Packages/TYPO3.CMS.git
6 years ago[BUGFIX] Fix warnings in em on tab Maintenance 24/17724/2
Philipp Gampe [Thu, 9 Aug 2012 15:06:25 +0000 (17:06 +0200)]
[BUGFIX] Fix warnings in em on tab Maintenance

One variable is used without checking if it is set and on the other
place an array key is used twice which is just a mistake of the coder.

Change-Id: I78576e0ef7b8ca0b63ae94f74e2a5dfec659d716
Fixes: #39680
Releases: 4.5, 4.6, 4.7
Reviewed-on: https://review.typo3.org/17724
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Correct TCA inclusion for uploads rendering 18/17718/2
Georg Ringer [Fri, 25 Jan 2013 18:49:26 +0000 (19:49 +0100)]
[BUGFIX] Correct TCA inclusion for uploads rendering

In the method that renders the uploads in css_styled_content
the call to load the TCA was replaced with its Frontend
counterpart to enable access to the configuration of custom
fields in tt_content.

Fixes: #44145
Branches: 4.5, 4.6, 4.7, 6.0, 6.1

Change-Id: I26f67fcfbf11db25c80ebe93ddd1e81167d828a9
Reviewed-on: https://review.typo3.org/17716
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
Reviewed-on: https://review.typo3.org/17717
Reviewed-on: https://review.typo3.org/17718

6 years ago[BUGFIX] Update description on changed error reporting defaults 26/17626/2
Mario Rimann [Tue, 27 Nov 2012 02:06:57 +0000 (03:06 +0100)]
[BUGFIX] Update description on changed error reporting defaults

In #35154 the PHP error_reporting defaults have changed and
this now changes the description in the install tool.

Change-Id: I5c5b0fec5f7e521fcd61812a36149590e08905fa
Fixes: #38240
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: https://review.typo3.org/17626
Reviewed-by: Mattias Nilsson
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Fix typos in stdWrap_crop description 27/17627/2
Wouter Wolters [Sat, 12 Jan 2013 15:46:02 +0000 (16:46 +0100)]
[BUGFIX] Fix typos in stdWrap_crop description

Change-Id: Ic6b3a4f399779cd13c231901b92386de79465adc
Fixes: #43919
Releases: 6.1, 6.0, 4.7, 4.6, 4.5
Reviewed-on: https://review.typo3.org/17627
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Apc Cache backend has side effects 73/17473/5
Daniel Pötzinger [Sun, 17 Jun 2012 12:09:41 +0000 (14:09 +0200)]
[BUGFIX] Apc Cache backend has side effects

If two caches use the APC cache backend,
one cache can write and get entries from the
 other by just using the same key!
So the backend should also use cache id as prefix

Change-Id: I46f7a04386427efb2e1753bef6dfa588508d076c
Fixes: #38135
Releases: 4.5,4.6,4.7,6.0
Reviewed-on: https://review.typo3.org/17473
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
6 years ago[BUGFIX] Invalid call to t3lib_TCEmain::processRemapStack() 44/17344/2
Oliver Hader [Fri, 4 Jan 2013 07:40:29 +0000 (08:40 +0100)]
[BUGFIX] Invalid call to t3lib_TCEmain::processRemapStack()

The remap stack in t3lib_TCEmain/DataHandler is dedicated to
process pending records and references after all database
operations. This occurs if child-parent-structures are handled
and not all data has been persisted yet.

However, there's one call that at least influences this
behaviour on workspaces using IRRE records, which should happen
at the end of processing data-map or command-map - here's the
call-stack:
* copyRecord_raw($table, $uid, $pid, $overrideArray, ...)
* insertNewCopyVersion($table, $fieldArray, $realPid)
* processRemapStack()

This behaviour has been introduced in 2007 with commit
ecff9833c02e6bc61d98a6ff4b34b741c5d732ad for a first draft to
get IRRE working in workspaces, which was then partly reverted
during TYPO3 4.2 development - but some changes obviously have
been overseen.

Change-Id: Ibfb77b1202b0a8136f71bcf5191848fd8e60d390
Fixes: #44301
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: https://review.typo3.org/17344
Reviewed-by: Mattias Nilsson
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[TASK] Raise submodule pointer 55/17355/2
TYPO3 Release Team [Fri, 4 Jan 2013 08:59:11 +0000 (09:59 +0100)]
[TASK] Raise submodule pointer

Change-Id: I39bd80acbe7519e191435699ac7d400c4eb0fe78
Reviewed-on: https://review.typo3.org/17355
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[BUGFIX] Suggest wizard is behind form inputs 19/17319/2
Xavier Perseguers [Wed, 17 Oct 2012 17:21:37 +0000 (19:21 +0200)]
[BUGFIX] Suggest wizard is behind form inputs

Change-Id: I5a847fe0024161f40f541a7d1ebe120ec9a8e7a5
Fixes: #42092
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: https://review.typo3.org/15767
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
Reviewed-on: https://review.typo3.org/17319

6 years ago[BUGFIX] phpdoc: $urlParameters can be a string 06/17306/2
Stefan Neufeind [Tue, 1 Jan 2013 11:19:43 +0000 (12:19 +0100)]
[BUGFIX] phpdoc: $urlParameters can be a string

In functions like getTypoLink() $urlParameters can also
be a string. A string is expected to be URL-encoded already,
as an array the keys are expected to be URL-encoded already
but the values not. Clearly point that out in the phpdocs.

Change-Id: Ifc767550464449fc9610f16f2e0d511b84391f60
Fixes: #44263
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: https://review.typo3.org/17302
Reviewed-on: https://review.typo3.org/17306
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] FE session records are never removed 56/16956/2
Steffen Müller [Sat, 17 Mar 2012 14:43:23 +0000 (15:43 +0100)]
[BUGFIX] FE session records are never removed

The FE session records are never removed,
even if no session data are left.

Change-Id: Ic30acd00b9e5bfd09910d5e070b67f4dc865030e
Fixes: #34964
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: https://review.typo3.org/16956
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
6 years ago[BUGFIX] INTincScript_loadJSCode() causes PHP warnings 86/16986/2
Markus Klein [Mon, 19 Dec 2011 13:34:32 +0000 (14:34 +0100)]
[BUGFIX] INTincScript_loadJSCode() causes PHP warnings

This function uses implode() on several variables without properly
checking if they are actually arrays.
This might cause PHP warnings.

