This project is mirrored from https://git.typo3.org/typo3/typo3.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Last successful update .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Last successful update .
- 19 Dec, 2017 1 commit
-
-
Instead of integers, the permission constants should be used throughout the TYPO3 Core. Resolves: #83383 Releases: master Change-Id: I00c10f97fc800d9533866c98284bbd22cd1bb575 Reviewed-on: https://review.typo3.org/55156 Tested-by:
TYPO3com <no-reply@typo3.com> Reviewed-by:
Tymoteusz Motylewski <t.motylewski@gmail.com> Tested-by:
Georg Ringer <georg.ringer@gmail.com> Tested-by:
-
- 06 Dec, 2017 1 commit
-
-
Always use the original user id and never use a fallback to a user id switched to. The BackendUserAuthentication->isSystemMaintainer() method now always returns false if a user is in "switch user" mode. Resolves: #83041 Releases: master Change-Id: I25fc15bb9f2ed19ae5080fbe039154be1c1a521f Reviewed-on: https://review.typo3.org/54941 Reviewed-by:
Andreas Fernandez <typo3@scripting-base.de> Tested-by:
Markus Klein <markus.klein@typo3.org> Reviewed-by:
Benni Mack <benni@typo3.org> Tested-by:
-
- 28 Nov, 2017 1 commit
-
-
Due to the change of the pages_language_overlay migration, a lot of hard-coded "l10n_parent" and "sys_language_uid" fields for pages have been introduced. This should be changed into a common function in DataHandler and the TCA option should be used instead. Resolves: #83013 Releases: master Change-Id: I43a33aac1015436109d1ca7b3ea200c78d2a2fb9 Reviewed-on: https://review.typo3.org/54664 Reviewed-by:
Susanne Moog <susanne.moog@typo3.org> Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
- 27 Nov, 2017 4 commits
-
-
Several hundred function calls and vast numbers of indentations can be saved by using the null coalesce operator instead of checking empty/array. Change-Id: I38f2ce2de83a454aaa0d16c771014b6de84b3f7a Releases: master Resolves: #80812 Reviewed-on: https://review.typo3.org/52416 Tested-by:
Wouter Wolters <typo3@wouterwolters.nl> Tested-by:
-
The methods are only wrappers for the Caching framework, and come from the time where the caching framework wasn't available. Resolves: #83116 Releases: master Change-Id: I6e3293f1bde654ee6548898742daa77d044d2107 Reviewed-on: https://review.typo3.org/54758 Tested-by:
-
This patch applies the phpdoc_types_order rule of the php-cs-fixer. See http://cs.sensiolabs.org/ -> phpdoc_types_order Releases: master, 8.7 Resolves: #83109 Change-Id: I57291fb0b113ad01e2a171c1cfd6a9943d6302ad Reviewed-on: https://review.typo3.org/54779 Reviewed-by:
Alexander Opitz <opitz.alexander@googlemail.com> Tested-by:
-
This patch applies the phpdoc_types rule of the php-cs-fixer. See http://cs.sensiolabs.org/ -> phpdoc_types Releases: master, 8.7 Resolves: #83106 Change-Id: I958b75d85a08169a987afe9eed0baa4d86139770 Reviewed-on: https://review.typo3.org/54770 Reviewed-by:
-
- 16 Nov, 2017 1 commit
-
-
Tymoteusz Motylewski authored
Resolves: #83003 Releases: master, 8.7 Change-Id: Iceaa7ab9bd436322229e591677c0aee16cd69f5c Reviewed-on: https://review.typo3.org/54652 Reviewed-by:
Stefan Neufeind <typo3.neufeind@speedpartner.de> Tested-by:
-
- 08 Nov, 2017 1 commit
-
-
Benni Mack authored
The patch migrates all data from pages_language_overlay into pages, and moves all API calls to overlay pages. The following restrictions are set: * Backend is always showing pages only for "sys_language_uid=0" for the page tree, element browser (e.g. "linking to default language page"), except where explicitly requested like the Page Module => Languages view. * pid and sorting are always the same for all translations and their default language page * Elements on a page are always keeping the field "pid" to the default language page (no change) * Permission checks for Backend users are always made against the default language page (perms_* fields and webmounts) Resolves: #82445 Releases: master Change-Id: I62536e21d7110fa434c75fbd4470a3f53b79d260 Reviewed-on: https://review.typo3.org/51272 Tested-by:
Frans Saris <franssaris@gmail.com> Tested-by:
Frank Naegler <frank.naegler@typo3.org> Tested-by:
-
- 13 Oct, 2017 1 commit
-
-
Resolves: #82751 Releases: master Change-Id: Ie87cccc2d890ffaf93fe8558f2a67da82ee8c495 Reviewed-on: https://review.typo3.org/54383 Reviewed-by:
-
- 03 Oct, 2017 1 commit
-
-
