diff options
16 files changed, 79 insertions, 48 deletions
@@ -34,8 +34,10 @@ BUG: Issue#189 - Page State corrupted when EnableStateValidation=False (Christop BUG: Issue#198 - "Undefined variable: tagName" after error in application configuration. (Christophe) BUG: Issue#200 - TShellApplication failed when no service are defined in application configuration. (Christophe) BUG: Issue#208 - TDbConnection.Charset not working properly (googlenew at pcforum.hu, Christophe) +BUG: Issue#209 - SqlMap doesn't escape inline params properly (Yves) BUG: Issue#212 - Mistaken query executed by TMysqlMetaData (pbenny, Christophe) BUG: Issue#216 - TTabPanel doesn't preserve active tab on callback request (googlenew at pcforum.hu,Christophe) +BUG: Issue~223 - TXmlElement doesn't support all types in attributes - fails to save (Christophe) BUG: Typo in TBoundColumn (Robin) BUG: TActiveDatePicker js error when date format does not have the 3 elements (Christophe) ENH: Add property ClientScriptManagerClass to TPageService and releated changes in TPage.getClientScript() (Yves) @@ -46,7 +48,7 @@ ENH: Modify TDbTableInfo::getColumnNames() to store result in private class memb ENH: Issue#215 - Add ClientSide property to TDropContainer (googlenew at pcforum.hu, Christophe) ENH: Issue#222 - Add Columns property to TInPlaceTextBox (Christophe) CHG: Issue#218 - Change URL of Javascript Logger (Christophe) -BUG: Issue#198 - "Undefined variable: tagName" after error in application configuration. (Christophe) +EHN: Clientside performance (micro)optimization: Declare local javascript variables explicit as local to avoid scope chain lookups (Yves) Version 3.1.6 July 22, 2009 BUG: Issue#98 - Missing file in quickstart demo (Chrisotphe) diff --git a/buildscripts/phing/tasks/PradoVersionTask.php b/buildscripts/phing/tasks/PradoVersionTask.php index 911b68d4..2a76d97c 100644 --- a/buildscripts/phing/tasks/PradoVersionTask.php +++ b/buildscripts/phing/tasks/PradoVersionTask.php @@ -46,7 +46,7 @@ class PradoVersionTask extends PropertyTask else return 'unknown'; $contents=file_get_contents($propFile); - if(preg_match('/\\/repos\\/prado\\/\\!svn\\/ver\\/(\d+)\\//ms',$contents,$matches)>0) + if(preg_match('/\\/svn\\/\\!svn\\/ver\\/(\d+)\\//ms',$contents,$matches)>0) return $matches[1]; else return 'unknown'; diff --git a/framework/Data/SqlMap/Statements/TSimpleDynamicSql.php b/framework/Data/SqlMap/Statements/TSimpleDynamicSql.php index 3e8969ba..5d85ded9 100644 --- a/framework/Data/SqlMap/Statements/TSimpleDynamicSql.php +++ b/framework/Data/SqlMap/Statements/TSimpleDynamicSql.php @@ -32,9 +32,8 @@ class TSimpleDynamicSql extends TStaticSql foreach($this->_mappings as $property)
{
$value = TPropertyAccess::get($parameter, $property);
- $sql = preg_replace('/'.TSimpleDynamicParser::DYNAMIC_TOKEN.'/', $value, $sql, 1);
+ $sql = preg_replace('/'.TSimpleDynamicParser::DYNAMIC_TOKEN.'/', str_replace('$', '\$', $value), $sql, 1);
}
-
return $sql;
}
}
diff --git a/framework/Exceptions/TErrorHandler.php b/framework/Exceptions/TErrorHandler.php index 3b5927d6..4ac312d0 100644 --- a/framework/Exceptions/TErrorHandler.php +++ b/framework/Exceptions/TErrorHandler.php @@ -161,6 +161,7 @@ class TErrorHandler extends TModule $aRpl[$_SERVER['DOCUMENT_ROOT']] = '${DocumentRoot}';
$aRpl[str_replace('/', DIRECTORY_SEPARATOR, $_SERVER['DOCUMENT_ROOT'])] = '${DocumentRoot}';
$aRpl[PRADO_DIR . DIRECTORY_SEPARATOR] = '${PradoFramework}' . DIRECTORY_SEPARATOR;
+ if(isset($aRpl[DIRECTORY_SEPARATOR])) unset($aRpl[DIRECTORY_SEPARATOR]);
$aRpl = array_reverse($aRpl, true);
return str_replace(array_keys($aRpl), $aRpl, $value);
diff --git a/framework/Web/Javascripts/source/prado/activecontrols/ajax3.js b/framework/Web/Javascripts/source/prado/activecontrols/ajax3.js index cf7ae7a2..d9b5bdfa 100644 --- a/framework/Web/Javascripts/source/prado/activecontrols/ajax3.js +++ b/framework/Web/Javascripts/source/prado/activecontrols/ajax3.js @@ -269,7 +269,7 @@ Object.extend(Prado.CallbackRequest, */
onException : function(request,e)
{
- msg = "";
+ var msg = "";
$H(e).each(function(item)
{
msg += item.key+": "+item.value+"\n";
@@ -666,7 +666,7 @@ Prado.CallbackRequest.prototype = Object.extend(Prado.AjaxRequest.prototype, //IE will try to get elements with ID == name as well.
if(element.type && element.name == name)
{
- value = $F(element);
+ var value = $F(element);
if(typeof(value) != "undefined" && value != null)
data[name] = value;
}
@@ -718,7 +718,7 @@ Prado.Callback = function(UniqueID, parameter, onSuccess, options) Object.extend(callback, options || {});
- request = new Prado.CallbackRequest(UniqueID, callback);
+ var request = new Prado.CallbackRequest(UniqueID, callback);
request.dispatch();
return false;
};
diff --git a/framework/Web/Javascripts/source/prado/activecontrols/inlineeditor.js b/framework/Web/Javascripts/source/prado/activecontrols/inlineeditor.js index 4d0facc2..547f09dc 100644 --- a/framework/Web/Javascripts/source/prado/activecontrols/inlineeditor.js +++ b/framework/Web/Javascripts/source/prado/activecontrols/inlineeditor.js @@ -89,8 +89,8 @@ Prado.WebUI.TInPlaceTextBox = Base.extend( {
this.editField.disabled = true;
this.onLoadingText();
- options = new Array('__InlineEditor_loadExternalText__', this.getText());
- request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
+ var options = new Array('__InlineEditor_loadExternalText__', this.getText());
+ var request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
request.setCausesValidation(false);
request.setCallbackParameter(options);
request.ActiveControl.onSuccess = this.onloadExternalTextSuccess.bind(this);
@@ -103,9 +103,9 @@ Prado.WebUI.TInPlaceTextBox = Base.extend( */
createTextBox : function()
{
- cssClass= this.element.className || '';
- inputName = this.options.EventTarget;
- options = {'className' : cssClass, name : inputName, id : this.options.TextBoxID};
+ var cssClass= this.element.className || '';
+ var inputName = this.options.EventTarget;
+ var options = {'className' : cssClass, name : inputName, id : this.options.TextBoxID};
if(this.options.TextMode == 'SingleLine')
{
if(this.options.MaxLength > 0)
@@ -168,7 +168,7 @@ Prado.WebUI.TInPlaceTextBox = Base.extend( onTextBoxBlur : function(e)
{
- text = this.element.innerHTML;
+ var text = this.element.innerHTML;
if(this.options.AutoPostBack && text != this.editField.value)
{
if(this.isEditing)
@@ -202,7 +202,7 @@ Prado.WebUI.TInPlaceTextBox = Base.extend( */
onTextChanged : function(text)
{
- request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
+ var request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
request.setCallbackParameter(text);
request.ActiveControl.onSuccess = this.onTextChangedSuccess.bind(this);
request.ActiveControl.onFailure = this.onTextChangedFailure.bind(this);
diff --git a/framework/Web/Javascripts/source/prado/activefileupload/activefileupload.js b/framework/Web/Javascripts/source/prado/activefileupload/activefileupload.js index de633c77..69c673b8 100755 --- a/framework/Web/Javascripts/source/prado/activefileupload/activefileupload.js +++ b/framework/Web/Javascripts/source/prado/activefileupload/activefileupload.js @@ -60,7 +60,7 @@ Prado.WebUI.TActiveFileUpload = Base.extend( Object.extend(callback, this.options); - request = new Prado.CallbackRequest(this.options.EventTarget, callback); + var request = new Prado.CallbackRequest(this.options.EventTarget, callback); request.dispatch(); } else diff --git a/framework/Web/Javascripts/source/prado/colorpicker/colorpicker.js b/framework/Web/Javascripts/source/prado/colorpicker/colorpicker.js index fd361469..164295cd 100644 --- a/framework/Web/Javascripts/source/prado/colorpicker/colorpicker.js +++ b/framework/Web/Javascripts/source/prado/colorpicker/colorpicker.js @@ -202,7 +202,7 @@ Rico.Color.HSBtoRGB = function(hue, saturation, brightness) { Rico.Color.RGBtoHSB = function(r, g, b) {
var hue;
- var saturaton;
+ var saturation;
var brightness;
var cmax = (r > g) ? r : g;
diff --git a/framework/Web/Javascripts/source/prado/controls/controls.js b/framework/Web/Javascripts/source/prado/controls/controls.js index 463b95a7..14853dca 100644 --- a/framework/Web/Javascripts/source/prado/controls/controls.js +++ b/framework/Web/Javascripts/source/prado/controls/controls.js @@ -82,15 +82,15 @@ Object.extend(Prado.WebUI.TImageButton.prototype, */
addXYInput : function(event,options)
{
- imagePos = this.element.cumulativeOffset();
- clickedPos = [event.clientX, event.clientY];
- x = clickedPos[0]-imagePos[0]+1;
- y = clickedPos[1]-imagePos[1]+1;
+ var imagePos = this.element.cumulativeOffset();
+ var clickedPos = [event.clientX, event.clientY];
+ var x = clickedPos[0]-imagePos[0]+1;
+ var y = clickedPos[1]-imagePos[1]+1;
x = x < 0 ? 0 : x;
y = y < 0 ? 0 : y;
- id = options['EventTarget'];
- x_input = $(id+"_x");
- y_input = $(id+"_y");
+ var id = options['EventTarget'];
+ var x_input = $(id+"_x");
+ var y_input = $(id+"_y");
if(x_input)
{
x_input.value = x;
@@ -118,7 +118,7 @@ Object.extend(Prado.WebUI.TImageButton.prototype, */
removeXYInput : function(event,options)
{
- id = options['EventTarget'];
+ var id = options['EventTarget'];
this.element.parentNode.removeChild($(id+"_x"));
this.element.parentNode.removeChild($(id+"_y"));
}
diff --git a/framework/Web/Javascripts/source/prado/datepicker/datepicker.js b/framework/Web/Javascripts/source/prado/datepicker/datepicker.js index 9236c32e..8105823a 100644 --- a/framework/Web/Javascripts/source/prado/datepicker/datepicker.js +++ b/framework/Web/Javascripts/source/prado/datepicker/datepicker.js @@ -236,11 +236,11 @@ Prado.WebUI.TDatePicker.prototype = tbody = document.createElement("tbody");
table.appendChild(tbody);
- for(week=0; week<6; ++week) {
+ for(var week=0; week<6; ++week) {
tr = document.createElement("tr");
tbody.appendChild(tr);
- for(day=0; day<7; ++day) {
+ for(var day=0; day<7; ++day) {
td = document.createElement("td");
td.className = "calendarDate";
text = document.createTextNode(String.fromCharCode(160));
@@ -702,7 +702,7 @@ Prado.WebUI.TDatePicker.prototype = index++;
}
- for (i = 1; i <= monthLength; i++, index++) {
+ for (var i = 1; i <= monthLength; i++, index++) {
var slot = this.dateSlot[index];
var slotNode = slot.data.parentNode;
slot.value = i;
diff --git a/framework/Web/Javascripts/source/prado/prado.js b/framework/Web/Javascripts/source/prado/prado.js index 9db01b42..d2fc8bdf 100644 --- a/framework/Web/Javascripts/source/prado/prado.js +++ b/framework/Web/Javascripts/source/prado/prado.js @@ -85,6 +85,7 @@ var Prado = elm.rel = "stylesheet";
elm.href = css_file;
+ var headArr;
if (headArr = doc.getElementsByTagName("head"))
headArr[0].appendChild(elm);
diff --git a/framework/Web/Javascripts/source/prado/scriptaculous-adapter.js b/framework/Web/Javascripts/source/prado/scriptaculous-adapter.js index 5ea71364..626f8b5a 100644 --- a/framework/Web/Javascripts/source/prado/scriptaculous-adapter.js +++ b/framework/Web/Javascripts/source/prado/scriptaculous-adapter.js @@ -96,6 +96,7 @@ Base.prototype = { var _protected = ["toString", "valueOf"];
// if we are prototyping then include the constructor
if (Base._prototyping) _protected[2] = "constructor";
+ var name;
for (var i = 0; (name = _protected[i]); i++) {
if (source[name] != _prototype[name]) {
extend.call(this, name, source[name]);
@@ -237,7 +238,7 @@ Prado.Element = var selection = Prado.Element.Selection;
if(typeof(selection[method]) == "function")
{
- control = selection.isSelectable(el) ? [el] : selection.getListElements(element,total);
+ var control = selection.isSelectable(el) ? [el] : selection.getListElements(element,total);
selection[method](control, value);
}
},
@@ -396,7 +397,7 @@ Prado.Element = {
if(boundary)
{
- result = Prado.Element.extractContent(this.transport.responseText, boundary);
+ var result = Prado.Element.extractContent(this.transport.responseText, boundary);
if(result != null)
content = result;
}
@@ -534,7 +535,7 @@ Prado.Element.Selection = $A(el.options).each(function(option)
{
if(typeof(value) == "boolean")
- options.selected = value;
+ option.selected = value;
else if(option.value == value)
option.selected = true;
});
@@ -549,7 +550,7 @@ Prado.Element.Selection = */
selectValues : function(elements, values)
{
- selection = this;
+ var selection = this;
values.each(function(value)
{
selection.selectValue(elements,value);
@@ -625,7 +626,7 @@ Prado.Element.Selection = */
selectIndices : function(elements, indices)
{
- selection = this;
+ var selection = this;
indices.each(function(index)
{
selection.selectIndex(elements,index);
@@ -654,8 +655,9 @@ Prado.Element.Selection = */
getListElements : function(element, total)
{
- elements = new Array();
- for(i = 0; i < total; i++)
+ var elements = new Array();
+ var el;
+ for(var i = 0; i < total; i++)
{
el = $(element+"_c"+i);
if(el)
@@ -693,7 +695,7 @@ Prado.Element.Selection = */
checkValues : function(elements, values)
{
- selection = this;
+ var selection = this;
values.each(function(value)
{
selection.checkValue(elements, value);
@@ -723,7 +725,7 @@ Prado.Element.Selection = */
checkIndices : function(elements, indices)
{
- selection = this;
+ var selection = this;
indices.each(function(index)
{
selection.checkIndex(elements, index);
@@ -1236,7 +1238,7 @@ Object.extend(Date, */
SimpleParse: function(value, format)
{
- val=String(value);
+ var val=String(value);
format=String(format);
if(val.length <= 0) return null;
diff --git a/framework/Web/Javascripts/source/prado/validator/validation3.js b/framework/Web/Javascripts/source/prado/validator/validation3.js index b1bf1a03..e24e8ffd 100644 --- a/framework/Web/Javascripts/source/prado/validator/validation3.js +++ b/framework/Web/Javascripts/source/prado/validator/validation3.js @@ -1113,11 +1113,11 @@ Prado.WebUI.TBaseValidator.prototype = case 'TDatePicker':
if(control.type == "text")
{
- value = this.trim($F(control));
+ var value = this.trim($F(control));
if(this.options.DateFormat)
{
- date = value.toDate(this.options.DateFormat);
+ var date = value.toDate(this.options.DateFormat);
return date == null ? value : date;
}
else
@@ -1154,7 +1154,7 @@ Prado.WebUI.TBaseValidator.prototype = */
getValidationValue : function(control)
{
- value = this.getRawValidationValue(control);
+ var value = this.getRawValidationValue(control);
if(Object.isString(value))
return this.trim(value);
else
@@ -1168,8 +1168,8 @@ Prado.WebUI.TBaseValidator.prototype = */
getRadioButtonGroupValue : function()
{
- name = this.control.name;
- value = "";
+ var name = this.control.name;
+ var value = "";
$A(document.getElementsByName(name)).each(function(el)
{
if(el.checked)
@@ -1242,6 +1242,7 @@ Prado.WebUI.TBaseValidator.prototype = case 'TListBox':
var elements = [];
var element = $(this.options.ControlToValidate);
+ var type;
if(element && (type = element.type.toLowerCase()))
{
if(type == "select-one" || type == "select-multiple")
@@ -1475,7 +1476,7 @@ Prado.WebUI.TCustomValidator = Class.extend(Prado.WebUI.TBaseValidator, var clientFunction = this.options.ClientValidationFunction;
if(typeof(clientFunction) == "string" && clientFunction.length > 0)
{
- validate = clientFunction.toFunction();
+ var validate = clientFunction.toFunction();
return validate(this, value);
}
return true;
@@ -1551,11 +1552,11 @@ Prado.WebUI.TActiveCustomValidator = Class.extend(Prado.WebUI.TBaseValidator, */
evaluateIsValid : function()
{
- value = this.getValidationValue();
+ var value = this.getValidationValue();
if(!this.requestDispatched && (""+value) != (""+this.validatingValue))
{
this.validatingValue = value;
- request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
+ var request = new Prado.CallbackRequest(this.options.EventTarget, this.options);
if(this.options.DateFormat && value instanceof Date) //change date to string with formatting.
value = value.SimpleFormat(this.options.DateFormat);
request.setCallbackParameter(value);
@@ -1848,7 +1849,7 @@ Prado.WebUI.TDataTypeValidator = Class.extend(Prado.WebUI.TBaseValidator, */
evaluateIsValid : function()
{
- value = this.getValidationValue();
+ var value = this.getValidationValue();
if(value.length <= 0)
return true;
return this.convert(this.options.DataType, value) != null;
diff --git a/framework/Xml/TXmlDocument.php b/framework/Xml/TXmlDocument.php index 7d506852..4ea2056e 100644 --- a/framework/Xml/TXmlDocument.php +++ b/framework/Xml/TXmlDocument.php @@ -103,7 +103,7 @@ class TXmlElement extends TComponent */ public function setValue($value) { - $this->_value=$value; + $this->_value=TPropertyValue::ensureString($value); } /** @@ -139,7 +139,7 @@ class TXmlElement extends TComponent */ public function setAttribute($name,$value) { - $this->getAttributes()->add($name,$value); + $this->getAttributes()->add($name,TPropertyValue::ensureString($value)); } /** diff --git a/tests/unit/Data/SqlMap/DynamicParameterTest.php b/tests/unit/Data/SqlMap/DynamicParameterTest.php index ec37f4e0..f9b39b96 100644 --- a/tests/unit/Data/SqlMap/DynamicParameterTest.php +++ b/tests/unit/Data/SqlMap/DynamicParameterTest.php @@ -15,6 +15,9 @@ class DynamicParameterTest extends PHPUnit_Framework_TestCase static $conn;
static $sqlMapManager;
+ if(Prado::getApplication() === null)
+ Prado::setApplication(new TApplication(dirname(__FILE__).'/app'));
+
if($conn === null)
$conn = new TDbConnection('mysql:host=localhost;dbname=prado_system_data_sqlmap', 'prado_unitest', 'prado_system_data_sqlmap_unitest');
@@ -85,6 +88,22 @@ class DynamicParameterTest extends PHPUnit_Framework_TestCase self::assertEquals('staticsql1', $value);
}
+ /**
+ * Issue#209 test
+ */
+ public function testMysqlInlineEscapeParam()
+ {
+ $mapper = $this->getMysqlSqlMapManager();
+ $gateway = $mapper->getSqlmapGateway();
+
+ $value = $gateway->queryForObject('SelectInlineEscapeParam', "'1234567*123$456789$012345' AS foobar");
+ self::assertEquals('1234567*123$456789$012345', $value);
+
+ $value = $gateway->queryForObject('SelectInlineEscapeParam', '"1234567*123$456789$012345" AS foobar');
+ self::assertEquals('1234567*123$456789$012345', $value);
+
+ }
+
}
?>
\ No newline at end of file diff --git a/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml b/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml index 65a91154..29670578 100644 --- a/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml +++ b/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml @@ -1,5 +1,6 @@ <?xml version="1.0" encoding="UTF-8" ?>
<sqlMap namespace="DynamicParameterTestMap">
+
<select id="SelectStaticSql1" resultClass="string">
<![CDATA[
SELECT `teststring` FROM `dynamicparametertest1` WHERE `testname`="staticsql"
@@ -30,4 +31,9 @@ ]]>
</select>
+ <select id="SelectInlineEscapeParam" parameterClass="string" resultClass="string">
+ <![CDATA[
+ SELECT $value$
+ ]]>
+ </select>
</sqlMap>
\ No newline at end of file |