This project is mirrored from https://git.typo3.org/typo3/typo3.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Last successful update .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer.
Last successful update .
- 09 Sep, 2017 5 commits
-
-
Resolves: #82403 Related: #81768 Releases: master Change-Id: Id6610c9f7fbc445c142c999bb41c7b7c6eb83729 Reviewed-on: https://review.typo3.org/54054 Reviewed-by:
Benjamin Kott <benjamin.kott@outlook.com> Tested-by:
Stefan Neufeind <typo3.neufeind@speedpartner.de> Tested-by:
Andreas Fernandez <typo3@scripting-base.de> Tested-by:
-
Fix a check to not allow acces to admin users but system maintainers only. Change-Id: I2e5209bbaf7c3e3cee013d1fa08f48ff7e776956 Resolves: #82396 Related: #82306 Related: #82395 Releases: master Reviewed-on: https://review.typo3.org/53965 Tested-by:
TYPO3com <no-reply@typo3.com> Reviewed-by:
Benni Mack <benni@typo3.org> Tested-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
Resolves: #82393 Releases: master Change-Id: I0782af0fa9dc36f7a1e54caec8b7ff24334e63c7 Reviewed-on: https://review.typo3.org/54046 Reviewed-by:
-
We are introducing a new option to provide an optional footnote for the login screen. The footnote can provide for example legal information for the login screen image or a descriptive text. This option is now available in the backend extension configuration. Resolves: #82303 Releases: master Change-Id: I14f90ecfa8eee538234dcc9542576f6ab9f1d774 Reviewed-on: https://review.typo3.org/53918 Reviewed-by:
Riccardo De Contardi <erredeco@gmail.com> Tested-by:
Joerg Kummer <typo3@enobe.de> Tested-by:
-
This change removes the availability of TYPO3.jQuery within the TYPO3 Core by default. The constants PageRenderer::JQUERY_NAMESPACE_DEFAULT / and PageRenderer: JQUERY_NAMESPACE_DEFAULT_NOCONFLICT namespace options "jQuery" are removed. This also means the removal of having custom namespaces of jQuery (e.g. TYPO3.bennis_jQuery) leaving "noConflict" to be used by default. Related: #79221 Resolves: #82378 Releases: master Change-Id: Ibc939999159dbf376b09f53aacac618ed7cc40e8 Reviewed-on: https://review.typo3.org/53237 Reviewed-by:
-
- 08 Sep, 2017 7 commits
-
-
Resolves: #82275 Releases: master, 8.7, 7.6 Change-Id: I77dc811456f4bbd759e28c27284c4652ad09dd23 Reviewed-on: https://review.typo3.org/53938 Reviewed-by:
-
The card component has been extended and is now more flexible to be more usefull for different usecases, and is now used in the distribution listing of the extension manager. We have also changed to Documentation format of the CSS files to match KSS Knyle Style Sheets format. Releases: master Resolves: #82000 Change-Id: I61711dd0ee6c38e3c249d9b744a3ee6b2e24273e Reviewed-on: https://review.typo3.org/53619 Reviewed-by:
-
If any callback is registered by `SplitButtons.addPreSubmitCallback()` and requests to stop the event by `stopPropagation()`, the event must be aborted and not only possibly stacked events. Additionally, the `preventExec` flag gets reset. Resolves: #82355 Related: #77942 Releases: master, 8.7, 7.6 Change-Id: Ib8478ef4c51915365c804c1c408b3fc16a13da0b Reviewed-on: https://review.typo3.org/53968 Tested-by:
Matthias Vogel <typo3@kanti.de> Reviewed-by:
-
Benni Mack authored
Before, the history module fetched info about "modified records" from sys_history+the authoritive user from a coupled sys_log entry. Info about "insert" and "delete" was fetched from sys_log solely. However, when using a scheduled cleanup task to truncate sys_log then all history information is useless (see bug report). The patch introduces a new RecordHistoryStore as an abstraction for adding history entries (currently done solely within DataHandler). It adds some additional, necessary SQL fields to sys_history to store all information in there and creates an update wizard to migrate all coupled sys_history/sys_log entries to a new sys_history entry itself. Additionally, the whole existing "RecordHistory" class is now only necessary for fetching the so-called ChangeLog, for a page or a specific record, and to do rollbacks, preparing the history records so they can be worked on. The whole logic for fetching the GET/POST parameters is moved into the "ElementHistoryController", everything that is only possible via Fluid is moved from the RecordHistory object and the ElementHistoryController into the view. Referencing from sys_log (Log module) into sys_history is now done the other way around, storing information about the corresponding history entry inside sys_log. As a side-effect, sys_log should load faster. Abstraction basis: - sys_history is the only source of truth about the history of a record - sys_log contains a reference to an history entry now (inside sys_log.log_data) to link from the backend log module - RecordHistoryStore exists for tracking changes to records - RecordHistory is for retrieving, compiling the history/changelog and rollbacks - ElementHistoryController is doing PSR-7 style request/response handling and preparing data for the view - Fluid is handling more view functionality now, removing the need for doing <f:format.raw> everywhere in the templates. Sidenotes: * Data within sys_history is now stored as JSON, not serialized anymore * Adding/deleting was previously stored in sys_log only, is now within sys_history * Moving records is now tracked (but not evaluated yet) * Highlight/Snapshot functionality within the Backend Module was removed This functionality is built so it can also be used within Extbase persistence and in FE in general in a future iteration. Resolves: #55298 Resolves: #71950 Releases: master Change-Id: I354317609099bac10c264b9932e331fa908c98be Reviewed-on: https://review.typo3.org/53195 Reviewed-by:
-
In order to refactor the page module, list module, and the file module individually, the classes should become independent from each other. Resolves: #82334 Releases: master Change-Id: I2ca6aad28cbe4a88c03ef71f47fc11eb4b7649f7 Reviewed-on: https://review.typo3.org/53947 Tested-by:
-
The explicit allow/deny section of backend user groups (be_groups) render separators (--div--) in the backend which need to be skipped. Change-Id: Iac578d43a7a561618d095819b9d667c613621f2b Resolves: #82379 Releases: master, 8.7 Reviewed-on: https://review.typo3.org/54009 Reviewed-by:
Simon Praetorius <simon@praetorius.me> Tested-by:
Mathias Brodala <mbrodala@pagemachine.de> Tested-by:
Bjoern Jacob <bjoern.jacob@tritum.de> Tested-by:
-
Resolves: #82290 Releases: master,8.7 Change-Id: Ie988290ae4431f8a77dc2c38397429b9fa0c95ef Reviewed-on: https://review.typo3.org/53879 Reviewed-by:
-
- 07 Sep, 2017 1 commit
-
-
Currently calling the install tool modules from within the Backend does a simple redirect with adding GET variables. That's the reason why you need to re-authenticate again, and the context is handed over as a query parameter, which is simply not needed at all. Now, the redirect is removed, as the Backend entrypoint / request handler handles the authentication of the backend user, and the standalone entry point deals with the install tool password etc. The context parameter is now detected by the entry point (!) as well, allowing to get rid of quite some code. There are some more consequences: - Calling the install tool from the backend does not validate if you configuration is set up (= recovery necessary) -> since you're already in the backend we guess you're fine anyway. - Redirect functionality is almost not needed anymore in the regular request handler - routeParameters concept was removed again (which was introduced a couple of weeks ago) Additionally, the contextService could be replaced at a later stage with just a string. Resolves: #82306 Releases: master Change-Id: If7e4ddfaccf46cf93448d06c0ba9af81d5b9494c Reviewed-on: https://review.typo3.org/53860 Reviewed-by:
Romain Canon <romain.hydrocanon@gmail.com>
Tested-by: Romain Canon <romain.hydrocanon@gmail.com>
Tested-by:
-
- 05 Sep, 2017 2 commits
-
-
