diff --git a/typo3/sysext/backend/Classes/Controller/FormInlineAjaxController.php b/typo3/sysext/backend/Classes/Controller/FormInlineAjaxController.php
index ed437ea98d114bf69f6a4fc4555703dd2077bfa9..36838b390f58a28115ca0e8e74b1fe1c530a4a7c 100644
--- a/typo3/sysext/backend/Classes/Controller/FormInlineAjaxController.php
+++ b/typo3/sysext/backend/Classes/Controller/FormInlineAjaxController.php
@@ -406,7 +406,7 @@ class FormInlineAjaxController extends AbstractFormEngineAjaxController
// Save states back to database
if (is_array($inlineView[$topTable][$topUid][$currentTable])) {
$inlineView[$topTable][$topUid][$currentTable] = array_unique($inlineView[$topTable][$topUid][$currentTable]);
- $backendUser->uc['inlineView'] = serialize($inlineView);
+ $backendUser->uc['inlineView'] = json_encode($inlineView);
$backendUser->writeUC();
}
}
@@ -614,7 +614,7 @@ class FormInlineAjaxController extends AbstractFormEngineAjaxController
return [];
}
- $inlineView = unserialize($backendUser->uc['inlineView']);
+ $inlineView = json_decode($backendUser->uc['inlineView'], true);
if (!is_array($inlineView)) {
$inlineView = [];
}
@@ -624,7 +624,7 @@ class FormInlineAjaxController extends AbstractFormEngineAjaxController
/**
* Method to check whether the backend user has the property inline view for the current IRRE item.
- * In existing or old IRRE items the attribute may not exist, then the unserialize will fail.
+ * In existing or old IRRE items the attribute may not exist, then the json_decode will fail.
*
* @param BackendUserAuthentication $backendUser
* @return bool
diff --git a/typo3/sysext/backend/Classes/Form/FormDataProvider/TcaInlineExpandCollapseState.php b/typo3/sysext/backend/Classes/Form/FormDataProvider/TcaInlineExpandCollapseState.php
index a305fd1184ace7d9c2afd8168f0b1e24ad2f7616..2aec9ba958fad53a1dc7ccd5668e017d43d91a12 100644
--- a/typo3/sysext/backend/Classes/Form/FormDataProvider/TcaInlineExpandCollapseState.php
+++ b/typo3/sysext/backend/Classes/Form/FormDataProvider/TcaInlineExpandCollapseState.php
@@ -32,13 +32,13 @@ class TcaInlineExpandCollapseState implements FormDataProviderInterface
public function addData(array $result)
{
if (empty($result['inlineExpandCollapseStateArray'])) {
+ $fullInlineState = json_decode($this->getBackendUser()->uc['inlineView'], true);
+ if (!is_array($fullInlineState)) {
+ $fullInlineState = [];
+ }
+ $inlineStateForTable = [];
if (!empty($result['inlineTopMostParentUid']) && !empty($result['inlineTopMostParentTableName'])) {
// Happens in inline ajax context, top parent uid and top parent table are set
- $fullInlineState = unserialize($this->getBackendUser()->uc['inlineView']);
- if (!is_array($fullInlineState)) {
- $fullInlineState = [];
- }
- $inlineStateForTable = [];
if ($result['command'] !== 'new') {
$table = $result['inlineTopMostParentTableName'];
$uid = $result['inlineTopMostParentUid'];
@@ -46,14 +46,8 @@ class TcaInlineExpandCollapseState implements FormDataProviderInterface
$inlineStateForTable = $fullInlineState[$table][$uid];
}
}
- $result['inlineExpandCollapseStateArray'] = $inlineStateForTable;
} else {
// Default case for a single record
- $fullInlineState = unserialize($this->getBackendUser()->uc['inlineView']);
- if (!is_array($fullInlineState)) {
- $fullInlineState = [];
- }
- $inlineStateForTable = [];
if ($result['command'] !== 'new') {
$table = $result['tableName'];
$uid = $result['databaseRow']['uid'];
@@ -61,8 +55,8 @@ class TcaInlineExpandCollapseState implements FormDataProviderInterface
$inlineStateForTable = $fullInlineState[$table][$uid];
}
}
- $result['inlineExpandCollapseStateArray'] = $inlineStateForTable;
}
+ $result['inlineExpandCollapseStateArray'] = $inlineStateForTable;
}
if (!$result['isInlineChildExpanded']) {
diff --git a/typo3/sysext/backend/Classes/Form/Utility/FormEngineUtility.php b/typo3/sysext/backend/Classes/Form/Utility/FormEngineUtility.php
index 29685cd2f068cd2d4b4fea43ac68b2c16435d560..d573e773d8e6679f1a533e5bc08fb23e8d15df70 100644
--- a/typo3/sysext/backend/Classes/Form/Utility/FormEngineUtility.php
+++ b/typo3/sysext/backend/Classes/Form/Utility/FormEngineUtility.php
@@ -147,7 +147,7 @@ class FormEngineUtility
{
$backendUser = static::getBackendUserAuthentication();
if (isset($uc['inlineView']) && is_array($uc['inlineView'])) {
- $inlineView = (array)unserialize($backendUser->uc['inlineView']);
+ $inlineView = (array)json_decode($backendUser->uc['inlineView'], true);
foreach ($uc['inlineView'] as $topTable => $topRecords) {
foreach ($topRecords as $topUid => $childElements) {
foreach ($childElements as $childTable => $childRecords) {
@@ -173,7 +173,7 @@ class FormEngineUtility
}
}
}
- $backendUser->uc['inlineView'] = serialize($inlineView);
+ $backendUser->uc['inlineView'] = json_encode($inlineView);
$backendUser->writeUC();
}
}
diff --git a/typo3/sysext/backend/Classes/Tree/View/AbstractTreeView.php b/typo3/sysext/backend/Classes/Tree/View/AbstractTreeView.php
index 4b0a6f291bea6b058dc0cce0f775c1047dd917d6..d671cb7a27588afdee614e1aff3663a7cf82472a 100644
--- a/typo3/sysext/backend/Classes/Tree/View/AbstractTreeView.php
+++ b/typo3/sysext/backend/Classes/Tree/View/AbstractTreeView.php
@@ -589,7 +589,7 @@ abstract class AbstractTreeView
public function initializePositionSaving()
{
// Get stored tree structure:
- $this->stored = unserialize($this->BE_USER->uc['browseTrees'][$this->treeName]);
+ $this->stored = json_decode($this->BE_USER->uc['browseTrees'][$this->treeName], true);
// PM action
// (If an plus/minus icon has been clicked, the PM GET var is sent and we
// must update the stored positions in the tree):
@@ -617,7 +617,7 @@ abstract class AbstractTreeView
*/
public function savePosition()
{
- $this->BE_USER->uc['browseTrees'][$this->treeName] = serialize($this->stored);
+ $this->BE_USER->uc['browseTrees'][$this->treeName] = json_encode($this->stored);
$this->BE_USER->writeUC();
}
diff --git a/typo3/sysext/backend/Classes/Tree/View/FolderTreeView.php b/typo3/sysext/backend/Classes/Tree/View/FolderTreeView.php
index bc554fb5b193ce75b3de8aadd122e3ca059d6ffe..bbdef5a233e6d8156bd11be33c576018d439976c 100644
--- a/typo3/sysext/backend/Classes/Tree/View/FolderTreeView.php
+++ b/typo3/sysext/backend/Classes/Tree/View/FolderTreeView.php
@@ -588,7 +588,7 @@ class FolderTreeView extends AbstractTreeView
public function initializePositionSaving()
{
// Get stored tree structure:
- $this->stored = unserialize($this->BE_USER->uc['browseTrees'][$this->treeName]);
+ $this->stored = json_decode($this->BE_USER->uc['browseTrees'][$this->treeName], true);
$this->getShortHashNumberForStorage();
// PM action:
// (If an plus/minus icon has been clicked,
diff --git a/typo3/sysext/backend/Classes/Utility/BackendUtility.php b/typo3/sysext/backend/Classes/Utility/BackendUtility.php
index ba3777dc6931a3a446b10dc9f7305c2a9461b604..0016b757773ed308adf737805b6824328c633ffb 100644
--- a/typo3/sysext/backend/Classes/Utility/BackendUtility.php
+++ b/typo3/sysext/backend/Classes/Utility/BackendUtility.php
@@ -480,7 +480,7 @@ class BackendUtility
if ($clearExpansion) {
$expandedPages = [];
} else {
- $expandedPages = unserialize($beUser->uc['browseTrees']['browsePages']);
+ $expandedPages = json_decode($beUser->uc['browseTrees']['browsePages'], true);
}
// Get rootline:
$rL = self::BEgetRootLine($pid);
@@ -498,7 +498,7 @@ class BackendUtility
$expandedPages[$mountIndex][$rLDat['uid']] = 1;
}
// Write back:
- $beUser->uc['browseTrees']['browsePages'] = serialize($expandedPages);
+ $beUser->uc['browseTrees']['browsePages'] = json_encode($expandedPages);
$beUser->writeUC();
}
diff --git a/typo3/sysext/backend/Tests/Unit/Controller/FormInlineAjaxControllerTest.php b/typo3/sysext/backend/Tests/Unit/Controller/FormInlineAjaxControllerTest.php
index c15201b415e4731aef64db3b56271b61c2ba023f..bf6f61b304824c8cb87650e15adfcbe30fd5de46 100644
--- a/typo3/sysext/backend/Tests/Unit/Controller/FormInlineAjaxControllerTest.php
+++ b/typo3/sysext/backend/Tests/Unit/Controller/FormInlineAjaxControllerTest.php
@@ -242,7 +242,7 @@ class FormInlineAjaxControllerTest extends UnitTestCase
public function getInlineExpandCollapseStateArrayWillUnserializeUCInlineViewPropertyAsAnArrayWithData(): void
{
$backendUserProphecy = $this->prophesize(BackendUserAuthentication::class);
- $backendUserProphecy->uc = ['inlineView' => serialize(['foo' => 'bar'])];
+ $backendUserProphecy->uc = ['inlineView' => json_encode(['foo' => 'bar'])];
$backendUser = $backendUserProphecy->reveal();
$mockObject = $this->getAccessibleMock(
diff --git a/typo3/sysext/backend/Tests/Unit/Form/FormDataProvider/TcaInlineExpandCollapseStateTest.php b/typo3/sysext/backend/Tests/Unit/Form/FormDataProvider/TcaInlineExpandCollapseStateTest.php
index 787a851407eabbf02daf87b27f671f42bfe6e671..cc68461c06bef6edb153c467253ec7d778cc4f79 100644
--- a/typo3/sysext/backend/Tests/Unit/Form/FormDataProvider/TcaInlineExpandCollapseStateTest.php
+++ b/typo3/sysext/backend/Tests/Unit/Form/FormDataProvider/TcaInlineExpandCollapseStateTest.php
@@ -53,7 +53,7 @@ class TcaInlineExpandCollapseStateTest extends UnitTestCase
];
$GLOBALS['BE_USER'] = new \stdClass();
$GLOBALS['BE_USER']->uc = [
- 'inlineView' => serialize($inlineState),
+ 'inlineView' => json_encode($inlineState),
];
$expected = $input;
$expected['inlineExpandCollapseStateArray'] = $inlineState['aParentTable'][5];
@@ -97,7 +97,7 @@ class TcaInlineExpandCollapseStateTest extends UnitTestCase
];
$GLOBALS['BE_USER'] = new \stdClass();
$GLOBALS['BE_USER']->uc = [
- 'inlineView' => serialize($inlineState),
+ 'inlineView' => json_encode($inlineState),
];
$expected = $input;
$expected['inlineExpandCollapseStateArray'] = $inlineState['aParentTable'][5];
diff --git a/typo3/sysext/impexp/Classes/View/ExportPageTreeView.php b/typo3/sysext/impexp/Classes/View/ExportPageTreeView.php
index 42eb9febc23fcafa472a2c727558b90a185fdaf2..969ee6d9e27e6df6dd9f13a69ee5fd4d9f595245 100644
--- a/typo3/sysext/impexp/Classes/View/ExportPageTreeView.php
+++ b/typo3/sysext/impexp/Classes/View/ExportPageTreeView.php
@@ -88,7 +88,7 @@ class ExportPageTreeView extends BrowseTreeView
// Initialize:
$this->init(' AND ' . $this->BE_USER->getPagePermsClause(Permission::PAGE_SHOW) . $clause);
// Get stored tree structure:
- $this->stored = unserialize($this->BE_USER->uc['browseTrees']['browsePages'], ['allowed_classes' => false]);
+ $this->stored = json_decode($this->BE_USER->uc['browseTrees']['browsePages'], true);
$treeArr = [];
$idx = 0;
// Set first: