Packages/TYPO3.CMS.git
2 years ago[RELEASE] Release of TYPO3 6.2.23 00/48200/2 6.2.23 TYPO3_6-2-23
TYPO3 Release Team [Tue, 17 May 2016 12:43:00 +0000 (14:43 +0200)]
[RELEASE] Release of TYPO3 6.2.23

Change-Id: I10c9ba1d7f8c65d2a12a9eaed13502e4ba3ab6a8
Reviewed-on: https://review.typo3.org/48200
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
2 years ago[BUGFIX] Use push parser instead of pull parser on fetching extension list 87/48187/2
Oliver Hader [Tue, 17 May 2016 10:20:27 +0000 (12:20 +0200)]
[BUGFIX] Use push parser instead of pull parser on fetching extension list

Issue #75022 reported problems with libxml and operations on compressed
file streams. The work around for that patch showed drawbacks with memory
consumption. That's why the push parser is used as default now.

Resolves: #75721
Related: #75022
Releases: master, 7.6, 6.2
Change-Id: I6daadd4b375634cf45272bb249e4bfa083f03646
Reviewed-on: https://review.typo3.org/48187
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
2 years agoRevert "[BUGFIX] Load XML files of Extension Manager properly" 84/48184/2
Oliver Hader [Tue, 17 May 2016 09:54:13 +0000 (11:54 +0200)]
Revert "[BUGFIX] Load XML files of Extension Manager properly"

This reverts commit ab32091db207d781056cab8d16979d09321b8f7c.

This change did not completely solve the libxml issue and introduced
additional trouble on memory consumption with the current pull parsers.

Related: #75022
Releases: master, 7.6, 6.2
Change-Id: I42454d61ab444860fc53b29715df69e65a2f0475
Reviewed-on: https://review.typo3.org/48184
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
2 years ago[TASK] Make .htaccess Apache 2.4 suitable 30/48030/2
Marc von Schalscha-Ehrenfeld [Fri, 6 May 2016 11:25:22 +0000 (13:25 +0200)]
[TASK] Make .htaccess Apache 2.4 suitable

This patch makes EXT:documentation/Resources/Private/.htaccess and
EXT:extbase/Resources/Private/.htaccess Apache 2.4 suitable

Resolves: #76066
Resolves: #76064
Releases: master, 7.6, 6.2
Change-Id: I91c6e683eeb1bc92e1192d2b3800d2dcb8a9d4b9
Reviewed-on: https://review.typo3.org/48030
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
2 years ago[TASK] Disallow access to documentation folders 18/48018/2
Markus Klein [Wed, 27 Apr 2016 08:12:51 +0000 (10:12 +0200)]
[TASK] Disallow access to documentation folders

Update the default .htaccess file. The users must update their
actual configuration (.htaccess or server config) manually.

Resolves: #75934
Releases: master, 7.6, 6.2
Change-Id: I8e40263c72f68c44cb8fd8c1944a44e4d38d9daa
Reviewed-on: https://review.typo3.org/48018
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
2 years ago[BUGFIX] Allow maxitem=1 in TCA treeSelect again 37/47937/2
Alexander Bigga [Wed, 27 Apr 2016 13:50:31 +0000 (15:50 +0200)]
[BUGFIX] Allow maxitem=1 in TCA treeSelect again

Introduced with ec7b229 #75519, it was not possible to set maxitem=1 to
TCA treeSelect. This occures e.g. on setting the parent of a
sys_category.

The reason is the "selected" array which gets initialized with all
selected items. If there is no item selected, it is initialized with an
empty value and "selected.lenght" is 1 but should be 0. Selecting a new
value is impossible now.

The proposed path checks if items are selected or not on
initialization.

Change-Id: I0c8d21ad753dccb2d993febde404afc83a39b9b3
Resolves: #75947
Releases: 6.2
Reviewed-on: https://review.typo3.org/47937
Reviewed-by: Frans Saris <franssaris@gmail.com>
Tested-by: Frans Saris <franssaris@gmail.com>
2 years ago[TASK] Set TYPO3 version to 6.2.23-dev 09/47909/2
TYPO3 Release Team [Tue, 26 Apr 2016 09:33:02 +0000 (11:33 +0200)]
[TASK] Set TYPO3 version to 6.2.23-dev

Change-Id: Id5ca352efcdd76c115a534f330d947eee8a9ed23
Reviewed-on: https://review.typo3.org/47909
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
2 years ago[RELEASE] Release of TYPO3 6.2.22 08/47908/2 6.2.22 TYPO3_6-2-22
TYPO3 Release Team [Tue, 26 Apr 2016 09:32:17 +0000 (11:32 +0200)]
[RELEASE] Release of TYPO3 6.2.22

Change-Id: If442f054c7e76bdf95a0010d5d66dcbdf526840e
Reviewed-on: https://review.typo3.org/47908
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
2 years ago[BUGFIX] Double encoding in image title-tag 06/47906/2
Frank Naegler [Tue, 26 Apr 2016 08:19:25 +0000 (10:19 +0200)]
[BUGFIX] Double encoding in image title-tag

With https://review.typo3.org/#/c/45284/ this bug was introduced. The change to
htmlSpecialChars = 1 was a mistake, because the output is already escaped.
This patch reverts the change for altText object.

Resolves: #75860
Releases: master, 7.6, 6.2
Change-Id: I87ea6ef4c734707933c75ab5c9ab3c4f4604251d
Reviewed-on: https://review.typo3.org/47906
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
2 years ago[BUGFIX] Remember not rendered checkboxes in TCA treeSelect 00/47900/2
Frans Saris [Wed, 20 Apr 2016 13:45:10 +0000 (15:45 +0200)]
[BUGFIX] Remember not rendered checkboxes in TCA treeSelect

When you have a select field of rendertype selectTree it looses the
selected values of the not rendered checkboxes.

This changes makes sure that also the not rendered values are kept.

Change-Id: I8649e83c56a0265a7de069ef9654ed13b90b3239
Resolves: #75519
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/47900
Reviewed-by: Frans Saris <franssaris@gmail.com>
Tested-by: Frans Saris <franssaris@gmail.com>
3 years ago[BUGFIX] Check if folder is within the filemount 17/47817/3
Frans Saris [Tue, 19 Apr 2016 16:04:20 +0000 (18:04 +0200)]
[BUGFIX] Check if folder is within the filemount

Before using the filemount base folder as root for the
folder->getReadablePath() check if the folder is within the filemount.

Change-Id: I8a4436fb2a0e512c7d2d1fc50b9d08febae8b256
Resolves: #73735
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/47817
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
3 years ago[BUGFIX] RTE: Show content of link style dropdown again 41/47641/3
Markus Klein [Wed, 13 Apr 2016 09:24:14 +0000 (11:24 +0200)]
[BUGFIX] RTE: Show content of link style dropdown again

Regression fix to security update.

Resolves: #75548
Releases: 6.2
Change-Id: I65f6568b626088553818343ff89dbe1f2e1ffe1d
Reviewed-on: https://review.typo3.org/47641
Reviewed-by: Kai Ole Hartwig <mail@ole-hartwig.eu>
Tested-by: Kai Ole Hartwig <mail@ole-hartwig.eu>
Reviewed-by: Matthias Hunstock <matthias.hunstock@tu-ilmenau.de>
Tested-by: Matthias Hunstock <matthias.hunstock@tu-ilmenau.de>
Reviewed-by: Tobias Schmidt <t.schmidt@minuskel.de>
Tested-by: Tobias Schmidt <t.schmidt@minuskel.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[BUGFIX] Ignore cURL proxy header block 08/47308/2
Albrecht Köhnlein [Fri, 19 Feb 2016 14:28:46 +0000 (15:28 +0100)]
[BUGFIX] Ignore cURL proxy header block

When cURL is enabled with a proxy, the proxy’s HTTP header (sent as a
response to the client CONNECT request) was not removed correctly for
https requests.

See also RFC 2817.

Resolves: #73567
Releases: master, 7.6, 6.2
Change-Id: I0f11933f523b099dd23a5bef631699904ffcefc8
(cherry picked from commit 09f1f5632e05a9140a7d65ceca0f38caa5f335eb)
Reviewed-on: https://review.typo3.org/47308
Reviewed-by: Jonas Götze <jonnsn@gmail.com>
Tested-by: Jonas Götze <jonnsn@gmail.com>
Reviewed-by: Andreas Wolf <andreas.wolf@typo3.org>
Tested-by: Andreas Wolf <andreas.wolf@typo3.org>
Reviewed-by: Dmitry Dulepov <dmitry.dulepov@gmail.com>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
3 years ago[TASK] Set TYPO3 version to 6.2.22-dev 24/47624/2
TYPO3 Release Team [Tue, 12 Apr 2016 11:11:09 +0000 (13:11 +0200)]
[TASK] Set TYPO3 version to 6.2.22-dev

Change-Id: I1a3230b02001e02c7b0638a92af78ec7008a4a45
Reviewed-on: https://review.typo3.org/47624
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[RELEASE] Release of TYPO3 6.2.21 23/47623/2 6.2.21 TYPO3_6-2-21
TYPO3 Release Team [Tue, 12 Apr 2016 11:10:18 +0000 (13:10 +0200)]
[RELEASE] Release of TYPO3 6.2.21

Change-Id: I9b4d40bcfd4f204de75f873a695aef36825c31d0
Reviewed-on: https://review.typo3.org/47623
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[BUGFIX] Add missing bracket in EXT:rtehtmlarea to fix syntax error 22/47622/2
Andreas Fernandez [Tue, 12 Apr 2016 10:30:36 +0000 (12:30 +0200)]
[BUGFIX] Add missing bracket in EXT:rtehtmlarea to fix syntax error

Resolves: #75541
Releases: 6.2
Change-Id: I2377695852fe6a307d0a4736f0f2e5eb4d79b608
Reviewed-on: https://review.typo3.org/47622
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[TASK] Set TYPO3 version to 6.2.21-dev 13/47613/2
TYPO3 Release Team [Tue, 12 Apr 2016 09:19:23 +0000 (11:19 +0200)]
[TASK] Set TYPO3 version to 6.2.21-dev

Change-Id: Iba4804fc2b8e8280d5caef651f84d4e4332db3ca
Reviewed-on: https://review.typo3.org/47613
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[RELEASE] Release of TYPO3 6.2.20 12/47612/2 6.2.20 TYPO3_6-2-20
TYPO3 Release Team [Tue, 12 Apr 2016 09:18:33 +0000 (11:18 +0200)]
[RELEASE] Release of TYPO3 6.2.20

Change-Id: I9e9ddd6b53aee8e9425dbc4ff864c1e8b36c8d04
Reviewed-on: https://review.typo3.org/47612
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[SECURITY] Disallow login with empty password 99/47599/2
Nicole Cordes [Tue, 12 Apr 2016 09:09:59 +0000 (11:09 +0200)]
[SECURITY] Disallow login with empty password

In case a backend or frontend user is stored in the database
with an empty string as password (not possible through backend UI),
it is possible to authenticate this user using an empty password
with the standard TYPO3 username/password authentication services.

By definition this should be prohibited.

Resolves: #75055
Releases: master, 7.6, 6.2
Security-Commit: 1899bfa7166baae8d774fa7bd027f9c448e89686
Security-Bulletins: TYPO3-CORE-SA-2016-009, 010, 011, 012
Change-Id: I7b5ce35a6e5d817c2480cb81e616bfac25fbe2fb
Reviewed-on: https://review.typo3.org/47599
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Limit user access in workspace previews 98/47598/2
Nicole Cordes [Tue, 12 Apr 2016 09:09:51 +0000 (11:09 +0200)]
[SECURITY] Limit user access in workspace previews

To view a preview of a workspace page a backend user is simulated.
Currently the user who created the preview link is taken into account.
This patch creates a limited backend user to be able to process the
web request.

Resolves: #28175
Releases: master, 7.6, 6.2
Security-Commit: 4d89b8acd5af116444402b0fc2527fd8217e0fca
Security-Bulletins: TYPO3-CORE-SA-2016-009, 010, 011, 012
Change-Id: I4ae4b46fa3345d179cd2748ae0caa48ed3a8e4d9
Reviewed-on: https://review.typo3.org/47598
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Prevent XSS in ElementBrowser 97/47597/2
Markus Klein [Tue, 12 Apr 2016 09:09:44 +0000 (11:09 +0200)]
[SECURITY] Prevent XSS in ElementBrowser

Resolves: #51908
Releases: 6.2
Security-Commit: 716f84105ecba3202280a9c35893818c4dd078a0
Security-Bulletins: TYPO3-CORE-SA-2016-009, 010, 011, 012
Change-Id: I5a13860aca41b4401325d3a3f6f025e051f63010
Reviewed-on: https://review.typo3.org/47597
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Prevent XSS in SelectMultipleSideBySideElement 96/47596/2
Nicole Cordes [Tue, 12 Apr 2016 09:09:37 +0000 (11:09 +0200)]
[SECURITY] Prevent XSS in SelectMultipleSideBySideElement

In Javascript context the title attribute of a selected option is passed
as unescapd HTML argument to the function. Creating a new option tag
without title validation results in a XSS possibility. This patch removes
hardcoded attribute setting and uses jQuery function which take care
of proper escaping.

Resolves: #75164
Releases: master, 7.6, 6.2
Security-Commit: 1f0d09bfe5899fa189ee6bde102665956dc0f9b1
Security-Bulletins: TYPO3-CORE-SA-2016-009, 010, 011, 012
Change-Id: I6445259a8608fa7a592b4574cb01c672ae1a4b93
Reviewed-on: https://review.typo3.org/47596
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Fix arbitrary file disclosure in form extension 95/47595/2
Steffen Müller [Tue, 12 Apr 2016 09:09:27 +0000 (11:09 +0200)]
[SECURITY] Fix arbitrary file disclosure in form extension

Resolves: #73459
Releases: 6.2
Security-Commit: ab36da69dbdf20e9940faf4ff7ead88657b9ed14
Security-Bulletins: TYPO3-CORE-SA-2016-009, 010, 011, 012
Change-Id: Ie9e38ee56c8df984653d4bab161087dd20cd065c
Reviewed-on: https://review.typo3.org/47595
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] Load XML files of Extension Manager properly 90/47590/4
Andreas Fernandez [Fri, 11 Mar 2016 14:56:57 +0000 (15:56 +0100)]
[BUGFIX] Load XML files of Extension Manager properly

Since the XEE security fix (I26701fc2ffb5aed7ccbd96c168aef571d012091e),
the XML files in the Extension Manager may are not loaded anymore, depending
on the machine. Change the way how the files are loaded to fix the issue.

Change-Id: I2a3dffd089ed427b965bcbae8aa596c26a81770b
Resolves: #75022
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/47590
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] WinCache 2.0 and newer have no opcode cache 30/47530/2
Alexander Opitz [Fri, 4 Mar 2016 13:46:45 +0000 (14:46 +0100)]
[BUGFIX] WinCache 2.0 and newer have no opcode cache

Detect WinCache 2.0 and newer not as opcode cache system.

Resolves: #74131
Releases: 7.6, 6.2
Change-Id: If7ce68b884d84638484f7b8225d175f5875fb683
Reviewed-on: https://review.typo3.org/47530
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[TASK] Allow installation of composer installers 1.2.x 15/47515/2
Helmut Hummel [Wed, 6 Apr 2016 14:03:13 +0000 (16:03 +0200)]
[TASK] Allow installation of composer installers 1.2.x

The newer version of composer installers has extendend
features, but is fully backwards compatible and proven to work nicely
with TYPO3 6.2.

Resolves: #75423
Releases: 6.2
Change-Id: Iaa25df38a55cb0276931123b549f60b86d0c5088
Reviewed-on: https://review.typo3.org/47515
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Tested-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Helmut Hummel <helmut.hummel@typo3.org>
Tested-by: Helmut Hummel <helmut.hummel@typo3.org>
3 years ago[BUGFIX] Warning when clearing all caches from within install tool 89/43289/4
Bernhard Kraft [Mon, 14 Sep 2015 09:01:43 +0000 (11:01 +0200)]
[BUGFIX] Warning when clearing all caches from within install tool

When using the "clearAllCache" button a warning message gets shown
(or eventually just logged) when the APC file cache is used.

Reason is that the method "OpcodeCacheUtility::clearAllActive()"
will not allow to clear whole directories. Per definition the used
method "apc_delete_file()" allows only to delete single file-cache
entries from the APC cache when called with a string argument.

So for this to work the method "apc_delete_file()" got changed to
use the "ApcIterator" class using a regular expression matching
the given directory.

Change-Id: I7148fb3c176e05518901b032eccddfa2dd448c4a
Resolves: #69773
Releases: 6.2
Reviewed-on: https://review.typo3.org/43289
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
3 years ago[TASK] Loosen version constraint for TYPO3 CMS Composer Installers 14/47414/2
Christian Opitz [Wed, 30 Mar 2016 07:39:18 +0000 (09:39 +0200)]
[TASK] Loosen version constraint for TYPO3 CMS Composer Installers

The current version constraint doesn't allow composer to install
bug fix versions of the 1.1 version branch of the composer installers
which is unhandy when there are bug fixes such as for #75273.
The new constraint matches all 1.1.* versions greater 1.1.4

Resolves: #75273
Releases: 6.2
Change-Id: I81ce319ea812d44bcf3dd23602e876eb0f0675d8
Reviewed-on: https://review.typo3.org/47414
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
3 years ago[BUGFIX] only trim leading slash from section name 46/46846/2
Daniel Neugebauer [Tue, 23 Feb 2016 17:24:33 +0000 (18:24 +0100)]
[BUGFIX] only trim leading slash from section name

When using sections for search, indexed_search now only trims the first
character from the section path name if it is a slash.

Resolves: #73631
Releases: 6.2
Change-Id: Ia67b411aeeb29af6d23b392a22dbcf381eb0b9f5
Reviewed-on: https://review.typo3.org/46846
Reviewed-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Tested-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
3 years ago[BUGFIX] Add reference count to delete message 87/47387/3
Gianluigi Martino [Thu, 24 Mar 2016 16:02:00 +0000 (17:02 +0100)]
[BUGFIX] Add reference count to delete message

If you delete a file or folder by using the clickmenu, a confirmation
message without reference count is shown. To streamline the confirmation
message with the one from FileList, the reference count is added with
this patch.

Resolves: #75156
Releases: master, 7.6, 6.2
Change-Id: I84fe8c853199cdb4e0ff422cdb5fc327e4bdc683
Reviewed-on: https://review.typo3.org/47387
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Michael Oehlhof <typo3@oehlhof.de>
Tested-by: Michael Oehlhof <typo3@oehlhof.de>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] Use proper quotation in phpdoc of ExtensionManagementUtility::addService() 01/47401/2
Andreas Fernandez [Mon, 28 Mar 2016 16:02:16 +0000 (18:02 +0200)]
[BUGFIX] Use proper quotation in phpdoc of ExtensionManagementUtility::addService()

The patch fixes the quotation in the description of the parameters
``$serviceType`` and ``$serviceKey``.
This ensures a correct rendering by Doxygen.

Resolves: #75283
Releases: master, 7.6, 6.2
Change-Id: Ic7d91c1c108465b50f7637667ff6f3a8b451eb26
Reviewed-on: https://review.typo3.org/47401
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
3 years ago[BUGFIX] Fix typo in BooleanNode exception message 99/47399/2
Sascha Egerer [Tue, 29 Mar 2016 09:46:10 +0000 (11:46 +0200)]
[BUGFIX] Fix typo in BooleanNode exception message

Change-Id: I792f5534780675278cbd7d540c96b60568b2647e
Resolves: #75287
Releases: 7.6, 6.2
Reviewed-on: https://review.typo3.org/47399
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
3 years ago[BUGFIX] Use `modTSconfig` for default language label, if set 75/47375/2
Andreas Fernandez [Wed, 23 Mar 2016 18:06:28 +0000 (19:06 +0100)]
[BUGFIX] Use `modTSconfig` for default language label, if set

Due to a wrong assignment, modSharedTSconfig is always used
to set the default language label in PageLayoutController, even if
modTSconfig is set.

modTSconfig is now used if possible.

Resolves: #75242
Releases: master, 7.6, 6.2
Change-Id: I517c03f02ffc8d05ed74a865517ee775e1542bfe
Reviewed-on: https://review.typo3.org/47375
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
3 years ago[BUGFIX] Prevent TYPO3.settings in ajax requests 70/46070/2
Nicole Cordes [Mon, 18 Jan 2016 23:26:19 +0000 (00:26 +0100)]
[BUGFIX] Prevent TYPO3.settings in ajax requests

Within ajax requests currently the ajaxUrls are exported to the
TYPO3.settings variable which overwrites the parent state with all
other information (e.g. format setting). This patch prevents the output
of new TYPO3.settings in the ajax response.

Resolves: #72606
Releases: 6.2
Change-Id: I0907be4564b6210b816eb607cd81156f987852d6
Reviewed-on: https://review.typo3.org/46070
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Stefan Froemken <froemken@gmail.com>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[TASK] Add unit tests for TYPO3SEARCH markers 91/47191/2
Tymoteusz Motylewski [Thu, 10 Mar 2016 13:44:22 +0000 (14:44 +0100)]
[TASK] Add unit tests for TYPO3SEARCH markers

Add two unit tests for Indexer, covering content extraction
from between TYPO3SEARCH_begin and TYPO3SEARCH_end markers.

Add note to documentation that it's possible to have multiple
TYPO3SEARCH marker pairs.

Resolves: #74815
Releases: master, 7.6, 6.2
Change-Id: I37c67dfc055dc30698831eef6d0231d929fef957
Reviewed-on: https://review.typo3.org/47191
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
3 years ago[BUGFIX] Load XML files of t3editor properly 77/47177/2
Andreas Fernandez [Thu, 10 Mar 2016 13:10:12 +0000 (14:10 +0100)]
[BUGFIX] Load XML files of t3editor properly

Since the XEE security fix (I26701fc2ffb5aed7ccbd96c168aef571d012091e),
the XML files in the t3editor are not loaded anymore. Change the way how
the files are loaded to fix the issue.

Change-Id: I26c622e47ee0f791b998886837f4443f5bddf11b
Resolves: #74508
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/47177
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[BUGFIX] Workspace page previews collide with generated preview links 54/45254/4
Oliver Hader [Mon, 14 Dec 2015 21:53:55 +0000 (22:53 +0100)]
[BUGFIX] Workspace page previews collide with generated preview links

Workspace page previews collide with that configuration that might have
been set by using a preview link containing a ADMCMD_prev command. The
keyword "IGNORE" is introduced to actually ignore these configurations
when viewing a page from the workspace module.

Resolves: #72225
Releases: master, 7.6, 6.2
Change-Id: I6a73e860a76308028f0a3b1bcd182e41082adcd6
Reviewed-on: https://review.typo3.org/45254
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] Ensure t3d compatibility for supported TYPO3 version 91/47091/2
Nicole Cordes [Fri, 4 Mar 2016 09:33:48 +0000 (10:33 +0100)]
[BUGFIX] Ensure t3d compatibility for supported TYPO3 version

This patch fixes an issue with unclean t3d export due to string to array
conversion. This is important to be able to import a t3d files which was
exported with 7.6 and above even in 6.2. This is needed as we do not
have any chance to see which TYPO3 version was used for the export.

Resolves: #74127
Releases: master, 7.6, 6.2
Change-Id: I6ba7b825241c2ca439c485aaf597b019b7ac8997
Reviewed-on: https://review.typo3.org/47091
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] Adjust UserAgent checks in RTE to detect Edge correctly 73/47073/7
Benjamin Kott [Fri, 4 Mar 2016 18:36:05 +0000 (19:36 +0100)]
[BUGFIX] Adjust UserAgent checks in RTE to detect Edge correctly

Resolves: #70373
Releases: master, 7.6, 6.2
Change-Id: I8cb505a051ecfbc0f423d32cbc121545cec35bf4
Reviewed-on: https://review.typo3.org/47073
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[TASK] Keep selected page active after save & close 33/46133/8
Gianluigi Martino [Thu, 21 Jan 2016 11:51:43 +0000 (12:51 +0100)]
[TASK] Keep selected page active after save & close

Keep the currently selected page active when editing the
page properties of another page as non-admin user.

Change-Id: I8f69ed0ded1dc5be3e50023c912c759d559cbbee
Resolves: #71094
Releases: master,7.6,6.2
Reviewed-on: https://review.typo3.org/46133
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Jan Helke <typo3@helke.de>
Tested-by: Jan Helke <typo3@helke.de>
3 years ago[TASK] EXT:form - Update and optimize documentation 60/47060/2
Björn Jacob [Sat, 23 Jan 2016 16:16:07 +0000 (17:16 +0100)]
[TASK] EXT:form - Update and optimize documentation

The documentation of EXT:form is outdated. The whole documentation has
been proof read and revised. Furthermore, the document has experienced
a huge structural change. The long pages have been split into smaller
parts.

A lot of content was duplicated. Following the DRY principle, the
descriptions of functions/ attributes etc. are now documented at a
central place and references are used.

Resolves: #69346
Releases: master,7.6,6.2
Change-Id: I45ddcf2f93c94f2982ac5fdecd5a942fad2eef21
Reviewed-on: https://review.typo3.org/47060
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[TASK] Add info about Apache version when using mod_filter 21/47021/2
Eric Chavaillaz [Fri, 22 Jan 2016 10:55:23 +0000 (11:55 +0100)]
[TASK] Add info about Apache version when using mod_filter

Since mod_filter is available since Apache 2.3.7 we need to check for
the apache version in the htaccess file.
Older versions of apache will work as well, even though they do not need
to check for the existence of mod_filter.

A comment is added to inform older Apache versions.

Resolves: #72886
Releases: master, 7.6, 6.2
Change-Id: Ia4905c992b52b2bd540ece0a1c1866aeacf6de85
Reviewed-on: https://review.typo3.org/47021
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] Stage buttons shown in frontend without user being repsonsible 97/46597/2
Oliver Hader [Thu, 11 Feb 2016 15:13:52 +0000 (16:13 +0100)]
[BUGFIX] Stage buttons shown in frontend without user being repsonsible

The workspace preview in the frontend shows the buttons to the previous
and next stage if the user is not responsible for the current stage.
Clicking the button does not forward the records to the names stage
however - this is caught by DataHandlerHook in EXT:version.

Resolves: #73243
Releases: master, 7.6, 6.2
Change-Id: I233629cb393d5786048ab7ead39cd3316780b488
Reviewed-on: https://review.typo3.org/46597
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[TASK] Set TYPO3 version to 6.2.20-dev 38/46838/2
TYPO3 Release Team [Tue, 23 Feb 2016 11:08:58 +0000 (12:08 +0100)]
[TASK] Set TYPO3 version to 6.2.20-dev

Change-Id: Ic5dbf3cb43af040d761f2cfd1894c0a6b9ea00b8
Reviewed-on: https://review.typo3.org/46838
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[RELEASE] Release of TYPO3 6.2.19 37/46837/2 6.2.19 TYPO3_6-2-19
TYPO3 Release Team [Tue, 23 Feb 2016 11:08:11 +0000 (12:08 +0100)]
[RELEASE] Release of TYPO3 6.2.19

Change-Id: Iee319320400b384e4af96ca13e0e5c0ea4221a4e
Reviewed-on: https://review.typo3.org/46837
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[SECURITY] Limit the search results per page 30/46830/2
Benni Mack [Tue, 23 Feb 2016 10:44:49 +0000 (11:44 +0100)]
[SECURITY] Limit the search results per page

Indexed Search allows to show up to 100.000
entries per page by configuring the paging
entry via a GET/POST variable, leading to a
possible DoS attack.

The max limit is set to 100 entries per page,
as a reasonable limit for the website search
results.

Resolves: #73458
Releases: master, 7.6, 6.2
Security-Commit: 8dc6e3c41d53788966b1ab220acd49a815ccfe7f
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: I46d825d918d716c6059bb732d3b808dd4bafdc9c
Reviewed-on: https://review.typo3.org/46830
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Escape output of tt_content.default 29/46829/2
Georg Ringer [Tue, 23 Feb 2016 10:44:39 +0000 (11:44 +0100)]
[SECURITY] Escape output of tt_content.default

Escape the value of the field CType in tt_content.default.

Resolves: #73450
Releases: master, 7.6, 6.2
Security-Commit: fa4c55b136648dd01115c346d9fd0c90b303f2d1
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: Ica19c572bf46b6f2b11333b6759804d3537e7469
Reviewed-on: https://review.typo3.org/46829
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] Stored XSS in shortcut functionality 28/46828/2
Wouter Wolters [Tue, 23 Feb 2016 10:44:29 +0000 (11:44 +0100)]
[SECURITY] Stored XSS in shortcut functionality

Resolves: #73449
Releases: 6.2
Security-Commit: c4df50a433362c2a3976f40bcbc5be82d4cb3cb6
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: I7881425226a6a23b9acf6a1870b82c4dcf0fee93
Reviewed-on: https://review.typo3.org/46828
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] XML entity expansion 27/46827/2
Benni Mack [Tue, 23 Feb 2016 10:44:20 +0000 (11:44 +0100)]
[SECURITY] XML entity expansion

Remote XML entites can be loaded in places where TYPO3 expects
only local files to be fetched. All places are changed so
the option to load entities is disabled.

Resolves: #61269
Releases: master, 7.6, 6.2
Security-Commit: ed1cd758fafc81ed44f8f829ad3ed3a86c5db649
Security-Bulletins: TYPO3-CORE-SA-2016-005, 006, 007, 008
Change-Id: Ic5513ce257f0a6aa1a9cce7a617b59ed09341a78
Reviewed-on: https://review.typo3.org/46827
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[TASK] Remove adodb diff 17/46817/2
Christian Kuhn [Mon, 22 Feb 2016 19:58:33 +0000 (20:58 +0100)]
[TASK] Remove adodb diff

There is a list of patches we applied to adodb manually in
typo3/sysext/adodb/Documentation/Index.rst. This, together
with 'git log' should be enough in case adodb is updated.
The diff file is pain to maintain and also does not
contain all changes that were done to adodb.

Change-Id: If0525ce90b637541d659569f697377f011b8ad37
Resolves: #73607
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/46817
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
3 years ago[TASK] Disallow Composer installation with PHP 7.x 07/46707/2
Mathias Brodala [Tue, 16 Feb 2016 11:29:59 +0000 (12:29 +0100)]
[TASK] Disallow Composer installation with PHP 7.x

TYPO3 6.2 is not compatible with PHP 7.x thus properly declare this
for Composer installations.

Resolves: #73480
Releases: 6.2
Change-Id: I857a07199109f63b51079094d035b6f1ab9efb52
Reviewed-on: https://review.typo3.org/46707
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[BUGFIX] Fix disabled menu item state for l18n_cfg=1 43/46743/2
Mathias Brodala [Wed, 17 Feb 2016 10:25:07 +0000 (11:25 +0100)]
[BUGFIX] Fix disabled menu item state for l18n_cfg=1

This fixes an issue introduced with the backport of the
change in #73083 to TYPO3 6.2.

Resolves: #73518
Related: #73083
Releases: 6.2
Change-Id: I8fef570b15e8bbf94da124f47a5bd4b3158c1b9f
Reviewed-on: https://review.typo3.org/46743
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Mario Rimann <typo3-coding@rimann.org>
Tested-by: David Hoeckele <david@hoeckele.net>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[BUGFIX] Remove addQueryStringMethod parameter from widget links 50/46350/2
Nicole Cordes [Fri, 29 Jan 2016 13:42:20 +0000 (14:42 +0100)]
[BUGFIX] Remove addQueryStringMethod parameter from widget links

Resolves: #58752
Releases: master, 7.6, 6.2
Change-Id: I1d03d62cf0028089bdd0c5a6e7ef555be36349fb
Reviewed-on: https://review.typo3.org/46350
Reviewed-by: Stefan Froemken <froemken@gmail.com>
Tested-by: Stefan Froemken <froemken@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[TASK] Set TYPO3 version to 6.2.19-dev 01/46701/2
TYPO3 Release Team [Tue, 16 Feb 2016 11:08:37 +0000 (12:08 +0100)]
[TASK] Set TYPO3 version to 6.2.19-dev

Change-Id: Ic95d24625134cb1dd28046d0b81463f7ff49fcd5
Reviewed-on: https://review.typo3.org/46701
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[RELEASE] Release of TYPO3 6.2.18 00/46700/2 6.2.18 TYPO3_6-2-18
TYPO3 Release Team [Tue, 16 Feb 2016 11:07:46 +0000 (12:07 +0100)]
[RELEASE] Release of TYPO3 6.2.18

Change-Id: Ia39733d7ffe9023f57907b8dc1b130f96daaf3be
Reviewed-on: https://review.typo3.org/46700
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[SECURITY] SQLi in DBAL 96/46696/2
Morton Jonuschat [Tue, 16 Feb 2016 10:43:49 +0000 (11:43 +0100)]
[SECURITY] SQLi in DBAL

When dbal is in native mode but sql_query.passthrough is disabled
in extension configuration, the values of queries are unescaped
and passed that way to MySQL, leading to an SQLi vulnerability.

Resolves: #58896
Releases: 6.2, 4.5
Security-Commit: 3594142daa7e7157aeb21c0ca5db95b5367236d8
Security-Bulletinsp: TYPO3-CORE-SA-2016-001, 002, 003, 004
Change-Id: Id76c0fb523a1835b0a9d2a1afa4ba1ebdda73303
Reviewed-on: https://review.typo3.org/46696
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] XSS in form extension 95/46695/2
Wouter Wolters [Tue, 16 Feb 2016 10:43:40 +0000 (11:43 +0100)]
[SECURITY] XSS in form extension

Resolves: #54205
Releases: 6.2
Security-Commit: 8d990b6db4deb63241f3d70a78dff0039094c98a
Security-Bulletinsp: TYPO3-CORE-SA-2016-001, 002, 003, 004
Change-Id: Id50b00b6bfc2fcf8461ac32285ee9d4b6d15ca3f
Reviewed-on: https://review.typo3.org/46695
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] XSS in content element "Form" 94/46694/2
Helmut Hummel [Tue, 16 Feb 2016 10:43:32 +0000 (11:43 +0100)]
[SECURITY] XSS in content element "Form"

Encode field names and options of select and radio elements.

Resolves: #25244
Releases: 6.2
Security-Commit: 7121a0c39e8801e860e29b77c6e33319bc27fd75
Security-Bulletinsp: TYPO3-CORE-SA-2016-001, 002, 003, 004
Change-Id: I2c2a1a71499ee4757b420df64a3604576d945da4
Reviewed-on: https://review.typo3.org/46694
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[SECURITY] XSS in Link Validator 93/46693/2
Steffen Müller [Tue, 16 Feb 2016 10:43:23 +0000 (11:43 +0100)]
[SECURITY] XSS in Link Validator

Properly escape error message when showing broken links
in EXT:linkvalidator

Resolves: #72240
Releases: master, 7.6, 6.2
Security-Commit: af8f931d4209735c7118b09b0eccadbb116197ab
Security-Bulletinsp: TYPO3-CORE-SA-2016-001, 002, 003, 004
Change-Id: Ifb1b76a27fbd27260f386a6801e8c9d1c018a95f
Reviewed-on: https://review.typo3.org/46693
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] Deduplicate "Hide default translation of page" logic 16/46616/2
Morton Jonuschat [Fri, 12 Feb 2016 10:45:22 +0000 (11:45 +0100)]
[BUGFIX] Deduplicate "Hide default translation of page" logic

Resolves: #73083
Releases: master, 7.6, 6.2
Change-Id: I35dfbeb2034990b5746568a733c3e11240a4399d
Reviewed-on: https://review.typo3.org/46450
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Markus Sommer <markussom@posteo.de>
Tested-by: Markus Sommer <markussom@posteo.de>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
(cherry picked from commit e28c56540792cf19fc3782cd894eb5c9e0af6aa4)
Reviewed-on: https://review.typo3.org/46616

3 years ago[FOLLOWUP][BUGFIX] Table wizard: large fields and BR-tags 13/46613/2
Morton Jonuschat [Fri, 12 Feb 2016 09:39:48 +0000 (10:39 +0100)]
[FOLLOWUP][BUGFIX] Table wizard: large fields and BR-tags

Add the missing conversion of LF to <BR> in the frontend output.

Resolves: #72388
Releases: master, 7.6, 6.2
Change-Id: I3ba824904bda6a652c386a8b0fa3e8c1dfbf1859
Reviewed-on: https://review.typo3.org/46040
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
(cherry picked from commit 1d2d368f1bdac991f9191eb81670e0bfc14c960e)
Reviewed-on: https://review.typo3.org/46613
Reviewed-by: Michael Oehlhof <typo3@oehlhof.de>
Tested-by: Michael Oehlhof <typo3@oehlhof.de>
3 years ago[BUGFIX] Failing Unit Tests on Windows systems 03/46603/2
Nicole Cordes [Fri, 29 Jan 2016 11:56:23 +0000 (12:56 +0100)]
[BUGFIX] Failing Unit Tests on Windows systems

Due to realpath usage some Unit Tests are failing on Windows systems.
The tests have to ensure that forward slashes are used for comparison.

Resolves: #73006
Releases: master, 7.6, 6.2
Change-Id: Iee64ab873d519fee07c6b69e63de1f7d645c071b
Reviewed-on: https://review.typo3.org/46603
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
3 years ago[BUGFIX] Re-enable export of multiple records via clipboard 54/46554/2
Bernhard Kraft [Tue, 26 Jan 2016 12:49:41 +0000 (13:49 +0100)]
[BUGFIX] Re-enable export of multiple records via clipboard

The change of #57873 introduced a regression which doesn't allow
the export of multiple records via the clipboard module anymore.

The wrong parameter generation is fixed with this patch.

Resolves: #59180
Releases: master, 6.2
Change-Id: Iffa9e0ec4b816903bd935c65e5f9ba7230695802
Reviewed-on: https://review.typo3.org/46554
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[BUGFIX] Fallback to version of ext_emconf.php if not found in Composer 71/37971/5
Peter Niederlag [Fri, 20 Mar 2015 12:37:58 +0000 (13:37 +0100)]
[BUGFIX] Fallback to version of ext_emconf.php if not found in Composer

Resolves: #65866
Releases: 6.2
Change-Id: I9e8383de10e2df1b722fda4b55d1379908f13138
Reviewed-on: https://review.typo3.org/37971
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Adrien Crivelli <adrien.crivelli@ecodev.ch>
Tested-by: Adrien Crivelli <adrien.crivelli@ecodev.ch>
Reviewed-by: Fabien Udriot <fabien.udriot@ecodev.ch>
Reviewed-by: Xavier Perseguers <xavier@typo3.org>
Tested-by: Xavier Perseguers <xavier@typo3.org>
3 years ago[BUGFIX] impexp ignore file reference records with missing related files 24/46524/2
Marc Bastian Heinrichs [Mon, 8 Feb 2016 12:37:07 +0000 (13:37 +0100)]
[BUGFIX] impexp ignore file reference records with missing related files

It could happen, that an export contains sys_file_reference records
with relations to sys_files records, that was missing in the exporting
instance. This causes exceptions on importing the sys_file_reference
records, because the related sys_file record is checked on saving of
the sys_file_reference record.
To prevent this this sys_file_reference are ignored on import.

Resolves: #58693
Releases: master, 7.6, 6.2
Change-Id: I68afed93502553b0d55eb858bdb6da5641d1e5f0
Reviewed-on: https://review.typo3.org/46524
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[BUGFIX] ImpExp: Correct casing for FAL function call 13/46513/2
Benni Mack [Fri, 5 Feb 2016 21:30:55 +0000 (22:30 +0100)]
[BUGFIX] ImpExp: Correct casing for FAL function call

The function call on the folder object must use correct casing of
the function name for PHP 7 compatibility.

Resolves: #73158
Releases: master, 7.6, 6.2
Change-Id: I09e45663707b462914f361de560eba1b3e3bcbf0
Reviewed-on: https://review.typo3.org/46513
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] Off-by-one error in FAL's LocalDriver 02/46502/2
Andreas Fernandez [Fri, 5 Feb 2016 15:53:31 +0000 (16:53 +0100)]
[BUGFIX] Off-by-one error in FAL's LocalDriver

Currently, the LocalDriver of FAL has an off-by-one issue. The passed
starting pointer gets decremented by one, causing issues in the file list
while browsing.

The pointer decrement is removed with this change.

The whole core does not call ``ResourceStorage->getFilesInFolder()``
with the parameters``$start`` and ``$maxNumberOfItems`` having
another value than 0, so this change is assumed to be safe.

Change-Id: I4e24f18b3222f2abdbed83fbbcb18c73d6e52316
Resolves: #73103
Releases: master, 7.6, 6.2
Reviewed-on: https://review.typo3.org/46502
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
3 years ago[BUGFIX] Reallow '0' as valid userFunc argument in TypoScript 28/46428/3
Frank Naegler [Mon, 1 Feb 2016 13:32:06 +0000 (14:32 +0100)]
[BUGFIX] Reallow '0' as valid userFunc argument in TypoScript

With #47301 the parsing of userFunc in TypoScript has changed.
The change prevents '0' as valid argument.

This patch fix the '0' bug but also adds some new unit tests.
The parser method also includes a bug with quoted values which are not the
last argument. this bug is now fixed too.

Resolves: #72936
Related: #47301
Releases: master, 7.6, 6.2
Change-Id: Ic8df6ea21642e012438dba0a6a299c15939ab119
Reviewed-on: https://review.typo3.org/46428
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
3 years ago[BUGFIX] CategoryRegistry::addTcaColumn() ignores displayCond 81/46381/2
Benni Mack [Fri, 29 Jan 2016 22:16:16 +0000 (23:16 +0100)]
[BUGFIX] CategoryRegistry::addTcaColumn() ignores displayCond

Adds check for displayCond and include it if present.

Resolves: #70307
Releases: master, 7.6, 6.2
Change-Id: I94b61bd2f098b279745028731b8392a9bf3389b2
Reviewed-on: https://review.typo3.org/46381
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] Clear cache system icon is shown for non admin in dev context 25/46325/2
Benni Mack [Fri, 29 Jan 2016 08:57:49 +0000 (09:57 +0100)]
[BUGFIX] Clear cache system icon is shown for non admin in dev context

If the context is in development mode, the clear cache system icon
is always shown in the toolbar, even if the user is not an admin.

Resolves: #72964
Releases: master, 7.6, 6.2
Change-Id: I674df49fee14ded4b2190cca098ddf146047e5f0
Reviewed-on: https://review.typo3.org/46325
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
3 years ago[TASK] Switch mirror links to https 40/46240/2
Nicole Cordes [Tue, 26 Jan 2016 11:05:08 +0000 (12:05 +0100)]
[TASK] Switch mirror links to https

As the typo3.org (and other mirror) structure switched to ssl protocol
by default, we have to adjust the url generation.

Resolves: #72943
Releases: master, 7.6, 6.2
Change-Id: I2fc79f300584fdb1392c9c1fe920f029703dce25
Reviewed-on: https://review.typo3.org/46240
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
3 years ago[BUGFIX] SimpleFileBackend::setCacheDirectory returns valid path name 58/46158/2
Jan Helke [Fri, 22 Jan 2016 09:58:24 +0000 (10:58 +0100)]
[BUGFIX] SimpleFileBackend::setCacheDirectory returns valid path name

The comment for the method
\TYPO3\CMS\Core\Cache\Backend\SimpleFileBackend::setCacheDirectory()
states clearly, that it is possible to provide an absolute path as
cache directory. However, in the lower part of the function, it is
stated, that if ($cacheDirectory0 == '/') the documentRoot should be
set to '/'. That results in a returned path like '//...'.
This causes problems within
\TYPO3\CMS\Core\Utility\GeneralUtility::validPathStr(), because pathes
with '//' in it are always invalid.

Resolves: #72635
Releases: master, 7.6, 6.2
Change-Id: I30e7743ba9835c99382b7c04153f91e688ead5fc
Reviewed-on: https://review.typo3.org/46158
Reviewed-by: Jan Helke <typo3@helke.de>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
3 years ago[BUGFIX] Remove newline from PLACEHOLDER marker in indexed_search 54/46154/2
Wouter Wolters [Fri, 22 Jan 2016 13:35:14 +0000 (14:35 +0100)]
[BUGFIX] Remove newline from PLACEHOLDER marker in indexed_search

Resolves: #72892
Releases: 6.2
Change-Id: Ib6622261ba616e068c2e06499f049295b614ce46
Reviewed-on: https://review.typo3.org/46154
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Tested-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
3 years ago[TASK] Hide "Save document and create a new one" in filelist 20/46120/2
Gianluigi Martino [Wed, 20 Jan 2016 21:28:29 +0000 (22:28 +0100)]
[TASK] Hide "Save document and create a new one" in filelist

The button "Save document and create a new one" is not needed when editing
files in filelist

Change-Id: If2b74e0eeb23da2a6731f0a925ed3e4c8f3dcfa4
Resolves: #72786
Releases: 6.2
Reviewed-on: https://review.typo3.org/46120
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
3 years ago[BUGFIX] Add missing return type to createVersionNumberedFilename 76/46076/3
Thomas Löffler [Tue, 19 Jan 2016 11:45:33 +0000 (12:45 +0100)]
[BUGFIX] Add missing return type to createVersionNumberedFilename

Change-Id: Id8420d96e4cbfd8809cddc76a763e01141023561
Releases: 6.2
Reviewed-on: https://review.typo3.org/46076
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
3 years ago[BUGFIX] Clarify extension dependency skipping 30/46030/2
Nicole Cordes [Sun, 17 Jan 2016 00:48:54 +0000 (01:48 +0100)]
[BUGFIX] Clarify extension dependency skipping

In Extension Manager the text that explains the skip of dependencies is
missing the information that only system extension dependencies are
skipped.

Resolves: #72762
Releases: 6.2
Change-Id: Icb2a8ebcf1d1dbfc6ae79a95fbd8f2ad075942de
Reviewed-on: https://review.typo3.org/46030
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
3 years ago[BUGFIX] Apply hsc() to exception debug output 91/45991/2
Markus Klein [Sat, 16 Jan 2016 09:31:11 +0000 (10:31 +0100)]
[BUGFIX] Apply hsc() to exception debug output

Resolves: #72755
Releases: master, 7.6, 6.2
Change-Id: If62a72ccc0f8daa47b5cd67b1e2f3fb30f2bf1dc
Reviewed-on: https://review.typo3.org/45991
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[BUGFIX] Copy DataHandler::enableLogging to sub objects 55/45955/2
Morton Jonuschat [Fri, 15 Jan 2016 16:01:53 +0000 (17:01 +0100)]
[BUGFIX] Copy DataHandler::enableLogging to sub objects

Releases: master, 7.6, 6.2
Fixes: #72357
Change-Id: I33ff172e1c8ad851050d41933eeeeffc1d6c28dd
Reviewed-on: https://review.typo3.org/45389
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Stephan Großberndt <stephan@grossberndt.de>
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
(cherry picked from commit c5bafa6c6fbec9fca73dded0654b7db04e530172)
Reviewed-on: https://review.typo3.org/45955

3 years ago[BUGFIX] Table wizard: large fields and BR-tags 53/45953/2
Anja Leichsenring [Fri, 15 Jan 2016 15:50:46 +0000 (16:50 +0100)]
[BUGFIX] Table wizard: large fields and BR-tags

Large fields output newline as br-tag in frontend

Resolves: #72388
Releases: master, 7.6, 6.2
Change-Id: I8c225548249fc013452641c0316091701fcdca6a
Reviewed-on: https://review.typo3.org/45953
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[FOLLOWUP] Fix call to not existing function 42/45942/3
Anja Leichsenring [Fri, 15 Jan 2016 13:52:07 +0000 (14:52 +0100)]
[FOLLOWUP] Fix call to not existing function

StringUtility::beginsWith() does not exist in TYPO3 6.2.
Replace the usage with GeneralUtility::isFirstPartOfStr().

Resolves: #72734
Related: #72648
Releases: 6.2
Change-Id: I473dac2c7c9d87eb5774da390cca271e49f9271f
Reviewed-on: https://review.typo3.org/45942
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
3 years ago[BUGFIX] Automatically remove BOM from files before concatenation 38/45938/3
Christian Futterlieb [Fri, 15 Jan 2016 13:01:09 +0000 (14:01 +0100)]
[BUGFIX] Automatically remove BOM from files before concatenation

Resolves: #72648
Releases: master, 7.6, 6.2
Change-Id: I12d97a4bda70879c039d8b05390cc5e37fbeef51
Reviewed-on: https://review.typo3.org/45938
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[TASK] Allow access to visible content within /.well-known/ directory 27/45927/2
Cedric Ziel [Thu, 14 Jan 2016 18:18:24 +0000 (19:18 +0100)]
[TASK] Allow access to visible content within /.well-known/ directory

Allow access to the visible content from within the `/.well-known/`
hidden directory. The access to all other hidden files and directories
(starting with a dot) is still blocked.

The /.well-known/ directory represents the standard (RFC 5785) path
prefix for "well-known locations", and therefore, access to its visible
content should not be blocked.

Resolves: #72712
Releases: master,7.6,6.2
Change-Id: I533d38a12da5cae59abed4fc00d597814d28fa04
Reviewed-on: https://review.typo3.org/45927
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[BUGFIX] ImpExp: Do not show error message for recursive relations 98/45898/2
Markus Klein [Thu, 14 Jan 2016 17:29:25 +0000 (18:29 +0100)]
[BUGFIX] ImpExp: Do not show error message for recursive relations

Having recursive relations of records is a valid use case and must
not trigger an error message.

Releases: master, 7.6, 6.2
Resolves: #72709
Change-Id: I22a6216bca69fad33ab99387524965728757c057
Reviewed-on: https://review.typo3.org/45898
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
3 years ago[BUGFIX] Remove debug echo from checkDeniedSuburls 32/45732/2
Morton Jonuschat [Fri, 8 Jan 2016 18:49:50 +0000 (19:49 +0100)]
[BUGFIX] Remove debug echo from checkDeniedSuburls

Resolves: #72598
Releases: master,7.6,6.2
Change-Id: I585f5d24678f63d576a61ff779daee634c8556a8
Reviewed-on: https://review.typo3.org/45705
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
(cherry picked from commit fb036404d28e335def09ebbf2af4d6040665f96f)
Reviewed-on: https://review.typo3.org/45732

3 years ago[TASK] Update copyright year to 2016 46/45546/2
Benni Mack [Fri, 1 Jan 2016 19:30:06 +0000 (20:30 +0100)]
[TASK] Update copyright year to 2016

Resolves: #72501
Releases: master, 7.6, 6.2
Change-Id: I6b2636913da50e6b79ea3990175914add03a6cf3
Reviewed-on: https://review.typo3.org/45546
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
3 years ago[SECURITY] XSS in belog module 23/45523/2
Morton Jonuschat [Wed, 30 Dec 2015 17:17:06 +0000 (18:17 +0100)]
[SECURITY] XSS in belog module

The username of a backend user and title of a workspace record
miss accordant escaping if being rendered in the belog module.

Since this has only impact on admin users in the backend, the
fix is handled in public instead of a security release.

Resolves: #72475
Releases: master, 7.6, 6.2
Change-Id: Ib165f8ef849a641984fc5fb834b30983f7b63a54
(cherry picked from commit 056323e9141c9028d07c1e12543584e03b5f0c9e)
Reviewed-on: https://review.typo3.org/45523
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
3 years ago[BUGFIX] Computed properties are queried in workspace context 91/45491/2
Oliver Hader [Tue, 29 Dec 2015 15:58:50 +0000 (16:58 +0100)]
[BUGFIX] Computed properties are queried in workspace context

This is a follow-up to issue #68643 to sanitize all places that
reuse the fields (including the computed properties) of a record.

Resolves: #66135
Releases: master, 7.6, 6.2
Change-Id: Ifb57193ff07e3d9ddae50568a0dce741f9aaf12d
Reviewed-on: https://review.typo3.org/45491
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[TASK] Expose identifier and path of functional test instance 87/45487/2
Oliver Hader [Tue, 29 Dec 2015 10:48:06 +0000 (11:48 +0100)]
[TASK] Expose identifier and path of functional test instance

Identifier and path of a functional test instance is created during
bootstrapping the testcase. However, if one needs to define particular
path settings to the initialization phase, this will end up in being
a chicken-or-the-egg problem.

That's why the mentioned two parts are exposed as static functions
and wrapped by the functional test base class.

Resolves: #72450
Releases: master, 7.6, 6.2
Change-Id: I111768133456974010d49b02225e41f9b74dbcff
Reviewed-on: https://review.typo3.org/45487
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] Fix NumberRangeValidator using startRange and endRange 09/45109/7
Stephan Großberndt [Wed, 9 Dec 2015 19:46:12 +0000 (20:46 +0100)]
[BUGFIX] Fix NumberRangeValidator using startRange and endRange

Re-enable the validation using "startRange" and "endRange" in
NumberRangeValidator instead of using the default values from "minimum"
and "maximum".

Resolves: #72047
Releases: 6.2
Change-Id: I11b7f3699f60964906f2b84a5581491ce255e3ac
Reviewed-on: https://review.typo3.org/45109
Reviewed-by: Helmut Hummel <helmut.hummel@typo3.org>
Tested-by: Helmut Hummel <helmut.hummel@typo3.org>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[TASK] Set TYPO3 version to 6.2.18-dev 86/45386/2
TYPO3 Release Team [Mon, 21 Dec 2015 10:59:19 +0000 (11:59 +0100)]
[TASK] Set TYPO3 version to 6.2.18-dev

Change-Id: I17075af3b1eb891d05f25a96d4920b8ec4589e2d
Reviewed-on: https://review.typo3.org/45386
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[RELEASE] Release of TYPO3 6.2.17 85/45385/2 6.2.17 TYPO3_6-2-17
TYPO3 Release Team [Mon, 21 Dec 2015 10:58:10 +0000 (11:58 +0100)]
[RELEASE] Release of TYPO3 6.2.17

Change-Id: I3e419c4e96dcee01f7d125801c125e43384b9b83
Reviewed-on: https://review.typo3.org/45385
Reviewed-by: TYPO3 Release Team <typo3cms@typo3.org>
Tested-by: TYPO3 Release Team <typo3cms@typo3.org>
3 years ago[BUGFIX] Prevent Javascript error for Flexform sections 56/45356/5
Oliver Hader [Fri, 18 Dec 2015 15:10:34 +0000 (16:10 +0100)]
[BUGFIX] Prevent Javascript error for Flexform sections

This patch resolves a regression which occurs on deleting
Flexform sections with an RTE.

Resolves: #72322
Releases: 6.2
Change-Id: I620d8701eb8fccb277d0ba58d7c8e3551c463db2
Reviewed-on: https://review.typo3.org/45356
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Helmut Hummel <helmut.hummel@typo3.org>
Tested-by: Helmut Hummel <helmut.hummel@typo3.org>
3 years ago[!!!][BUGFIX] Severe data-loss on workspaces publishing action 20/45320/4
Oliver Hader [Wed, 16 Dec 2015 18:58:39 +0000 (19:58 +0100)]
[!!!][BUGFIX] Severe data-loss on workspaces publishing action

If pages records in a given scenario are published this causes
a severe data-loss for the whole TYPO3 installation since all
records are deleted. Actually they are marked as deleted, but
that's not less problematic.

The scenario for this in a draft workspace is having reordered
sub-pages (move-placeholder) and a parent-page that is marked
for deletion. On publishing the parent-page, the delete process
iterates over all pages on the root-level due to some essential
missing checks and an implicit type-cast from null to interger
zero (0) on the pages.pid value.

The accordant places are validated now. In addition to that the
possibility to delete everything implicitly from the root-page
is disabled to prevent other programmatic flaws like this.

Resolves: #72273
Releases: master, 6.2
Change-Id: I175f220cc0939124e34713fff07685ba902ad385
Reviewed-on: https://review.typo3.org/45320
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] DBAL: use correct default value for native connection 40/45340/2
Melanie Kalka [Thu, 17 Dec 2015 16:22:52 +0000 (17:22 +0100)]
[BUGFIX] DBAL: use correct default value for native connection

DBAL uses an empty string for the portnumber parameter
for mysqli real_connect, which results in a PHP warning,
because an integer (or null) is required.

Changing the fallback to null resolves this issue and
results in a working database connection.

Resolves: #72285
Releases: master, 6.2
Change-Id: Ie0e04f3ab04996ab634f99c3d2ab545d4a3b3819
Reviewed-on: https://review.typo3.org/45340
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Tested-by: Andreas Fernandez <typo3@scripting-base.de>
3 years ago[TASK] Extend workspace functional tests on placeholder deletion 39/45339/2
Oliver Hader [Thu, 17 Dec 2015 10:47:26 +0000 (11:47 +0100)]
[TASK] Extend workspace functional tests on placeholder deletion

Actions performed in a workspace:
* move existing page below sibling on same level (move-placeholder)
* create new page on parent page (new-placeholder)
* delete the parent page

Attention:
The test assertions reflect the status quo which is faulty and has
to be fixed on a separate bugfix.

Resolves: #72291
Releases: master, 6.2
Change-Id: I85e10569c36a4c669a479434a5ce973d3fb9fe5c
Reviewed-on: https://review.typo3.org/45339
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] substituteMarkerArrayCached() must accept special chars 36/45336/4
Markus Klein [Thu, 17 Dec 2015 14:44:37 +0000 (15:44 +0100)]
[BUGFIX] substituteMarkerArrayCached() must accept special chars

Add a bunch of unittests and streamline the code as well
by removing a useless preg_match_all() call.
Rename some variables and add comments.

Resolves: #72252
Releases: master, 6.2
Change-Id: I2a31a1c2ab6d83528428693213b922f0e1bc6fe5
Reviewed-on: https://review.typo3.org/45336
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[BUGFIX] Missing check before foreach loop 30/45330/2
Oliver Hader [Thu, 17 Dec 2015 10:41:06 +0000 (11:41 +0100)]
[BUGFIX] Missing check before foreach loop

PHP Warning: Invalid argument supplied for foreach()
in typo3/sysext/core/Classes/DataHandling/DataHandler.php line 5285

Resolves: #72289
Releases: master, 6.2
Change-Id: If83dee7261ce3dd6d1fbf3bb81d8f2e53741c4c7
Reviewed-on: https://review.typo3.org/45330
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
3 years ago[BUGFIX] Disclose exceptions on CLI in production context 31/45331/2
Helmut Hummel [Thu, 17 Dec 2015 11:18:09 +0000 (12:18 +0100)]
[BUGFIX] Disclose exceptions on CLI in production context

It is pointless to hide the exception message on CLI
in the production context. On CLI there are privileged
users only anyway and hiding this information from them
leads to wasted hours of debugging.

Output the necessary information also in ProductionExceptionHandler

Resolves: #72265
Releases: master, 6.2
Change-Id: I778b057fc7e170af2a2fcdb1befb2a4400449ce7
Reviewed-on: https://review.typo3.org/45331
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
3 years ago[TASK] Provide labels for all log types 24/45324/2
Anja Leichsenring [Wed, 16 Dec 2015 19:37:59 +0000 (20:37 +0100)]
[TASK] Provide labels for all log types

Change-Id: Ief05c75376ef8b3b2fc8fa8c3ca52e2efbf24198
Resolves: #72256
Releases: master, 6.2
Reviewed-on: https://review.typo3.org/45324
Reviewed-by: Stephan Großberndt <stephan@grossberndt.de>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
3 years ago[BUGFIX] Empty row in table content element shows &nbsp; 17/45317/2
Wouter Wolters [Wed, 16 Dec 2015 14:34:44 +0000 (15:34 +0100)]
[BUGFIX] Empty row in table content element shows &nbsp;

When an empty row in a table content element is shown in the
frontend, with htmlSpecialChars set to 1, &nbsp; is shown.
Use a real space instead.

Resolves: #72263
Releases: master,6.2
Change-Id: I60304607caa4fc90451216426f4ed73f01bf75fc
Reviewed-on: https://review.typo3.org/45317
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>