- Nov 13, 2023
-
-
Sybille Peters authored
TCA fields of type 'slug' can be configured with the property generatorOptions. Particularly, the short form of using a simple array for the fields instead of a nested array is a common source of confusion and the initially introduced changelog had incorrect examples. The changelog is improved as follows - Fix the examples. The examples 2 and 3 showed incorrect results - Use the multidimensional array in the source snippet - Clarify that ['nav_title', 'title'] is the same as [['nav_title'], ['title']], but not the same as [['nav_title', 'title']] Resolves: #89390 Releases: main, 12.4, 11.5 Change-Id: Ib1944c2a1eb9e2a69a0f169f316208cf46f9be84 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81727 Tested-by:
core-ci <typo3@b13.com> Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Reviewed-by:
-
- Nov 10, 2023
-
-
Thomas Hohn authored
If a HMAC cannot be `json_decode`d (possibly due to old saved pages or other outdated content), now a proper exception is thrown instead of issuing a PHP warning. Resolves: #97337 Releases: main, 12.4, 11.5 Change-Id: I12f5633a85508bf4099d72e474c24b5a0100498c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81719 Tested-by:
Benjamin Franzke <ben@bnf.dev> Reviewed-by:
-
- Nov 07, 2023
-
-
Benjamin Franzke authored
With #99503 `cObjGet()` was implemented as a wrapper around the strictly typed cObjGetSeparated method, effectively enforcing the first argument to be an array, while previously non array values were returned as an empty string. Resolves: #102328 Related: #99503 Releases: main, 12.4, 11.5 Change-Id: I7c04307f14da5a93e12672b36de163071dad7359 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81662 Tested-by:
-
- Nov 06, 2023
-
-
Fabio Norbutat authored
Invalid char encoding has slipped into an yaml example snippet for ext:dashboard. This change use the correct quoting to fix this. Releases: main, 12.4, 11.5 Resolves: #102319 Change-Id: I3dd2fd7a1aec51ad3f1ace7c6b914371e9e12342 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81657 Tested-by:
Andreas Kienast <a.fernandez@scripting-base.de> Tested-by:
-
Jonas Eberle authored
This adds a line break between concatenated "inline" JavaScripts in order to keep JavaScript without trailing ';' valid. Resolves: #99503 Releases: main, 12.4, 11.5 Change-Id: Icf902679c715687c5be2e5f572526608ce31f882 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81686 Reviewed-by:
-
- Nov 05, 2023
-
-
Justus Moroni authored
Resolves: #102192 Releases: main, 12.4, 11.5 Change-Id: I0cc48e27d32b6d6164d9d580121968610a9333b9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81655 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
- Nov 02, 2023
-
-
Achim Fritz authored
To prevents sql errors when inherit from SuggestWizardDefaultReceiver and adding a JOIN statement, the fields are now prefixed with the table name. Resolves: #102298 Releases: main, 12.4, 11.5 Change-Id: I608bd30df1b878aec8dbf611e70049c1be88778a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81651 Tested-by:
Oliver Bartsch <bo@cedev.de> Reviewed-by:
-
- Oct 30, 2023
-
-
Christian Kuhn authored
Minor CGL streamlinings from latest php-cs-fixer. > composer req --dev friendsofphp/php-cs-fixer:^3.37.1 > Build/Scripts/runTests.sh -s cgl Resolves: #102285 Releases: main, 12.4, 11.5 Change-Id: I0cc1fe3c0f81f62a49df00d62d57ef3c593c57df Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81611 Tested-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
-
- Oct 27, 2023
-
-
Garvin Hicking authored
The `EXT:felogin/Classes/Service/RecoveryService.php` makes use of the local $uriBuilder instance building links, however it does not `reset()` it's state before building a URL. It seems this only creates an issue when used in conjunction with `EXT:vhs` (possibly due to adapted fluid/object caching behavior?). Fixing this by resetting the instance as recommended via https://docs.typo3.org/m/typo3/reference-coreapi/main/en-us/ExtensionArchitecture/Extbase/Reference/UriBuilder.html should take care of this, even though uriBuilder should be a singleton only operating within the scope of a single ActionController. Resolves: #102203 Releases: main, 12.4, 11.5 Change-Id: Idb6089c4b43b6d3352fbbbbeedfa63770959def0 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81589 Tested-by:
Stefan Bürk <stefan@buerk.tech> Tested-by:
-
- Oct 26, 2023
-
-
Christian Kuhn authored
This may be triggered by invalid FlexForm values that does not contain a 'data' key for whatever reason. Resolves: #100733 Releases: main, 12.4, 11.5 Change-Id: I96924d65af56fd7cf2bb2a97fd4591b3c81f934f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81586 Tested-by:
-
Kay Strobach authored
Avoid the migration of empty flexforms, which caused the wizard to fail. Resolves: #97761 Releases: 11.5 Change-Id: I9240becb81ddca22432e8ba55038978f30fcc449 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/76529 Reviewed-by:
-
- Oct 25, 2023
-
-
Markus Klein authored
A record may not have a t3ver_state, hence accessing this value must be safeguarded. Resolves: #102251 Releases: 12.4, 11.5 Change-Id: Ia2050171276891e08d2e84e750cfa894a7f3291f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81555 Tested-by:
-
Benjamin Franzke authored
Enable all current PER-CS2.0 rules in order to reflect our current state of coding style. This was missed in #102240 because pre merge didn't perform a full CGL run when @PER was switched to @PER-CS1.0. Resolves: #102247 Related: #102240 Releases: main, 12.4, 11.5 Change-Id: I0e1c833ad99c4e06767dee8a2c4bcb2bdee6eb68 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81542 Reviewed-by:
-
- Oct 24, 2023
-
-
Benjamin Franzke authored
PER-CS2.0 was added as clone of PER-CS1.0 in php-cs-fixer v3.27 in order to implement the new rules that are defined in PER Coding Style 2.0 [1]. The alias PER already points to PER-CS2.0 although the current set of rules are not implemented yet. [2] There is only one rule (single_line_empty_body) that is done by now and more will follow, so we rather pin to PER-CS1.0 for now (and enable single_line_empty_body which we already migrated to) in order to prevent having coding style changes with every php-cs-fixer raise. We rather wait until the 2.0 preset has been finished and is on par with the upstream php-fig definitions and then switch with one change. [1] https://www.php-fig.org/per/coding-style/ [2] https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues/7247 Resolves: #102240 Related: #102236 Releases: main, 12.4, 11.5 Change-Id: I33377e4e5016f1e5cc8ab08a9e71a933dcd41d93 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81539 Tested-by:
-
Christian Kuhn authored
It's time to update to latest changes of php-cs-fixer to align with current community rules. This brings a rather huge series of changes, main changes due to single_line_empty_body rule which now formats empty class and method body curly braces into a single line, plus changes from function_declaration rule which tends to avoid more whitespaces. The change has a slight impact on phpstan, we regenerate baseline. To reduce backport headaches, this change is backported to v12 and v11. > composer req --dev friendsofphp/php-cs-fixer:^3.35.1 > Build/Scripts/runTests.sh -s cgl > Build/Scripts/runTests.sh -s phpstanGenerateBaseline Resolves: #102236 Releases: main, 12.4, 11.5 Change-Id: Iea45b10667951672b2194033216c49f580799f55 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81514 Reviewed-by:
Jasmina Ließmann <minapokhalo+typo3@gmail.com> Reviewed-by:
-
- Oct 23, 2023
-
-
Christian Kuhn authored
When a page with a content element that has images assigned is copied in workspaces, a PHP array access error is raised since sys_file_reference TCA has no sortby ctrl. Add an appropriate null fallback. Resolves: #102231 Releases: main, 12.4, 11.5 Change-Id: I453a612a62a359156c8be2e087d1d121f1b9c3ea Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81467 Tested-by:
-
- Oct 20, 2023
-
-
Simon Schaufelberger authored
Most fixes relate to indefinite article usage "an vs a" and some typos. Resolves: #102074 Releases: main, 12.4, 11.5 Change-Id: Ief07759697828d94edde8902a912719f82b2b798 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81487 Tested-by:
-
- Oct 19, 2023
-
-
Simon Praetorius authored
It is already possible to use the "value" argument together with "property" in form ViewHelpers. This should be reflected in the ViewHelper documentation. One possible use case is a form to edit a user. For the password field you would want to define property="password", but also value="" to not expose the current password hash to the form. Resolves: #102206 Releases: main, 12.4, 11.5 Change-Id: I3c7b1a201e38ccef84efcc863075043cf461dd20 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81478 Tested-by:
Simon Praetorius <simon@praetorius.me> Reviewed-by:
-
- Oct 18, 2023
-
-
Markus Klein authored
`$TCA['ctrl']['title']` is optional and may not be set. Resolves: #102195 Releases: main, 12.4, 11.5 Change-Id: I38a5aa921515f48b2e35a0ebdb8bcdce646b5bd6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81458 Tested-by:
-
- Oct 17, 2023
-
-
Markus Klein authored
'transOrigPointerField' may not be set for a table Resolves: #102190 Releases: main, 12.4, 11.5 Change-Id: I79febf5d99774b5e22d03f42f9088c00fa98dfc4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81453 Reviewed-by:
-
- Oct 15, 2023
-
-
Philipp Kitzberger authored
Resolves: #102134 Releases: main, 12.4, 11.5 Change-Id: I3aaf6f2c8161579394a0dbe1c9f470edeb0a8bca Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81349 Tested-by:
-
- Oct 10, 2023
-
-
Oliver Hader authored
Change-Id: I8a909ce946355d701963d808e5fbea0bbec4ac63 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81402 Tested-by:
-
Oliver Hader authored
Change-Id: I30afe01b057286c45fd757f9f304daf2b11cc369 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81401 Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
- Oct 09, 2023
-
-
Chris Müller authored
Resolves: #102120 Releases: main, 12.4, 11.5 Change-Id: I690e880c03ca87ca0d6ed9efaa93e95938f9936d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81391 Reviewed-by:
-
Oliver Hader authored
> composer req --dev composer/composer ^2.2.22 Raised development dependencies, since v2.2.22 fixes CVE-2023-43655 which concerns "web-accessible server where the composer.phar can be executed as a php file" (which is not a security issue for TYPO3 in this case). Resolves: #102128 Releases: main, 12.4, 11.5 Change-Id: I3fd478fa7cee2c875b560f79cab94cb889d2b73a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81387 Reviewed-by:
-
- Oct 06, 2023
-
-
Chris Müller authored
Links from LTS versions to other manuals should reference the same version. Resolves: #102036 Releases: 12.4, 11.5 Change-Id: Ia127b21a7f23b97d6589376d9c1eff5c66e41490 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81331 Tested-by:
-
Simon Schaufelberger authored
DataHandler->copyRecord_raw can also return null. This should be reflected in the doc header as well. Resolves: #102098 Releases: main, 12.4, 11.5 Change-Id: Ic7a12233efd32b67f0bf25d6478a03f807a5623e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81353 Reviewed-by:
-
- Oct 05, 2023
-
-
Oliver Bartsch authored
The exception message now contains the invalid value as well as the only valid values. Resolves: #102041 Releases: 11.5 Change-Id: I8ae55d2a56e1a9c16b27d4ed66d15516f716b6ac Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81324 Tested-by:
-
- Oct 02, 2023
-
-
Oliver Bartsch authored
Resolves: #102063 Releases: main, 12.4, 11.5 Change-Id: I0ee1a4ec00ee972e9a2c8c3db442883125dacacd Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81306 Tested-by:
-
- Sep 28, 2023
-
-
Stefan Bürk authored
Sending a redirect response with a empty `Location` is invalid per RFC. Browser vendor are dealing differntly with it. * Firefox executes a redirect to the current url, leading to an `endless` redirect chain - stopping it after some recursions with a coresponding notice in the network tab. * Chrome determines this and is doing nothing at all with it - leading to a white page. From the [1] RFC regarding invalid URI spec for `Location`: > Note: Some recipients attempt to recover from Location > fields that are not valid URI references. This > specification does not mandate or define such > processing, but does allow it for the sake of > robustness. A matching redirect record with a manually entered `/` as redirect target leads in TYPO3 v11 to this behaviour. This can be mitigated by selecting the corresponding site root. For TYPO3 v12 and upwards a change in the LinkHandling has been introduced which properly handles the `/` in the link generation and correctly returning a `/` as redirect url. That change has quite some impact and is not reasonable to be backported to TYPO3 v11 within #100958. This change adds an additionally guard to the `RedirectHandler` to handle empty redirect urls as endless loop, just logging it and not responding with an redirect. This helps in v11 and keeps a safety guard for the future in this place. [1] https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.2 Resolves: #100791 Related: #100958 Releases: main, 12.4, 11.5 Change-Id: I2af2d5bf759a277ade45bd0f7740ffe0099003b3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81280 Tested-by:
-
- Sep 27, 2023
-
-
Andreas Fernandez authored
When the form is in "Preview" mode and an integrator either saves or switches to the form settings, the stage itself is updated to be in "Edit" mode again, but the internal state remains in "Preview" mode, causing glitches in the UI. This patch now disables the preview state in the form model everytime the "stage area", containing the editing interface, is rendered. Resolves: #102031 Releases: main, 12.4, 11.5 Change-Id: I84b0817bb99201527dbd4b950e560631e7b1d94f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81262 Reviewed-by:
-
Stefan Bürk authored
Storages using the local storage driver with a non existing base folder are put offline automatically. However, the file list module displays a to generic error message not pointing to that fact. This change adds a concrete check for this case and displays a more specific error flash message in the file list module now. This can be tested by creating a additional local storage with a non-existing relative path, for example: `fileadmin/not-existing-folder/` Resolves: #85323 Releases: main, 12.4, 11.5 Change-Id: Ie3ad64a99c0871d258470ffc858639dee4de1108 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81265 Reviewed-by:
-
- Sep 26, 2023
-
-
J. Peter M. Schuler authored
Feature #76085 introduced an admin panel option which shows red boxes with section and partials for easier debugging. However sometimes no partial name is shown in the output, because the retrieved name is not cleaned correctly. Resolves: #97509 Related: #76085 Releases: main, 12.4, 11.5 Change-Id: I087e3688fa8d5703c621e182f80b594492c11115 Signed-off-by:
J. Peter M. Schuler <j.peter.m.schuler@uni-due.de> Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81273 Tested-by:
-
- Sep 25, 2023
-
-
Ramón Schlosser authored
Resolves: #102029 Releases: main, 12.4, 11.5 Change-Id: Idfa299ece1011727da09421ee148a820dc4e0326 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81197 Tested-by:
-
Benjamin Franzke authored
RTE link classes that are configured via `buttons.link.properties.class.allowedClasses` are selectable in all link types in the link browser. Specific classes can be limited to specific link types with a separate configuration option `classesAnchor.{id}.type|class`. When such limits are active, classes that are *not* configured to associated/limited to a specfic type, remain listed and available for *all* link types. When an existing link with such type of globally allowed class is opened its value was cleared because it was not defined in the set of limits. This was an inconsistency as the link class was still selectable, but the selection was removed upon reoping such link. Such values are now preserved. Resolves: #102005 Releases: main, 12.4, 11.5 Change-Id: I0ad4273819f1d5a8e06f587b94fefb4598a07c13 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81169 Tested-by:
-
- Sep 22, 2023
-
-
Benni Mack authored
Resolves: #101185 Releases: main, 12.4, 11.5 Change-Id: If54f9308ac2928ce9521228593d6a3ef88713d51 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81192 Reviewed-by:
-
Georg Ringer authored
As the keyword field can be null, the value must be cast to a string. Resolves: #102002 Releases: main, 12.4, 11.5 Change-Id: Ic2e437c489c699833c2d51301bdff715f613ea6e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81171 Tested-by:
-
- Sep 21, 2023
-
-
Daniel Siepmann authored
The change log previously only mentioned the database impact. But code might access the field as array key on the user array. This would result in unexpected behaviour. Furthermore this would result in Warnings since PHP 8.0. The changelog is extended with the impact. That allows people to not only check database queries but also array access while migrating. Furthermore suggested migration class was replaced by the FQCN to ease migration. People do no longer need to find the FQCN. Furthermore it might exist a class with same name in the project from third party code, or it might be added another class in the future. Resolves: #101987 Releases: main, 12.4, 11.5 Change-Id: I475606e0f9a325880ee10339adaa2971985b05fa Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81144 Reviewed-by:
-
- Sep 20, 2023
-
-
Nikita Hovratov authored
Just like SvgImageProcessor, DeferredBackendImageProcessor now also catches the exception, which is thrown, when image dimensions equal zero and falls back to 64x64 image dimension. This enables editors to correct bad image cropping without the need to do it in the database. To be more specific, a new Exception ZeroImageDimensionException is added, which is used in both processors now. The image cropping editor is already fixed to only allow a minimum dimension of 10x10. However, already corrupted files can not be accessed without this patch. Resolves: #93807 Related: #99943 Releases: main, 12.4, 11.5 Change-Id: I259c365052dd02110d43418ba48b768bbe073fc1 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81133 Reviewed-by:
-
Benni Mack authored
When the crop object is serialized in a wrong manner or does not contain all information. In order to avoid PHP errors, the casting is done so the page still gets rendered. Resolves: #93138 Releases: main, 12.4, 11.5 Change-Id: Ia71dc81363c519a663c9cc91e2f0f200e7570832 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81065 Tested-by:
-
