2005-12-14 Sebastian Kurfuerst <sebastian@garbage-group.de>
authorSebastian Kurfürst <sebastian.kurfuerst@typo3.org>
Wed, 14 Dec 2005 07:38:33 +0000 (07:38 +0000)
committerSebastian Kurfürst <sebastian.kurfuerst@typo3.org>
Wed, 14 Dec 2005 07:38:33 +0000 (07:38 +0000)
* updated NEWS.txt
* Fixed bug #1343: Minor problem with
tslib_fe::prefixLocalAnchorsWithScript()
* New feature #1369: Accessible forms
* New feature #1631: configuration of user rights
* Fixed bug #1980: Relative links (anchors) in current page &
baseURL
* Security #2024: Set random ["SYS"]["encryptionKey"] during
1-2-3 install, button captions

git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@910 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
NEWS.txt
t3lib/jsfunc.validateform.js
typo3/sysext/cms/layout/db_layout.php
typo3/sysext/cms/tslib/class.tslib_content.php
typo3/sysext/cms/tslib/class.tslib_fe.php
typo3/sysext/install/mod/class.tx_install.php

index 1c8875c..6957f94 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,17 @@
+2005-12-14  Sebastian Kurfuerst  <sebastian@garbage-group.de>
 
-2005-12-09  Martin Kutschker  <martin.t.kutschker@blackbox.net>
+       * updated NEWS.txt
+       * Fixed bug #1343: Minor problem with tslib_fe::prefixLocalAnchorsWithScript()
+       * New feature #1369: Accessible forms
+       * New feature #1631: configuration of user rights
+       * Fixed bug #1980: Relative links (anchors) in current page & baseURL
+       * Security #2024: Set random ["SYS"]["encryptionKey"] during 1-2-3 install, button captions
+
+2005-12-13  Martin Kutschker  <martin.t.kutschker@blackbox.net>
 
        * Fixed bug #1172: broken typolinks to other domains
 
-2005-12-09  Martin Kutschker  <martin.t.kutschker@blackbox.net>
+2005-12-13  Martin Kutschker  <martin.t.kutschker@blackbox.net>
 
        * Fixed bug #2020: t3lib_cs->substr in mbstring-mode always used utf-8
        * Added support for iconv-functions of PHP5 in t3lib_cs
index 739bc0f..c596ac8 100644 (file)
--- a/NEWS.txt
+++ b/NEWS.txt
@@ -3,17 +3,36 @@ CHANGES & IMPROVEMENTS in TYPO3 4.0
 (for technical details see ChangeLog)
 ************************************************************************
 
-Access Control
-===============
+New features / improvements
+===========================
 
-       * FE-groups are now nested. Additionally, pages and content elements can have more than one group assigned. (Michael Stucki, integrating extension "fenestgrp" by Glen Gibb and extension "ingmar_accessctrl" by Ingmar Schlecht)
+       * Workspaces
+       * indexed search (template support, speed improvements)
+       * Integrated kb_cont_slide extension into core
+       * tab indenting in textareas in the backend
+       * display of BE clickmenus with XMLHTTP / AJAX
+       * User admin module: switch back to admin user after user switch (SU-mode), "create new user" link
+       * Zapped lots of gremlins
 
-Compatibility
+Access Control
 ==============
 
-       * GMENU_LAYERS and TMENU_LAYERS and image rollovers now work with Opera browsers (Martin Kutschker)
+       * FE-groups are now nested. Additionally, pages and content elements can have more than one group assigned. (Michael Stucki, integrating extension "fenestgrp" by Glen Gibb and extension "ingmar_accessctrl" by Ingmar Schlecht)
 
 Security
 =========
 
-       * A debug script used to expose system information provided by phpinfo(). For details, see http://typo3.org /teams/security/security-bulletins/typo3-20050725-1/ (Michael Stucki)
+       * New option for lockSSL: get redirected to standard http after BE login with SSL
+
+Bugfixes
+========
+
+       * config.disablePrefixComment was ignored by plugins
+       * When copying a file into the same folder in the "Filelist" module, it is automatically renamed
+
+Usability
+=========
+
+       * on timeout in BE, popup won't appear again after clicking "No"
+       * made new content element wizard easier to use (removed empty categories)
+       * rte wizard has save and close buttons now
index 45cece5..ccdc875 100755 (executable)
 
 
 function validateForm(theFormname,theFieldlist,goodMess,badMess,emailMess)     {
-       if (document[theFormname] && theFieldlist)      {
+       var formObject = document[theFormname];
+       if (!formObject)        {
+               formObject = document.getElementById(theFormname);
+       }
+       if (formObject && theFieldlist) {
                var index=1;
                var theField = split(theFieldlist, ",", index);
                var msg="";
@@ -58,8 +62,8 @@ function validateForm(theFormname,theFieldlist,goodMess,badMess,emailMess)    {
                        index++;
                        theLabel = unescape(split(theFieldlist, ",", index));
                        theField = unescape(theField);
-                       if (document[theFormname][theField])    {
-                               var fObj = document[theFormname][theField];
+                       if (formObject[theField])       {
+                               var fObj = formObject[theField];
                                var type=fObj.type;
                                if (!fObj.type) {
                                        type="radio";
index fdee6c4..a5544e9 100755 (executable)
@@ -1030,46 +1030,46 @@ class SC_db_layout {
 
 
                        // Draw the page properties.
-               $headerSection = $this->doc->getHeader('pages',$this->pageinfo,$this->pageinfo['_thePath']).'<br />'.
+               $headerSection = $this->doc->getHeader('pages',$this->pageinfo,$this->pageinfo['_thePath'],$this->modTSconfig['properties']['disableIconToolbar']?1:0).'<br />'.
                                                $LANG->sL('LLL:EXT:lang/locallang_core.php:labels.path',1).': '.
                                                '<span title="'.htmlspecialchars($this->pageinfo['_thePathFull']).'">'.htmlspecialchars(t3lib_div::fixed_lgd_cs($this->pageinfo['_thePath'],-50)).'</span>';
 
+               if (!$this->modTSconfig['properties']['disableIconToolbar'])    {
+                               // Create icon "toolbar" for common operations like creating/moving elements/pages etc.
+                       $toolBar='';
+                               // History:
+                       $toolBar.='<a href="#" onclick="'.htmlspecialchars('jumpToUrl(\''.$BACK_PATH.'show_rechis.php?element='.rawurlencode('pages:'.$this->id).'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')).'#latest\');return false;').'">'.
+                                               '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/history2.gif','width="13" height="12"').' vspace="2" hspace="2" align="top" title="'.$LANG->getLL('recordHistory',1).'" alt="" />'.
+                                               '</a>';
+                               // New content element
+                       $toolBar.='<a href="'.htmlspecialchars('db_new_content_el.php?id='.$this->id.'&sys_language_uid='.$this->current_sys_language.'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'))).'">'.
+                                               '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/new_record.gif','width="16" height="12"').' vspace="2" hspace="1" align="top" title="'.$LANG->getLL('newContentElement',1).'" alt="" />'.
+                                               '</a>';
+                               // Move page:
+                       $toolBar.='<a href="'.htmlspecialchars($BACK_PATH.'move_el.php?table=pages&uid='.$this->id.'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'))).'">'.
+                                               '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/move_page.gif','width="11" height="12"').' vspace="2" hspace="2" align="top" title="'.$LANG->getLL('move_page',1).'" alt="" />'.
+                                               '</a>';
+                               // Create new page (wizard):
+                       $toolBar.='<a href="#" onclick="'.htmlspecialchars('jumpToUrl(\''.$BACK_PATH.'db_new.php?id='.$this->id.'&pagesOnly=1&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')).'\');return false;').'">'.
+                                               '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/new_page.gif','width="13" height="12"').' hspace="0" vspace="2" align="top" title="'.$LANG->getLL('newPage',1).'" alt="" />'.
+                                               '</a>';
+                               // Edit page properties:
+                       $params='&edit[pages]['.$this->id.']=edit';
+                       $toolBar.='<a href="#" onclick="'.htmlspecialchars(t3lib_BEfunc::editOnClick($params,$BACK_PATH)).'">'.
+                                               '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/edit2.gif','width="11" height="12"').' hspace="2" vspace="2" align="top" title="'.$LANG->getLL('editPageProperties',1).'" alt="" />'.
+                                               '</a>';
 
-                       // Create icon "toolbar" for common operations like creating/moving elements/pages etc.
-               $toolBar='';
-                       // History:
-               $toolBar.='<a href="#" onclick="'.htmlspecialchars('jumpToUrl(\''.$BACK_PATH.'show_rechis.php?element='.rawurlencode('pages:'.$this->id).'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')).'#latest\');return false;').'">'.
-                                       '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/history2.gif','width="13" height="12"').' vspace="2" hspace="2" align="top" title="'.$LANG->getLL('recordHistory',1).'" alt="" />'.
-                                       '</a>';
-                       // New content element
-               $toolBar.='<a href="'.htmlspecialchars('db_new_content_el.php?id='.$this->id.'&sys_language_uid='.$this->current_sys_language.'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'))).'">'.
-                                       '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/new_record.gif','width="16" height="12"').' vspace="2" hspace="1" align="top" title="'.$LANG->getLL('newContentElement',1).'" alt="" />'.
-                                       '</a>';
-                       // Move page:
-               $toolBar.='<a href="'.htmlspecialchars($BACK_PATH.'move_el.php?table=pages&uid='.$this->id.'&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'))).'">'.
-                                       '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/move_page.gif','width="11" height="12"').' vspace="2" hspace="2" align="top" title="'.$LANG->getLL('move_page',1).'" alt="" />'.
-                                       '</a>';
-                       // Create new page (wizard):
-               $toolBar.='<a href="#" onclick="'.htmlspecialchars('jumpToUrl(\''.$BACK_PATH.'db_new.php?id='.$this->id.'&pagesOnly=1&returnUrl='.rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')).'\');return false;').'">'.
-                                       '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/new_page.gif','width="13" height="12"').' hspace="0" vspace="2" align="top" title="'.$LANG->getLL('newPage',1).'" alt="" />'.
-                                       '</a>';
-                       // Edit page properties:
-               $params='&edit[pages]['.$this->id.']=edit';
-               $toolBar.='<a href="#" onclick="'.htmlspecialchars(t3lib_BEfunc::editOnClick($params,$BACK_PATH)).'">'.
-                                       '<img'.t3lib_iconWorks::skinImg($BACK_PATH,'gfx/edit2.gif','width="11" height="12"').' hspace="2" vspace="2" align="top" title="'.$LANG->getLL('editPageProperties',1).'" alt="" />'.
-                                       '</a>';
-
-                       // Add CSH (Context Sensitive Help) icon to tool bar:
-               $toolBar.= t3lib_BEfunc::cshItem($this->descrTable,'columns_'.$this->MOD_SETTINGS['function'],$BACK_PATH,'',FALSE,'margin-top: 0px; margin-bottom: 0px;');
-
-                       // Wrap the toolbar into a table:
-               $headerSection.='
-                       <table border="0" cellpadding="0" cellspacing="0" class="bgColor4">
-                               <tr>
-                                       <td>'.$toolBar.'</td>
-                               </tr>
-                       </table>';
+                               // Add CSH (Context Sensitive Help) icon to tool bar:
+                       $toolBar.= t3lib_BEfunc::cshItem($this->descrTable,'columns_'.$this->MOD_SETTINGS['function'],$BACK_PATH,'',FALSE,'margin-top: 0px; margin-bottom: 0px;');
 
+                               // Wrap the toolbar into a table:
+                       $headerSection.='
+                               <table border="0" cellpadding="0" cellspacing="0" class="bgColor4">
+                                       <tr>
+                                               <td>'.$toolBar.'</td>
+                                       </tr>
+                               </table>';
+               }
 
                        // Create menu of table-icons for jumping to table-listing anchor points:
                if ($this->MOD_SETTINGS['function']!=3 && count($tableOutput)>1)        {
index 9241d82..d147db6 100755 (executable)
@@ -1621,10 +1621,23 @@ class tslib_cObj {
                $fieldname_hashArray = Array();
                $cc = 0;
 
-                       // Formname;
-               $formname = $GLOBALS['TSFE']->uniqueHash();
-               if (ctype_digit($formname{0}))  {       // form name must start with a letter
-                       $formname = 'a'.$formname;
+               $xhtmlStrict = t3lib_div::inList('xhtml_strict,xhtml_11,xhtml_2',$GLOBALS['TSFE']->config['config']['doctype']);
+                       // Formname
+               if ($conf['formName'])  {
+                       $formname = $this->cleanFormName($conf['formName']);
+               } else {
+                       $formname = $GLOBALS['TSFE']->uniqueHash();
+                       $formname = 'a'.$formname;      // form name has to start with a letter to reach XHTML compliance
+               }
+
+               if (isset($conf['fieldPrefix']))        {
+                       if ($conf['fieldPrefix'])       {
+                               $prefix = $this->cleanFormName($conf['fieldPrefix']);
+                       } else {
+                               $prefix = '';
+                       }
+               } else {
+                       $prefix = $formname;
                }
 
                foreach($dataArr as $val)       {
@@ -1651,7 +1664,7 @@ class tslib_cObj {
                                $typeParts = explode('=',$fParts[0]);
                                $confData['type'] = trim(strtolower(end($typeParts)));
                                if (count($typeParts)==1)       {
-                                       $confData['fieldname'] = substr(ereg_replace('[^a-zA-Z0-9_]','',str_replace(' ','_',trim($parts[0]))),0,30);
+                                       $confData['fieldname'] = $this->cleanFormName($parts[0]);
                                        if (strtolower(ereg_replace('[^[:alnum:]]','',$confData['fieldname']))=='email')        {$confData['fieldname']='email';}
                                                // Duplicate fieldnames resolved
                                        if (isset($fieldname_hashArray[md5($confData['fieldname'])]))   {
@@ -1684,9 +1697,15 @@ class tslib_cObj {
                                        if (strcmp('',$addParams))      $addParams=' '.$addParams;
                                } else $addParams='';
 
+                               if ($conf['dontMd5FieldNames']) {
+                                       $fName = $confData['fieldname'];
+                               } else {
+                                       $fName = md5($confData['fieldname']);
+                               }
+
                                        // Accessibility: Set id = fieldname attribute:
-                               if ($conf['accessibility'])     {
-                                       $elementIdAttribute = ' id="'.$formname.'_'.md5($confData['fieldname']).'"';
+                               if ($conf['accessibility'] || $xhtmlStrict)     {
+                                       $elementIdAttribute = ' id="'.$prefix.$fName.'"';
                                } else {
                                        $elementIdAttribute = '';
                                }
@@ -1781,6 +1800,9 @@ class tslib_cObj {
                                        break;
                                        case 'radio':
                                                $option='';
+                                               if ($conf['accessibility'])     {
+                                                       $option.='<fieldset'.$elementIdAttribute.'><legend>'.$confData['label'].'</legend>';
+                                               }
                                                $valueParts = explode(',',$parts[2]);
                                                $items=array();         // Where the items will be
                                                $default='';
@@ -1800,13 +1822,22 @@ class tslib_cObj {
                                                $default = $this->getFieldDefaultValue($conf['noValueInsert'], $confData['fieldname'], $default);
                                                        // Create the select-box:
                                                for($a=0;$a<count($items);$a++) {
-                                                       $fieldId = $formname.'_'.md5($confData['fieldname']).'_'.($a+1);
-                                                       $label = $this->stdWrap(trim($items[$a][0]), $conf['radioWrap.']);
+                                                       $radioId = $prefix.$fName.$this->cleanFormName($items[$a][0]);
                                                        if ($conf['accessibility'])     {
-                                                               $label = '<label for="'.$fieldId.'">'.$label.'</label>';
+                                                               $radioLabelIdAttribute = ' id="'.$radioId.'"';
+                                                       } else {
+                                                               $radioLabelIdAttribute = '';
                                                        }
-                                                       $option.= '<input type="radio" name="'.$confData['fieldname'].'"'.($fieldId?' id="'.$fieldId.'"':'').' value="'.$items[$a][1].'"'.(!strcmp($items[$a][1],$default)?' checked="checked"':'').''.$addParams.' />';
-                                                       $option.= $label;
+                                                       $option .= '<input type="radio" name="'.$confData['fieldname'].'"'.$radioLabelIdAttribute.' value="'.$items[$a][1].'"'.(!strcmp($items[$a][1],$default)?' checked="checked"':'').''.$addParams.' />';
+                                                       if ($conf['accessibility'])     {
+                                                               $option .= '<label for="'.$radioId.'">' . $this->stdWrap(trim($items[$a][0]), $conf['radioWrap.']) . '</label>';
+                                                       } else {
+                                                               $option .= $this->stdWrap(trim($items[$a][0]), $conf['radioWrap.']);
+                                                       }
+                                                       $option .= '<br />';
+                                               }
+                                               if ($conf['accessibility'])     {
+                                                       $option.='</fieldset>';
                                                }
                                                $fieldCode = $option;
                                        break;
@@ -1889,8 +1920,8 @@ class tslib_cObj {
 
                                                // Field:
                                        $fieldLabel = $confData['label'];
-                                       if ($conf['accessibility'] && $confData['type']!='radio')       {
-                                               $fieldLabel = '<label for="'.$formname.'_'.md5($confData['fieldname']).'">'.$fieldLabel.'</label>';
+                                       if ($conf['accessibility'] && $confData['type']!='radio' && $confData['type'] != 'label')       {
+                                               $fieldLabel = '<label for="'.$prefix.$fName.'">'.$fieldLabel.'</label>';
                                        }
 
                                                // Getting template code:
@@ -2007,7 +2038,7 @@ class tslib_cObj {
                $content = Array(
                        '<form'.
                                ' action="'.htmlspecialchars($action).'"'.
-                               ' name="'.$formname.'"'.
+                               ' id="'.$formname.'"'.($xhtmlStrict ? '' : ' name="'.$formname.'"').
                                ' enctype="'.$GLOBALS['TYPO3_CONF_VARS']['SYS']['form_enctype'].'"'.
                                ' method="'.($conf['method']?$conf['method']:'post').'"'.
                                ($theTarget ? ' target="'.$theTarget.'"' : '').
@@ -2775,6 +2806,20 @@ class tslib_cObj {
                return $altParam;
        }
 
+       /**
+        * Removes forbidden characters and spaces from name/id attributes in the form tag and formfields
+        *
+        * @param       string          Input string
+        * @return      string          the cleaned string
+        * @see FORM()
+        */
+       function cleanFormName($name) {
+                       // turn data[x][y] into data:x:y:
+               $name = preg_replace('/\[|\]\[?/',':',trim($name));
+                       // remove illegal chars like _
+               return preg_replace('#[^:a-zA-Z0-9]#','',$name);
+       }
+
 
 
 
@@ -5143,8 +5188,8 @@ class tslib_cObj {
                                                $this->lastTypoLinkTarget = $LD['target'];
                                                $targetPart = $LD['target'] ? ' target="'.$LD['target'].'"' : '';
 
-                                                       // If sectionMark is set AND the current page is the page the link is to, check if there are any additional parameters and is not, drop the url.
-                                               if ($sectionMark && !trim($addQueryParams) && $page['uid']==$GLOBALS['TSFE']->id)       {
+                                                       // If sectionMark is set, there is no baseURL AND the current page is the page the link is to, check if there are any additional parameters and is not, drop the url.
+                                               if ($sectionMark && !trim($addQueryParams) && $page['uid']==$GLOBALS['TSFE']->id && !$GLOBALS['TSFE']->config['config']['baseURL'])     {
                                                        list(,$URLparams) = explode('?',$this->lastTypoLinkUrl);
                                                        list($URLparams) = explode('#',$URLparams);
                                                        parse_str ($URLparams.$LD['orig_type'], $URLparamsArray);
index 695230d..86beb45 100755 (executable)
@@ -3356,7 +3356,7 @@ if (version == "n3") {
         */
        function prefixLocalAnchorsWithScript() {
                $scriptPath = substr(t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'),strlen(t3lib_div::getIndpEnv('TYPO3_SITE_URL')));
-               $this->content = eregi_replace('(<(a|area)[[:space:]]+href=")(#[^"]*")','\1'.htmlspecialchars($scriptPath).'\3',$this->content);
+               $this->content = preg_replace('/(<(a|area).*?href=")(#[^"]*")/i','$1' . htmlspecialchars($scriptPath) . '$3',$this->content);
        }
 
        /**
index 539e05b..bd81a65 100755 (executable)
@@ -661,7 +661,8 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv("REMOTE_ADDR")."' (".t3lib_div::getIndp
                                                        <td valign="top">
                                                           '.$this->fontTag1.'<BR>
                                                           <input type="hidden" name="step" value="2">
-                                                          <input type="submit" value="Update localconf.php"><BR><br /><strong>NOTICE: </strong>By clicking this button, typo3conf/localconf.php is updated with new values for the parameters listed above!</font><BR>
+                                                          <input type="hidden" name="TYPO3_INSTALL[localconf.php][encryptionKey]" value="'.md5(uniqid(rand(),true)).'">
+                                                          <input type="submit" value="Continue"><BR><br /><strong>NOTICE: </strong>By clicking this button, typo3conf/localconf.php is updated with new values for the parameters listed above!</font><BR>
                                                        </td>
                                                </tr>
                                           </form>
@@ -721,7 +722,7 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv("REMOTE_ADDR")."' (".t3lib_div::getIndp
 
                                                           '.$this->fontTag1.'<BR>
                                                           <input type="hidden" name="step" value="3">
-                                                          <input type="submit" value="Update localconf.php"><BR><br /><strong>NOTICE: </strong>By clicking this button, typo3conf/localconf.php is updated with new values for the parameters listed above!</font><BR>
+                                                          <input type="submit" value="Continue"><BR><br /><strong>NOTICE: </strong>By clicking this button, typo3conf/localconf.php is updated with new values for the parameters listed above!</font><BR>
                                                        </td>
                                                </tr>
                                           </form>