Packages/TYPO3.CMS.git
7 years ago[BUGFIX] Error handler registration accepts way too much PHP error types
Marcus Krause [Sat, 22 Sep 2012 12:21:58 +0000 (14:21 +0200)]
[BUGFIX] Error handler registration accepts way too much PHP error types

Taken from http://php.net/manual/en/function.set-error-handler.php
set_error_handler has limitations for error types to process.

In detail E_ERROR, E_PARSE, E_CORE_ERROR, E_CORE_WARNING,
E_COMPILE_ERROR, E_COMPILE_WARNING cannot handled by an user defined
function.

This issue is about reflecting this in config_default settings and
in t3lib_error_ErrorHandler to make sure to process only error types
we can handle.

Change-Id: I908aa33c07a7de69095dce3e0d74d19134733231
Fixes: #31827
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14935
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Tree view in admin panel is broken with PHP 5.4
Philipp Gampe [Sat, 22 Sep 2012 16:15:59 +0000 (18:15 +0200)]
[BUGFIX] Tree view in admin panel is broken with PHP 5.4

The double ['0.'] in $arr['0.']['0.'] is wrong.
Fun fact: This is "broken" since the initial commit.

Fixes: #41213
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ibb066611b2f419f0e7c085bb413bb3685eb4bfb4
Reviewed-on: http://review.typo3.org/14924
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
7 years ago[BUGFIX] Error handler callback causes fatal error for parse time errors
Marcus Krause [Sat, 22 Sep 2012 12:09:36 +0000 (14:09 +0200)]
[BUGFIX] Error handler callback causes fatal error for parse time errors

TYPO3's error handler callback t3lib_error_ErrorHandler::handleError()
causes a fatal error for PHP parse time errors.

If an error occurs during parse time (like E_DEPRECATED due to
deprecated $foo =& stdClass() code), autoloading is not available
and such PHP standard class 'Exception' (extended by t3lib_exception)
is not resolvable.
This results in a fatal and misleading error
'Class "Exception" not found'
together with a not useful backtrace. Additionally this behaviour
hides the original causing error (deprecated code).

Change-Id: I4ab97c1bf2d888022369f2095285cecc5a4c54a4
Fixes: #31834
Related: #31827
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14927
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Error messages are not shown in 123 installation process
Nicole Cordes [Fri, 21 Sep 2012 10:03:49 +0000 (12:03 +0200)]
[BUGFIX] Error messages are not shown in 123 installation process

Because of a missing ERRORMESSAGES subpart in the 123 install template,
error messages collected while processing are not shown in the frontend.
This patch adds the subpart to the template to show more error information
in the frontend.

Change-Id: I9ee57317958b4505565161c1679d1549c6b89c2c
Fixes: #41158
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14902
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[TASK] Database creating fails due to not allowed characters
Jigal van Hemert [Sat, 22 Sep 2012 05:08:57 +0000 (07:08 +0200)]
[TASK] Database creating fails due to not allowed characters

Due to compatibility the CREATE DATABASE statement is used without quotes.
At least for MySQL databases there are limited characters allowed to use
in unquoted database names (0-9,a-z,A-Z$_). At the moment the database
name is parsed with enabled hyphen but this is obviously not allowed. The
parsing has to be changed to meet the MySQL limitation as well.

Change-Id: Id8e025e6c681487818973a595652dd29cb86c4b8
Resolves: #41151
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14899
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUGFIX] Set charset property after cloning t3lib_PageRenderer
Laurent Cherpit [Mon, 26 Mar 2012 13:37:05 +0000 (15:37 +0200)]
[BUGFIX] Set charset property after cloning t3lib_PageRenderer

TCA tree causes fatal error when using in (IRRE)
1284906026: Language and character encoding are not set.

Change-Id: I6e859cb31edd4280d39e0f1ff268b865ac233fca
Fixes: #27957
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14247
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
7 years ago[BUGFIX] PHP warning when no language pack is available
Xavier Perseguers [Fri, 24 Aug 2012 08:51:07 +0000 (10:51 +0200)]
[BUGFIX] PHP warning when no language pack is available

Make sure to return either an array or a boolean and not a
string when retrieving the status of an translation pack.

Change-Id: Ic837026f387e370cf28a5c65866954898dc8a37c
Fixes: #40108
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/14026
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
7 years ago[TASK] Set TYPO3 version to 4.5.20-dev
TYPO3 Release Team [Wed, 15 Aug 2012 10:26:15 +0000 (12:26 +0200)]
[TASK] Set TYPO3 version to 4.5.20-dev

Change-Id: I712fe72e2638caf8a3dbee37ac493d3410dce8da
Reviewed-on: http://review.typo3.org/13776
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.19
TYPO3 Release Team [Wed, 15 Aug 2012 10:26:05 +0000 (12:26 +0200)]
[RELEASE] Release of TYPO3 4.5.19

Change-Id: I6497d5ff720b47abd594e1e5b9ea11f17a3c254c
Reviewed-on: http://review.typo3.org/13775
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[SECURITY] XSS in install tool
Mario Rimann [Wed, 15 Aug 2012 10:18:08 +0000 (12:18 +0200)]
[SECURITY] XSS in install tool

In the "Basic Configuration" section, some configuration values are
rendered without proper escaping both as input fields or as
regular content of the page. These values are htmlspecialchars-
treated now.

For the "All Configuration" form, all input fields and text area fields get now htmlspecialchars-treated.

Change-Id: Iba8a37ad24557f1af6772af8596660cab8d4bf7f
Fixes: #21634
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 835221d1b9b4f50a0769a5ed1f0116993b87da9c
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13744
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Page Link Target vulnerable to XSS
Markus Bucher [Wed, 15 Aug 2012 10:18:01 +0000 (12:18 +0200)]
[SECURITY] Page Link Target vulnerable to XSS

This patch adds htmlspecialchars to page link target to prevent
XSS.

Change-Id: Ib8f812f89f892f580fc70300a4e4fa2287559dba
Fixes: #32653
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: f9987febc23355d9a4996eba7ac0039bfe801607
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13743
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in validateForm
Markus Bucher [Wed, 15 Aug 2012 10:17:55 +0000 (12:17 +0200)]
[SECURITY] XSS in validateForm

Properly quote the form name and field list
for the JavaScript validation

Fixes: #25052
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: I01527117c20e25963951502c2277b853f683fe04
Security-Commit: 20a6486d3027f474fb2352668cdb0fbee5f251f3
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13742
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in TCE forms
Christian Kuhn [Wed, 15 Aug 2012 10:17:48 +0000 (12:17 +0200)]
[SECURITY] XSS in TCE forms

Properly encode field labels that are set via TSConfig.

Fixes: #25356
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ic41ce41cf8babd27867e71764173cf4e6524843e
Security-Commit: efdf638fa6f2971d62195aa40137e19a89884a2b
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13741
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in Scheduler Example Task
Mario Rimann [Wed, 15 Aug 2012 10:17:42 +0000 (12:17 +0200)]
[SECURITY] XSS in Scheduler Example Task

The scheduler test-task that sends an email does not properly
sanitize the input of the email field when rendering the editing
form of that task.

Change-Id: I82f63ff7267e4ba8da2e31a2659b0bca4cf83ed2
Fixes: #30967
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 7f96ebdff7db327825dbb8f835b1e6f8aee39ce1
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13740
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] HTML5 support in RemoveXSS
Franz G. Jahn [Wed, 15 Aug 2012 10:17:36 +0000 (12:17 +0200)]
[SECURITY] HTML5 support in RemoveXSS

Add support for HTML5 tags and attributes in RemoveXSS.

Change-Id: I4487386f8c62d6ec32d9f66215ebd45e3ebf9cb0
Fixes: #37127
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 4868b1a837cc7263cb2a92e2007ce253f0303a7e
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13739
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Information Disclosure in the Configuration Module
Mario Rimann [Wed, 15 Aug 2012 10:17:29 +0000 (12:17 +0200)]
[SECURITY] Information Disclosure in the Configuration Module

The configuration module showed the encryption key as plaintext.
For this view, the encryption key is masked and it's length is
shown instead, e.g. "***** (length: 96 characters)"

Change-Id: Id9561ca6c5812fb9bd6c177896a27854e8f0cdb4
Fixes: #39345
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 0e61891d3f872437729d2d5a2d976669e38bd938
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13738
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Untrusted GP data is unserialized in old CSH handling
Helmut Hummel [Wed, 15 Aug 2012 10:17:23 +0000 (12:17 +0200)]
[SECURITY] Untrusted GP data is unserialized in old CSH handling

Using the old and already deprecated CSH handling in TYPO3 backend,
untrusted GP data is unserialized. Validate the submitted data with
an hmac.

Change-Id: I0a6961b7db3e4b80270745421c82122deb4f6874
Fixes: #33520
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13737
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in Indexed Search statistics
Steffen Gebert [Wed, 15 Aug 2012 10:17:18 +0000 (12:17 +0200)]
[SECURITY] XSS in Indexed Search statistics

Indexed Search statistics module is vulnerable to
persistent XSS attack injected by arbitrary frontend users.

Change-Id: I9298b5d1808cef9d123d4b9c3867f1f55dfe4efe
Fixes: #31927
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: f16df3528cb66183fd7371cf6a64f7f7da98dd74
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13736
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] t3lib_div::quoteJSvalue allows XSS
Helmut Hummel [Wed, 15 Aug 2012 10:17:12 +0000 (12:17 +0200)]
[SECURITY] t3lib_div::quoteJSvalue allows XSS

When t3lib_div::quoteJSvalue() was used with second
parameter set to TRUE closing HTML script tags were
not escaped correctly.

Now every character except harmless ones is encoded
to a hex representation.

Change-Id: Iab6793a3028976c4283cda466a2d3c6799b2554e
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #23226
Security-Commit: 70901d7dab2ba8cd314e931e98c3ec84b08fd0fb
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13735
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[TASK] Set TYPO3 version to 4.5.19-dev stephenking/rootline-cache-45-2
TYPO3 Release Team [Wed, 8 Aug 2012 12:44:52 +0000 (14:44 +0200)]
[TASK] Set TYPO3 version to 4.5.19-dev

Change-Id: I413424ca74693a7bd4bacb44bf3724f457a0963e
Reviewed-on: http://review.typo3.org/13524
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.18
TYPO3 Release Team [Wed, 8 Aug 2012 12:44:43 +0000 (14:44 +0200)]
[RELEASE] Release of TYPO3 4.5.18

Change-Id: Ibf85379e48a59fdfabdad4edaf25c978dcd596b4
Reviewed-on: http://review.typo3.org/13523
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[BUGFIX] Pass $fieldName when processing FlexForm DS in t3lib_transferData
Claus Due [Sat, 4 Aug 2012 15:57:52 +0000 (17:57 +0200)]
[BUGFIX] Pass $fieldName when processing FlexForm DS in t3lib_transferData

This change simply adds $fieldName to the "real" call to process
the FlexForm's DS. The argument is already supported on the target
class and the value of the argument for the dispatching method in
t3lib_transferData already is properly filled with the correct name.

Change-Id: Ief2f07bca064ae4eed248bb058b4884bcdc7ed96
Releases: 4.5, 4.6, 4.7, 6.0
Fixes: #39527
Reviewed-on: http://review.typo3.org/13473
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUGFIX] t3lib_db - expects parameter 1 to be resource, boolean given
Michael Klapper [Fri, 3 Aug 2012 10:23:35 +0000 (12:23 +0200)]
[BUGFIX] t3lib_db - expects parameter 1 to be resource, boolean given

The method t3lib_db::debug_check_recordset should use
"is_resource" to be sure we have a proper database resource object.

Change-Id: I18f25760d53d3bd3d8e396b40dbf3727b3bf33c8
Fixes: #39509
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13441
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Suggest Wizard crashes in Frontend Editing
Dennis Ahrens [Tue, 20 Dec 2011 14:52:23 +0000 (15:52 +0100)]
[BUGFIX] Suggest Wizard crashes in Frontend Editing

As the backpath cannot be resolved, the JS dies.

Change-Id: I614fba37f9010ed92a43f04b3e9d564f49fe50a6
Fixes: #25079
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12836
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Oliver Klee
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] unlink issues warnings for lock files
Markus Klein [Sat, 3 Dec 2011 20:08:54 +0000 (14:08 -0600)]
[BUGFIX] unlink issues warnings for lock files

t3lib_lock issues warnings for non-existent lock files.

Change-Id: I55df9938cf56825cd808195f74f10582d2ecedad
Fixes: #32282
Releases: 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/12831
Reviewed-by: Marcus Schwemer
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] IRRE childs don't expand in Internet Explorer
Stefan Aebischer [Thu, 12 Jul 2012 17:30:26 +0000 (18:30 +0100)]
[BUGFIX] IRRE childs don't expand in Internet Explorer

document.getElementsByName doesn't always extend the returned DOM
Elements with prototype.js specific methods in Internet Explorer.
This patch uses the $$() selector to retrieve the needed DOM
Elements, as it always extends the returned Elements with
prototype.js specific methods (e.g. remove())

Change-Id: I083ca8b55a3b95757408a159f39f7b22cacf9c8f
Fixes: #38849
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/13412
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] t3lib_db::exec_SELECTgetRows method annotation
Nicole Cordes [Tue, 31 Jul 2012 14:48:20 +0000 (16:48 +0200)]
[BUGFIX] t3lib_db::exec_SELECTgetRows method annotation

The function returns a NULL value if a sql error occurs.

Change-Id: Ic508aa5ba2034c0a230f5fad56690979ed576bf4
Fixes: #39417
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13408
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Properly check disabled versioning within tcemain
Tolleiv Nietsch [Sat, 4 Feb 2012 08:53:31 +0000 (09:53 +0100)]
[BUGFIX] Properly check disabled versioning within tcemain

Setting $GLOBALS['TCA'][$table]['ctrl']['versioningWS'] = FALSE; isn't
fully working within tcemain because some isset() checks don't
look at the value atm.

Change-Id: I75a994c5eb09c4cc5b4c68e986f42b4592fd1043
Fixes: #33625
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12834
Reviewed-by: Tymoteusz Motylewski
Reviewed-by: Marcus Schwemer
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
7 years ago[BUGFIX] PHP warnings may show up in the List module
Dmitry Dulepov [Thu, 24 Nov 2011 15:19:02 +0000 (17:19 +0200)]
[BUGFIX] PHP warnings may show up in the List module

If the table is defined in $TCA but it misses "columns" array,
there will be a warning in the List module when searching for
any phrase. Implement a check that "columns" entry exists and
write a log message if it does not.

Change-Id: I0cba20e3b45ef78eb926042cc8ff09ea255c33ec
Resolves: #22152
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12824
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Shell command arguments are not escaped
Mario Rimann [Tue, 17 Jul 2012 20:11:45 +0000 (22:11 +0200)]
[BUGFIX] Shell command arguments are not escaped

Shell command arguments should be escaped with
escapeshellarg() PHP function, which adds single quotes
around the argument and escapes all single quotes inside the
argument.

Change-Id: If6f0dd507828510893d11ebea5da88748dc7cd0c
Resolves: #31278
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12855
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
7 years ago[BUGFIX] RTE transformation transforms LF/CR between div and hr into space
Stanislas Rolland [Fri, 29 Jul 2011 15:49:50 +0000 (11:49 -0400)]
[BUGFIX] RTE transformation transforms LF/CR between div and hr into space

Fix the issue and add test cases.

Change-Id: I3bf677985d5599fd8dae41101519779deb3b3359
Resolves: #26815
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/13018
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] Exclude E_STRICT on PHP 5.4 and unify error reporting
Philipp Gampe [Fri, 6 Jul 2012 07:36:47 +0000 (09:36 +0200)]
[BUGFIX] Exclude E_STRICT on PHP 5.4 and unify error reporting

Since #38645 most error_reporting defintions are excluding E_STRICT on
newer PHP versions, but some places have been forgotten to be adapted.

Change-Id: I84a97b5124b8c69297086fc293290e12456d8cf1
Fixes: #38691
Relates: #38645
Releases: 4.5
Reviewed-on: http://review.typo3.org/12656
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
7 years ago[TASK] Always return a boolean in t3lib_div::validPathStr
Andy Grunwald [Fri, 6 Jul 2012 10:56:46 +0000 (12:56 +0200)]
[TASK] Always return a boolean in t3lib_div::validPathStr

In t3lib_div::validPathStr() a boolean (TRUE) is returned,
if this is a valid path string. If it is NOT a valid path string,
then nothing will be returned. In the doc comment,
there is a return type "boolean" mentioned.

Just return a boolean, if it is not a valid path string.

Change-Id: Ie153a6df39f639895264dafbbd1adc76d96ae124
Fixes: #38604
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12667
Reviewed-by: Andy Grunwald
Reviewed-by: Oliver Klee
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
7 years ago[TASK] Improve error message of "broken rootline"
Georg Ringer [Fri, 13 Jan 2012 11:29:53 +0000 (12:29 +0100)]
[TASK] Improve error message of "broken rootline"

Currently it is hard to get the reason why the error
"broken rootline" appears. Therefore the error msg can be
improved by adding the ID and fields which are queried.

Change-Id: I0d47ba944a96b29b220e590c24ead8c75c0a5fb6
Resolves: #33082
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13007
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
7 years ago[BUGFIX] Formmail doesn't always use correct character set
Jigal van Hemert [Sat, 19 Nov 2011 08:32:09 +0000 (09:32 +0100)]
[BUGFIX] Formmail doesn't always use correct character set

To work around a bug in SwitfMailer the character set of a message part
should always be set. When no character set is explicitly defined use
the renderCharset instead.

Change-Id: Ie1a9600bfe95c94e4250a6888cb29ee0f3b42d11
Fixes: #28684
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13006
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUGFIX] $_EXTCONF was not filled in ext_tables.php
Ernesto Baschny [Wed, 18 Jul 2012 16:54:15 +0000 (18:54 +0200)]
[BUGFIX] $_EXTCONF was not filled in ext_tables.php

Change-Id: I097ec87bbc2b8be5387fa7e9ca87d62bbd3560b1
Fixes: #38927
Releases: 4.5
Reviewed-on: http://review.typo3.org/12891
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] stdWrap numRows fails due to wrong SELECT clause
Ernesto Baschny [Tue, 17 Jul 2012 16:03:03 +0000 (18:03 +0200)]
[BUGFIX] stdWrap numRows fails due to wrong SELECT clause

Exclude aggregate functions count(), sum(), max(),
min(), avg() in if statement inside
tslib_cObj::sanitizeSelectPart().

Change-Id: I1fc1360ffc239695f0c04ca2322870a2129133ec
Fixes: #34152
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12999
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Sat, 21 Jul 2012 15:54:33 +0000 (17:54 +0200)]
[TASK] Raise submodule pointer

Change-Id: Ia7af2bf45b3a447641cb4a2e845b416d65e499db
Reviewed-on: http://review.typo3.org/12977
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[BUGFIX] QT movies prefixed abusively in Media CE
Francois Suter [Tue, 17 Jul 2012 13:38:50 +0000 (15:38 +0200)]
[BUGFIX] QT movies prefixed abusively in Media CE

If some prefixes are defined (either base URL or absRefPrefix),
the Media CE will apply such prefix to any Quicktime movie
even if said movie is referenced by an absolute URL.

