Merge remote-tracking branch 'origin/support/2.13.0' into support/2.14.0

Author: btry

inc/field/filefield.class.php

@@ -133,7 +133,7 @@ public function moveUploads() {
       foreach ($this->uploads["_$key"] as $index => $document) {
          $document = Toolbox::stripslashes_deep($document);
          if (is_file(GLPI_TMP_DIR . '/' . $document)) {
-            $prefix = $this->uploads['_prefix_formcreator_field_' . $this->question->getID()][$index];
+            $prefix = $this->uploads['_prefix_' . $key][$index];
             $answer_value[] = $this->saveDocument($document, $prefix);
          }
          $index++;
@@ -189,7 +189,7 @@ public function saveUploads($input) {
       foreach ($input["_$key"] as $document) {
          $document = Toolbox::stripslashes_deep($document);
          if (is_file(GLPI_TMP_DIR . '/' . $document)) {
-            $prefix = $input['_prefix_formcreator_field_' . $this->question->getID()][$index];
+            $prefix = $input['_prefix_' . $key][$index];
             $answer_value[] = $this->saveDocument($document, $prefix);
          }
          $index++;

inc/formanswer.class.php

@@ -1394,7 +1394,7 @@ public function parseTags(string $content, PluginFormcreatorTargetInterface $tar
          $name = '';
          $value = '';
          if (PluginFormcreatorFields::isVisible($question, $this->questionFields)) {
-            $name  = $question->fields['name'];
+            $name  = __($question->fields['name'], $domain);
             $value = $this->questionFields[$questionId]->getValueForTargetText($domain, $richText);
          }
 

inc/targetchange.class.php

@@ -32,6 +32,7 @@
 use GlpiPlugin\Formcreator\Exception\ImportFailureException;
 use GlpiPlugin\Formcreator\Exception\ExportFailureException;
 use Glpi\Application\View\TemplateRenderer;
+use Glpi\Toolbox\Sanitizer;
 
 if (!defined('GLPI_ROOT')) {
    die("Sorry. You can't access this file directly");
@@ -666,7 +667,7 @@ public function save(PluginFormcreatorFormAnswer $formanswer): ?CommonDBTM {
       ];
       foreach ($changeFields as $changeField) {
          $data[$changeField] = $this->prepareTemplate(
-            $this->fields[$changeField] ?? '',
+            Sanitizer::unsanitize(__($this->fields[$changeField], $domain)) ?? '',
             $formanswer,
             $changeField == 'content' // only content supports rich text
          );

inc/targetproblem.class.php

@@ -32,6 +32,7 @@
 use GlpiPlugin\Formcreator\Exception\ImportFailureException;
 use GlpiPlugin\Formcreator\Exception\ExportFailureException;
 use Glpi\Application\View\TemplateRenderer;
+use Glpi\Toolbox\Sanitizer;
 
 if (!defined('GLPI_ROOT')) {
    die("Sorry. You can't access this file directly");
@@ -185,7 +186,7 @@ public function save(PluginFormcreatorFormAnswer $formanswer): ?CommonDBTM {
       ];
       foreach ($problemFields as $problemFields) {
          $data[$problemFields] = $this->prepareTemplate(
-            $this->fields[$problemFields] ?? '',
+            Sanitizer::unsanitize(__($this->fields[$problemFields], $domain)) ?? '',
             $formanswer,
             $problemFields == 'content' // only content supports rich text
          );

inc/targetticket.class.php

@@ -32,6 +32,7 @@
 use GlpiPlugin\Formcreator\Exception\ImportFailureException;
 use GlpiPlugin\Formcreator\Exception\ExportFailureException;
 use Glpi\Application\View\TemplateRenderer;
+use Glpi\Toolbox\Sanitizer;
 
 if (!defined('GLPI_ROOT')) {
    die("Sorry. You can't access this file directly");
@@ -844,7 +845,7 @@ public function save(PluginFormcreatorFormAnswer $formanswer): ?CommonDBTM {
       $data['date'] = $_SESSION['glpi_currenttime'];
 
       $data['content'] = $this->prepareTemplate(
-         $this->fields['content'] ?? '',
+         Sanitizer::unsanitize(__($this->fields['content'], $domain)) ?? '',
          $formanswer,
          $richText
       );

install/install.php

@@ -81,7 +81,8 @@ class PluginFormcreatorInstall {
       '2.13.1' => '2.13.3',
       '2.13.3' => '2.13.4',
       '2.13.4' => '2.13.5',
-      '2.13.5' => '2.14',
+      '2.13.5' => '2.13.6',
+      '2.13.6' => '2.14',
    ];
 
    protected bool $resyncIssues = false;

install/mysql/plugin_formcreator_2.13.6_empty.sql

@@ -0,0 +1,85 @@
+<?php
+/**
+ * ---------------------------------------------------------------------
+ * Formcreator is a plugin which allows creation of custom forms of
+ * easy access.
+ * ---------------------------------------------------------------------
+ * LICENSE
+ *
+ * This file is part of Formcreator.
+ *
+ * Formcreator is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Formcreator is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Formcreator. If not, see <http://www.gnu.org/licenses/>.
+ * ---------------------------------------------------------------------
+ * @copyright Copyright © 2011 - 2021 Teclib'
+ * @license   http://www.gnu.org/licenses/gpl.txt GPLv3+
+ * @link      https://github.com/pluginsGLPI/formcreator/
+ * @link      https://pluginsglpi.github.io/formcreator/
+ * @link      http://plugins.glpi-project.org/#/plugin/formcreator
+ * ---------------------------------------------------------------------
+ */
+
+use Glpi\RichText\RichText;
+use Glpi\Toolbox\Sanitizer;
+
+class PluginFormcreatorUpgradeTo2_13_6 {
+   /** @var Migration */
+   protected $migration;
+
+   public function isResyncIssuesRequired() {
+      return false;
+   }
+
+   /**
+    * @param Migration $migration
+    */
+   public function upgrade(Migration $migration) {
+      $this->migration = $migration;
+      $this->migrateToRichText();
+   }
+
+   public function migrateToRichText() {
+      global $DB;
+
+      $tables = [
+         'glpi_plugin_formcreator_targetchanges' => [
+            'content',
+            'impactcontent',
+            'controlistcontent',
+            'rolloutplancontent',
+            'backoutplancontent',
+            'checklistcontent',
+         ],
+         'glpi_plugin_formcreator_targetproblems' => [
+            'content',
+            'impactcontent',
+            'causecontent',
+            'symptomcontent',
+         ],
+      ];
+
+      foreach ($tables as $table => $fields) {
+         $request = [
+            'SELECT' => ['id'] + $fields,
+            'FROM'   => $table
+         ];
+         foreach ($DB->request($request) as $row) {
+            foreach ($fields as $field) {
+               $row[$field] = RichText::getSafeHtml($row[$field]);
+               $row[$field] = Sanitizer::dbEscape($row[$field]);
+            }
+            $DB->update($table, $row, ['id' => $row['id']]);
+         }
+      }
+   }
+}

install/upgrade_to_2.13.6.php

@@ -49,15 +49,15 @@
     { required: true, full_width: true }
     ) }}
 
-    {{ fields.textareaField('content', item.fields['content'], __('Description', 'formcreator'), { full_width: true }) }}
+    {{ fields.textareaField('content', item.fields['content'], __('Description', 'formcreator'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('impactcontent', item.fields['impactcontent'], __('Impacts'), { full_width: true }) }}
+    {{ fields.textareaField('impactcontent', item.fields['impactcontent'], __('Impacts'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('controlistcontent', item.fields['controlistcontent'], __('Control list'), { full_width: true }) }}
+    {{ fields.textareaField('controlistcontent', item.fields['controlistcontent'], __('Control list'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('rolloutplancontent', item.fields['rolloutplancontent'], __('Deployment plan'), { full_width: true }) }}
+    {{ fields.textareaField('rolloutplancontent', item.fields['rolloutplancontent'], __('Deployment plan'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('backoutplancontent', item.fields['backoutplancontent'], __('Backup plan'), { full_width: true }) }}
+    {{ fields.textareaField('backoutplancontent', item.fields['backoutplancontent'], __('Backup plan'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('checklistcontent', item.fields['checklistcontent'], __('Checklist'), { full_width: true }) }}
+    {{ fields.textareaField('checklistcontent', item.fields['checklistcontent'], __('Checklist'), { enable_richtext: true, full_width: true }) }}
 {% endblock %}

templates/pages/targetchange.html.twig

@@ -49,11 +49,11 @@
     { required: true, full_width: true }
     ) }}
 
-    {{ fields.textareaField('content', item.fields['content'], __('Description', 'formcreator'), { full_width: true }) }}
+    {{ fields.textareaField('content', item.fields['content'], __('Description', 'formcreator'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('impactcontent', item.fields['impactcontent'], __('Impacts'), { full_width: true }) }}
+    {{ fields.textareaField('impactcontent', item.fields['impactcontent'], __('Impacts'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('causecontent', item.fields['causecontent'], __('Cause'), { full_width: true }) }}
+    {{ fields.textareaField('causecontent', item.fields['causecontent'], __('Cause'), { enable_richtext: true, full_width: true }) }}
 
-    {{ fields.textareaField('symptomcontent', item.fields['symptomcontent'], __('Symptom'), { full_width: true }) }}
+    {{ fields.textareaField('symptomcontent', item.fields['symptomcontent'], __('Symptom'), { enable_richtext: true, full_width: true }) }}
 {% endblock %}