Sending a redirect response with a empty `Location` is
invalid per RFC. Browser vendor are dealing differntly
with it.

* Firefox executes a redirect to the current url, leading
  to an `endless` redirect chain - stopping it after some
  recursions with a coresponding notice in the network tab.
* Chrome determines this and is doing nothing at all with
  it - leading to a white page.

From the [1] RFC regarding invalid URI spec for `Location`:

> Note: Some recipients attempt to recover from Location
>       fields that are not valid URI references. This
>       specification does not mandate or define such
>       processing, but does allow it for the sake of
>       robustness.

A matching redirect record with a manually entered `/` as
redirect target leads in TYPO3 v11 to this behaviour. This
can be mitigated by selecting the corresponding site root.

For TYPO3 v12 and upwards a change in the LinkHandling has
been introduced which properly handles the `/` in the link
generation and correctly returning a `/` as redirect url.
That change has quite some impact and is not reasonable to
be backported to TYPO3 v11 within #100958.

This change adds an additionally guard to the `RedirectHandler`
to handle empty redirect urls as endless loop, just logging
it and not responding with an redirect. This helps in v11 and
keeps a safety guard for the future in this place.

[1] https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.2

Resolves: #100791
Related: #100958
Releases: main, 12.4, 11.5
Change-Id: I2af2d5bf759a277ade45bd0f7740ffe0099003b3
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81280


Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

When the form is in "Preview" mode and an integrator either saves or
switches to the form settings, the stage itself is updated to be in
"Edit" mode again, but the internal state remains in "Preview" mode,
causing glitches in the UI.

This patch now disables the preview state in the form model everytime
the "stage area", containing the editing interface, is rendered.

Resolves: #102031
Releases: main, 12.4, 11.5
Change-Id: I84b0817bb99201527dbd4b950e560631e7b1d94f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81262


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: core-ci <typo3@b13.com>

Storages using the local storage driver with a non existing
base folder are put offline automatically. However, the file
list module displays a to generic error message not pointing
to that fact.

This change adds a concrete check for this case and displays
a more specific error flash message in the file list module now.

This can be tested by creating a additional local storage with
a non-existing relative path, for example:

    `fileadmin/not-existing-folder/`

Resolves: #85323
Releases: main, 12.4, 11.5
Change-Id: Ie3ad64a99c0871d258470ffc858639dee4de1108
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81265


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

Feature #76085 introduced an admin panel option which shows red boxes
with section and partials for easier debugging. However sometimes no
partial name is shown in the output, because the retrieved name is not
cleaned correctly.

Resolves: #97509
Related: #76085
Releases: main, 12.4, 11.5
Change-Id: I087e3688fa8d5703c621e182f80b594492c11115
Signed-off-by: J. Peter M. Schuler <j.peter.m.schuler@uni-due.de>
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81273


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

Resolves: #102029
Releases: main, 12.4, 11.5
Change-Id: Idfa299ece1011727da09421ee148a820dc4e0326
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81197


Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

RTE link classes that are configured via
`buttons.link.properties.class.allowedClasses` are selectable
in all link types in the link browser.

Specific classes can be limited to specific link types with a
separate configuration option `classesAnchor.{id}.type|class`.
When such limits are active, classes that are *not* configured to
associated/limited to a specfic type, remain listed and available
for *all* link types.

When an existing link with such type of globally allowed class is opened
its value was cleared because it was not defined in the set of limits.
This was an inconsistency as the link class was still selectable, but
the selection was removed upon reoping such link. Such values are now
preserved.

Resolves: #102005
Releases: main, 12.4, 11.5
Change-Id: I0ad4273819f1d5a8e06f587b94fefb4598a07c13
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81169


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

Resolves: #101185
Releases: main, 12.4, 11.5
Change-Id: If54f9308ac2928ce9521228593d6a3ef88713d51
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81192


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

As the keyword field can be null, the value must be cast to a string.

Resolves: #102002
Releases: main, 12.4, 11.5
Change-Id: Ic2e437c489c699833c2d51301bdff715f613ea6e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81171


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>

The change log previously only mentioned the database impact.
But code might access the field as array key on the user array.
This would result in unexpected behaviour.
Furthermore this would result in Warnings since PHP 8.0.

The changelog is extended with the impact.
That allows people to not only check database queries but also array
access while migrating.

Furthermore suggested migration class was replaced by the FQCN to ease
migration. People do no longer need to find the FQCN. Furthermore it
might exist a class with same name in the project from third party code,
or it might be added another class in the future.

Resolves: #101987
Releases: main, 12.4, 11.5
Change-Id: I475606e0f9a325880ee10339adaa2971985b05fa
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81144


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

Just like SvgImageProcessor, DeferredBackendImageProcessor now also
catches the exception, which is thrown, when image dimensions equal
zero and falls back to 64x64 image dimension. This enables editors to
correct bad image cropping without the need to do it in the database.

To be more specific, a new Exception ZeroImageDimensionException is
added, which is used in both processors now.

The image cropping editor is already fixed to only allow a minimum
dimension of 10x10. However, already corrupted files can not be
accessed without this patch.

Resolves: #93807
Related: #99943
Releases: main, 12.4, 11.5
Change-Id: I259c365052dd02110d43418ba48b768bbe073fc1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81133


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

When the crop object is serialized in a wrong manner
or does not contain all information. In order to avoid
PHP errors, the casting is done so the page still
gets rendered.

Resolves: #93138
Releases: main, 12.4, 11.5
Change-Id: Ia71dc81363c519a663c9cc91e2f0f200e7570832
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81065


Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Tested-by: core-ci <typo3@b13.com>

If the flexforms data is null, there is no point trying to parse
that as XML. This avoids type errors when `GeneralUtility` gets
native parameter type declarations for `GU::xml2array`, and it
should also slightly increase performance.

Also fix the corresponding PHPDoc type annotation to reflect
that a parameter in reality needs to be nullable.

Resolves: #101891
Releases: main, 12.4, 11.5
Change-Id: I39efc1d26300634c0bed74aee1f7ebd444acb8c0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81059


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

Resolves: #96537
Releases: main, 12.4, 11.5
Change-Id: I0b2b4dbf47d58f21df8ffb3d91a889c22b092280
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81047


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>

Resolves: #101925
Releases: main, 12.4, 11.5
Change-Id: Icec9f634ca1e1a9c7ad6b3a55afaf197cfa44acc
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81045


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>

Resolves: #101730
Releases: main, 12.4, 11.5
Change-Id: I9e400e1c582f84602b6aa8ef3cdd9a85f4e5b93e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81057


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

Resolves: #100210
Releases: main, 11.5
Change-Id: I3a011cf4b964bdb580015ee3719ada9a8f03a62c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80999


Tested-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Susanne Moog <look@susi.dev>

Change-Id: If8efb77fb623053c3e5419d4299caed01deb8a37
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80976


Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: core-ci <typo3@b13.com>

Change-Id: I05e25a742ad281c630178b5861dda7071f6dad8f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80975


Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

When performing `Build/Scripts/runTests.sh -s cglGit`
with latest cs fixer version a rule dependency error
is thrown.

This patch exchanges the deprecation with the current
recommended rule.

Used command(s):

> composer require --dev \
  "friendsofphp/php-cs-fixer":"^3.26.1"
> Build/Scripts/runTests.sh -s cgl

Resolves: #101888
Releases: main, 11.5, 12.4
Change-Id: Ie139ef841c92461e116732923991c6474e888a5e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80937


Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

Add typo3/ infix as images were otherwise tried
to be updated from ghcr.io/core-testing-*
instead of ghcr.io/typo3/core-testing-*.

Resolves: #101885
Releases: main, 12.4, 11.5
Change-Id: I4a866971158916264d21435377d43d2b843bf16d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80911


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

When the parent record has been set to sys_language_uid=-1, but the
child record has translations, it should be displayed in the correct
language. Setting the languageUid for the querySettings to -1 results
in display of the default language record of the child.

Resolves: #92768
Releases: main, 12.4, 11.5
Change-Id: I25bcdbb182c1b35cbc08e5f91339453b0986cdcc
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80929


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

ContentObjectRenderer::getImgResource is used for the content objects
IMAGE, IMG_RESOURCE, as well as GIFBUILDER to process images.

When it is passed a FileReference object, it should respect the crop
settings of this reference, same as when it is passed a reference UID
plus the treatIdAsReference config.

Resolves: #101810
Releases: main, 12.4, 11.5
Change-Id: I399106399ec283561c00fa5cf61d6c7fe2871e49
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80928


Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

When a junction already exists on Windows, it is tried
to create a symlink, because of a missing OS check.

While this works as errors are ignored, it is
an unnecessary filesystem call.

Therefore the code is changed to only emit
the appropriate filesystem operations per OS.

Resolves: #101871
Related: #98434
Related: #98447
Releases: main, 12.4, 11.5
Change-Id: Ifafadceae3742da23fd1a40e5aab50074e60313c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80924


Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>

When an oembed provider does not send
an "author_name" property, then the request fails,
and there is a sys_file without a sys_file_metadata.

This then results that the show info popup does not work.

Resolves: #101877
Releases: main, 12.4, 11.5
Change-Id: If6ead0084664372b9133fdd544ede90aa8a0e5d7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80926


Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>

Only create one filesystem object,
instead of always creating new ones where needed.

Resolves: #101870
Releases: main, 12.4, 11.5
Change-Id: I56a47f412fded7585425098f18f1d7090baf09d1
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80923


Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: Benjamin Franzke <ben@bnf.dev>

Accessing static properties as non-static has always
triggered a notice in PHP. However, since PHP 8.0
accessing undefined properties (which always comes with
the former notice) is now a warning. This will be
caught by the error handler in debug mode.

To fix this, the more robust _getProperty method is
backported from #100120 and used in the _isDirty method.

Resolves: #101488
Related: #100120
Releases: 11.5
Change-Id: I5f9ccb411f02f0dcc164d0d14917ecd631dc1178
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80280


Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

The module components (like the iframe wrapper) are
created asynchronously after their implementing module
(e.g. <typo3-iframe-module>) is loaded.

The router had a preparatory check that verified
that existing module elements are reused, but missed
to verifiy whether the element has been created in
parallel while the module components javascript module
was loaded. This happens when the module changes
while the module component is loaded for the first time.

That leads to a situation that the module componenent
was created twice, which rendered two module frames
into the backend.

Also resolve a long overdue todo while at it.

Resolves: #101851
Releases: main, 12.4, 11.5
Change-Id: I069f9e924d38b3abeb70c6d4e805d9c43a4f05e9
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80912


Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>

Check if a field exists before accessing it.

Resolves: #101852
Releases: main, 12.4, 11.5
Change-Id: I95d227d920975b1e348c95a1069a9ddddcddc900
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80851


Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

With the deprecation removal of regular expressions
based EXT:form validators in #101070, the set of available
validators for the form element type URL became empty.
(See EXT:form/Configuration/Yaml/FormElements/Url.yaml)

Instead of only removing the select element from the DOM,
the entire form-group is now removed, in order to also hide
the corresponding <label> tag, as such a stray label tag
isn't helpful for an enduser and is therefore actually even
invalid HTML (as the reference to an input element is missing).

Resolves: #101749
Related: #101070
Releases: main, 12.4, 11.5
Change-Id: Ib0d34e94e2c3ba109133dac64374f04f7c91329b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80734


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

With #101739 a bug has been reported, which is
not correct.

This change adds functional tests to `ext:redirects`
to show and cover that:

* regexp redirects with a pattern not covering params
  but query arguments are given in the request uri and
  "Respect GET Parameters" has been set do not redirect.
* RegExp Redirects with a pattern not covering params
  and no GET arguments are given in the request uri but
  "Respect GET Parameters" has been set redirects to the
  target url.

Resolves: #101739
Releases: main, 12.4, 11.5
Change-Id: I023889ba6fefe5a4b06b392e02dece4b6ac517c0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80886


Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>

Avoid native PHP warnings in FrontendBackendUserAuthentication
because of invalid array key access. The places are now guarded
using null coalescing operator with a suitable fallback value.

Resolves: #101848
Resolves: #101847
Releases: main, 12.4, 11.5
Change-Id: Iaf747172b6ac04b9d2bdbf60519346ef7e3b3f2f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80845


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

We also ensure that TYPO3.lang checks are correct
when the modal is used in a context where TYPO3.lang
is not defined.

Resolves: #101844
Releases: main, 12.4, 11.5
Change-Id: I1e6e90ed86e72f483929429b8e2c833179b60f87
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80868


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

Twitter made the CSS framework Open Source in 2011, since then it is called only "Bootstrap".

Resolves: #101840
Releases: main, 12.4, 11.5
Change-Id: I05c7d9ce3a197cb61058a5582918935d6720e371
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80839


Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>

This supplements the other viewhelpers already equipped
with this attribute.

Resolves: #101775
Releases: main, 12.4, 11.5
Change-Id: Iadcdb1de591d9d9e56722623cacd1a5cf8fbe0af
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80827


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

Only add implicit default paths (Resources/Private/X) when they
are not explicitly configured via TypoScript, as they may have
been configured as an overwrite for another base path.

Resolves: #81099
Releases: main, 12.4, 11.5
Change-Id: I0fe4cb690aa253d5d9941fcfbe0a9c9063298547
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80835


Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

Before this fix, only the first RTE processing configuration would be
taken into account when deciding which tags to keep in an HTML snippet.

RteHtmlParser is a DI service and as such is treated as a singleton.
Using multiple RTE processing configurations with potentially different
sets of allowed tags should work as expected.

Resolves: #101190
Releases: main, 12.4, 11.5
Change-Id: Ib0227872b542f53b30a16494aa2f979b8f601e07
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80833


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

FormEngine sends some information as payload with the suggest
wizard ajax request to the `SuggestWizardController` as context.
The controller loads the record based on the tableName and
the uid to determine the recordType to read the correct TCA field
configuration, respecting special overrides like `columnsOverrides`.

If a new record is created, there is no record uid available and
passed to the controller. Therefore, the recordType is not properly
determined. That leads to wrong record suggestions, if for example
the `allowed` record table is overriden for specific recordTypes.

This change adds the recordTypeValue as additional html data
attribute to the suggest search field, reads and sends it along
with the context payload in the ajax request to the suggest
wizard controller, which now uses the passed value while keeping
the record retrievement as fallback for now.

Suggest records are now directly searched correctly respecting
the full TCA configuration for the type, even for new records.

Additionally, uid is send as null instead of the string "NaN".

Used command(s):

> Build/Scripts/runTests.sh -s buildJavascript

Resolves: #101796
Releases: main, 12.4, 11.5
Change-Id: I3b814d37b7d4d3e9674ad6f2af882520c4f91413
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80798


Tested-by: Stefan B�rk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan B�rk <stefan@buerk.tech>

BackendUtility has a couple of strtotime() calls that
may end up as strtotime(null). This emits a PHP
E_DEPRECATED error since PHP 8.1. Add a cast.

Resolves: #101811
Resolves: #101805
Releases: main, 12.4, 11.5
Change-Id: I5cca1b2fd3bc0d6792f6d61a59bdbc5b4850d15d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80796


Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

DataMapProcessor tries to access `$possibleChainedIds[0]` which
might not be defined, since that array is the result of a previous
`array_intersect` invokation, which keeps the array keys of the
original input array.

DataHandler tries to access `$this->copyMappingArray[$table][$uid]`,
which might not be defined in case the previous copy command could
not be executed (e.g. since the record was deleted already).

Resolves: #101748
Releases: main, 12.4, 11.5
Change-Id: Ibcbc412c7df62ce17dfa2c0f6fc120ccebb953d8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80669


Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: core-ci <typo3@b13.com>

This patch fixes two issues when generating symlinks to the public
extension resources (Public/Resources) into the _assets folder during
Composer installation.

First, directory symlinks can't be created the same way on Windows as
on Unix platforms. The creation requires elevated rights, and the
required command is named differently as well. Junctions should be used
on Windows instead, because they do not need elevated privileges to be
created.

When installing a TYPO3 extension via Composer, its Resources/Public
folder is getting symlinked to the publicly accessible _assets folder.
Until now, this process only used the Unix specific functions provided
by Composer. It did not create any symlinks on Windows based
installations, without generating any error message.

This patch adds the same checks and platform-specific functions used by
Composer when symlinking packages from a local path repository.

The second issue that has been addressed is the naming of the symlinks
themselves. When a Resources/Public directory is symlinked into the
_assets folder, the symlink will be named using an md5 hash based on
parts of the extension's installation path on the filesystem. During
Composer installation, this relative path is derived from the
absolute path provided by Composer. As Windows uses a different default
path separator (backslash) compared to Unix (forward slash), the
relative path will be different between both platforms, resulting in a
different md5 hash being generated.

Absolute path on Unix:
/path/to/typo3/vendor/mycompany/myext

Absolute path on Windows:
C:\path\to\typo3\vendor/mycompany/myext

Relative path to be used for the hash on Unix:
/vendor/mycompany/myext

Relative path to be used for the hash on Windows:
\vendor/mycompany/myext

If an uri into the _assets folder is to be generated in either frontend
or backend, the md5 hash will be always be generated by using forward
slashes, resulting in incorrect links on Windows installations.

This difference has been solved by replacing all backslashes in the
absolute extension installation path into forward slashes on Windows
installations, so the symlink will be named correctly from the
beginning.

Resolves: #98434
Resolves: #98447
Releases: main, 12.4, 11.5
Change-Id: I221eb538312302a7af4f7c3010c9982922f1c6ce
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/80753


Reviewed-by: Stefan B�rk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan B�rk <stefan@buerk.tech>