Change-Id: Ib176225e95472c7f5877b00f9c1bb2fe8041b773
Fixes: #39026
Releases: 6.0,4.7,4.6,4.5
Reviewed-on: http://review.typo3.org/12929
Reviewed-by: Francois Suter
Tested-by: Francois Suter
7 years ago[BUGFIX] Send sane HTTP response in showpic on error
Christian Kuhn [Wed, 18 Jul 2012 09:37:29 +0000 (11:37 +0200)]
[BUGFIX] Send sane HTTP response in showpic on error

Currently, if showpic.php requests fail, exceptions are thrown. Those are
usually converted to a HTTP response 500 (internal server error) by the
production exception handler. Crawlers react on 500 by trying to index
the resource again later.

This is changed to now set specific response codes. If the paramters are
incorrect or broken, an 410 (Gone) will be sent, informing users and
crawlers that the resource is not available under this URL. Crawlers
like googleBot will then stop requesting the resource.

In case all parameters are ok, but the image itself is not found, a 404
will be sent to the client. Crawlers will try to index the resource
again only if there are still links pointing to the resource.

Change-Id: I606937fa9953b88be5edf940201e0153223ae0e6
Fixes: #39052
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12919
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Unnecessary warning in css_styled_content (division by zero)
Thomas Layh [Wed, 2 May 2012 14:10:06 +0000 (16:10 +0200)]
[BUGFIX] Unnecessary warning in css_styled_content (division by zero)

If tt_content.image.20.maxW is not set, PHP throws a warning about
division by zero. This is not necessary. After that the variable
$scale is not set. This patch checks if $netW is greater zero and
otherwise the else condition will set $scale to 1.

Change-Id: Icd876b33d543080e486e0184c8af34c9a3831738
Fixes: #36777
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12865
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[BUGFIX] datepicker does not set current time as default
Simon Schaufelberger [Thu, 24 May 2012 08:43:53 +0000 (10:43 +0200)]
[BUGFIX] datepicker does not set current time as default

Changeing the time manually and picking another day overwrites the time
and sets it again to 0:00.

Change-Id: Iae80b9519df2a49b8d1ed1e5d5f1082243ca4fe6
Fixes: #33629
Releases: 4.5
Reviewed-on: http://review.typo3.org/11568
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[BUGFIX] Drag&Drop inside the root page of the pagetree isn't possible
Stefan Galinski [Thu, 28 Jun 2012 08:25:05 +0000 (10:25 +0200)]
[BUGFIX] Drag&Drop inside the root page of the pagetree isn't possible

In case there is no page (except the root page) within TYPO3, you can't
use the drag and drop functionality in the page tree to create the first
page.

Change-Id: I4f4aed78916f1ab0ebf9bbc1baad2b2743e9d1b2
Fixes: #24626
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12437
Reviewed-by: Christian Kuhn
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[BUGFIX] Check if user is allowed to paste page to pagetree
Max Roesch [Sat, 14 Apr 2012 17:41:48 +0000 (19:41 +0200)]
[BUGFIX] Check if user is allowed to paste page to pagetree

The user rights have checks for new / edit / delete, but paste was missing
leading to an error. Page actions 'paste into' and 'page after' now checks
if the user has rights for adding new pages to the current page.

Change-Id: I24b61c37ae76a4411ddb0b35feed46ab1f02f486
Fixes: #33546
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11067
Reviewed-by: Wouter Wolters
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[BUGFIX] Add rootline workspace overlay for backend_layouts.
Timo Webler [Thu, 19 Apr 2012 06:56:21 +0000 (08:56 +0200)]
[BUGFIX] Add rootline workspace overlay for backend_layouts.

When fetching the rootline inside a workspace
make sure to fetch the correct overlay.

Change-Id: I15ef4202d34c62f7aab598f7173530976233eb45
Fixes: #36313
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/10629
Reviewed-by: Stefan Neufeind
Reviewed-by: Philipp Gampe
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
7 years ago[BUGFIX] accessibilityWrap ignores simple value
Jigal van Hemert [Mon, 9 Jul 2012 21:13:56 +0000 (23:13 +0200)]
[BUGFIX] accessibilityWrap ignores simple value

Radio buttons with accessibilityWrap must use simple value
if no complex configuration is supplied. An extra dot prevented
this.

Change-Id: I0e2273ccac18ee37a1ffc2de602617e5d3764ac8
Fixes: #38791
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12731
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUG] t3lib_div::getFilesInDir order differs from order in File list
Benjamin Mack [Fri, 6 Jul 2012 08:58:54 +0000 (10:58 +0200)]
[BUG] t3lib_div::getFilesInDir order differs from order in File list

Files with uppercase letters are sorted before all lowercase file
names due to a bug in getFilesInDir(). This behavior is seen in
the browse_links function, but not in the general file list module.
The fix does the sorting independently from the uppercase
characters.

Change-Id: I4bdacfe1644f2ac32b5b9173fa63ab6a11c78c07
Resolves: #18771
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12685
Reviewed-by: Benjamin Mack
Tested-by: Benjamin Mack
7 years ago[BUGFIX] RTE: Importing google webfonts breaks style sheet parsing
Stanislas Rolland [Thu, 5 Jul 2012 16:37:07 +0000 (12:37 -0400)]
[BUGFIX] RTE: Importing google webfonts breaks style sheet parsing

Problem: The imported css file does not contain any css rule.
Solution: Check for the presence of css rules in the imported file.
Note: Thanks to Robert Volk.

Change-Id: I735bafba8a16a958746cba126c450cc97f6ad569
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #36316
Reviewed-on: http://review.typo3.org/12681
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] E_DEPRECATED does not exist in PHP 5.2
Ivan Kartolo [Wed, 4 Jul 2012 14:36:45 +0000 (16:36 +0200)]
[BUGFIX] E_DEPRECATED does not exist in PHP 5.2

Because TYPO3 4.5.x should also work on PHP 5.2, the E_DEPRECATED constant
must be removed, since it produces notices.

Change-Id: Idb0e7ffb327a44088b966e04008d8efb03555b3b
Fixes: #38645
Releases: 4.5
Reviewed-on: http://review.typo3.org/12612
Reviewed-by: Philipp Gampe
Reviewed-by: Markus Klein
Reviewed-by: Ivan Dharma Kartolo
Tested-by: Ivan Dharma Kartolo
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] RTE spellcheck issue on Windows server
Stanislas Rolland [Thu, 28 Jun 2012 21:52:35 +0000 (17:52 -0400)]
[BUGFIX] RTE spellcheck issue on Windows server

Problem: There is no command "cat" on windows systems. The equivalent
for these systems would be "type".
Solution: Use "type" when OS is Windows.

Change-Id: Ifc0043c0c1da31572169e7bcbffa21cce33afc4a
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #36438
Reviewed-on: http://review.typo3.org/12431
Reviewed-by: Wouter Wolters
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[TASK] Set TYPO3 version to 4.5.18-dev
TYPO3 Release Team [Wed, 4 Jul 2012 09:16:27 +0000 (11:16 +0200)]
[TASK] Set TYPO3 version to 4.5.18-dev

Change-Id: I2df83ecb7a5d86fe27690bc79179c2b34da5886e
Reviewed-on: http://review.typo3.org/12596
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.17
TYPO3 Release Team [Wed, 4 Jul 2012 09:16:15 +0000 (11:16 +0200)]
[RELEASE] Release of TYPO3 4.5.17

Change-Id: I02c06f79d488b928b0b20a5a8bd2b560d142078b
Reviewed-on: http://review.typo3.org/12595
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[SECURITY] XSS in swfupload
Oliver Hader [Wed, 4 Jul 2012 08:30:40 +0000 (10:30 +0200)]
[SECURITY] XSS in swfupload

There is a known XSS vulnerability in swfupload which isn't
fixed yet. Thanks to the Wordpress project for providing a
fix - we just borrowed that code.

Change-Id: I67a669d1a9898ae52d1430ccb5e455041ea1c733
Fixes: #38578
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-003
Reviewed-on: http://review.typo3.org/12591
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] Exclude E_STRICT from exceptionalErrors
Mario Rimann [Mon, 2 Jul 2012 20:37:00 +0000 (22:37 +0200)]
[BUGFIX] Exclude E_STRICT from exceptionalErrors

From PHP 5.4, E_STRICT became part of E_ALL. This leads to lots of runtime
notice exceptions when using PHP 5.4. To avoid that, E_STRICT needs to be
excluded from error reporting.

Change-Id: I7ccd81a936384bc9417fcba79a59b9a0d255d229
Fixes: #35154
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12528
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] IRRE records can't be expanded without an hidden field
Oliver Hader [Fri, 29 Jun 2012 16:52:52 +0000 (18:52 +0200)]
[BUGFIX] IRRE records can't be expanded without an hidden field

If no hidden field in TCA for IRRE child records, this will
lead to JavaScript errors on expanding the accordant child
record in the TCEforms view.

This regression has been introduced in issue #34303

Change-Id: Id980c001d9b33894e24581d6c89a20d3c795b34d
Fixes: #37615
Related: #34303
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12577
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] TSFE->additionalFooterData for USER_INT
Oliver Hader [Thu, 7 Jun 2012 09:13:24 +0000 (11:13 +0200)]
[BUGFIX] TSFE->additionalFooterData for USER_INT

TSFE->additionalFooterData was introduced with TYPO3 4.3, but
only for the purpose of t3lib_PageRenderer. The definition of
this property is e.g. missing at all in tslib_fe and besides
that, the handling for USER_INT/COA_INT objects is not there
at all.

Change-Id: I728dfd43d0c72138b18dc87b81c4d4be4491177b
Fixes: #29254
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11860
Reviewed-on: http://review.typo3.org/12570
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7
Stanislas Rolland [Tue, 3 Jul 2012 16:18:56 +0000 (12:18 -0400)]
[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7

Problem: When using IE9, the RTE does not work correctly when using
compatibility modes IE8 or IE7. In particular, the style sheets are not
parsed, because they are not loaded in the same order as with the
specified compatibility version.
Solution: Check whether compatibility mode is activated and avoid
reliance on order.

Change-Id: Ie97df28e5add40f547a1952fcfd6ab30a5ab20b6
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #38574
Reviewed-on: http://review.typo3.org/12546
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] Custom HTML tags no longer malformed in IE
Bart Dubelaar [Mon, 19 Mar 2012 14:44:34 +0000 (15:44 +0100)]
[BUGFIX] Custom HTML tags no longer malformed in IE

Custom HTML tags would get malformed while editing in IE.
If a tag is not present in HTML4 and the document mode
of IE is lower than IE9 Standards, then the tag is not
present in the DOM and not parsed correctly.
This is fixed by specifying possible custom tags in TSconfig
and creating dummy instances of the tags before loading
the contents in the DOM, also known as the Shiv trick.

Change-Id: I4b4f449007d4130418734769b511d0e397aeff01
Fixes: #34786
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12513
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] Remove a rather dubious unit test for Redis cache backend
Christian Kuhn [Sun, 1 Jul 2012 09:51:22 +0000 (11:51 +0200)]
[BUGFIX] Remove a rather dubious unit test for Redis cache backend

The password test is not very useful and fails with younger redis
versions. It was already removed in TYPO3.FLOW3 with commit
e06bd9bb0a3e602a6b067d91b94e88cd78d96135

Change-Id: Iae7372c54c3c8befd08cbdccfb578f6986e1d588
Resolves: #38511
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12491
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Fix unit test failure if gif compress is disabled
Susanne Moog [Sat, 30 Jun 2012 13:45:00 +0000 (15:45 +0200)]
[BUGFIX]  Fix unit test failure if gif compress is disabled

If gif_compress is disabled in the install tool, the
test gifCompressFixesPermissionOfConvertedFileIfUsingGd
fails, as the method it tests only does things if
gif_compress is enabled.

Change-Id: I91603452e43188cd38afeb3ca8b38e2913848e66
Fixes: #38501
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12476
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] VariableFrontend initializeObject not called
Daniel Pötzinger [Thu, 12 Apr 2012 17:59:38 +0000 (19:59 +0200)]
[BUGFIX] VariableFrontend initializeObject not called

The method is protected and is not called in the container then

Change-Id: I03ab47aa1030e782d14304d9371fc62b9c5aed18
Fixes: #35915
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12472
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Remove class of td if "No CSS styles for this table" is set
Juergen Furrer [Tue, 5 Jun 2012 18:05:14 +0000 (20:05 +0200)]
[BUGFIX] Remove class of td if "No CSS styles for this table" is set

Change-Id: I75f1a27b4ef1a94831d6d80f8d0d8d649fc8d1ca
Fixes: #37618
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12469
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Markers (%s) are not replaced in TCEmain error messages
Bart Dubelaar [Fri, 20 Apr 2012 19:17:57 +0000 (21:17 +0200)]
[BUGFIX] Markers (%s) are not replaced in TCEmain error messages

Change-Id: I33d8840390deba3e8a2ac5a188fd6fb089b91b5f
Fixes: #36290
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12466
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[TASK] Add travis configuration file
Helmut Hummel [Fri, 29 Jun 2012 21:35:53 +0000 (23:35 +0200)]
[TASK] Add travis configuration file

For details read the ticket description.

Change-Id: Ibc22c62e7bb490e1871db92bbc09cd7e56581fa3
Resolves: #38357
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12459
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
7 years ago[BUGFIX] Reports: Wrong indication for saltedpasswords
Markus Klein [Sun, 15 Apr 2012 08:55:23 +0000 (10:55 +0200)]
[BUGFIX] Reports: Wrong indication for saltedpasswords

The reports module shows a wrong status indication for saltedpasswords
if it is configured to forceSalted.

Change-Id: I4621065e8a62a570ba162e340b4e90ea15222423
Fixes: #36093
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10548
Reviewed-by: Philipp Gampe
Reviewed-by: Stefan Neufeind
Reviewed-by: Oliver Klee
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
7 years ago[BUGFIX] Declaration of tx_rtehtmlarea_base::drawRTE() not compatible
Stanislas Rolland [Thu, 28 Jun 2012 19:49:14 +0000 (15:49 -0400)]
[BUGFIX] Declaration of tx_rtehtmlarea_base::drawRTE() not compatible

Solution: First parameter should be defined as reference so as to be
compatible with the definition of t3lib_rteapi::drawRTE().

Change-Id: Id1617a2345a6c6f564a9f8a7d6b0ac7f0cc34be8
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #37541
Reviewed-on: http://review.typo3.org/12430
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] IRRE hide/unhide broken
dkd-egerer Sascha Egerer [Sun, 15 Apr 2012 14:36:14 +0000 (16:36 +0200)]
[BUGFIX] IRRE hide/unhide broken

hide/unhide is broken when inline record is not opened before

Change-Id: I45d09705d4f11b7f4d829f33913b57b85e42fd3d
Resolves: #34303
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10696
Reviewed-by: Stefan Neufeind
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[TASK] PHP 5.4 adjustments
Markus Klein [Tue, 6 Mar 2012 10:42:54 +0000 (11:42 +0100)]
[TASK] PHP 5.4 adjustments

Small adjustments for PHP 5.4 compatibility.

Change-Id: I5c551f3f66fe9f68dd4f1a16790dcf00e300c72a
Resolves: #34685
Releases: 4.8, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11504
Reviewed-by: Oliver Klee
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
Reviewed-by: Marcus Schwemer
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Ensure $output is used as string
Peter Niederlag [Tue, 17 Apr 2012 07:26:22 +0000 (09:26 +0200)]
[BUGFIX] Ensure $output is used as string

Problem was introduced by new API t3lib_befunc::helpTextArray()
which changed ::helpText()

Change-Id: Idc055446333bfaec008944e41b434e844fcbd241
Fixes: #36194
Relates: #23798
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12082
Reviewed-by: Oliver Klee
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] fe_adminLib.inc uses undefined function
Sven Burkert [Thu, 22 Dec 2011 08:50:41 +0000 (02:50 -0600)]
[BUGFIX] fe_adminLib.inc uses undefined function

fe_adminLib.inc calls preg_spliti() which does not exist.

Change-Id: I7c16c2590ddc193fcad99e970ab8c6975e369261
Fixes: #32773
Releases: 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/12083
Reviewed-by: Oliver Klee
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Wed, 27 Jun 2012 15:43:37 +0000 (17:43 +0200)]
[TASK] Raise submodule pointer

Change-Id: Icf9ef39c313863879539b2a1e384ba2e61d5e6ed
Reviewed-on: http://review.typo3.org/12406
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[BUGFIX] Properly load existing usergroups in task
Bart Dubelaar [Mon, 23 Apr 2012 09:13:30 +0000 (11:13 +0200)]
[BUGFIX] Properly load existing usergroups in task

The create backend user task did not properly load
the usergroups of an existing user, because it wrongly
assumes that the groups are provided as array.
Actually the groups are provided as raw DB field,
thus no conversion is needed.

Change-Id: Ia704e071f6565f1a892e5f5c8d4c2b83a106f32f
Fixes: #36300
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12263
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Hide the field "Selected Pages" for menu type "Sitemap"
Marco Huber [Fri, 13 Apr 2012 14:35:47 +0000 (16:35 +0200)]
[BUGFIX] Hide the field "Selected Pages" for menu type "Sitemap"

The field "Selected Pages" is never used in the content element
"Menu/Sitemap" with menu type "Sitemap". So it should not be
shown in the backend.

Change-Id: I9464ff29fc9fd9864a404cfb14f0545b3e186366
Fixes: #35944
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12016
Reviewed-by: Markus Klein
Reviewed-by: Wouter Wolters
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
7 years ago[BUGFIX] redirect to referrer when changing password
Jigal van Hemert [Sun, 1 Jan 2012 22:05:47 +0000 (23:05 +0100)]
[BUGFIX] redirect to referrer when changing password

The referrer and referrerDomains redirect options must be ignored after
changing the password, otherwise you would end up on the page where the
change password form was displayed (which shows an error message now).
An extra option to ignore the referrer redirects is introduced for this.

Change-Id: I6daeb685f0656f56797a2cb2decc5982a5cf525c
Fixes: #21943
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/11754
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years agoBUGFIX] Illegal string offset
Jigal van Hemert [Mon, 28 May 2012 20:36:43 +0000 (22:36 +0200)]
BUGFIX] Illegal string offset

Check if parameter is an array before using it as an array in
getPagePath() and getPageInfo()

Change-Id: I96cbdcc5e6677d980100f53a76a74b3cb13e1068
Fixes: #37553
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11668
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[TASK] Set TYPO3 version to 4.5.17-dev
TYPO3 v4 Release Team [Tue, 22 May 2012 10:00:09 +0000 (12:00 +0200)]
[TASK] Set TYPO3 version to 4.5.17-dev

Change-Id: I1d05a6bdacf125bb31c3cf53e03a6c867b5aead5
Reviewed-on: http://review.typo3.org/11440
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.16
TYPO3 v4 Release Team [Tue, 22 May 2012 09:59:58 +0000 (11:59 +0200)]
[RELEASE] Release of TYPO3 4.5.16

Change-Id: Ib7f13d1db2f4bee84ac038f8198cbe09051b19e4
Reviewed-on: http://review.typo3.org/11439
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
7 years ago[TASK] Raise submodule pointer
TYPO3 v4 Release Team [Tue, 22 May 2012 09:53:08 +0000 (11:53 +0200)]
[TASK] Raise submodule pointer

Change-Id: Ic4c3b01935c82169ed30195f340359c7b88f25ad
Reviewed-on: http://review.typo3.org/11435
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
7 years ago[BUGFIX] Pagetree: Copying large branches duplicates branch
Steffen Gebert [Sat, 11 Feb 2012 15:52:03 +0000 (16:52 +0100)]
[BUGFIX] Pagetree: Copying large branches duplicates branch

Copying large branches (500+ pages, depending on the server) has a big
problem: The AJAX request is answered too late (after Ext.Direct
timeout), so Ext.Direct will resend the request. This will copy the
branch once again. So the copied branch appears twice after copying.

The whole process fails with a connection timeout error message and the
user has to reload the page tree.

Change-Id: I133566bf12c7511f7e8ef9cb9e6ff8683f07249c
Resolves: #26993
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11336
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[TASK] Add a comment for require_once in t3lib_error_ErrorHandler
Oliver Klee [Sun, 20 May 2012 16:03:51 +0000 (18:03 +0200)]
[TASK] Add a comment for require_once in t3lib_error_ErrorHandler

These require_once calls are needed to make the exception classes
available even if the autoloader is not loaded at this point yet.

The comment point this out and (hopefully) keeps people from deleting
the require_once calls as part of some clean up.

Resolves: #37335
Relates: #23444, #36061

Change-Id: Ie226b67f44ea0c3cbd17fa9e52018dbf8d8b58d4
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11389
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] PHP warning when a language pack does not exist
Xavier Perseguers [Wed, 9 May 2012 07:48:05 +0000 (09:48 +0200)]
[BUGFIX] PHP warning when a language pack does not exist

If PHP warnings are not catched, file_get_contents issues a warning
message whenever a file cannot be retrieved.

Change-Id: Icdf7c767e9672a6ff632a1f98542e2f97c0dcbc7
Fixes: #36976
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11356
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[BUGFIX] DB field names exceed max length with 'zzz_deleted'
Tolleiv Nietsch [Sun, 20 May 2012 12:42:47 +0000 (14:42 +0200)]
[BUGFIX] DB field names exceed max length with 'zzz_deleted'

MySQL allows a maximum of 64 characters for column and table names.
When prefixing them with 'zzz_deleted' this limit might be reached
by accident. (e.g. with
'zzz_deleted_tx_powermail_tellAFriendForm_receiverEmailContentField')

The patch avoids the overstepping 64 characters.

At the same time the prefixed and shortened field names are more
likely to have the same name, therefore the names are cut
from the beginning.

Change-Id: I7e377e9fe26894b1c6e6b80b1b787e88b5df6087
Fixes: #33580
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11330
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
Reviewed-by: Philipp Gampe
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Regression of "better condition in versionOL of t3lib_tstemplate"
Andy Grunwald [Wed, 9 May 2012 08:45:56 +0000 (10:45 +0200)]
[BUGFIX] Regression of "better condition in versionOL of t3lib_tstemplate"

versionOL in t3lib_tstemplate can cause a fatal error for
scripts like eID that run in frontend mode, but without a full
blown frontend environment.

The patch replaces the frontend check with a more specific test
for the required methods.

Change-Id: If7712903b96922ea3da51218d3ed5ff2496168f8
Related: #31139, #25144
Resolves: #36981
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11097
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
7 years ago[BUGFIX] Properly quote regexp in Install Tool
Jigal van Hemert [Fri, 30 Mar 2012 20:46:39 +0000 (22:46 +0200)]
[BUGFIX] Properly quote regexp in Install Tool

Characters with a special meaning must be properly quoted
if they appear in a regular expression.

Change-Id: I2587acb9d0f61a441be6e13dcaba7b7ca0fc82bc
Releases: 6.0, 4.7, 4.6, 4.5
Resolves: #35410
Reviewed-on: http://review.typo3.org/11326
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Install Tool: Settings added by extensions can be edited
Christian Kuhn [Sun, 20 May 2012 12:05:53 +0000 (14:05 +0200)]
[BUGFIX] Install Tool: Settings added by extensions can be edited

Change-Id: I13f3ec8a1f10029ce2b6e421bcc97be2e1276ca3
Fixes: #25213
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11324
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Wrong DB fields usage in TCEmain
Felix Nagel [Wed, 16 May 2012 13:11:52 +0000 (15:11 +0200)]
[BUGFIX] Wrong DB fields usage in TCEmain

The fix for issue #35260 introduced a new bug in method
t3lib_TCEmain::getPreviousLocalizedRecordUid() by adding a
field in a query in the wrong place. In particular, this breaks
the localization of tt_content elements used with IRRE.

This patch fixes the problem by separating the list of fields
used for selecting and for sorting.

Change-Id: Idac10ded43e817f22df34e5156b424829d4601c1
Fixes: #37221
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11292
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Missing bottom margin in the page tree
Stefan Galinski [Fri, 13 Apr 2012 14:01:04 +0000 (16:01 +0200)]
[BUGFIX] Missing bottom margin in the page tree

This fixes the UI issue with the deletion overlay and drag&drop
with nodes at the very bottom of the page tree viewport too.

Change-Id: I5cee23ea9441fcd1910a998547772bc3f2e53fb5
Fixes: #35182
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11258
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
7 years ago[BUGFIX] Wrong label reference for backend_layout
Markus Klein [Mon, 14 May 2012 12:37:08 +0000 (14:37 +0200)]
[BUGFIX] Wrong label reference for backend_layout

tbl_pages.php references non-existing labels.
Actually they have different names.

Change-Id: I0093979c18278238d0825e8033bdb2ed661c5e9d
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #37158
Reviewed-on: http://review.typo3.org/11196
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Pagetree doesn't expands to the last saved state
Stefan Galinski [Thu, 10 May 2012 17:51:11 +0000 (19:51 +0200)]
[BUGFIX] Pagetree doesn't expands to the last saved state

Change-Id: I0518d9dd06c7d126dfe5d885e4b2751b7e7462b6
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #36459
Reviewed-on: http://review.typo3.org/11188
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
7 years ago[BUGFIX] tx_rsaauth_sv1::authUser() gives PHP notice
Xavier Perseguers [Mon, 19 Sep 2011 21:12:00 +0000 (23:12 +0200)]
[BUGFIX] tx_rsaauth_sv1::authUser() gives PHP notice

PHP Runtime Notice: Declaration of tx_rsaauth_sv1::authUser() should
be compatible with that of tx_sv_auth::authUser().

Change-Id: Idbd7ca2b69d3142497b1770088d991901950a852
Fixes: #30057
Releases: 4.5
Reviewed-on: http://review.typo3.org/9799
Reviewed-by: Philipp Gampe
Reviewed-by: Oliver Klee
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
7 years ago[BUGFIX] EM: improve action icons alignment
Francois Suter [Fri, 27 Apr 2012 07:41:21 +0000 (09:41 +0200)]
[BUGFIX] EM: improve action icons alignment

In both extensions list of the new EM (available and import), the
action icons are flush with the top of each table row. Instead
they should be aligned with the extension icon.

Change-Id: Ied1b60b6fe7bf163636b388aded29ea51a420965
Fixes: #36611
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10977
Reviewed-by: Francois Suter
Tested-by: Francois Suter
7 years ago[BUGFIX] EM: avoid cropping action columns
Francois Suter [Fri, 27 Apr 2012 07:09:51 +0000 (09:09 +0200)]
[BUGFIX] EM: avoid cropping action columns

In some browsers the action icons of the new EM disappear, to be
replaced by an ellipsis (...). This is due to ExtJS using
"text-overflow: ellipsis" and some browsers miscalculating the
width of the column. This text-overflow directive is not necessary
as the icons fit nicely anyway.

Change-Id: I44a59c508dba31a4439302237d055a88463c3f82
Fixes: #30900
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10879
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUGFIX] t3lib_div::getUrl() throws a warning on nonexisting local file
Philipp Gampe [Fri, 20 Apr 2012 18:45:49 +0000 (20:45 +0200)]
[BUGFIX] t3lib_div::getUrl() throws a warning on nonexisting local file

During #35847 the silent operator was removed from file_get_content()
which should not have happend.

Change-Id: Ifb12b5f5b20234f1a218c43d4f3882de16b7f0a0
Related: #35847
Fixes: #36380
Releases: 4.6, 4.5
Reviewed-on: http://review.typo3.org/10868
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] cropHTML with dash in html element
Jakub Cernek [Fri, 10 Jun 2011 20:52:00 +0000 (22:52 +0200)]
[BUGFIX] cropHTML with dash in html element

Allow dash in regular expression of cropHTML function. It is needed
for recognition of W3C non-standard TYPO3 'link' element syntax.
(e.g. <link email@example.org - mail "Open email window">
email@example.org</link>)

Change-Id: I4bc8c5bfd196f80a3ee6d077ac6a760aa349486e
Fixes: #26915
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10692
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Wrong HTTP protocol in combination with a proxy
Michael Staatz [Fri, 13 Apr 2012 18:46:11 +0000 (20:46 +0200)]
[BUGFIX] Wrong HTTP protocol in combination with a proxy

When a reverse proxy is configured in $TYPO3_CONF_VARS and you call
t3lib_div::getIndpEnv('TYPO3_SSL') it returns the wrong protocol.

You can reproduce this in the following way:
If realUrl has the configuration to take the next higher level in the
page tree in the case of not finding the current page then the protocol
will be changed by the static method t3lib_div::getIndpEnv('TYPO3_SSL')

Change-Id: I6fdf61df8597fb84b822fa840475182643b0b134
Fixes: #36004
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10685
Reviewed-by: Michael Staatz
Tested-by: Michael Staatz
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Remove duplicate domain from FE copyright comment
Tomita Militaru [Fri, 27 Apr 2012 09:31:44 +0000 (12:31 +0300)]
[BUGFIX] Remove duplicate domain from FE copyright comment

Since typo3.com was replaced by typo3.org, current frontend copyright
comment shows duplicate domain in copyright:
TYPO3 is copyright 1998-2012 of Kasper Skaarhoj. Extensions are
copyright of their respective owners. Information and contribution
at http://typo3.org/ and http://typo3.org/

Change-Id: Id0647274974032f20a1b5a050e439ed43213bcdb
Fixes: #36164
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/10850
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Show phpinfo() header title
Tomita Militaru [Thu, 26 Apr 2012 16:06:51 +0000 (19:06 +0300)]
[BUGFIX] Show phpinfo() header title

This is a no-brainer, fixes the bug with the title of
phpinfo() in the Install Tool being hidden from CSS.

Change-Id: If33a836a606b9c861cbf897a518bd68ed9118d3f
Fixes: #34686
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10847
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Hide relations to deleted records
Francois Suter [Tue, 24 Apr 2012 15:46:10 +0000 (17:46 +0200)]
[BUGFIX] Hide relations to deleted records

When displaying a column containing MM-relations in Web > List
view, deleted records will show up, because the MM relations still
exist and the foreign table is not checked for deleted records.

Additionally an empty result in this case should display "N/A"
just like for the other situations.

Change-Id: I71a244929ce69d7fd39c1038cb05d8c8414eb346
Fixes: #21713
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10814
Reviewed-by: Francois Suter
Tested-by: Francois Suter
7 years ago[BUGFIX] Localize command must preserve type
Francois Suter [Thu, 29 Mar 2012 11:16:42 +0000 (13:16 +0200)]
[BUGFIX] Localize command must preserve type

When the TCEmain command "localize" is used on a table that has
a type attribute, this type is not copied automatically. This
may lead to a discrepancy between the parent record and its
translations. The type must be copied when localizing.

Change-Id: I6432b11253f97dccee48d26de45861c4f3742aa3
Fixes: #35361
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10705
Reviewed-by: Francois Suter
Tested-by: Francois Suter
7 years ago[BUGFIX] Missing static keyword for addFieldsToUserSettings
Susanne Moog [Sat, 21 Apr 2012 10:14:16 +0000 (12:14 +0200)]
[BUGFIX] Missing static keyword for addFieldsToUserSettings

All t3lib_extMgm methods are meant to be called statically.
The function addFieldsToUserSettings is missing the static keyword.

Change-Id: I7f2a31958daaddb923dcd451a5792ca93a30fdfc
Fixes: #36399
Releases: 4.5,4.6,4.7,6.0
Reviewed-on: http://review.typo3.org/10676
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn