Peter M. Groen / knowledgetree

Commit 19901b7b119fd46dc9c54b96641baf8dfad87eef

Authored by Conrad Vermeulen
1 parent d0d5f392

KTS-3093 

"Creating fieldsets and fields with quotes results in double escaping of names and descriptions"
Fixed.

Committed By: Conrad Vermeulen
Reviewed By: Megan Watson

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@8165 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 2 changed files with 54 additions and 54 deletions
lib/documentmanagement/DocumentField.inc
  View file @19901b7
@@ -7,32 +7,32 @@ @@ -7,32 +7,32 @@
7 * KnowledgeTree Open Source Edition 7 * KnowledgeTree Open Source Edition
8 * Document Management Made Simple 8 * Document Management Made Simple
9 * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited 9 * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited
10 - * 10 + *
11 * This program is free software; you can redistribute it and/or modify it under 11 * This program is free software; you can redistribute it and/or modify it under
12 * the terms of the GNU General Public License version 3 as published by the 12 * the terms of the GNU General Public License version 3 as published by the
13 * Free Software Foundation. 13 * Free Software Foundation.
14 - * 14 + *
15 * This program is distributed in the hope that it will be useful, but WITHOUT 15 * This program is distributed in the hope that it will be useful, but WITHOUT
16 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 16 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
17 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 17 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
18 * details. 18 * details.
19 - * 19 + *
20 * You should have received a copy of the GNU General Public License 20 * You should have received a copy of the GNU General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>. 21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 - * 22 + *
23 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, 23 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
24 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. 24 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
25 - * 25 + *
26 * The interactive user interfaces in modified source and object code versions 26 * The interactive user interfaces in modified source and object code versions
27 * of this program must display Appropriate Legal Notices, as required under 27 * of this program must display Appropriate Legal Notices, as required under
28 * Section 5 of the GNU General Public License version 3. 28 * Section 5 of the GNU General Public License version 3.
29 - * 29 + *
30 * In accordance with Section 7(b) of the GNU General Public License version 3, 30 * In accordance with Section 7(b) of the GNU General Public License version 3,
31 * these Appropriate Legal Notices must retain the display of the "Powered by 31 * these Appropriate Legal Notices must retain the display of the "Powered by
32 - * KnowledgeTree" logo and retain the original copyright notice. If the display of the 32 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
33 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices 33 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
34 - * must display the words "Powered by KnowledgeTree" and retain the original  
35 - * copyright notice. 34 + * must display the words "Powered by KnowledgeTree" and retain the original
  35 + * copyright notice.
36 * Contributor( s): ______________________________________ 36 * Contributor( s): ______________________________________
37 */ 37 */
38 38
@@ -79,10 +79,10 @@ class DocumentField extends KTEntity { @@ -79,10 +79,10 @@ class DocumentField extends KTEntity {
79 } 79 }
80 80
81 function getID() { return $this->iId; } 81 function getID() { return $this->iId; }
82 - function getName() { return sanitizeForSQLtoHTML($this->sName); }  
83 - function setName($sNewValue) { $this->sName = sanitizeForSQL($sNewValue); }  
84 - function setDescription($sNewValue) { $this->sDescription = sanitizeForSQL($sNewValue); }  
85 - function getDescription() { return sanitizeForSQLtoHTML($this->sDescription); } 82 + function getName() { return $this->sName; }
  83 + function setName($sNewValue) { $this->sName = $sNewValue; }
  84 + function setDescription($sNewValue) { $this->sDescription = $sNewValue; }
  85 + function getDescription() { return $this->sDescription; }
86 function getDataType() { return $this->sDataType; } 86 function getDataType() { return $this->sDataType; }
87 function setDataType($sNewValue) { $this->sDataType = $sNewValue; } 87 function setDataType($sNewValue) { $this->sDataType = $sNewValue; }
88 function getIsGeneric() { return $this->bIsGeneric; } 88 function getIsGeneric() { return $this->bIsGeneric; }
lib/metadata/fieldset.inc.php
  View file @19901b7
@@ -5,32 +5,32 @@ @@ -5,32 +5,32 @@
5 * KnowledgeTree Open Source Edition 5 * KnowledgeTree Open Source Edition
6 * Document Management Made Simple 6 * Document Management Made Simple
7 * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited 7 * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited
8 - * 8 + *
9 * This program is free software; you can redistribute it and/or modify it under 9 * This program is free software; you can redistribute it and/or modify it under
10 * the terms of the GNU General Public License version 3 as published by the 10 * the terms of the GNU General Public License version 3 as published by the
11 * Free Software Foundation. 11 * Free Software Foundation.
12 - * 12 + *
13 * This program is distributed in the hope that it will be useful, but WITHOUT 13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
16 * details. 16 * details.
17 - * 17 + *
18 * You should have received a copy of the GNU General Public License 18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>. 19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 - * 20 + *
21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, 21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. 22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
23 - * 23 + *
24 * The interactive user interfaces in modified source and object code versions 24 * The interactive user interfaces in modified source and object code versions
25 * of this program must display Appropriate Legal Notices, as required under 25 * of this program must display Appropriate Legal Notices, as required under
26 * Section 5 of the GNU General Public License version 3. 26 * Section 5 of the GNU General Public License version 3.
27 - * 27 + *
28 * In accordance with Section 7(b) of the GNU General Public License version 3, 28 * In accordance with Section 7(b) of the GNU General Public License version 3,
29 * these Appropriate Legal Notices must retain the display of the "Powered by 29 * these Appropriate Legal Notices must retain the display of the "Powered by
30 - * KnowledgeTree" logo and retain the original copyright notice. If the display of the 30 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices 31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
32 - * must display the words "Powered by KnowledgeTree" and retain the original  
33 - * copyright notice. 32 + * must display the words "Powered by KnowledgeTree" and retain the original
  33 + * copyright notice.
34 * Contributor( s): ______________________________________ 34 * Contributor( s): ______________________________________
35 * 35 *
36 */ 36 */
@@ -45,7 +45,7 @@ require_once(KT_LIB_DIR . &quot;/util/sanitize.inc&quot;); @@ -45,7 +45,7 @@ require_once(KT_LIB_DIR . &quot;/util/sanitize.inc&quot;);
45 * Represents the basic grouping of fields into a fieldset. 45 * Represents the basic grouping of fields into a fieldset.
46 */ 46 */
47 class KTFieldset extends KTEntity { 47 class KTFieldset extends KTEntity {
48 - 48 +
49 /** primary key value */ 49 /** primary key value */
50 var $iId = -1; 50 var $iId = -1;
51 /** document fieldset name */ 51 /** document fieldset name */
@@ -54,7 +54,7 @@ class KTFieldset extends KTEntity { @@ -54,7 +54,7 @@ class KTFieldset extends KTEntity {
54 var $sDescription; 54 var $sDescription;
55 /** document fieldset namespace */ 55 /** document fieldset namespace */
56 var $sNamespace; 56 var $sNamespace;
57 - 57 +
58 /** document fieldset mandatory flag */ 58 /** document fieldset mandatory flag */
59 var $bMandatory = false; 59 var $bMandatory = false;
60 var $iMasterFieldId; 60 var $iMasterFieldId;
@@ -70,30 +70,30 @@ class KTFieldset extends KTEntity { @@ -70,30 +70,30 @@ class KTFieldset extends KTEntity {
70 * is used only by the document management system. 70 * is used only by the document management system.
71 */ 71 */
72 var $bIsSystem = false; 72 var $bIsSystem = false;
73 - 73 +
74 var $_bUsePearError = true; 74 var $_bUsePearError = true;
75 - 75 +
76 function getId() { return $this->iId; } 76 function getId() { return $this->iId; }
77 - function getName() { return sanitizeForSQLtoHTML($this->sName); }  
78 - function setDescription($sNewValue) { $this->sDescription = sanitizeForSQL($sNewValue); }  
79 - function getDescription() { return sanitizeForSQLtoHTML($this->sDescription); }  
80 - function setName($sNewValue) { $this->sName = sanitizeForSQL($sNewValue); } 77 + function getName() { return $this->sName; }
  78 + function setDescription($sNewValue) { $this->sDescription = $sNewValue; }
  79 + function getDescription() { return $this->sDescription; }
  80 + function setName($sNewValue) { $this->sName = $sNewValue; }
81 function getNamespace() { return $this->sNamespace; } 81 function getNamespace() { return $this->sNamespace; }
82 function setNamespace($sNewValue) { $this->sNamespace = $sNewValue; } 82 function setNamespace($sNewValue) { $this->sNamespace = $sNewValue; }
83 function getMandatory() { return $this->bMandatory; } 83 function getMandatory() { return $this->bMandatory; }
84 - function setMandatory($bNewValue) { $this->bMandatory = $bNewValue; } 84 + function setMandatory($bNewValue) { $this->bMandatory = $bNewValue; }
85 function getIsConditional () { return $this->bIsConditional; } 85 function getIsConditional () { return $this->bIsConditional; }
86 - function setIsConditional ($bNewValue) { $this->bIsConditional = $bNewValue; } 86 + function setIsConditional ($bNewValue) { $this->bIsConditional = $bNewValue; }
87 function getMasterFieldId () { return $this->iMasterFieldId; } 87 function getMasterFieldId () { return $this->iMasterFieldId; }
88 - function setMasterFieldId ($iNewValue) { $this->iMasterFieldId = $iNewValue; } 88 + function setMasterFieldId ($iNewValue) { $this->iMasterFieldId = $iNewValue; }
89 function getIsGeneric () { return $this->bIsGeneric; } 89 function getIsGeneric () { return $this->bIsGeneric; }
90 - function setIsGeneric ($bNewValue) { $this->bIsGeneric = $bNewValue; } 90 + function setIsGeneric ($bNewValue) { $this->bIsGeneric = $bNewValue; }
91 function getIsComplete () { return $this->bIsComplete; } 91 function getIsComplete () { return $this->bIsComplete; }
92 - function setIsComplete ($bNewValue) { $this->bIsComplete = $bNewValue; } 92 + function setIsComplete ($bNewValue) { $this->bIsComplete = $bNewValue; }
93 function getIsComplex () { return $this->bIsComplex; } 93 function getIsComplex () { return $this->bIsComplex; }
94 - function setIsComplex ($bNewValue) { $this->bIsComplex = $bNewValue; } 94 + function setIsComplex ($bNewValue) { $this->bIsComplex = $bNewValue; }
95 function getIsSystem () { return $this->bIsSystem; } 95 function getIsSystem () { return $this->bIsSystem; }
96 - function setIsSystem ($bNewValue) { $this->bIsSystem = $bNewValue; } 96 + function setIsSystem ($bNewValue) { $this->bIsSystem = $bNewValue; }
97 97
98 var $_aFieldToSelect = array( 98 var $_aFieldToSelect = array(
99 "iId" => "id", 99 "iId" => "id",
@@ -108,17 +108,17 @@ class KTFieldset extends KTEntity { @@ -108,17 +108,17 @@ class KTFieldset extends KTEntity {
108 "bIsComplex" => "is_complex", 108 "bIsComplex" => "is_complex",
109 "bIsSystem" => "is_system", 109 "bIsSystem" => "is_system",
110 ); 110 );
111 - 111 +
112 // returns TRUE if all children are lookup enabled, false otherwise. 112 // returns TRUE if all children are lookup enabled, false otherwise.
113 function canBeMadeConditional() { 113 function canBeMadeConditional() {
114 if ($this->getIsConditional()) { 114 if ($this->getIsConditional()) {
115 return false; 115 return false;
116 } 116 }
117 - 117 +
118 // DEBUG 118 // DEBUG
119 return false; 119 return false;
120 } 120 }
121 - 121 +
122 function _table () { 122 function _table () {
123 return KTUtil::getTableName('fieldsets'); 123 return KTUtil::getTableName('fieldsets');
124 } 124 }
@@ -127,13 +127,13 @@ class KTFieldset extends KTEntity { @@ -127,13 +127,13 @@ class KTFieldset extends KTEntity {
127 127
128 128
129 129
130 - /* 130 + /*
131 * get document types using this field 131 * get document types using this field
132 - * for listing displays 132 + * for listing displays
133 */ 133 */
134 function &getDocumentTypesUsing($aOptions = null) { 134 function &getDocumentTypesUsing($aOptions = null) {
135 $bIds = KTUtil::arrayGet($aOptions, 'ids'); 135 $bIds = KTUtil::arrayGet($aOptions, 'ids');
136 - 136 +
137 $sTable = KTUtil::getTableName('document_type_fieldsets'); 137 $sTable = KTUtil::getTableName('document_type_fieldsets');
138 138
139 $aQuery = array( 139 $aQuery = array(
@@ -161,7 +161,7 @@ class KTFieldset extends KTEntity { @@ -161,7 +161,7 @@ class KTFieldset extends KTEntity {
161 161
162 // Static function 162 // Static function
163 function &get($iId) { return KTEntityUtil::get('KTFieldset', $iId); } 163 function &get($iId) { return KTEntityUtil::get('KTFieldset', $iId); }
164 - function &getList($sWhereClause = null) { return KTEntityUtil::getList2('KTFieldset', $sWhereClause); } 164 + function &getList($sWhereClause = null) { return KTEntityUtil::getList2('KTFieldset', $sWhereClause); }
165 function &createFromArray($aOptions) { return KTEntityUtil::createFromArray('KTFieldset', $aOptions); } 165 function &createFromArray($aOptions) { return KTEntityUtil::createFromArray('KTFieldset', $aOptions); }
166 166
167 function &getNonGenericFieldsets($aOptions = null) { 167 function &getNonGenericFieldsets($aOptions = null) {
@@ -172,18 +172,18 @@ class KTFieldset extends KTEntity { @@ -172,18 +172,18 @@ class KTFieldset extends KTEntity {
172 'is_generic' => false, 172 'is_generic' => false,
173 'disabled' => false, 173 'disabled' => false,
174 ), $aOptions); 174 ), $aOptions);
175 - } 175 + }
176 176
177 function &getGenericFieldsets($aOptions = null) { 177 function &getGenericFieldsets($aOptions = null) {
178 $aOptions = KTUtil::meldOptions( 178 $aOptions = KTUtil::meldOptions(
179 - $aOptions, 179 + $aOptions,
180 array('multi' => true,) 180 array('multi' => true,)
181 ); 181 );
182 return KTEntityUtil::getByDict('KTFieldset', array( 182 return KTEntityUtil::getByDict('KTFieldset', array(
183 'is_generic' => true, 183 'is_generic' => true,
184 'disabled' => false, 184 'disabled' => false,
185 ), $aOptions); 185 ), $aOptions);
186 - } 186 + }
187 187
188 function &getForDocumentType($oDocumentType, $aOptions = null) { 188 function &getForDocumentType($oDocumentType, $aOptions = null) {
189 $bIds = KTUtil::arrayGet($aOptions, 'ids'); 189 $bIds = KTUtil::arrayGet($aOptions, 'ids');
@@ -192,7 +192,7 @@ class KTFieldset extends KTEntity { @@ -192,7 +192,7 @@ class KTFieldset extends KTEntity {
192 } else { 192 } else {
193 $iDocumentTypeId = $oDocumentType; 193 $iDocumentTypeId = $oDocumentType;
194 } 194 }
195 - 195 +
196 $sTable = KTUtil::getTableName('document_type_fieldsets'); 196 $sTable = KTUtil::getTableName('document_type_fieldsets');
197 $aQuery = array( 197 $aQuery = array(
198 "SELECT fieldset_id FROM $sTable WHERE document_type_id = ?", 198 "SELECT fieldset_id FROM $sTable WHERE document_type_id = ?",
@@ -210,22 +210,22 @@ class KTFieldset extends KTEntity { @@ -210,22 +210,22 @@ class KTFieldset extends KTEntity {
210 } 210 }
211 return $aRet; 211 return $aRet;
212 } 212 }
213 - 213 +
214 function &getAssociatedTypes() { 214 function &getAssociatedTypes() {
215 // NOTE: this returns null if we are generic (all is the wrong answer) 215 // NOTE: this returns null if we are generic (all is the wrong answer)
216 if ($this->getIsGeneric()) { return array(); } 216 if ($this->getIsGeneric()) { return array(); }
217 - 217 +
218 $sTable = KTUtil::getTableName('document_type_fieldsets'); 218 $sTable = KTUtil::getTableName('document_type_fieldsets');
219 $aQuery = array( 219 $aQuery = array(
220 "SELECT document_type_id FROM $sTable WHERE fieldset_id = ?", 220 "SELECT document_type_id FROM $sTable WHERE fieldset_id = ?",
221 array($this->getId()), 221 array($this->getId()),
222 ); 222 );
223 $aIds = DBUtil::getResultArrayKey($aQuery, 'document_type_id'); 223 $aIds = DBUtil::getResultArrayKey($aQuery, 'document_type_id');
224 - 224 +
225 $aRet = array(); 225 $aRet = array();
226 foreach ($aIds as $iID) { 226 foreach ($aIds as $iID) {
227 $oType = DocumentType::get($iID); 227 $oType = DocumentType::get($iID);
228 - if (!PEAR::isError($oType)) { 228 + if (!PEAR::isError($oType)) {
229 $aRet[] = $oType; 229 $aRet[] = $oType;
230 } 230 }
231 } 231 }
@@ -248,13 +248,13 @@ class KTFieldset extends KTEntity { @@ -248,13 +248,13 @@ class KTFieldset extends KTEntity {
248 'disabled' => false, 248 'disabled' => false,
249 )); 249 ));
250 } 250 }
251 - 251 +
252 function &getByName($sName) { 252 function &getByName($sName) {
253 return KTEntityUtil::getByDict('KTFieldset', array( 253 return KTEntityUtil::getByDict('KTFieldset', array(
254 'name' => $sName, 254 'name' => $sName,
255 'disabled' => false, 255 'disabled' => false,
256 )); 256 ));
257 - } 257 + }
258 } 258 }
259 259
260 ?> 260 ?>