If a user creates a sys_file_collection record, only those storage records must be shown which are allowed for the user. Resolves: #82029 Releases: master, 8.7, 7.6 Security-Commit: 45cdfccd52a224d8128e537214606848c717d8e7 Security-Bulletin: TYPO3-CORE-SA-2017-005 Change-Id: Iee94cd84f07ee0dc0730fe1ce84d228dad2f75a2 Reviewed-on: https://review.typo3.org/53902 Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
The record title must be properly escaped. Resolves: #81967 Releases: master, 8.7 Security-Commit: bb686f45996424aadd68185871c14bb4544107c2 Security-Bulletin: TYPO3-CORE-SA-2017-004 Change-Id: I71c8bdef21e76fafdae170c6ebd9f0f0834d5b0e Reviewed-on: https://review.typo3.org/53901 Reviewed-by:
-
- 31 Aug, 2017 3 commits
-
-
A new option $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] is introduced, which contains a list of Backend User uids. It is then possible to restrict access to backend modules to system maintainers - most importantly the four Install Tool modules. When this option is not set in LocalConfiguration.php, then all admins are system maintainers, same goes for accessing TYPO3 in Development context. This is the first step to remove the necessary "enter your intall tool password" when accessing the install tool from within TYPO3 Backend. Resolves: #82266 Releases: master Change-Id: If0026748ede694394b4e7f39788a650816160146 Reviewed-on: https://review.typo3.org/53830 Reviewed-by:
Susanne Moog <susanne.moog@typo3.org> Tested-by:
-
The master version of this 8.7 patch just removes last mentions of suhosin from the codebase. Change-Id: If003a8db37660662c65290a1e1bf25ef61375b80 Resolves: #82267 Related: #82257 Releases: master, 8.7 Reviewed-on: https://review.typo3.org/53858 Reviewed-by:
Wouter Wolters <typo3@wouterwolters.nl> Tested-by:
-
Resolves: #82175 Releases: master, 8.7 Change-Id: I4b70b2a662b1818171bb180f88f8d40a48ee91ed Reviewed-on: https://review.typo3.org/53788 Reviewed-by:
Joerg Boesche <typo3@joergboesche.de> Tested-by:
-
- 29 Aug, 2017 1 commit
-
-
The trigger values can be hardcoded here, as the previous filtering only gives us fields for which we want to hide the explanation and show the input field. Previuosly each time a new link field was created (as an IRRE element for example) the input and explanation fields were triggered. This created confusion with editors and also broke the trigger button, so that fields that were in the explanation mode could not be triggered back to input mode. Resolves: #82179 Releases: master, 8.7 Change-Id: Ic92129c6cdafe5fab19fbc76b9e9b7713b9e8736 Reviewed-on: https://review.typo3.org/53790 Reviewed-by:
Henning Liebe <h.liebe@neusta.de> Reviewed-by:
Sascha Rademacher <sascha.rademacher+typo3@gmail.com> Reviewed-by:
-
- 23 Aug, 2017 2 commits
-
-
Add 2 new rules * no_superfluous_elseif * no_useless_else Both rules only apply if the if-statement contains a return. If this is the case the obsolete else/elseif part is dropped. Resolves: #82183 Releases: master,8.7 Change-Id: I94dfa6b5b96cbc3e350bd778f1796dda1a4d955a Reviewed-on: https://review.typo3.org/53791 Tested-by:
-
Change a series of cgl details after update of php-cs-fixer from 1.0 to 1.4. Change-Id: Iba289f530e2df2c6fc73e5f5b705a673b4b3db0f Resolves: #82171 Related: #82164 Releases: master, 8.7 Reviewed-on: https://review.typo3.org/53776 Tested-by:
-
- 22 Aug, 2017 2 commits
-
-
Drop three error related constants from bootstrap: TYPO3_DLOG, TYPO3_ERROR_DLOG, TYPO3_EXCEPTION_DLOG Removal of these constants has been prepared in v8 and can be done now. This unblocks further logging related works. Along the way, the two TYPO3_CONF_VARS "enable_errorDLOG" and "enable_exceptionDLOG" can be dropped. The extension scanner can find usages of these constants, making the patch not less breaking, but usage detection within extensions is safe and thus helps a lot to spot them. A new matcher is added to the extension scanner to scan for usages of global constants. Resolves: #82162 Releases: master Change-Id: I6310866738e5cda79a807239846f64996ec76974 Reviewed-on: https://review.typo3.org/53212 Reviewed-by:
Georg Ringer <georg.ringer@gmail.com> Tested-by:
-
This patch makes the Notification module in standalone install tool usable by adding the required CSS and fixing the dependency to the global TYPO3 object, which only exist in backend context. Resolves: #82138 Releases: master Change-Id: I954324e9d19569eedb1eb5e0ecfaf821fcecb070 Reviewed-on: https://review.typo3.org/53760 Reviewed-by:
Mona Muzaffar <mona.muzaffar@gmx.de> Tested-by:
-
- 20 Aug, 2017 1 commit
-
-
The type field contains a non existing field. Do not select this field in the query. Resolves: #82105 Releases: master, 8.7, 7.6 Change-Id: I9840712f4f87135740512ddf91a2b921b2515612 Reviewed-on: https://review.typo3.org/53710 Tested-by:
Sascha Egerer <sascha@sascha-egerer.de> Tested-by:
-
- 18 Aug, 2017 2 commits
-
-
The patch applies a major refactoring of the "tool" part of the install tool. As the most visible change, the install tool application is now split from the "install" backend module menu entry into four different entries - "Maintenance", "Settings", "Upgrade" and "Environment". This is in-line with the strategy outline at https://decisions.typo3.org/t/typo3-system-management-the-big-picture The patch can be seen as the main separation and split patch to introduce the integration of the install tool application into the overall backend look and feel. On the visible side, single install tool actions that were spread over the old menu entries like "all configuration" and friends are now given single "cards" within one of the four main module entries. The "standalone" version of the install tool is now similar to the backend view - just without all the other module menu entries. Aside from this major visible change, the patch comes with a main refactoring of the underlying PHP code and click behavior: * All "action" buttons that initiate something are now ajax based. Codewise, this is the major part. * No main controller loads ext_tables / ext_localconf anymore. * Main "Install.js" is now mostly a dispatcher to load specific requireJs components determined by given clicked main module. * Major refactorinng of JavaScript output and click-flow. * Introduce various new "services". Ajax actions always return objects and arrays, but no HTML. This is a major step towards proper cli and psr-7 integration. Even with the install tool paradigm "never cache anything", the application feels very snappy due to slim main controllers and straight single Ajax action triggers. Some parts of the internal PHP API of the install tool have been changed. While the install tool is "internal" anyway, this patch has been marked as [!!!] to hint extension developers in the unlikely case it breaks some low level extension. The state of this major change is not "perfect": There are various details to improve. However, this patch has more than 9k lines, all major parts work fine and the huge file juggling prevents other patches from being integrated. Glitches and further improvements can be done with small patches afterwards. Resolves: #76084 Releases: master Change-Id: I2cc93f35c0760fce33c2136d41159c802932dfc4 Reviewed-on: https://review.typo3.org/53109 Reviewed-by:
Frank Naegler <frank.naegler@typo3.org> Tested-by:
Marco Christian Krenn <krenn@webconsulting.at> Tested-by:
Philipp Hamid <ph@supertrumpf.at>
Tested-by: Philipp Hamid <ph@supertrumpf.at> -
Correctly use htmlspecialchars for the link. Resolves: #82077 Releases: master,8.7,7.6 Change-Id: I87ea4010aa187f5f601c31423fb1a0fc05a23107 Reviewed-on: https://review.typo3.org/53719 Tested-by:
Wolfgang Klinger <wolfgang@wazum.com> Reviewed-by:
-
- 17 Aug, 2017 2 commits
-
-
EXT:t3editor is refactored to use the latest CodeMirror version (at the time of writing it's 5.28.0). Developers are now able to easily register and use custom modes for syntax highlighting. Also, addons for CodeMirror can be added easily. As CodeMirror provides these already, some useful addons are already registered, for example a search with hit annotations, fullscreen mode and jump-to-line functionality. A positive side-effect is that a lot of custom code was removed. Since the architecture allows to register additional modes, the TypoScript mode has been refactored and might be moved into a separate extension in further iterations. Resolves: #81901 Releases: master Change-Id: I432d1fdb3ba1f2a0b9246207dd70843b4bdbfbd9 Reviewed-on: https://review.typo3.org/53413 Reviewed-by:
-
On a page without subpages the indentation for creating a new page below this page was wrong. This fix changes the indentation in this special case. Resolves: #72011 Releases: master, 8.7, 7.6 Change-Id: I505a96126ab8cf69ebae32c5a84aa9dbfa59c87f Reviewed-on: https://review.typo3.org/53696 Reviewed-by:
-
- 15 Aug, 2017 1 commit
-
-
Resolves: #82088 Releases: master Change-Id: Ie0ad7a8ec6ed3f67300e88b8b8e0711c4f3dbbd2 Reviewed-on: https://review.typo3.org/53622 Tested-by:
-
- 14 Aug, 2017 1 commit
-
-
The button »View webpage« in the list module opens a popup with a link to the current page and an anchor to the selected content element. This behaviour is expected as well while selecting the »Show« option in the context menu of content elements or the »Save and view page« button in edit forms. Both places didn't added the anchor. Resolves: #81250 Releases: master, 8.7 Change-Id: Ifa8da940eb12820f9b0c54957928fd8d9f3703b5 Reviewed-on: https://review.typo3.org/53395 Tested-by:
Jan Helke <typo3@helke.de> Tested-by:
-
- 11 Aug, 2017 3 commits
-
-
Translating content on MSSQL installations has been impossible due to SQL errors. The GROUP BY statements in page module and localizationRepository have been fixed. Change-Id: I20a4778e3c0858aca80060ba333ce6a47e42ce38 Resolves: #82085 Releases: master, 8.7 Reviewed-on: https://review.typo3.org/53679 Tested-by:
-
Page module, view module and edit document selected data with an incomplete group by statement, missing the sorting column. This resulted in an error on mssql servers. The sorting field was added to the relevant queries. Change-Id: If1fb314542e0f27cdf18989fa2b8427c1e31e2d3 Resolves: #79298 Releases: master, 8.7 Reviewed-on: https://review.typo3.org/53674 Tested-by:
-
This is a small step to unify exception handling in TYPO3 by ensuring no internal and 3rd party code is forced to catch the toplevel PHP exception. This change e.g. actually allows the FormPagePreviewRenderer to handle form loading errors. Resolves: #82052 Releases: master, 8.7 Change-Id: I5cb0b8f2c56a6bbbecc34d87474d6d8b3ad2015c Reviewed-on: https://review.typo3.org/53651 Reviewed-by:
Mathias Schreiber <mathias.schreiber@typo3.com> Tested-by:
-
- 09 Aug, 2017 2 commits
-
-
New values created by AddController are now added again to the FlexForm value by fixing the value parsing. Additionally, the mixed up append/prepend values of `setValue` are fixed. Resolves: #82049 Resolves: #82050 Releases: master, 8.7 Change-Id: Ifc2a4bf4ddd39a1b004db9945f832ca6cf9d765d Reviewed-on: https://review.typo3.org/53646 Tested-by:
Sebastian Fischer <typo3@evoweb.de> Reviewed-by:
Markus Klein <markus.klein@typo3.org> Reviewed-by:
-
Disallow backend users to edit pages which doktypes are not allowed via backend usergroup permissions. Resolves: #79954 Releases: master, 8.7, 7.6 Change-Id: I527602e71c62bc8e33b0886a5758c7c8040b4720 Reviewed-on: https://review.typo3.org/51796 Tested-by:
Josef Glatz <josef.glatz@typo3.org> Reviewed-by:
-
- 01 Aug, 2017 1 commit
-
-
Christian Kuhn authored
The patch adds a new feature - the "extension scanner" - to the install tool. It is meant as a helper script for extension and project developers to quickly spot places in extension code that may need adaptions if upgrading to younger core versions. The scanner could later work with different languages, for now only scanning PHP files is supported. This is based on the great library nikic/php-parser which creates an AST from php source files and allows simple traversing. A series of matchers hooks into the traverser and scans for configured core deprecation or removals. Some additional matchers could be added if a core example evolves (for instance usage of dropped core constants). From now on, whenever the core deprecates or breaks existing core PHP API, an entry in one of the matcher configurations in ext:install/Configuration/ExtensionScanner/Php should be done. Since these API changes are documented via ReST files already, the configuration links to according ReST files. A bamboo integrity test script verifies those can be found. Furthermore, all Breaking-* and Deprecation-* ReST files since core version 9.x / master now need an additional Tag "FullyScanned", "PartiallyScanned" or "NotScanned". This is also checked by an integration test script in bamboo. The matcher configuration files are pretty straight forward and should be obvious if looking at ext:install/Configuration/ExtensionScanner/Php. This patch contains: * Add nikic/php-parser as dependency * New install tool gui to scan extensions in typo3conf/ext * Scanner infrastructure for PHP * Preparation and configuration for all current "master" / v9 ReST files * Mark ReST files which are tagged with "FullyScanned" as "not affected" in install tool "Upgrade analysis" if no match was found * Integration script testing referenced ReST files are found * Integration script verifying Breaking- and Deprecation- ReST file contain "FullyScanned", "PartiallyScanned" or "NotSCanned" keyword. More information on this feature can be found at https://docs.typo3.org/typo3cms/CoreApiReference/ExtensionScanner/Index.html Change-Id: I760e88f9d929fdd710655fa0d25cb26291a7ed2b Resolves: #82014 Releases: master Reviewed-on: https://review.typo3.org/53450 Tested-by:
-
- 31 Jul, 2017 3 commits
-
-
In order to streamline backend usage even further, the AJAX Request Handler is now using the "route" parameter the same way. This way, the RouteDispatcher does not have to distinguish between the BE calls anymore, and the Form Protections are streamlined. Resolves: #81899 Releases: master Change-Id: I48bf2406eaff2316d3f0fe5dc631a51067a570f6 Reviewed-on: https://review.typo3.org/53459 Tested-by:
-
The view module was redesigned to provide a more modern and streamlined look and feel across the existing backend. With the introduction of named and categorized device presets we enable users to get a better idea of how the page will look like on a specific device. For even more easy testing, the orientation can now be changed without selecting a different device. Releases: master Resolves: #77576 Change-Id: Ie430db2a39a9bf6931ebde8109e62c12d9bae09b Reviewed-on: https://review.typo3.org/53061 Reviewed-by:
-
With the new composer installers versions, the core package itself (in fact any composer package) can add scripts to be run on composer build time. Use this API to add scripts to TYPO3, that will create the entry scripts for frontend, backend and install tool We do this in a way, that also works if these system extensions are installed individually. This also has the benefit, that we can adapt the core with doing more things during composer build time (e.g. maybe publishing assets) in the future, or change the entry scripts to different locations, without touching the plugin any more. Resolves: #81981 Releases: master Change-Id: I3982bd5e73a14cdd54e83d0a7b3a1c93f2191efd Reviewed-on: https://review.typo3.org/53602 Reviewed-by:
-
- 30 Jul, 2017 1 commit
-
-
Description, dependencies between core packages and core package versions are now in sync in ext_emconf.php and composer.json Now also added extension key information explicitly in composer.json What still should be done later is adding further dependencies to these files if required. This change was mostly automated using helhum/ext-tools with the command: typo3cms composerjson:sync 'typo3/sysext/*' Resolves: #82003 Releases: master, 8.7 Change-Id: Ife913038142e8ecc137d21d4d43e2cdf467fb0f9 Reviewed-on: https://review.typo3.org/53621 Tested-by:
Philipp Gampe <philipp.gampe@typo3.org> Reviewed-by:
-
