Packages/TYPO3.CMS.git
6 years ago[RELEASE] Release of TYPO3 4.6.10 97/12597/1 TYPO3_4-6-10
TYPO3 Release Team [Wed, 4 Jul 2012 09:28:38 +0000 (11:28 +0200)]
[RELEASE] Release of TYPO3 4.6.10

Change-Id: If34f7014918dbc9b69009e1396feb268b449f264

6 years ago[SECURITY] XSS in swfupload
Oliver Hader [Wed, 4 Jul 2012 08:30:40 +0000 (10:30 +0200)]
[SECURITY] XSS in swfupload

There is a known XSS vulnerability in swfupload which isn't
fixed yet. Thanks to the Wordpress project for providing a
fix - we just borrowed that code.

Change-Id: I46bb8dcc7ef2a452f7faa117bf93cd207671c31e
Fixes: #38578
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-003
Reviewed-on: http://review.typo3.org/12592
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[TASK] Raise submodule pointer
TYPO3 Release Team [Wed, 4 Jul 2012 08:53:36 +0000 (10:53 +0200)]
[TASK] Raise submodule pointer

Change-Id: I0cda56289f3ea79436293116b3faef90175cddd6
Reviewed-on: http://review.typo3.org/12586
Reviewed-by: TYPO3 Release Team
Tested-by: TYPO3 Release Team
6 years ago[BUGFIX] Exclude E_STRICT from exceptionalErrors
Mario Rimann [Mon, 2 Jul 2012 20:41:33 +0000 (22:41 +0200)]
[BUGFIX] Exclude E_STRICT from exceptionalErrors

From PHP 5.4, E_STRICT became part of E_ALL. This leads to lots of runtime
notice exceptions when using PHP 5.4. To avoid that, E_STRICT needs to be
excluded from error reporting.

Change-Id: I7cb7c2151444ee863cdb163c9aa7544fae43da5c
Fixes: #35154
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12529
Tested-by: Steffen Ritter
Reviewed-by: Steffen Ritter
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] IRRE records can't be expanded without an hidden field
Oliver Hader [Fri, 29 Jun 2012 16:52:52 +0000 (18:52 +0200)]
[BUGFIX] IRRE records can't be expanded without an hidden field

If no hidden field in TCA for IRRE child records, this will
lead to JavaScript errors on expanding the accordant child
record in the TCEforms view.

This regression has been introduced in issue #34303

Change-Id: Iecb93cd34d7430a0cedc478c58903dce5180ab83
Fixes: #37615
Related: #34303
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12576
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] TSFE->additionalFooterData for USER_INT
Oliver Hader [Thu, 7 Jun 2012 09:13:24 +0000 (11:13 +0200)]
[BUGFIX] TSFE->additionalFooterData for USER_INT

TSFE->additionalFooterData was introduced with TYPO3 4.3, but
only for the purpose of t3lib_PageRenderer. The definition of
this property is e.g. missing at all in tslib_fe and besides
that, the handling for USER_INT/COA_INT objects is not there
at all.

Change-Id: Iddda782efea19d65763a4cb0295a066067cf22a7
Fixes: #29254
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11860
Reviewed-on: http://review.typo3.org/12571
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7
Stanislas Rolland [Tue, 3 Jul 2012 17:49:59 +0000 (13:49 -0400)]
[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7

Problem: When using IE9, the RTE does not work correctly when using
compatibility modes IE8 or IE7. In particular, the style sheets are not
parsed, because they are not loaded in the same order as with the
specified compatibility version.
Solution: Check whether compatibility mode is activated and avoid
reliance on order.

Change-Id: I9265739ee594b62a99e7dacac61152bc263240cc
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #38574
Reviewed-on: http://review.typo3.org/12548
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years agoRevert "[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7"
Stanislas Rolland [Tue, 3 Jul 2012 17:30:19 +0000 (19:30 +0200)]
Revert "[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7"

This reverts commit 53b58c826230f1a057b6feab403db874ae68f541

Should avoid reliance on order of stylesheets.

Change-Id: I1489dd7fdce8f96922a8e516019770845efea88c
Reviewed-on: http://review.typo3.org/12547
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7
Stanislas Rolland [Tue, 3 Jul 2012 14:38:47 +0000 (10:38 -0400)]
[BUGFIX] In IE9, RTE does not work correctly in compat modes IE8/IE7

Problem: When using IE9, the RTE does not work correctly when using
compatibility modes IE8 or IE7. In particular, the style sheets are not
parsed, because they are not loaded in the same order as with the
specified compatibility version.
Solution: Check whether compatibility mode is activated.

Change-Id: Ia75acef5d58cc97dc4e8ae40ce3e7cfbe8e75811
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #38574
Reviewed-on: http://review.typo3.org/12539
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Custom HTML tags no longer malformed in IE
Bart Dubelaar [Mon, 19 Mar 2012 14:44:34 +0000 (15:44 +0100)]
[BUGFIX] Custom HTML tags no longer malformed in IE

Custom HTML tags would get malformed while editing in IE.
If a tag is not present in HTML4 and the document mode
of IE is lower than IE9 Standards, then the tag is not
present in the DOM and not parsed correctly.
This is fixed by specifying possible custom tags in TSconfig
and creating dummy instances of the tags before loading
the contents in the DOM, also known as the Shiv trick.

Change-Id: Ibabaac405328789f47da1c00f343cf5b88608c60
Fixes: #34786
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12512
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] Remove a rather dubious unit test for Redis cache backend
Christian Kuhn [Sun, 1 Jul 2012 09:40:53 +0000 (11:40 +0200)]
[BUGFIX] Remove a rather dubious unit test for Redis cache backend

The password test is not very useful and fails with younger redis
versions. It was already removed in TYPO3.FLOW3 with commit
e06bd9bb0a3e602a6b067d91b94e88cd78d96135

Change-Id: Iae7372c54c3c8befd08cbdccfb578f6986e1d588
Resolves: #38511
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12490
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] canBeInterpretedAsInteger fatals if given an object
Philipp Gampe [Wed, 25 Jan 2012 18:05:16 +0000 (19:05 +0100)]
[BUGFIX] canBeInterpretedAsInteger fatals if given an object

If an object without a string representation is given to
t3lib_utility_math::canBeInterpretedAsInteger($var), the
method will throw a fatal error.

Assume that an object or an array can never be an integer.
<http://php.net/manual/en/language.types.integer
.php#language.types.integer.casting.from-other>

Change-Id: I95e5fe6a5c9f798b5f249c3c14b8cfd4bedd3afe
Fixes: #33446
Releases: 4.6,4.7
Reviewed-on: http://review.typo3.org/12085
Reviewed-by: Susanne Moog
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Fix unit test failure if gif compress is disabled
Susanne Moog [Sat, 30 Jun 2012 13:45:00 +0000 (15:45 +0200)]
[BUGFIX]  Fix unit test failure if gif compress is disabled

If gif_compress is disabled in the install tool, the
test gifCompressFixesPermissionOfConvertedFileIfUsingGd
fails, as the method it tests only does things if
gif_compress is enabled.

Change-Id: I91603452e43188cd38afeb3ca8b38e2913848e66
Fixes: #38501
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12475
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] VariableFrontend initializeObject not called
Daniel Pötzinger [Thu, 12 Apr 2012 17:59:38 +0000 (19:59 +0200)]
[BUGFIX] VariableFrontend initializeObject not called

The method is protected and is not called in the container then

Change-Id: I03ab47aa1030e782d14304d9371fc62b9c5aed18
Fixes: #35915
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12471
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Remove class of td if "No CSS styles for this table" is set
Juergen Furrer [Tue, 5 Jun 2012 18:05:14 +0000 (20:05 +0200)]
[BUGFIX] Remove class of td if "No CSS styles for this table" is set

Change-Id: I75f1a27b4ef1a94831d6d80f8d0d8d649fc8d1ca
Fixes: #37618
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12468
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Markers (%s) are not replaced in TCEmain error messages
Bart Dubelaar [Fri, 20 Apr 2012 19:17:57 +0000 (21:17 +0200)]
[BUGFIX] Markers (%s) are not replaced in TCEmain error messages

Change-Id: I33d8840390deba3e8a2ac5a188fd6fb089b91b5f
Fixes: #36290
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12465
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Fatal error in configuration ($BE_USER->uc)
Susanne Moog [Wed, 25 Jan 2012 19:23:29 +0000 (20:23 +0100)]
[BUGFIX] Fatal error in configuration ($BE_USER->uc)

This happens because an object is handed over as $arr[$key].
In this case convert $arr[$key] to array.

Change-Id: I128de2da656a3d4782bcb9b8b2a9519aade6ce9f
Fixes: #33444
Releases: 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/12461
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] Add travis configuration file
Helmut Hummel [Fri, 29 Jun 2012 21:35:53 +0000 (23:35 +0200)]
[TASK] Add travis configuration file

For details read the ticket description.

Change-Id: Ibc22c62e7bb490e1871db92bbc09cd7e56581fa3
Resolves: #38357
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12458
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
6 years ago[BUGFIX] Reports: Wrong indication for saltedpasswords
Markus Klein [Sun, 15 Apr 2012 08:55:23 +0000 (10:55 +0200)]
[BUGFIX] Reports: Wrong indication for saltedpasswords

The reports module shows a wrong status indication for saltedpasswords
if it is configured to forceSalted.

Change-Id: I24347b9872d11a388ef4084f2db9ef70821dc840
Fixes: #36093
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10547
Reviewed-by: Philipp Gampe
Reviewed-by: Stefan Neufeind
Reviewed-by: Oliver Klee
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
6 years ago[BUGFIX] Declaration of tx_rtehtmlarea_base::drawRTE() not compatible
Stanislas Rolland [Thu, 28 Jun 2012 19:49:14 +0000 (15:49 -0400)]
[BUGFIX] Declaration of tx_rtehtmlarea_base::drawRTE() not compatible

Solution: First parameter should be defined as reference so as to be
compatible with the definition of t3lib_rteapi::drawRTE().

Change-Id: I16adc2a616f80e867c7986319f7ffeb69f5f160c
Releases: 4.5, 4.6, 4.7, 6.0
Resolves: #37541
Reviewed-on: http://review.typo3.org/12428
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
6 years ago[BUGFIX] IRRE hide/unhide broken
dkd-egerer Sascha Egerer [Sun, 15 Apr 2012 14:36:14 +0000 (16:36 +0200)]
[BUGFIX] IRRE hide/unhide broken

hide/unhide is broken when inline record is not opened before

Change-Id: Ibfd018cc24ae5a0e3768800ea5161376879cf6a8
Resolves: #34303
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10695
Reviewed-by: Stefan Neufeind
Reviewed-by: Marcus Schwemer
Tested-by: Marcus Schwemer
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] PHP 5.4 adjustments
Markus Klein [Tue, 6 Mar 2012 10:42:54 +0000 (11:42 +0100)]
[TASK] PHP 5.4 adjustments

Small adjustments for PHP 5.4 compatibility.

Change-Id: Ic33ea5ca0085cc28e8b17426d84f3598cad55d78
Resolves: #34685
Releases: 4.8, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11502
Reviewed-by: Wouter Wolters
Reviewed-by: Sebastian Fischer
Reviewed-by: Oliver Klee
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Ensure $output is used as string
Peter Niederlag [Tue, 17 Apr 2012 07:26:22 +0000 (09:26 +0200)]
[BUGFIX] Ensure $output is used as string

Problem was introduced by new API t3lib_befunc::helpTextArray()
which changed ::helpText()

Change-Id: Idc055446333bfaec008944e41b434e844fcbd241
Fixes: #36194
Relates: #23798
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/10559
Reviewed-by: Oliver Klee
Reviewed-by: Mattias Nilsson
Tested-by: Mattias Nilsson
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] fe_adminLib.inc uses undefined function
Sven Burkert [Thu, 22 Dec 2011 08:50:41 +0000 (02:50 -0600)]
[BUGFIX] fe_adminLib.inc uses undefined function

fe_adminLib.inc calls preg_spliti() which does not exist.

Change-Id: I7c16c2590ddc193fcad99e970ab8c6975e369261
Fixes: #32773
Releases: 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/12084
Reviewed-by: Oliver Klee
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Properly load existing usergroups in task
Bart Dubelaar [Mon, 23 Apr 2012 09:13:30 +0000 (11:13 +0200)]
[BUGFIX] Properly load existing usergroups in task

The create backend user task did not properly load
the usergroups of an existing user, because it wrongly
assumes that the groups are provided as array.
Actually the groups are provided as raw DB field,
thus no conversion is needed.

Change-Id: Ia704e071f6565f1a892e5f5c8d4c2b83a106f32f
Fixes: #36300
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12262
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Unnecessary warning in css_styled_content (division by zero)
Thomas Layh [Wed, 2 May 2012 14:10:06 +0000 (16:10 +0200)]
[BUGFIX] Unnecessary warning in css_styled_content (division by zero)

If tt_content.image.20.maxW is not set, PHP throws a warning about
division by zero. This is not necessary. After that the variable
$scale is not set. This patch checks if $netW is greater zero and
otherwise the else condition will set $scale to 1.

Change-Id: Icd876b33d543080e486e0184c8af34c9a3831738
Fixes: #36777
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/12077
Reviewed-by: Thomas Layh
Tested-by: Thomas Layh
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] Hide the field "Selected Pages" for menu type "Sitemap"
Marco Huber [Fri, 13 Apr 2012 14:35:47 +0000 (16:35 +0200)]
[BUGFIX] Hide the field "Selected Pages" for menu type "Sitemap"

The field "Selected Pages" is never used in the content element
"Menu/Sitemap" with menu type "Sitemap". So it should not be
shown in the backend.

Change-Id: I9464ff29fc9fd9864a404cfb14f0545b3e186366
Fixes: #35944
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/12015
Reviewed-by: Markus Klein
Reviewed-by: Wouter Wolters
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
6 years ago[BUGFIX] redirect to referrer when changing password
Jigal van Hemert [Sun, 1 Jan 2012 22:05:47 +0000 (23:05 +0100)]
[BUGFIX] redirect to referrer when changing password

The referrer and referrerDomains redirect options must be ignored after
changing the password, otherwise you would end up on the page where the
change password form was displayed (which shows an error message now).
An extra option to ignore the referrer redirects is introduced for this.

Change-Id: I26abdf74a3d55000eb88dbcda63fa032c0bd0557
Fixes: #21943
Releases: 4.5, 4.6, 4.7
Reviewed-on: http://review.typo3.org/11753
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years agoBUGFIX] Illegal string offset
Jigal van Hemert [Mon, 28 May 2012 20:32:44 +0000 (22:32 +0200)]
BUGFIX] Illegal string offset

Check if parameter is an array before using it as an array in
getPagePath() and getPageInfo()

Change-Id: Idc2d36bc68496cd11ece18193ac662d30e7348e0
Fixes: #37553
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11667
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[TASK] Set TYPO3 version to 4.6.10-dev
TYPO3 v4 Release Team [Tue, 22 May 2012 10:10:33 +0000 (12:10 +0200)]
[TASK] Set TYPO3 version to 4.6.10-dev

Change-Id: Ibce2d595a5a4488ecc8fcd3bffb1d13cdaa82564
Reviewed-on: http://review.typo3.org/11442
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[RELEASE] Release of TYPO3 4.6.9
TYPO3 v4 Release Team [Tue, 22 May 2012 10:10:24 +0000 (12:10 +0200)]
[RELEASE] Release of TYPO3 4.6.9

Change-Id: I55ca9e46c52e0be35f090736fff368eb81955bec
Reviewed-on: http://review.typo3.org/11441
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[TASK] Raise submodule pointer
TYPO3 v4 Release Team [Tue, 22 May 2012 09:54:39 +0000 (11:54 +0200)]
[TASK] Raise submodule pointer

Change-Id: Icab7d9914103db01598b8088c72871c7066c3baa
Reviewed-on: http://review.typo3.org/11436
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[BUGFIX] Pagetree: Copying large branches duplicates branch
Steffen Gebert [Sat, 11 Feb 2012 15:52:03 +0000 (16:52 +0100)]
[BUGFIX] Pagetree: Copying large branches duplicates branch

Copying large branches (500+ pages, depending on the server) has a big
problem: The AJAX request is answered too late (after Ext.Direct
timeout), so Ext.Direct will resend the request. This will copy the
branch once again. So the copied branch appears twice after copying.

The whole process fails with a connection timeout error message and the
user has to reload the page tree.

Change-Id: I2f0aa73357674751e7745654383f420802f0eb17
Resolves: #26993
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11335
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[TASK] Add a comment for require_once in t3lib_error_ErrorHandler
Oliver Klee [Sun, 20 May 2012 16:03:51 +0000 (18:03 +0200)]
[TASK] Add a comment for require_once in t3lib_error_ErrorHandler

These require_once calls are needed to make the exception classes
available even if the autoloader is not loaded at this point yet.

The comment point this out and (hopefully) keeps people from deleting
the require_once calls as part of some clean up.

Resolves: #37335
Relates: #23444, #36061

Change-Id: Ie226b67f44ea0c3cbd17fa9e52018dbf8d8b58d4
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11388
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] PHP warning when a language pack does not exist
Xavier Perseguers [Wed, 9 May 2012 07:48:05 +0000 (09:48 +0200)]
[BUGFIX] PHP warning when a language pack does not exist

If PHP warnings are not catched, file_get_contents issues a warning
message whenever a file cannot be retrieved.

Change-Id: I511739d2aeb31d2f946abab80f6edf4deb127d6f
Fixes: #36976
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11355
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[BUGFIX] DB field names exceed max length with 'zzz_deleted'
Tolleiv Nietsch [Wed, 1 Feb 2012 08:30:40 +0000 (09:30 +0100)]
[BUGFIX] DB field names exceed max length with 'zzz_deleted'

MySQL allows a maximum of 64 characters for column and table names.
When prefixing them with 'zzz_deleted' this limit might be reached
by accident. (e.g. with
'zzz_deleted_tx_powermail_tellAFriendForm_receiverEmailContentField')

The patch avoids the overstepping 64 characters.

At the same time the prefixed and shortened field names are more
likely to have the same name, therefore the names are cut
from the beginning.

Change-Id: I5fa03d17288090c9db6a47e097bbca0ce583a6e4
Fixes: #33580
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11329
Reviewed-by: Philipp Gampe
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Regression of "better condition in versionOL of t3lib_tstemplate"
Andy Grunwald [Wed, 9 May 2012 08:45:56 +0000 (10:45 +0200)]
[BUGFIX] Regression of "better condition in versionOL of t3lib_tstemplate"

versionOL in t3lib_tstemplate can cause a fatal error for
scripts like eID that run in frontend mode, but without a full
blown frontend environment.

The patch replaces the frontend check with a more specific test
for the required methods.

Change-Id: I9920cf185883d35c2121077b62e34c76ace72a94
Related: #31139, #25144
Resolves: #36981
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11098
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
6 years ago[BUGFIX] Properly quote regexp in Install Tool
Jigal van Hemert [Fri, 30 Mar 2012 20:46:39 +0000 (22:46 +0200)]
[BUGFIX] Properly quote regexp in Install Tool

Characters with a special meaning must be properly quoted
if they appear in a regular expression.

Change-Id: I2587acb9d0f61a441be6e13dcaba7b7ca0fc82bc
Releases: 6.0, 4.7, 4.6, 4.5
Resolves: #35410
Reviewed-on: http://review.typo3.org/11322
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Install Tool: Settings added by extensions can be edited
Ernesto Baschny [Thu, 26 Jan 2012 11:45:05 +0000 (12:45 +0100)]
[BUGFIX] Install Tool: Settings added by extensions can be edited

Change-Id: I13f3ec8a1f10029ce2b6e421bcc97be2e1276ca3
Fixes: #25213
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11321
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Wrong DB fields usage in TCEmain
Felix Nagel [Wed, 16 May 2012 13:11:52 +0000 (15:11 +0200)]
[BUGFIX] Wrong DB fields usage in TCEmain

The fix for issue #35260 introduced a new bug in method
t3lib_TCEmain::getPreviousLocalizedRecordUid() by adding a
field in a query in the wrong place. In particular, this breaks
the localization of tt_content elements used with IRRE.

This patch fixes the problem by separating the list of fields
used for selecting and for sorting.

Change-Id: I1173a61a073cf3c0b9583a64259949ea688f30df
Fixes: #37221
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11293
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Missing bottom margin in the page tree
Stefan Galinski [Fri, 13 Apr 2012 14:01:04 +0000 (16:01 +0200)]
[BUGFIX] Missing bottom margin in the page tree

This fixes the UI issue with the deletion overlay and drag&drop
with nodes at the very bottom of the page tree viewport too.

Change-Id: I5cee23ea9441fcd1910a998547772bc3f2e53fb5
Fixes: #35182
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/11259
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
6 years ago[BUGFIX] Wrong label reference for backend_layout
Markus Klein [Mon, 14 May 2012 12:37:08 +0000 (14:37 +0200)]
[BUGFIX] Wrong label reference for backend_layout

tbl_pages.php references non-existing labels.
Actually they have different names.

Change-Id: Iacad60ae562cb738410177e554473badc78df2b4
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #37158
Reviewed-on: http://review.typo3.org/11195
Reviewed-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Pagetree doesn't expands to the last saved state
Stefan Galinski [Thu, 10 May 2012 17:51:11 +0000 (19:51 +0200)]
[BUGFIX] Pagetree doesn't expands to the last saved state

Change-Id: I0518d9dd06c7d126dfe5d885e4b2751b7e7462b6
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #36459
Reviewed-on: http://review.typo3.org/11189
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
6 years ago[BUGFIX] Page cache expiry calculation fails
Francois Suter [Wed, 4 Apr 2012 13:21:52 +0000 (15:21 +0200)]
[BUGFIX] Page cache expiry calculation fails

The calculation of the page cache expirationy timestamp based on
property config.cache.xx = table:yy fails in some specific
scenarios, name when there are records having either a start time
in the future but no end time, or an end time in the future
and no start time. Contrary to what is being done so far, calculation
must be performed separately for each time field to avoid
interferences.

Change-Id: I39f08a84255233952bd2fd51f28972bb1fe9affa
Fixes: #35684
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/11095
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[BUGFIX] Slider Wizard value not set when used in a flexform
Wouter Wolters [Tue, 27 Mar 2012 17:19:57 +0000 (19:19 +0200)]
[BUGFIX] Slider Wizard value not set when used in a flexform

When the Slider Wizard is used in a flexform the value is given
as XML, which is not handled correctly. When the Slider is used in
a flexform, retrieve the value with t3lib_flexformtools.

Change-Id: I59d967bc2a782f7f3f392c1fe035dc0c60ef6e75
Fixes: #34012
Releases: 4.5,4.6,4.7,6.0
Reviewed-on: http://review.typo3.org/11038
Reviewed-by: Tolleiv Nietsch
Tested-by: Tolleiv Nietsch
6 years ago[BUGFIX] Fix math test on 32 bit systems
Helmut Hummel [Sat, 5 May 2012 10:13:41 +0000 (12:13 +0200)]
[BUGFIX] Fix math test on 32 bit systems

Change-Id: I0408c5a6998eefd6dd38543c061523b851bda749
Fixes: #36860
Releases: 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/11013
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
Reviewed-by: Christian Kuhn
6 years ago[BUGFIX] EM: improve action icons alignment
Francois Suter [Fri, 27 Apr 2012 07:41:21 +0000 (09:41 +0200)]
[BUGFIX] EM: improve action icons alignment

In both extensions list of the new EM (available and import), the
action icons are flush with the top of each table row. Instead
they should be aligned with the extension icon.

Change-Id: I9a69382d7cb5a8fad8ae568fc37d689ebf1f788f
Fixes: #36611
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10976
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[BUGFIX] EM: misplaced tooltips
Francois Suter [Fri, 27 Apr 2012 07:18:26 +0000 (09:18 +0200)]
[BUGFIX] EM: misplaced tooltips

In the local list of extensions, the tooltips on the first two action
columns are misplaced. Tooltips from the second one override those
from the first one.

Change-Id: I62a7931ca24b78817e1ae2495e06bdbf708cf3a3
Fixes: #36610
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10970
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[BUGFIX] EM: avoid cropping action columns
Francois Suter [Fri, 27 Apr 2012 07:09:51 +0000 (09:09 +0200)]
[BUGFIX] EM: avoid cropping action columns

In some browsers the action icons of the new EM disappear, to be
replaced by an ellipsis (...). This is due to ExtJS using
"text-overflow: ellipsis" and some browsers miscalculating the
width of the column. This text-overflow directive is not necessary
as the icons fit nicely anyway.

Change-Id: I26ae9c679b6419a723e98ebb66c726f5ddb3fe77
Fixes: #30900
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10878
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] t3lib_div::getUrl() throws a warning on nonexisting local file
Philipp Gampe [Fri, 20 Apr 2012 18:45:49 +0000 (20:45 +0200)]
[BUGFIX] t3lib_div::getUrl() throws a warning on nonexisting local file

During #35847 the silent operator was removed from file_get_content()
which should not have happend.

Change-Id: Ifb12b5f5b20234f1a218c43d4f3882de16b7f0a0
Related: #35847
Fixes: #36380
Releases: 4.6, 4.5
Reviewed-on: http://review.typo3.org/10854
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] New task button missing after deleting task
Alexander Jahn [Mon, 23 Apr 2012 07:45:06 +0000 (09:45 +0200)]
[BUGFIX] New task button missing after deleting task

Change-Id: I7b0dd0ef83d8fe62aeaf12849bcf87b00801eacc
Fixes: #36296
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10852
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] cropHTML with dash in html element
Jakub Cernek [Fri, 10 Jun 2011 20:52:00 +0000 (22:52 +0200)]
[BUGFIX] cropHTML with dash in html element

Allow dash in regular expression of cropHTML function. It is needed
for recognition of W3C non-standard TYPO3 'link' element syntax.
(e.g. <link email@example.org - mail "Open email window">
email@example.org</link>)

Change-Id: Id2bd9bbcffc4c55f1ba9cd24bb456e927c6f2d6d
Fixes: #26915
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10691
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Wrong HTTP protocol in combination with a proxy
Michael Staatz [Fri, 13 Apr 2012 18:46:11 +0000 (20:46 +0200)]
[BUGFIX] Wrong HTTP protocol in combination with a proxy

When a reverse proxy is configured in $TYPO3_CONF_VARS and you call
t3lib_div::getIndpEnv('TYPO3_SSL') it returns the wrong protocol.

You can reproduce this in the following way:
If realUrl has the configuration to take the next higher level in the
page tree in the case of not finding the current page then the protocol
will be changed by the static method t3lib_div::getIndpEnv('TYPO3_SSL')

Change-Id: I40817be254a330e9d083cf45ccb25500571ebc4b
Fixes: #36004
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10684
Reviewed-by: Michael Staatz
Tested-by: Michael Staatz
Reviewed-by: Stefan Neufeind
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Remove duplicate domain from FE copyright comment
Tomita Militaru [Fri, 27 Apr 2012 09:31:44 +0000 (12:31 +0300)]
[BUGFIX] Remove duplicate domain from FE copyright comment

Since typo3.com was replaced by typo3.org, current frontend copyright
comment shows duplicate domain in copyright:
TYPO3 is copyright 1998-2012 of Kasper Skaarhoj. Extensions are
copyright of their respective owners. Information and contribution
at http://typo3.org/ and http://typo3.org/

Change-Id: Id0647274974032f20a1b5a050e439ed43213bcdb
Fixes: #36164
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/10849
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Show phpinfo() header title
Tomita Militaru [Thu, 26 Apr 2012 16:06:51 +0000 (19:06 +0300)]
[BUGFIX] Show phpinfo() header title

This is a no-brainer, fixes the bug with the title of
phpinfo() in the Install Tool being hidden from CSS.

Change-Id: I7b4e1a9f30b88a4758516502cf6c816e96763890
Fixes: #34686
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10846
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Hide relations to deleted records
Francois Suter [Tue, 24 Apr 2012 15:46:10 +0000 (17:46 +0200)]
[BUGFIX] Hide relations to deleted records

When displaying a column containing MM-relations in Web > List
view, deleted records will show up, because the MM relations still
exist and the foreign table is not checked for deleted records.

Additionally an empty result in this case should display "N/A"
just like for the other situations.

Change-Id: I78969ca83b464889c646fd6de4784886cdbeaaf2
Fixes: #21713
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10813
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[BUGFIX] Localize command must preserve type
Francois Suter [Thu, 29 Mar 2012 11:16:42 +0000 (13:16 +0200)]
[BUGFIX] Localize command must preserve type

When the TCEmain command "localize" is used on a table that has
a type attribute, this type is not copied automatically. This
may lead to a discrepancy between the parent record and its
translations. The type must be copied when localizing.

Change-Id: Ia0027d839e7213190c3425dfbdd6e9efc0fcfdde
Fixes: #35361
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10703
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[BUGFIX] Missing static keyword for addFieldsToUserSettings
Susanne Moog [Sat, 21 Apr 2012 10:14:16 +0000 (12:14 +0200)]
[BUGFIX] Missing static keyword for addFieldsToUserSettings

All t3lib_extMgm methods are meant to be called statically.
The function addFieldsToUserSettings is missing the static keyword.

Change-Id: I7cb33a816b4a1e4b9ff3ed08c3ca5ab301303c78
Fixes: #36399
Releases: 4.5,4.6,4.7,6.0
Reviewed-on: http://review.typo3.org/10675
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Backend: Fetch correct overlay-version of page inside workspace
Stefan Neufeind [Sun, 26 Feb 2012 23:01:29 +0000 (00:01 +0100)]
[BUGFIX] Backend: Fetch correct overlay-version of page inside workspace

When fetching page-details while using inside a workspace
make sure to fetch the correct overlay.

Change-Id: I8b517da8bc4b0bb10d268a9d02b7900d7244f439
Resolves: #27811
Releases: 4.5, 4.6, 4.7, 4.8
Reviewed-on: http://review.typo3.org/9790
Reviewed-by: Stefan Neufeind
Reviewed-by: Timo Webler
Tested-by: Timo Webler
Reviewed-by: Thorsten Kahler
Tested-by: Thorsten Kahler
6 years ago[TASK] Set TYPO3 version to 4.6.9-dev
TYPO3 v4 Release Team [Tue, 17 Apr 2012 09:33:19 +0000 (11:33 +0200)]
[TASK] Set TYPO3 version to 4.6.9-dev

Change-Id: Ifbd1c1cfa51db52941492d1c2f69c75da92eac00
Reviewed-on: http://review.typo3.org/10576
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[RELEASE] Release of TYPO3 4.6.8
TYPO3 v4 Release Team [Tue, 17 Apr 2012 09:33:11 +0000 (11:33 +0200)]
[RELEASE] Release of TYPO3 4.6.8

Change-Id: Ic55701000fd8135a5da8fb4a45f15e0761516af2
Reviewed-on: http://review.typo3.org/10575
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[SECURITY] XSS in exception handler
Oliver Klee [Tue, 17 Apr 2012 09:10:50 +0000 (11:10 +0200)]
[SECURITY] XSS in exception handler

Change-Id: I5d2f174520cfc2ac86ae017d1b2b6e8373400cfb
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Fixes: #34348
Security-Review: http://review.typo3.org/10310
Security-Commit: cf62651bc349dea3991041f8dab1126b64ae3fca
Security-Bulletin: TYPO3-CORE-SA-2012-002
Reviewed-on: http://review.typo3.org/10567
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[TASK] Raise submodule pointer
TYPO3 v4 Release Team [Tue, 17 Apr 2012 09:03:00 +0000 (11:03 +0200)]
[TASK] Raise submodule pointer

Change-Id: I7ed3ae4849c873982cea0ce9456b42ee61f2d9cf
Reviewed-on: http://review.typo3.org/10562
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[BUGFIX] Localisation update doesn't work
Sebastian Fischer [Sat, 14 Apr 2012 10:01:32 +0000 (12:01 +0200)]
[BUGFIX] Localisation update doesn't work

Change-Id: I3353dfa5425fab87186dfbb9174bc71ec0acee86
Fixes: #36027
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10519
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
6 years ago[TASK] Change hardcoded URL to constant
dkd-egerer Sascha Egerer [Sat, 14 Apr 2012 14:56:30 +0000 (16:56 +0200)]
[TASK] Change hardcoded URL to constant

Change hardcoded typo3.org url to the
constant TYPO3_URL_GENERAL in class.typo3logo.php

Change-Id: I030acd34b7ffe40d44f1287a3544c8fca6a91ac1
Resolves: #34742
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10476
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] t3lib_http_Request can not be loaded in frontend
Philipp Gampe [Fri, 13 Apr 2012 13:14:02 +0000 (15:14 +0200)]
[BUGFIX] t3lib_http_Request can not be loaded in frontend

Move the include path modification to t3lib/config_default.php
Switch the TYPO3 pear folder in front, to avoid incompatibilities
with older or newer versions of the PEAR packages.

Change-Id: I729a6a77f443b24adf199034c14adbfa5ff4f074
Fixes: #33497
Fixes: #34897
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10474
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Hardcoded variable in CookieJar.php
Philipp Gampe [Fri, 16 Mar 2012 11:33:47 +0000 (12:33 +0100)]
[BUGFIX] Hardcoded variable in CookieJar.php

If pear installs a package, it replaces all occurrences of data_dir with
the actual dirname. This should not have happened in then shipped
version.

Change-Id: Iccb171d25bfe3f31d92f93f36add5a5f794cd0fb
Fixes: #34923
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10397
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Slider doesn't work in IE9
Jigal van Hemert [Sun, 11 Mar 2012 13:41:51 +0000 (14:41 +0100)]
[BUGFIX] Slider doesn't work in IE9

With the new X-UA-Compatible set to IE=9 for the backend the
TCA slider control will only work with an override.

Change-Id: I00df432b64e321ee23a5f1bfcbfd7d1fb8cce90d
Resolves: #32581
Releases: 4.8, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10370
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] Fix the unit tests to work with PHPUnit 3.6
Oliver Klee [Fri, 6 Apr 2012 23:54:46 +0000 (01:54 +0200)]
[BUGFIX] Fix the unit tests to work with PHPUnit 3.6

Phpunit 3.6 is no longer able to test for a generic Exception
class. The main part of this patch changes generic Exceptions to
better detailed subclasses to give more information on the error.

Change-Id: I103bb4ab8026613bbc20537a14ae027b5aeff47d
Fixes: #35202
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10351
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Results from live search and opendocs can't be opened
Stefan Galinski [Sat, 24 Mar 2012 16:57:20 +0000 (17:57 +0100)]
[BUGFIX] Results from live search and opendocs can't be opened

Change-Id: I757f66eec3d035203431958cd283bb77abd9f182
Fixes: #34860
Fixes: #33685
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10345
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Failing test in autoloader with phpunit 3.6
Christian Kuhn [Thu, 12 Apr 2012 14:25:10 +0000 (16:25 +0200)]
[BUGFIX] Failing test in autoloader with phpunit 3.6

The next phpunit extension will deliver phpunit 3.6. Some autoloader
unit tests fail with this version because of unclean tests. The patch
cleans that up to make the tests run with both phpunit 3.5 and 3.6.

Change-Id: Iad49aa7c19a3736a36f2d33753432d68bae9b3c9
Resolves: #35905
Releases: 6.0, 4.7, 4.6
Reviewed-on: http://review.typo3.org/10343
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Failing test in caching framework memcache backend
Christian Kuhn [Thu, 12 Apr 2012 11:25:34 +0000 (13:25 +0200)]
[BUGFIX] Failing test in caching framework memcache backend

Bugfix #30162 changed the memcache handling to not throw an exception but
insert a sys_log entry instead in case of connection problems. The patch
removes the according unit test that broke with the
change, since the call to the static syslog is untestable.

Change-Id: I315e4a62c9b690e365f22fbc52e5227e28b9c152
Resolves: #35897
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10331
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] t3lib_div::getUrl() providing wrong error information
Ingo Renner [Wed, 11 Apr 2012 11:54:57 +0000 (13:54 +0200)]
[BUGFIX] t3lib_div::getUrl() providing wrong error information

When using t3lib_div::getUrl() with lib file/context it uses
file_get_contents() to read a URL. When this fails it tries to provide the
reason for the error but does not return the actual issue.

The error key in the returned array contains the error retrieved by
error_get_last() which does not provide the error that occurred with
file_get_contents(), but with PHP. Usually this is a notice.

The actual error message of file_get_contents() is in the variable
$http_response_header which is available after calling file_get_contents().

See http://de2.php.net/manual/en/reserved.variables.httpresponseheader.php

Change-Id: Iddb421b53d20b03fed2fb765e5643d1e95e7da98
Fixes: #35847
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10257
Reviewed-by: Ingo Renner
Tested-by: Ingo Renner
6 years ago[BUGFIX] Enable XClassing of t3lib_install by replacing new
Kay Strobach [Tue, 27 Mar 2012 11:24:54 +0000 (13:24 +0200)]
[BUGFIX] Enable XClassing of t3lib_install by replacing new

This Fix Replaces 3 occurences of new t3lib_install with
t3lib_div::makeInstance('t3lib_install')

Change-Id: Id6c7d729daaa23385c4c8ecb2e5cb3dffaa77d00
Fixes: #35272
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10239
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Use state "excludeFromUpdates" in update check
Jigal van Hemert [Thu, 22 Mar 2012 23:00:32 +0000 (00:00 +0100)]
[BUGFIX] Use state "excludeFromUpdates" in update check

Do not offer update for extensions with state "excludeFromUpdates"

Change-Id: Ic3aaf85a64fe23f5aede42a7949f4137d468675f
Fixes: #35126
Releases: 4.8, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10075
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] ext_icon.gif for EXT:impexp
Georg Ringer [Wed, 28 Mar 2012 05:37:25 +0000 (07:37 +0200)]
[BUGFIX] ext_icon.gif for EXT:impexp

Every extension needs an icon, impexp too

Change-Id: Iad158668afebdc5826d3bcb06df68c30b6ee5f9e
Fixes: #35257
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10208
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] missing parameter for implode
Jigal van Hemert [Sun, 8 Apr 2012 06:27:25 +0000 (08:27 +0200)]
[BUGFIX] missing parameter for implode

Use the preferred syntax for implode()

Change-Id: Ieb20713e16139920b1622334ddebcf8e4eb8267f
Releases: 6.0, 4.7, 4.6, 4.5
Fixes: #34695
Reviewed-on: http://review.typo3.org/10194
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] "Allowed excludefields" misses non-tt_content FlexForms
Kai Vogel [Mon, 9 Jan 2012 20:56:27 +0000 (21:56 +0100)]
[BUGFIX] "Allowed excludefields" misses non-tt_content FlexForms

Extend the "Allowed excludefields" in group access lists to also show
FlexForm fields from other tables than tt_content.

Change-Id: Id473d18aa36277284d37f73aa36606aa6a7a4df2
Fixes: #31831
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10143
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] Set filename to downloaded resource in t3lib_compressor
Morton Jonuschat [Wed, 7 Dec 2011 07:00:22 +0000 (08:00 +0100)]
[BUGFIX] Set filename to downloaded resource in t3lib_compressor

Compressor fails to properly reference external URLs.
It should use the downloaded copy of the resource.

Change-Id: I0966b430bd650fa85fa63215cbe19f52795a35f2
Fixes: #32517
Related: #31239
Releases: 4.7, 4.6
Reviewed-on: http://review.typo3.org/9872
Reviewed-by: Philipp Gampe
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[BUGFIX] preg_spliti should be preg_split
Georg Ringer [Thu, 29 Mar 2012 06:12:37 +0000 (08:12 +0200)]
[BUGFIX] preg_spliti should be preg_split

A typo made out of preg_split a preg_spliti which
of course doesn't exist

Change-Id: Iab3ba56f3cc43eb2ecedf5145d3b2783544efea4
Releases: 4.6, 4.5
Fixes: #34625
Reviewed-on: http://review.typo3.org/10078
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
6 years ago[TASK] Set TYPO3 version to 4.6.8-dev
TYPO3 v4 Release Team [Wed, 28 Mar 2012 12:14:55 +0000 (14:14 +0200)]
[TASK] Set TYPO3 version to 4.6.8-dev

Change-Id: I2849d0381ba0abe9a777270fa3adb8eb69ece245
Reviewed-on: http://review.typo3.org/10042
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[RELEASE] Release of TYPO3 4.6.7
TYPO3 v4 Release Team [Wed, 28 Mar 2012 12:14:46 +0000 (14:14 +0200)]
[RELEASE] Release of TYPO3 4.6.7

Change-Id: I50e0ff3e1463653997f182facc825d6e87da69a2
Reviewed-on: http://review.typo3.org/10041
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[SECURITY] Missing escaping for sys_notes
Georg Ringer [Wed, 28 Mar 2012 11:55:19 +0000 (13:55 +0200)]
[SECURITY] Missing escaping for sys_notes

sys_notes misses an escaping in info module

Change-Id: I684e33172c664e504174c02202fd71372f6a6e98
Fixes: #22748
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9949
Security-Commit: 7c56f512b20577bb286b792fc0eacc752b1c6a8a
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10020
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[!!!][SECURITY] XSS in filelink element
Georg Ringer [Wed, 28 Mar 2012 11:55:14 +0000 (13:55 +0200)]
[!!!][SECURITY] XSS in filelink element

Add escaping to description and file name of file link content element.
Warning: There is no longer HTML possible in description!

Change-Id: Ie690b60a06280d4cadd04cd08a82381a5e1f9fa0
Fixes: #25246
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9946
Security-Commit: df5cf5a42ce0c84c28394782e43f85c129f96ca8
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10019
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] Information disclosure showing DB name
Georg Ringer [Wed, 28 Mar 2012 11:55:09 +0000 (13:55 +0200)]
[SECURITY] Information disclosure showing DB name

By accessing a cli script in the frontend, it is possible
that the DB name is shown.

Change-Id: I405b5655aedbd17f45453a62f9fe9ad8c420642e
Fixes: #29060
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9947
Security-Commit: fd242fbb0ef6955d7e81bc9d54a305a1fd2f54b0
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10018
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS in show item
Christian Kuhn [Wed, 28 Mar 2012 11:55:04 +0000 (13:55 +0200)]
[SECURITY] XSS in show item

Change-Id: Id3fca3b9c58b5b20bbe1435fac3f0fccb54ed165
Fixes: #29397
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9948
Security-Commit: bf865ae162d560138d9f1054bd51bf536dcf7eb0
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10017
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] Missing escaping in scheduler
Georg Ringer [Wed, 28 Mar 2012 11:55:01 +0000 (13:55 +0200)]
[SECURITY] Missing escaping in scheduler

A proper escaping is missing for field "frequency"
Sanitize submitted uid

Change-Id: Iaf8f336342aa95daa4dfc145f1fb2029dd1aeb13
Fixes: #24474
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9950
Security-Commit: b60463b268821af9b189fa8fd35ffaccf1204ee3
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10016
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS in BE file list
Christian Kuhn [Wed, 28 Mar 2012 11:54:57 +0000 (13:54 +0200)]
[SECURITY] XSS in BE file list

Change-Id: I0a689a566c57766bfa7b3197b0d9198ad289cdf2
Fixes: #30940
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9951
Security-Commit: 22625eda929ea4781a25c98f1bbaa40a1cdb70cb
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10015
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS possibility in RemoveXSS
Andreas Wolf [Wed, 28 Mar 2012 11:54:53 +0000 (13:54 +0200)]
[SECURITY] XSS possibility in RemoveXSS

RemoveXSS fails to properly remove non printable characters, especially
zero-byte (\x00) chars.

Change-Id: Ia21e067edfcb568fae994ce1d339dd9c1724bd4b
Fixes: #30188
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9952
Security-Commit: fbc344bf1759262237a5af8ba08080f70efc51dd
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10014
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS in be_layouts
Georg Ringer [Wed, 28 Mar 2012 11:54:48 +0000 (13:54 +0200)]
[SECURITY] XSS in be_layouts

Some values from the backend layout configuration
are not properly escaped

Change-Id: I4e85bfe5ec1e6c2d28ef5fa02a5059b35df3fef1
Fixes: #29536
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Security-Review: http://review.typo3.org/9953
Security-Commit: 3829ac8cd35ee19cf56d22a420f15b9eea84f273
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10013
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[SECURITY] XSS for extension meta data in About module
Oliver Klee [Wed, 28 Mar 2012 11:54:44 +0000 (13:54 +0200)]
[SECURITY] XSS for extension meta data in About module

Change-Id: I6ce1a90375b20c79c645a76b24713c718a06d529
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Fixes: #30969
Security-Review: http://review.typo3.org/9954
Security-Commit: 590a0dc93e1b66da085ed7f3788a4a3efe335a20
Security-Bulletin: TYPO3-CORE-SA-2012-001
Reviewed-on: http://review.typo3.org/10012
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
6 years ago[TASK] Raise submodule pointer
TYPO3 v4 Release Team [Wed, 28 Mar 2012 11:47:35 +0000 (13:47 +0200)]
[TASK] Raise submodule pointer

Change-Id: I7d4e1642ef79513a564f0b02fe2ca36fa4c2e645
Reviewed-on: http://review.typo3.org/9987
Reviewed-by: TYPO3 v4 Release Team
Tested-by: TYPO3 v4 Release Team
6 years ago[BUGFIX] Missing column in t3lib_TCEmain::getPreviousLocalizedRecordUid
Francois Suter [Tue, 27 Mar 2012 07:52:10 +0000 (09:52 +0200)]
[BUGFIX] Missing column in t3lib_TCEmain::getPreviousLocalizedRecordUid

Method t3lib_TCEmain::getPreviousLocalizedRecordUid() checks for the
"closest" localized record. For content elements it does this per
column, but actually fails because the "colPos" field is not among
the available fields. It must be added to the selection.

Change-Id: Ia6bb2592a0ae8c0e668fac207d5c2b79265b9c4b
Fixes: #35260
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/9960
Reviewed-by: Francois Suter
Tested-by: Francois Suter
6 years ago[TASK] Add missing sql_free_result in alt_doc.php
Wouter Wolters [Mon, 19 Mar 2012 20:22:29 +0000 (21:22 +0100)]
[TASK] Add missing sql_free_result in alt_doc.php

Add missing sql_free_result in alt_doc.php to free hanging
records properly.

Change-Id: I5c43aef985f85507301fe62400d5c9b612ce57d2
Resolves: #34771
Releases: 4.8, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/9865
Reviewed-by: Philipp Gampe
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
6 years ago[BUGFIX] Tooltips for items in groupfields are not moved
Jigal van Hemert [Sat, 24 Mar 2012 07:01:42 +0000 (08:01 +0100)]
[BUGFIX] Tooltips for items in groupfields are not moved

In groupfields the title attribute of options must also be handled
when moving items.

Change-Id: I6276c5f9f604d09844b41d4a7abe9c0c7fb4dc2a
Fixes: #35176
Releases: 6.0, 4.7, 4.6, 4.5, 4.4
Reviewed-on: http://review.typo3.org/9859
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
6 years ago[TASK] Code clean-up in t3lib_PageRenderer
Oliver Hader [Thu, 22 Mar 2012 19:38:05 +0000 (20:38 +0100)]
[TASK] Code clean-up in t3lib_PageRenderer

Change-Id: I236e491f56e7daad2837c57770f5c71d1d5dd5da
Resolves: #35160
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/9816
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
Reviewed-on: http://review.typo3.org/9838

6 years ago[BUGFIX] Blank page after Save+Close in page settings
Stefan Galinski [Thu, 23 Feb 2012 22:16:56 +0000 (23:16 +0100)]
[BUGFIX] Blank page after Save+Close in page settings

Change-Id: Idd7647e0e1aaee607203f64c421d6ca235920268
Fixes: #33791
Releases: 4.8, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/9829
Reviewed-by: Xavier Perseguers
Tested-by: Xavier Perseguers
7 years agoRevert "[BUGFIX] showAccessRestrictedPages doesn't replace links to restricted subpages"
Helmut Hummel [Sun, 11 Mar 2012 20:13:41 +0000 (21:13 +0100)]
Revert "[BUGFIX] showAccessRestrictedPages doesn't replace links to restricted subpages"

Commit 94feeb2596244bc463afd428aab41353eb1740a4 introduced a major
performance overhead and is reverted for now.

Change-Id: Ia2aca9c0670a318681c94b5fafe89b8ac8e9b6f4
Releases: 4.8, 4.7, 4.6, 4.5
Resolves: #32756
Reviewed-on: http://review.typo3.org/9730
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
7 years ago[BUGFIX] Fix baseurl handling of IE with RTE htmlArea in FE and realurl
Stanislas Rolland [Fri, 16 Mar 2012 23:50:44 +0000 (19:50 -0400)]
[BUGFIX] Fix baseurl handling of IE with RTE htmlArea in FE and realurl

Problem: IE does not support document.baseURI and document.URL is
incorrect when using realurl.
Solution: Get first base tag and extract href as base for iframe
document.
Note: Thanks to Christoph Niewerth

Change-Id: Ibb85cbfb673c0abd8723d4906789944820505fc6
Resolves: #30847
Releases: 4.5, 4.6,4.7, master
Reviewed-on: http://review.typo3.org/9708
Reviewed-by: Stanislas Rolland
Tested-by: Stanislas Rolland
7 years ago[BUGFIX] Fatal error 't3lib_lock' does not exist
Oliver Hader [Wed, 14 Mar 2012 09:28:12 +0000 (10:28 +0100)]
[BUGFIX] Fatal error 't3lib_lock' does not exist

The PHP fatal error occurs for the following settings:
$TYPO3_CONF_VARS['SYS']['enableDeprecationLog'] is enabled
$TYPO3_CONF_VARS['BE']['forceCharset'] is not "utf-8" (or empty)
$TYPO3_CONF_VARS['SYS']['enableDeprecationLog'] is set to "file"

Change-Id: I28b736b093c372f6581e8d67f1de1f1d68790be1
Fixes: #34662
Releases: 4.5, 4.6, 4.7, 4.8
Reviewed-on: http://review.typo3.org/9688
Reviewed-by: Oliver Klee
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader