Editor1.6 bug with php5.3&JS

Editor1.6 bug with php5.3&JS

imoagnimoagn Posts: 1Questions: 1Answers: 0

in practise, it seems that there are several bugs with editor 1.6

  1. The following code, xhr.responseJSON seems to be empty when submitting row update data. (chrome). did I missing some important depency?
Editor.prototype._ajax = function ( data, success, error )
{
    var thrown;
    var opts = {
        type:     'POST',
        dataType: 'json',
        data:     null,
        error:    [ function ( xhr, text, err ) {
            thrown = err;
        } ],
        complete: [ function ( xhr, text ) {
            // Use `complete` rather than `success` so that all status codes are
            // caught and can return valid JSON (useful when working with REST
            // services).
            var json = xhr.status === 204 ?
                {} :
                xhr.responseJSON;

2 . server side, PHP5.3, for example, [_ssp_field] is a private class method. But PHP 5.3 do not allow a anonymous function with [use (that)] to access private members of [that] (which is actually that = this) . This leads to several problems.
One of the most important problem is , when a query condition is actually a callback function, in Query::xxx_where_xxx methods it just cannot access to [Join::_join] which is a private member field, so finally a "delete from where 1=1" will be generated. This happened in our production environments and made me so sad :(

For some reasons it is difficult for us to update php version, so I'm so happy to find a library like Datatables declared supporting php5.3.

Please test editor with php 5.3 as strictly as with php5.5+, thank you very much!

Answers

  • allanallan Posts: 63,498Questions: 1Answers: 10,471 Site admin

    1 . The following code, xhr.responseJSON seems to be empty when submitting row update data. (chrome). did I missing some important depency?

    Could you give me a link to the page so I can take a look and see why that might be please? It would also be worth updating to 1.6.1 which has changed that code a little to address an issue with older versions of jQuery.

    2 . server side, PHP5.3, for example, [_ssp_field] is a private class method. But PHP 5.3 do not allow a anonymous function with [use (that)] to access private members of [that] (which is actually that = this)

    Thank you! Testing with PHP 5.3.10 confirms this issue. To fix I've marked the _ssp_field method as public, although it retains the name _ssp_field as it is really an internal method that doesn't need to be accessible via the public API.

    My automated testing is currently limited to a single version of PHP. I will try to expand that to multiple versions, which shouldn't actually be too difficult with docker. To be honest, supporting PHP 5.3 isn't all that hard, the trick is just remembering not to use the newer syntax and options!

    Regards,
    Allan

This discussion has been closed.