Fix/upload blocked extensions filter#95
Open
hylkest wants to merge 426 commits intosplittingred:developfrom
Open
Fix/upload blocked extensions filter#95hylkest wants to merge 426 commits intosplittingred:developfrom
hylkest wants to merge 426 commits intosplittingred:developfrom
Conversation
…fig and build files
…ng file fields in multistep forms
…hen storing of files is not needed
Add option to FormItCountryOptions snippet to limit country list to selected countries only
Fix for MODX3
Changes how hasSubmission() is evaluated to allow alternate buttons to submit the form (relevant in multi-step/page forms)
Fix PHP warning: Undefined variable $operator in ERROR log. Because $operator variable is not defined in else statement.
For MODX3 compatiblity Addresses issue #263
MODX3: Change modRest to http client in StopForumSpam service
If the option emailSelectToName is not set, the option emailSelectTo is used. emailSelectTo was exploded before it was assigned to emailSelectToName. After that it is exploded again which causes the following issue in PHP 8. The patch just reorders the assignment. ``` PHP Fatal error: Uncaught TypeError: explode(): Argument #2 ($string) must be of type string, array given in /…/core/components/formit/src/FormIt/Hook/Email.php:99 ```
Fix error SELECT list is not in GROUP BY clause
Fix PHP warning: Undefined array key
Fix Argument 2 must be of type string
Add ID of the form to the export csv file
Fix for multiple checked boxes/multiselect on FormItLoadSavedForm
fix(math hook): undefined variable $operator error
Feature: Multi Page Form Support
Fix issue 271 for loading chunks via PDO
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| $output = ' checked="checked"'; | ||
| } | ||
| $input = $modx->fromJSON($input); | ||
| $input = strpos($input, '"') ? $modx->fromJSON($input) : explode(',', $input); |
There was a problem hiding this comment.
strpos falsy-zero bug breaks JSON detection for checked/selected
Medium Severity
strpos($input, '"') returns 0 (falsy) when " is at position 0 of the string, causing the code to incorrectly use explode instead of $modx->fromJSON(). The correct check is strpos($input, '"') !== false. This classic PHP pitfall affects both snippet.formitischecked.php and snippet.formitisselected.php identically, and can cause checkbox/radio/select states to not be properly restored when the stored value starts with a double-quote character.
Additional Locations (1)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
Medium Risk
Touches install/upgrade packaging (resolvers, system settings, permissions, table migrations) and adds new manager-side CMP assets, so regressions could affect upgrades or manager access. Changes are mostly additive but include database schema migration logic and installer-side network call resolver.
Overview
Updates FormIt’s build/package definition to a
config.json-driven workflow, including new resolvers for table creation/upgrade, permission setup, setup options, cronjob guidance, and Sterc’s extras telemetry call; the transport build now also packages assets and registers a CMP menu.Adds a manager CMP with new
assets/components/formitJS/CSS, connector, and controllers for viewing/cleaning/exporting stored forms and managing encryption operations, plus a CLI-only cron script to trigger form cleanup.Modernizes snippet loading to use
getService/loadClass, adds theFormItLoadSavedFormprehook snippet, and tweaksFormItIsChecked/FormItIsSelectedto support comma-separated multi-values in addition to JSON. Also expands locale data (new country/state lists), updates docs/changelog, and adds GitHub issue/PR templates and.gitignoreentries.Written by Cursor Bugbot for commit 140e5d5. This will update automatically on new commits. Configure here.