The current limit of an inactive user of 1 hour is not practical for a regular editor. Instead, a default value of 8 hours fits more to a current work day. Resolves: #82654 Releases: master Change-Id: I2b0911f72771ffee7bd76b14de055a8a8e3f280b Reviewed-on: https://review.typo3.org/54266 Reviewed-by:
-
- 25 Sep, 2017 1 commit
-
-
Mona Muzaffar authored
During switch user mode the install tool modules are never visible. Resolves: #82517 Releases: master Change-Id: Ie367cb7f0208a7414ada38d40f8cdd3ab287da52 Reviewed-on: https://review.typo3.org/54181 Tested-by:
Jan Stockfisch <jan.stockfisch@googlemail.com> Tested-by:
Sascha Rademacher <s.rademacher@neusta.de> Tested-by:
Morton Jonuschat <m.jonuschat@mojocode.de> Tested-by:
-
- 09 Sep, 2017 1 commit
-
-
Fix a check to not allow acces to admin users but system maintainers only. Change-Id: I2e5209bbaf7c3e3cee013d1fa08f48ff7e776956 Resolves: #82396 Related: #82306 Related: #82395 Releases: master Reviewed-on: https://review.typo3.org/53965 Tested-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Tested-by:
-
- 31 Aug, 2017 1 commit
-
-
A new option $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] is introduced, which contains a list of Backend User uids. It is then possible to restrict access to backend modules to system maintainers - most importantly the four Install Tool modules. When this option is not set in LocalConfiguration.php, then all admins are system maintainers, same goes for accessing TYPO3 in Development context. This is the first step to remove the necessary "enter your intall tool password" when accessing the install tool from within TYPO3 Backend. Resolves: #82266 Releases: master Change-Id: If0026748ede694394b4e7f39788a650816160146 Reviewed-on: https://review.typo3.org/53830 Reviewed-by:
-
- 23 Aug, 2017 1 commit
-
-
Add 2 new rules * no_superfluous_elseif * no_useless_else Both rules only apply if the if-statement contains a return. If this is the case the obsolete else/elseif part is dropped. Resolves: #82183 Releases: master,8.7 Change-Id: I94dfa6b5b96cbc3e350bd778f1796dda1a4d955a Reviewed-on: https://review.typo3.org/53791 Tested-by:
-
- 13 Jul, 2017 1 commit
-
-
To simplify the backend user interface the module "About module" is merged into the module "About TYPO3 CMS". Resolves: #81474 Releases: master Change-Id: I643a93e351cc32109ee41f2543d491c63400e0c8 Reviewed-on: https://review.typo3.org/53127 Reviewed-by:
-
- 18 May, 2017 1 commit
-
-
Helmut Hummel authored
DataHandler does a lookup in sys_log table after it performed its operations to find relevant error entries for the current request. It determines relevance by looking for entries with the same timestamp as $GLOBALS['EXEC_TIME']. However error log entries are written using time(). Now if the DataHandler operations take longer than one second, or the log entry is written directly before a next tick, it can happen, that errors will not be detected during the lookup process. Since such errors are exposed to the user, it can happen that an operation fails, but the users will not be notified. Fix this by using $GLOBALS['EXEC_TIME'] when writing the log entries. Resolves: #81244 Releases: master, 8.7, 7.6 Change-Id: Ic22b5f51ba4e10991be4a59ae28cb1f77a91c71e Reviewed-on: https://review.typo3.org/52822 Reviewed-by:
Felix Rauch <rauch@skaiamail.de> Reviewed-by:
Nicole Cordes <typo3@cordes.co> Tested-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
Philipp Gampe <philipp.gampe@typo3.org> Tested-by:
Helmut Hummel <typo3@helhum.io> Tested-by:
-
- 27 Apr, 2017 1 commit
-
-
This function now does the same as makeInstance() except for an if() clause, since the API should be unified this method should be considered as dropped, allowing to use callUserFunction() and makeInstance() as the only two proper ways to call custom classes / methods. Resolves: #80993 Releases: master Change-Id: I0c2042dbe6c83a86f211bab4eaf64d75e6424232 Reviewed-on: https://review.typo3.org/52518 Reviewed-by:
-
- 28 Mar, 2017 1 commit
-
-
The TYPO3 Core currently has no guidline how to handle phpdoc comments regarding @return annoations related to "void" and "null". In practice, these annotations have no additional value if no additional documentation is given. With this change, the php-cs-fixer will remove any unnecessary linebreaks within the comments above the @return annotation, as well as remove completely empty phpdoc comments because the @return annotation is removed. Please be aware, that once PSR-5 is accepted, this coding standard within the TYPO3 Core will change again, where there are currently some further proposal details like inheritance information. Resolves: #80454 Releases: master Change-Id: Ie969d720684c0a75919fe5addd1c36ef5b12eb04 Reviewed-on: https://review.typo3.org/51686 Reviewed-by:
-
- 27 Mar, 2017 1 commit
-
-
The Frontend Controller (TSFE) does some initialization which should belong to the FrontendBackendUserAuthentication directly. Additionally, some further code cleanups are made for this area. Resolves: #80479 Releases: master Change-Id: I32d9c98bb511f1eaa1f56203c4678358107aa7bc Reviewed-on: https://review.typo3.org/52177 Tested-by:
-
- 28 Feb, 2017 1 commit
-
-
When instantiating MailMessage() and no valid sender is given, a fallback is used in different places of TYPO3. To ensure that all mails sent out (e.g. when instantiated via extensions) have a proper From() header, the default fallback is set just before sending the emails. Resolves: #80055 Releases: master Change-Id: I6b740b2dcf5a84437fac2e9bf60aac3321e91377 Reviewed-on: https://review.typo3.org/51885 Tested-by:
-
- 24 Feb, 2017 1 commit
-
-
Deprecate BackendUtility::getRecordsByField() as it has a flawed design due to passing SQL fragments. This contradicts the goal of using named parameters for all queries in the core and requires passing the original QueryBuilder object in addition to the stringified constraint. Replace all calls to the method with direct usage of the QueryBuilder and deprecate the method. Resolves: #79122 Releases: master Change-Id: I8b040b98e20271aff84ef16fb89b59a406d54003 Reviewed-on: https://review.typo3.org/51078 Tested-by:
Mona Muzaffar <mona.muzaffar@gmx.de> Tested-by:
-
- 06 Feb, 2017 1 commit
-
-
A new session framework is introduced. The goal is to provide interoperability between different session storages (called "backends"), like database, Redis, etc. An integrator may enforce a specific session backend by configuring SYS/session in LocalConfiguration.php. It is also possible to use custom session backends by implementing the interface "SessionBackendInterface". Resolves: #70316 Releases: master Change-Id: I90a4f84344e75f13b2f46245162e749ed3505ec3 Reviewed-on: https://review.typo3.org/51549 Reviewed-by:
Claus Due <claus@phpmind.net> Reviewed-by:
-
- 01 Feb, 2017 1 commit
-
-
Change string comparison for string checks. Checks which could lead to false positives like comparing with '0' or '' are excluded. RegEx used to find affected places: (?<=\s)((?:!|=)=)(?=[^=]'[^0-9'\n]+') Resolves: #79540 Resolves: master Change-Id: I9a04bdd9e0e78cc97036560709bb505097bf48f9 Reviewed-on: https://review.typo3.org/51462 Reviewed-by:
-
- 10 Jan, 2017 1 commit
-
-
The command line users prefixing with _CLI_scheduler etc. is flawed, however a single user is needed for doing e.g. DataHandler calls. This patch adds a new CommandLineUserAuthentication class, which extends the regular $BE_USER object to only allow a user called "_cli_" and which is created automatically if it does not exist, so the _cli_ user always exists. Additionally, the _cli_ user is now an admin user so access settings on command line are obsolete and crucial stuff like the DataHandler can be used without restrictions. * Adapt Extbase Bootstrap * Make sure to have an API to "opt-in" for the need for a user * Adapt documentation (e.g. in scheduler) because a new user is not needed. Resolves: #79240 Releases: master Change-Id: I5a6277fa2252ce6c61f57bbfa26e8be9dc47bbab Reviewed-on: https://review.typo3.org/51089 Reviewed-by:
-
- 03 Dec, 2016 1 commit
-
-
A sessionTimeout <= 0 means that a user will be logged out instantly after login. Resolves: #78822 Releases: master, 7.6, 6.2 Change-Id: I1890cb7d52347faab1fa3884eb46c9294d997da3 Reviewed-on: https://review.typo3.org/50797 Reviewed-by:
-
- 01 Dec, 2016 1 commit
-
-
Remove support for transForeignTable and transOrigPointerTable in TCA. More details in Breaking-78191-RemoveSupportForTransForeignTableInTCA.rst Resolves: #78191 Releases: master Change-Id: Ibd7e1a963fdbf84ca7f4b5926b4a8cd02ba24631 Reviewed-on: https://review.typo3.org/50819 Reviewed-by:
Valentin Funk <valentin.funk@computerfabrik.de> Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
- 19 Nov, 2016 1 commit
-
-
Instead of calling / setting properties from the outside, the backend user constructor can set options like lockIP centralized. This way, certain implementations from third-party extensions can just instantiate the object. Resolves: #78660 Releases: master Change-Id: If43ca2533968b54c842cbe01531fc6c33ee5352c Reviewed-on: https://review.typo3.org/50596 Tested-by:
Joerg Boesche <typo3@joergboesche.de> Tested-by:
-
- 18 Nov, 2016 1 commit
-
-
Show sessionTimeout as integer. Resolves: #78692 Releases: master Change-Id: Ia8bb8fa48018a3c9df5791ad8b2081e20f2b0211 Reviewed-on: https://review.typo3.org/50651 Tested-by:
Thomas Mayer <thomas.mayer@2bis10.de> Reviewed-by:
-
- 12 Nov, 2016 1 commit
-
-
The backendUser->uc() call is called with a default value, which is unnecessary and "looks ugly" ;). Additionally $BE_USER calls unpack_uc() itself, basically doing a unserialize() before, even though unpack_uc() does the same thing. Resolves: #78658 Releases: master Change-Id: I492326373b61dba5cba61f24e64b31fddf9a2142 Reviewed-on: https://review.typo3.org/50595 Tested-by:
-
- 26 Oct, 2016 1 commit
-
-
To remove the susceptiblity to errors of SQL injections within the core the principle of prepared statements should be followed for all queries. Even variables which will be casted to e.g. an integer should use setParameter(), setParameters() or createNamedParameter(). Change-Id: I7d6d256a199ba05f75791eb01f38b3b89b421989 Resolves: #78437 Releases: master Reviewed-on: https://review.typo3.org/50090 Tested-by:
-
- 17 Oct, 2016 1 commit
-
-
After the doctrine refactoring a hook is now not working anymore as before Relates: #75556 Resolves: #78313 Releases: master Change-Id: I797a7ebbf1ec009339ba858d421552595b189998 Reviewed-on: https://review.typo3.org/50238 Tested-by:
Robert van Kammen <rvkammen@hotmail.com> Tested-by:
-
- 09 Oct, 2016 1 commit
-
-
Resolves: #77819 Releases: master Change-Id: If39540863a1114ce5ce3e57289da54bdfdffc4f2 Reviewed-on: https://review.typo3.org/49764 Tested-by:
Jan Helke <typo3@helke.de> Tested-by:
Łukasz Uznański <l.uznanski@macopedia.pl> Reviewed-by:
-
- 28 Sep, 2016 1 commit
-
-
In BackendUserAuthentication::getDefaultUploadFolder, the addFolder permission flag is checked instead of the writeFolder permission flag in determining whether the folder is writable and thus suitable as an upload target. This fix changes the behaviour to check for the BE user's "writeFolder" permission flag. Resolves: #77856 Releases: master, 7.6 Change-Id: Ib78f8f3d371780e2687b30bd402a7beaa44ec700 Reviewed-on: https://review.typo3.org/49866 Reviewed-by:
Michael Oehlhof <typo3@oehlhof.de> Reviewed-by:
-
- 03 Sep, 2016 1 commit
-
-
Databases that use sequences for auto increment columns need to have information about the table name to select the correct sequence to return information from. Change-Id: I5a4ff882d2237c86030b41a921843afdb95b9789 Resolves: #77833 Releases: master Reviewed-on: https://review.typo3.org/49843 Tested-by:
Bamboo TYPO3com <info@typo3.com> Reviewed-by:
Manuel Selbach <manuel_selbach@yahoo.de> Tested-by:
-
- 01 Sep, 2016 1 commit
-
-
To avoid breaking the backend, any exception of the JsConfirmation must be caught and the default value must be returned. Resolves: #76719 Releases: master, 7.6 Change-Id: Idfea9ec8aa269ac807bf6936263da9803ea39bf8 Reviewed-on: https://review.typo3.org/49695 Tested-by:
Sascha Egerer <sascha@sascha-egerer.de> Tested-by:
-
- 30 Aug, 2016 3 commits
-
-
Resolves: #77701 Releases: master Change-Id: Id5f32eb76ac3adddd834160bc79828fefd0ce63c Reviewed-on: https://review.typo3.org/49665 Tested-by:
-
As decided during T3ACME we will use the short array syntax in master. The 7.6 branch will also be done to make backporting easier. Resolves: #77692 Releases: master,7.6 Change-Id: I37e9484b1012fc9161148257a842054c24d162ba Reviewed-on: https://review.typo3.org/49651 Reviewed-by:
-
Change-Id: I8877a68d5de5017346179368dab8002d8f08077f Resolves: #77683 Releases: master Reviewed-on: https://review.typo3.org/49640 Reviewed-by:
-
- 01 Jul, 2016 1 commit
-
-
Andreas Fernandez authored
This patch fixes the IN statement used for fetching the webmounts. Previously, the statement looked like `IN("1,2,3")`, resulting in only returning the last one. Resolves: #76861 Related: #75546 Releases: master Change-Id: I02204f5469d996e8ea967485737496b32a343231 Reviewed-on: https://review.typo3.org/48774 Tested-by:Daniel Goerz <ervaude@gmail.com> Tested-by:
-
