Packages/TYPO3.CMS.git
5 years ago[TASK] Change list view delete icon if record is deleted in WS 36/24736/4
Sascha Egerer [Mon, 14 Oct 2013 15:13:07 +0000 (17:13 +0200)]
[TASK] Change list view delete icon if record is deleted in WS

If a record is deleted in a workspace the delete icon is still
displayed but the function is different. If you click on
the delete icon of a deleted record you will "restore"
the record (remove the deleted flag).
The icon should change if record is marked as deleted.

Resolves: #52554
Releases: 6.2, 6.1, 6.0, 4.5
Change-Id: I9bccc076d06525fad16f9f5ca4b3413e217f32f6
Reviewed-on: https://review.typo3.org/24736
Reviewed-by: Thorsten Kahler
Reviewed-by: Sascha Egerer
Tested-by: Sascha Egerer
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Properly escape the ImageMagick frame selector 11/26711/2
Georg Ringer [Thu, 9 Jan 2014 01:53:44 +0000 (02:53 +0100)]
[BUGFIX] Properly escape the ImageMagick frame selector

The frame selector looks like a glob pattern and gets interpreted as
such by the shell. Currently the generated shell argument is, for
example, 'image.png'[0] which matches a file called image.png0.
Thus, if such a file exists, the wrong argument would be passed to
ImageMagick.

Only if there is no filename that matches the pattern, the string is
correctly passed to ImageMagick (i.e. as-is). But even in that case
there is a performance penalty, because the shell has to scan the whole
directory to check if the file exists. This becomes especially bad if
you're not dealing with a local file system.

By properly escaping the frame selector we stop the shell from
interpreting the glob pattern and both problems get fixed.

Resolves: #31797
Releases: 6.2, 6.1
Change-Id: Ib6dc6556bb9f1d64a0154b0cbe9e253b185c74c2
Reviewed-on: https://review.typo3.org/26711
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Only create one keypair in rsaauth 09/26709/2
Tom Ruether [Fri, 22 Nov 2013 10:47:37 +0000 (11:47 +0100)]
[BUGFIX] Only create one keypair in rsaauth

If there are two login forms on one page the second form's private
key overwrites the first form's private key so the first form doesn't
work. With this patch only one keypair gets created and it doesn't
matter how many login forms you have one one page.

Change-Id: I42660140aea72d1888cc73d56e83b823206a0797
Fixes: #24877
Fixes: #6708
Releases: 6.2, 6.1, 6.0, 4.5
Reviewed-on: https://review.typo3.org/26709
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] use search word(s) for ordering search results (again) 06/26706/2
Ralf Hettinger [Mon, 29 Apr 2013 10:31:06 +0000 (12:31 +0200)]
[BUGFIX] use search word(s) for ordering search results (again)

There has been a regression in http://review.typo3.org/6657 which
removes correlation between searched words and ordering of search
results. Therefore the ordering of search results had nothing to do
with the search term anymore. This is fixed hereby by using the code
parts from prior versions.

Resolves: #38767
Releases: 6.2, 6.1, 6.0, 4.7
Change-Id: I9cfaceaeede38456dd7622085879c1bd0648be85
Reviewed-on: https://review.typo3.org/26706
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] foreign_match_fields not fully supported 12/25412/3
Stefan Froemken [Mon, 7 Oct 2013 11:15:06 +0000 (13:15 +0200)]
[BUGFIX] foreign_match_fields not fully supported

foreign_match_fields were not fully supported
Resolves: #47694
Relates: #45337
Releases: 6.2, 6.1
Change-Id: I212cbdb5d4a3791c1d8ed1e431007e10dd9f11e8
Reviewed-on: https://review.typo3.org/25412
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Form Wizard saving destroys Radio Buttons 71/26471/2
Markus Klein [Mon, 18 Nov 2013 10:30:18 +0000 (11:30 +0100)]
[BUGFIX] Form Wizard saving destroys Radio Buttons

This fixes a wrong parsing of \r\n characters for radio
button options.

Resolves: #53727
Releases: 6.2, 6.1, 6.0
Change-Id: I9a88be010a7dd982776bee4a98ba99d97fcc406b
Reviewed-on: https://review.typo3.org/26471
Reviewed-by: Mario Rimann
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Display relations' titles when TCA label field is type inline 11/23911/4
Claus Due [Thu, 19 Sep 2013 11:34:09 +0000 (13:34 +0200)]
[BUGFIX] Display relations' titles when TCA label field is type inline

This change adds a case to treat "inline" TCA types the same way
"select" is treated when building the record's label value.

Before, if record used field of type "inline" as TCA label field, TYPO3
would display fx "3" (number of related records as stored in field
on parent record).

After, TYPO3 will display fx "Record1, Record2, Record2" if "inline"
field contains three related records named thusly.

Fixes: #52133
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Change-Id: Ie06f09368e81505cb1e5989b61ae98add54b05ba
Reviewed-on: https://review.typo3.org/23911
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] PageBrowsing ViewHelper defines unused method argument 79/26679/2
Benjamin Rau [Tue, 7 Jan 2014 17:08:37 +0000 (18:08 +0100)]
[BUGFIX] PageBrowsing ViewHelper defines unused method argument

The PHP-Doc comments for the render-method in PageBrowsing
Viewhelper on Indexed Search define a $details argument
for that method with is then not part of the method arguments
itself.

As it seems to be unused the argument definition should simply
be removed from doc comments to dont mess up the defintions
of the other arguments.

Right now this results in maximumNumberOfResultPages be defined
as array and causes a fatal error like:
The argument "maximumNumberOfResultPages" was registered with
type "array", but is of type "string" in view helper
"TYPO3\CMS\IndexedSearch\ViewHelpers\PageBrowsingViewHelper"

Resolves: #54807
Releases: 6.2, 6.1
Change-Id: I58376880ef64a1e1088561fbdb3ff25f9c1fbdc2
Reviewed-on: https://review.typo3.org/26679
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
5 years ago[BUGFIX] Repository uses wrong property to calc current result page 78/26678/2
Benjamin Rau [Tue, 7 Jan 2014 17:07:34 +0000 (18:07 +0100)]
[BUGFIX] Repository uses wrong property to calc current result page

In the IndexedSearchRepository on line 157 an undefined/unused
property $this->resultsPerPage is used for the calculation
of the current page the visitor is showing on search results.

Instead of using $this->resultsPerPage we have to use
$this->numberOfResults which is defined and contains the expected setting.

Change-Id: I37c3a08c1049eb6166704b2b98ba071f03aad243
Resolves: #54808
Releases: 6.2, 6.1
Reviewed-on: https://review.typo3.org/26678
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Allow NULL values in INSERT queries 38/26638/2
Alexander Stehlik [Fri, 15 Nov 2013 13:06:13 +0000 (14:06 +0100)]
[BUGFIX] Allow NULL values in INSERT queries

Currently only UPDATE queries pass the $allowNull parameter to the
fullQuoteStr() method in the DatabaseHandler. To make the behavior of
both methods consistent and to allow NULL values during creation of
new records by TCEmain the $allowNull parameter is also set to TRUE for
INSERT queries.

Resolves: #53662
Releases: 6.2, 6.1, 6.0
Change-Id: I066b9880a557b6c9058fc15f467631f1313300f9
Reviewed-on: https://review.typo3.org/26638
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[TASK] Optimize speed for instantiating class with arguments 13/26413/3
Helmut Hummel [Thu, 12 Dec 2013 21:44:42 +0000 (22:44 +0100)]
[TASK] Optimize speed for instantiating class with arguments

PHP reflection has quite an overhead in performance.
Use a switch construct like in Flow instead to
instantiate classes with up to 8 arguments without
reflection.

Resolves: #53682
Releases: 6.2, 6.1, 6.0
Change-Id: I82ecf0b1ea9a412a39b4429d7689f2bb6489f3df
Reviewed-on: https://review.typo3.org/26413
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] ClassAliasMap, Tx_ VH namespace and closing tag throws Exception 18/26518/2
Claus Due [Sat, 30 Nov 2013 21:16:32 +0000 (22:16 +0100)]
[BUGFIX] ClassAliasMap, Tx_ VH namespace and closing tag throws Exception

When using aliased ViewHelper class names and old Tx_ namespace in
template and ViewHelper uses closing tag (not self-closing) an
error is thrown, saying closing tag ViewHelper is not the same
as openening tag ViewHelper (closing tag uses old class name,
opening tag uses new). To solve, TemplateParser now checks if
resolved ViewHelper class names are aliases of other classes and
if so, uses the real class name instead of the alias.

Steps to reproduce error:

* template namespace: {namespace myext=Tx_Myext_ViewHelpers}
* template code: <myext:vh>test</myext:vh>
* namespaced VH class: \Myext\ViewHelpers\VhViewHelper
* ClassAliasMap: Tx_Myext_ViewHelpers_VhViewHelper ->
  \Mext\ViewHelpers\VhViewHelper
* framework: render template using any View

Error 1224485398 "closing tag does not match opening tag" thrown.

Steps taken to fix error:

* run constructed class name through alias resolve method.

Fixes: #54115
Releases: 6.2, 6.1, 6.0
Change-Id: I070b6199095ec84c7213cfc0c3775f5f08340840
Reviewed-on: https://review.typo3.org/26518
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
5 years ago[BUGFIX] Fix message for install tool warning 29/26529/2
Cynthia Mattingly [Fri, 20 Dec 2013 10:06:52 +0000 (11:06 +0100)]
[BUGFIX] Fix message for install tool warning

Fix incorrect message for install tool login attempt warning.

Resolves: #54531
Releases: 6.2, 6.1
Change-Id: I40f34b85ffc554187baf1f2601c578cbaafc5718
Reviewed-on: https://review.typo3.org/26529
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[TASK] Fix travis builds 79/26479/2
Markus Klein [Wed, 18 Dec 2013 20:56:46 +0000 (21:56 +0100)]
[TASK] Fix travis builds

Due some regressions on side of travis
(https://github.com/travis-ci/travis-ci/issues/1710) an older git version
is used which doesn't support things like "--single-branch".

To avoid this, git is updated to latest version on the build server before
starting cloning

Change-Id: Ic5f698e84f378b9fed6bd64398b8058a20be860e
Resolves: #54369
Releases: 6.2, 6.1, 6.0, 4.7
Reviewed-on: https://review.typo3.org/26479
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] ArrayIterator::seek() warning in ElementBrowser 75/26475/3
Markus Klein [Wed, 13 Nov 2013 03:10:09 +0000 (04:10 +0100)]
[BUGFIX] ArrayIterator::seek() warning in ElementBrowser

ElementBrowser calls Folder::getFiles() with wrong parameters.
Properly implement the file extensions filter.

Resolves: #51752
Releases: 6.2, 6.1, 6.0
Change-Id: I56468c79225e2d3baa5e5784571074532e2287ad
Reviewed-on: https://review.typo3.org/26475
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] felogin: Unknown modifier in regular expression 73/26473/2
Wouter Wolters [Tue, 17 Sep 2013 20:47:24 +0000 (22:47 +0200)]
[BUGFIX] felogin: Unknown modifier in regular expression

A regular expression in FrontendLoginController
contains an unknown modifier. Fix it by replacing the
/ to # at the beginning and the end of the regular
expression.

Resolves: #52059
Releases: 6.2, 6.1, 6.0
Change-Id: Id4d3439c1cdbec691d977570bf76ba0c7bad493c
Reviewed-on: https://review.typo3.org/26473
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Remove ElementBrowser::isReadOnlyFolder 67/26467/2
Markus Klein [Wed, 27 Nov 2013 22:20:25 +0000 (23:20 +0100)]
[BUGFIX] Remove ElementBrowser::isReadOnlyFolder

ElementBrowser::isReadOnlyFolder is not required any more because the
check if the folder is writable has been moved to the methods that
create the file upload and folder creation forms.

The method and the parts where it was used were removed.

Additionally the check if the user is allowed to create folders
by TSConfig was moved to the createFolder method to reduce the amount
of duplicate code.

Resolves: #47648
Releases: 6.2, 6.1, 6.0
Change-Id: Ic6504c8def80012cbe420fc83539cfa859a53c0d
Reviewed-on: https://review.typo3.org/26467
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] No double htmlspecialchars for filemount select 67/26367/2
Alexander Stehlik [Sat, 30 Nov 2013 00:03:34 +0000 (01:03 +0100)]
[BUGFIX] No double htmlspecialchars for filemount select

Since the labels and values of select items are run through
htmlspecialchars by the FormEngine there is no need to use
htmlspecialchars in the renderTceformsSelectDropdown() method which
generates the select items for the filemount Backend form.

The current code will htmlencode the select value twice which results
in a htmlencoded value in the database which causes problems with
directory names that contain special characters.

Resolves: #54027
Releases: 6.2, 6.1, 6.0
Change-Id: I7ec8262f6c3d20879cde0679636a6a8e5c1d19cd
Reviewed-on: https://review.typo3.org/26367
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Cleanly unset cookies on login in cookie-check 68/25868/3
Stefan Neufeind [Sun, 1 Dec 2013 17:53:08 +0000 (18:53 +0100)]
[BUGFIX] Cleanly unset cookies on login in cookie-check

Needed to workaround a login-problem with IE11.

ExtJS tries to clear a cookie with different settings than when
setting the cookie. In IE11 this leads to problems with the cookie
being set twice on the next call to set(). The get() however
would return the first (empty) cookie.

Using set() with a date in the past also clears the cookie but
will correctly use the same path-settings.

Change-Id: Ieff22129895cd89ca2e1429703daf1636596ecb6
Resolves: #53818
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Reviewed-on: https://review.typo3.org/25868
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[TASK] Set TYPO3 version to 6.1.8-dev 38/26238/2
TYPO3 Release Team [Tue, 10 Dec 2013 10:40:29 +0000 (11:40 +0100)]
[TASK] Set TYPO3 version to 6.1.8-dev

Change-Id: I31292d3e414fb00cdcad3660ce84f0e5c02a3d38
Reviewed-on: https://review.typo3.org/26238
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
5 years ago[RELEASE] Release of TYPO3 6.1.7 37/26237/2 TYPO3_6-1-7
TYPO3 Release Team [Tue, 10 Dec 2013 10:40:01 +0000 (11:40 +0100)]
[RELEASE] Release of TYPO3 6.1.7

Change-Id: I4119f8f03f8205e8c0bc9f524bac9267e3d2da9a
Reviewed-on: https://review.typo3.org/26237
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
5 years ago[SECURITY] XSS in header link of all content elements 15/26215/2
Anja Leichsenring [Tue, 10 Dec 2013 09:54:19 +0000 (10:54 +0100)]
[SECURITY] XSS in header link of all content elements

The second typolink parameter, that is the target, can be abused to
introduce XSS code into the generated link. Escaping the parameter
with quoteJSvalue solves the problem.a

Change-Id: I716b206571bcba4ad71817641beea0350e4b9fa0
Fixes: #31206
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 821a9edaec8d3d19e2d43a4e82d4d94e25d5517b
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26215
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] XSS in colorpicker wizard 14/26214/2
Marcus Krause [Tue, 10 Dec 2013 09:54:13 +0000 (10:54 +0100)]
[SECURITY] XSS in colorpicker wizard

Encode user-input in JavaScript context for colorpicker.

Change-Id: If3da2b476a98efa67815bf84095843ab2f65949f
Fixes: #42772
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 53916aedfe2f09c5659cc2e28c8089df8c72e259
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26214
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] Prevent editor controlled hmac content 13/26213/2
Franz G. Jahn [Tue, 10 Dec 2013 09:54:07 +0000 (10:54 +0100)]
[SECURITY] Prevent editor controlled hmac content

An hmac of the editor controlled auto respond message was used to verifiy
the correctness of this message on submit. To prevent this, we add an
additional secret.

Change-Id: Id1fefa786737c7d7ef2b4496d853897cdecdde83
Fixes: #45043
Releases: 4.5, 4.7, 6.0, 6.1, 6.2
Security-Commit: 18804436394a5ee7fdbebae8ef0b8511deb416e5
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26213
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] XSS in backend user adminstration 12/26212/2
Marc Bastian Heinrichs [Tue, 10 Dec 2013 09:54:02 +0000 (10:54 +0100)]
[SECURITY] XSS in backend user adminstration

Change-Id: Ie4a34a40e167b7fe54da29d16e1e962668218907
Fixes: #48691
Releases: 6.2, 6.1, 6.0
Security-Commit: be70b6e6d6e2f5baa442ab244e72cddfcd804740
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26212
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] Information Disclosure in Wizards 11/26211/2
Helmut Hummel [Tue, 10 Dec 2013 09:53:56 +0000 (10:53 +0100)]
[SECURITY] Information Disclosure in Wizards

It has been possible for authenticated editors
to show content of arbitrary tables and fields
that are defined in TCA by manipulating
GET parameters of the forms and table wizard.

This change adds a check if the editor has access
to the given record.

Change-Id: I2a93d78da4d7c216920cf568cb08cea0f9fb1dac
Fixes: #41714
Releases: 4.5, 4.7, 6.0, 6.1, 6.2
Security-Commit: d5445792546339d3731a1e37d7b269943775a94a
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26211
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] Fix open redirection in openid extension 10/26210/2
Helmut Hummel [Tue, 10 Dec 2013 09:53:51 +0000 (10:53 +0100)]
[SECURITY] Fix open redirection in openid extension

The eID script of the openid extension does not
validate the given redirect url, leading to
an open redirection vulnerability.

Add and verify hmac of the redirect url.

Change-Id: Id401c70ea96edb3979a11d72b7a499ab8d074a78
Fixes: #54099
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: a50ba077c411b21e05ee663f1065871938eb9cda
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26210
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] XSS in be_layout wizard 09/26209/2
Anja Leichsenring [Tue, 10 Dec 2013 09:53:46 +0000 (10:53 +0100)]
[SECURITY] XSS in be_layout wizard

Usage of unverified input parameters in wizard URL leads to a possible
XSS vulnerability in backend_layout wizard.
The solution is the introduction of a hmac validation of the parameters
used in JavaScript.

Change-Id: I0cdaa75fcbdf8a71387702fcafe4775e7762eb99
Fixes: #36768
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 9322277a2154196de5d57a6a4ad42cb5a9ee6019
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26209
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] XSS in beuser VH 08/26208/2
Anja Leichsenring [Tue, 10 Dec 2013 09:53:41 +0000 (10:53 +0100)]
[SECURITY] XSS in beuser VH

The tree Display/* ViewHelpers introduce a XSS vulnerability by
using unescaped parameters in HTML.

Change-Id: I6b991e3cc3807551792e447c5ebe9bcdfe0cecc3
Fixes: #47086
Releases: 6.2, 6.1, 6.0
Security-Commit: 55d5ed4aa9e9c9887f978645b68ff66cb5c8d2ec
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26208
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] Remove possible XSS from ActionController Error output 07/26207/2
Anja Leichsenring [Tue, 10 Dec 2013 09:53:36 +0000 (10:53 +0100)]
[SECURITY] Remove possible XSS from ActionController Error output

As parameters passed to an ErrorObject can be user input, the
output of those parameters in the ActionController::errorAction() method
could lead to a cross side scripting possibility.

The offending output has been removed without substitution.

Change-Id: Iada1546a16fe6877edab42ca9a4a1a01574c29e0
Fixes: #54074
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: c3fa68afcdaa4322451d37b8b6a9a0a90f2df8d0
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26207
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[SECURITY] Unsafe unserialize of GET parameter in Add-Wizard 06/26206/2
Steffen Ritter [Tue, 10 Dec 2013 09:53:31 +0000 (10:53 +0100)]
[SECURITY] Unsafe unserialize of GET parameter in Add-Wizard

If the TCEforms wizard "add" is used, the original opened document
is closed and a new one is created in which you then add a new
element to be related.

In order to "store" the originating document which has been
edited, the Wizard/AddController and EditDocumentController
exchange state data in an URL-parameter.

This state-array is serialized in the EditDocumentController
and again unserialized in the Wizard/AddController from that
GET parameter. Without any checks, every code can be injected
to be unserialized here - even though we just need an array
with some data.

This patch changes serialize/unserialize to json_encode and
json_decode. Since the GET parameter only is used in
conjunction of these two classes it is save to changes the
format how the URL parameters are serialized.

Change-Id: I4d3d0915a90647ec6cf08a86c73533ab2159a828
Fixes: #54073
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 9790d0e627d94c0efad600e451c3e7e10584028b
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26206
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[BUGFIX] ClientUtility does not detect Internet Explorer 11 84/25884/2
Stefan Neufeind [Sun, 1 Dec 2013 14:33:13 +0000 (15:33 +0100)]
[BUGFIX] ClientUtility does not detect Internet Explorer 11

Since the Release of Microsoft IE 11 there is no "MSIE" hint in
its user agent header anymore. Therefore the existing patterns
fail and the browser is detected as unknown browser.

TYPO3 deactivates several features for unknown browser. As a
result f.e. the RTE does not load.

This change adds special treatment for IE11+ by introducing an
additional regular expression matching the new user agent format
and looking for the Trident engine to be present.

In addition unit tests for common IE 9-11 user agents are added.

Change-Id: I389f344a498ac77f3e6445656dd125fd5d236a98
Resolves: #54124
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Reviewed-on: https://review.typo3.org/25884
Reviewed-by: Markus Klein
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
5 years ago[BUGFIX] Add missing namespacing for calling GeneralUtility 29/25829/3
Stefan Neufeind [Sun, 1 Dec 2013 11:12:14 +0000 (12:12 +0100)]
[BUGFIX] Add missing namespacing for calling GeneralUtility

Regression-fix for change from:
https://review.typo3.org/25057

Resolves: #54117
Releases: 6.1, 6.0
Change-Id: I0de156365d4d8f55cb269e0b29e40b7c3dbcf9e5
Reviewed-on: https://review.typo3.org/25829
Reviewed-by: Steffen Ritter
Reviewed-by: Philipp Gampe
Tested-by: Philipp Gampe
Reviewed-by: Oliver Klee
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
5 years ago[BUGFIX] ext:adodb Restrict connection wizard to admins 63/25763/3
Christian Kuhn [Fri, 29 Nov 2013 15:23:40 +0000 (16:23 +0100)]
[BUGFIX] ext:adodb Restrict connection wizard to admins

In the unlikely case ext:datasources is used, there is a potential
information disclosure that content of this table is shown to
non-admin backend users. This is better sanitized with the patch.

Change-Id: I748a0e05b57ac8c6d9c37cdd86fdb093c380dea5
Resolves: #42651
Releases: 6.1, 6.0, 4.7, 4.5
Reviewed-on: https://review.typo3.org/25763
Reviewed-by: Oliver Klee
Tested-by: Oliver Klee
Reviewed-by: Franz G. Jahn
Tested-by: Franz G. Jahn
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
5 years ago[TASK] Set TYPO3 version to 6.1.7-dev 01/25701/2
TYPO3 Release Team [Tue, 26 Nov 2013 15:51:19 +0000 (16:51 +0100)]
[TASK] Set TYPO3 version to 6.1.7-dev

Change-Id: Ieed877790ff7dd42dc60a159dbedfd7eedde94c1
Reviewed-on: https://review.typo3.org/25701
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
5 years ago[RELEASE] Release of TYPO3 6.1.6 00/25700/2 TYPO3_6-1-6
TYPO3 Release Team [Tue, 26 Nov 2013 15:50:50 +0000 (16:50 +0100)]
[RELEASE] Release of TYPO3 6.1.6

Change-Id: I67ec110eb3695d53e63165a6c15f8bc662b3ab03
Reviewed-on: https://review.typo3.org/25700
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
5 years ago[BUGFIX] t3skin calls addIconSprite for each lang 83/25683/2
Michiel Roos [Mon, 25 Nov 2013 10:40:49 +0000 (11:40 +0100)]
[BUGFIX] t3skin calls addIconSprite for each lang

The t3skin extension adds icon sprites for each language. And that's
great, but not so great that it calls addIconSprite for each language.

Instead the iconArray can be built up and submitted once to
addIconSprite.

This saves 248 calls to addIconSprite which calls array_merge etc.

This saves ~ 22 ms for each request.

Change-Id: I0fdc09de46899e4160f907aefd8b3b3b596a2df3
Resolves: #53918
Releases: 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/25683
Reviewed-by: Philipp Gampe
Tested-by: Philipp Gampe
5 years ago[BUGFIX] TS: Allow "0" as strPad.padWith 69/25669/2
Lars Peipmann [Sun, 24 Nov 2013 20:36:42 +0000 (21:36 +0100)]
[BUGFIX] TS: Allow "0" as strPad.padWith

Replaces the test with empty() by isset() and
strlen() > 0. So other strings which are
handled by PHP as empty can be used for padding.

Resolves: #51650
Releases: 6.2, 6.1
Change-Id: Iee62f19f97b958ab2d02c6ca73052810a3c91117
Reviewed-on: https://review.typo3.org/25669
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Reload list module on clickmenu action 43/25543/2
Bernhard Kraft [Wed, 20 Nov 2013 10:48:32 +0000 (11:48 +0100)]
[BUGFIX] Reload list module on clickmenu action

This solves the problem of a not refreshing list module
when the clickmenu of an element is used to copy/move the
element.

Releases: 6.2, 6.1, 6.0, 4.5
Resolves: #15958
Change-Id: I2eee6162636e0c78ed361c26f81ce2bfe8835283
Reviewed-on: https://review.typo3.org/25543
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Fix moving/copying files and folders between storages 17/25617/2
Frans Saris [Wed, 20 Nov 2013 22:22:21 +0000 (23:22 +0100)]
[BUGFIX] Fix moving/copying files and folders between storages

When a file or folder is moved between 2 storages the target
storages is asked for the filepermissions of the source
file/folder. This breaks because current storages + driver
can not access/find source.

This patch makes sure that on places where a source can be
from an other storage the source storage is used for the
permission check.

Releases: 6.0, 6.1, 6.2
Resolves: #53802
Change-Id: Ib2c1443fad295a3b7eeeb01ab38359fcdf6849ab
Reviewed-on: https://review.typo3.org/25617
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Fix regression in ResourceCompressor 14/25614/2
Markus Klein [Thu, 21 Nov 2013 15:28:50 +0000 (16:28 +0100)]
[BUGFIX] Fix regression in ResourceCompressor

Resolves: #53844
Related: #53243
Releases: 6.2, 6.1, 6.0
Change-Id: I7f6a178b063d71c9182316a81e787c9ab5246b8e
Reviewed-on: https://review.typo3.org/25614
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Filemtime / Filesize trigger warning 41/25541/2
Tomita Militaru [Mon, 11 Nov 2013 19:53:22 +0000 (21:53 +0200)]
[BUGFIX] Filemtime / Filesize trigger warning

Adds check for file_exists before calling filemtime / filsize
to avoid warning message.

Resolves: #53243
Releases: 6.2, 6.1, 6.0
Change-Id: I0f7da0c3e1920ddcf7d2d427a48ddcca71a6a4a3
Reviewed-on: https://review.typo3.org/25541
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Fluid paginate widget wrong number of links 36/25536/2
Klaas Johan Kooistra [Fri, 8 Nov 2013 15:42:09 +0000 (16:42 +0100)]
[BUGFIX] Fluid paginate widget wrong number of links

If the maximumNumberOfLinks configuration option is set to 8
the widget will render 10 links.

Solved the problem by changing a plus to a minus in the calculation
of the display range end and added unit tests for several cases.

Resolves: #53458
Releases: 6.2, 6.1, 6.0
Change-Id: Ic1c55b0bf925b546d119c67433f63e662493a08b
Reviewed-on: https://review.typo3.org/25536
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years agoRevert "[BUGFIX] Page module: Allow to paste in empty columns" 28/25528/2
Markus Klein [Wed, 20 Nov 2013 10:02:09 +0000 (11:02 +0100)]
Revert "[BUGFIX] Page module: Allow to paste in empty columns"

This patch introduces sever problems with DataHandler.

Change-Id: Ibd767523c287bd13ef86ce1f0751062a349b5f34
Releases: 6.2, 6.1
Related: #44002
Reviewed-on: https://review.typo3.org/25528
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Page module: Allow to paste in empty columns 21/25521/4
Bernhard Kraft [Thu, 11 Jul 2013 14:14:58 +0000 (16:14 +0200)]
[BUGFIX] Page module: Allow to paste in empty columns

Since quite a long time it was not possible to paste a content
element into an empty column of the page module. This patch
introduces an icon in the top right corner of each column if
a tt_content element is on the clipboard (Default pad). When
the icon gets clicked the content elements from the clipboard
get moved/copied into the selected column/language.

As a side effect this patch also resolves issues with the list
module not reloading when using the copy/cut entries from the
clickmenu (context menu): #25176, #15958

Change-Id: I635bb584d5e03b764bd5df5189555fb9b34ab926
Resolves: #44002
Resolves: #35980
Resolves: #15080
Resolves: #21622
Resolves: #25176
Resolves: #15958
Releases: 6.1, 6.2
Reviewed-on: https://review.typo3.org/25521
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] l10n_mode for "pages" table and group fields. 25/22325/3
Johannes Feustel [Thu, 11 Apr 2013 10:12:46 +0000 (12:12 +0200)]
[BUGFIX] l10n_mode for "pages" table and group fields.

This patch respects the l10modes for pages, and mergeIfNotBlank for
type "group" fields.

Change-Id: I18a4caffc5761f91dae4ae0cf175ccd51ffe8c29
Fixes: #38766
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/22325
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Fix JS error in lang module 18/25518/2
Markus Klein [Tue, 19 Nov 2013 21:17:18 +0000 (22:17 +0100)]
[BUGFIX] Fix JS error in lang module

The tables of the language module do not resize
on change of windows height. This fixes the
Javascript error.

Releases: 6.0, 6.1, 6.2
Resolves: #53773
Change-Id: I614d370108092b224059d5a5d07d78a10a10e2a2
Reviewed-on: https://review.typo3.org/25518
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Scheduler extension sql file is invalid 05/25505/2
Michiel Roos [Tue, 19 Nov 2013 10:27:11 +0000 (11:27 +0100)]
[BUGFIX] Scheduler extension sql file is invalid

On import into MySQL an error is thrown and MySQL
refuses to create the table:

ERROR 1067 (42000) at line 4: Invalid default value for 'uid'

This is due to the fact that a default value is being set
for an auto_increment field.

Change-Id: Ic072d3ec21b4e8adbecf9ff88e6ac4a2919959ec
Resolves: #53750
Releases: 4.5, 4.7, 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/25505
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] fix javascript error "TBE_EDITOR not defined" in sys_action 00/25500/2
Ralf Hettinger [Sat, 27 Apr 2013 08:12:00 +0000 (10:12 +0200)]
[BUGFIX] fix javascript error "TBE_EDITOR not defined" in sys_action

This fixes the error "TBE_EDITOR not defined" which occured when using
sys_action > create backend user and assigning a db mount.

Resolves: #34544
Releases: 6.2, 6.1, 6.0
Change-Id: Idb78c23e2dea576fb1cab41979d4b068ca45a8b7
Reviewed-on: https://review.typo3.org/25500
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] ExtDirect StateProvider should store all settings 98/25498/2
Johannes Feustel [Mon, 16 Sep 2013 00:14:11 +0000 (02:14 +0200)]
[BUGFIX] ExtDirect StateProvider should store all settings

ExtDirect StateProvider seems to queue Ext.state.Manager.set() calls and
collects them to fire only one AJAX call.

In TYPO3\CMS\Backend\InterfaceState\ExtDirect on the other hand setState()
only stores the first item of the data array to $GLOBALS['BE_USER']->uc
the other settings are just ignored. Instead it should iterate the data
array and store all items.

Change-Id: I8d8bd01131545a6cad1a3933184c25c6d5f26149
Fixes: #51998
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/25498
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[TASK] Optimization in AbstractViewHelper 96/25496/2
Wouter Wolters [Mon, 18 Nov 2013 21:27:22 +0000 (22:27 +0100)]
[TASK] Optimization in AbstractViewHelper

Small optimization in AbstractViewHelper to fetch the type
after the check for the default value of the argument.

Change-Id: Ie9b68d892f4a20521606709b8fdfba83099c3d70
Resolves: #53746
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/25496
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Rename hook in VariableFrontend.php 94/25494/2
Nicole Cordes [Sat, 16 Nov 2013 20:33:10 +0000 (21:33 +0100)]
[BUGFIX] Rename hook in VariableFrontend.php

Due to the namespace changes the hook in
typo3\sysext\core\Classes\Cache\Frontend\VariableFrontend.php was
renamed. This patch changes name back to the one before.

Resolves: #53707
Releases: 6.2, 6.1, 6.0
Change-Id: Ibb86188b38aba9ca7e7e2670f843234fae16fa87
Reviewed-on: https://review.typo3.org/25494
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] additionalAttributes for be.buttons.icon-VH misses hsc 85/25485/2
Markus Klein [Mon, 18 Nov 2013 10:42:02 +0000 (11:42 +0100)]
[BUGFIX] additionalAttributes for be.buttons.icon-VH misses hsc

The values of the additional attributes for the backend icon viewhelper
need to be processed through htmlspecialchars().

Resolves: #53711
Releases: 6.2, 6.1, 6.0
Change-Id: I89794c77ad1bb7bad99517e24ae7345e0803616e
Reviewed-on: https://review.typo3.org/25485
Reviewed-by: Marc Bastian Heinrichs
Tested-by: Marc Bastian Heinrichs
5 years ago[BUGFIX] Check for query failures in admin methods 84/25484/2
Thomas Maroschik [Mon, 21 Oct 2013 17:18:23 +0000 (19:18 +0200)]
[BUGFIX] Check for query failures in admin methods

In the DatabaseConnection class the two methods admin_get_fields
and admin_get_keys throw a fatal error when a query failure occurs.

This fix introduces two checks that prevent the methods from fataling
and return an empty result on failure.

Fixes: #53014
Releases: 6.0, 6.1, 6.2

Change-Id: I40f7e52fe14b7d75766f0484e42834b0e1b1a5dc
Reviewed-on: https://review.typo3.org/24940
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
Reviewed-on: https://review.typo3.org/25484
Reviewed-by: Francois Suter
Tested-by: Francois Suter
5 years agoRevert "[BUGFIX] EM: Fetch list as html, not as json" 47/25447/2
Helmut Hummel [Fri, 15 Nov 2013 17:40:37 +0000 (18:40 +0100)]
Revert "[BUGFIX] EM: Fetch list as html, not as json"

This reverts commit 8a80c2336eabed5c794b2401981b1d35608787e1

This change did not work at all, left unused
templates behind (List/Ter.json),
and caused further bugs #53661

Change-Id: I62d1c6c06a5acb8aeed0a12226b3e7ed1bd3282b
Reviewed-on: https://review.typo3.org/25447
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
5 years ago[BUGFIX] FILES.folder does not work 10/25410/2
Stefan Froemken [Sat, 26 Oct 2013 13:58:27 +0000 (15:58 +0200)]
[BUGFIX] FILES.folder does not work

cObject IMAGE was executed with empty values
because given key contains filenames instead of
numbers

Resolves: #45724
Releases: 6.2, 6.1, 6.0
Change-Id: I5582b63080b7e6124c3780a8430efb410876a662
Reviewed-on: https://review.typo3.org/25410
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Move beuser property mappings to global scope 05/24005/2
Philipp Gampe [Mon, 23 Sep 2013 10:00:55 +0000 (12:00 +0200)]
[BUGFIX] Move beuser property mappings to global scope

Currently the persistence settings for all tx_beuser models are defined
in module.tx_beuser.persistence.classes.
If any other module tries to access the corresponding backend user
repository from tx_beuser, then no mappings will be loaded by extbase,
resulting in a wrong cache entry for the model and the attempt to
access a nonexisting table.

Move the class mapping part of the TS template into
  config.tx_extbase.persistence.classes
to make them available for all extensions and modules.

Resolves: #51234
Releases: 6.2, 6.1, 6.0
Change-Id: I0b39c96c9db89c379e5613231a215f27b2dfbcde
Reviewed-on: https://review.typo3.org/24005
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Fix broken edit icons on cType HTML 05/25405/2
Stefan Neufeind [Thu, 14 Nov 2013 17:26:38 +0000 (18:26 +0100)]
[BUGFIX] Fix broken edit icons on cType HTML

Fix the wrong Typoscript configuration for front-end edit icons
for cType HTML (for the traditional fe-editing).

Resolves: #17493
Releases: 6.2, 6.1, 6.0, 4.5
Change-Id: I743d8d8ee77bd76bd9ed2a12cd34817196d3719a
Reviewed-on: https://review.typo3.org/25405
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Distinguish unassigend columns and colPos 0 86/25386/2
Georg Ringer [Sun, 17 Feb 2013 17:06:51 +0000 (18:06 +0100)]
[BUGFIX] Distinguish unassigend columns and colPos 0

When using backend layout columns without a colPos value they should be
just placeholders with the label "not assigned". Currently they are
showing the content of the column 0 instead if there is such a column in
the backend layout.

The label "not assigned" is used for columns without any
label, otherwise the label is used together with the suffix
"(not assigned)".

Change-Id: I02c418eebdd9345c3066aa8c3eeec353d2cd9e58
Resolves: #25157
Resolves: #45550
Releases: 4.5, 4.7, 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/25386
Reviewed-by: Philipp Gampe
Tested-by: Philipp Gampe
5 years ago[BUGFIX] Native date and datetime values do not consider timezone 67/25367/2
Oliver Hader [Wed, 11 Sep 2013 14:12:20 +0000 (16:12 +0200)]
[BUGFIX] Native date and datetime values do not consider timezone

The TCA configuration property "dbType" allows to store "date"
or "datetime" values directly in the database (instead of using
a timestamp value).
However, the timezone is not recognized correctly - besides that,
the serverTimeZone is applied which does not make much sense at
all, since it leaves out DST handling.

Fixes: #51918
Releases: 6.0, 6.1, 6.2
Change-Id: I45da65d8cee2611358303e93305cb5c793223746
Reviewed-on: https://review.typo3.org/25367
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[BUGFIX] Compressor resolves dots in filenames correctly 10/25010/2
Christian Kuhn [Thu, 17 Oct 2013 16:46:47 +0000 (18:46 +0200)]
[BUGFIX] Compressor resolves dots in filenames correctly

Method getFilenameFromMainDir() tries to resolve a given file path
to a path relative to the document root and takes care of file
existance.

Sometimes it is fed with a path like '../path/to/file' and then
prepends it with the document root to call an is_file() on it. The
constructed path is then '/path/to/doc/root/typo3/../path/to/file'. If
now 'root' is a symlink to some sub structure itself, is_file()
will fail, because it does not solve the '..' part correctly anymore.

Using resolveBackPath() on the path before feeding it to is_file()
transforms the path to '/path/to/doc/root/path/to/file'. So the dots
are resolved and is_file is happy.

Change-Id: I20b4f4bbea695aeb02e3d92469236bc63cd05d97
Resolves: #52926
Releases: 6.2, 6.1, 6.0, 4.7
Reviewed-on: https://review.typo3.org/25010
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] T3editor: Make errors/exceptions show correctly 79/25079/2
Stefan Neufeind [Thu, 24 Oct 2013 23:26:02 +0000 (01:26 +0200)]
[BUGFIX] T3editor: Make errors/exceptions show correctly

* Display T3editor.lang.errorWhileSaving in a flashmessage.
* Pass exception-messages through the AJAX-call and display
  them in the flashmessage as well.

Change-Id: Ia743b5a3fc9a7b272854920bcc0e9d081d4822ef
Resolves: #53115
Releases: 6.2, 6.1, 6.0, 4.5
Reviewed-on: https://review.typo3.org/25079
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Fix menu popup for all IE versions 84/25284/3
Alexander Opitz [Wed, 21 Aug 2013 15:09:23 +0000 (17:09 +0200)]
[BUGFIX] Fix menu popup for all IE versions

The IE has problems with base URLs in JS on window.open()
function calls. This problem was already fixed for content
objects but not for the menu.

This change adds the baseUrlWrap and also the quoteJSvalue
function call like in ContentObjectRenderer::typoLink().

Resolves: #22136
Releases: 6.2, 6.1, 6.0, 4.5
Change-Id: Ia1ad859d2acb358378bc4ffa3f6a9162b3fc6937
Reviewed-on: https://review.typo3.org/25284
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] dataTables: Avoid sending cookie-data too often 42/25342/2 42/25342/3
Stefan Neufeind [Thu, 17 Oct 2013 23:05:25 +0000 (01:05 +0200)]
[BUGFIX] dataTables: Avoid sending cookie-data too often

All core-modules currently using jQuery-dataTables are
called through mod.php. So by adding that to the
cookie-path we can at least prevent sending those cookies
with requests like JS/CSS/images.

Change-Id: Ia9ea30e8967564572c7104600eb8dcc67647382d
Resolves: #52934
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/25342
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Wrong usage-text for cli_dispatch 46/25346/2
Tomita Militaru [Tue, 12 Nov 2013 12:05:14 +0000 (14:05 +0200)]
[BUGFIX] Wrong usage-text for cli_dispatch

Correct usage text for cli_dispatch, use --refindex update
instead of -e

Resolves: #53399
Releases: 6.2, 6.1, 6.0
Change-Id: I6e571e8ba1cc139c7a4004800491637d5b3af6d7
Reviewed-on: https://review.typo3.org/25346
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Evaluator in JS fails with namespaces 17/25317/2
Stefan Aebischer [Mon, 28 Oct 2013 22:07:09 +0000 (23:07 +0100)]
[BUGFIX] Evaluator in JS fails with namespaces

If you add an own evaluator, you have to insert the
class inclusive namespaces. JavaScript in TYPO3
backend fails to use the correct class set in
namespaces.

Resolves: #52904
Releases: 6.2,6.1,6.0
Change-Id: I356a2a7ff169462307506c64234741e6a690f8e2
Reviewed-on: https://review.typo3.org/25317
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Make be.buttons.icon-ViewHelper extensible 11/25311/2
Stefan Neufeind [Mon, 11 Nov 2013 22:43:29 +0000 (23:43 +0100)]
[BUGFIX] Make be.buttons.icon-ViewHelper extensible

Many of the standard-ViewHelpers (tag-based) at least support
additionalAttributes. Introduce this for be.buttons.icon as well
to allow for attributes like onclick or target. Those arguments
will be assigned to the surrounding a-tag if an uri is specified.

Change-Id: I0b8ef12842a818ed5d49437a003287aff9b08f13
Resolves: #53538
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/25311
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[TASK] Hard-coded labels in file collections 80/25280/3
Tomita Militaru [Mon, 11 Nov 2013 14:29:35 +0000 (16:29 +0200)]
[TASK] Hard-coded labels in file collections

Adds labels for file collection types in TCA

Resolves: #52727
Release: 6.2, 6.1, 6.0
Change-Id: I0aafc385d824a41a4e6045a9708d726dee06ea39
Reviewed-on: https://review.typo3.org/25280
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Correctly append additionalTreelistUpdateFields 77/25277/2
Bart Dubelaar [Tue, 27 Nov 2012 00:45:21 +0000 (01:45 +0100)]
[BUGFIX] Correctly append additionalTreelistUpdateFields

The list of additionalTreelistUpdateFields was not correctly
appended to the updateRequiringFields array.

Resolves: #37948
Releases: 6.2, 6.1, 6.0, 4.5
Change-Id: I7df514649203bf607a6ac3550c875c429e0f7328
Reviewed-on: https://review.typo3.org/25277
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Call to FlashMessageQueue::addMessage() method in extbase 72/25272/2
Markus Klein [Wed, 2 Oct 2013 20:40:23 +0000 (22:40 +0200)]
[BUGFIX] Call to FlashMessageQueue::addMessage() method in extbase

Extbase still uses the addMessage method, which is deprecated.
The official API is now enqueue(), let's use this one.

Resolves: #52488
Releases: 6.1, 6.2
Change-Id: I85097ee53ded9c2d2ccdc6c240667ddaa3768999
Reviewed-on: https://review.typo3.org/25272
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] EM: Fetch list as html, not as json 69/25269/2
Stefan Neufeind [Fri, 8 Nov 2013 13:40:14 +0000 (14:40 +0100)]
[BUGFIX] EM: Fetch list as html, not as json

After performing an update from TER currently the extension-list
is fetched as format=json. This however leads to that situation
that links in the list also have format=json and won't work
anymore (example: pagination-widget).

Change-Id: Id37ab27bb3acd821e9dc0cadb23978aa3e5d9784
Resolves: #53423
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/25269
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Correct storage selection (follow-up) 32/25232/2
Ernesto Baschny [Thu, 26 Sep 2013 14:44:59 +0000 (16:44 +0200)]
[BUGFIX] Correct storage selection (follow-up)

The new matching did not consider Windows paths names as the
previous version did. Using PathUtility is safer.

Releases: 6.2, 6.1, 6.0
Resolves: #52173
Change-Id: Ib0454a468bb93f5baab9677ffafc86efd0f1ae27
Reviewed-on: https://review.typo3.org/25232
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
5 years ago[TASK] Fix superfluous strlen() on constant strings 43/25243/2
Steffen Ritter [Sat, 9 Nov 2013 21:41:29 +0000 (22:41 +0100)]
[TASK] Fix superfluous strlen() on constant strings

Releases: 6.2, 6.1, 6.0
Resolves: #53477
Change-Id: I27817df25c126beb216c2b933c82ad9c35b74d80
Reviewed-on: https://review.typo3.org/25243
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
5 years ago[BUGFIX] Enable treeConfig overriding by Page TSconfig 35/25235/2
Stefan Froemken [Mon, 8 Apr 2013 10:58:15 +0000 (12:58 +0200)]
[BUGFIX] Enable treeConfig overriding by Page TSconfig

Add treeConfig to whitelist to allow overriding rootUid
as described in the documentation. Example:

TCEFORM.pages.categories.config.treeConfig.rootUid = 1

Resolves: #47040
Releases: 6.2, 6.1, 6.0, 4.7
Change-Id: Idd55593b063daa0be3c2943400f82617b0bf6218
Reviewed-on: https://review.typo3.org/25235
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] T3editor: Honour fileDenyPattern on saving included TS 57/25057/2
Stefan Neufeind [Tue, 29 Oct 2013 21:17:25 +0000 (22:17 +0100)]
[BUGFIX] T3editor: Honour fileDenyPattern on saving included TS

fileDenyPattern is only checked on loading so far.
Needs to be added for saving as well taken into account, since
otherwise an arbitrary file (including .php) can be overwritten.

Change-Id: Ia7edc83c8954942fb848746abc0980a304a1a6df
Resolves: #53195
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Reviewed-on: https://review.typo3.org/25057
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Escape title, extension, description of scheduler tasks 14/25214/2
Tomita Militaru [Sat, 2 Nov 2013 22:14:14 +0000 (00:14 +0200)]
[BUGFIX] Escape title, extension, description of scheduler tasks

Properly escapes the title, description and extension of
displayed scheduler tasks

Resolves: #29179
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Change-Id: Ie03383f694863e435bfb96341226f8c78be426e5
Reviewed-on: https://review.typo3.org/25214
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Exception using cObject FORM in TypoScript 17/23717/2
Andreas Bouche [Fri, 4 Nov 2011 09:32:09 +0000 (10:32 +0100)]
[BUGFIX] Exception using cObject FORM in TypoScript

Through a bug introduced by #31120, an Exception is thrown when a
TypoScript FORM object should be rendered.

Fixes: #31572
Releases: 6.2, 6.1, 6.0, 4.7
Change-Id: Ie67484fd014620ea229a7bee8bfebd063a3b57ae
Reviewed-on: https://review.typo3.org/23717
Reviewed-by: Stefan Neufeind
Reviewed-by: Sebastian Michaelsen
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
5 years ago[BUGFIX] Enable BE search for multiple mountpoints 86/24886/3
Georg Ringer [Thu, 19 Sep 2013 05:31:20 +0000 (07:31 +0200)]
[BUGFIX] Enable BE search for multiple mountpoints

Backend search now allows search from all mounts of an editor.
If the root page is selected it will search in all mounts of the
backend user.

Change-Id: Ic462725bb4cba8100c5eeca5f7f47b5711ab2869
Resolves: #35073
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/24886
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
5 years ago[TASK] Exclude central Modernizr from concatenation 80/24880/2
Stefan Neufeind [Thu, 17 Oct 2013 20:30:29 +0000 (22:30 +0200)]
[TASK] Exclude central Modernizr from concatenation

Modernizr is added to every "page" in the backend
as a default in DocumentTemplate. By default all JS
gets merged. Thus Modernizr is added to multiple
files.

Reduce the size of JS-files and allow browsers to
take advantage of reusing that code by having this
library as a separate part.

Change-Id: If18ca423ac3b4b1347c1319189d0feb019f37b7f
Resolves: #52931
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/24880
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[TASK] Tests for Persistence\Generic\Backend::getIdentifierByObject 77/24877/2
Stefan Neufeind [Sun, 6 Oct 2013 23:13:28 +0000 (01:13 +0200)]
[TASK] Tests for Persistence\Generic\Backend::getIdentifierByObject

Change-Id: Idb00a92469672e907286024ec461f0b8ee98c6c9
Resolves: #52570
Releases: 6.1, 6.2
Reviewed-on: https://review.typo3.org/24440
Reviewed-by: Marc Bastian Heinrichs
Tested-by: Marc Bastian Heinrichs
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
(cherry picked from commit ec71772a424f08a5f1e8d671169c72767331b92f)
Reviewed-on: https://review.typo3.org/24877

5 years ago[BUGFIX] Getting the identifier for a lazy object fails 59/24859/2
Marc Bastian Heinrichs [Tue, 30 Jul 2013 08:52:43 +0000 (10:52 +0200)]
[BUGFIX] Getting the identifier for a lazy object fails

Using PersistenceManager::getIdentifierByObject doesn't work for lazy
object since version 6.1, because the function uses the session object
directly. Before the Backend::getIdentifierByObject was used, which
handles lazy objects right.
Solution: use the Backend again.

Resolves: #50548
Releases: 6.2, 6.1
Change-Id: I8381a968f730918b96b6764d3f62bfc5f58509ee
Reviewed-on: https://review.typo3.org/24859
Reviewed-by: Marc Bastian Heinrichs
Tested-by: Marc Bastian Heinrichs
5 years ago[BUGFIX] Suppress empty tag names in output of array2xml 48/24848/2
Markus Hoelzle [Wed, 16 Oct 2013 13:26:58 +0000 (15:26 +0200)]
[BUGFIX] Suppress empty tag names in output of array2xml

If a tag name is empty GeneralUtility::array2xml must not output that
tag at all.

Resolves: #52529
Releases: 6.2, 6.1, 6.0
Change-Id: Ib075feac25e5ba06884436db6d4be69cc428a43d
Reviewed-on: https://review.typo3.org/24848
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
5 years ago[BUGFIX] Preserve vendor name in refering request 88/24788/3
Thomas Maroschik [Tue, 15 Oct 2013 09:28:41 +0000 (11:28 +0200)]
[BUGFIX] Preserve vendor name in refering request

Fluid FormViewHelper adds some hidden fields that contain information
about the current controller. When the form is submitted and contains
a validation error the errorAction int the ActionController is hit.
This one builds a refering request object from the hidden fields without
a vendor name, as this one is not passed from the FormViewHelper.
The request object tries to guess the controller name but guesses a non
namespaced classes name as the vendor name is not given. To get further
information about the class methods the class name gets autoloaded and
creates a wrong classes cache entry as the autoloader cannot detect if
a extension has namespaced or non namespaced classes from the outside.

This patch introduces a hidden vendor name field in the Fluid FormViewHelper.

Fixes: #52823
Releases: 6.2, 6.1, 6.0
Change-Id: I0a82cf2ee07ce293eda0b9f50d3cac7b2a513f15
Reviewed-on: https://review.typo3.org/24788
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Follow-Up: Fatal error due to missing use statement 28/24828/2
Sascha Egerer [Wed, 16 Oct 2013 07:31:17 +0000 (09:31 +0200)]
[BUGFIX] Follow-Up: Fatal error due to missing use statement

A fatal error occurs in the DataHandler.php due to a missing
use statement that was forgotten in the backport.

Related: #52636
Releases: 6.1
Change-Id: I6f893e56f86f3ade6e685efb7c40b73fa28c1840
Reviewed-on: https://review.typo3.org/24828
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
5 years ago[BUGFIX] Moving folders fails 00/24800/2
Oliver Hader [Tue, 15 Oct 2013 12:38:43 +0000 (14:38 +0200)]
[BUGFIX] Moving folders fails

On moving existing folders inside another existing folder in the
file-module, the following exception is thrown:

1314085991: uid of Storage has to be numeric.

The reason is obvious, since the submitted storage key contains
the storage object instead of the UID of the storage.

Change-Id: Ia6f6af5252880a7bde8a537bc9e343c392eadbf5
Fixes: #52845
Releases: 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/24800
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[BUGFIX] Only load folder contents if folder is initialised 81/24781/2
Frans Saris [Mon, 5 Aug 2013 20:13:55 +0000 (22:13 +0200)]
[BUGFIX] Only load folder contents if folder is initialised

FolderBasedFileCollection::loadContents() has to check if
the folder is initialised prior to loading the contents to
prevent fatal errors.

Fixes: #50802
Releases: 6.2, 6.1, 6.0
Change-Id: If3ce06cff13595da49abbb6aa99c891969aea692
Reviewed-on: https://review.typo3.org/24781
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Superfluous usage of ObjectManagerException 74/24774/2
Oliver Hader [Mon, 14 Oct 2013 22:00:53 +0000 (00:00 +0200)]
[BUGFIX] Superfluous usage of ObjectManagerException

The workspace backend module uses
\TYPO3\CMS\Extbase\Object\ObjectManagerException instead of
\TYPO3\CMS\Extbase\Object\ObjectManager.

Change-Id: Ieb30ed6cd3e8d33de7270800044b0eeebf83be90
Fixes: #52824
Releases: 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/24774
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[FEATURE] Add getValidators to AbstractCompositeValidator 73/23573/3
Stefan Froemken [Wed, 4 Sep 2013 07:09:14 +0000 (09:09 +0200)]
[FEATURE] Add getValidators to AbstractCompositeValidator

removeValidator is unusable as long as there is no method
to get contained validators

Resolves: #51707
Releases: 6.2, 6.1, 6.0
Change-Id: If8705e8b5c7c2dfa84a732b97813d6097930f209
Reviewed-on: https://review.typo3.org/23573
Reviewed-by: Stefan Neufeind
Tested-by: Stefan Neufeind
5 years ago[BUGFIX] Use callback in preg_replace in RemoveXSS 55/24755/2
Jigal van Hemert [Mon, 14 Oct 2013 08:34:52 +0000 (10:34 +0200)]
[BUGFIX] Use callback in preg_replace in RemoveXSS

Since PHP 5.5.0 the use of the /e modifier is deprecated in preg_replace.
Use callback function instead.
Also change comments to CGL format.

Change-Id: I44f12e8bfa1c976e494dae847cc6c53d15ed7c2d
Fixes: #52771
Releases: 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/24755
Reviewed-by: Markus Klein
Tested-by: Markus Klein
5 years ago[BUGFIX] Detect unix-styled absolute paths on Windows systems 24/24724/2
Nicole Cordes [Mon, 14 Oct 2013 08:12:34 +0000 (10:12 +0200)]
[BUGFIX] Detect unix-styled absolute paths on Windows systems

Currently PathUtility::isAbsolutePath and GeneralUtility::isAbsPath
only the for ":\" to detect absolute paths on Windows systems. This
patch provides even ":/" as unix-styled paths are mostly used now.

Resolves: #52773
Releases: 6.2, 6.1, 6.0
Change-Id: I1e132bbe74394861af4bf02a22287c9496953150
Reviewed-on: https://review.typo3.org/24724
Reviewed-by: Nicole Cordes
Tested-by: Nicole Cordes
5 years ago[BUGFIX] Object passed to date() 10/24710/2
Xavier Perseguers [Sun, 13 Oct 2013 17:56:12 +0000 (19:56 +0200)]
[BUGFIX] Object passed to date()

Function date() expects a timestamp as second parameter, not
an object.

Fixes: #52759
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Change-Id: I6821bafa51372c50d8903c63d62ea44933bc12b3
Reviewed-on: https://review.typo3.org/24710
Reviewed-by: Philipp Gampe
Tested-by: Philipp Gampe
5 years ago[TASK] Use 6.1 branch in travis-integration for travis 60/24660/2
Christian Kuhn [Sat, 12 Oct 2013 20:18:56 +0000 (22:18 +0200)]
[TASK] Use 6.1 branch in travis-integration for travis

Change-Id: I748bae0a4c4995d6e47b42d2d84cead36db3665d
Resolves: #52731
Related: #47018
Releases: 6.1, 6.0
Reviewed-on: https://review.typo3.org/24660
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
5 years ago[BUGFIX] Use BackendUtility use statement 58/24658/2
Anja Leichsenring [Sat, 12 Oct 2013 18:34:23 +0000 (20:34 +0200)]
[BUGFIX] Use BackendUtility use statement

Due to a faulty backport BackendUtility was used without proper
namespace, leading to a fatal error while editing page properties.
This introduces the use statement for all occurences in the class.

Resolves: #52728
Releases: 6.1, 6.0
Change-Id: I37b9e98513b1dd173e7099bce68a5950b9dd12e1
Reviewed-on: https://review.typo3.org/24658
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
5 years ago[BUGFIX] Wrong calculation of maximum value for checkbox fields 53/24653/2
Nicole Cordes [Sat, 12 Oct 2013 16:36:30 +0000 (18:36 +0200)]
[BUGFIX] Wrong calculation of maximum value for checkbox fields

This patch corrects the calculation of the maximum value for a group
of checkboxes which is stored as bit flag value in the database. The
formular for the maximum value is 2nd power of the item count minus one.

Resolves: #52104
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Change-Id: I0eb430b72a072838c6ac3bc3f5e339ff2509c455
Reviewed-on: https://review.typo3.org/24653
Reviewed-by: Nicole Cordes
Tested-by: Nicole Cordes
5 years ago[BUGFIX] Prevent empty newline below scheduler-task-name 19/24619/2
Stefan Neufeind [Sat, 12 Oct 2013 01:20:07 +0000 (03:20 +0200)]
[BUGFIX] Prevent empty newline below scheduler-task-name

The newline below a scheduler-task-name is only needed
if a progress-bar and/or additional-information follow.

Change-Id: I8d92fc0d3b8d88fdbdfdc79d8ee501b74d821bcc
Resolves: #52715
Releases: 6.2, 6.1, 6.0
Reviewed-on: https://review.typo3.org/24619
Reviewed-by: Philipp Gampe
Tested-by: Philipp Gampe
5 years ago[BUGFIX] DataMapFactory::resolveTableName must remove leading backslashes 03/24603/2
Alexander Schnitzler [Fri, 11 Oct 2013 16:33:10 +0000 (18:33 +0200)]
[BUGFIX] DataMapFactory::resolveTableName must remove leading backslashes

Currently the method just splits the given class name
by backslashes to detect the proper vendor name. If using
a leading backslash the algorithm of this function causes
a wrong result. Therefore all leading backslashes must be
removed first.

Releases: 6.2, 6.1, 6.0
Fixes: #52708
Change-Id: Icdc46facf66260bf528994964fb713d3dd24b3c6
Reviewed-on: https://review.typo3.org/24603
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
5 years ago[BUGFIX] BackendUtility::viewOnClick() called with non-integer 64/23064/4
Oliver Hader [Thu, 8 Aug 2013 10:48:24 +0000 (12:48 +0200)]
[BUGFIX] BackendUtility::viewOnClick() called with non-integer

The origin is in DatabaseRecordList::makeControl() that
tries to create a preview link with the page id "243#33163"
- more strict checks will deny this request because it's not
the expected integer value. Thus, BackendUtility::viewOnClick()
is called with a string instead of an integer.
This happens in the regular list module in the TYPO3 backend.
It's not critical if hooks and further processors use intval() on the
argument, but is bad if methods expect the defined integer value.

Change-Id: Ib66c1ee219b67e51d534f11fbf1eaa330476ca93
Fixes: #50912
Releases: 4.5, 6.0, 6.1, 6.2
Reviewed-on: https://review.typo3.org/23064
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[BUGFIX] Clear_cache() must not consider page ids lower than 0 79/23079/3
Oliver Hader [Fri, 11 Oct 2013 12:30:53 +0000 (14:30 +0200)]
[BUGFIX] Clear_cache() must not consider page ids lower than 0

DataHandler::clear_cache() is called with a table and an uid that
has been modified to trigger the clear cache commands. To find
siblings, children, parents, etc. the pid value is directly used
to find the affected pages. However, in a workspace context, the
pid is always "-1" which leads to a selection of all page
records of all workspaces. This amount is used to flush all
defined caches by a given tag name and might result in execution
time outs.

To avoid these superfluous cache flushes, page ids lower than 0
are ignored now in this section.

Fixes: #51051
Releases: 6.0, 6.1, 6.2
Change-Id: I03987bbd8c5d3526fb4dfda75b0dd0316fe1d836
Reviewed-on: https://review.typo3.org/23079
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
5 years ago[BUGFIX] Select available page when changing WS 90/24590/2
Thorsten Kahler [Thu, 7 Feb 2013 17:13:34 +0000 (18:13 +0100)]
[BUGFIX] Select available page when changing WS

When changing to another workspaces the currently selected page is not
always available.
This change selects the next available page from the rootline for page
tree and submodules of web module when the current page does not exist
in the workspace.

Change-Id: I0502fea3c21515421586403a41f5c696ffc0d762
Fixes: #37611
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Reviewed-on: https://review.typo3.org/24590
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
5 years ago[BUGFIX] Copy records to target page before origin page is deleted 84/24584/2
Timo Webler [Thu, 10 Oct 2013 07:21:48 +0000 (09:21 +0200)]
[BUGFIX] Copy records to target page before origin page is deleted

When a deletion of a page is published, all moved records
have to be copied to their new location before they get deleted.

Resolves: #52636
Releases: 6.2, 6.1, 6.0
Change-Id: Ide471b4f25c0350a1df57af3d92283310a76cac9
Reviewed-on: https://review.typo3.org/24584
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring