],
[],
3000,
[
'login_error' => 0,
@@ -191,6 +193,7 @@ final class CoreLibsACLLoginTest extends TestCase
],
[],
[],
[],
3000,
[
'login_error' => 0,
@@ -213,6 +216,7 @@ final class CoreLibsACLLoginTest extends TestCase
],
[],
[],
[],
3000,
[
'login_error' => 0,
@@ -230,6 +234,7 @@ final class CoreLibsACLLoginTest extends TestCase
'page_name' => 'edit_users.php',
],
[],
[],
[
'EUID' => 1,
],
@@ -246,6 +251,7 @@ final class CoreLibsACLLoginTest extends TestCase
'page_access' => 'list',
],
[],
[],
[
'EUID' => 1,
'USER_NAME' => '',
@@ -288,6 +294,7 @@ final class CoreLibsACLLoginTest extends TestCase
[
'page_name' => 'edit_users.php',
],
[],
[
'login_login' => 'Login',
'login_username' => '',
@@ -308,6 +315,7 @@ final class CoreLibsACLLoginTest extends TestCase
[
'page_name' => 'edit_users.php',
],
[],
[
'login_login' => 'Login',
'login_username' => '',
@@ -328,6 +336,7 @@ final class CoreLibsACLLoginTest extends TestCase
[
'page_name' => 'edit_users.php',
],
[],
[
'login_login' => 'Login',
'login_username' => 'abc',
@@ -348,6 +357,7 @@ final class CoreLibsACLLoginTest extends TestCase
[
'page_name' => 'edit_users.php',
],
[],
[
'login_login' => 'Login',
'login_username' => 'abc',
@@ -371,6 +381,7 @@ final class CoreLibsACLLoginTest extends TestCase
[
'page_name' => 'edit_users.php',
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
@@ -387,6 +398,31 @@ final class CoreLibsACLLoginTest extends TestCase
. 'Login Failed - Wrong Username or Password'
]
],
// login: ok (but deleted)
'login: ok, but deleted' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_deleted' => true
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
3000,
[
'login_error' => 106,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - User is deleted</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - User is deleted'
]
],
// login: ok (but not enabled)
'login: ok, but not enabled' => [
[
@@ -396,6 +432,7 @@ final class CoreLibsACLLoginTest extends TestCase
'page_access' => 'list',
'test_enabled' => true
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
@@ -420,6 +457,7 @@ final class CoreLibsACLLoginTest extends TestCase
'page_access' => 'list',
'test_locked' => true
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
@@ -446,6 +484,7 @@ final class CoreLibsACLLoginTest extends TestCase
'max_login_error_count' => 2,
'test_locked_strict' => true,
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
@@ -458,6 +497,136 @@ final class CoreLibsACLLoginTest extends TestCase
'login_error' => 105,
]
],
// login ok, but in locked period (until)
'login: ok, but locked period (until:on)' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_locked_period_until' => 'on'
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
3000,
[
'login_error' => 107,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - User in locked via date period</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - User in locked via date period'
]
],
// login ok, but in locked period (until)
'login: ok, but locked period (until:off)' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_locked_period_until' => 'off'
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// login ok, but in locked period (after)
'login: ok, but locked period (after:on)' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_locked_period_after' => 'on'
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
3000,
[
'login_error' => 107,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - User in locked via date period</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - User in locked via date period'
]
],
// login ok, but in locked period (until, after)
'login: ok, but locked period (until:on, after:on)' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_locked_period_until' => 'on',
'test_locked_period_after' => 'on'
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
3000,
[
'login_error' => 107,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - User in locked via date period</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - User in locked via date period'
]
],
// login ok, but login user id locked
'login: ok, but login user id locked' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_locked' => true
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
3000,
[
'login_error' => 108,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - User is locked via Login User ID</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - User is locked via Login User ID'
]
],
// login: ok
'login: ok' => [
[
@@ -468,6 +637,148 @@ final class CoreLibsACLLoginTest extends TestCase
'base_access' => 'list',
'page_access' => 'list',
],
[],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// login check via _GET loginUserId
'login: ok, _GET loginUserId' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// login check via _POST loginUserId
'login: ok, _POST loginUserId' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// login: wrong GET loginUserId
'login: ok, illegal chars in _GET loginUserId' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG'
],
[
'loginUserId' => '123$%_/45678¥\-^9~~0$AB&CDEFG',
],
[],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
'login: not matching _GET loginUserId' => [
[
'page_name' => 'edit_users.php',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG'
],
[
'loginUserId' => 'ABC'
],
[],
[],
3000,
[
'login_error' => 1010,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - Wrong Username or Password</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - Wrong Username or Password'
]
],
// login ok with both _GET loginUserId and _POST login username/password
'login: ok, _GET loginUserId AND login post user data' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[
'login_login' => 'Login',
'login_username' => 'admin',
@@ -485,9 +796,208 @@ final class CoreLibsACLLoginTest extends TestCase
'page_access' => true,
]
],
// login with invalid loginUserId but valid username/password
'login: ok, bad _GET loginUserId AND good login post user data' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => 'ABCS',
],
[
'login_login' => 'Login',
'login_username' => 'admin',
'login_password' => 'admin',
],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// loginUserId check with revalidate on/off
'login: ok, but revalidate trigger, _GET loginUserId' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_revalidate_after' => 'on',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
3000,
[
'login_error' => 1101,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - Login User ID must be validated</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - Login User ID must be validated'
]
],
// loginUserId check with revalidate on/off
'login: ok, revalidate set (outside), _GET loginUserId' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_revalidate_after' => 'off',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// loginUserId check with active time from only
'login: ok, _GET loginUserId, but outside valid (from:on) ' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_valid_from' => 'on',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
3000,
[
'login_error' => 1102,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - Login User ID is outside valid date range</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - Login User ID is outside valid date range'
]
],
// loginUserId check with inactive time from only
'login: ok, _GET loginUserId, but outside valid (from:off) ' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'edit_access_uid' => 'AdminAccess',
'edit_access_data' => 'test',
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_valid_from' => 'off',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
0,
[
'login_error' => 0,
'admin_flag' => true,
'check_access' => true,
'check_access_id' => 1,
'check_access_data' => 'value',
'base_access' => true,
'page_access' => true,
]
],
// loginUserId check with active time until only
'login: ok, _GET loginUserId, but outside valid (until:on) ' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_valid_until' => 'on',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
3000,
[
'login_error' => 1102,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - Login User ID is outside valid date range</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - Login User ID is outside valid date range'
]
],
// loginUserId check with active time from/until
'login: ok, _GET loginUserId, but outside valid (from:on,until:on) ' => [
[
'page_name' => 'edit_users.php',
'edit_access_id' => 1,
'base_access' => 'list',
'page_access' => 'list',
'test_login_user_id_valid_from' => 'on',
'test_login_user_id_valid_until' => 'on',
'test_login_user_id' => true,
'test_username' => 'admin',
'loginUserId' => '1234567890ABCDEFG',
],
[
'loginUserId' => '1234567890ABCDEFG',
],
[],
[],
3000,
[
'login_error' => 1102,
'error_string' => '<span style="color: red;">Fatal Error:</span> '
. '<b>Login Failed - Login User ID is outside valid date range</b>',
'error_string_text' => 'Fatal Error: '
. 'Login Failed - Login User ID is outside valid date range'
]
],
//
// other:
// login check edit access id of ID not null and not in array
// login OK, but during action user gets disabled/deleted/etc
];
}
@@ -498,14 +1008,16 @@ final class CoreLibsACLLoginTest extends TestCase
* @testdox ACL\Login Class tests [$_dataName]
*
* @param array<string,mixed> $mock_settings
* @param array<string,string> $get
* @param array<string,string> $post
* @param array<string,mixed> $session
* @param int $error
* @param array<string,mixed> $expected
* @return void
*/
public function testACLLogin(
public function testACLLoginFlow(
array $mock_settings,
array $get,
array $post,
array $session,
int $error,
@@ -534,6 +1046,11 @@ final class CoreLibsACLLoginTest extends TestCase
})
);
// set _GET data
foreach ($get as $get_var => $get_value) {
$_GET[$get_var] = $get_value;
}
// set _POST data
foreach ($post as $post_var => $post_value) {
$_POST[$post_var] = $post_value;
@@ -574,6 +1091,47 @@ final class CoreLibsACLLoginTest extends TestCase
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (!empty($mock_settings['test_deleted'])) {
self::$db->dbExec(
"UPDATE edit_user SET deleted = 1 WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (!empty($mock_settings['test_login_user_id_locked'])) {
self::$db->dbExec(
"UPDATE edit_user SET login_user_id_locked = 1 WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (
!empty($mock_settings['test_locked_period_until']) ||
!empty($mock_settings['test_locked_period_after'])
) {
$q_sub = '';
if (!empty($mock_settings['test_locked_period_until'])) {
if ($mock_settings['test_locked_period_until'] == 'on') {
$q_sub .= "lock_until = NOW() + '1 day'::interval ";
} elseif ($mock_settings['test_locked_period_until'] == 'off') {
$q_sub .= "lock_until = NOW() - '1 day'::interval ";
}
}
if (!empty($mock_settings['test_locked_period_after'])) {
if (!empty($q_sub)) {
$q_sub .= ", ";
}
if ($mock_settings['test_locked_period_after'] == 'on') {
$q_sub .= "lock_after = NOW() - '1 day'::interval ";
} elseif ($mock_settings['test_locked_period_after'] == 'off') {
$q_sub .= "lock_after = NOW() + '1 day'::interval ";
}
}
self::$db->dbExec(
"UPDATE edit_user SET "
. $q_sub
. "WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
// test locked already
if (!empty($mock_settings['test_locked'])) {
self::$db->dbExec(
@@ -635,6 +1193,62 @@ final class CoreLibsACLLoginTest extends TestCase
// set correct password next locked login
$_POST['login_password'] = $post['login_password'];
}
if (!empty($mock_settings['test_login_user_id'])) {
self::$db->dbExec(
"UPDATE edit_user SET "
. "login_user_id_set_date = NOW(), "
. "login_user_id = "
. self::$db->dbEscapeLiteral($mock_settings['loginUserId'])
. " "
. "WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($mock_settings['test_username'])
);
}
if (!empty($mock_settings['test_login_user_id_revalidate_after'])) {
$q_sub = '';
if ($mock_settings['test_login_user_id_revalidate_after'] == 'on') {
$q_sub = "login_user_id_set_date = NOW() - '1 day'::interval, "
. "login_user_id_revalidate_after = '1 day'::interval ";
} else {
$q_sub = "login_user_id_set_date = NOW(), "
. "login_user_id_revalidate_after = '6 day'::interval ";
}
self::$db->dbExec(
"UPDATE edit_user SET "
. $q_sub
. "WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($mock_settings['test_username'])
);
}
if (
!empty($mock_settings['test_login_user_id_valid_from']) ||
!empty($mock_settings['test_login_user_id_valid_until'])
) {
$q_sub = '';
if (!empty($mock_settings['test_login_user_id_valid_from'])) {
if ($mock_settings['test_login_user_id_valid_from'] == 'on') {
$q_sub .= "login_user_id_valid_from = NOW() + '1 day'::interval ";
} elseif ($mock_settings['test_login_user_id_valid_from'] == 'off') {
$q_sub .= "login_user_id_valid_from = NOW() - '1 day'::interval ";
}
}
if (!empty($mock_settings['test_login_user_id_valid_until'])) {
if (!empty($q_sub)) {
$q_sub .= ", ";
}
if ($mock_settings['test_login_user_id_valid_until'] == 'on') {
$q_sub .= "login_user_id_valid_until = NOW() - '1 day'::interval ";
} elseif ($mock_settings['test_login_user_id_valid_until'] == 'off') {
$q_sub .= "login_user_id_valid_until = NOW() + '1 day'::interval ";
}
}
self::$db->dbExec(
"UPDATE edit_user SET "
. $q_sub
. "WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($mock_settings['test_username'])
);
}
// run test
try {
@@ -734,6 +1348,13 @@ final class CoreLibsACLLoginTest extends TestCase
$login_mock->loginGetAcl(),
'Assert get acl is array'
);
// if loginUserId in _GET or _POST check that it is set
if (!empty($get['loginUserId']) || !empty($post['loginUserId'])) {
$this->assertNotEmpty(
$login_mock->loginGetLoginUserId(),
'Assert loginUserId is set'
);
}
// TODO: detail match of ACL array (loginGetAcl)
// .. end with: loginLogoutUser
@@ -840,6 +1461,35 @@ final class CoreLibsACLLoginTest extends TestCase
);
}
// always check, even on error or not set
if (!$login_mock->loginGetLoginUserIdUnclean()) {
$this->assertEquals(
$_GET['loginUserId'] ?? $_POST['loginUserId'] ?? '',
$login_mock->loginGetLoginUserId(),
'Assert loginUserId matches'
);
} else {
$this->assertTrue(
$login_mock->loginGetLoginUserIdUnclean(),
'Assert loginUserId is unclear'
);
$this->assertNotEquals(
$_GET['loginUserId'] ?? $_POST['loginUserId'] ?? '',
$login_mock->loginGetLoginUserId(),
'Assert loginUserId does not matche _GET/_POST'
);
}
// check get/post login user id
$this->assertEquals(
(!empty($_GET['loginUserId']) ?
'GET' :
(!empty($_POST['loginUserId']) ?
'POST' : '')
),
$login_mock->loginGetLoginUserIdSource(),
'Assert loginUserId source matches'
);
// enable user again if flag set
if (!empty($mock_settings['test_enabled'])) {
self::$db->dbExec(
@@ -848,6 +1498,30 @@ final class CoreLibsACLLoginTest extends TestCase
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (!empty($mock_settings['test_deleted'])) {
self::$db->dbExec(
"UPDATE edit_user SET deleted = 0 WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (!empty($mock_settings['test_login_user_id_locked'])) {
self::$db->dbExec(
"UPDATE edit_user SET login_user_id_locked = 0 WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
if (
!empty($mock_settings['test_locked_period_until']) ||
!empty($mock_settings['test_locked_period_after'])
) {
self::$db->dbExec(
"UPDATE edit_user SET "
. "lock_until = NULL, "
. "lock_after = NULL "
. "WHERE LOWER(username) = "
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
// reset lock flag
if (!empty($mock_settings['test_locked'])) {
self::$db->dbExec(
@@ -866,6 +1540,36 @@ final class CoreLibsACLLoginTest extends TestCase
. self::$db->dbEscapeLiteral($post['login_username'])
);
}
// if (!empty($mock_settings['test_login_user_id'])) {
// self::$db->dbExec(
// "UPDATE edit_user SET "
// . "login_user_id = NULL, "
// . "login_user_id_set_date = NULL "
// . "WHERE LOWER(username) = "
// . self::$db->dbEscapeLiteral($mock_settings['test_username'])
// );
// }
// if (!empty($mock_settings['test_login_user_id_revalidate_after'])) {
// self::$db->dbExec(
// "UPDATE edit_user SET "
// . "login_user_id_set_date = NULL, "
// . "login_user_id_revalidate_after = NULL "
// . "WHERE LOWER(username) = "
// . self::$db->dbEscapeLiteral($mock_settings['test_username'])
// );
// }
// if (
// !empty($mock_settings['test_login_user_id_valid_from']) ||
// !empty($mock_settings['test_login_user_id_valid_until'])
// ) {
// self::$db->dbExec(
// "UPDATE edit_user SET "
// . "login_user_id_valid_from = NULL, "
// . "login_user_id_valid_until = NULL "
// . "WHERE LOWER(username) = "
// . self::$db->dbEscapeLiteral($mock_settings['test_username'])
// );
// }
}
// - loginGetAclList (null, invalid,)
@@ -1126,7 +1830,7 @@ final class CoreLibsACLLoginTest extends TestCase
* @param string $input
* @return void
*/
public function testACLLoginGetPasswordLenght(string $input): void
public function testACLLoginGetPasswordLength(string $input): void
{
$_SESSION = [];
// init session (as MOCK)

10
4dev/tests/CoreLibsACLLogin_database_prepare.sh
View File

@@ -7,6 +7,7 @@
# PARAMETER 2: db user WHO MUST BE ABLE TO CREATE A DATABASE
# PARAMETER 3: db name
# PARAMETER 4: db host
# PARAMETER 5: print out for testing
load_sql="${1}";
# abort with 1 if we cannot find the file
@@ -34,8 +35,13 @@ if [ $? -ne 0 ]; then
echo 4;
exit 4;
fi;
# load data (redirect ALL error to null), on error exit with 5
psql -U ${db_user} -h ${db_host} -f ${load_sql} ${db_name} 2>&1 1>/dev/null 2>/dev/null;
# if error 5 thrown, test with enabled below
if [ ! -z "${5}" ]; then
psql -U ${db_user} -h ${db_host} -f ${load_sql} ${db_name};
else
# load data (redirect ALL error to null), on error exit with 5
psql -U ${db_user} -h ${db_host} -f ${load_sql} ${db_name} 2>&1 1>/dev/null 2>/dev/null;
fi;
if [ $? -ne 0 ]; then
echo 5;
exit 5;

208
4dev/tests/database/CoreLibsACLLogin_database_create_data.sql
View File

@@ -2,7 +2,8 @@
-- create random string with length X
CREATE FUNCTION random_string(randomLength int)
RETURNS text AS $$
RETURNS text AS
$$
SELECT array_to_string(
ARRAY(
SELECT substring(
@@ -14,53 +15,58 @@ SELECT array_to_string(
),
''
)
$$ LANGUAGE SQL
$$
LANGUAGE SQL
RETURNS NULL ON NULL INPUT
VOLATILE; -- LEAKPROOF;-- END: function/random_string.sql
VOLATILE; -- LEAKPROOF;
-- END: function/random_string.sql
-- START: function/set_edit_generic.sql
-- adds the created or updated date tags
CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = ''INSERT'' THEN
NEW.date_created := ''now'';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = ''UPDATE'' THEN
NEW.date_updated := ''now'';
END IF;
RETURN NEW;
END;
' LANGUAGE 'plpgsql';
CREATE OR REPLACE FUNCTION set_edit_generic()
RETURNS TRIGGER AS
$$
DECLARE
random_length INT = 12; -- that should be long enough
BEGIN
IF TG_OP = 'INSERT' THEN
NEW.date_created := 'now';
NEW.cuid := random_string(random_length);
ELSIF TG_OP = 'UPDATE' THEN
NEW.date_updated := 'now';
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/set_edit_generic.sql
-- START: function/edit_access_set_uid.sql
-- add uid add for edit_access table
CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_access_set_uid.sql
@@ -69,28 +75,28 @@ $$
CREATE OR REPLACE FUNCTION set_edit_group_uid() RETURNS TRIGGER AS
$$
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
DECLARE
myrec RECORD;
v_uid VARCHAR;
BEGIN
-- skip if NEW.name is not set
IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
-- use NEW.name as base, remove all spaces
-- name data is already unique, so we do not need to worry about this here
v_uid := REPLACE(NEW.name, ' ', '');
IF TG_OP = 'INSERT' THEN
-- always set
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
ELSIF TG_OP = 'UPDATE' THEN
-- check if not set, then set
SELECT INTO myrec t.* FROM edit_group t WHERE edit_group_id = NEW.edit_group_id;
IF FOUND THEN
NEW.uid := v_uid;
END IF;
END IF;
END IF;
RETURN NEW;
END;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_group_set_uid.sql
@@ -246,6 +252,32 @@ END
$$
LANGUAGE 'plpgsql';
-- END: function/edit_log_partition_insert.sql
-- START: function/edit_user_set_login_user_id_set_date.sql
-- set edit user login_user_id_set_date if login_user_id is set
-- NOW() if not empty
CREATE OR REPLACE FUNCTION set_login_user_id_set_date()
RETURNS TRIGGER AS
$$
BEGIN
-- if new is not null/empty
-- and old one is null or old one different new one
-- set NOW()
-- if new one is NULL
-- set NULL
IF
NEW.login_user_id IS NOT NULL AND NEW.login_user_id <> '' AND
(OLD.login_user_id IS NULL OR NEW.login_user_id <> OLD.login_user_id)
THEN
NEW.login_user_id_set_date = NOW();
ELSIF NEW.login_user_id IS NULL OR NEW.login_user_id = '' THEN
NEW.login_user_id_set_date = NULL;
END IF;
RETURN NEW;
END;
$$
LANGUAGE 'plpgsql';
-- END: function/edit_user_set_login_user_id_set_date.sql
-- START: table/edit_temp_files.sql
-- AUTHOR: Clemens Schwaighofer
-- DATE: 2005/07/08
@@ -526,34 +558,83 @@ CREATE TABLE edit_user (
FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
edit_access_right_id INT NOT NULL,
FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- username/password
username VARCHAR UNIQUE,
password VARCHAR,
-- name block
first_name VARCHAR,
last_name VARCHAR,
first_name_furigana VARCHAR,
last_name_furigana VARCHAR,
-- email
email VARCHAR,
-- eanbled/deleted flag
enabled SMALLINT NOT NULL DEFAULT 0,
deleted SMALLINT NOT NULL DEFAULT 0,
-- general flags
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
protected SMALLINT NOT NULL DEFAULT 0,
-- legacy, debug flags
debug SMALLINT NOT NULL DEFAULT 0,
db_debug SMALLINT NOT NULL DEFAULT 0,
email VARCHAR,
protected SMALLINT NOT NULL DEFAULT 0,
-- is admin user
admin SMALLINT NOT NULL DEFAULT 0,
-- last login log
last_login TIMESTAMP WITHOUT TIME ZONE,
-- login error
login_error_count INT DEFAULT 0,
login_error_date_last TIMESTAMP WITHOUT TIME ZONE,
login_error_date_first TIMESTAMP WITHOUT TIME ZONE,
strict SMALLINT DEFAULT 0,
locked SMALLINT DEFAULT 0,
-- time locked
lock_until TIMESTAMP WITHOUT TIME ZONE,
lock_after TIMESTAMP WITHOUT TIME ZONE,
-- password change
password_change_date TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
password_change_interval INTERVAL, -- null if no change is needed, or d/m/y time interval
password_reset_time TIMESTAMP WITHOUT TIME ZONE, -- when the password reset was requested
password_reset_uid VARCHAR, -- the uid to access the password reset page
-- _GET login id for direct login
login_user_id VARCHAR UNIQUE, -- the login uid, at least 32 chars
login_user_id_set_date TIMESTAMP WITHOUT TIME ZONE, -- when above uid was set
login_user_id_valid_from TIMESTAMP WITHOUT TIME ZONE, -- if set, from when the above uid is valid
login_user_id_valid_until TIMESTAMP WITHOUT TIME ZONE, -- if set, until when the above uid is valid
login_user_id_revalidate_after INTERVAL, -- user must login to revalidated login id after set days, 0 for forever
login_user_id_locked SMALLINT DEFAULT 0, -- lock for login user id, but still allow normal login
-- additional ACL json block
additional_acl JSONB -- additional ACL as JSON string (can be set by other pages)
) INHERITS (edit_generic) WITHOUT OIDS;
-- create unique index
-- CREATE UNIQUE INDEX edit_user_login_user_id_key ON edit_user (login_user_id) WHERE login_user_id IS NOT NULL;
COMMENT ON COLUMN edit_user.username IS 'Login username, must set';
COMMENT ON COLUMN edit_user.password IS 'Login password, must set';
COMMENT ON COLUMN edit_user.enabled IS 'Login is enabled (master switch)';
COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overrides all other';
COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
COMMENT ON COLUMN edit_user.login_error_date_last IS 'Last login error date';
COMMENT ON COLUMN edit_user.login_error_date_first IS 'First login error date, reset on successfull login';
COMMENT ON COLUMN edit_user.lock_until IS 'Account is locked until this date, <';
COMMENT ON COLUMN edit_user.lock_after IS 'Account is locked after this date, >';
COMMENT ON COLUMN edit_user.password_change_date IS 'Password was changed on';
COMMENT ON COLUMN edit_user.password_change_interval IS 'After how many days the password has to be changed';
COMMENT ON COLUMN edit_user.password_reset_time IS 'When the password reset was requested. For reset page uid valid check';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid';
COMMENT ON COLUMN edit_user.password_reset_uid IS 'Password reset page uid, one time, invalid after reset successful or time out';
COMMENT ON COLUMN edit_user.login_user_id IS 'Min 32 character UID to be used to login without password. Via GET/POST parameter';
COMMENT ON COLUMN edit_user.login_user_id_set_date IS 'login id was set at what date';
COMMENT ON COLUMN edit_user.login_user_id_valid_from IS 'login id is valid from this date, >=';
COMMENT ON COLUMN edit_user.login_user_id_valid_until IS 'login id is valid until this date, <=';
COMMENT ON COLUMN edit_user.login_user_id_revalidate_after IS 'If set to a number greater 0 then user must login after given amount of days to revalidate, set to 0 for valid forver';
COMMENT ON COLUMN edit_user.login_user_id_locked IS 'A separte lock flag for login id, user can still login normal';
COMMENT ON COLUMN edit_user.additional_acl IS 'Additional Access Control List stored in JSON format';
-- END: table/edit_user.sql
-- START: table/edit_log.sql
-- AUTHOR: Clemens Schwaighofer
@@ -774,6 +855,11 @@ FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
CREATE TRIGGER trg_edit_user
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
-- DROP TRIGGER IF EXISTS trg_edit_user_set_login_user_id_set_date ON edit_user;
CREATE TRIGGER trg_edit_user_set_login_user_id_set_date
BEFORE INSERT OR UPDATE ON edit_user
FOR EACH ROW EXECUTE PROCEDURE set_login_user_id_set_date();
-- END: trigger/trg_edit_user.sql
-- START: trigger/trg_edit_visible_group.sql
-- DROP TRIGGER IF EXISTS trg_edit_visible_group ON edit_visible_group;

61
www/admin/edit_groups_test.php Normal file
View File

@@ -0,0 +1,61 @@
<?php // phpcs:ignore PSR1.Files.SideEffects
// this is an empty test page for login tests only
declare(strict_types=1);
$DEBUG_ALL_OVERRIDE = false; // set to 1 to debug on live/remote server locations
$DEBUG_ALL = true;
$PRINT_ALL = true;
$DB_DEBUG = true;
if ($DEBUG_ALL) {
error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
}
ob_start();
// basic class test file
define('USE_DATABASE', true);
// sample config
require 'config.php';
// define log file id
$LOG_FILE_ID = 'classTest';
$SET_SESSION_NAME = EDIT_SESSION_NAME;
// init login & backend class
$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
$log = new CoreLibs\Debug\Logging([
'log_folder' => BASE . LOG,
'file_id' => $LOG_FILE_ID,
// add file date
'print_file_date' => true,
// set debug and print flags
'debug_all' => $DEBUG_ALL ?? false,
'echo_all' => $ECHO_ALL ?? false,
'print_all' => $PRINT_ALL ?? false,
]);
$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
$login = new CoreLibs\ACL\Login($db, $log, $session);
$locale = \CoreLibs\Language\GetLocale::setLocale();
$l10n = new \CoreLibs\Language\L10n(
$locale['locale'],
$locale['domain'],
$locale['path'],
);
print "<!DOCTYPE html>";
print "<html><head><title>GROUP TESTER</title><head>";
print "<body>";
print '<form method="post" name="loginlogout">';
print '<a href="javascript:document.loginlogout.login_logout.value=\'Logou\';'
. 'document.loginlogout.submit();">Logout</a>';
print '<input type="hidden" name="login_logout" value="">';
print '</form>';
print "<h1>TEST Login</h1>";
print "</body></html>";
// __END__

9
www/includes/edit_base.php
View File

@@ -397,10 +397,17 @@ if ($form->my_page_name == 'edit_order') {
$elements[] = $form->formCreateElement('login_error_date_last');
$elements[] = $form->formCreateElement('login_error_date_first');
$elements[] = $form->formCreateElement('enabled');
$elements[] = $form->formCreateElement('deleted');
$elements[] = $form->formCreateElement('protected');
$elements[] = $form->formCreateElement('username');
$elements[] = $form->formCreateElement('password');
$elements[] = $form->formCreateElement('password_change_interval');
$elements[] = $form->formCreateElement('login_user_id');
$elements[] = $form->formCreateElement('login_user_id_set_date');
$elements[] = $form->formCreateElement('login_user_id_locked');
$elements[] = $form->formCreateElement('login_user_id_revalidate_after');
$elements[] = $form->formCreateElement('login_user_id_valid_from');
$elements[] = $form->formCreateElement('login_user_id_valid_until');
$elements[] = $form->formCreateElement('email');
$elements[] = $form->formCreateElement('last_name');
$elements[] = $form->formCreateElement('first_name');
@@ -408,6 +415,8 @@ if ($form->my_page_name == 'edit_order') {
$elements[] = $form->formCreateElement('edit_access_right_id');
$elements[] = $form->formCreateElement('strict');
$elements[] = $form->formCreateElement('locked');
$elements[] = $form->formCreateElement('lock_until');
$elements[] = $form->formCreateElement('lock_after');
$elements[] = $form->formCreateElement('admin');
$elements[] = $form->formCreateElement('debug');
$elements[] = $form->formCreateElement('db_debug');

95
www/includes/table_arrays/array_edit_users.php
View File

@@ -53,6 +53,16 @@ $edit_users = [
'0' => 'No'
],
],
'deleted' => [
'value' => $GLOBALS['deleted'] ?? '',
'output_name' => 'Deleted',
'type' => 'binary',
'int' => 1,
'element_list' => [
'1' => 'Yes',
'0' => 'No'
],
],
'strict' => [
'value' => $GLOBALS['strict'] ?? '',
'output_name' => 'Strict (Lock after errors)',
@@ -119,6 +129,71 @@ $edit_users = [
'output_name' => 'First Name',
'type' => 'text'
],
'lock_until' => [
'value' => $GLOBALS['lock_until'] ?? '',
'output_name' => 'Lock account until',
'type' => 'datetime',
'error_check' => 'datetime',
'sql_read' => 'YYYY-MM-DD HH24:MI',
'datetime' => 1,
],
'lock_after' => [
'value' => $GLOBALS['lock_after'] ?? '',
'output_name' => 'Lock account after',
'type' => 'datetime',
'error_check' => 'datetime',
'sql_read' => 'YYYY-MM-DD HH24:MI',
'datetime' => 1,
],
'login_user_id' => [
'value' => $GLOBALS['login_user_id'] ?? '',
'output_name' => '_GET/_POST loginUserId direct login ID',
'type' => 'text',
'error_check' => 'unique|custom',
'error_regex' => "/^[A-Za-z0-9]+$/",
'emptynull' => 1,
],
'login_user_id_set_date' => [
'output_name' => 'loginUserId set date',
'value' => $GLOBALS['login_user_id_set_date'] ?? '',
'type' => 'view',
'empty' => '-'
],
'login_user_id_locked' => [
'value' => $GLOBALS['login_user_id_locked'] ?? '',
'output_name' => 'loginUserId usage locked',
'type' => 'binary',
'int' => 1,
'element_list' => [
'1' => 'Yes',
'0' => 'No'
],
],
'login_user_id_revalidate_after' => [
'value' => $GLOBALS['login_user_id_revalidate_after'] ?? '',
'output_name' => 'loginUserId, User must login after n days',
'type' => 'text',
'error_check' => 'intervalshort',
'interval' => 1, // interval needs NULL write for empty
'size' => 5, // make it 5 chars long
'length' => 5
],
'login_user_id_valid_from' => [
'value' => $GLOBALS['login_user_id_valid_from'] ?? '',
'output_name' => 'loginUserId valid from',
'type' => 'datetime',
'error_check' => 'datetime',
'sql_read' => 'YYYY-MM-DD HH24:MI',
'datetime' => 1,
],
'login_user_id_valid_until' => [
'value' => $GLOBALS['login_user_id_valid_until'] ?? '',
'output_name' => 'loginUserId valid until',
'type' => 'datetime',
'error_check' => 'datetime',
'sql_read' => 'YYYY-MM-DD HH24:MI',
'datetime' => 1,
],
'edit_language_id' => [
'value' => $GLOBALS['edit_language_id'] ?? '',
'output_name' => 'Language',
@@ -187,7 +262,8 @@ $edit_users = [
'cols' => 60
],
],
'load_query' => "SELECT edit_user_id, username, enabled, debug, db_debug, strict, locked, login_error_count "
'load_query' => "SELECT edit_user_id, username, enabled, deleted, "
. "strict, locked, login_error_count "
. "FROM edit_user ORDER BY username",
'table_name' => 'edit_user',
'show_fields' => [
@@ -197,31 +273,26 @@ $edit_users = [
[
'name' => 'enabled',
'binary' => ['Yes', 'No'],
'before_value' => 'Enabled: '
'before_value' => 'ENBL: '
],
[
'name' => 'debug',
'name' => 'deleted',
'binary' => ['Yes', 'No'],
'before_value' => 'Debug: '
],
[
'name' => 'db_debug',
'binary' => ['Yes', 'No'],
'before_value' => 'DB Debug: '
'before_value' => 'DEL: '
],
[
'name' => 'strict',
'binary' => ['Yes', 'No'],
'before_value' => 'Strict: '
'before_value' => 'STRC: '
],
[
'name' => 'locked',
'binary' => ['Yes', 'No'],
'before_value' => 'Locked: '
'before_value' => 'LCK: '
],
[
'name' => 'login_error_count',
'before_value' => 'Errors: '
'before_value' => 'ERR: '
],
],
'element_list' => [

5
www/includes/templates/admin/edit_elements.tpl
View File

@@ -32,7 +32,10 @@
<input type="hidden" name="HIDDEN_{$element.data.name}" value="{$element.data.HIDDEN_value}">
{/if}
{if $element.type == 'date'}
<input type="text" name="{$element.data.name}" value="{$element.data.value}" size="10" maxlength="10">
<input type="text" name="{$element.data.name}" value="{$element.data.value}" size="10" maxlength="10" placeholder="YYYY-MM-DD">
{/if}
{if $element.type == 'datetime'}
<input type="text" name="{$element.data.name}" value="{$element.data.value}" size="16" maxlength="16" placeholder="YYYY-MM-DD HH:mm">
{/if}
{if $element.type == 'textarea'}
<textarea name="{$element.data.name}"{if $element.data.rows} rows="{$element.data.rows}"{/if}{if $element.data.cols} cols="{$element.data.cols}"{/if}>{$element.data.value}</textarea>

332
www/lib/CoreLibs/ACL/Login.php
View File

@@ -72,30 +72,36 @@ use CoreLibs\Check\Password;
class Login
{
/** @var string */
private $euid; // the user id var
/** @var string the user id var*/
private $euid;
/** @var string _GET/_POST loginUserId parameter for non password login */
private $login_user_id = '';
/** @var string source, either _GET or _POST or empty */
private $login_user_id_source = '';
/** @var bool set to true if illegal characters where found in the login user id string */
private $login_unclear = false;
// is set to one if login okay, or EUID is set and user is okay to access this page
/** @var bool */
private $permission_okay = false;
/** @var string */
public $login; // pressed login
/** @var string */
private $action; // master action command
/** @var string */
private $username; // login name
/** @var string */
private $password; // login password
/** @var string */
private $logout; // logout button
/** @var bool */
private $password_change = false; // if this is set to true, the user can change passwords
/** @var bool */
private $password_change_ok = false; // password change was successful
/** @var string pressed login */
public $login;
/** @var string master action command */
private $action;
/** @var string login name */
private $username;
/** @var string login password */
private $password;
/** @var string logout button */
private $logout;
/** @var bool if this is set to true, the user can change passwords */
private $password_change = false;
/** @var bool password change was successful */
private $password_change_ok = false;
// can we reset password and mail to user with new password set screen
/** @var bool */
private $password_forgot = false;
/** @var bool */
// private $password_forgot_ok = false; // password forgot mail send ok
/** @var bool password forgot mail send ok */
// private $password_forgot_ok = false;
/** @var string */
private $change_password;
/** @var string */
@@ -106,8 +112,8 @@ class Login
private $pw_new_password;
/** @var string */
private $pw_new_password_confirm;
/** @var array<string> */
private $pw_change_deny_users = []; // array of users for which the password change is forbidden
/** @var array<string> array of users for which the password change is forbidden */
private $pw_change_deny_users = [];
/** @var string */
private $logout_target = '';
/** @var int */
@@ -117,8 +123,7 @@ class Login
/** @var string */
private $page_name = '';
// if we have password change we need to define some rules
/** @var int */
/** @var int if we have password change we need to define some rules */
private $password_min_length = 9;
/** @var int an true maxium min, can never be set below this */
private $password_min_length_max = 9;
@@ -126,8 +131,7 @@ class Login
// it will be set back to 255
/** @var int */
private $password_max_length = 255;
// can have several regexes, if nothing set, all is ok
/** @var array<string> */
/** @var array<string> can have several regexes, if nothing set, all is ok */
private $password_valid_chars = [
// '^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,}$',
// '^(?.*(\pL)u)(?=.*(\pN)u)(?=.*([^\pL\pN])u).{8,}',
@@ -234,6 +238,14 @@ class Login
'msg' => 'Login Failed - Wrong Username or Password',
'flag' => 'e'
],
'1101' => [
'msg' => 'Login Failed - Login User ID must be validated',
'flag' => 'e'
],
'1102' => [
'msg' => 'Login Failed - Login User ID is outside valid date range',
'flag' => 'e'
],
'102' => [
'msg' => 'Login Failed - Please enter username and password',
'flag' => 'e'
@@ -250,6 +262,18 @@ class Login
'msg' => 'Login Failed - User is locked',
'flag' => 'e'
],
'106' => [
'msg' => 'Login Failed - User is deleted',
'flag' => 'e'
],
'107' => [
'msg' => 'Login Failed - User in locked via date period',
'flag' => 'e'
],
'108' => [
'msg' => 'Login Failed - User is locked via Login User ID',
'flag' => 'e'
],
'109' => [
'msg' => 'Check permission query reading failed',
'flag' => 'e'
@@ -360,6 +384,47 @@ class Login
// **** PRIVATE INTERNAL
// *************************************************************************
/**
* Checks for all flags and sets error codes for each
* In order:
* delete > enable > lock > period lock > login user id lock
*
* @param int $deleted User deleted check
* @param int $enabled User not enabled check
* @param int $locked Locked because of too many invalid passwords
* @param int $locked_period Locked because of time period set
* @param int $login_user_id_locked Locked from using Login User Id
* @return bool
*/
private function loginValidationCheck(
int $deleted,
int $enabled,
int $locked,
int $locked_period,
int $login_user_id_locked
): bool {
$validation = false;
if ($deleted) {
// user is deleted
$this->login_error = 106;
} elseif (!$enabled) {
// user is not enabled
$this->login_error = 104;
} elseif ($locked) {
// user is locked, either set or auto set
$this->login_error = 105;
} elseif ($locked_period) {
// locked date trigger
$this->login_error = 107;
} elseif ($login_user_id_locked) {
// user is locked, either set or auto set
$this->login_error = 108;
} else {
$validation = true;
}
return $validation;
}
/**
* checks if password is valid, sets internal error login variable
*
@@ -393,7 +458,6 @@ class Login
) {
// this means password cannot be decrypted because of missing crypt methods
$this->login_error = 9999;
$password_ok = false;
} elseif (
preg_match("/^\\$2y\\$/", $hash) &&
!Password::passwordVerify($password, $hash)
@@ -401,7 +465,6 @@ class Login
// this is the new password hash method, is only $2y$
// all others are not valid anymore
$this->login_error = 1013;
$password_ok = false;
} elseif (
!preg_match("/^\\$2(a|y)\\$/", $hash) &&
!preg_match("/^\\$1\\$/", $hash) &&
@@ -410,7 +473,6 @@ class Login
) {
// check old plain password, case sensitive
$this->login_error = 1012;
$password_ok = false;
} else {
// all ok
$password_ok = true;
@@ -418,6 +480,28 @@ class Login
return $password_ok;
}
/**
* Check if Login User ID is allowed to login
*
* @param int $login_user_id_valid_date
* @param int $login_user_id_revalidate
* @return bool
*/
private function loginLoginUserIdCheck(
int $login_user_id_valid_date,
int $login_user_id_revalidate
): bool {
$login_id_ok = false;
if ($login_user_id_revalidate) {
$this->login_error = 1101;
} elseif (!$login_user_id_valid_date) {
$this->login_error = 1102;
} else {
$login_id_ok = true;
}
return $login_id_ok;
}
/**
* if user pressed login button this script is called,
* but only if there is no preview euid set
@@ -427,11 +511,12 @@ class Login
private function loginLoginUser(): void
{
// if pressed login at least and is not yet loggined in
if ($this->euid || !$this->login) {
if ($this->euid || (!$this->login && !$this->login_user_id)) {
return;
}
// if not username AND password where given
if (!($this->password && $this->username)) {
// OR no login_user_id
if (!($this->username && $this->password) && !$this->login_user_id) {
$this->login_error = 102;
$this->permission_okay = false;
return;
@@ -441,12 +526,40 @@ class Login
$q = "SELECT eu.edit_user_id, eu.username, eu.password, "
. "eu.edit_group_id, "
. "eg.name AS edit_group_name, admin, "
// login error + locked
. "eu.login_error_count, eu.login_error_date_last, "
. "eu.login_error_date_first, eu.strict, eu.locked, "
// date based lock
. "CASE WHEN ("
. "(eu.lock_until IS NULL "
. "OR (eu.lock_until IS NOT NULL AND NOW() >= eu.lock_until)) "
. "AND (eu.lock_after IS NULL "
. "OR (eu.lock_after IS NOT NULL AND NOW() <= eu.lock_after))"
. ") THEN 0::INT ELSE 1::INT END locked_period, "
// debug (legacy)
. "eu.debug, eu.db_debug, "
// enabled
. "eu.enabled, eu.deleted, "
// login id validation
. "CASE WHEN ("
. "(eu.login_user_id_valid_from IS NULL "
. "OR (eu.login_user_id_valid_from IS NOT NULL AND NOW() >= eu.login_user_id_valid_from)) "
. "AND (eu.login_user_id_valid_until IS NULL "
. "OR (eu.login_user_id_valid_until IS NOT NULL AND NOW() <= eu.login_user_id_valid_until))"
. ") THEN 1::INT ELSE 0::INT END AS login_user_id_valid_date, "
// check if user must login
. "CASE WHEN eu.login_user_id_revalidate_after IS NOT NULL "
. "AND eu.login_user_id_revalidate_after > '0 days'::INTERVAL "
. "AND (eu.login_user_id_set_date + eu.login_user_id_revalidate_after)::DATE "
. "<= NOW()::DATE "
. "THEN 1::INT ELSE 0::INT END AS login_user_id_revalidate, "
. "eu.login_user_id_locked, "
// language
. "el.short_name AS locale, el.iso_name AS encoding, "
// levels
. "eareu.level AS user_level, eareu.type AS user_type, "
. "eareg.level AS group_level, eareg.type AS group_type, "
. "eu.enabled, el.short_name AS locale, el.iso_name AS encoding, "
// colors
. "first.header_color AS first_header_color, "
. "second.header_color AS second_header_color, second.template "
. "FROM edit_user eu "
@@ -458,11 +571,17 @@ class Login
. "edit_scheme first "
. "WHERE first.edit_scheme_id = eg.edit_scheme_id "
. "AND eu.edit_group_id = eg.edit_group_id "
. "AND eu.edit_language_id = el.edit_language_id AND "
. "eu.edit_access_right_id = eareu.edit_access_right_id AND "
. "eg.edit_access_right_id = eareg.edit_access_right_id AND "
// password match is done in script, against old plain or new blowfish encypted
. "(LOWER(username) = '" . $this->db->dbEscapeString(strtolower($this->username)) . "') ";
. "AND eu.edit_language_id = el.edit_language_id "
. "AND eu.edit_access_right_id = eareu.edit_access_right_id "
. "AND eg.edit_access_right_id = eareg.edit_access_right_id "
. "AND "
// either login_user_id OR password must be given
. (!empty($this->login_user_id && empty($this->username)) ?
// check with login id if set and NO username
"eu.login_user_id = " . $this->db->dbEscapeLiteral($this->login_user_id) . " " :
// password match is done in script, against old plain or new blowfish encypted
"LOWER(username) = " . $this->db->dbEscapeLiteral(strtolower($this->username)) . " "
);
// reset any query data that might exist
$this->db->dbCacheReset($q);
// never cache return data
@@ -488,17 +607,34 @@ class Login
// - password is readable
// - encrypted password matches
// - plain password matches
if (!$res['enabled']) {
// user is enabled
$this->login_error = 104;
} elseif ($res['locked']) {
// user is locked, either set or auto set
$this->login_error = 105;
} elseif (!$this->loginPasswordCheck($res['password'])) {
if (
!$this->loginValidationCheck(
(int)$res['deleted'],
(int)$res['enabled'],
(int)$res['locked'],
(int)$res['locked_period'],
(int)$res['login_user_id_locked']
)
) {
// error set in method (104, 105, 106, 107, 108)
} elseif (
empty($this->username) &&
!empty($this->login_user_id) &&
!$this->loginLoginUserIdCheck(
(int)$res['login_user_id_valid_date'],
(int)$res['login_user_id_revalidate']
)
) {
// check done in loginLoginIdCheck method
// aborts on must revalidate and not valid (date range)
} elseif (
!empty($this->username) &&
!$this->loginPasswordCheck($res['password'])
) {
// none to be set, set in login password check
// this is not valid password input error here
// all error codes are set in loginPasswordCheck method
// also valid if login_user_id is ok
} else {
// check if the current password is an invalid hash and do a rehash and set password
// $this->debug('LOGIN', 'Hash: '.$res['password'].' -> VERIFY: '
@@ -1396,6 +1532,34 @@ EOM;
$this->login_is_ajax_page = true;
}
// attach outside uid for login post > get > empty
$this->login_user_id = $_POST['loginUserId'] ?? $_GET['loginUserId'] ?? '';
// cleanup only alphanumeric
if (!empty($this->login_user_id)) {
// set post/get only if actually set
if (isset($_POST['loginUserId'])) {
$this->login_user_id_source = 'POST';
} elseif (isset($_GET['loginUserId'])) {
$this->login_user_id_source = 'GET';
}
// clean login user id
$login_user_id_changed = 0;
$this->login_user_id = preg_replace(
"/[^A-Za-z0-9]/",
'',
$this->login_user_id,
-1,
$login_user_id_changed
);
// flag unclean input data
if ($login_user_id_changed > 0) {
$this->login_unclear = true;
// error for invalid user id?
$this->log->debug('LOGIN USER ID', 'Invalid characters: '
. $login_user_id_changed . ' in loginUserId: '
. $this->login_user_id . ' (' . $this->login_user_id_source . ')');
}
}
// if there is none, there is none, saves me POST/GET check
$this->euid = array_key_exists('EUID', $_SESSION) ? $_SESSION['EUID'] : 0;
// get login vars, are so, can't be changed
@@ -1706,8 +1870,31 @@ EOM;
if ($this->login_error == 103) {
return $this->permission_okay;
}
// if ($this->euid && $this->login_error != 103) {
$q = "SELECT ep.filename "
$q = "SELECT ep.filename, "
// base lock flags
. "eu.deleted, eu.enabled, eu.locked, "
// date based lock
. "CASE WHEN ("
. "(eu.lock_until IS NULL "
. "OR (eu.lock_until IS NOT NULL AND NOW() >= eu.lock_until)) "
. "AND (eu.lock_after IS NULL "
. "OR (eu.lock_after IS NOT NULL AND NOW() <= eu.lock_after))"
. ") THEN 0::INT ELSE 1::INT END locked_period, "
// login id validation
. "login_user_id, "
. "CASE WHEN ("
. "(eu.login_user_id_valid_from IS NULL "
. "OR (eu.login_user_id_valid_from IS NOT NULL AND NOW() >= eu.login_user_id_valid_from)) "
. "AND (eu.login_user_id_valid_until IS NULL "
. "OR (eu.login_user_id_valid_until IS NOT NULL AND NOW() <= eu.login_user_id_valid_until))"
. ") THEN 1::INT ELSE 0::INT END AS login_user_id_valid_date, "
// check if user must login
. "CASE WHEN eu.login_user_id_revalidate_after IS NOT NULL "
. "AND eu.login_user_id_revalidate_after > '0 days'::INTERVAL "
. "AND eu.login_user_id_set_date + eu.login_user_id_revalidate_after <= NOW()::DATE "
. "THEN 1::INT ELSE 0::INT END AS login_user_id_revalidate, "
. "eu.login_user_id_locked "
//
. "FROM edit_page ep, edit_page_access epa, edit_group eg, edit_user eu "
. "WHERE ep.edit_page_id = epa.edit_page_id "
. "AND eg.edit_group_id = epa.edit_group_id "
@@ -1720,6 +1907,30 @@ EOM;
$this->login_error = 109;
return $this->permission_okay;
}
if (
!$this->loginValidationCheck(
(int)$res['deleted'],
(int)$res['enabled'],
(int)$res['locked'],
(int)$res['locked_period'],
(int)$res['login_user_id_locked']
)
) {
// errors set in method
return $this->permission_okay;
}
// if login user id parameter and no username, check period here
if (
empty($this->username) &&
!empty($this->login_user_id) &&
!$this->loginLoginUserIdCheck(
(int)$res['login_user_id_valid_date'],
(int)$res['login_user_id_revalidate']
)
) {
// errors set in method
return $this->permission_okay;
}
if (isset($res['filename']) && $res['filename'] == $this->page_name) {
$this->permission_okay = true;
} else {
@@ -1917,6 +2128,37 @@ EOM;
return false;
}
/**
* Returns current set loginUserId or empty if unset
*
* @return string loginUserId or empty string for not set
*/
public function loginGetLoginUserId(): string
{
return $this->login_user_id;
}
/**
* Returns GET/POST for where the loginUserId was set
*
* @return string GET or POST or empty string for not set
*/
public function loginGetLoginUserIdSource(): string
{
return $this->login_user_id_source;
}
/**
* Returns unclear login user id state. If true then illegal characters
* where present in the loginUserId parameter
*
* @return bool False for clear, True if illegal characters found
*/
public function loginGetLoginUserIdUnclean(): bool
{
return $this->login_unclear;
}
/**
* old name for loginGetEditAccessData
*

36
www/lib/CoreLibs/DB/Extended/ArrayIO.php
View File

@@ -177,7 +177,7 @@ class ArrayIO extends \CoreLibs\DB\IO
public function dbResetArray($reset_pk = false): void
{
reset($this->table_array);
foreach ($this->table_array as $column => $data_array) {
foreach (array_keys($this->table_array) as $column) {
if (!$this->table_array[$column]['pk']) {
unset($this->table_array[$column]['value']);
} elseif ($reset_pk) {
@@ -208,7 +208,7 @@ class ArrayIO extends \CoreLibs\DB\IO
// delete files and build FK query
reset($this->table_array);
$q_where = '';
foreach ($this->table_array as $column => $data_array) {
foreach (array_keys($this->table_array) as $column) {
// suchen nach bildern und lschen ...
if (
!empty($this->table_array[$column]['file']) &&
@@ -271,11 +271,22 @@ class ArrayIO extends \CoreLibs\DB\IO
if ($q_select) {
$q_select .= ', ';
}
$q_select .= $column;
if (
!empty($data_array['type']) && $data_array['type'] == 'datetime' &&
!empty($data_array['sql_read'])
) {
// convert tom different timestamp type
$q_select .= "TO_CHAR($column, '" . $data_array['sql_read'] . "') AS $column";
} else {
$q_select .= $column;
}
// check FK ...
if (isset($this->table_array[$column]['fk']) && isset($this->table_array[$column]['value'])) {
if ($q_where) {
if (
isset($this->table_array[$column]['fk']) &&
isset($this->table_array[$column]['value'])
) {
if (!empty($q_where)) {
$q_where .= ' AND ';
}
$q_where .= $column .= ' = ' . $this->table_array[$column]['value'];
@@ -450,7 +461,12 @@ class ArrayIO extends \CoreLibs\DB\IO
} elseif (isset($this->table_array[$column]['bool'])) {
// boolean storeage (reverse check on ifset)
$q_data .= "'" . $this->dbBoolean($this->table_array[$column]['value'], true) . "'";
} elseif (isset($this->table_array[$column]['interval'])) {
} elseif (
isset($this->table_array[$column]['interval']) ||
isset($this->table_array[$column]['date']) ||
isset($this->table_array[$column]['datetime']) ||
isset($this->table_array[$column]['emptynull'])
) {
// for interval we check if no value, then we set null
if (
!isset($this->table_array[$column]['value']) ||
@@ -458,7 +474,7 @@ class ArrayIO extends \CoreLibs\DB\IO
) {
$_value = 'NULL';
} elseif (isset($this->table_array[$column]['value'])) {
$_value = $this->table_array[$column]['value'];
$_value = $this->dbEscapeLiteral($this->table_array[$column]['value']);
} else {
// fallback
$_value = 'NULL';
@@ -500,7 +516,10 @@ class ArrayIO extends \CoreLibs\DB\IO
// create select part & addition FK part
foreach ($this->table_array as $column => $data_array) {
// check FK ...
if (isset($this->table_array[$column]['fk']) && isset($this->table_array[$column]['value'])) {
if (
isset($this->table_array[$column]['fk']) &&
isset($this->table_array[$column]['value'])
) {
if (!empty($q_where)) {
$q_where .= ' AND ';
}
@@ -546,7 +565,6 @@ class ArrayIO extends \CoreLibs\DB\IO
}
// set primary key
if ($insert) {
// FIXME: this has to be fixes by fixing DB::IO clas
$insert_id = $this->dbGetInsertPK();
if (is_array($insert_id)) {
$insert_id = 0;

31
www/lib/CoreLibs/Output/Form/Generate.php
View File

@@ -969,11 +969,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
}
// date (YYYY-MM-DD)
if ($this->table_array[$element_name]['type'] == 'date') {
if (!$this->table_array[$element_name]['value']) {
$this->table_array[$element_name]['value'] = 'YYYY-MM-DD';
}
$data['name'] = $element_name;
$data['value'] = $this->table_array[$element_name]['value'];
$data['value'] = $this->table_array[$element_name]['value'] ?? '';
}
// date time (no sec) (YYYY-MM-DD HH:mm)
if ($this->table_array[$element_name]['type'] == 'datetime') {
$data['name'] = $element_name;
$data['value'] = $this->table_array[$element_name]['value'] ?? '';
}
// textarea
if ($this->table_array[$element_name]['type'] == 'textarea') {
@@ -1168,7 +1170,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
if (!\CoreLibs\Combined\DateTime::checkDate($this->table_array[$key]['value'])) {
$this->msg .= sprintf(
$this->l->__(
'Please enter a vailid date (YYYY-MM-DD) for the <b>%s</b> Field!<br>'
'Please enter a valid date (YYYY-MM-DD) for the <b>%s</b> Field!<br>'
),
$this->table_array[$key]['output_name']
);
@@ -1178,17 +1180,30 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
if (!\CoreLibs\Combined\DateTime::checkDateTime($this->table_array[$key]['value'])) {
$this->msg .= sprintf(
$this->l->__(
'Please enter a vailid time (HH:MM[:SS]) for the <b>%s</b> Field!<br>'
'Please enter a valid time (HH:mm[:SS]) for the <b>%s</b> Field!<br>'
),
$this->table_array[$key]['output_name']
);
}
break;
case 'datetime': // YYYY-MM-DD HH:MM[:SS]
// not implemented
if (!\CoreLibs\Combined\DateTime::checkDateTime($this->table_array[$key]['value'])) {
$this->msg .= sprintf(
$this->l->__(
'Please enter a valid date time (YYYY-MM-DD HH:mm) '
. 'for the <b>%s</b> Field!<br>'
),
$this->table_array[$key]['output_name']
);
}
break;
case 'intervalshort': // ony interval n [Y/M/D] only
if (preg_match("/^\d{1,3}\ ?[YMDymd]{1}$/", $this->table_array[$key]['value'])) {
if (
!preg_match(
"/^\d{1,3}\ ?([ymd]{1}|day(s)?|year(s)?|month(s)?)$/i",
$this->table_array[$key]['value']
)
) {
$this->msg .= sprintf(
$this->l->__(
'Please enter a valid time interval in the format '