A bunch of sqlform fixes
This commit is contained in:
Martin Kamerbeek
parent
4a67861792
commit
32662367ec
4 changed files with 155 additions and 3 deletions
|
|
@ -11,6 +11,15 @@
|
|||
- fix: CS Phishing Exploit.
|
||||
- fix: Groups admin gui
|
||||
- fix: Wiki does not show history correctly
|
||||
- fix: SQLForm - Field Constraint (Martin Kamerbeek / Oqapi)
|
||||
- fix: SQLForm - Default search template uses downloadUrl in stead of
|
||||
templateUrl for displaying thumbnails. (Martin Kamerbeek / Oqapi)
|
||||
- fix: SQLForm - Required file fields could be left open (Martin Kamerbeek /
|
||||
Oqapi)
|
||||
- fix: SQLForm - Using radio buttons would error when re-edited (Martin Kamerbeek /
|
||||
Oqapi)
|
||||
- fix: SQLForm - DBD Error handling (Martin Kamerbeek / Oqapi)
|
||||
|
||||
|
||||
7.3.1
|
||||
- Fixed a problem with IE and resizable text areas that caused IE to crash
|
||||
|
|
|
|||
83
docs/upgrades/templates-7.3.2/default-sqlform-search.tmpl
Normal file
83
docs/upgrades/templates-7.3.2/default-sqlform-search.tmpl
Normal file
|
|
@ -0,0 +1,83 @@
|
|||
#SQLFormSearchTmpl00001
|
||||
|
||||
<a name="id<tmpl_var assetId>"></a>
|
||||
|
||||
<tmpl_if session.var.adminOn>
|
||||
<p><tmpl_var controls></p>
|
||||
</tmpl_if>
|
||||
|
||||
<div class="SQLForm-contentBox">
|
||||
|
||||
<tmpl_if displayTitle>
|
||||
<h1><tmpl_var title></h1>
|
||||
</tmpl_if>
|
||||
|
||||
<tmpl_var managementLinks>
|
||||
|
||||
<h2>Search records</h2>
|
||||
<a href="<tmpl_var superSearch.url>"><tmpl_var superSearch.label></a><br />
|
||||
|
||||
<tmpl_if errorOccurred>
|
||||
Some error(s) occurred:
|
||||
<ul>
|
||||
<tmpl_loop errorLoop>
|
||||
<li><tmpl_var error.message></li>
|
||||
</tmpl_loop>
|
||||
</ul>
|
||||
</tmpl_if>
|
||||
|
||||
<tmpl_var searchForm>
|
||||
|
||||
<tmpl_if showFieldsDefined>
|
||||
<tmpl_var searchResults.header>
|
||||
<tmpl_var searchResults.actionButtons>
|
||||
<table border="0">
|
||||
<tr>
|
||||
<th></th>
|
||||
<tmpl_if showMetaData>
|
||||
<th>Last update</th>
|
||||
<th>Last update by</th>
|
||||
</tmpl_if>
|
||||
<tmpl_loop headerLoop>
|
||||
<th <tmpl_if
|
||||
header.sort.onThis>color="red"</tmpl_if>>
|
||||
<a href="<tmpl_var header.sort.url>">
|
||||
<tmpl_var header.title>
|
||||
<tmpl_if header.sort.onThis><tmpl_if header.sort.ascending>(asc)<tmpl_else>(desc)</tmpl_if></tmpl_if></a></th>
|
||||
</tmpl_loop>
|
||||
</tr>
|
||||
<tmpl_loop searchResults.recordLoop>
|
||||
<tr>
|
||||
<td><tmpl_var record.controls></td>
|
||||
<tmpl_if showMetaData>
|
||||
<td><tmpl_var record.updateDate></td>
|
||||
<td><tmpl_var record.updatedBy></td>
|
||||
</tmpl_if>
|
||||
<tmpl_loop record.valueLoop>
|
||||
<td>
|
||||
<tmpl_if record.value.isFile>
|
||||
<tmpl_if record.value>
|
||||
<a href="<tmpl_var record.value.downloadUrl>">
|
||||
<tmpl_if record.value.isImage>
|
||||
<img width="100" src="<tmpl_var record.value.thumbnailUrl>" alt="<tmpl_var record.value.downloadUrl>" />
|
||||
<tmpl_else>
|
||||
Click here for file
|
||||
</tmpl_if>
|
||||
</a>
|
||||
</tmpl_if>
|
||||
<tmpl_else>
|
||||
<tmpl_var record.value>
|
||||
</tmpl_if>
|
||||
</td>
|
||||
</tmpl_loop>
|
||||
</tr>
|
||||
</tmpl_loop>
|
||||
</table>
|
||||
<tmpl_var searchResults.actionButtons>
|
||||
<tmpl_var searchResults.footer>
|
||||
<tmpl_else>
|
||||
No fields are defined to be shown in the search results.
|
||||
</tmpl_if>
|
||||
|
||||
</div>
|
||||
|
||||
|
|
@ -608,6 +608,49 @@ sub _createFieldType {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 _databaseLinkHasPrivileges ( wantedPrivileges, databaseLink )
|
||||
|
||||
Returns true if the database link has at least the given privileges.
|
||||
|
||||
=head3 wantedPrivileges
|
||||
|
||||
Arrayref containing the desired privileges (eg. ['SELECT','ALTER'])
|
||||
|
||||
=head3 databaseName
|
||||
|
||||
The name of the database you want to check the privileges of.
|
||||
|
||||
=head3 databaseLink
|
||||
|
||||
An instanciated databaselink object. Defaults to the databaselink of the sqlform table.
|
||||
|
||||
=cut
|
||||
|
||||
sub _databaseLinkHasPrivileges {
|
||||
my (@privileges, @grants, $databaseName);
|
||||
my $self = shift;
|
||||
my $wantedPrivileges = shift;
|
||||
my $dbLink = shift || $self->_getDbLink;
|
||||
|
||||
($databaseName = $dbLink->get->{DSN}) =~ s/^[^:]*:[^:]*:([^:]*)(:.*)?$/$1/;
|
||||
|
||||
@grants = $dbLink->db->buildArray('show grants for current_user');
|
||||
|
||||
foreach (@grants) {
|
||||
if (m/GRANT ([\w\s\d,]*?) ON .$databaseName.*$/) {
|
||||
push(@privileges, (split(/, /,$1)));
|
||||
}
|
||||
}
|
||||
|
||||
return 1 if (isIn('ALL PRIVILEGES', @privileges));
|
||||
|
||||
foreach (@$wantedPrivileges) {
|
||||
return 0 unless (isIn(uc($_), @privileges));
|
||||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 _getDbLink ( )
|
||||
|
||||
Returns a WebGUI::DatabaseLink object for the database the SQLForm table is in.
|
||||
|
|
@ -1178,7 +1221,14 @@ sub processPropertiesFromFormPost {
|
|||
my $self = shift;
|
||||
|
||||
my $dbLink = WebGUI::DatabaseLink->new($self->session, $self->session->form->process("databaseLinkId"));
|
||||
|
||||
|
||||
# $dbLink->db will raise a fatal error if there is a connection error.
|
||||
# return ["Can't connect to database through the selected database link"] unless ($dbLink->db);
|
||||
|
||||
unless ($self->_databaseLinkHasPrivileges([qw(ALTER CREATE DELETE INDEX INSERT SELECT UPDATE)], $dbLink)) {
|
||||
return ["Databaselink does not have enough privileges (Needs ALTER, CREATE, DELETE, INDEX, INSERT, SELECT, UPDATE)"];
|
||||
}
|
||||
|
||||
$tableName = $self->session->form->process("tableName");
|
||||
|
||||
if ($self->session->form->process("assetId") eq 'new') {
|
||||
|
|
@ -2359,7 +2409,13 @@ sub _getFormElement {
|
|||
$fieldParameters->{options} = $field->{options};
|
||||
# make sure that previously selected items still appear for this for element, even if
|
||||
# if is set to a set difference.
|
||||
@{$fieldParameters->{options}}{@$fieldValue} = @{$field->{allOptions}}{@$fieldValue} if ($fieldValue && $field->{hasOptions});
|
||||
if ($fieldValue && $field->{hasOptions}) {
|
||||
if ($field->{canHaveMultipleValues}) {
|
||||
@{$fieldParameters->{options}}{@$fieldValue} = @{$field->{allOptions}}{@$fieldValue};
|
||||
} else {
|
||||
$fieldParameters->{options}->{$fieldValue} = $field->{allOptions}->{$fieldValue};
|
||||
}
|
||||
}
|
||||
$fieldParameters->{options}->{''} = '-leave empty-' if (!$field->{isRequired});
|
||||
$fieldParameters->{name} = $field->{fieldName};
|
||||
$fieldParameters->{value} = $fieldValue unless ($fieldType eq 'file');
|
||||
|
|
@ -2658,6 +2714,7 @@ my @results = $self->session->db->quickArray($sql);
|
|||
push(@update, "__".$fieldName."_mimeType=".$self->session->db->quote($fileType));
|
||||
}
|
||||
} else {
|
||||
push(@error, $i18n->get('ers field required').' '.$field->{displayName}) if ($field->{isRequired});
|
||||
}
|
||||
# Throw error if field is required and empty.
|
||||
} elsif ($self->session->form->process($fieldName) eq '' && $field->{isRequired}) {
|
||||
|
|
|
|||
|
|
@ -39,7 +39,10 @@ function updateFormFields() {
|
|||
// Handle Field constraints section
|
||||
if (document.getElementById('SQLFormFieldConstraintType').value > 0) {
|
||||
enableField('SQLFormFieldConstraintTarget');
|
||||
if (document.getElementById('SQLFormFieldConstraintTarget').value == 'value') {
|
||||
if (
|
||||
(document.getElementById('SQLFormFieldConstraintTarget').value == 'value') ||
|
||||
(document.getElementById('SQLFormFieldConstraintTarget').value == '' && document.getElementById('SQLFormFieldConstraintValue').value != '')
|
||||
) {
|
||||
enableField('SQLFormFieldConstraintValue');
|
||||
} else {
|
||||
disableField('SQLFormFieldConstraintValue');
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue