Title: readme.txt Author: frank@reichartonline.de, www.reichartonline.de Description: Release history and notes regarding the PHLEX application framework and the applications based on it. Intermediate releases have not been deployed to the cloud. Last modified: 2024-01-04 ----------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------- [IX] Index (bottom up) - [I] Basic runtime requirements of the housekeeping application - [II] Important usage notes, hints and known issues -- Roles -- Navigation -- Multiple windows -- Cross entries -- Nested windows -- Nested filters -- Attributes -- LDAP synchronization -- Float numbers -- Canonical phone numbers -- SEPA export -- Notation -- References - [III] Resolved bug history - [IV.x] Version / release history (most recent entries above) - [V] Pending bug list [B. encountered] - [VI] TODO list - [VII] Browser compatibility matrix - [VIII] Glossary - [IX] Index ----------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------- [VIII] Glossary DIC Dependency injection container PHLEX Flexible PHP application framework Taxonomy Font size depending on number of matches. The more matches, the larger the size ----------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------- [VII] Browser compatibility matrix (not ranked) The latest application version has been tested with the following browsers observing the depicted limitations (N(ot supported)) Browswer Taxonomy HTML5 HTML5 HTML5 CSS3 DOM Source CSS3 CSS3 Selects Date Required Data List Transitions Attribute Opacity Hyphenation ____________________________________________________________________________________________________________________________________________ Firefox 121.0 Y Y Y Y* Y Y Y Y Chrome 46 (leg.) N Y Y Y** Y Y Y N Konqueror 23.08.4 Y Y Y N Y Y Y N ____________________________________________________________________________________________________________________________________________ Remarks - HTML5 data lists depend on the browser implementation and are not nicely supported by any of the tested browsers. Currently there seems to be no way to influence the style of data lists using CSS. * Firefox still overlays an internal data list over the dynamic one. Longer entries are truncated. ** Chrome only supports listing values starting with the entered string, so the dynamically returned matches may not be matched by Chrome. In order to see them, drop down the list - HTML5 date pickers are always displayed in the browser's language Impact Notes - If CSS3 hyphenation and/ or word break is/ are not perfectly supported, when table data exceeds the respective header column width and the window width does not limit the row's width, the cell width will exceed the respective header column width. - If CSS background images are not supported, only image names are listed (no preview) - If setting DOM source attributes is not supported, floating zoommers will be suppressed Currently the application is best viewed using Firefox. ---------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------- [VI] TODO list - Taxonomy: When a filter is applied, show number of entries per category only for the subset -- status 2019-03-30: taxonomy within select boxes is no longer supported by Firefox Quantum -- status 2020-03-12: has been recovered - Implement boolReuseOnly in class ObjectRelations (currently only defined) - Harmonize initialization of properties: integer = 0, float = 0.0, string = EMPTY (IsEmptyString()), array = NULL (isnull()), bool = TRUE or FALSE, mixed = NULL - Check whether it is reasonable to consolidate strViewTable and strViewDetails - Consider encapsulating GetSetPageLength into ObjectProperties (as the page length is user-specific) - report_lib.php: Consolidate sections for persons and transactions in ObjectTurnoverStatistic::DisplayCategoryStatistic() - Consider replacing multi select box for categories by check boxes (usability) - Supersede view_table.php by view.php (in read only mode, if appropriate) and promote the same to a framework level - An entity may be a business object. Entities are organized as rows of a table => adjust naming (EntityProperties => TableProperties, entities => tables) -- status 2022-04-03: person or transaction are classes of business objects, not generic entities. So business objects are organized (per class) as rows of a table - Split business object class library into application specific parts, or more generally -- Consider having an application-specific class/function library in order to make framework more agnostic - Correctly encode URLs with query strings: Parameter values containing non alphanumeric characters are to be URL encoded, the whole query string has to be HTML encoded. - Consider shifting table and column titles to NLS modules. This way the DB is the only instance where to low level add a new language. Of course, an additional NLS module would still be required (but this is high level) - Consider providing admin UI for essential configuration parameters -- status 2016-11-20: security risk as server needs write permissions to configuration -- status 2021-11-27: YAML or JSON: YAML support not available as package. In contrast to JSON config files, PHP-based config files are not downloadable even without web server access filters, which makes them more secure -- status 2022-11-29: Introduced directory phlex/admin on non-production stages to isolate privileged scripts -- status 2023-06-29: info: PHP 8 introduces native support for JSON - SearchCapabilities::CreateLocalSqlSearchStatement(): Re-design prefilter concept (levels, sources for posted and AJAX values) in order to reduce complexity. If property boolFilter is set to true, dynamic column filters must be handled the same way for both triggers - Data description: Migrate table properties "boolTrackRowOwnerAndEditor" and "boolUseSubViewEditConfig" to entity/ table description - php_lib.php: consider killing the session on stop exceptions - init_db_housekeeping: consider moving user ID variable to DIC - login.php: promote to framework level - Rename libraries to "phlex_...", e.g. phlex_ui_lib.php - Wrap SQL statements into transaction where appropriate -- status 2018-11-11: currently there is no need for that as no (user) data might be corrupted - Although a performance burden, refrain from using shared instances of classes not adequate for shared use (e.g. DatabaseConnector). Use local instances instead -- status 2018-11-26: started using docblock category - Implement use of externalized IP format function - Consider removing entity handling from ObjectRelations as migrated to EntityProperties - Dynamically include columns holding global search hits in views - Consider superseding the special treatment of target columns by the modified handling of dependent elements. Therefore consider using CSS hidden option for general select entries or return 0 (zero) instead of 'null' and harmonize target and other selects. - Assertions: use docblock entry to map assertions to classes or functions - Performance search.php and report.php: in expanded views, limit changes to the element holding the view, not the whole page -- 2021-11-27: pagination done - Consider separating general entities like attributes, persons and institutions to a PHLEX framework database -- status 2023-08-20: for MariaDB, if the databases are located on the same server, two database connections may be used, and within statements, a canonical reference format like - Consider introducing an algorithm to automatically select NLS names as defined in order to supersede single language mode, e.g. mandatory entry for current language, others optional. On selection, first search the NLS name of the current language. If this is not set, search for the next NLS name based on a language ranking - Consider introducing a table holding unique object IDs hiding the internal table structure - Dashboard: consolidate the two "course" diagrams into a single one holding two series and two y-axis - ObjectProperties: try to save properties in their original type, not just stringified -- status 2022-12-21: this is announced with PHP 8.2 (mySQLi) - Relations: concept pairs are "origin/ destination" or "source/ target". Consider refactoring to the latter pair and the acronyms "src/ tgt", e.g. -- "src_eid" and "src_oid" as database columns -- "intSourceEntityId" and "intSourceObjectId" as class properties - Consider maintaining an ID per application that allows to make shared entries like attributes, persons, or institutions restricted to specific applications - Consider ratings just being attributes to specific relation classes - Restrict sensitive reports and entities to admin access only. Where reasonable, limit access to own entries - search.php: link entities to their respective view - dashboard.php: link number of matches or totals to pre-filtered views -- status 2023-10-03: done for yearly statistics - view.php: when passing auto-filter values as query string, on reference columns, consider passing the object ID instead of its name - insert.php: when creating cross entries, suppress the current ID in order to avoid self-referring links - details.php: if shown in a zoomer, disable image links - DataView: insert a delete filter link when category and/or rating filters are active - AJAX Receiver: encapsulate logic per (elaborate) action in order to make file more structured - Reverse logic of displaying exceptions and detailed messages from !production to development - view.php: reset page number only on INSERTs, not on UPDATEs - NLS expressions: migrate to sub array -- status 2023-10-03: started - Rating select box: try to display images (smileys) rather than integers ----------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------- [V] Pending bugs (next index: 154) Naming scheme: [,] Severity classes: A => application unusable, B => frequently used feature broken, C => rarely used feature or outfit broken - [B0002C,2007-12]: When using categories exclusively marked as commercial, SQL errors arise while updating entries using these categories when no (more) company name variable is set in init.php. Only occurs in very rare cases. - [B0003B,2008-03]: When using the category report, the category set is also used within the individual report regardless of a selected category group which leads to an SQL error as both options cannot be selected at the same time. The category ID has to be checked when entering the individual report and deleted when also a category group has been selected. - [B0053C,2014-04]: When filtering transactions using the inbound or outbound transaction link (person or institution), the category filter is not correctly supplied - [B0062C,2015-08]: Preselection offered for entities not supporting this property. Works correctly directly after login. -- status 2015-11-03: for XML exports, preselection of certain classes may be supported. -- status 2023-07-06: not reproducible in version 47 - [B0093C,2016-11]: XML import does not update temporary tables after INSERT(s) -- status 2023-07-06: XML imports have been superseded by SQL REPLACE imports - [B0095C,2017-04]: Linking an (additional) attachment to a transaction and at the same time delete all its cross entries, the cross entries remain. Just deleting the cross entries works. - [B0108C,2018-11]: Export transfers: person selected is set back to the one used in persons report => decouple - [B0129B,2021-08]: insert.php on recycling institution entry (fields are not pre-populated): exception #10031 => intChangedRowId => 0 (integer) in ToggleTableUpdateStatus - [B0145B,2022-07]: Trash: transaction used as template, but on persisting not recovered (UPDATE), but copied (INSERT) ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.49] Release 2024-01-06 (Reyes Magos) Corrections (on the fly, if w/o index) - [B0152B,2023-09] - [B0153B,2023-10] - DisplayDataView: -- recovered long scrolling -- recovered search hit marker -- corrected evaluation of write permission -- corrected number of decimals of psge count -- corrected application permission check - DisplayGlobalSearchField(): only set background color if search expression is not empty - RecordPersister: on UPDATE, accept mandatory fields not set - init_cgi.php: removed redundant JavaScript closure definitions - Housekeeping -- search.php: removed link from search/ view/ insert/ details/ report headers -- dashboard.php: corrected anchor name of performance division -- ListRelations(): added permission check to avoid impact message on missing permission to view relation type details (no permissions -> no zoomer or link) -- QuickBar: removed redundant quotes as well as redundant draggable attributes -- view.php: header: removed redundant link terminators -- persist.php: recovered saving members -- details,php --- replaced paragraph in header by CSS pseudo class --- removed stray tags Changes - DisplayDataView -- changed max length of local filter expressions to 32 characters -- changed name to DataView - overlay_lib.js: reduced transparency of zoomer from 10% to 5% in order to improve readability - calendar.php -- DRYed code -- supports strict CSP - PHLEX.General.Log(): now uses genuine console message severity - Housekeepimg -- details.php --- replaced magnifier on file links by tooltip --- added tooltip to checkboxes --- supports strict CSP --- disabled link to enlarge image in zoomed mode Added features - phlex_lib.php -- ComputeAge(): date of death considered, if set - ui_lib.php -- DataView::DisplayEntries(): age preceded by latin cross, if date of death has been set -- UserInterfaceWidgets: added read only mode (currently used by ratings) - init_cgi.php, generate_event_handlers.php: added token to insert a check on the existence of the element - ajax_lib.js -- PHLEX.Ajax.JsonUpdateElements(): added support to show busy spinner while waiting on response ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.48] Release 2023-10-03 Corrections (on the fly, if w/o index) - [B0144B,2022-06] - [B0146B,2022-08] - [B0150C,2023-07] - [B0151B,2023-08] - EntityProperties: corrected caching bug leading to just a single use of cached content. This correction notably increases performance! - UserInterfaceWidgets: corrected SQL images - PHLEX.General.Date.GetIsoDate(): corrected consideration of local time zone (toISOString() ignores the same) - CSS: sliding messages: corrected vertical alignment of text by using Flexbox - Fraduler 7 -- Corrected compatibility issues with PHP 8.1 and 8.2 -- availability.php: added missing handling of empty selection -- insert.php: corrected --- suppression of hidden columns, which is now the default --- ID of length indicator element of event name - Housekeeping -- dashboard.php: corrected UTF-8 handling of special characters in chart headers -- view.php --- corrected adjustment of columns of calculated fields if entailing field is empty --- corrected caching of current page number per view --- insert.php: corrected intLastOpenedId being 0 when recycling an entry Changes - Removed NLS support from institutions table to make lookup tables language-agnostic - User Interface Widget classes now wrapped in an enumeration - (This) readme.txt file -- moved to PHLEX directory -- per section, introduced sub section per affected application, if appropriate - Code is now fully compatibility (E_DEPRECATED as well as E_STRICT) to PHP 8.2 -- Converted class ObjectSerialization to trait, superseding interface iSerialize by magic methods __serialize() and __unserialize() (defined, but not used) -- Annotated class RowObject to allow dynamic properties, as this is its nature -- Strict typing of function parameters that have been deprecated when loosely typed -- utf8_decode() superseded by mb_convert_encoding() - Recovered self-reflection in production stage, as required for serialization - SearchCapabilities: reworked and simplified handling of sort and order - Complex filter expressions: introduced regular expression matching complex filter operators - DisplayStandardFooter(): superseded warning image by UTF8 symbol - Housekeeping -- Category select box now only shows entries with at least one hit -- details.php --- Moved currency code from column title to field value --- Boolean values are now displayed as check-boxes, which are more intuitive --- Reduced size of date format indicator -- dashboard.php: superseded event listener cache file by inline script - JavaScript libraries: started to migrate to (ES6) block scope keywords "const" and "let", respectively - CSS -- Sliding messages: sliding changed from stretching to moving to avoid flickering text -- Confirmation boxes: redesigned with color-coded buttons Added features - Amounts: added support of locale decimal numbers (defined per language) - phlex_lib.php -- Introduced GetNlsLiteral() to encapsulate context to language modules -- DIC: added handling of page and page section constant definition script enabling dynamic use of any PHP string variable as a JavaScript sting constant definition - Data description -- Added framework data types derived from standard attributes, like bool, role, or attachment types -- Per framework data type, added a shortcut to an array of values. which leans the data description -- EnvironmentConnector: added getter to framework data type - ui_lib.php -- DisplayViewResult: on entering an invalid filter character, a sliding warning message is displayed - Housekeeping -- Transactions: added column to hold shipping cost (currently not used for calculations) -- Persons: added column to hold date of death -- details.php: export status can now be reset to repeat to re-export ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.47] Release 2023-06-11 Corrections (on the fly, if w/o index) - [B0095C,2017-04] - [B0137C,2022-04] - [B0138B,2022-05] - [B0139C,2022-05] - [B0140B,2022-05] - [B0141B,2022-06] - [B0142C,2022-06] - [B0143B,2022-06] - [B0148C,2023-03] - [B0149C,2023-06] - DisplayCategoryStatistic(): corrected creation of SMTP distribution list - BaseTemplateClasse::DisplayImpactMessage(): corrected outputting originator on direct call - DimPage(): size curtain to body, if larger than page - CSS: .center_window_fixed keeps elements in the center of the window even on scrolling - Content Security Policy: avoid script-src 'self' if 'strict-dynamic' is used, else browsers might annoy with the incompatible settings - GenerateZoomableDetailsLink(): extensions of image files are now considered case-insensitive Changes - Use of PHP 8.1 enumerations for positive lists -> minimum requirement - Further use of typed class properties (introduced in PHP 7.4) - Changed the term "realm" to the term "domain" - OutputBarChart(): rotated year by 90 degrees - details.php -- in zoomed or nested mode, removed possibility to navigate away from the page -- limited the number of chained tabs to just a single one - dokuwiki_lib.php: as php-xmlrpc is no longer included in PHP 8, replaced the dependency by directly using cURL and SimpleXML - export_transfers.php: removed legacy DTAUS attribute from export subset and commented processing code - CSP (2) nonce: first pages now work with strict target policy - Quickbar -- due to responsive behavior restricted to two modes: "lang"(uage) for login, and "all" within the application -- zoom of current user limited to link rather than to division -- BusyPage() now set on on (most) link elements rather than the surrounding divisions, which avoids mis-clicking - export_transfers.php: pending transfers now shown as zoomable links Added features - Dashboard -- TableTurnoverSummary::GenerateCourseResultTable(): year entries now link to a filtered view (drill-down) -- performance statistic: host name now links to a filtered view - phlex_lib.php -- Trait ClassProperties: added method GetClassDescription(), which enables outputting an optional description to (especially rather complicated) classes -- BaseTemplateClass --- added setter to protected verification impact and property visibility --- added unsigned type constraint (initialization values 0 and 0.0 are considered invalid) --- added ID type constraint (unsigned integer, initialization value 0 is considered invalid). Also available as procedural function VerifyId() --- added not_empty type constraint -- DIC --- added support of CSP 2 nonce generated per request --- added methods to generate inline nonce-trusted JavaScript event listeners (alternative to dedicated script file) - view.php: for standing orders, the amount paid or received has been added to the totals section - business_objects_lib.php -- ObjectProperties --- added method GetExportableEntities() --- added method AssertExportableEntity() --- added method ResetExportStatus() to re-schedule a transfer - Added column "css" to attributes intended to hold CSS classes to design the output - Added CLI admin script to generate frequently used JavaScript variables and thus defining a single source of truth - Added CLI admin script to generate JavaScript definitions of shortcuts - details.php -- added link to reset export status of own entries on confirmation (boxes have been re-designed to indicate preferred/ safe option (green)) -- added table calculating cross entries against amount - export_transfers.php: non-exportable transfers are now zoomable ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.46] Release 2022-04-05 Corrections (on the fly, if w/o index) - [B0112C,2018-12] - [B0135C,2022-03] - [B0136C,2022-03] - phlex_lib.php -- IsHttpsConnection(): corrected server variable and casing -- ClassInformation: corrected uncaught exception on missing property value - details.php -- corrected navigation to first record -- corrected browse link in header - expressions_nls_.php -- made calendar icon undraggable - phlex_version.php -- corrected header and minimum PHP version - ui_lib.php -- CliDatabaseBrowser --- reset page number on changing page length --- limit maximum page length -- DisplayDataView --- DisplayCategorySelectBox(): corrected syntax of CSS classes --- DisplayMarkedPreselectionActionBox(): removed incomplete option - js_lib.js -- CheckMaxInputLength(): remove mandatory class is string length is 0 Changes - expressions_nls_.php: "Entry" refactored to "Record" - js_lib.js: superseded direct use of eval(), as it is very evil and slow - CSP: hardened to style-src 'self', non-listed pages also to script-src 'self', which requires loading event listeners and handlers from self -- (phlex_)event_handlers.js: added in order to move inline event handlers to trusted source (done on a per page basis) --- requires meticulous use of element IDs, but then dramatically eases management and power of event handlers - db_lib.php -- SearchCapabilities::SetLocalSearchSqlLimitParameters(): moved passing current page number (intCurrentPage) to callers - php_lib.php -- EnvironmentConnector: encapsulated getter (GetCurrentContext()) and setter (SetCurrentContext()) of current context - ui_lib.php -- UserInterfaceWidgets: added widget class (now enum) "footer" to output a standard footer considering the configuration of the respective application Added features - dashboard.php -- added audit table statistic -- added relation class statistic - expressions_nls_.php: added exception 10075 on use of feature not supported by an application - phlex_lib.php -- InsertGeneralHttpHeader(): introduced positive lists of pages to control (CSP) permission to use inline Javascript and the use of eval() respectively. Pages to be migrated one-by-one and deleted from the respective list. - ui_lib.php -- DisplayDataView: introduced support of long paging ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.45] Release 2021-12-29 Fraduler release 5 (2021-11-13) Corrections (on the fly, if w/o index) - [B0134C,2021-12] - [B0132B,2011-11] - [B0131B,2021-11] - [B0133B,2021-11] - DokuWiki::SendDokuWikiRequest(): correctly encode text snippets as UTF-8 - ObjectProperties::LogOnUser(): force replacement of session ID once authenticated - InsertGeneralHttpHeader(): added Content-Security-Policy - NLS modules: fixed missing whitespace in calendar call - details.php: corrected load order of Javascript libraries ("WindowResizeActions() undefined") - report_lib.php: DisplayForObjectTurnoverStatisticList(): pass object IDs as integer Changes - General language module: added variable to open read only calendar - Fraduler: all pages use standard PHLEX titles and headers - js_bib.js -- PHLEX.General.CheckMaxInputLength(): changed to indicate length in bytes instead of characters to reliably match the real length of a column (UTF16 vs. UTF8MB4) -- PHLEX.Ajax.View.Expand and .Collapse: reworked to digest a frontend and a backend JSON object processed by the central AJAX receiver - footer.php: removed clock widget as it (setTimeout()) conflicts with the content security policy - report_lib.php -- TableStatistics: removed link to outdated view_table.php - search.php -- local search filters are now limited to the table they have been applied to, not to each table that contains the filtered column - ui_lib.php -- DisplayDataView::DisplayFilterRow(): max length of filter expression now limited to intMaxLengthFilterField Added features - dokuwiki_lib.php -- now supports authenticated API requests based on credentials set in init.php. Use only in conjunction with an encrypted connection! - db_lib.php -- SearchCapabilities::GetEffectiveColumns: now evaluates column comments (for applications that do not use a data description) and allows to hide particular columns whose comment contains a configurable string - phlex_lib.php -- DIC --- added array holding secure cookie parameters to be used on session_start() --- added checker IsHttpsConnection(), which also enhances the array of secure cookie parameters - js_lib.js -- Introduced debug level and respective logging function PHLEX.General.Debug.Log(). See note on reloading updated Javascript libraries in chapter II ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.44] Release 2021-11-01 Corrections (on the fly, if w/o index) - [B0130B,2021-08] - [B0128B,2021-05] - [B0127C,2020-11] - [B0126B,2020-10] - [B0125B,2020-04] - calculator.php: fixed width of input field - report_lib.php -- ObjectTurnoverStatistic: graph icon suppressed if no entries to display -- DatePeriodSelection: fixed SQL syntax when just end date of period set - business_objects.php -- ObjectProperties::GetUserViewColumns(): fixed improper handling of existing user column definition, but empty column set -- ObjectRelations::CountObjectsCategoryGroupIsAssigned(): trashed objects are now excluded from the count - export_transfers.php: fixed legacy property names - details.php -- fixed exception on standing order spendings -- fixed first index on entities with no reusable entries - db_lib.php -- SearchCapabilities::EntitySearch(): recovered workaround for MySQL bug "illegal mix of collations" - search.php: missing QuickBar mode if last known URL - ui_lib.php -- DisplayDataView::DisplayCategorySelectBox(): set background of categories to 1st child level (like in view select) -- UserInterfaceControls::DisplayViewSelectBox() --- fixed showing company views when no company is set --- fixed image links only working from within the application -- DisplayDataView::DisplayFilterRow(): corrected height of local filter input fields containing values -- CliDatabaseBrowswer: corrected display of sort order - insert.php: invalid access to value array on nested calls - expressions_nls_en.php: corrected string "processing time" - dokuwiki_lib.php: recovered use of XML-RPC API by switchung to PHP XML-RPC client (tested with DokuWiki release "hogfather") Changes - Compatible with PHP 7.4 - logout.php: now includes login page and does no longer redirect to it - General: disabled output buffering to locate premature header output - phlex_lib.php -- DIC::StartOrRecoverWebSession(): enable all notifications on development instances -- SelfReflector: no more serialization of reflected properties - Global saerch field: niced with rounded corners to make it visually more distnct from local search fields - Submit buttons niced with rounded corners - overlay_lib.js: uncovered drop actions now generate a sliding message instead of a modal Javascript confirmation box - Relations -- introduced convention "is/ has" characterizing the bounds -- added table "relclasses" uniquely defining relation classes and their directions based on the new convention -- added column "sourcetotarget" to table "reltypes" in order to define the default direction and a corresponding getter ObjectRelations::IsRelationTypeDirectionSourceToTarget() -- changed category group "membership" (reserved to humans) to category "assignment". Note that this change requires an adjustement of the existing assignments, so it´s not directly compatible with previous versions of the database -- reversed bounds of "subscriber" relations to meet convention. Note that this change requires an adjustement of the existing assignments, so it´s not directly compatible with previous versions of the database -- deleted sub view "categories to group" as superseded by standard UI control using business objects library - business_objects_lib.php -- added method GetLeafMemberships() - insert.php -- unique violations now generate a sliding message instead of a modal Javascript confirmation box -- category groups: configure categories -- on reusing entries, the reuse attribute is marked as blue (like the reuse message) - ui_lib.php -- RelationList::ListRelations() is now multimodal and supports structured display of all inbound or outbound relations of a leaf object -- UserInterfaceControls::DisplayImagePreview(): moved image previewer from details.php (application) to here (framework) Added features - details.php -- displays all outbound and inbound relations in a dedicated (inline breaking) section - edit_lib.php -- selection tooltip on multi select inputs - dokuwiki_lib.php -- added support of remote DokuWiki instances -- added empty snippet indicator starting at 15th entry - business_objeccts_lib.php -- ObjectRelations: added methods GetObjectRelationTargets() and GetObjectRelationSources() in order to retrieve a list of all inbound or outbound relations of an object ordered by relation type and entity -- ObjectProperties::GetObjectName(): names of trashed objects are now suffixed by a respective hint - ui_lib.php -- RelationList: added method DisplayTableRowOfRelations() that shifts the application-specific display of relations to the framework. Long lists are split into (configurable) chunks that are added on clicking them -- UserInterfaceControls::DisplayImagePreview(): zooms image when clicking on it, but pops up floating zoomer on image name - phlex_lib.php -- BaseTemplateClass: added method DisplayBacktrace() ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.43] Release 2020-03-25 Corrections (on the fly, if w/o index) - [B0042B,2013-04] - [B0047C,2013-08] - [B0122C,2020-01] - [B0123B,2020-01] - [B0124B,2020-02] - dashboard.php: fixed unclosed link on performance chart - calendar.php: fixed format of first week of month - ObjectRelations::GetLeafRelations(): fixed not setting WHERE and filter clause properties when SQL statement is chosen to not being executed - db_lib.php::CreateSqlRatingWhereClause(): fixed access to protected property - report.php: fixed outdated table title property - details.php: fixed unset QuickBar mode when last known URL Changes - ui_lib.php -- QuickBar control: migrated to general ajax_receiver.php -- DisplayDataView::DisplayCategorySelect(): integrated category groups into select element - report_lib.php -- ObjectTurnoverStatistic --- GetTurnoverChartData(): now supports a combination of a category group and an array of individual categories --- DisplayCategoryStatistic(): replaced error messages by exceptions --- GetBarChart(): added for generalization purposes - business_objects_lib.php -- ObjectRelations:GetLeafRelations(): separated methods to generate and to execute the SQL statement -- ObjectRelations:GetEntityRelations(): separated methods to generate and to execute the SQL statement - phlex_lib.php -- BaseTemplateClass: recovered magic __set() method in order to check names of public properties on development stage as implicit declarations are permitted -- EnvironmentConnector: type safety of set values is now switchable - bar_chart.php: now makes complete use of ObjectTurnoverStatistic::GetTurnoverChartData() and ::GetBarChart() which is why it also aggregates date periods - readme.txt: updated some aspects in chapter II Added features - db_lib.php: added function DisplaySqlStatement() in order to replace repeated code to debug output SQL statements if not on production - report_lib.php -- graphs are now opened in different windows, which eases comparing the same -- empty months or days are now aggragated to a single entry on the x axis in order to reduce image width - phlex_lib.php -- DIC: added tenant support on an application level. Per application instance, a tenant ID may be configured in its init.php file. Within an affected application instance, the tenant ID is resolved to the name of the tenant and automatically and transparently stored on inserts - view.php: category groups are now seemlessly integrated into the category select box showing tooltips resolving the respective categories they cluster. The category multi select box in the category report intentionally does not support that feature as it resolves any set of categories - details.php: now resolves categories assigned to a category group ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.42] Release 2020-01-06 Corrections (on the if w/o bug number) - [B0121B,2019-12] - insert.php: recovered date shoortcuts in edit and copy mode - ui_lib.php -- UserInterfaceWidgets::AddOrEditRating(): security: added CSRF token to rating form - phlex.css -- Table header sub classes: fixed z-index for stickiness - dashboard.php -- Fixed date format scheme of resolution by day -- Fixed date format scheme of resolution by week Changes - phlex_lib.php -- DIC: moved application query string from configuration to a getable protected property, so it is instantly available once the library has been loaded - ajax_manage_rating.php: migrated to newly introduced general ajax_receiver.php - ajax_refresh_ui_widget.php: migrated to newly introduced general ajax_receiver.php - home.php -- Performance: administration section only loaded on demand -- Admin section: if DokuWiki support is enabled, the title and version of the linked instance is shown -- User section: removed frame to harmonize with design of widgets - ajax_lib.js -- PHLEX.Ajax.Widget.Refresh(): generalized to PHLEX.Ajax.Element.Refresh() that serves as a central requester to ajax_receiver.php. The individual caller functions will be migrated to this one -- PHLEX.Ajax.View.Expand(): initializes element with busy animator -- Deleted general variables already defined in js_lib.js - js_lib.js -- PHLEX.Element.Expand(): initializes element with busy animator New features - ajax_receiver.php: introduced as central receiver of AJAX requests. Proccesses encoded JSON objects. Individual AJAX receiver scripts will be migrated to this one and the respective JavaScript request functions will be deleted (for the status see chapter changes) - dashboard.php: inline refresh of performance chart per aggregation period - ajax_lib.php: added class AjaxJsonMessage handling standardized encoded JSON objects - dokuwiki_lic.php: added to connect to DokuWiki installed on the same server by using its XML-RPC client - search.php -- Added anonymous search in DokuWiki --- PHLEX search operators are converted to DokuWiki syntax --- DokuWiki hit markers are converted to PHLEX global hit markers --- Clicking on a hit opens the DokuWiki page in a new tab and marks the search hit(s) ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.41] Release 2019-12-08 Corrections (on the fly if w/o bug number) - [B0048C,2013-09] - [B0098C,2017-12] - [B0111C,2018-12] - [B0116C,2019-04] - [B0117C,2019-04] - [B0118B,2019-09] - [B0119B,2019-11] - [B0120B,2019-11] - phlex_lib.php -- BaseTemplateClass --- Security: DumpArray(): fixed XSS vulnerability in debug messages -- XssSanitizeString(): fixed &NewLine entities not interpreted by Firefox (and potentially other browsers) - report_lib.php -- TableStatistics(): fixed link to view - ui_lib.php -- DisplayDataView --- DisplayFunctionalLinks(): fixed invalid HTML attributes --- DisplayFunctionSelectBox(): fixed outdated column names - edit_lib.php -- Security: UserInterfaceTextInput: fixed XSS vulnerability - db_lib.php -- Fixed update of dependent look-up tables on changes -- SearchCapabilities::MarkHits(): fix missing search matches on certain special characters - edit_lib.php -- Security: DisplaySelectBox: fixed potential XSS vulnerability - Security: ajax_entry_selector.php: fixed potential XSS vulnerability - business_objects_lib.php -- ObjectRating::InsertRating(): fixed double call to persist object. The second call found empty values and thus output errors - details.php -- Fixed navigation not displayed for tables not supporting reusable entries -- Recovered broken entry point from view_table.php in conjunction with a privilege check - cli_send_reminders.php -- Fixed several calls to outdated methods - home.php -- When first clicking on the user details after login a reasonable context is set for details.php - smoke_test_suite.php: updated to all assertions Changes - General -- The use of coercive type declarations breaks the compatibility with PHP 5 - db_lib.php -- DatabaseConnector --- Externalized required database (platform) specific function calls to init_db_access_.php -- EntityProperties --- Properties not changing at runtime are now cached even in DB mode -- SearchCapabilities --- MarkHits() ---- moved replacement of UTF-8 newline characters to HTML 5 ones from XSS sanitizer to here ---- superseded regular expression by nl2br() ---- removed workaround to MySQL illegal collation bug, as meanwhile the same has been fixed -- AuditLogger: refactored to native properties -- RecordNavigation: refactored to native properties => finished db_lib.php - business_objects_lib.php -- ObjectProperties --- Deleted GetLookupTable() -- ObjectRelations: refactored to native properties -- ObjectProperties: refactored to native properties -- ObjectAssignments: refactored to native properties and camel-cased variable names. Deleted variables no loner used => finished business_objects_ib.php -- GetObjectName(): reduced to a stub of ObjectProperties::GetObjectName() - ui_lib.php -- AssignmentList: refactored to native properties -- UserInterfaceControls: refactored to native properties => finished ui_lib.php -- Pre-selection menu: split to manage entries selected on a page and the whole selection -- Sticky table headers: Javascript implementation superseded by much simpler CSS sticky position. Filter fields are no longer fixed -- ObjectTurnoverStatistic: refactored to native properties - login.php -- Unsuccessful login message promoted from informational to warning - phlex.css -- Changed default font from Helevetica to Arial, as leaner -- Inserted 5 pixels margin to bottom of header - phlex_lib.php -- EnvironmentConnector: refactored to native properties -- BaseTemplateClass: removed magic method override __call() as covered by IDE -- ChechReminder: refactored to native properties -- CheckBirthday: refactored to native properties -- UrlManipulation: refactored to native properties -- SessionVariables: refactored to native properties -- ArrayManipulation: refactored to native properties -- CompareDataTypesCore: refactored to native properties -- ConfigurationFileEditor: refactored to native properties -- DateArithmetics: refactored to native properties => finished phlex_lib.php -- BasTemplateClass::VerifyProperty() --- Restricted to non-production stages, as self-reflector is a heavy performance burden on mainly used for internal (inter-class) checks --- User input is checked directly on reeaching the server via get or put parameters - report_lib.php -- TableTurnoverSummary: refactored to native properties -- DatePeriodSelection: refactored to native properties => finished report_lib.php - xml_lib.php: refactored to native properties - sepa_lib.php: refactored to native properties - assertions_lib.php: refactored to native properties - edit_lib.php: refacored to native properties - Database scheme -- Streets may now be up to 48 (utf8) characters long (added hint on special characters occupying 2+ bytes to insert.php) - bar_chart.php -- Changed to direct image mode (no more file) Added features - db_lib.php -- EntityProperties: added getter per column attribute -- New class TriggeredTableUpdate to handle dependent updates - phlex.css -- Added division for sliding messages to supersede centered modal message boxes. Sliding messages are piled bottom-up in order to hold a history per page - phlex_lib.php -- VisualizeNonPrintableValue(): added support for objects - home.php -- Widgets are now dimmed during refresh - dashboard.php -- Added performance chart of the current host -- Summary tables: added links to individual object statistics - bar_chart.php -- Chart width auto-scales based on the number of months to display ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.40] Release 2019-03-30 Corrections (on the fly if w/o bug number) - [B0113B,2019-01] - [B0114B,2019-03] - [B0115B,2019-03] - db_lib.php -- ExecuteRequest(): fixed passing prepared parameeters as values rather than references -- SearchCapabilities: fixed broken SQL statement when combining a rating filter with other filter clauses - details.php -- Fixed unhandled non-existing search context - view.php -- Fixed category type mismatch on paginating through entries filtered by category (ID) passed via GET parameter (e.g. from category cloud) - report_lib.php -- Fixed mistyped method name -- Fixed invalid HTML output formats - report.lib -- Fixed legacy name output format -- Fixed broken call to legaccy date setter - export_objects.php: recovered and split into caller part and procedural part in order to make it independent from applications Changes - phlex_lib.php -- XssSanitiizeString(): Reworked to a whitelist approach: first transcode untrusted data to HTML entities, then transcode back the ones whitelisted -- BaseTemplateClass --- Reworked magic methods __get and __set in order to support native properties and to throw proper exceptions --- Added trait SelfReflection in order to cache reflected information as invocation of magic methods is known to be very slow --- Refactored property arrays to native properties as less error prone -- FileLogger: refactored to native properties -- DisplayDebugMessage(): Sanitize web output - db_lib.php -- DatabaseConnector --- Made ExecuteRequest() private, so the only facade is RequestDatabase() --- Actively set character set of connection to utf8mb4 --- Refactored to native properties -- EntityProperties --- Refactored to native properties --- Added setter methods for entity / table ID and name. On setting either, the respective other one is deleted in order to define preference -- SqlEscapeMaliciousCharacters() --- Use whitelist of characters to be escaped as defined in init_general.php. This allows to use any UTF-8 character as SQL data -- LookupTable: refactored to native properties -- SearchCapabilities --- Refactored to native properties --- Self-sanitizaion: first encode HTML entities of search text as well as search phrase, then find matches. This ensures proper distinction of trusted and untrusted data (insert trusted formatting into untrusted data). As well, it enables the use of any UTF-8 character as part of a search phrase. As a second effect, it resolves the issue of using quotes (single as well as double) within form fields -- RecordPersistor --- Refactored to native properties --- Improved management of values in data description - business_objects_lib.php -- ObjectRatings --- Refactored to native properties --- Uses RecordPersister (prepared statement) - ui_lib.php -- UserInterfaceWidgets --- Refactored to native properties -- DragAndDrop --- Refactored to native properties -- DisplayDataView --- Refactored to native properties -- Recovered CLI DB browser - xml_lib.php -- XmlExport --- Refactored to native properties --- Replaced local column arrays by global ones - view.php: recovered global search field Added features - view.php -- Added icon legend for table and view - phlex_lib.php -- BaseTemplateClass: added method CheckCallingMethod() throwing exception when caller is not whitelisted -- Added function InNestedArray() recursively searching multi-dimensional arrays ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.39] Release 2018-12-01 Corrections (on the fly if w/o bug number) - [B0107B,2018-10] - [B0109B,2018-11) - [B0110B,2018-11] - AppendAdvancedSqlFilter(): fixed return value (empty array) on empty search string - ajax_lib.js -- GetEntries(): fixed type error when initial search string is shorter than minimun length -- PHLEX.Ajax.Select.Update(): fixed missing initialization of empty arguments - ajax_manage_rating.php -- Fixed double escaping of special characters - insert.php -- Fixed incomplete validation of object ID passed => added exception - persist.php -- Fixed outdated environment context of buffered subscribers - persons table: deleted country ID column definition which belongs to cities - Editorial: where possible by the dictionary, corrected English capitalization - ajax_entry_selector.php: fixed passing standard view when specific view was used - php_lib.php -- ObjectInformation: fixed consideration of inherited methods when computing since and version dates of a class - details.php -- Fixed missing marking search hits in relations types -- Fixed missing number format for write-offs Changes - Supports PHP 7 (as PHP 5.6 reaches end of support end of 2018) -- Affects resolution of method calls based on environment values (for background see http://php.net/manual/en/migration70.incompatible.php chapter on indirect variables, properties and methods) - db_lib.php -- Recognition of DB character set in order to automatically adjust field lengths. Removed switch boolAdjustFieldLengthToUtf8 from init_db_basic.php -- Suppressed reference warning on digesting prepared parameters as a direct reference doesn´t seem feasible due to multiple abstraction layers -- DRY: consolidated code logging into a database to a single method -- Completely reworked handling of look-up (formerly known as "temporary") tables introducing new class LookupTable hevily optimizing the use of look-up tables --- On inserts and updates, only the affected row of the respective look-up table is inserted or updated --- On switching languages, only the minimum changes required are performed to update frequently used views. Rarely used views are updated on open -- Refactored procedural "GetEntity*" wrappers to "GetCachedEntity*" -- Removed legacy code - js_lib.js -- Reworked clock in order to display ISO date format - Refactored "arrDBEnv" to "arrDatabaseEnvironment" and moved "boolShowSql" into this context - Removed legacy CSV export - insert.php -- Performance: removed legacy code -- Performance: introduced alternative image selector which does not load all images upfront, but loads previews on demand (hover) - init_general.php -- Promoted named attribute variables from application to framework level - Database -- Migrated database to utf8mb4 allowing to store full character set (including multibyte characters) -- Harmonized index names by using prefixes "i" for index and "u" for unique -- Performance: analyzed critical statements and tuned indexes respectively -- Performance: standardized engine for all tables to InnoDB - phlex_lib.php -- DisplayPropertyValues(): added property type hints - view.php -- Header: now indicates table and view using the icons from the Quickbar ("inherent legend") - UserInterfaceWidgets -- DisplayRating(): rating comments are now included in global searches and matches are marked Added features - Introduced table, view and function to store and analyze performance data - Due to the remodeled handling of look-up tables target columns are now merged to complete "parties", which halfs their number (and subsequently JOINs). -- This makes searching more comfortable and improves performance on paginating. -- As well, it makes the respective views leaner so they should fit into most smartphone resolutions - EntityProperties: added properties for object owner capability (boolean), look-up table (string) and sub views (array) ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.38] Release 2018-10-05 Corrections (on the fly if w/o bug number) - persist.php -- Replaced requires by redirects in order to avoid setting last known URL to unwanted value. This fixes erraneous pages on logon -- Completed missing SQL sanitization on updates -- Explicitly set creationdate and lastupdate timestamps for any statement as MySQL does no longer allow both to be set automatically - [B0103B,2018-02] - insert.php -- Fixed orphaned relations and values after editing or copying an entry without saving the same and subsequently inserting a new one -- [B0097B,2017-05] (re-fixed edit mode) - bar_chart.php -- Fixed legacy reference to base library - phlex_lib.php -- BaseTemplateClass: fixed property type check to integer - business_objects.lib -- Trash handling: added missing update of table properties on trashing or recovering an entry - search.php -- Fixed exception when searching ratings - details.php -- Fixed table name in header on nested calls - [B0104B,2018-10] - [B0099B,2017-12] Changes - ajax_entry_selector.php -- Attachment selector uses prepared statement -- Cross entry selector uses prepared statement - db_lib.php -- Performance: reuse COUNT total rows for active rows count if the table does not support reusable entries - phex_lib.php -- Reworked SQL sanitization to allow the use of all special characters - details.php -- banks: display BIC instead of sort code - init_db_basic.php -- Introduced boolean parameter boolAdjustFieldLengthToUtf8 in order to control adjustment of calculated field lengths to UTF8 (per DB instance) - persist.php -- Changed redirects to Javascript method as ISP web server ISAPI no longer supports setting headers Added features - dashboard.php: Course diagram resolving transactions per year - js_bib.js -- Max length check now supports mandatory inputs - details.php -- Added rated comments on an object level - phlex_lib.php -- Added HTTP Strict Transport Security (HSTS) ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.37] Release 2018-01-31 Corrections (on the fly if w/o bug number) - Fixed exception on switching language when in sub views - QuickBar: fixed incorrect style of tabs that are no longer active - DateArithmetics: fixed return value of -1 - [B0100A,2017-12] - insert.php -- Fixed visibility of dependent export column on load - ajax_lib.js -- Fixed remaining display of entry selector if length of input string less than minimum length, but greater than 0 - [B0101B,2018-01] - [B0102C,2018-01] - business_objects_lib.php -- Fixed persisting user language if explicitly selected Changes - init_general.php -- Externalized array of non-editable column names to be used by class RecordPersister - business_objects_lib.php -- Reworked saving referer to reliably return to last visited URL (now stored in user profile) on session timeout - php_lib.php -- Renamed to phlex_lib.php -- Protocol header no longer set as config parameter, but dynamically read from server array -- DumpArray(): no longer exits when reaching the maximum number of recursions, but adds a hint to the dump and returns - search.php -- Replaced focus script by HTML5 autofocus attribute - db_lib.php -- SearchCapabilities: single column mode now supports lookup of category NLS names (including IDs) - insert.php -- Performance: attachment and cross entry multiple selects no longer load all entries, but only the selected ones. Entries are added using an entry selector Added features - login.php -- Separated input of user ID and password -- Set autocomplete off ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.36] Release 2017-12-03 Corrections (on the fly if w/o bug number) - [B0081B,2016-02] - [B0085B,2016-11] - [B0086B,2017-01] - [B0087A,2017-01] - [B0088B,2017-01] - [B0089B,2017-01] - [B0090C,2017-01] - [B0091C,2017-01] - [B0092B,2017-02] - [B0094B,2017-02] - [B0097B,2017-05] - business_objects.php: Fixed setting user security token - php_lib.php -- BaseTemplateClass:DumpArray() --- Fixed printing stack trace to screen on non-production stages --- Fixed call loop when array contains an object - ui_lib.php -- DisplayDataView: correctly set boolPermissions to DIC value - persist.php -- Fixed check for existence of fid element - insert.php -- Fixed display of error messages on empty target selects - search.php: removed redundant closing form tag Changes - ui_lib.php -- Automatically launch downloads in order to not reveal export file location -- Hide link to download log file on production stage -- Shifted editor controls (like text inputs and some select boxes) to edit_lib.php - init_cgi.php -- Promoted common URL parameters to framework level -- Promoted dimensions of child windows to framework level - edit_lib.php -- InitializeDataEnvironment() now optionally digests an array of column => value pairs to serve as an API to CLI and internal processing -- Content of number inputs is right-aligned -- Icon sizes harmonized to 16 pixels - db_lib.php -- RecordPersister: separated method CheckAndPrepareValues() from request generator in order to enable application specific data validation being performed between general data validation and request execution -- DatabaseConnector: added exception stopping when potentially being called directly (not via dependency injection container) -- EntityProperties: added NLS column titles to column attributes - js_lib.js -- PHLEX.General.DisplayDependentElement() now supports variable CSS display values. This fixes malpositioning of elements when shown - footer.php -- Made clock input read only and left out from the standard flow - edit_lib.php -- On refreshing select elements, the buffered selection is recovered - init_general.php -- Added standard names of generic tables - graph.php renamed to bar_chart.php - draw_graph.php renamed to dashboard.php - php_lib.php -- Mapping of page names to page titles now considers underscores (_) -- Reworked and simplified handling of NLS modules - phplot.php updated to version 6.2.0 - Removed currency codes from data descriptions. GetColumnTitle() adds it on demand - Added general view object relations table - Added HTML 5 layout elements to most frequently used pages - Refactored strLanguage to strLanguageCode in order to avoid confusion with NLS names Added features - home.php: R/W check of export, log and media directories - php_lib.php -- Per exception > informational level, a log file is written regardless of the stage - db_lib.php -- DatabaseConnector: support of prepared SQL statements - xml_lib.php -- Export includes categories if supported by object class - edit_lib.php -- HTML 5 support of number fields - ui_lib.php -- Added responsiveness to QuickBar - home.php -- Added responsiveness - dashboard.php: new report summarizing transaction statistics using new class TableTurnoverSummary - insert.php: added shortcut Ctrl + Shift + S to save entry - details.php: added shortcut Ctrl + Shift + E to edit entry ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.35] Release 2016-11-20 Corrections (on the fly if w/o bug number) - [B0084C,2016-11] - persist.php: Fixed unique check in update mode - php_lib.php -- Added export_objects.php to URL whitelist - ajax_lib.php -- Fixed instance of ampersand in URL parameter - footer.php -- Removed calendar link on login page as not working due to missing environment - phlex_version.php -- Fixed NLS in web mode -- Fixed undefined variable warnings in CLI mode - js_lib.js -- Reworked GetDateYesterday() in order to fix calculation of yesterday's date when today is first day of month - ui_lib.php -- Fixed element dimmer on pagination - db_lib.php -- SearchCapabilities::MarkHits(): Fixed offset error on empty local search phrases - check_session.php -- Fixed redirection on direct link call - insert.php -- Fixed legacy column name for notifications - details.php -- Fixed "<<" (first) navigation entry - export_transfers.php -- Fixed page title - persist.php -- Fixed storing HTML entities in database Changes - init_general.php: Externalized variables for all run modes - Renamed library directory from "include" to "phlex" - php_lib.php -- DIC --- Introduced "framework application" to be used in CLI mode for application agnostic scripts, e.g. versions overview --- Introduced method to centrally set referer in environment - Javascript libraries -- All: Introduced strict mode -- All: Continued migrating functions to PHLEX.* namespaces -- ajax_lib.js --- Removed dependency to jQuery by replacing used functions with own implementations - Superseded the concept of view modes by the concept of current contexts set by the respective pages. Only view.php has a "print" (view) mode - persist.php -- Transcode HTML entities on insert and update Added features - overlay_lib.js -- Added progress bar to indicate processing state of AJAX calls (request, response, rendering) - insert.php -- Export option only available when cash is set to "No" - php_lib.php -- Added CSRF handling - home.php -- Display value of vital configuration parameters in administration section ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.34] Release 2016-04-17 Corrections (on the fly if w/o bug number) - [B0082A,2016-04] - [B0083B,2016-04] - DB: Set unique flag for categories in entities table - insert.php -- Fixed editing file selects in chained mode -- Fixed selecting all subscribers - business_object_lib.php -- CheckLeafImages(): Fixed (ito adjusted to current DB version) WHERE IN clause in enumeration of image IDs) - ui_lib.php -- AssignmentList::ListLeafCrossEntries(): Fixed format of total amount - db_lib.php -- SearchCapabilities::MarkHits(): Fixed existence check of global search phrases -- CLIDatabaseBrower: Fixed scanning registered databases - php_lib.php -- DIC: Fixes (too) early loading of return URL Changes - DB: Renamed columns "notifications" to "subscribers" - db_lib.php -- GetEntityName() and GetEntityID() reworked to now be procedural stubs to EntityProperties. This avoids DB requests on cached information -- Class EntityNavigation renamed to RecordNavigation - persist.php -- Moved function to delete relations to class ObjectRelations -- Created function to save selected relation IDs to the environment - init_db_general.php -- Shifted shared relation arrays to dedicated arrays per (affected) table that supports the respective relation type. Required to support nested inserts - ui_lib.php -- Refactored "notifications" related methods to "subscribers", e.g. ObjectRelations::GetLeafSubscribers() -- Refactored "notifications" selects to "subscribers" - login.php: Realmed messages Added features - ui_lib.php -- DisplayUIControl::DisplaySelectBox(): Extended refresh feature to target and image selects - php_lib.php -- redirect(): Introduced page whitelist - db_lib.php -- RecordNavigation: Navigation within filtered records if filter hits less than "intMaxRowsWithoutPaging" entries - details.php: Filter indicator shown when paging through filtered entries ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.33] (Intermediate) Release 2016-03-28 Corrections (on the fly if w/o bug number) - [B0074C,2015-11] - [B0075B,2015-11] - [B0076A,2015-11] - [B0077B,2015-11] - [B0078B,2015-11] - [B0079B,2015-11] - [B0080B,2015-11] - File logger: Fixed line break of greeter - ajax_update_select.php: Fixed reference to report context leading to category select not being refreshed correctly - ui_lib.php -- DisplayUIControl::DisplayTargetSelectBox(): Fixed nested divisions with same ID - report_lib.php -- ObjectTurnoverStatistic::InsertAndVerifyForm(): Fixed nested divisions with same ID - php_lib.php -- BaseTemplateClass::DumpException: Fixed legacy references to run mode switch - login.php -- Fixed handling of referer => Separated last known good (in terms of verified) referer (permalink) from other query URIs Changes - php_lib.php -- Profiler: DIC now initializes runtime start -- Class CheckBirthday: Migrated to use class DateArithmetics which provides exact calculation of age -- DIC::StartOrRecoverWebSession(): Changed handling of session timeouts which also resolved [B0075B,2015-11] - db_lib.php -- GetTables(): Table names are now cached in order to increase performance -- AppendAdvancedSQLFilter(): Early return if filter value is empty -- SearchCapabilities::MarkHits(): Early return if filter values are empty - business_objects_lib.php -- Role membership checks: Effective user role is now cached in order to increase performance - gromit.css: Renamed to phlex.css - persist.php -- Shifted Javascript to close current window to ui_lib.php superseding respective status switches - calculator.php -- Isolated calculator to separate window (like calendar) Added features - ui_lib.php -- DisplaySearchHitLegend(): Runtime added to legend hence the same is updated also on AJAX-based pagination -- UserInterfaceControls --- Added insert link to select boxes enabling nested creation of entries --- Added refresh links to select boxes (except target and cross entry selects) making nestedly created entries acccessible - insert.php -- Inline and nested creation of objects by opening (a) chained window(s) - login.php, details.php -- Added support for permalinks to object details with inline authentication if no session is active ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.32] Release 2015-11-09 Corrections (on the fly if w/o bug number) - [B0057B,2015-01] - [B0058B,2015-01] - [B0059C,2015-01] - [B0060B,2015-01] - [B0061B,2015-08] - [B0063B,2015-08] - [B0064B,2015-09] - [B0065C,2015-09] - [B0066B,2015-10] - [B0067B,2015-10] - [B0068B,2015-10] - [B0069B,2015-11] - [B0070B,2015-11] - [B0072C,2015-11] - search.php: Fixed broken footer form - login.php: Fixed truncated passwords leading to failed login attempts with correctly entered password - Fixed missing doc block parameter types - Class ObjectInformation: Fixed HTML encoding - Fixed incorrect magnifier image name - Class DisplayDataView: Fixed missing table cell close tag of category select - view.php: Recovered display of table and view name - Class ArrayManipulation: Fixed for-condition to correctly match end of source array - Class SearchCapabilities: Fixed wrong treatment of table aliases in WHERE clause - home.php: Corrected toggling of fix table header option - dragndrop_actions.php: Accept recovery action only when source and target class are the same - Class RecordPersister::GenerateAndExecuteRequest: Added message on session timeout on INSERT or UPDATE - report.php: Fixed unclosed detailed entry form preventing the clock from being initialized correctly Changes - Global search hit background color now stronger for better readability - phlex_version.php: Sorted outout by class names - Refactored naming: fields => columns, name => title (where appropriate) - DisplayDataView -- All functional links are now undraggable -- Optimized height of view configurator window - details.php -- Externalized functions to display details link as first step to encapsulate this page within ui_lib.php (saved some 150 lines) - php_lib.php -- DisplayDebugMessage(): Tuned by instantly returning when min debug level is greater than actual one -- Class EnvironmentConnector: Enhanced to type-safely set values -- DIC: Externalized application agnostic key/value pair initialization from the housekeeping data description to init_db_general.php -- BaseTemplateClass --- Made public DumpArray() method --- VerifySpecifiedProperty: Reworked in order to simplify ---- Some protected property values are now tolerated as ucfirst as well as lcfirst to enable migrating values to lcfirst ---- When an invalid property value is set and a respective constraint has been defined, the constraint is displayed in order to ease debugging (only on non-production systems) -- GetPageName(): Superseded by (standard) basename() - init.php: Superseded variable strCompanyName by using the (NLS aware) object resolver. This enables handling of multiple companies - General -- Refactorings in order to introduce the environment traverser -- Continued URL and HTML encoding -- Introduced variable $strCurrentContext in order to reliably distinguish the basic contexts "report", "search" and "view". - home.php -- Reworked computation of months since company foundation increasing accuracy - init_db: Finished application of environment traverser causing code to be condensed to approx. a third (saved >= 2k lines) - insert.php -- Stop on invalid table name - ui_lib.php -- UserInterfaceControls::DisplaySelectBox(): If select boxes are constrained to a single value, the same is displayed read only - ajax_lib.js -- PopulateEntrySelector() --- For a search to start at least two characters must be entered - search.php: Granted drag and drop to trash - Javascript libraries: Opened PHLEX namespace and migrated first variables (now properties) and functions (now members) to the same - readme.txt: Reversed order of bug history Added features - XSS sanitization for critical output strings - php_lib.php -- EnvironmentConnector: Finished traverser and added safe write support -- Added function CompareDataTypes() in order to handle type comparisons -- Added class DateArithmetics consolidating date methods -- BaseTemplateClass --- Added exception to magic property getter --- Visualization of invalid non-printable property values --- DumpException: Advanced NLS support of exception messages --- VerifySpecifiedProperty ---- Reworked to support all flavors of public and protected properties (default, loaded and inherited) ---- Added meaningful exceptions - ui_lib.php -- Direct zooming of table entries by holding mouse over magnifier for 500 ms - ajax_lib.php: New library clustering AJAX-related PHP classes -- Introduced class AjaxArgumentValidation offering proper messaging on invalid AJAX arguments -- Shifted class AjaxElementID from ui_lib.php - readme.txt: Introduced glossary - Drag and drop: Enabled reminders - ajax_lib.js: Enhanced entry selector in order to -- provide keyboard control (ESC, up arrow, down arrow and enter) -- minimize server traffic (key code filter and launch request timeout of 500ms) ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.31] Release 2015-01-06 Corrections (on the fly if w/o bug number) - [B0050C,2013-11] - [B0056B,2014-12] - xml_lib.php -- XmlExport --- Fixed resolution and thus hints of target fields --- Log file created per export -- XmlImport --- Fixed number of objects in case the group contained trashed ones --- Log file created per import - view_table.php: Fixed session timeout on every call Changes - Named the application framework as "PHLEX" - php_lib.php -- BaseTemplateClass --- __set: Replaced exit message by exception -- GetClassVersion(): Reworked in order to extract the version of the most recent method - footer.php -- Shifted application version information to init.php - db_lib.php -- Improved preselection filter statement Added features - php_lib.php -- FileLogger: Supports create and append mode as well as output of log messages to the user interface -- Added GetClassSince(): Returns the oldest since date of a class and a hint if unknown -- Added GetNamedArgumentValue(): Returns the value of a named CLI argument - xml_lib.php -- XML exports and imports are now logged to individual files - phlex_version.php -- Displays the installed version of basic PHLEX components -- Multimodal - ui_lib.php -- DisplayDataView --- Extended preselection handling. Arbitrary selection may now span pages --- Preselections may be exported to XML or CSV ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.30] (Intermediate) Release 2014-11-16 Corrections (on the fly if w/o bug number) - [B0055B,2014-07] - php_lib.php -- Corrected environment state "production" -- DIC --- Fixed missing environment reference in CLI mode --- Fixed missing link to environment in some cases -- UrlManipulation: Fixed HTML encoding -- GenerateJavascriptZoomEvents: Fixed HTML encoding - scroll_detailed_data_view.php -- Fixed missing details URL -- Fixed error message when being used wuth no data description - login.php -- Fixed cookie name - ui_lib.php -- Recovered print view -- Loading calendar NLS for birthday and reminder wigdet in order to correctly resolve month names -- Fixed HTML encoding of logged on user link - export_transactions.php, sepa_lib.php -- Added reference to transaction's denomination - details.php -- Fixed HTML encoding of edit, next and last entry links -- Fixed HTML encoding of owner and editor links - persist.php -- Fixed debug messages - business_objects_lib.php -- Fixed SQL statement to reset password Changes - General: Switched document type from XHTML(1) to HTML(5) - overlay_lib.js -- Shortened fade in transition timeout from 500 to 200 ms - php_lib.php -- Trait ClassPropertyHandler: Reworked to handle any property and externalized to a trait (which makes PHP 5.4 a requirement) -- Trait StandardMethods: Shifted common constructor to a trait -- DisplayDebugMessage(): Refactored to support all run modes - html_attributes.php: Externalized common HTML attributes to centralized management - business_objects_lib.php -- The encryption of passwords has been superseded by hashing. The hash algorithm is configurable. - edit_lib.php -- Generalized RecordEditor to use ObjectProperties in order to get original values in update mode independent of applications -- As a consequence, also the persister can now be used independent of applications and run modes - export_transactions.php: Renamed to export_transfers.php (SEPA or DTAUS) in order to avoid confusion with export_objects.php (XML) - db_lib.php -- DatabaseConnector: Added property to control association of result array (index, name or both) -- Persister: Refactored to support all run modes - sepa_lib.php: Renamed to xml_lib.php (more general) Added features - Non-draggable elements: Introduced HTML5 attribute to suppress dragging elements (a, img) not intended to support it - Drag & drop -- Introduced HTML5-based drag & drop support for trash and report actions. JSON used to securely handle return values -- Drop action rules are plugged in on a registered application base - Added unit test class assertions_lib.php - DisplayDataView: Added report link to respective object class - xml_lib.php -- XmlExport --- Added export of one or more objects (of the same class) to XML that may be imported into another instance --- Multimodal --- Exports individual objects or ranges of objects -- XmlImport --- Added import of transactions (as a first step) --- Plugged in import rules --- Multimodal --- Accessible via administration section on home page. ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ [IV.29] Release 2014-03-26 Corrections (on the fly if without bug number) - [B0052B,2014-02] - exec_login.php -- Referer is no longer used as it may require a determined session content with leads to an exception on an initialized session object -- Instead, once the session has timed out, the home page is loaded - php_lib.php -- Reworked ReplaceSpecialCharacters() in order to treat UTF8 special characters. This replaces the export language setting -- DIC --- Fixed handling session timeouts when being called via AJAX (offering a link to the logon page) --- Completely shifted session recovery to the DIC - ui_lib.php -- Restored view configurator (refactored in order to use the DIC) - Fixed "Array to string conversion" notices when being run on PHP 5.4 Changes - Development environment -- Updated to PHP 5.4 (still no version specific features used) - kill_session.php -- Instanciated per application to address application specific sessions Added features - php_lib.php -- DIC --- New modularization concept in order to support instant applications that don't support NLS or a data description --- Implies a session per application --- Minimum customization artifacts and code - edit_lib.php -- New library encapsulating a generic data input and edit form -- Makes use of HTML 5 element attributes (mandatory, email, url, etc.) -- Supports a data descriptionless mode by generating a temporary in-memory structure -- Specified (default) values saved in the session object are being used automatically - db_lib.php -- New "Persister" class encapsulating data insert and update requests -- Supports a data descriptionless mode by using the temporary in-memory structure created by class RecordEditor - ui_lib.php -- Class DisplayDataView --- Introduced support of data descriptionless mode just based on database attributes --- Introduced HTML 5 placeholders --- Introduced HTML 5 datalists (but not yet sufficiently supported by browsers). Default boolean value set in init.php ------------------------------------------------------------------------------------------ [IV.28] Release 2014-01-18 Corrections (on the fly if without bug number) - [B0049B,2013-11]: Persister statements now checked against stop list and purified, if appropriate - [B0040B,2012-08] - insert.php: Recovered edit of user's own password - ui_lib.php -- Unsort icon displayed correctly also when no sub view is defined -- Details link only displayed when column selection is defined (not all columns) Changes - Session checker shifted to the application specific include directory - Renamed dtaus_export.php to export_transactions.php -- Reworked to use standard header - Shifted application agnostic expressions to library path as "expressions_nls_.php" - Application specific expressions renamed to "_nls_.php" - php_lib.php -- DIC --- Enhanced to support multiple application environments by separating agnostic from specific configurations --- New method StartOrRecoverSession(): Recovers application specific session object. No longer treated by check_session.php --- Application name now set by session checker. Static methods directly digest this information --- Switched to exclusively use named session objects -- ShowDebugMessage(): Exchanged arguments message and initiator in order to enable an optional inititator - Web only code refactored to directly access the information stored in the session object in order to reduce complexity - Audit table only browsable by administrator as it reveals internals - ui_lib.php -- DisplayDataView --- Reworked to support native mode w/o data description --- Support of IP v4 address fields for MySQL / MariaDB Added features - SEPA-XML export of transactions. Upcoming standard in the Single Euro Payment Area. Will supersede DTAUS. - business_objects_lib.php -- ObjectProperties --- Added method GetExportObjects() to get objects that are to be exported (by source and type) --- Added method SetExportedStatus() as now reused by DTAUS and SEPA - persist.php -- Support cancelation of export as long as the same has not been performed - db_lib.php -- GetColumnAttributes(): Added column comment as attribute. Information is extracted from the scheme database (for MySQL / MariaDB) -- Basic persister implemented as a class - php_lib.php -- EnvironmentConnector: Added method GetViewOrEntityEnvironmentValue() that returns the view's (if defined) or the native context value. Redundant value definitions on a sub view level may be deleted. Initial use to get browsable columns in details.php. - edit_lib.php -- Basic edit form generator implemented as a class ------------------------------------------------------------------------------------------ [IV.27] Release 2013-08-27 Corrections (on the fly if without bug number) - readme.txt -- Updated basic directory structure -- Added browser compatibility matrix - dtaus_export.php -- Fixed bolded text - ui_lib.php -- DisplayReminderWidget(): Fixed exception on reminder with contact pointing to table with no views defined - insert.php -- Fixed unselected image and attachment entries in insert mode when returning after status check - view.php -- Fixed warning messages when being called with undefined view Changes - Replaced HTTP redirects by includes wherever possible in order to minimize traffic and to bypass header injections - CSS -- Extended use of pseudo classes Added Features - Added language information to headers, bodies and specific table data fields - login.php -- Introduced maintenance property to replace login dialog by maintenance notification - ui_lib.php -- Experimental support of fixed page and table headers - overlay_lib.js -- Dimmable HTML elements - CSS -- Added hyphenation and word break support ------------------------------------------------------------------------------------------ [IV.26] Release 2013-08-09 Corrections (on the fly if without bug number) - [B0044B,2013-05] - [B0045B,2013-06] - [B0046C,2013-07] - [B0041B,2013-04] - [B0043B,2013-06]: Suppressing zoomers in IE 8 and below - db_lib.php -- Incorrect column length (real length by 3) of UTF-8 string columns has been fixed with PHP 5.4. Checking version before dividing length by 3. -- EntityProperties: intEntityID converted to integer as fetch_array() returns just string representations. - php_lib.php -- UploadFiles --- Fixed allowed file extension check --- Externalized path as public property - details.php -- Fixed toggling row color -- Do not suppress displaying empty cross entries when table supports them - persist.php -- Notification suscribers correctly saved -- Fixed validation of date inputs - ui_lib.php -- CheckPreselectionIntegrity: Recovered preselection check - insert.php -- Self-subscriptions fixed by skipping primary key column - report_lib.php -- DatePeriodSelection: Fixed initialization of SQL statement when reusing object Changes - save.php: Renamed to persist.php -- Only changed field values are updated on saving. This reduces DB load and facilitates analyzing the audit log - ui_lib.php -- Shifted animation images from footer to QuickBar in order to shorten resulting page -- UserInterfaceControls::DisplaySelectBox() --- Use of "WHERE IN" instead of "OR" --- Deactivated legacy control type "all" - js_lib.js -- Shifted overlayed object handling to overlay_lib.js -- Optimized animation image handling to allow for minimum window area wihout scrolling -- Scaled overlays to document rather than to window size to avoid scrolling out the image -- Considered vertical scroll bar on scaling to avoid horizontal scroll bar during overlay - image_browser.php -- Renamed to file_browser.php. Superseded by multi select box in insert.php (for images currently best viewed in Firefox) - insert.php -- Refactored select elements to use class UserInterfaceControls -- Added function SaveAndDisplayEntries() to consolidate handling of complex relations -- Stronger use of CSS pseudo classes. Adjusted mandatory background. - business_objects_lib.php -- GetLeafRelations: Converted EID and OID to integer as fetch_object() returns just string representations - persist.php -- Object relations: Inserted functions to consolidate checking for updates and to delete and write entries only when the same have been changed - init_db_housekeeping.php -- Excluded transaction IDs from global searches -- Controlling DatePeriodSelection via column attributes and EntityProperties - details.php -- Suppress PopUpOverlay() when in zoomed mode Added features - QuickBar: Zoomer on logged-on user - Dimmer transition - ui_lib.php -- Search hit color legend - php_lib.php -- FileUpload: Avoid overwriting files -- Added class and calling function for array comparison (same content even when in different order) - insert.php -- HTML 5 mandatory attributes on text input fields (client sided validation) -- Mark red media entries referring to files missing on disk - db_lib.php -- EntityProperties: Added properties for media and relevance to date period selections - ui_lib.php -- UserInterfaceWidgets: Added floating zoomers to reminder widget -- UserInterfaceControls: Added control type "media_select" - home.php -- Added media selector ------------------------------------------------------------------------------------------ [IV.25] Release 2013-04-24 Developed using PHP 5.3.17 Corrections (on the fly when without bug number) - report_lib.php -- TableStatistics: Disabled use of cached information -- ObjectTurnoverStatistic::DisplayObjectTurnoverStatisticList: Fixed consideration of pre-filters - save.php -- Update entity properties after inserting or updating an entry - db_lib.php -- Introduced national language support for affected temporary tables in order to simplify refresh management and thus to fix issue related to the same -- SearchCapabilities: Now correctly checking for view entity property instead of show entity property - init_db_housekeeping.php -- Exception on reminder details: Added missing column "reuse" to table reminders -- Empty details on relobjobj views: Reworked view configurations - business_objects_lib.php -- Exeception on initial insert of user view columns: Fixed legacy reference to entity ID in SetUserViewColumns - details.php -- Fixed legacy column array index after having migrated to row object - php_lib.php -- BaseTemplatClass: Fixed displaying incomplete impact messages - ui_lib.php -- Non-standard sub views are now correctly considered when paging views via AJAX -- Legacy SQL error message when browsing tables in raw mode: Migrated to database connector - search.php: Fixed displaying filter icons Changes - db_lib.php -- DatabaseConnector --- Added platform specific rewind of record set --- Migrated mysql extension to mysqli --- Abstraction of fetching rows by using new method GetRowObject() ---- Note that this method is yet only accessible through class DatabaseConnector, other classes that store their record set do not offer this method --- Abstraction of fetching column by using new method GetColumnAttributes() ---- Correct handling length of UTF8 based string columns (multi-byte) --- Added method GetTables() for abstraction --- Added method MapDatabaseErrorClass() to abstract DB specific error handling. Initial use for handling unique index violation. Those are to supersede the "unique_entries" property held in the "entities" table. -- EntityProperties --- Shifted property to assign categories from table "relentities" to table "entities" and hence to this class - php_lib.php -- BaseTemplateClass --- Introduced self-persistance using an implementation of Serializable. As a first step, this supersedes the session array per entity that held its respective properties. --- Superseded ResetProperties() by reinitialization of specific properties within the individual methods. --- Used the dependency injection container to link to or copy the environment -- ObjectDocumentation --- Introduced reflection class to collect meta data on a class, method or function level - ui_lib.php -- Encapsulated frequently used HTML elements in class UserInterfaceControls - Introduced DocBlocks in order to -- allow for version information per function, class and method -- support reflection of meta properties - Introduced TODO tags on a code level - Started migration to dependency injection container on -- instanciating the database connector -- referring to the environment (by value or by reference) - init.php: Added registered (DIC) database name to use - Continued refactoring to abstract database platforms - Changed insert icon to a more meaningful one Added Features - ui_lib.php -- UserInterfaceWidgets: Folding and refresh now provided by class - php_lib.php -- GenerateJavascriptShortcuts(): Generates Javascript code to implement configurable navigation shortcuts -- Introduced zoom popup available for all fields displayed with a magnifying class. Pops up after one second of hovering (the link) and fades out on mouseout of the popup. ------------------------------------------------------------------------------------------ [IV.24] Release 2012-05-01 Developed using PHP 5.3.15 Corrections - [B0011C,2011-01] - [B0024C,2011-12] - [B0033C,2012-01] - [B0035B,2012-04] - [B0036B,2012-04] - [B0037C,2012-04] - [B0038B,2012-04] - [B0039B,2012-04] - report.php: Fixed nested forms Changes - home.php -- View select box shifted to ui_lib.php (UserInterfaceControls) -- Shifted birthday and reminder information to new class UserInterfaceWidgets - ui_lib.php -- DisplayDataView::DisplayViewResult() --- Split into varios methods --- Paging switched to Ajax (using synchronous calls as asynchronous result cannot be routed to the correct destination elements) -- AjaxElementID (implies ajax_lib.js): --- Consolidated generating complex HTML element IDs to PHP in order to simplify and generalize AJAX Javascript functions --- Introduced element instanciation -- Quickbar encapsulated in class UserInterfaceWidgets and switched to Ajax expand and collapse - init_db.php -- Consolidated keys and values common to all entities and views -- Consolidated columns common to most entities Added Features - n.a. ------------------------------------------------------------------------------------------ [IV.23] Release 2012-04-06 Corrections - [B0017C,2011-11] - [B0032B,2012-01] - [B0034B,2012-03]: Introduced stop list - ui_lib.php -- Fixed wrongly encoded ampersands in links -- Fixed deletion of search phrase - home.php: Fixed position of form closing tags - php_lib.php: Fixed html encoding of "&" in class UrlManipulation - db_lib.php -- All temporary entities refreshed on language switch to match NLS search phrases -- Slightly optimized COUNT statement using "(*)" (rows) instead of primary key (values) Changes - details.php: Message instead of exception when entry does not exist - php_lib.php: Shifted calculation of elapsed runtime to BaseTemplateClass - home.php: Replaced GetEntityName() by EntityProperties Added Features - Introduced array of stop characters and expressions. These characters are filtered out of an search or filter criteria. An information is displayed when this has been the case. ------------------------------------------------------------------------------------------ [IV.22] Release 2012-03-25 Corrections - [B0014B,2011-10] - [B0016C,2011-11] - [B0018C,2011-11]: CSV download link offered at bottom of page. - [B0022B,2011-12] - [B0025B,2011-12] - db_lib.php: -- Catched NULL record set when truncating a table -- Adjusted NLS column names in user view columns to correctly include national names in the SELECT statement - php_lib.php: Exceptions thrown by BaseTemplateClass::VerifyProperty() are no correctly catched - search.php: Fixed setting sub view if existent (not only on target entities) - init_db.php -- Fixed description of column "tax" in general transaction view -- Cached user view columns per entity and view Changes - php_lib.php -- Added class SessionVariables to consolidate methods to set and verify session variables -- SessionVariables::SetGeneralSessionVariables(): Introduces maximum length of query string. Exceeding parameters are truncated. -- SessionVariables::SetEntityRelatesSessionVariables(): Validity check of passed entity and view name -- BaseTemplateClass::OutputImpactMessage(): Deprecated public and protected caller properties as inherent backtrace information is used instead - view.php -- Warning on invalid entity or view name. No results are displayed. -- Print view now shows WYSIWYG content of normal view. - init.php -- Externalized URL parameter names - ui_lib.php -- DTAUS export files now offered for download Added features - php_lib.php -- SessionVariables::SetGeneralSessionVariables(): Introduces maximum length of query string. Exceeding parameters are truncated. ------------------------------------------------------------------------------------------ [IV.21] Release 2012-02-05 Corrections - [B0021C,2011-11] - [B0015B,2011-10] - [B0019C,2011-11] - [B0020C,2011-11] - [B0023B,2011-12] - [B0027C,2012-01] - [B0028B,2012-01] - [B0029B,2012-01] - [B0030B,2012-01] - [B0031B,2012-01] - Dimmer and spinner images correctly centered on the window (also when scrolled) - Dimmer and spinner without placeholder in order to minimize page area - BaseTemplateClass::VerifyProperty(): Correct exception thrown on invalid property values - DisplayDataView::ShowFunctionSelectBox(): Natonal names of function select correctly updated after language switch - logon.php: Fixed concatenation of URL parameters when switching languages or quick navigation bar settings - details.php -- Fixed displaying active user as owner and editor -- Fixed filtering of reusable records Changes - home.php -- Administration section and options section now collapsible - db_lib.php -- DatabaseConnector and EntityProperties now throw exceptions on request errors without the need of having try-catch blocks in top level code -- Cached entity properties in the environment to avoid unnecessary database load -- Split SearchCapabilities:EntityLocalSearch into various methods to make code more reusable and readable - init_db.php -- Deleted deprecated entity properties and added dynamic array fed by class EntityProperties in order to cache -- Superseded ['intEID'] by ['arrEntityProperties']['intEntityID'] -- Externalized instance specific database properties to init_db_access.php. Credentials kept out of session object - php_lib.php -- EnvironmentConnector now throws exceptions on non-existing contexts - Switched record set owner from user name to person ID to allow deletion of users without loosing referential integrity (hence persons cannot be deleted) - image_browser.php: Changed AJAX-based file upload dialog to plain Javascript function in order to minimize server requests - ajax_entry_selector.php: Now uses SearchCapabilities:EntityLocalSearch to limit select values to the actually filtered subset - init.php: Added environment variables for each and all attributes - search.php: Now shows processing time as in view.php and report.php - business_object_lib.php -- ObjectProperties: Encapsulated (simplified) NLS and Quickbar handling - readme.txt: Reformatted to properly fit into 1,600 px (depending on font size) - view_configurator.php: Dynamic window height depending on number of columns - Switched to a single database user and application users rather than a database user per person. - home.php: Split into user and advanced ("portal") view. Advanced "portlets" are folding. - TableStatistics(): Extended use of properties of class EntityProperties including reusable entries - Unicode: Eliminated utf8 transformation functions (to avoid double transformations). Instead all input forms are now set to accept utf8 only. As well, all database entites are set to utf8. Added features - persons: Added role attribute to reflect privileges (see role description below). Roles are stored as general attributes in entity "attribs" - ui_lib.php -- DisplayDataView: Display second page select at bottom when page length is equal or greater than 20 entries - init_db.php -- Separated owner from editor and creation date from date of last modification to restrict users to edit only their own entries - php_lib.php -- EnvironmentConnector: Added methods to directly check entities for (a specific) sub view(s) - insert.php -- HTML5 based form element checks for date, url and email fields. Ignored by browsers not yet supporting these features - report.php -- Added Message when undefined report has been requested - Extended reusable records feature to a comprehensive trash capability: Move items to trash, restore from trash, view trash content (was "marked as reusable") ------------------------------------------------------------------------------------------ [IV.20] Release 2011-11-25 Corrections - [B0009A,2010-11] - [B0010B,2010-11] - [B0012B,2011-08] - [B0013C,2011-08] - db_lib.php -- Corrected recognition of SELECT COUNT() statements when statement contained string "count" - details.php: Fixed navigation handling when primary key is fragmented - cli_send_reminders.php: Fixed segmentation fault due to calling private method - details.php -- Fixed scaling of portrait images - report_lib.php -- No more use of primary key field to hold object ID(s). Inserted dedicated field instead -- Redesigned statistic list using business_objects_lib.php - report.php -- Fixed execution time display - ui_lib.php -- Reset paging if current page is bigger than the number of pages -- Fixed broken input selector for mapped columns -- Fixed error when selecting a category filter - save.php -- Correctly set dtaus status to "Export" when setting dtaus in update mode (copy mode pending, see bug list) -- Strict use of EnvironmentConnector class for r/w accesses Changes - init.php: Added references to most frequently used images - Data model: -- Added index on column "reuse" to speed up paging -- Temporary entites per view to speed up performance - init_db.php -- "read" values renamed to "view" values to synchronize with session variable strViewMode. This provides independent filtering per view mode. -- Current page number separated per view mode -- Completed shifting "show" and "view" properties on a table level to the database - report_lib.php -- AJAX support for some reports to speed up detailed entries -- Reworked individual report (person / category / category group) - search.php -- AJAX support to speed up displaying detailed hits - ajax_entry_selector.php -- Adjusted to do a real wildcard search rather than searching only for entries starting with the search string - php_lib.php -- Extended BaseTemplateClass::OutputImpactMessage() in order to supersede ShowDebugMessage() and ShowWarningMessage(). Ordinary and exception messages are now strictly separated. -- Optimized output of BaseTemplateClass::DisplayPropertyValues() to improve readability - init.php: Added general variables for image names Added Features - Added class InsertAjaxElement to encapsulate the cryptical syntax of most Ajax element IDs and calls - Added support for exceptions in some classes - view.php -- Global search field included in header -- Replaced function links per entry by more flexible function select box --- Directly enter views and reports on an entry level -- View configurator to select columns to be displayed on a user level - details.php: Added zooming an image - ui_lib.php -- DisplayDataView --- Clicking in a row opens the entry's details (does not work with Konqueror) --- Replaced functional link images by extendable function select box offering direct access to prefiltered views and reports - db_lib.php -- EntityProperties: Added entity update status control - insert.php -- Added browser to select an image. Images may also be uploaded and overwritten, but not deleted - report.php -- Added report select box to directly switch between reports - Added business_objects_lib.php to abstract business objects -- Added entity relation of categories to category groups -- Added class ObjectProperties to initially encapsulate persons - php_lib.php -- Added class EnvironmentConnector to safely access the session environment ------------------------------------------------------------------------------------------ [IV.19] Release 2011-01-02 Corrections - cli_send_reminders.php: Fixed tryping to log in to the database using a wrong user - search.php: Fixed dimming page on form submit - [B0001A.2007-01] - [B0007B.2009-04] - [B0008B,2010-10] - Fixed collation of temporary tables (to UTF8) - details.php: Fixed double UTF-decoding of targets - php_lib.php -- ShowRawTable() --- Fixed missing Unicode support --- Ignore invalid column names passed as URL parameter - Database: "Illegal mix of collations" error when searching for some special characters; completely set all collation options (DB, tables, fields) to Unicode (utf8_general_ci) Changes - Search -- searches are now structured in global and column searches. Hits are indicated using different colors (as well as combined matches) -- details.php extended to diplay more hit information -- filter status cached per entity rather than globally - Value context: Extended use of linked contexts to increase code readability. Strict separation of native columns (read / write) and sub views (read only) - php_lib.php -- Shifted respective classes and functions to db_lib.php and ui_lib.php - ui_lib.php -- DisplayDataView: Optimized database requests to speed up paging through large views - Added category select ID per (sub) view (report, view) in init_db.php. This enables selecting a different category per view and avoids changing to a view with an empty result Added Features - Busy indicator (spinner) in conjunction with dimmed page displayed on most actions - php_.lib.php -- Impact messages now include script, class and method name plus the code line (impact messages to be superseded by exception handlers) -- Added generic exception handler to base template class - db_lib.php -- Added class SearchCapabilities to integrate all search related methods (superseds MarkHits() and SkipMarks() -- Global search: Added support for advanced search expression (&&, || , !) - footer.php -- Added indicator "T" when temporary entities have been updated - insert.php -- Display selected categories as list -- Enter notes in textarea (showing the current number of characters) ------------------------------------------------------------------------------------------ [IV.18] Release 2010-07-25 Corrections - graph.php: Rectified deprecated note - report_lib.php: Introduced flag to correctly refresh temporary tables for target entities Changes - Updated to phplot 5.1.1 Added Features - Introduced AJAX library to speed up form based operations -- Target select fields -- Filtered criteria selector - php_lib.php -- Added class EntityProperties to treat entities as objects -- Added class UserInterfaceControls to consolidate output structures like select boxes, radio groups etc. -- Strict use of protected members array within classes - report_lib.php -- Added method AddGrandTotal() to class ObjectTurnoverStatistic. Used when report includes more than a single person or institution - Added environment state parameter to suppress debug output in productive environments - Introduced record reusability: Records of specific entities may now be marked as reusable and are then suggested to be updated on inserts - report.php -- Added report for entries marked as reusable. May be used to "undelete" entries. ------------------------------------------------------------------------------------------ [IV.17] Relase 2010-04-11 Corrections - [B006A.2009-04]: Fixed LDAP script throwing error on locating or updating persons - php_lib.php -- ShowTable(): Fixed index warning "order" when clicking on a column header. -- class DisplayDataView: Correctly reset current page to 1 when a filter expression has been changed. - cli_send_reminders.php: Fixed sending emails to recipients not selected for a given object. - Fixed "uninitialized string offset" in standing orders sub view. Changes - search.php: When the search expression is deleted, it is returned to the home page. - Navigation: Reduced use of navigation arrows. Arrow color changed to blue except for expand information in reports. - php_lib.php -- Added class DisplayDataView superseding the functions ShowResult() and BuildView() -- Extracted function /class groups from php_lib.php in order to reduce its size --- dtaus_lib.php --- ldap_lib.php - Adjusted search and display functions to properly handle unicode character strings - Default logon language set to English - Language modules cashed as long as language is not changed and session does not expire - Current page number parameter limited to valid values - Current page number stored per table in environment as long as table is not updated Added Features - home.php: Added magnifier to delete search expression. - details.php: -- Class and object names displayed as links -- Added navigation arrows - php_lib.php: -- Added method VerifyProperty() to class BaseTemplate -- Added class DatabaseConnector to encapsulate SQL requests - Paging is automatically turned on when the number of affected rows exceeds "intMaxRowsWithoutPaging" settable in init.php - SLA monitor. Displays processing duration in footer on selected pages. Threshold settable in init.php ------------------------------------------------------------------------------------------ [IV.16] Relase 2009-05-05 Corrections - Category report -- Fixed treatment of categories with no objects assigned -- Displays "No entry found" if there are no hits in an object class - [B0004B.2009-01] Relation filters: Using nested SQL queries for speeding up relation filters like categories - Category filter in ShowResult(): Reset category filter if delete filter button is pressed Changes Added Features - php_lib.php -- ShowResult(): Taxonomy scaled fonts in category select box (currently only supported by Firefox v3 and above). - Session parameter boolSaveRows added to prevent record from being stored. Instead the SQL statements are displayed. Used for debugging. ------------------------------------------------------------------------------------------ [IV.15] Release 2009-01-20 Corrections - Fixed incorrectly displayed national characters in header of home page - Inserted entity ID for table 'entities' to avoid error in details.php - BuildView() -- Fixed creation of FROM statement to get a valid JOIN statement in any case -- Fixed auto_filter option for standing order end dates - Fixed mixed up spanish name and surname field labels - Fixed "Edit" button label when updating rows - dtaus_export.php: Status of exported transactions will only be reset when export file could be successfully written - home.php: Suppress company balance if company string is not set - details.php: Fixed missing depreciation field titles - PHP warnings: Debugged code in various scripts to avoid displaying PHP warnings - insert.php: Corrected row color switch - details.php: General sub view set if called from search view without a sub view - ShowResult(): Fixed division error on cross entries when amount is equal or larger than 1,000 currency units Changes - Quick Bar: Toggle switch transferred from the options section on the home page to the quick bar itself - Quick Bar: Inserted home tab - save.php: Deleted unique condition when update mode is selected - php_lib.php -- New class CheckBirthday centralizes birthday calculations within the objects / functions library -- Redesigned object turnover header and statistic: Now encapsulated in a PHP5 object class "ObjectTurnoverStatistic" --- Parameter to suppress verifying filter dates in order to avoid double checking. --- Unified person and institution statistic using a multiple select box. --- Redesigned persons statistic consolidating transactions and standing orders. -- Superseded $_SESSION['category_filter'] by data definition in init_db.php. -- Class GetObjectRelations now optionally considers date filters. -- Class DisplayDataView now cashes temporary tables to speed up performance. - Added table "relentities" to keep relations between tables (targets, destinations, assignments) -- Relation type(s) refer(s) to table "reltypes". Added relation type "target entity" -- The relations held in "relentities" will supersede the columns "target" and "destination" in table "entities" and the "categories" property as they are more flexible and normalized for future extensions. -- The relations held in "relentities" are also used for simplifying the reporting as relations between tables are now determined and used by the reporting module. - phplot: Updated to version 5.0.4. - Attributes are now preselected on a field level to not mess up with them. Contrains are defined in the data description init_db.php. - Cross entries: May now only be created using the cross entry select box. Changes to the cross entries by updating the record remain possible. - Removed option "Show all rows" Added Features - cli_send_reminders.php -- Send birthday notifications (html) to selected persons. Persons are made selectable by setting the "notifications" flag -- Send reminder notifications (text) to selected persons, not only to the originator. Persons are made selectable by setting the "notifications" flag - search.php: Added filter status display per table and a link to delete all filters - insert.php: Added button to insert yesterday's date - Table "persons": -- Added second e-mail address - Table "reltypes" -- Added relation type "Send message to". Initially used to send birthday notifications to selected persons and reminder notifications to persons. - Added session variable "CurrencyCode" to enable adapting to any currency - php_lib.php: -- Enhanced DefineLdapAction() to add non existing entries even if they already should exist. This status may happen when an LDAP entry has been deleted using external tools or if a new and thus empty LDAP database has been created. ----------------------------------------------------------------------------------------- [IV.14] Release 2005-11-13 Corrections - insert.php: Fixed wrong number of form name that lead to broken transfer function in the calculator. - details.php: Fixed broken "Edit" link when strReturnURl was not initialized. - details.php: Total of related transactions now correctly formatted as currency. - dtaus_export.php: Fixed function AppendFillerToString() not to append twice. - ObjectTurnoverHeader(): Fixed placement of graph symbol. - ComputeAge() now correctly treats null values as date of birth. Changes - Redesigned date period selection and check: Now encapsulated in a PHP5 object class "DatePeriodSelection". - Redesigned relations extraction: Now encapsulated in a PHP5 object class "GetObjectRelations". - insert.php: Cross entries are now initialized with an empty denomination and the actual date. - insert.php: Amount and destination object are now directly set in the environment instead of passing them via the URL to avoid tampering the URL. - Added parameter $strMode to GetObjectName() to control the output format of person names. - DTAUS export of transactions: Introduced new status field dtaus_status to separate attribute select from current status (like with ldap_status) Added Features - Added table "reminders" to enter single or recurrent events. Reminders are displayed on the home page. - Added CLI script "cli_send_reminders.php" to be run via cron. Checks all reminders and sends e-mails to source objects of active reminders. It is recommended to create a special MYSQL user for this script that is only allowed to read the reminders table. - graph.php: Graph now also offered in the "paid for" report. Therefore multiple filters (e.g. on person and category) are now supported. All filters are displayed in the graphs header. - ViewResult(): -- When setting various filters, now each of them may be unset using the unfilter icon in the columns header. The funtion bar icon to delete all filters is not affected by this feature. -- Added field attribute "auto_filter" to directly set a column filter clicking on a value in a cell. - graph.php now also considers category groups. ----------------------------------------------------------------------------------------- [IV.13] Release 2005-05-15 Corrections - insert.php, save.php: Categories and relations may now be properly deselected using the introduced "Deselect all" option. - DisplayFieldName(): Field names are now correctly displayed even when a sub view name is cached that does not match the table of which an entrys' details are to be displayed in nested mode. - insert.php: Number of selected categories and relations is now correctly displayed. - By increasing the error message level to "notice", all minor issues have now been fixed. Changes - insert.php: Revised and thus accelerated code to mark relations. - Tested with PHP version 5: Runs without modifications. Further development (especially OOP) will be focused on PHP5. ----------------------------------------------------------------------------------------- [IV.12] Release 2005-05-08 Corrections - The delete filter option in ShowResult() now also correctly resets a filtered category - The intShowSQL option is now kept until switched off - The data description of table "banks" has been fixed the way details are now displayed correctly and new entries can be added - Fixed treatment of null value filter in AppendAdvancedSQLFilter() - Fixed missing transaction descriptions in DTAUS files when exporting transfers to persons - The data description of the sub views "transfers" and "tax return" of view "transactions" has been fixed - Added html content header "utf-8" to all pages generating visible output Changes - Transaction ID included in global search to find transfers when the ID is transmitted to DTAUS and thus displayed within the home banking program or printed on the account report. - Superseded function GetObjectIDtoCategory() by function GetRelations() leading to compressed code. - Extension to function GetRelations(): Added mode 'R_SQL' to return an SQL WHERE clause - Use of single quoted strings where possible to speed up interpretation. - Continued transition to hungarian notation. - Superseded global variables $_SESSION['arrCID'] and $_SESSION['arrRID'] by the respective variables within the data description. - The categories report now correctly shows standing order nummbers and spendings for the time period selected. - Reworked und thus compressed code in save.php. - Modified data description of tables banks, cities and countries to ensure unique entries. Added Features - Added note regarding known issue with preselections within reports. - The institutions report now offers a multiple select field to prefilter the institutions to be displayed. This offers direct visual comparison of selected institiutions and avoids long response times due to processing hundreds of entries. - Introduced bar chart functionality to visualize transactions and turnover over time in selected reports using PHPLOT v5.0. Chapter [II] has been extended regarding this. - Introduced global variable $_SESSION['strSingleIdiom'] to init.php to set single language mode. In this mode, a fixed environment language is used and all multi language name fields are filled with the expression given in the single language name field to avoid null values in not null fields. ----------------------------------------------------------------------------------------- [IV.11] Release 2005-02-05 Corrections - Also fragments of amounts are now marked correctly when filtered. - The print view of view.php now returns to any page that called it. - Corrected display of headers in reports when details are selected. Changes - The print view now shows a neutral page header containing the table name if a non commercial (sub) view is detected. If a commercial sub view is filtered by a category, this category is appended to the header. - The print view now acts as WYSIWIG the way it displays exactly the filtered elements in the selected order. - Style elements are now continously used throughout all views and reports. - init.php is now split into an system part init.php and a database/data description part init_db.php. All instance related variables are located in init.php so the data description init_db.php may easyily be updated without having to adjust instance specific variables. Added Features - Introduced advanced filter option (new function AppendAdvancedSQLFilter()). Filters may now be combined per field using the following operators: < (less), > (greater), ! (not), && (and), || (or). Also = (equal) is interpreted but normally not needed. To filter all non empty values, use "!null". When using < or > with dates, enter the whole date (YYYY-MM-DD). Only filter values operated as LIKE and "=" are highlighted in the result. - Added category filter to view.php. If a commercial sub view is detected, only commercial categories are offered for filtering. - Added optional field "reference" to table transactions. This field may be used for invoice numbers or other reference identification information. Note to update your copy of init.php. - Added parameter "mandatory" on a sub view field level to make fields be treated as NOT NULL in certain sub views even if table field is a NULL field. Note to update your copy of init.php. ----------------------------------------------------------------------------------------- [IV.10] Release 2005-01-23 Corrections - Fixed several logical syntax mistypes in dtaus_export.php due to code compression leading to import errors when exporting transfers to institutions. - Icon (arrow) to reset sort and order now also displayed in sub views. - Added missing INSERT statements for mandatory entries in table reltypeid to housekeeping.sql. - Fixed field order of INSERT entries for table entities in housekeeping.sql. - Removed superseded tables "members" and "relcatgroup" from housekeeping.sql preserving the respective entries in table "entities" for backward compatibility (integrity of entity IDs). - Relation type entries added to housekeeping.sql. Changes - Compressed CSS syntax. - Standardized function names to mixed case in php_lib.php. - Continued standardizing variable names to hungarian notation in php_lib.php. - Redesigned code to display table headers of views in ShowResult(). - Quickbar now expandable to display more tabs. - National entity names added to "entities" table to harmonize dynamic SQL generation. Added Features - New views and sub views defined within init.php are now automatically added to the views select in home.php. - Added countries view. - New script view_export.php to add page CSV export option. Note that special characters in the header row are not correctly decoded from unicode and thus not displayed correctly in the export file. The export file is cached on the server for download(s) and deleted on closing the download window. The directory to cache export files to is set within init.php (new parameter that defaults to ../export/). Note that the process/user/group running the web server needs read/write permissions to this directory in order to store export files. If for some reason (e.g. closing the download window not using the "close" link) cached orphaned files remain in the export directory, their number is displayed in the administration section of home.php together with an option to delete them. The updated directory structure is now as following. - Required/recommended directory structure: htdocs root |_ housekeeping | |_ export | |_ include | |_ img |_ css |_ img |_ include - New function BuildView() created that completely builds up SQL statements to be passed to ShowResult() based on the data description in init.php. BuildView() supersedes the functions ShowTransactions(), ShowInstitutions(), ShowStandingOrders() and ShowPersons(). It is now possible to use a different filter expression on the same table field per sub view. Views using target tables are now only comprehensively displayed as sub view ("general"). As a consequence, only sub view field titles are displayed in details.php and insert.php if a sub view was selected. - To enable a complete description of the data used by BuildView(), the new parameter "advanced_filter" was introduced on a field level to cover complex SQL WHERE clauses containing formulas or comparisons other than "=". - To enable a complete description of the data used by BuildView(), the new parameter "join" was introduced on a field level to cover INNER and LEFT OUTER joins. - To enable a complete description of the data used by BuildView(), the new parameter "join_table" was introduced on a field level to cover joins to foreign key tables that are by themselves joined to the source table of the foreign key. - Added new notes to the notes section at the bottom of this file. - Improved documentation within init.php. - Introduced index to this file. ----------------------------------------------------------------------------------------------------------- [IV.9] Release 2005-01-04 Corrections - First week of year correctly displayed when the first day(s) in January belong to the last week of the previous month. - SQL error "Unknown table in WHERE clause" when jumped from a sub view ordered by a foreign key field to a view that does not contain this column. Changed Features - Sort and order are now cached per view and per sub view (like yet previously the filters). You may now jump from any view or sub view to any other and cached sort and order information will be applied. - Style sheet refined with regards to alignments, borders and margins. - Function bar also applied to view_table.php. ----------------------------------------------------------------------------------------------------------- [IV.8] Release 2005-01-03 Corrections - Saved user page length was not get if search.php was the first page showing a view after logging in. The saved page length is now initially loaded in home.php. Changed Features - Moved page length select to a redesigned consolidated function bar and distributed the functional links to one column each in ShowResult(). Added Features - Page Length now also settable in options section on home page. ---------------------------------------------------------------------------------------------------------- [IV.7 ]Release 2005-01-02 Corrections - Calendar now correctly returns date when used in update or copy mode. - Calendar now correctly caches the year when the month navigation links are used. Changed Features - New chapter "Notes" introduced at the end of this document. - Functional links "details", "copy" and "update" now compressed (without text, but title on mouse over) in a one line cell within view.php. - Logged on user now displayed with full name on the right of the Quickbar. Added Features - Quickbar to quickly access frequently used links (search, views, sub views and reports). Quick access tabs can optionally be toggled (new "options" section on home page). The language select icons always stay visible. - Added field "quickbar" to table "persons" to save quick access status on a per user basis. See housekeeping.sql for details. - Added variable "strQuickBar" to cache quick access status. Recustomize your local copy of init.php if you want this documented. ---------------------------------------------------------------------------------------------------------- [IV.6] Release 2004-12-31 Changed Features - Extended TINYINT(1) columns to TINYINT (0 to 255) as attribs and entities approximate the 10th entry. See housekeeping.sql for details. - Extended columns "persons.page_length" and "standingorders.period_m" from INT(3) to SMALLINT. See housekeeping.sql for details. - Shrinked column "taxrates.name" from SMALLINT(3) to TINYINT. See housekeeping.sql for details. Added Features - Added attribute columns "private" and "commercial" to table categories. This way categories are preselected in views and sub views. See housekeeping.sql for details. - Added attributes "table_alias" and "apply_filter" to field descriptions in init.php. This enables you to map any field to another tables field even if this multiple fields with the same name are used. Entered filter expressions can now be routed to other tables fields on a field by field basis. See init.php for detailed information. Recustomize your local copy of init.php. - Added calendar control (calendar.php) to graphically select any gregorian date. ----------------------------------------------------------------------------------------------------------- [IV.5] Release 2004-12-26 Corrections - Input field "Depreciation Period" now ommitted in transactions view. It remains editable in the "Company"_spendings view. - Fixed strViewMode and strViewTable settings in ShowResult() and search.php, so that return URLs are correctly passed to insert.php and save.php. - strSubView deleted in search.php so only native tables can be viewed. - Fixed "Error GetEntityID: No ID found for entity" when copying an entry from within the detailed view in search.php. - Fixed age calculation on birthday list on home page when the outlook period overlaps a year change. - Fixed "Error ViewTable() query 1: SELECT * FROM" when no view mode URl-parameter is passed to view_table.php now the table stored in strViewDetails is used. - The "Browse Table" link on the details.php header is now suppressed when details.php is called directly from the home page. - Fixed birthday outlook in home.php: Preview period expanded to 30 days and the age is now correctly displayed when the birthday is the actual day. - Fixed SQL error in view_table.php when no table was passed and strViewDetails was used, which also could be empty. Added Features - Added field "r_date" (receipt date) to table "transactions". It is used to track payment receipts. - Added view "Due Invoices" to handle overdue payment receipts. - Added warning message when SQL field list contains a white space character, which causes ShowResult() to leave the header name as well as the filter field. Changed Features - Report "Tax Return" shifted to views list as it is basically a pre-filtered view. - Report "Transfers" shifted to views list as it is basically a pre-filtered view. - Table "attribs" added to "Browse Table" list to be able to maintain the attributes via the GUI and to ensure that special characters can be searched. For inserted entries in table "entities" see housekeeping.sql. ----------------------------------------------------------------------------------------------------------- [IV.4] Release 2004-12-18 Corrections - SQL Error "unknown table in order clause" fixed when viewed table was changed and the new table did not contain the column to order by. - Fixed SQL script housekeeping.sql to insert reference entries for tables and attributes. - Time stamp fields are now formatted correctly in the print view. Changed Features - Changed to more defensive color scheme featuring grey and light blue. ----------------------------------------------------------------------------------------------------------- [IV.3] Release 2004-12-12 Corrections - Deleting the search phrase now also works in view.php. - Fixed deleting LDAP institution entries ldap_sync.php. Added Features - Search phrase displayed in magniclass title (delete search phrase) in ShowResult(). - Global search now includes temporary tables in views transactions and standing orders (source, destination and for objects). - Global search now includes city and country names in persons and institutions view. - Tabindex set in home.php (top down) and initial focus set on search phrase input field. ----------------------------------------------------------------------------------------------------------- [IV.2] Relase 2004-12-11 Corrections - Relation type ID in Show_Result() now correctly displayed as integer. - Number of outbound relations now displayed correctly in insert.php when update or copy mode is used. - Amount of related standing orders now displayed correctly in details.php. - Row color now toggled correctly within individual report in report.php. - Number and amount of standing orders now displayed correctly within the individual report in report.php when a category group is selected. - Fixed calculation of spending periods in spending orders in StandingOrderSpendings(). - Fixed syntax errors in housekeeping.sql. Added Features - Path to PHP as well as JavaScript libraries now settable as parameter within init.php. - Path and name of cascaded style sheet (CSS) to use now settable as parameter within init.php. ----------------------------------------------------------------------------------------------------------- [IV.1] Release 2004-12-04 - Initial release. ---------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------- [III] Resolved Bug History - [B0153B,2023-10]: Reports: selecting multiple objects an empty selection is passed to the report -> added implode() comma separator (was empty, which is the default) - [B0152B,2023-09]: Occasionally, JavaScript keyboard shortcuts are triggered when just a single modifier key has been pressed -- status 2023-10-03: Editing an entry while using US keyboard layout, pressing Ctrl + [ triggers "back" (see https://support.mozilla.org/en-US/kb/keyboard-shortcuts-perform-firefox-tasks-quickly). Meanwhile in Firefox most of the key combinations are reserved by the browser. Changed shortcuts.js from "if" to "else if" clauses to avoid unnecessary checks. -- status 2023-11-15: Has no longer occurred so far - [B0151B,2023-08]: ajax_entry_selector.php: error message on appending a hash (#) to a search expression -> filter => introduced array of invalid filter characters. The moment one it is entered in a filter field, a sliding message is displayed - [B0150C,2023-07]: view.php: table performance: sort column is not preserved on paging or when returning from paging => sort column was only cached for sub views - [B0149C,2023-06]: copying or editing an entry which is a cross entry, the referenced entry is shown, but not pre-selected, which makes it lost on saving -- Status 2023-06-09: not reproducible in version 47 - [B0148C,2023-03]: For long scrolled entries, the copy option is not displayed, just edit => added copy property to JSON array - [B0146B,2022-08]: Calculator: exception on result => as the calculator requires insecure JavaScript evaluations, it has been removed - [B0144B,2022-06]: home.php: opening view "object relations" runs into an SQL error => adjusted data description to introduction of relation classes. Completely reworked refresh of lookup table relparties - [B0143B,2022-06]: Dashboard: clicking on an object, details.php shows exception that environment context "dashboard" cannot be found => details.php: set search context of dashboard to report in any case, not just in nested mode - [B0142C,2022-06]: Dashboard opens nested, not zoomed details. Zoomers are not closed on mouseout => Adjusted creation of header, added Javascript event library - [B0141B,2022-06]: Deleting the last category of an object an exception is thrown: El objeto consultado no existe (#10021): class => categories, id => 0. See city ID 336 and bank ID 166 => not reproducible once having patched [B0140B,2022-06] - [B0140B,2022-05]: insert.php: on creting a 100% cross entry, the following message appears: Debug level 0 message from UserInterfaceSelectBox::DisplaySelectBox:1405: General multiple select branch => legacy? As well, a cross entry relation is not created, but instead, a FOR person is preselected => Revived environment context for passed cross entries, as (currently) not covered by ObjectRelations => Corrected check on database values of for_eid and fid from EMPTY to NULL => Removed lehacy hint as branch is perfectly valid. - [B0139C,2022-05]: institutions: incoming transactions are no longer filtered => added separation of of table and view name to reliably recognize the query string - [B0138B,2022-05]: Long scrolling ignores local filters (and potentially order) => set filter flag before launching the request - [B0137C,2022-04]: View tax return: long scrolling does not consider column order => added consideration of sub views to AJAX receiver - [B0136C,2022-03]: Data view does not trigger a change to reset the page number to 1 when changing the category filter => added switch property to memorize category change - [B0135C,2022-03]: calculator.php: Uncaught ReferenceError: WindowResizeActions is not defined onresize ...include/call_calculator_stub.php?form=update&element=amount&return=1:1 call_calculator_stub.php:1:12 => included Javascript overlay library - [B0134C,2021-12]: search.php: filter icon not shown even if local filter has been applied => restricted application of filter expression to table it has been applied to by including the table name in the request - [B0133B,2021-11]: persist.php: when deleting all relations of a specific class of an object, a relation to ID 0 is persisted, which leads to an exception on subsequent loads => when selecting a non-integer value (e.g. "null"), the selected value 0 is passed, which will delete all relations of the given class - [B0132B,2011-11]: insert.php: on copying an entry, categories (and maybe other relations) are not inserted => on copying, arrays of existing and selected relations were the same => no inserts. => in insert mode, reset array of existing relations before populating the array of selected relations - [B0131B,2021-11]: ObjectRelations::CountObjectsToCazegoryGroup(): the result of getting objects to categories (of a category group) is no longer correct => the introduction of relation classes has led to multiple hits of the very same target object in case it was assigned to multiple categories of a category group => added DISTINCT to COUNT statement - [B0130B,2021-08]: details.php ignores read only attribute in entity description => replaced check on report by check on read only attribute of entity - [B0128B,2021-05]: details.php on transaction 7209: exception #10019 on intObjectId -> integer -> 0. GetObjectName() (of source person) -> ExtractObjectName() after having opened the attachment -- Status 2021-09-04: not reproducible. Likely fixed by introduction of relation viewer - [B0127C,2020-11]: overlay_lib.js: PopUpOverlay(): link at magnifier always refers to first zoomable image (maybe due to fixed link id) => provided zoom link with dedicated ID and update its href attribute on popping up the overlay image - [B0126B,2020-10]: insert.php: trying to reuse a trashed record its values are not loaded and thus it is effectively not reused => set primary key of first reusable entry as update ID - [B0125B,2020-04]: persist.php: if a FOR object is deleted from an entry, the corresponding entry of the lookup table is not updated => Added condition to set deleted values to NULL - [B0124B,2020-02]: Time period selections are no longer considered in reports => recovered property name check revealed wrongly cased name - [B0123B,2020-01]: SQL exception "Column 'name_es' in where clause is ambiguous" when auto-filtering a institution country in the category report => recovered insertion of mapped/ joined table name - [B0122C,2020-01]: (At least) institutions report: when opening a bar chart and subsequently changing the page length of the embedded view, the following error occurs: "Error bar_chart.php: No object ID passed to refer to" -- Status 2020-03-17: The chart icon is no longer inserted on refreshes of the selection => fixed conditions for setting $boolShowGraph - [B0121B,2019-12]: insert.php: categories are not refreshed on copy -- Status 2019-12-31: not reproducible after re-login - [B0120B,2019-11]: insert.php: changing the cash select no longer toggles the export select => simplified PHP rules code by slightly expanding PHLEX.Element.DisplayDependentElement in order to reset value of depending column to its default - [B0119B,2019-11]: Switching from performance view to transaction view the order column is not refreshed => Unknown column 'performance.creationdate' in 'order clause' => On sorting no table and view name were passed. Added table name and complemented SessionVariables::CheckAndSetViewName() to fall back to the standard view if nothing else is provided - [B0118B,2019-09]: Exception on creation of a cross entry => restored saving pre-selection on cross entry actions - [B0117C,2019-04]: Returning from details by clicking on "Browse data view" the right view is selected only on the second try (example relobjobj general view) => Same cause as [B0119B,2019-11]. See there - [B0116C,2019-04]: Views on table relobjobj: generate different references to reltypes despite equal definition in data description => deleted reltype column from both views to ensure they are not mixed up. As well, the column has been removed from the look-up table as not needed - [B0115B,2019-03]: Cached number of rows is not updated when another client has inserted rows => get total number of rows also in cached mode and get more expensive updates only if it differs from the cached one - [B0114B,2019-03]: SQL error on resolving cross entries => inserted whitespace, adjusted columns to lookup table - [B0113B,2019-01]: Search hits containing special characters no longer marked => convert search expressions to HTML entities before trying to match - [B0112C,2018-12]: ClassInformation: @version information from class docblock is not considered. If "Unkown" is set as version, it is output as effective class version => added evaluation of class's date properties, introduced filter on "Unknown" and "See methods" - [B0111C,2018-12]: QuickBar tab looses focus when entering details for most object classes (e.g. institutions) while it is kept for others (e.g. reminders) => adjusted conditions for highlighting in widget - [B0110B,2018-11]: Category report: error "Severidad: Error. Ámbito: Argumentos. Mensaje: Invalid save table ID passed: undefined. Ejecución del programa terminado" on switching category scope => removed fork to check for transfer select as category selector not yet used - [B0109B,2018-11): details.php: ratings shown at the bottom (instead of right) when opened in chained mode => open section also in chained mode - [B0107B,2018-10]: Ratings filter not considered when returning to view.php => considered caching rating level - [B0106B,2018-10]: Exception on session timeout with unset intObjectID on demo instance -- Status 2018-11-01: not reproducible after initial login on helix -- Status 2020-04-21: considered not a bug - [B0104B,2018-10]: "Unhandled state" message on opening the "transfers" report => shifted existence of POST variable "rating" to general level - [B0103B,2018-02]: view.php: NLS name columns hidden from view => db_lib.php::SearchCapabilities: moved forward call of table property loader from SELECT creator to local search caller in order to ensure properties are available as early as possible - [B0102C,2018-01]: on inserting an entry a default value is not evaluated for hidden rows => added cross check between both affected columns - [B0101B,2018-01]: assigned subscribers not correctly marked in subscriber select box => checking correct environment context for cross entries - [B0100A,2017-12]: insert.php: value error causes entries not to be stored in insert mode => added column "export_status" to array of non-editable columns - [B0099B,2017-12]: export_transfers.php: exception on unassigned bank (see dump 20171218_2018xx) => only try to load bank if it is assigned - [B0098C,2017-12]: Versions 36+ break fixed table header => superseded by CSS3 sticky position - [B0097B,2017-05]: insert.php: Export option not shown even if cash is set to "no" => added resolution of dependent value on load - [B0096C,2017-04]: When copying an entry in a (unique) table it has been observed that a unique violation error was displayed and subsequently a trashed record was loaded as in this case the persister currently cannot remember copy mode => hold copy mode in environment until record has been successfully persisted. => Always access the first element of the relation insert diff array, even if it's key is not 0 - [B0094B,2017-02]: phlex_version.php: PHP version exposed also on production => inserted condition - [B0092B,2017-02]: DisplayViewSelectBox(): Company sub views inserted even if company ID not set => reworked logic - [B0091C,2017-01]: php_lib.php: Log file writer uses HTML line breaks => hard-coded file-based new lines - [B0090C,2017-01]: view.php: Filter not ignored once when emptied => inserted reset of saved filter value - [B0089B,2017-01]: Exception dumps array also on production instance => inserted condition - [B0088B,2017-01]: view.php: Unrecognized function on selecting prescan entry => completed refactoring - [B0087A,2017-01]: search.php: CSRF protection prevents search form from being opened => check token only on submit - [B0086B,2017-01]: details.php: Exception as home context is not found when zooming persons on home.php => don't set local search string in zoom mode - [B0085B,2016-11]: XML import cannot write to DB (audit) as "'" is used instead of """ in statement => corrected statement - [B0084C,2016-11]: Detailed view offers editing even when called from report. Should be read only => used current context to set read only mode - [B0083B,2016-04]: When inserting an object in chained mode, also the edited object is inserted => Decoupled nested edit mode from original edit mode - [B0082A,2016-04]: Introduced by version 33: Target fields are not correctly reset. On update invalid values are persisted => Corrected DB scheme in order to reject NULL values for source and destination => Fixed ajax_update_select.php in oreder to correctly set names of (dependent) target selects - [B0081B,2016-02]: No message when (SEPA) export path is set to an incorrect value => added directory checkswtch - [B0080B,2015-11]: search.php, report.php: Autofiltered values are not considered on initial search => Fixed resetting filter values - [B0079B,2015-11]: Preselection filter throws exception when being called with empty selection => Fixed setting filter status - [B0078B,2015-11]: Drag and Drop does not consider permissions => Added permission check to drag & drop rules - [B0077B,2015-11]: details.php: Nested call from home.php (user details) corrupted: details.php?view_mode=viewid=125&chain=1 => Added missing ampersand - [B0076A,2015-11]: view.php: Function select box offers edit even without permissions => Fixed if-condition - [B0075B,2015-11]: view.php: When being reloaded and some (yet unknown) session parameter(s) have timed out, it is redirected to insert.php (new record) => Adjusted session timeout recognition within DIC => Status 2017-04-09: Re-opened as still occurring. Provoke by copying browser tab (once session has timed out?). Taken screenshot. => Causally fixed in version 38 (replaced requires by redirects) - [B0074C,2015-11]: Attachments: When selecting file names too long for the column, an exception is thrown => Added length check to persist.php - [B0073C,2015-11]: CSV export broken => Not a bug. Download link correctly offered at bottom of view.php - [B0072C,2015-11]: Transactions category cloud: Filter not considered by DisplayViewResult() (but works on institutions and persons) => Erranously defined property on ("general") view level of table "transactions", but read from native table definition. - [B0071B,2015-11]: Selecting a page number from the page selector in reports does not update the selector nor does it switch to the correct page => Moved current page from view mode to current context, which is less granular - [B0070B,2015-11]: UpdatePageSelect in reports does not update detailed view => Moved current page from view mode to current context, which is less granular - [B0069B,2015-11]: A specific pre-filter in a report is considered by ScrollDetailedDataView in global searches leading to empty result sets => Separated pre-filters per context in init_db_general.php - [B0068B,2015-10]: Scrolling via AJAX confuses search filters (encountered using global search filter in view) => Introduced $strCurrentContext to reliably separate the basic contexts "search", "view" and "report". Only on "search"es global filters are considered. The cuurent context is not the same as the view mode which also distinguishes modes like "print", "table" or "raw" - [B0067B,2015-10]: Exception when trying to edit object relations => Reworked DisplaySelectBox() in order to use the environment traverser - [B0066B,2015-10]: No meaningful message on undefined drop actions. Observed in search trying to drag entities to tabs => Added message to NLS modules - [B0065C,2015-09]: Global search hits are no longer marked => MarkHits() method fixed - [B0064B,2015-09]: search.php: Exception on launching global search (double AND) => Impact of the introduction of the environment traverser, search.php has been adjusted - [B0063B,2015-08]: Exception when switching language e.g. in institutions => Added missing neutralization of NLS column name - [B0061B,2015-08]: Cross entry offered in function select box also for entities not supporting an amount -- Status 2015-11-05: Not (longer) reproducible. Cross entries not provided even for standing orders => close. - [B0060B,2015-01]: search.php: Exception on filtering hits Collapsing and re-expanding the element works around this issue. - [B0059C,2015-01]: JS type error in overlay library (encountered viewing details) => Enhanced if-condition by check on TRUE - [B0058B,2015-01]: Paging through global search using AJAX, filters on entries are lost => Added missing URL parameter to AJAX script - [B0057B,2015-01]: Exception when returning to search from details - [B0056B,2014-12]: Paging reports via AJAX, un unhandles exception is thrown - [B0055B,2014-07]: export_transactions.php: Error when source entity contains "&" - [B0054B,2014-06]: Statistics do not display correct time frame (encountered using institution Telekom) -- Status 2018-11-24: not reproducible (might be due to update of PHPLOT) -- 2018-12-12: deemed to be fixed - [B0052B,2014-02]: Copying a transaction (at least), assigned categories get lost - [B0051A,2013-11]: Copying a transaction, two new entries are written while loosing the category -- Status 2014-03-05: Not reproducible -- Status 2015-09-02: Considered as being fixed - [B0050C,2013-11]: CSV export broken - [B0049B,2013-11]: SQL statement not purified when written to audit log. Test using ''' within statement - [B0048C,2013-09]: When in fixed header mode, a preselection is not evaluated => see [B0098C,2017-12] - [B0047C,2013-08]: If the table header is not fixed in view.php, form and body are not closed correctly (see FF source view) -- Status 2020-04-19: superseded by CSS float position - [B0046C,2013-07]: Local search hits are no longer marked in most fields in detail.php - [B0045B,2013-06]: Form name gets lost when paging using AJAX (hangs on busy page status) - [B0044B,2013-05]: An exception #10033 occurs when view.php is called with URL parameter like "unfilter=statement" when session has timed out. The respective posted parameters are lost, so a fall-back status is to be defined. Added home redirect to SessionVariables::SetEntityRelatedSessionVariables() in case no entity is recoverable. - [B0043B,2013-06]: Zoomers not loading content using IE 8. Introduced browser recognition in zoomer start function for a controlled suppression of zoomers. - [B0042B,2013-04]: Report "Groups of categories" runs on error trying to convert DatePeriodSelection to string -- Status 2020-03-25: category group report removed - [B0041B,2013-04]: Report "Missing categories" exceeds 30 seconds of runtime. Removed as no longer needed. - [B0040B,2012-08]: DTAUS exports are not limited to non-reusable entries - [B0039B,2012-04]: search.php: When the first action after logging in is a search, several values are not properly initialized (e.g. intPageLength) - [B0038B,2012-04]: Person statistic: When directly expanding transactions after standing orders, the image object gets null - [B0037C,2012-04]: Category statistic "Water" erranously shows one assigned person, where zero would be right -- Status 2012-04-15: The COUNT statement is not limited to non-reusable entries, which is why reusable entries are also considered - [B0036B,2012-04]: ajax_entry_selector.php: Category filters are not considered - [B0035B,2012-04]: search.php: When doing a global search, the number of hits depends on the user view columns (which control the WHERE clause). Exclude WHERE from user view columns always joining everything. - [B0034B,2012-03]: Searching just for string delimiters (', ") an error occurs - [B0033C,2012-01]: An orphaned navigation panel is displayed even when the record viewed is the only one - [B0032B,2012-01]: When repeatedly filtering attribute based values in the filter row, search criteria are concatenated leading to no hits in some cases (try searching in Spanish language). Apply htmlspecialchars(). -- Status 2012-03-25: Not reproducible - [B0031B,2012-01]: When reusing a transaction with DTAUS status "done" that is to be exported, the status is not reset to "export". Save reuse status in a local variable and handle the DTAUS status accordingly. - [B0030B,2012-01]: LDAP status not correctly set to "Delete" when an active LDAP entry ("Done") is switched to "No". Set status "Delete" (6) instead. - [B0029B,2012-01]: Role cannot be set by admin, but seems to be reset to default value when person is saved. - [B0028B,2012-01]: Details.php: When navigating in tables with a random primary key (no row with index 1), an exception is thrown when reaching the phyxically first row. Preload n+1 rows to determine whether there is a next index (and its ID) - [B0027C,2012-01]: Quickbar: Language sporadically switched only after second click on banner. - [B0026B,2012-01]: insert.php: When the page is reloaded due to an error (status 1), the form fields are not correctly filled when the values contain special characters (check unicode and html special character handling) => Status 2018-11-29: DB migrated to utf8mb4: since than not reproducible - [B0025B,2011-12]: Exception when expanding persons in search or trash as role user - [B0024C,2011-12]: In category reports an unused object class "categories" is displayed - [B0023B,2011-12]: Columns based on attributes cannot be viewed in view.php - [B0022B,2011-12]: "Print view" broken - [B0021C,2011-11]: The sid is not correctly cached in dtaus_export.php (or DisplayUIElement() does not correctly look it up) so the form element will be reset after a submit - [B0020C,2011-11]: In reports using class DisplayDataView, the user selected columns are not considered correctly - [B0019C,2011-11]: On displaying details of a bank: "Error in class::method 'ObjectRelations::GetEntityRelations': intSrcEID and intDestEID have the same value => 8. Unset or change one of the values or recreate the object before calling this method". Suppress this message as for cross entries the parameters have to be set to the same value. - [B0018C,2011-11]: "Save as CSV file" broken. Offer a download dialog. - [B0017C,2011-11]: Leaving details.php the page number selected in view.php is not saved -- Status 2012-04-06: Not reproducible - [B0016C,2011-11]: Passing an auto-filter containing an ampersand to view.php as URL parameter the string is truncated. Use urlencode(). - [B0015B,2011-10]: Still an issue with DTAUS status: When copying a transaction, the copy does not get the status "export". Work-around: Update the copy. Set and reset the DTAUS export to "no" and "yes" - [B0014B,2011-10]: Still an issue with update of temporary tables: When renaming an institution, the new name is not offered in the prescan search - [B0013C,2011-08]: Reusable transactions expanded in the "Marked as reusable" view cause script errors to occur. - [B0012B,2011-08]: Ajax entry selector offers values that do not exist in the table. Insert a JOIN statement into the used SQL statement to limit the values to the ones in the source entity. - [B0011C,2011-01]: Page length cannot be changed when a detailed data view is expanded in an ajax division element. - [B0010B,2010-11]: In some rare conditions the temporary tables are not re-initialized although they should. -- Status 2010-12-??: Work-around: Load another target table or change language to provoke re-initialization. -- Status 2010-12-29: Adjusted temporary entity update trigger to "on refresh" when a target entity is loaded regardless of the underlying condition (update, switch etc.) => to be observed. -- Status 2011-01-05: Reproducible switching from standing orders to transactions, as standing orders has less entries and is also a target entity => fixed by splitting temporary entities per view and storing an update flag in the "entities" table. Reminders promoted as target entity. - [B0008B,2010-10]: Searched columns are not adjusted when changing languages. This is most likely due to a missing temporary table update. - [B0007B.2009-04]: Initialization error in individually customizable report. Array passed to individual report which leads to a warning. - [B0009A,2010-11]: Insert.php: Multiple person options are marked as "selected" leading to incorrectly displayed and (on update) wrong entries. -- Status 2010-11-05: Not reproducible -- Status 2010-12-25: Reproducible => Fixed by introducing array position pointers - [B0006A.2009-04]: Fixed LDAP script throwing error on locating or updating persons - [B0005C,2009-01]: PHPLOT graphs in category statistics not showing correct values when being viewed in Opera. -- Status 2014-03-19: Not reproducible using current version of Opera - [B0004B.2009-01:] Relation filters: Using nested SQL queries for speeding up relation filters like categories - [B0001A.2007-01]: Script times out in function MarkHits() when using certain complex filters. Difficult to debug as no reasonable output can be generated prior to the timeout. Use database logging. -- Status 2009-01-20: Not reproducible. May have been fixed by MySQL update. -- Status 2009-06-27: Reproducible using "marktkauf && farmacia". -- Status 2010-10-30: Solved by superseding SkipMarks(). ----------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------- [II] Notes, Hints and Known Issues - Roles -- User: May create entries (but no users) and edit his or her own entries. May change his or her password. -- Editor: As user, but may also edit foreign entries. -- Administrator: As editor, but may also assign user IDs as well as roles and reset all passwords. Is displayed the administration and the options widgets on the home page. - Navigation: Bypassing the applications' integrated navigation using the browsers back and/or forward button(s) may result in display of error messages due to missing parameters sent to the server. This is a normal behaviour of form based web pages. - Multiple browser windows within the same session: As there is only one environment per session and several windows opened by a single user on the same machine belong to that very same session, it is *NOT* recommended to open multiple windows in edit mode (insert, copy or update records) as this may corrupt the integrity of data to be saved/ updated cached in the session environment. You may use several browser instances for searching/ filtering/ reporting data (=> read only). You will note that filtering or ordering data in one window will also affect the same view in all other windows. So multiple windows are only useful if you need to view/ filter/ search/ report multiple views/ reports at the same time. - Cross entries: When a cross entry request displays an error that "At least one selected entry has different categories assigned. It is marked below." the row marked is the first that has (a) different category/ categories assigned. Check the selected row previous to the marked one for comparison. - Nested windows -- When called in nested (aka chained) mode (?chain=1), details.php intentionally does not display the logged on user in the Quickbar as this opens the details view in non-nested mode which would result in a broken document chain -- When called in nested mode, details.php intentionally does not offer to edit the record as this would provoke to have several windows with contradicting update information corrupting the environment and threatening saving data that is not of integrity - Nested Filters: the global search function automatically considers all filters set on a view level, e.g. when you have filtered the persons view for a city and then enter a persons name to globally search for it, only the hits in the persons table will be displayed that also match the prefiltered city. If you are wondering about a search result, open the hits and see if an additional prefilter had been set before. If there are no hits, directly open the respective view. Filters are indicated by the crossed filter icon in view.php whereas the global search phrase is indicated by a crossed magnifying glass. - Attributes: at first glance the attributes concept may seem strange. Attributes are not binary (TRUE | FALSE or YES | NO or 0 | 1) but integer values that are mapped to national language names of the represented attribute. Thus attribute 1 does not mean TRUE or YES, but something else. This makes it possible to create and use any fancy attribute that best expresses a need, for example "new", "update", "done" or anything else like "sometimes", "best" or "green". Most of the attributes are used internally (status information) and cannot be set via the user interface. Attributes are preselected on a field level ("constrain") for the user to not mess up with them. - Relations: similar to attributes, relation types may be freely defined (although they are currently not manageable via the GUI). As any relation has two bounds (inbound and outbound), the convention is that the outbound view (source to target) is interpreted as "is", whereas the inbound view (target to source) is interpreted as "has". -- Examples Member: outbound => source object is member of destination object (aka membership), inbound => destination object has source object as member Subscriber: outbound => source object is subscriber to destination object (aka subscription), inbound => destination object has source object as subscriber Assignment: outbound => source object is assigned to destination object, inbound => destination object has source object assigned -- Cross entries: in the editor, mind the relation title. It is called "Is cross entry", so if you assign a cross entry object to the object edited, that object "has" the object edited as cross entry Special notes on - LDAP synchronization: mind that the key to an LDAP entry is its distinguished name (DN) that comprises the context and the full name of the object. As a consequence, if you update the full name of a synced object it will no longer be found in the directory and instead be created with the new DN. This will leave an orphaned directory entry that you will not be able to delete using this application. Instead you will have to use another CLI or GUI LDAP client to delete the entry. To avoid this situation, first remove an entry from the directory ("Delete" attribute) before updating its full name. After having removed the entry, update the full name and then recreate the updated entry in the directory ("New" attribute). -- To mark a person or institution for creation in the directory, set the "Yes" attribute. When this entry is updated within the application, its status will be changed to "Update" to mark this entry for being updated within the next sync. If the entry is synced, the status attribute is set to "Done". To remove an entry from the directory, set the "No" attribute. If you copy a person or institution that is synced, the ldap_status flag of the copy will be reset to "No", so if you do not reset the LDAP synchronisation flag to "No", the copied person or institution will be created and synced. - Float numbers: amounts are displayed in locale format. When filtering, mind that invalid locale float numbers will be converted to valid ones, which might seem strange, e.g. 1. English: filtering for "6,2" will convert to "62", filtering for "6.2" will match all amounts containing (the string) "6.2" 2. Spanish: filtering for "6.2" will convert to "62", filtering for "6,2" will match all amounts containing (the string) "6,2" Locale thousands separator is supported, e.g. 1. English: filtering for "2500" as well as "2,500" will match all amounts containing (the string) "2,500" 2. Spanish: filtering for "2500" as well as "2.500" will match all amounts containing (the string) "2.500" - Phone number entries: when entering phone numbers, mind that the following numbers do not need to be entered in canonical format as it will be derived from the country code and city code -- Persons: Home phone and home fax, -- Institutions: Phone and fax. All other phone numbers need to be entered in canonical format as their city/network codes may differ from the home city. - Entries preselected in a view when entering a report: preselect filters are stored as an array of primary keys. So if you enter a report and expand an entry to see its transaction list, the entries previously preselected in a view will be shown even if they do not match the reported entry's criterion. As preselections are a legal operation also within reports, there is no simple fix for this behavior. The workaround is to reset possible preselections made in a view prior to entering a report. - SEPA-XML export -- Mind that exports are made in the national language selected by the user -- Mind that exported transfers need a valid entry for a credit agency and an IBAN. If one or both of these entries are not set, the entry will not be selected for export even if the export attribute indicates that. The exporter output respective messages. -- To mark a transaction for export, set the "Yes" attribute. This will unhide the export type select and set the export status to "Export" on insert or update. Once exported the status will be changed to "Done" to avoid multiple exports of the same transaction. Mind that when copying a transaction that has already been transferred (export status = "Done"), it is assumed that the copied transaction is also intended to be exported. Therefore the export status will be reset to "Export", so if you do not set the export flag to "No", the copied transaction will be exported, as well. -- Recent versions of the Housekeeping application allow to re-export the very same transaction without copying the same. To do that, click on the refresh icon right to the "Done" status. -- It is possible to reset the export status flag back to "Export" as long as the current export status is "No" by (re)setting the export flag to "Yes". If you erraneously exported a transaction and want to correct the exported result, it is recommended to import the export file into your home banking application and adjust the wrong values there before transferring the transaction. After that, within the Housekeeping application, you can easily adjust the wrong values using the edit function. -- The logic of the export status is as follows --- Default export status: "No" (1) --- New record with export status set to "Yes" (2): "Export" (7) --- Copy with export status set to "Yes" (2): "Export" (7) --- Update with export status set to "Yes" (2) and update status "No" (1): "Export" (7) --- ... else export status = "No" (1) --- dtaus_export.php processes all records with export status set to "Yes" (2) and export status set to "Export" (7). After processing the affected records are set to export status "Done" (3). - The concept of target entities: some kinds of relation between objects may link source and destination objects out of the same table or out of different tables to each other. As these objects may have the same object ID (when in different tables), pairs of entity ID (EID) and object ID (SID, DID or FID) are used to uniquely identify source or destination objects. For example a transaction (a debit or credit note) may link a source (paying) person to a destination (receiving) institution, but also to another destination (receiving) person. The same may happen for two institutions, one (the source) paying an amount to another (the destination). Tables that hold valid objects for a given relation are called target entities for that relation. In the example used above, persons and institutions are target entities for transactions. Another example is standing orders. - (Sub) views realized using lookup tables -- As (depending on the application) basically no DB inherent views are used, views are realized using comprehensive JOIN statements created at runtime. This makes statements slow. In order to compensate part of that cost, lookup tables are used that hold parts of the resolved (de-normalized) joined information. These lookup tables are updated on INSERT and UPDATE requests in a way that only the lookup tables that are linked to the native table are updated. The lookup tables relevant to NLS hold the entries of the active language only, so switching languages will initiate a refresh of all affected lookup tables. -- Message stating that columns are suppressed because a view has been deleted. This is caused by renamed or deleted columns stored in a user view definition. In order to rectify, open the view configurator and redefine the view. - IDE -- (Informational): The application is developed and maintained using the Eclipse IDE (plugin PDT) and XDebug. - SOAP (legacy) -- Do not use whitespaces in element names - Javascript -- In order to reload updated Javascript libraries, load the home page of the application and press Ctrl + F5 - Notation -- As PHP as well as Javascript are only weakly typed, PHLEX uses Hungarian notation meaning that type hints (mnemonics) are provided as part of variable and class property names -- The Hungarian notation is used camel cased meaning it starts lower case and capitalizes each word, e.g. strFormName, which tells that the name of a form is to be provided as string. See https://en.wikipedia.org/wiki/CamelCase -- As classes inherently bear the "cl" (class) type, the same is ommitted leading to capitalized class names, e.g. ClassName. Such notation is also referred to as Pascal case (or upper camel case) -- As functions and methods/members inherently bear the "fc" (function) type, the same is ommitted leading to Pascal cased names, e.g. FunctionName() or ClassName.MethodName() respectively. This is also true for getters and setters. As function and method names are case-insensitive in PHP, callers could also use camel cased function names like getProperty() or setProperty( $strPropertyValue ) as known in (for instance) Java - References -- PHP: http://www.php.net -- Javascript: http://www.w3schools.com/jsref/default.asp (mind copyright!) ---------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------- [I] Basics / Requirements - Note that the start page is "login.php", not "home.php" - When creating the database, note that the housekeeping application works in unicode mode, so set the default character set to utf8 or utf8mb4. As MySQL changed the handling of character sets with version 4.1, this version or above is required, or MariaDB. - PHP 7.4 is required. Compatibility with PHP 8 has not yet been tested. - The following PHP modules are required -- calendar -- ctype -- curl -- dom -- fileinfo -- gd -- iconv -- json -- ldap -- mbstring -- mcrypt -- mysql -- openssl -- pdo -- simpleXML -- soap -- tokenizer -- xmlreader -- xmlwriter - The application is developed against a register_globals check which is why no global variables are used (and thus no compatibility modes are required). - Permissions: The application supports role attributes. The database connector ensures that no vital entries can be deleted using the GUI. - To use PHPLOT, an installed GD Lib 2 is required. - Required/recommended directory structure: htdocs (web document root) |_ inftec | |_ ajax | |_ css | |_ img | |_ phlex (core framework files) | |_ include | |_ log | |_ housekeeping (PHLEX application) | |_ attachments | |_ include | |_ img | |_ log | |_ - The location of the (general) libraries in htdocs/inftec/include is the basis for relatively allocating all other directories within "inftec", hence it is *NOT* recommended to change the structure below the "inftec" directory. - The name of the "inftec" directory may be changed. - The inftec/img directory holds general navigation images which may also be used by other applications. - The inftec/css directory contains the general css stylesheet(s) which may also be used by other applications. - The inftec/housekeeping/img directory will hold your photos/images linked to housekeeping database objects. - The inftec/housekeeping/include directory holds the environment files specific to the housekeeping application as are data descriptions and national language support modules. Edit the file "init.php" to reflect your local environment where advised to do so in the documentation included in the file. - The inftec/ajax directory contains the (calling) Javascript functions as well as the (called) PHP modules which may also be used by other applications - The log/ directories hold exception dumps or import/export logs. In order to write to them, the web server requires "rwx" permissions ----------------------------------------------------------------------------------------------------------------------------- End of readme.txt