Change-Id: If5ce7b985eeee3f7fd8016314a191c10e2c05414
Fixes: #32278
Releases: 6.1, 6.0, 4.7, 4.6, 4.5
Reviewed-on: https://review.typo3.org/16986
Reviewed-by: Falk Kühnel
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
6 years ago[BUGFIX] Enable the RTE with WebKit version 534 on iOS and Android 87/17087/2
Stanislas Rolland [Mon, 10 Dec 2012 22:25:03 +0000 (17:25 -0500)]
[BUGFIX] Enable the RTE with WebKit version 534 on iOS and Android

Since WebKit version 534, contenteditable is supported on iOS and
Android, e.g., iOS 5 and Android 3.

Change-Id: I97da8f7a370ff376b56038aa04101e06dcd7ea83
Releases: 4.5, 4.7, 6.0, 6.1
Resolves: #43603
Reviewed-on: https://review.typo3.org/17087
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Remove HTML in RuntimeException from sysext 'install' 07/17007/2
Philipp Gampe [Sun, 23 Sep 2012 10:34:53 +0000 (12:34 +0200)]
[BUGFIX] Remove HTML in RuntimeException from sysext 'install'

It is not possible to use HTML code inside runtime exceptions. This code
will be htmlspecialchared and printed to the user.

Replace <em></em> with double quotes and remove the <br /> tags
completely, because exception messages are single line only.

Change-Id: I28376736d1a9c8ce4acd57db5cfe7ac332b3a2f1
Fixes: #38472
Releases: 6.1, 6.0, 4.7, 4.6, 4.5
Reviewed-on: https://review.typo3.org/17007
Reviewed-by: Oliver Klee
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
6 years ago[BUGFIX] Fix wrong column title in web>list for field colpos
Martin Kästner [Tue, 27 Nov 2012 15:41:57 +0000 (16:41 +0100)]
[BUGFIX] Fix wrong column title in web>list for field colpos

When activating the field colPos for tt_content elements and using
a backend_layout the wrong column titles are shown, without respect
to a backend_layout set.

Resolves: #25113
Releases: 6.1, 6.0, 4.7, 4.6, 4.5

Change-Id: I21e19319a33e4408b0f9e226043479ac047bd44e
Reviewed-on: http://review.typo3.org/16921
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] SqlParser: trim all kinds of whitespaces
Stefan Neufeind [Thu, 29 Nov 2012 22:55:57 +0000 (23:55 +0100)]
[BUGFIX] SqlParser: trim all kinds of whitespaces

SqlParser only trimmed semicolon and newlines
from end of string. Make it strip all characters
usually stripped by trim().

Change-Id: I2ddc1fca2ac0db1b6ca0989c93c37ab39e0675d8
Fixes: #43470
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: http://review.typo3.org/16915
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] Remove typo3.pageModule.js
Falk Kühnel [Thu, 29 Nov 2012 20:18:17 +0000 (21:18 +0100)]
[TASK] Remove typo3.pageModule.js

Remove typo3.pageModule.js as it is not used in the core

Change-Id: Ie3cd07024d4144bee112caf63c8e39cad4047067
Resolves: #43459
Releases: 6.1, 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/16906
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Installer: Reference images wrong
Christian Kuhn [Fri, 30 Nov 2012 19:38:36 +0000 (20:38 +0100)]
[BUGFIX] Installer: Reference images wrong

The reference images for reading PDF and AI images
in the Install Tool > Image Processing are still
using the old TYPO3 logo.

Replace both images with a freshly generated copy.

Note: The images have been generated with
'gdlib_png' => 1,
'im_version_5' => 'gm',

Change-Id: I90069d89abd8afa9d6dd9d572e4888d9b1b33372
Fixes: #42292
Releases: 4.5, 4.6, 4.7, 6.0, 6.1
Reviewed-on: http://review.typo3.org/16901
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Page Information shows incorrect number of total hits
Andrew Moore [Sat, 10 Nov 2012 17:06:06 +0000 (18:06 +0100)]
[BUGFIX] Page Information shows incorrect number of total hits

You need to install the extension "sys_stat" to show the mentioned hit
statistics.
Due to an error in the code a timestamp is displayed instead of the
actual count. Use the correct variable instead.

Change-Id: I6b33e7760e0e2a4ca5b0b4c7f7151246fe6fe02c
Releases: 4.7, 4.6, 4.5
Resolves: #41608
Reviewed-on: http://review.typo3.org/16880
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
6 years ago[BUGFIX] Old logo on "Install Tool is locked" page
Nikolas Schmidt-Voigt [Tue, 20 Nov 2012 19:23:26 +0000 (20:23 +0100)]
[BUGFIX] Old logo on "Install Tool is locked" page

The page that warned users that the install tool is locked still
showed the old TYPO3 logo. I corrected this by changing the logo.

Fixes: #42908
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ifc52cc11609cc3a1028596cf8348c87905630c4d
Reviewed-on: http://review.typo3.org/16874
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] openid: Update php-openid to 2.2.2
Stefan Neufeind [Sat, 20 Oct 2012 22:42:19 +0000 (00:42 +0200)]
[TASK] openid: Update php-openid to 2.2.2

Update to current version.
Github-version contains several small
fixes / cleanups, so a current
checkout was used here.

Change-Id: I45e11e6256b8fce523feac5fd9bae667de439e1a
Resolves: #42236
Releases: 4.5
Reviewed-on: http://review.typo3.org/16041
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
6 years ago[TASK] Group excludefields by table
Johannes Feustel [Sun, 19 Feb 2012 16:14:44 +0000 (17:14 +0100)]
[TASK] Group excludefields by table

Do not display table name redundantly for each item but group items like
it is done for other fields like page types.

* Add header for each table of items in excludefields array and remove
table from item label
* Add possibility to set icon for headers
* Unset icon for page type headers
* Remove unused variable $descr

Change-Id: Ic1abe4ed0032b5e2c0a04814f1371a9d1a84448e
Resolves: #34098
Releases: 4.7,4.6,4.5
Reviewed-on: http://review.typo3.org/13919
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Stefan Neufeind
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] Hide version selector if workspaces are used
Helmut Hummel [Sat, 24 Nov 2012 11:57:07 +0000 (12:57 +0100)]
[BUGFIX] Hide version selector if workspaces are used

All versioning information and actions should be
hidden if workspaces are used.

One remaining selector is in the page module when
a page has been versioned in a workspace.

Hide this selector when workspaces extension is installed.

Fixes: #43264
Related: #27969, #25962
Releases: 4.5, 4.6, 4.7, 6.0

Change-Id: If96f1fe99f2a7a5b5b48f1f8a1aca8f053a6622a
Reviewed-on: http://review.typo3.org/16709
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Tue, 20 Nov 2012 23:37:01 +0000 (00:37 +0100)]
[TASK] Raise submodule pointer

Change-Id: I5b275d9ce45c3682976e95982b704bcb24cc9625
Reviewed-on: http://review.typo3.org/16643
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[TASK] Set TYPO3 version to 4.5.23-dev
TYPO3 Release Team [Mon, 12 Nov 2012 21:56:43 +0000 (22:56 +0100)]
[TASK] Set TYPO3 version to 4.5.23-dev

Change-Id: I2f1603b370eb228873258a043224695793b47d77
Reviewed-on: http://review.typo3.org/16430
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[RELEASE] Release of TYPO3 4.5.22
TYPO3 Release Team [Mon, 12 Nov 2012 21:56:33 +0000 (22:56 +0100)]
[RELEASE] Release of TYPO3 4.5.22

Change-Id: Icfc1fbc466f1aea983c86b4c9048147bfa858aba
Reviewed-on: http://review.typo3.org/16429
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Mon, 12 Nov 2012 21:43:57 +0000 (22:43 +0100)]
[TASK] Raise submodule pointer

Change-Id: Ib9a9ea100f974bbba6e228ccc97a2e2be035e056
Reviewed-on: http://review.typo3.org/16426
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[TASK] Raise version numbers of system extensions
Steffen Ritter [Mon, 12 Nov 2012 19:37:01 +0000 (20:37 +0100)]
[TASK] Raise version numbers of system extensions

Change-Id: I97c6d472d24347a2c537836c414f2375e319c20b
Reviewed-on: http://review.typo3.org/16415
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] imagecopyresized: correct invalid parameters
Stefan Neufeind [Tue, 22 Nov 2011 10:03:12 +0000 (11:03 +0100)]
[BUGFIX] imagecopyresized: correct invalid parameters

The classes t3lib_stdgraphic and t3lib_iconworks provide
the method imagecopyresized. Those functions got parameters
$w, $h twice in the function-header and therefore the function
only worked in "special cases".

This patch also adds a docblock and improves the (internal)
naming of the variables.

Change-Id: Id43229caa3694e8859f9912946c963f907f92951
Resolves: #26660
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/6831
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[TASK] Fix TYPO3 logos
Helmut Hummel [Sun, 11 Nov 2012 00:26:58 +0000 (01:26 +0100)]
[TASK] Fix TYPO3 logos

The logos have been changed to match the new CI,
but were cut out sloppily.

Exchange the most prominent logos with proper ones.

Fixes: #42850
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Id5ac815b8c2b381bef89f9e152345fd29a822bf6
Reviewed-on: http://review.typo3.org/16398
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Sat, 10 Nov 2012 20:54:05 +0000 (21:54 +0100)]
[TASK] Raise submodule pointer

Change-Id: Ia29003835d4004f844fc286eae8c14f9c4a45dcc
Reviewed-on: http://review.typo3.org/16385
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[BUGFIX] #42812 Most checkboxes (like Extended View) are not working
Michael Späth [Sat, 10 Nov 2012 12:13:06 +0000 (13:13 +0100)]
[BUGFIX] #42812 Most checkboxes (like Extended View) are not working

Due to a js error checkboxes in list view are not working

Change-Id: I80210a30ad9e7bb1d7b9da3b9d09490c428a24ff
Releases: 4.5, 4.6, 4.7
Resolves: #42812
Reviewed-on: http://review.typo3.org/16371
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[TASK] Set TYPO3 version to 4.5.22-dev
TYPO3 Release Team [Thu, 8 Nov 2012 11:50:08 +0000 (12:50 +0100)]
[TASK] Set TYPO3 version to 4.5.22-dev

Change-Id: Ifded04829df1d855b9449133ebbcb0004d65de76
Reviewed-on: http://review.typo3.org/16309
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[RELEASE] Release of TYPO3 4.5.21
TYPO3 Release Team [Thu, 8 Nov 2012 11:49:55 +0000 (12:49 +0100)]
[RELEASE] Release of TYPO3 4.5.21

Change-Id: I7cc418bb558d4fde094d5d7c3097ac0f967751e2
Reviewed-on: http://review.typo3.org/16308
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[SECURITY] Fix SQL injection and XSS in record history
Oliver Hader [Thu, 8 Nov 2012 11:44:02 +0000 (12:44 +0100)]
[SECURITY] Fix SQL injection and XSS in record history

This patch fixes the SQL injection possibilities in the record
history view as well as fixing XSS possibilities. The submitted
GET/POST data gets sanitized now besides that.

Change-Id: I033b296da0849736c989cfc1bb92e43546164b9c
Fixes: #42696
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 2bcfe757e38f326f3e7d8a52428f94f3945f9aa9
Security-Bulletin: TYPO3-CORE-SA-2012-005
Reviewed-on: http://review.typo3.org/16298
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS in TCA Tree
Oliver Hader [Thu, 8 Nov 2012 11:43:56 +0000 (12:43 +0100)]
[SECURITY] XSS in TCA Tree

Properly html encode the label of tree nodes.

Fixes: #42774
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: I07bdff99b6f46535f376d518d459f0ebe6fd41ee
Security-Commit: 761f80c1cf733d44e9f02cbecb55d42dc1d741b2
Security-Bulletin: TYPO3-CORE-SA-2012-005
Reviewed-on: http://review.typo3.org/16297
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] Fix potential XSS in t3lib_BEfunc::getFuncCheck
Helmut Hummel [Thu, 8 Nov 2012 11:43:50 +0000 (12:43 +0100)]
[SECURITY] Fix potential XSS in t3lib_BEfunc::getFuncCheck

The method getFuncCheck creates an URL from input variables and puts
it in JavaScript context without properly encoding them.

This might lead to XSS if the input variables come from untrusted source.

Fixes: #42776
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ife04524ed577cb7b2cd88bae27d87439adf4ef60
Security-Commit: 3615725a62b56bdfe88a5a8e952b3aa582f16d4c
Security-Bulletin: TYPO3-CORE-SA-2012-005
Reviewed-on: http://review.typo3.org/16296
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Thu, 8 Nov 2012 09:24:41 +0000 (10:24 +0100)]
[TASK] Raise submodule pointer

Change-Id: I33aa628e022300be3af47206fbbbfe991e486881
Reviewed-on: http://review.typo3.org/16287
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[BUGFIX] No sorting in TypoScript Object Browser when browsing
Nicole Cordes [Fri, 10 Aug 2012 10:41:55 +0000 (12:41 +0200)]
[BUGFIX] No sorting in TypoScript Object Browser when browsing

If you enable "Sort alphabetically" the correct value (1) is submitted to
extension settings. But when you use any other functionality of the page
(e.g. setting some conditions or use search filter) the value is set to
"on" which disables the sorting.

Change-Id: I88233f94edba032c9b23072fb5e9132b276c8f1e
Fixes: #39677
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/16150
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Nicole Cordes
Tested-by: Nicole Cordes
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] Translated non-published page in workspace breaks live workspace
Oliver Hader [Fri, 2 Nov 2012 14:07:54 +0000 (15:07 +0100)]
[BUGFIX] Translated non-published page in workspace breaks live workspace

Translation of pages are stored in pages_language_overlay and
can be managed in workspaces as well. If a new translation is
created in the workspace only, the page module is broken in
the live workspace.

The reason for that is, that workspaces placeholders need to
be ignored if not working on a real workspace.

Change-Id: Ied52a985c3cb1c0796f616679414799d956024d8
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #42281
Reviewed-on: http://review.typo3.org/16137
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] Illegal string offsets in t3lib_stdgraphic
Wouter Wolters [Sun, 28 Oct 2012 11:36:39 +0000 (12:36 +0100)]
[BUGFIX] Illegal string offsets in t3lib_stdgraphic

Change-Id: I8be45d59b780595e25d6d7f5371300b6506baa2f
Fixes: #38024
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/16134
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] PHP 5.4 warning in CLI context in switch back user
Christian Kuhn [Thu, 1 Nov 2012 22:15:48 +0000 (23:15 +0100)]
[BUGFIX] PHP 5.4 warning in CLI context in switch back user

PHP 5.4 raises warnings of type "Illegal string offset" if you access
$foo['bar'] and $foo is no array. This is the case in hook
SwitchBackUser, if in cli context.

Change-Id: I5ed32e054b156c9fbc64e99ff33ba5c4637ce266
Fixes: #37578
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/16112
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] t3lib_div: adjust substUrlsInPlainText to also work on URLs at end of sentence
Robert Heel [Mon, 6 Feb 2012 02:47:48 +0000 (03:47 +0100)]
[BUGFIX] t3lib_div: adjust substUrlsInPlainText to also work on URLs at end of sentence

Reworked substUrlsInPlainText by using regex.
Adding unittest.

Change-Id: I76630dac633b4fb1875f585a2bca888bfd4a16cf
Resolves: #28248
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/10539
Reviewed-by: Mario Rimann
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Wrong call to TSFE in FrontendEditing
Steffen Ritter [Fri, 12 Oct 2012 19:41:06 +0000 (21:41 +0200)]
[BUGFIX] Wrong call to TSFE in FrontendEditing

The FrontendEditingController calls TSFE->includeTCA right
before the index_ts.php calls TSFE->getCompressedTCA().

Because of the missing parameter within the
FrontendEditingController, getCompressedTCA wil not be
executed anymore. As an result the TSFE->TCAcachedExtras
are not available when FE-editing is active.

This prevents the a working language overlay, which only
looks to that array, which fields are configured to be
overlayed.

Change-Id: Ib130b11dd76c0b533b9a699a113f03e750ba2516
Fixes: #40733
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/15540
Reviewed-by: Wouter Wolters
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] Fix generation of ext_emconf.php
Wouter Wolters [Sat, 27 Oct 2012 16:00:37 +0000 (18:00 +0200)]
[TASK] Fix generation of ext_emconf.php

Fix generation of ext_emconf.php so that it will return valid
commented code. This is already done for 6.0

Change-Id: I5671dd704029e7b58a02798ea5f86a79535a8bed
Resolves: #42444
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/15982
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
6 years ago[BUGFIX] t3lib_div::unlink_tempfile does not always work on Windows
Stanislas Rolland [Wed, 11 Jul 2012 14:42:34 +0000 (10:42 -0400)]
[BUGFIX] t3lib_div::unlink_tempfile does not always work on Windows

Problem: The filename created by t3lib_div::tempnam may contain
backslashes.

Solution: Process the file name through t3lib_div::fixWindowsFilePath

Change-Id: Ie8a23ce82801f6618a8d0ed012121056aa7be0e3
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #38699
Reviewed-on: http://review.typo3.org/12754
Reviewed-by: Stefan Neufeind
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Mattias Nilsson
Reviewed-by: Steffen Ritter
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] TCEForms.Suggest wizard in IRRE records
Nicole Cordes [Fri, 27 Apr 2012 14:45:24 +0000 (16:45 +0200)]
[BUGFIX] TCEForms.Suggest wizard in IRRE records

Currently suggest wizards don't work in IRRE records. This is because of
the missing javascript functions. IRRE elements are post loaded and
wirzards are not known on loading the parent form.

Change-Id: Id1c23d7e53c4e8499f13bb1776bf76c960995b04
Fixes: #27020
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11822
Reviewed-by: Wouter Wolters
Reviewed-by: Nicole Cordes
Tested-by: Nicole Cordes
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] Fix case of tests folder
Xavier Perseguers [Fri, 19 Oct 2012 12:53:10 +0000 (14:53 +0200)]
[BUGFIX] Fix case of tests folder

Change-Id: I7f6f41e1fb39d4e984883544befbd04610188702
Relates: #41828
Reviewed-on: http://review.typo3.org/15819
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Unit test for saltedpasswords fail
Xavier Perseguers [Tue, 16 Oct 2012 12:38:36 +0000 (14:38 +0200)]
[BUGFIX] Unit test for saltedpasswords fail

Change-Id: I858fdf23a71e739c68b757bf486038b6c57d2675
Relates: #41828
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/15771
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[BUGFIX] RTE: Link to disabled page doesn't show in FE, link icon does
Stanislas Rolland [Tue, 16 Oct 2012 14:45:24 +0000 (10:45 -0400)]
[BUGFIX] RTE: Link to disabled page doesn't show in FE, link icon does

Problem: When linking from a piece of content in the RTE to a disabled
page in the tree, the link isn't shown in the final frontend rendering.
However, the small arrow icon that you can have in front of the link to
denote its type, does get shown.
Solution: Remove the icon if no link is generated

Change-Id: I5199d90aaf4f2b3103ff1f8680376b82173e9723
Resolves: #36087
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/15797
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] RTE: Words containing umlauts not added to personal dictionary
Stanislas Rolland [Thu, 18 Oct 2012 12:34:52 +0000 (08:34 -0400)]
[BUGFIX] RTE: Words containing umlauts not added to personal dictionary

Problem: The spell checker must analyze the dictionary file and may
have to update the charset of the personal dictionary. In doing so,
it is looking for the wrong file when the dictionary in use is a
regional/variety dictionary.

Change-Id: Ibb6214be3b8cb4aeb2eb179e4a221b62c1e6f50e
Resolves: #29685
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/15786
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Extension Import not working with postgresql and DBAL
Ernesto Baschny [Wed, 18 Jul 2012 19:15:06 +0000 (21:15 +0200)]
[BUGFIX] Extension Import not working with postgresql and DBAL

Change-Id: I496e3729b3c98c85a07e75539de9464f272837e6
Fixes: #38406
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/15776
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[TASK] Set TYPO3 version to 4.5.21-dev
TYPO3 Release Team [Tue, 16 Oct 2012 13:50:03 +0000 (15:50 +0200)]
[TASK] Set TYPO3 version to 4.5.21-dev

Change-Id: Ib967c36f2e3c2f1db4bd4842d3d5b9421580ca66
Reviewed-on: http://review.typo3.org/15735
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[RELEASE] Release of TYPO3 4.5.20
TYPO3 Release Team [Tue, 16 Oct 2012 13:49:54 +0000 (15:49 +0200)]
[RELEASE] Release of TYPO3 4.5.20

Change-Id: I6532876ec0bb9093316a08997d049258611fa0fb
Reviewed-on: http://review.typo3.org/15734
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Tue, 16 Oct 2012 13:14:21 +0000 (15:14 +0200)]
[TASK] Raise submodule pointer

Change-Id: If0126092e366e6b9ce712a383e45a6fd4aca75ca
Reviewed-on: http://review.typo3.org/15726
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[TASK] Update md5 sums for 4.5.20
Steffen Ritter [Tue, 16 Oct 2012 11:43:14 +0000 (13:43 +0200)]
[TASK] Update md5 sums for 4.5.20

Change-Id: I100d66ab6dd7b491850f52dee2b3e278a166b3e7
Reviewed-on: http://review.typo3.org/15720
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[TASK] Update backend sprites according to rebranding
Steffen Ritter [Tue, 16 Oct 2012 13:05:42 +0000 (15:05 +0200)]
[TASK] Update backend sprites according to rebranding

Change-Id: Ic992a7bff08e6acd30ce6577f4a1d83b9c2ae8ef
Reviewed-on: http://review.typo3.org/15725
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[TASK] Introduce "TYPO3 CMS" in EXT: about
Felix Kopp [Mon, 15 Oct 2012 18:52:37 +0000 (20:52 +0200)]
[TASK] Introduce "TYPO3 CMS" in EXT: about

Changed terminology to "TYPO3 CMS" where applicable in
backend module About.

Change-Id: I064607c3d45dc3a138df21db91d45964c14d0e2c
Resolves: #41823
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/15698
Reviewed-by: Stefan Neufeind
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[TASK] Adjust Logos to new style-guide
Felix Kopp [Mon, 8 Oct 2012 09:48:55 +0000 (11:48 +0200)]
[TASK] Adjust Logos to new style-guide

TYPO3 is changing and so is the logo.
Secondary color green is dropped and replaced by orange.
Also the signet moves to the left.

Adjusts logos/images/icons/files in backend to new brand definition.

Fixes: #41704
Releases: 4.5, 4.6, 4.7, 6.0
Change-Id: I34c80b085ef6b6efaffe2de4b67bb47c79b570ec
Reviewed-on: http://review.typo3.org/15707
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[BUGFIX] Prevent saltedpasswords destroying the password
Xavier Perseguers [Tue, 16 Oct 2012 07:09:59 +0000 (09:09 +0200)]
[BUGFIX] Prevent saltedpasswords destroying the password

When a record is using a plain MD5 password, EXT:saltedpasswords will
destroy the password after the second successive edit.

Add check for already temporarily hashed passwords to prevent that.

Change-Id: I487cbb335616c1d378a704845d5cc96e4ad6cb62
Fixes: #41828
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/15674
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[BUGFIX] RTE: Paste as plain text doesn't work in Safari (Mac only)
Stanislas Rolland [Wed, 10 Oct 2012 16:42:15 +0000 (12:42 -0400)]
[BUGFIX] RTE: Paste as plain text doesn't work in Safari (Mac only)

Problem: Access to clipboard is denied.
Solution: Redirect paste to hidden section.

Change-Id: Ic5e6f65cdd0e2a45da4786f388b2bf6a78c9d8b7
Resolves: #35356
Releases: 4.5, 4.6
Reviewed-on: http://review.typo3.org/15498
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] CE with "All languages" doesn't show with every lang
Marcus Schwemer [Tue, 19 Jun 2012 06:55:48 +0000 (08:55 +0200)]
[BUGFIX] CE with "All languages" doesn't show with every lang

The page module should also list the content elements
with language set to "All". Now elements set to "All" are displayed
in all languages, not only with the default language.

Change-Id: I2b0875e1993b3af29fbdec4f700b16a7c56696d8
Fixes: #24087
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/15615
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] CE with "All languages" isn't shown in Page module
Georg Ringer [Fri, 23 Mar 2012 11:12:57 +0000 (12:12 +0100)]
[BUGFIX] CE with "All languages" isn't shown in Page module

The page module should also list the content elements
with language set to "All"

Change-Id: I6d8aaf4829a70b3945508884d9a09cf23d1e4842
Resolves: #24087
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12079
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] Proper cursor icon in access module
Georg Ringer [Mon, 16 Jan 2012 18:32:52 +0000 (19:32 +0100)]
[BUGFIX] Proper cursor icon in access module

The access module got those nice red/green icons but many
people don't know that those are clickable because the cursor
icon is wrong.

Change-Id: I8a16a1efff47007740b8dbfee77121d9a69ea3a7
Fixes: #33230
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12795
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Stefan Neufeind
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] Fix the additional icon check
Wouter Wolters [Sat, 13 Oct 2012 15:29:42 +0000 (17:29 +0200)]
[BUGFIX] Fix the additional icon check

When looking for additional icons the class AbstractSpriteHandler
a missing check if array on configuration.
Makes the whole TYPO3 installation to crash.

Change-Id: Ib70957da3947f52db220cc42ce311a0771e464f7
Resolves: #41463
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/15569
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] Fix translation moving in workspaces
Tolleiv Nietsch [Sun, 12 Feb 2012 05:01:55 +0000 (06:01 +0100)]
[BUGFIX] Fix translation moving in workspaces

Seems that the API changes introduced with changeset 89bd701c
haven't been made everywhere. This caused some issue when
translated records are move in a workspace.

Goes together with a fix in EXT:version which can be found under
https://review.typo3.org/8997

Change-Id: Id5d03fbeb42a6aa147f40629f368621417ccd59c
Fixes: #33592
Releases: 4.5, 4.6, 4.7, 4.8
Reviewed-on: http://review.typo3.org/13009
Reviewed-by: Stefan Neufeind
Reviewed-by: Wouter Wolters
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] strftime expects parameter 2 to be long, string given
Simon Schaufelberger [Tue, 18 Sep 2012 19:44:50 +0000 (21:44 +0200)]
[BUGFIX] strftime expects parameter 2 to be long, string given

Any zero length string value is replaced with the current timestamp.
(Just like the default value for the second parameter of
strtime/gmstrftime.)

Change-Id: I58225b1604607685a3fd4ac4ee50b806c552d326
Fixes: #38717
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/14717
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
6 years ago[BUGFIX] RTE: array_flip warning on array of languages
Stanislas Rolland [Wed, 10 Oct 2012 18:30:44 +0000 (14:30 -0400)]
[BUGFIX] RTE: array_flip warning on array of languages

Make sure the array is not corrupted.

Change-Id: Iea86ade77ecffb6e4b720749fc7d47548b0b1552
Resolves: #35147
Releases: 4.5, 4.6
Reviewed-on: http://review.typo3.org/15502
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Words with special characters not added to personal dictionary
Stanislas Rolland [Fri, 6 Jul 2012 21:02:07 +0000 (17:02 -0400)]
[BUGFIX] Words with special characters not added to personal dictionary

Problem: Words containing special characters (f. e. German umlauts)
can´t be added to the user´s personal dictionary.
Solution: Work around Aspell issue.

Change-Id: I23a8a36d56b12cc14f32b0a30443c62d6e11bd5a
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #38653
Reviewed-on: http://review.typo3.org/12680
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] htmlArea RTE: Cursor jumps to first letter with Chrome 22
Stanislas Rolland [Thu, 4 Oct 2012 17:42:00 +0000 (13:42 -0400)]
[BUGFIX] htmlArea RTE: Cursor jumps to first letter with Chrome 22

Selection gets broken when bookmarks are inserted by undo/redo
mechanism in Google Chrome 22.

Change-Id: Ic5ba765925611c7b83a67786f64a292908ea5076
Resolves: #41411
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/15335
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Do not save expand state for root node in TCA tree
Christoph Gerold [Sun, 2 Sep 2012 10:46:06 +0000 (12:46 +0200)]
[BUGFIX] Do not save expand state for root node in TCA tree

To avoid a PHP warning: Missing argument for
BackendUserSettings::addToList() the expanded state must
not be saved for the tree root node which does not
have a uid property.

Change-Id: Id6d16525cd68e4ec13f36c8d95d2ecc0cc1bc794
Resolves: #31978
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/15171
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
6 years ago[BUGFIX] File upload button is collapsed in Chrome 21
Steffen Gebert [Wed, 15 Aug 2012 11:57:43 +0000 (13:57 +0200)]
[BUGFIX] File upload button is collapsed in Chrome 21

In Chrome 21, the FlashUploader button is collapsed to a few pixels of
height. So it is nearly impossible to hit the button.

Change-Id: Ide661abf98af8edc1f0c5e75df01840c9d230d40
Releases: 6.0, 4.7, 4.6, 4.5
Resolves: #39659
Reviewed-on: http://review.typo3.org/14479
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
6 years ago[BUGFIX] Switch to List module on root page leads to blank page
Thomas Löffler [Wed, 12 Sep 2012 06:41:50 +0000 (08:41 +0200)]
[BUGFIX] Switch to List module on root page leads to blank page

Reproducable only with admin account. Switch to Page module, go to root
page (id = 0), switch to List module => blank page. Works only on
root page.

Change-Id: Ic3b8f84a4ab3c3245605c6d527651cce18360558
Releases: 6.0, 4.7, 4.6, 4.5
Resolves: #40781
Reviewed-on: http://review.typo3.org/14799
Reviewed-by: Thomas Loeffler
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
6 years ago[BUGFIX] Error handler registration accepts way too much PHP error types
Marcus Krause [Sat, 22 Sep 2012 12:21:58 +0000 (14:21 +0200)]
[BUGFIX] Error handler registration accepts way too much PHP error types

Taken from http://php.net/manual/en/function.set-error-handler.php
set_error_handler has limitations for error types to process.

In detail E_ERROR, E_PARSE, E_CORE_ERROR, E_CORE_WARNING,
E_COMPILE_ERROR, E_COMPILE_WARNING cannot handled by an user defined
function.

This issue is about reflecting this in config_default settings and
in t3lib_error_ErrorHandler to make sure to process only error types
we can handle.

Change-Id: I908aa33c07a7de69095dce3e0d74d19134733231
Fixes: #31827
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14935
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Tree view in admin panel is broken with PHP 5.4
Philipp Gampe [Sat, 22 Sep 2012 16:15:59 +0000 (18:15 +0200)]
[BUGFIX] Tree view in admin panel is broken with PHP 5.4

The double ['0.'] in $arr['0.']['0.'] is wrong.
Fun fact: This is "broken" since the initial commit.

Fixes: #41213
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ibb066611b2f419f0e7c085bb413bb3685eb4bfb4
Reviewed-on: http://review.typo3.org/14924
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
6 years ago[BUGFIX] Error handler callback causes fatal error for parse time errors
Marcus Krause [Sat, 22 Sep 2012 12:09:36 +0000 (14:09 +0200)]
[BUGFIX] Error handler callback causes fatal error for parse time errors

TYPO3's error handler callback t3lib_error_ErrorHandler::handleError()
causes a fatal error for PHP parse time errors.

If an error occurs during parse time (like E_DEPRECATED due to
deprecated $foo =& stdClass() code), autoloading is not available
and such PHP standard class 'Exception' (extended by t3lib_exception)
is not resolvable.
This results in a fatal and misleading error
'Class "Exception" not found'
together with a not useful backtrace. Additionally this behaviour
hides the original causing error (deprecated code).

Change-Id: I4ab97c1bf2d888022369f2095285cecc5a4c54a4
Fixes: #31834
Related: #31827
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14927
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Error messages are not shown in 123 installation process
Nicole Cordes [Fri, 21 Sep 2012 10:03:49 +0000 (12:03 +0200)]
[BUGFIX] Error messages are not shown in 123 installation process

Because of a missing ERRORMESSAGES subpart in the 123 install template,
error messages collected while processing are not shown in the frontend.
This patch adds the subpart to the template to show more error information
in the frontend.

Change-Id: I9ee57317958b4505565161c1679d1549c6b89c2c
Fixes: #41158
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14902
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[TASK] Database creating fails due to not allowed characters
Jigal van Hemert [Sat, 22 Sep 2012 05:08:57 +0000 (07:08 +0200)]
[TASK] Database creating fails due to not allowed characters

Due to compatibility the CREATE DATABASE statement is used without quotes.
At least for MySQL databases there are limited characters allowed to use
in unquoted database names (0-9,a-z,A-Z$_). At the moment the database
name is parsed with enabled hyphen but this is obviously not allowed. The
parsing has to be changed to meet the MySQL limitation as well.

Change-Id: Id8e025e6c681487818973a595652dd29cb86c4b8
Resolves: #41151
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14899
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] Set charset property after cloning t3lib_PageRenderer
Laurent Cherpit [Mon, 26 Mar 2012 13:37:05 +0000 (15:37 +0200)]
[BUGFIX] Set charset property after cloning t3lib_PageRenderer

TCA tree causes fatal error when using in (IRRE)
1284906026: Language and character encoding are not set.

Change-Id: I6e859cb31edd4280d39e0f1ff268b865ac233fca
Fixes: #27957
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/14247
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[BUGFIX] PHP warning when no language pack is available
Xavier Perseguers [Fri, 24 Aug 2012 08:51:07 +0000 (10:51 +0200)]
[BUGFIX] PHP warning when no language pack is available

Make sure to return either an array or a boolean and not a
string when retrieving the status of an translation pack.

Change-Id: Ic837026f387e370cf28a5c65866954898dc8a37c
Fixes: #40108
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/14026
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
7 years ago[TASK] Set TYPO3 version to 4.5.20-dev
TYPO3 Release Team [Wed, 15 Aug 2012 10:26:15 +0000 (12:26 +0200)]
[TASK] Set TYPO3 version to 4.5.20-dev

Change-Id: I712fe72e2638caf8a3dbee37ac493d3410dce8da
Reviewed-on: http://review.typo3.org/13776
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.19
TYPO3 Release Team [Wed, 15 Aug 2012 10:26:05 +0000 (12:26 +0200)]
[RELEASE] Release of TYPO3 4.5.19

Change-Id: I6497d5ff720b47abd594e1e5b9ea11f17a3c254c
Reviewed-on: http://review.typo3.org/13775
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[SECURITY] XSS in install tool
Mario Rimann [Wed, 15 Aug 2012 10:18:08 +0000 (12:18 +0200)]
[SECURITY] XSS in install tool

In the "Basic Configuration" section, some configuration values are
rendered without proper escaping both as input fields or as
regular content of the page. These values are htmlspecialchars-
treated now.

For the "All Configuration" form, all input fields and text area fields get now htmlspecialchars-treated.

Change-Id: Iba8a37ad24557f1af6772af8596660cab8d4bf7f
Fixes: #21634
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 835221d1b9b4f50a0769a5ed1f0116993b87da9c
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13744
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Page Link Target vulnerable to XSS
Markus Bucher [Wed, 15 Aug 2012 10:18:01 +0000 (12:18 +0200)]
[SECURITY] Page Link Target vulnerable to XSS

This patch adds htmlspecialchars to page link target to prevent
XSS.

Change-Id: Ib8f812f89f892f580fc70300a4e4fa2287559dba
Fixes: #32653
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: f9987febc23355d9a4996eba7ac0039bfe801607
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13743
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in validateForm
Markus Bucher [Wed, 15 Aug 2012 10:17:55 +0000 (12:17 +0200)]
[SECURITY] XSS in validateForm

Properly quote the form name and field list
for the JavaScript validation

Fixes: #25052
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: I01527117c20e25963951502c2277b853f683fe04
Security-Commit: 20a6486d3027f474fb2352668cdb0fbee5f251f3
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13742
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in TCE forms
Christian Kuhn [Wed, 15 Aug 2012 10:17:48 +0000 (12:17 +0200)]
[SECURITY] XSS in TCE forms

Properly encode field labels that are set via TSConfig.

Fixes: #25356
Releases: 6.0, 4.7, 4.6, 4.5

Change-Id: Ic41ce41cf8babd27867e71764173cf4e6524843e
Security-Commit: efdf638fa6f2971d62195aa40137e19a89884a2b
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13741
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in Scheduler Example Task
Mario Rimann [Wed, 15 Aug 2012 10:17:42 +0000 (12:17 +0200)]
[SECURITY] XSS in Scheduler Example Task

The scheduler test-task that sends an email does not properly
sanitize the input of the email field when rendering the editing
form of that task.

Change-Id: I82f63ff7267e4ba8da2e31a2659b0bca4cf83ed2
Fixes: #30967
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 7f96ebdff7db327825dbb8f835b1e6f8aee39ce1
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13740
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] HTML5 support in RemoveXSS
Franz G. Jahn [Wed, 15 Aug 2012 10:17:36 +0000 (12:17 +0200)]
[SECURITY] HTML5 support in RemoveXSS

Add support for HTML5 tags and attributes in RemoveXSS.

Change-Id: I4487386f8c62d6ec32d9f66215ebd45e3ebf9cb0
Fixes: #37127
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 4868b1a837cc7263cb2a92e2007ce253f0303a7e
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13739
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Information Disclosure in the Configuration Module
Mario Rimann [Wed, 15 Aug 2012 10:17:29 +0000 (12:17 +0200)]
[SECURITY] Information Disclosure in the Configuration Module

The configuration module showed the encryption key as plaintext.
For this view, the encryption key is masked and it's length is
shown instead, e.g. "***** (length: 96 characters)"

Change-Id: Id9561ca6c5812fb9bd6c177896a27854e8f0cdb4
Fixes: #39345
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: 0e61891d3f872437729d2d5a2d976669e38bd938
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13738
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] Untrusted GP data is unserialized in old CSH handling
Helmut Hummel [Wed, 15 Aug 2012 10:17:23 +0000 (12:17 +0200)]
[SECURITY] Untrusted GP data is unserialized in old CSH handling

Using the old and already deprecated CSH handling in TYPO3 backend,
untrusted GP data is unserialized. Validate the submitted data with
an hmac.

Change-Id: I0a6961b7db3e4b80270745421c82122deb4f6874
Fixes: #33520
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13737
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] XSS in Indexed Search statistics
Steffen Gebert [Wed, 15 Aug 2012 10:17:18 +0000 (12:17 +0200)]
[SECURITY] XSS in Indexed Search statistics

Indexed Search statistics module is vulnerable to
persistent XSS attack injected by arbitrary frontend users.

Change-Id: I9298b5d1808cef9d123d4b9c3867f1f55dfe4efe
Fixes: #31927
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: f16df3528cb66183fd7371cf6a64f7f7da98dd74
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13736
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[SECURITY] t3lib_div::quoteJSvalue allows XSS
Helmut Hummel [Wed, 15 Aug 2012 10:17:12 +0000 (12:17 +0200)]
[SECURITY] t3lib_div::quoteJSvalue allows XSS

When t3lib_div::quoteJSvalue() was used with second
parameter set to TRUE closing HTML script tags were
not escaped correctly.

Now every character except harmless ones is encoded
to a hex representation.

Change-Id: Iab6793a3028976c4283cda466a2d3c6799b2554e
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #23226
Security-Commit: 70901d7dab2ba8cd314e931e98c3ec84b08fd0fb
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13735
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
7 years ago[TASK] Set TYPO3 version to 4.5.19-dev stephenking/rootline-cache-45-2
TYPO3 Release Team [Wed, 8 Aug 2012 12:44:52 +0000 (14:44 +0200)]
[TASK] Set TYPO3 version to 4.5.19-dev

Change-Id: I413424ca74693a7bd4bacb44bf3724f457a0963e
Reviewed-on: http://review.typo3.org/13524
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[RELEASE] Release of TYPO3 4.5.18
TYPO3 Release Team [Wed, 8 Aug 2012 12:44:43 +0000 (14:44 +0200)]
[RELEASE] Release of TYPO3 4.5.18

Change-Id: Ibf85379e48a59fdfabdad4edaf25c978dcd596b4
Reviewed-on: http://review.typo3.org/13523
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
7 years ago[BUGFIX] Pass $fieldName when processing FlexForm DS in t3lib_transferData
Claus Due [Sat, 4 Aug 2012 15:57:52 +0000 (17:57 +0200)]
[BUGFIX] Pass $fieldName when processing FlexForm DS in t3lib_transferData

This change simply adds $fieldName to the "real" call to process
the FlexForm's DS. The argument is already supported on the target
class and the value of the argument for the dispatching method in
t3lib_transferData already is properly filled with the correct name.

Change-Id: Ief2f07bca064ae4eed248bb058b4884bcdc7ed96
Releases: 4.5, 4.6, 4.7, 6.0
Fixes: #39527
Reviewed-on: http://review.typo3.org/13473
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
7 years ago[BUGFIX] t3lib_db - expects parameter 1 to be resource, boolean given
Michael Klapper [Fri, 3 Aug 2012 10:23:35 +0000 (12:23 +0200)]
[BUGFIX] t3lib_db - expects parameter 1 to be resource, boolean given

The method t3lib_db::debug_check_recordset should use
"is_resource" to be sure we have a proper database resource object.

Change-Id: I18f25760d53d3bd3d8e396b40dbf3727b3bf33c8
Fixes: #39509
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13441
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Suggest Wizard crashes in Frontend Editing
Dennis Ahrens [Tue, 20 Dec 2011 14:52:23 +0000 (15:52 +0100)]
[BUGFIX] Suggest Wizard crashes in Frontend Editing

As the backpath cannot be resolved, the JS dies.

Change-Id: I614fba37f9010ed92a43f04b3e9d564f49fe50a6
Fixes: #25079
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12836
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Oliver Klee
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] unlink issues warnings for lock files
Markus Klein [Sat, 3 Dec 2011 20:08:54 +0000 (14:08 -0600)]
[BUGFIX] unlink issues warnings for lock files

t3lib_lock issues warnings for non-existent lock files.

Change-Id: I55df9938cf56825cd808195f74f10582d2ecedad
Fixes: #32282
Releases: 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/12831
Reviewed-by: Marcus Schwemer
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] IRRE childs don't expand in Internet Explorer
Stefan Aebischer [Thu, 12 Jul 2012 17:30:26 +0000 (18:30 +0100)]
[BUGFIX] IRRE childs don't expand in Internet Explorer

document.getElementsByName doesn't always extend the returned DOM
Elements with prototype.js specific methods in Internet Explorer.
This patch uses the $$() selector to retrieve the needed DOM
Elements, as it always extends the returned Elements with
prototype.js specific methods (e.g. remove())

Change-Id: I083ca8b55a3b95757408a159f39f7b22cacf9c8f
Fixes: #38849
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/13412
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] t3lib_db::exec_SELECTgetRows method annotation
Nicole Cordes [Tue, 31 Jul 2012 14:48:20 +0000 (16:48 +0200)]
[BUGFIX] t3lib_db::exec_SELECTgetRows method annotation

The function returns a NULL value if a sql error occurs.

Change-Id: Ic508aa5ba2034c0a230f5fad56690979ed576bf4
Fixes: #39417
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/13408
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Properly check disabled versioning within tcemain
Tolleiv Nietsch [Sat, 4 Feb 2012 08:53:31 +0000 (09:53 +0100)]
[BUGFIX] Properly check disabled versioning within tcemain

Setting $GLOBALS['TCA'][$table]['ctrl']['versioningWS'] = FALSE; isn't
fully working within tcemain because some isset() checks don't
look at the value atm.

Change-Id: I75a994c5eb09c4cc5b4c68e986f42b4592fd1043
Fixes: #33625
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12834
Reviewed-by: Tymoteusz Motylewski
Reviewed-by: Marcus Schwemer
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer