Skip to content

Commit

Permalink
Merge branch '4.0' into 'main'
Browse files Browse the repository at this point in the history
  • Loading branch information
@thorsten
thorsten committed Jan 18, 2025
2 parents 108ab10 + a53df1f commit 2b8e55a
Show file tree
Hide file tree
Showing 10 changed files with 146 additions and 39 deletions.
4 changes: 4 additions & 0 deletions phpmyfaq/assets/src/search/question.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,10 @@ export const handleQuestion = () => {
message.insertAdjacentElement('afterend', addElement('div', { classList: '', innerHTML: resultMessage }));
// Add hidden input
form.insertAdjacentElement('afterbegin', addElement('input', { type: 'hidden', name: 'save', value: 1 }));
form.insertAdjacentElement(
'afterbegin',
addElement('input', { type: 'hidden', name: 'store', value: 'now' })
);
}

// Final result
Expand Down
19 changes: 11 additions & 8 deletions phpmyfaq/assets/templates/default/ask.twig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,25 +31,27 @@
<input type="hidden" name="lang" id="lang" value="{{ lang }}">

<div class="row mb-2">
<label class="col-sm-3 col-form-label" for="name">{{ id3_label }}:
<span style="color: red"> *</span></label>
<label class="col-sm-3 col-form-label" for="name">
{{ id3_label }}*:
</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="name" id="name" value="{{ defaultContentName }}" required>
</div>
</div>

<div class="row mb-2">
<label class="col-sm-3 col-form-label" for="email">{{ id4_label }}:
<span style="color: red"> *</span></label>
<label class="col-sm-3 col-form-label" for="email">
{{ id4_label }}*:
</label>
<div class="col-sm-9">
<input type="email" class="form-control" name="email" id="email" value="{{ defaultContentMail }}" required>
</div>
</div>

{% if id5_label is defined %}
<div class="row mb-2">
<label class="col-sm-3 col-form-label" for="category">{{ id5_label }}:
{% if id5_required == 'required' %}<span style="color: red"> *</span>{% endif %}
<label class="col-sm-3 col-form-label" for="category">
{{ id5_label }}{% if id5_required == 'required' %}*{% endif %}:
</label>
<div class="col-sm-9">
<select name="category" class="form-select" id="category" {{ id5_required }}>
Expand All @@ -60,8 +62,9 @@
{% endif %}

<div class="row mb-2">
<label class="col-sm-3 col-form-label" for="question">{{ id6_label }}:
<span style="color: red"> *</span></label>
<label class="col-sm-3 col-form-label" for="question">
{{ id6_label }}*:
</label>
<div class="col-sm-9">
<textarea class="form-control" cols="45" rows="5" name="question" id="question" required></textarea>
</div>
Expand Down
2 changes: 1 addition & 1 deletion phpmyfaq/src/phpMyFAQ/Configuration.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -517,7 +517,7 @@ public function replaceMainReferenceUrl(string $oldUrl, string $newUrl): bool
*/
public function getAllowedMediaHosts(): array
{
return explode(',', $this->get('records.allowedMediaHosts'));
return explode(',', trim($this->get('records.allowedMediaHosts')));
}

public function getCustomCss(): string
Expand Down
31 changes: 15 additions & 16 deletions phpmyfaq/src/phpMyFAQ/Controller/Frontend/QuestionController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,7 @@ class QuestionController extends AbstractController
*/
public function create(Request $request): JsonResponse
{
$user = CurrentUser::getCurrentUser($this->configuration);

if (!$this->isAddingQuestionsAllowed($user)) {
if (!$this->isAddingQuestionsAllowed()) {
return $this->json(['error' => Translation::get('ad_msg_noauth')], Response::HTTP_FORBIDDEN);
}

Expand All @@ -69,14 +67,15 @@ public function create(Request $request): JsonResponse
$selectedCategory = isset($data->category) ? Filter::filterVar($data->category, FILTER_VALIDATE_INT) : false;
$userQuestion = trim(strip_tags((string) $data->question));
$save = Filter::filterVar($data->save ?? 0, FILTER_VALIDATE_INT);
$storeNow = Filter::filterVar($data->store ?? 'not', FILTER_SANITIZE_SPECIAL_CHARS);

// If smart answering is disabled, save the question immediately
if (false === $this->configuration->get('main.enableSmartAnswering')) {
$save = true;
}

// Validate captcha
if (!$this->captchaCodeIsValid($request)) {
// Validate captcha if we can store the question after displaying the smart answer
if ($storeNow !== 'now' && !$this->captchaCodeIsValid($request)) {
return $this->json(['error' => Translation::get('msgCaptcha')], Response::HTTP_BAD_REQUEST);
}

Expand Down Expand Up @@ -108,7 +107,7 @@ public function create(Request $request): JsonResponse
$faqSearch->setCategoryId((int) $selectedCategory);

$faqPermission = new Permission($this->configuration);
$faqSearchResult = new SearchResultSet($user, $faqPermission, $this->configuration);
$faqSearchResult = new SearchResultSet($this->currentUser, $faqPermission, $this->configuration);

$searchResult = array_merge(...array_map(
fn($word) => $faqSearch->search($word, false),
Expand All @@ -134,16 +133,16 @@ public function create(Request $request): JsonResponse
}
}

private function isAddingQuestionsAllowed(CurrentUser $user): bool
/**
* @throws \Exception
*/
private function isAddingQuestionsAllowed(): bool
{
if (
!$this->configuration->get('records.allowQuestionsForGuests') &&
!$this->configuration->get('main.enableAskQuestions') &&
!$user->perm->hasPermission($user->getUserId(), PermissionType::QUESTION_ADD->value)
) {
return false;
}

return true;
return $this->configuration->get('records.allowQuestionsForGuests') ||
$this->configuration->get('main.enableAskQuestions') ||
$this->currentUser->perm->hasPermission(
$this->currentUser->getUserId(),
PermissionType::QUESTION_ADD->value
);
}
}
36 changes: 26 additions & 10 deletions phpmyfaq/src/phpMyFAQ/Faq/Permission.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,23 +139,39 @@ public function createPermissionArray(): array
'restricted_user' => [-1],
];
} else {
$permissions += [
'restricted_user' => [
Filter::filterVar($data->restricted_users, FILTER_VALIDATE_INT),
],
];
if (is_string($data->restricted_users)) {
$permissions += [
'restricted_user' => [
Filter::filterVar(array($data->restricted_users), FILTER_VALIDATE_INT),
],
];
} else {
$permissions += [
'restricted_user' => [
Filter::filterVar($data->restricted_users, FILTER_VALIDATE_INT),
],
];
}
}

if ('all' === Filter::filterVar($data->grouppermission, FILTER_SANITIZE_SPECIAL_CHARS)) {
$permissions += [
'restricted_groups' => [-1],
];
} else {
$permissions += [
'restricted_groups' => [
Filter::filterArray($data->{'restricted_groups'}, FILTER_VALIDATE_INT),
]
];
if (is_string($data->restricted_groups)) {
$permissions += [
'restricted_groups' => [
Filter::filterVar(array($data->restricted_groups), FILTER_VALIDATE_INT),
]
];
} else {
$permissions += [
'restricted_groups' => [
Filter::filterArray($data->restricted_groups, FILTER_VALIDATE_INT),
]
];
}
}

return $permissions;
Expand Down
2 changes: 1 addition & 1 deletion phpmyfaq/src/phpMyFAQ/Instance/Database/Mysqli.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ class Mysqli extends Database implements Driver
form_id INT(1) NOT NULL,
input_id INT(11) NOT NULL,
input_type VARCHAR(1000) NOT NULL,
input_label VARCHAR(100) NOT NULL,
input_label VARCHAR(500) NOT NULL,
input_active INT(1) NOT NULL,
input_required INT(1) NOT NULL,
input_lang VARCHAR(11) NOT NULL)',
Expand Down
2 changes: 1 addition & 1 deletion phpmyfaq/src/phpMyFAQ/Instance/Database/Pgsql.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ class Pgsql extends Database implements Driver
form_id INTEGER NOT NULL,
input_id INTEGER NOT NULL,
input_type VARCHAR(1000) NOT NULL,
input_label VARCHAR(100) NOT NULL,
input_label VARCHAR(500) NOT NULL,
input_active INTEGER NOT NULL,
input_required INTEGER NOT NULL,
input_lang VARCHAR(11) NOT NULL)',
Expand Down
2 changes: 1 addition & 1 deletion phpmyfaq/src/phpMyFAQ/Instance/Database/Sqlite3.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ class Sqlite3 extends Database implements Driver
form_id INTEGER NOT NULL,
input_id INTEGER NOT NULL,
input_type VARCHAR(1000) NOT NULL,
input_label VARCHAR(100) NOT NULL,
input_label VARCHAR(500) NOT NULL,
input_active INTEGER NOT NULL,
input_required INTEGER NOT NULL,
input_lang VARCHAR(11) NOT NULL)',
Expand Down
2 changes: 1 addition & 1 deletion phpmyfaq/src/phpMyFAQ/Instance/Database/Sqlsrv.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ class Sqlsrv extends Database implements Driver
form_id INTEGER NOT NULL,
input_id INTEGER NOT NULL,
input_type NVARCHAR(1000) NOT NULL,
input_label NVARCHAR(100) NOT NULL,
input_label NVARCHAR(500) NOT NULL,
input_active INTEGER NOT NULL,
input_required INTEGER NOT NULL,
input_lang NVARCHAR(11) NOT NULL)',
Expand Down
85 changes: 85 additions & 0 deletions phpmyfaq/src/phpMyFAQ/Setup/Update.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,7 @@ public function applyUpdates(): bool
$this->applyUpdates400Alpha2();
$this->applyUpdates400Alpha3();
$this->applyUpdates400Beta2();
$this->applyUpdates405();

// 4.1 updates
$this->applyUpdates410Alpha();
Expand Down Expand Up @@ -863,6 +864,90 @@ private function applyUpdates400Beta2(): void
}
}

private function applyUpdates405(): void
{
if (version_compare($this->version, '4.0.5', '<')) {
// Delete old permissions
$this->queries[] = sprintf(
'DELETE FROM %sfaqright WHERE name = \'view_sections\'',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'DELETE FROM %sfaqright WHERE name = \'add_section\'',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'DELETE FROM %sfaqright WHERE name = \'edit_section\'',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'DELETE FROM %sfaqright WHERE name = \'delete_section\'',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'DELETE FROM %sfaqright WHERE name = \'delete_section\'',
Database::getTablePrefix()
);

// Update faqforms table
switch (Database::getType()) {
case 'mysqli':
$this->queries[] = sprintf(
'ALTER TABLE %sfaqforms CHANGE input_label input_label VARCHAR(500) NOT NULL',
Database::getTablePrefix()
);
break;
case 'pgsql':
$this->queries[] = sprintf(
'ALTER TABLE %sfaqforms ALTER COLUMN input_label TYPE VARCHAR(500)',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'ALTER TABLE %sfaqforms ALTER COLUMN input_label SET NOT NULL',
Database::getTablePrefix()
);
break;
case 'sqlite3':
$this->queries[] = sprintf(
'ALTER TABLE %sfaqforms RENAME TO %sfaqforms_old',
Database::getTablePrefix(),
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'CREATE TABLE %sfaqforms (
form_id INTEGER NOT NULL,
input_id INTEGER NOT NULL,
input_type VARCHAR(1000) NOT NULL,
input_label VARCHAR(500) NOT NULL,
input_active INTEGER NOT NULL,
input_required INTEGER NOT NULL,
input_lang VARCHAR(11) NOT NULL
)',
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'INSERT INTO %sfaqforms
SELECT
form_id, input_id, input_type, input_label, input_active, input_required, input_lang
FROM %sfaqforms_old',
Database::getTablePrefix(),
Database::getTablePrefix()
);
$this->queries[] = sprintf(
'DROP TABLE %sfaqforms_old;',
Database::getTablePrefix()
);
break;
case 'sqlsrv':
$this->queries[] = sprintf(
'ALTER TABLE %sfaqforms ALTER COLUMN input_label NVARCHAR(500) NOT NULL',
Database::getTablePrefix()
);
break;
}
}
}

private function applyUpdates410Alpha(): void
{
if (version_compare($this->version, '4.1.0-alpha', '<')) {
Expand Down

0 comments on commit 2b8e55a

Please sign in to comment.