From 0ebf3dfabfe8939c948b4ed65ef1cd0eff018017 Mon Sep 17 00:00:00 2001
From: "o.pinke" <o.pinke@conlite.org>
Date: Sat, 4 Sep 2021 10:16:14 +0200
Subject: [PATCH] add using strings to prepare Query add edit_area to
 source_editor for testing

---
 conlib/db_sql_abstract.inc                    | 38 ++++++++++----
 conlite/classes/gui/class.sourceeditor.php    |  7 ++-
 .../html5/template.generic_source_editor.html | 52 +++++++++----------
 3 files changed, 59 insertions(+), 38 deletions(-)
diff --git a/conlib/db_sql_abstract.inc b/conlib/db_sql_abstract.inc
index 2577894..d129448 100644
--- a/conlib/db_sql_abstract.inc
+++ b/conlib/db_sql_abstract.inc
@@ -417,11 +417,31 @@ abstract class DB_Sql_Abstract {
      * @return  string
      */
     public function _prepareQueryf($sQuery, array $aArgs) {
+        var_dump($sQuery);
+        print_r($aArgs);
         if (count($aArgs) > 0) {
-            $aArgs = array_map(array($this, 'escape'), $aArgs);
-            array_unshift($aArgs, $sQuery);
-            $sQuery = call_user_func_array('sprintf', $aArgs);
+            if (count(array_filter(array_keys($aArgs), 'is_string')) > 0) {
+                foreach ($aArgs as $key => $value) {
+                    $param = ':' . $key;
+                    $statement = $sQuery;
+                    if (cSecurity::isInteger($value)) {
+                        $statement = preg_replace('/' . $param . '/', cSecurity::toInteger($value), $statement);
+                        $statement = preg_replace('/\'' . $param . '\'/', '\'' . cSecurity::toInteger($value) . '\'', $statement);
+                    } else {
+                        $param = cSecurity::toString($param);
+                        $statement = preg_replace('/' . $param . '/', cSecurity::escapeString($value), $statement);
+                        $statement = preg_replace('/\'' . $param . '\'/', '\'' . cSecurity::escapeString($value) . '\'', $statement);
+                        $statement = preg_replace('/`' . $param . '`/', '`' . cSecurity::escapeString($value) . '`', $statement);
+                    }
+                    $sQuery = $statement;
+                }
+            } else {
+                $aArgs = array_map(array($this, 'escape'), $aArgs);
+                array_unshift($aArgs, $sQuery);
+                $sQuery = call_user_func_array('sprintf', $aArgs);
+            }
         }
+        var_dump($sQuery);
         return $sQuery;
     }
 
@@ -755,9 +775,9 @@ abstract class DB_Sql_Abstract {
         self::$_aProfileData[] = array(
             'time' => $fEndTime - $fStartTime,
             'query' => $sQuery
-                /*,
-            'ErrNo' => static::_getErrorNumber(),
-            'ErrMess' => static::_getErrorMessage()*/
+                /* ,
+                  'ErrNo' => static::_getErrorNumber(),
+                  'ErrMess' => static::_getErrorMessage() */
         );
     }
 
@@ -783,21 +803,21 @@ abstract class DB_Sql_Abstract {
             printf("<pre>" . $sMsg . "</pre>\n");
         }
     }
-    
+
     /**
      * returns info about db-server
      * 
      * return string
      */
     abstract public function getServerInfo();
-    
+
     /**
      * returns client encoding
      * 
      * return string
      */
     abstract public function getClientEncoding();
-    
+
     /**
      * returns client info
      * 
diff --git a/conlite/classes/gui/class.sourceeditor.php b/conlite/classes/gui/class.sourceeditor.php
index fc2b2c5..b526ea7 100644
--- a/conlite/classes/gui/class.sourceeditor.php
+++ b/conlite/classes/gui/class.sourceeditor.php
@@ -64,8 +64,11 @@ class cGuiSourceEditor extends cGuiPage {
         $this->_filename = $filename;
 
         // include the class and create the codemirror instance
-        cInclude('external', 'codemirror/class.codemirror.php');
-        $this->_codeMirror = new CodeMirror('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);
+        //cInclude('external', 'codemirror/class.codemirror.php');
+        //$this->_codeMirror = new CodeMirror('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);
+        // include the class and create the codemirror instance
+        cInclude('external', 'edit_area/class.edit_area.php');
+        $this->_codeMirror = new EditArea('code', $this->_filetype, cString::getPartOfString(cString::toLowerCase($belang), 0, 2), true, $cfg, !$this->_readOnly);
 
         $this->_versioning = $versioning;
 
diff --git a/conlite/templates/standard/html5/template.generic_source_editor.html b/conlite/templates/standard/html5/template.generic_source_editor.html
index f640dc8..b2e91f9 100644
--- a/conlite/templates/standard/html5/template.generic_source_editor.html
+++ b/conlite/templates/standard/html5/template.generic_source_editor.html
@@ -1,7 +1,13 @@
+<style>
+    .cl_form_row {
+        margin-bottom: 1em;
+    }
+</style>
+
 
 {CODEMIRROR_SCRIPT}
 
-<form  enctype="multipart/form-data" style="margin:0px" name="file_editor" method="post" action="main.php">
+<form  enctype="multipart/form-data" name="file_editor" method="post" action="main.php">
 <input id="m4" name="area" type="hidden" value="{AREA}" />
 <input id="m5" name="action" type="hidden" value="{ACTION}" />
 <input id="m6" name="frame" type="hidden" value="4" />
@@ -9,32 +15,24 @@
 <input id="m8" name="tmp_file" type="hidden" value="{FILENAME}" />
 <input id="m9" name="contenido" type="hidden" value="1" />
 
-<table style="width: auto;" id="" class="generic" cellspacing="0" cellpadding="2">
-    <tr id="m10"><th id="m11" colspan="2" valign="top">i18n("Edit file")</th></tr>
-    
-    
-    <tr id="1">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Name")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><input id="m1" name="file" value="{FILENAME}" size="60" type="text" /></td>
-    </tr>
-    
-    
-    <tr id="2">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Description")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><textarea id="m3" name="description" cols="100" rows="5" style="font-family: monospace;width: 100%;">{DESCRIPTION}</textarea></td>
-    </tr>
-    
-    
-    <tr id="3">
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" width="1"><nobr>i18n("Source code")</nobr></td>
-        <td nowrap="nowrap" valign="top" align="left"><textarea id="code" name="code" cols="100" rows="35" style="font-family: monospace;width: 100%;" wrap="off">{SOURCE}</textarea></td>
-    </tr>
-    
-    <tr id="4">
-        <td nowrap="nowrap" valign="top">&nbsp;</td>
-        <td nowrap="nowrap" valign="top" style="white-space: nowrap;" align="right"><input id="m12" name="submit" type="image" src="{SAVE_BUTTON_IMAGE}" alt="{SAVE_BUTTON_DESC}" title="{SAVE_BUTTON_DESC}" accesskey="s" onclick="" /></td>
-    </tr>
-</table>
+<fieldset style="width: calc(100% - 40px); margin: auto;">
+    <legend><strong>i18n("Edit file")</strong></legend>
+    <div class="cl_form_row">
+    <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Name")</label>
+    <input name="file" value="{FILENAME}" size="60" type="text" />
+    </div>
+    <div class="cl_form_row">
+    <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Description")</label>
+    <textarea name="description" style="width: calc(100% - 130px);" cols="100" rows="5" wrap="off">{DESCRIPTION}</textarea>
+    </div>
+    <div class="cl_form_row">
+        <label style="width: 100px;display: inline-block;vertical-align: top;">i18n("Code")</label>
+    <textarea id="code" name="code" style="width: calc(100% - 120px);" cols="100" rows="35" wrap="off">{SOURCE}</textarea>
+    </div>
+    <div style="text-align: right;padding-right: 1%;" class="cl_form_row cl_action_buttons">
+        <input id="m12" name="submit" type="image" src="{SAVE_BUTTON_IMAGE}" alt="{SAVE_BUTTON_DESC}" title="{SAVE_BUTTON_DESC}" accesskey="s" onclick="" />
+    </div>
+</fieldset>
 </form>
 <script type="text/javascript">
 (function(Con, $) {

i18n("Edit file")
i18n("Name")
i18n("Description")	{DESCRIPTION}
i18n("Source code")	{SOURCE}