[SOLVED]Document (File Name) still not fixed in version scriptcase version 8.00.0040

Scriptcase 8 Bugs
#1

When I have a Document (File Name) in my form and I upload a file with the name a+b.txt it still fails. I have been mentioning this since many many months and have given the solution several times.
Most of the other bugs (at least the ones that I found) seem to be fixed or circumvented.
It is still not fixed, the bug is due to the point that the sajax code has a bug.
The generated code is:


 grid_filestorage_sajax.php (pieces removed due to length constrictions).

<?php
if (!isset($SAJAX_INCLUDED)) {

        /*
         * GLOBALS AND DEFAULTS
         *
         */
        $GLOBALS['sajax_version'] = '0.12';
        $GLOBALS['sajax_debug_mode'] = 0;
        $GLOBALS['sajax_export_list'] = array();
        $GLOBALS['sajax_request_type'] = 'GET';
        $GLOBALS['sajax_remote_uri'] = '';
        $GLOBALS['sajax_failure_redirect'] = '';
..........
                function sajax_do_call(func_name, args) {
                        var i, x, n;
                        var uri;
                        var post_data;
                        var target_id;

                        sajax_debug(\"in sajax_do_call()..\" + sajax_request_type + \"/\" + sajax_target_id);
                        target_id = sajax_target_id;
                        if (typeof(sajax_request_type) == \"undefined\" || sajax_request_type == \"\")
                                sajax_request_type = \"GET\";

                        uri = \"" . sajax_url_encode($sajax_remote_uri) . "\";
                        // NM
                        if (-1 != uri.indexOf(\"?\"))
                                uri = uri.substr(0, uri.indexOf(\"?\"));
                        // NM
                        if (sajax_request_type == \"GET\") {

                                if (uri.indexOf(\"?\") == -1)
                                        uri += \"?rs=\" + escape(func_name);
                                else
                                        uri += \"&rs=\" + escape(func_name);
                                uri += \"&rst=\" + escape(sajax_target_id);
                                uri += \"&rsrnd=\" + new Date().getTime();

                                for (i = 0; i < args.length-1; i++)
                                        uri += \"&rsargs[]=\" + escape(args[i]);

                                post_data = null;
                        }
                        else if (sajax_request_type == \"POST\") {
                                post_data = \"rs=\" + escape(func_name);
                                post_data += \"&rst=\" + escape(sajax_target_id);
                                post_data += \"&rsrnd=\" + new Date().getTime();

                                for (i = 0; i < args.length-1; i++)
                                        post_data = post_data + \"&rsargs[]=\" + escape(args[i]);
                        }
                        else {
                                alert(\"Illegal request type: \" + sajax_request_type);
                        }

                        x = sajax_init_object();
                        if (x == null) {
                                if (sajax_failure_redirect != \"\") {
                                        location.href = sajax_failure_redirect;
                                        return false;
                                } else {
                                        sajax_debug(\"NULL sajax object for user agent:\
\" + navigator.userAgent);
                                        return false;
                                }
                        } else {
                                x.open(sajax_request_type, uri, true);
                                // window.open(uri);

                                sajax_requests[sajax_requests.length] = x;

                                if (sajax_request_type == \"POST\") {
                                        x.setRequestHeader(\"Method\", \"POST \" + uri + \" HTTP/1.1\");
                                        x.setRequestHeader(\"Content-Type\", \"application/x-www-form-urlencoded\");
                                }

                                x.onreadystatechange = function() {
                                        if (x.readyState != 4)
                                                return;

                                        sajax_debug(\"received \" + x.responseText);

                                        var status;
                                        var data;
                                        var txt = x.responseText.replace(/^\s*|\s*$/g,\"\");
                                        status = txt.charAt(0);
                                        data = txt.substring(2);

                                        if (status == \"\") {
                                                // let's just assume this is a pre-response bailout and let it slide for now
                                        } else if (status == \"-\")
                                                alert(\"Error: \" + data);
                                        else {
                                                if (target_id != \"\")
                                                        document.getElementById(target_id).innerHTML = eval(data);
                                                else {
                                                        try {
                                                                var callback;
                                                                var extra_data = false;
                                                                if (typeof args[args.length-1] == \"object\") {
                                                                        callback = args[args.length-1].callback;
                                                                        extra_data = args[args.length-1].extra_data;
                                                                } else {
                                                                        callback = args[args.length-1];
                                                                }
                                                                callback(eval(data), extra_data);
                                                        } catch (e) {
                                                                sajax_debug(\"Caught error \" + e + \": Could not eval \" + data );

                                                                if (document.getElementById(\"id_fatal_error\") && data.lastIndexOf('Fatal error') > -1)
                                                                {
                                                                    sc_ret_error = \"<table width=20%><tr><td>\" + data + \"</td></tr></table>\";
                                                                    document.getElementById(\"id_fatal_error\").style.display = \"\";
                                                                    document.getElementById(\"id_fatal_error\").innerHTML = sc_ret_error;
                                                                }

                                                        }
                                                }
                                        }
                                }
                        }

                        sajax_debug(func_name + \" uri = \" + uri + \"/post = \" + post_data);
                        x.send(post_data);
                        sajax_debug(func_name + \" waiting..\");
                        delete x;
                        return true;
                }

                ";
                return $html;
        }

 .....
?>
#2

The corrected code is the following:


                function sajax_do_call(func_name, args) {
                        var i, x, n;
                        var s;
                        var post_data;
                        var target_id;

                        sajax_debug(\"in sajax_do_call()..\" + sajax_request_type + \"/\" + sajax_target_id);
                        target_id = sajax_target_id;
                        if (typeof(sajax_request_type) == \"undefined\" || sajax_request_type == \"\")
                                sajax_request_type = \"GET\";

                        uri = \"" . sajax_url_encode($sajax_remote_uri) . "\";
                        // NM
                        if (-1 != uri.indexOf(\"?\"))
                                uri = uri.substr(0, uri.indexOf(\"?\"));
                        // NM
                        if (sajax_request_type == \"GET\") {

                                if (uri.indexOf(\"?\") == -1)
                                        uri += \"?rs=\" + escape(func_name);
                                else
                                        uri += \"&rs=\" + escape(func_name);
                                uri += \"&rst=\" + escape(sajax_target_id);
                                uri += \"&rsrnd=\" + new Date().getTime();

                                for (i = 0; i < args.length-1; i++)
                                        uri += \"&rsargs[]=\" + escape(args[i]);

                                post_data = null;
                        }
                        else if (sajax_request_type == \"POST\") {
                                post_data = \"rs=\" + escape(func_name);
                                post_data += \"&rst=\" + escape(sajax_target_id);
                                post_data += \"&rsrnd=\" + new Date().getTime();

                                for (i = 0; i < args.length-1; i++){
                                        s=escape(args[i]);
                                        post_data = post_data + \"&rsargs[]=\" + s.replace(\"+\",\"%2B\");
                                }
                                        
                        }
                        else {
                                alert(\"Illegal request type: \" + sajax_request_type);
                        }

                        x = sajax_init_object();
                        if (x == null) {
                                if (sajax_failure_redirect != \"\") {
                                        location.href = sajax_failure_redirect;
                                        return false;
                                } else {
                                        sajax_debug(\"NULL sajax object for user agent:\
\" + navigator.userAgent);
                                        return false;
                                }
                        } else {
                                x.open(sajax_request_type, uri, true);
                                // window.open(uri);

                                sajax_requests[sajax_requests.length] = x;

                                if (sajax_request_type == \"POST\") {
                                        x.setRequestHeader(\"Method\", \"POST \" + uri + \" HTTP/1.1\");
                                        x.setRequestHeader(\"Content-Type\", \"application/x-www-form-urlencoded; charset=iso-8859-15\");
                                }

                                x.onreadystatechange = function() {
                                        if (x.readyState != 4)
                                                return;

                                        sajax_debug(\"received \" + x.responseText);

                                        var status;
                                        var data;
                                        var txt = x.responseText.replace(/^\s*|\s*$/g,\"\");
                                        status = txt.charAt(0);
                                        data = txt.substring(2);

                                        if (status == \"\") {
                                                // let's just assume this is a pre-response bailout and let it slide for now
                                        } else if (status == \"-\")
                                                alert(\"Error: \" + data);
                                        else {
                                                if (target_id != \"\")
                                                        document.getElementById(target_id).innerHTML = eval(data);
                                                else {
                                                        try {
                                                                var callback;
                                                                var extra_data = false;
                                                                if (typeof args[args.length-1] == \"object\") {
                                                                        callback = args[args.length-1].callback;
                                                                        extra_data = args[args.length-1].extra_data;
                                                                } else {
                                                                        callback = args[args.length-1];
                                                                }
                                                                callback(eval(data), extra_data);
                                                        } catch (e) {
                                                                sajax_debug(\"Caught error \" + e + \": Could not eval \" + data );

                                                                if (document.getElementById(\"id_fatal_error\") && data.lastIndexOf('Fatal error') > -1)
                                                                {
                                                                    sc_ret_error = \"<table width=20%><tr><td>\" + data + \"</td></tr></table>\";
                                                                    document.getElementById(\"id_fatal_error\").style.display = \"\";
                                                                    document.getElementById(\"id_fatal_error\").innerHTML = sc_ret_error;
                                                                }

                                                        }
                                                }
                                        }
                                }
                        }

                        sajax_debug(func_name + \" uri = \" + uri + \"/post = \" + post_data);
                        x.send(post_data);
                        sajax_debug(func_name + \" waiting..\");
                        delete x;
                        return true;
                }

                ";
                return $html;
        }

Please fix this, it is annoying not to be able to upload a file with a + sign on a windows server!!

#3

As adition I also see that a file with a % in it (which is totally valid!!) is not supported either in the default code…
So in case you start fixing it then test with the following names:
test1%105.jpg
test2&111.jpg
test3+222.jpg

And you’ll find it out quickly…

#4

It is an editable grid. This picture should be obvious enough…

editvars.jpg

#5

You’re using the SQL Server, right?

I sent this problem for development team, and will be fix soon

?lvaro Moura.
Scriptcase team.

#6

No we are using Oracle. But great if this issue will be solved. I recommend to search for rr’s other posts as he has reported a lot of issues including solutions…

#7

It should be obvious that this is a database server INDEPENDANT piece of code… It would also fail on sqlite as an sqlite version would produce alomst exactly the same code…
I can send you the application so that you can test this in detail. The error lies in the sajax code.
Anything thing with a + in it gets the + translated to a space and thus it fails. Hence my temporary fix (which also doesnt solve all possible issues but at least most).
The best solition would be to kick out sajax and simply use jquery instead of sajax. Sajax is old and outdated. And jquery already is available so why not use that?

#8

Bumping the thread… It isnt fixed still… And I did give the solution already a few times… And fixing it should be very simple…

#9

Hello, rr.

I sent you an email requesting a remote access.
I await your return.

thank you.
Scriptcase team.

#10

I sent you a mail back. That time is not possible. But I can send you my application since I got your email and you can simply test it out on a windows uniform or xampp. You’ll see that I am right and you will see that it is a bug once you xdebug the code in detail. It isnt hard to understand once you have studied the generated code.

#11

Good afternoon!

This problem occurs only in forms editable grid type.

When using a form as single record or multiple records the uploading works fine.

Scriptcase team.

#12

And this is the solution ?

#13

This is not a good solution since we need the editable grid. But my PRELIMINARY tests do show out that some fixes are there.
The multiple records works differently in such a way that it is less usefull.
Their while fix lies in the following function:


371|         function sajax_url_encode($string) {
372|                 $entities = array('%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D');
373|                 $replacements = array('!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
374|
375|                 return str_replace($entities, $replacements, urlencode($string));
376|         }

This is a good solution but that one is also available in the form->editable grid.
Also the code for an editable grid and a multiple record form differs only very slightly, I generated both, viewed the source code and removed the line numbers and compared it.
A main difference is that in the grid there is a number of records preloaded (the number of rows shown).
Other differences are there but there is little reason to leave the bug in there…

The whole sajax piece is exactly the same…

Hence the fix should be simple, I already showed them where the bug is and I already showed them how to fix it in generated code…

I still need to study it in detail to find out why one is failing and the other one is working.
The whole problem lies in the sajax code. This code is old and has bugs and actually should be replaeced with jquery $.ajax functions.
The sajax code falsely translates a + sign in a filename to a single space. Some other characters will also fail.
Anyway lets wait a while until they really fix it…

It is completely ridiculuous and outdated to even use sajax where jquery is way more advanced.

The grid is easy, you just press a button to create a new record, you select a local file and upload it and you press the little arrow. So you are still in one screen.
The multiple records is NOT easy for a simple user. You get a lits of records, you press a button, a new window opens. Then you need to press a button to upload then you need to close that window and then you get it saved. This is basically a whole window too much that not every user understands…

#14

Hello,

This problem has been solved in the update 8.0.044.

#15

I will most surely check this out in detail.

🚀 Scriptcase 9.12 is now available! Check out the new features here 👉🚀 Next Monday (02/24), Scriptcase 9.12 will be released! Check out the new features before anyone else 👉