+2009-10-24 Ernesto Baschny <ernst@cron-it.de>
+
+ * Fixed bug #12321: Follow-up to #11586, fixes FE editing
+
2009-10-22 Oliver Hader <oliver@typo3.org>
* Release of TYPO3 4.3.0beta2
* Fixed bug #11586: Potential SQL injection in frontend editing (thanks to Oliver Klee)
* Fixed bug #12309: It was possible to gain access to the Install Tool by only knowing the md5 hash of the password.
* Fixed bug #12310: Encryption key can be recalculated when using normal mailform when [FE][strictFormmail] == 0 (thanks to Oliver Klee)
- * Fixed bug #12090: Filenames should be escaped with escapeshellarg before passing them to imagemagick
+ * Fixed bug #12090: Filenames should be escaped with escapeshellarg before passing them to imagemagick (thanks to Oliver Klee)
* Fixed bug #12303: XSS vulnerability due to not proper sanitizing in function t3lib_div::quoteJSvalue (thanks to Oliver Klee)
* Fixed bug #12304: Frame inclusion in the backend through alt_mod_frameset (thanks to Oliver Klee)
* Fixed bug #12305: XSS vulnerability in view_help.php / tfID parameter (thanks to Oliver Klee)
*/
class t3lib_frontendedit {
/**
- * GET/POST parameters for the FE editing
+ * GET/POST parameters for the FE editing.
+ * Accessed as $GLOBALS['BE_USER']->frontendEdit->TSFE_EDIT, thus public
*
* @var array
*/
- protected $TSFE_EDIT;
+ public $TSFE_EDIT;
/**
* TCEmain object.