Add missing typecast to prevent deprecation notice.

Resolves: #102396
Releases: 11.5
Change-Id: I49f22bac872b2485cb282ce26121a06e08f87810
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81802


Reviewed-by: Nikita Hovratov <nikita.h@live.de>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Nikita Hovratov <nikita.h@live.de>

This has already been fixed upstream as a drive-by change.

Resolves: #102388
Related: #97433
Releases: 11.5
Change-Id: Id3f8f541b077d4d3b51bdd794847249b4229768f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81760


Reviewed-by: Thomas Hohn <tho@gyldendal.dk>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Oliver Bartsch <bo@cedev.de>
Tested-by: core-ci <typo3@b13.com>

Backend responses must never be cached. The previously used
Cache-Control instruction "must-revalidate" implicitly enabled
caching in order to possibly reuse a response. While that
could only happen when two requests to the same URL are
invoked within one second (because the browsers
`If-Modified-Since` header and our `Last-Modified` header
match, causing the webserver to issue a 304 response),
that is certainly possible in CI setups or fast user clicks.

Use `no-store` in order to instruct browsers to not cache
and try revalidation at all.

Resolves: #102377
Releases: main, 12.4, 11.5
Change-Id: Ic05cad748f824e7a45a1740aca15cd2fc3595a79
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81756


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

Change-Id: Icde820cccfe18d323fcd0c208bac450cb83820d4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81739


Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

Change-Id: I121b8214fc0edf4cb901e3e5cbcda76c7a958c6a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81738


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>

See https://github.com/TYPO3/html-sanitizer/releases/tag/v2.1.4

composer req typo3/html-sanitizer:^2.1.4
composer req typo3/html-sanitizer:^2.1.4 \
   -d typo3/sysext/core --no-update

Resolves: #102169
Releases: main, 12.4, 11.5
Change-Id: I76edb7ff0dc66d3308d5c0875c2db56ca02addd7
Security-Bulletin: TYPO3-CORE-SA-2023-007
Security-References: CVE-2023-47125
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81732


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>

Given that there are two sites `site-a.com` and `site-b.com` in
the same TYPO3 installation, it was possible to reuse a session
cookie that was generated for `site-a.com` in `site-b.com`.

Since there are scenarios, where this is the expected behavior
– when sharing sessions across sub domains, so that an explicit
cookieDomain needs to be configured – user sessions IDs are now
signed with a combination of encryption key and desired cookie
domain, so that a cookie can only be used on the domain that the
cookie was created for.

For compatiblity with possible 3rd party authenticators, legacy
tokens will be accepted (but not created by TYPO3 core itself).

Resolves: #100885
Releases: main, 12.4, 11.5
Change-Id: I0d1c314c6e206ac12604ba6f859af78b958651dd
Security-Bulletin: TYPO3-CORE-SA-2023-006
Security-References: CVE-2023-47127
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81731


Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

We're in the process of establishing a new
core CI. This has more power and is better
optimized.
The resulting runtime changes reveal various
flaky acceptance tests. Most have been
problematic before already, but not as bad.
The patch adds various guards to acceptance
tests to reduce flakiness.

Resolves: #102363
Releases: main, 12.4, 11.5
Change-Id: Iff2c79411b39fffe659c78a8e889f8a804939bc4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81722


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>

TCA fields of type 'slug' can be configured with the property
generatorOptions.

Particularly, the short form of using a simple array for
the fields instead of a nested array is a common source
of confusion and the initially introduced changelog had
incorrect examples.

The changelog is improved as follows

- Fix the examples. The examples 2 and 3 showed incorrect
  results
- Use the multidimensional array in the source snippet
- Clarify that ['nav_title', 'title'] is the same as
  [['nav_title'], ['title']], but not the same as
  [['nav_title', 'title']]

Resolves: #89390
Releases: main, 12.4, 11.5
Change-Id: Ib1944c2a1eb9e2a69a0f169f316208cf46f9be84
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81727


Tested-by: core-ci <typo3@b13.com>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>

If a HMAC cannot be `json_decode`d (possibly due to old
saved pages or other outdated content), now a proper exception
is thrown instead of issuing a PHP warning.

Resolves: #97337
Releases: main, 12.4, 11.5
Change-Id: I12f5633a85508bf4099d72e474c24b5a0100498c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81719


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

With #99503 `cObjGet()` was implemented as a wrapper around
the strictly typed cObjGetSeparated method, effectively
enforcing the first argument to be an array, while
previously non array values were returned as an empty string.

Resolves: #102328
Related: #99503
Releases: main, 12.4, 11.5
Change-Id: I7c04307f14da5a93e12672b36de163071dad7359
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81662


Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

Invalid char encoding has slipped into an yaml
example snippet for ext:dashboard. This change
use the correct quoting to fix this.

Releases: main, 12.4, 11.5
Resolves: #102319
Change-Id: I3dd2fd7a1aec51ad3f1ace7c6b914371e9e12342
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81657


Tested-by: Andreas Kienast <a.fernandez@scripting-base.de>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Andreas Kienast <a.fernandez@scripting-base.de>

This adds a line break between concatenated "inline" JavaScripts
in order to keep JavaScript without trailing ';' valid.

Resolves: #99503
Releases: main, 12.4, 11.5
Change-Id: Icf902679c715687c5be2e5f572526608ce31f882
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81686


Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <ben@bnf.dev>

Resolves: #102192
Releases: main, 12.4, 11.5
Change-Id: I0cc48e27d32b6d6164d9d580121968610a9333b9
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81655


Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: core-ci <typo3@b13.com>

To prevents sql errors when inherit from
SuggestWizardDefaultReceiver and adding a
JOIN statement, the fields are now prefixed
with the table name.

Resolves: #102298
Releases: main, 12.4, 11.5
Change-Id: I608bd30df1b878aec8dbf611e70049c1be88778a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81651


Tested-by: core-ci <typo3@b13.com>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>

Minor CGL streamlinings from latest php-cs-fixer.

> composer req --dev friendsofphp/php-cs-fixer:^3.37.1
> Build/Scripts/runTests.sh -s cgl

Resolves: #102285
Releases: main, 12.4, 11.5
Change-Id: I0cc1fe3c0f81f62a49df00d62d57ef3c593c57df
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81611


Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>

The `EXT:felogin/Classes/Service/RecoveryService.php` makes use of
the local $uriBuilder instance building links, however it does
not `reset()` it's state before building a URL.

It seems this only creates an issue when used in conjunction with
`EXT:vhs` (possibly due to adapted fluid/object caching behavior?).

Fixing this by resetting the instance as recommended via
https://docs.typo3.org/m/typo3/reference-coreapi/main/en-us/ExtensionArchitecture/Extbase/Reference/UriBuilder.html
should take care of this, even though uriBuilder should be a
singleton only operating within the scope of a single
ActionController.

Resolves: #102203
Releases: main, 12.4, 11.5
Change-Id: Idb6089c4b43b6d3352fbbbbeedfa63770959def0
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81589


Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

This may be triggered by invalid FlexForm values
that does not contain a 'data' key for whatever
reason.

Resolves: #100733
Releases: main, 12.4, 11.5
Change-Id: I96924d65af56fd7cf2bb2a97fd4591b3c81f934f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81586


Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

Avoid the migration of empty flexforms, which caused the wizard to fail.

Resolves: #97761
Releases: 11.5
Change-Id: I9240becb81ddca22432e8ba55038978f30fcc449
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/76529


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

A record may not have a t3ver_state, hence
accessing this value must be safeguarded.

Resolves: #102251
Releases: 12.4, 11.5
Change-Id: Ia2050171276891e08d2e84e750cfa894a7f3291f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81555


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>

Enable all current PER-CS2.0 rules in order to reflect our current
state of coding style. This was missed in #102240 because pre merge
didn't perform a full CGL run when @PER was switched to @PER-CS1.0.

Resolves: #102247
Related: #102240
Releases: main, 12.4, 11.5
Change-Id: I0e1c833ad99c4e06767dee8a2c4bcb2bdee6eb68
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81542


Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>

PER-CS2.0 was added as clone of PER-CS1.0 in php-cs-fixer v3.27
in order to implement the new rules that are defined in
PER Coding Style 2.0 [1]. The alias PER already points to PER-CS2.0
although the current set of rules are not implemented yet. [2]
There is only one rule (single_line_empty_body) that is done by now
and more will follow, so we rather pin to PER-CS1.0 for now (and
enable single_line_empty_body which we already migrated to) in
order to prevent having coding style changes with every
php-cs-fixer raise. We rather wait until the 2.0 preset has been
finished and is on par with the upstream php-fig definitions and
then switch with one change.

[1] https://www.php-fig.org/per/coding-style/
[2] https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues/7247

Resolves: #102240
Related: #102236
Releases: main, 12.4, 11.5
Change-Id: I33377e4e5016f1e5cc8ab08a9e71a933dcd41d93
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81539


Tested-by: Benjamin Franzke <ben@bnf.dev>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>

It's time to update to latest changes of php-cs-fixer
to align with current community rules. This brings a
rather huge series of changes, main changes due to
single_line_empty_body rule which now formats empty
class and method body curly braces into a single line,
plus changes from function_declaration rule which tends
to avoid more whitespaces.

The change has a slight impact on phpstan, we
regenerate baseline.

To reduce backport headaches, this change is backported
to v12 and v11.

> composer req --dev friendsofphp/php-cs-fixer:^3.35.1
> Build/Scripts/runTests.sh -s cgl
> Build/Scripts/runTests.sh -s phpstanGenerateBaseline

Resolves: #102236
Releases: main, 12.4, 11.5
Change-Id: Iea45b10667951672b2194033216c49f580799f55
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81514


Reviewed-by: Jasmina Ließmann <minapokhalo+typo3@gmail.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Jasmina Ließmann <minapokhalo+typo3@gmail.com>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

When a page with a content element that has images
assigned is copied in workspaces, a PHP array access
error is raised since sys_file_reference TCA has
no sortby ctrl.

Add an appropriate null fallback.

Resolves: #102231
Releases: main, 12.4, 11.5
Change-Id: I453a612a62a359156c8be2e087d1d121f1b9c3ea
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81467


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>

Most fixes relate to indefinite article usage "an vs a" and some typos.

Resolves: #102074
Releases: main, 12.4, 11.5
Change-Id: Ief07759697828d94edde8902a912719f82b2b798
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81487


Tested-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>

It is already possible to use the "value" argument together
with "property" in form ViewHelpers. This should be reflected
in the ViewHelper documentation.

One possible use case is a form to edit a user. For the password
field you would want to define property="password", but also
value="" to not expose the current password hash to the form.

Resolves: #102206
Releases: main, 12.4, 11.5
Change-Id: I3c7b1a201e38ccef84efcc863075043cf461dd20
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81478


Tested-by: Simon Praetorius <simon@praetorius.me>
Reviewed-by: Simon Praetorius <simon@praetorius.me>
(cherry picked from commit 41f801b7)
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81460

`$TCA['ctrl']['title']` is optional and may
not be set.

Resolves: #102195
Releases: main, 12.4, 11.5
Change-Id: I38a5aa921515f48b2e35a0ebdb8bcdce646b5bd6
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81458


Tested-by: core-ci <typo3@b13.com>
Tested-by: Andreas Kienast <a.fernandez@scripting-base.de>
Reviewed-by: Andreas Kienast <a.fernandez@scripting-base.de>

'transOrigPointerField' may not be set for a table

Resolves: #102190
Releases: main, 12.4, 11.5
Change-Id: I79febf5d99774b5e22d03f42f9088c00fa98dfc4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81453


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

Resolves: #102134
Releases: main, 12.4, 11.5
Change-Id: I3aaf6f2c8161579394a0dbe1c9f470edeb0a8bca
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81349


Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>

Change-Id: I8a909ce946355d701963d808e5fbea0bbec4ac63
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81402


Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: core-ci <typo3@b13.com>

Change-Id: I30afe01b057286c45fd757f9f304daf2b11cc369
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81401


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>

Resolves: #102120
Releases: main, 12.4, 11.5
Change-Id: I690e880c03ca87ca0d6ed9efaa93e95938f9936d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81391


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>

> composer req --dev composer/composer ^2.2.22

Raised development dependencies, since v2.2.22 fixes
CVE-2023-43655 which concerns "web-accessible server
where the composer.phar can be executed as a php file"
(which is not a security issue for TYPO3 in this case).

Resolves: #102128
Releases: main, 12.4, 11.5
Change-Id: I3fd478fa7cee2c875b560f79cab94cb889d2b73a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81387


Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Benjamin Franzke <ben@bnf.dev>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Benjamin Franzke <ben@bnf.dev>

Links from LTS versions to other manuals should reference
the same version.

Resolves: #102036
Releases: 12.4, 11.5
Change-Id: Ia127b21a7f23b97d6589376d9c1eff5c66e41490
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81331


Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

DataHandler->copyRecord_raw can also return null.
This should be reflected in the doc header as well.

Resolves: #102098
Releases: main, 12.4, 11.5
Change-Id: Ic7a12233efd32b67f0bf25d6478a03f807a5623e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81353


Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>

The exception message now contains the invalid
value as well as the only valid values.

Resolves: #102041
Releases: 11.5
Change-Id: I8ae55d2a56e1a9c16b27d4ed66d15516f716b6ac
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81324


Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>

Resolves: #102063
Releases: main, 12.4, 11.5
Change-Id: I0ee1a4ec00ee972e9a2c8c3db442883125dacacd
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81306


Tested-by: Oliver Bartsch <bo@cedev.de>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Oliver Bartsch <bo@cedev.de>

Sending a redirect response with a empty `Location` is
invalid per RFC. Browser vendor are dealing differntly
with it.

* Firefox executes a redirect to the current url, leading
  to an `endless` redirect chain - stopping it after some
  recursions with a coresponding notice in the network tab.
* Chrome determines this and is doing nothing at all with
  it - leading to a white page.

From the [1] RFC regarding invalid URI spec for `Location`:

> Note: Some recipients attempt to recover from Location
>       fields that are not valid URI references. This
>       specification does not mandate or define such
>       processing, but does allow it for the sake of
>       robustness.

A matching redirect record with a manually entered `/` as
redirect target leads in TYPO3 v11 to this behaviour. This
can be mitigated by selecting the corresponding site root.

For TYPO3 v12 and upwards a change in the LinkHandling has
been introduced which properly handles the `/` in the link
generation and correctly returning a `/` as redirect url.
That change has quite some impact and is not reasonable to
be backported to TYPO3 v11 within #100958.

This change adds an additionally guard to the `RedirectHandler`
to handle empty redirect urls as endless loop, just logging
it and not responding with an redirect. This helps in v11 and
keeps a safety guard for the future in this place.

[1] https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.2

Resolves: #100791
Related: #100958
Releases: main, 12.4, 11.5
Change-Id: I2af2d5bf759a277ade45bd0f7740ffe0099003b3
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81280


Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Stefan Bürk <stefan@buerk.tech>

When the form is in "Preview" mode and an integrator either saves or
switches to the form settings, the stage itself is updated to be in
"Edit" mode again, but the internal state remains in "Preview" mode,
causing glitches in the UI.

This patch now disables the preview state in the form model everytime
the "stage area", containing the editing interface, is rendered.

Resolves: #102031
Releases: main, 12.4, 11.5
Change-Id: I84b0817bb99201527dbd4b950e560631e7b1d94f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81262


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: core-ci <typo3@b13.com>

Storages using the local storage driver with a non existing
base folder are put offline automatically. However, the file
list module displays a to generic error message not pointing
to that fact.

This change adds a concrete check for this case and displays
a more specific error flash message in the file list module now.

This can be tested by creating a additional local storage with
a non-existing relative path, for example:

    `fileadmin/not-existing-folder/`

Resolves: #85323
Releases: main, 12.4, 11.5
Change-Id: Ie3ad64a99c0871d258470ffc858639dee4de1108
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/81265


Reviewed-by: Stefan Bürk <stefan@buerk.tech>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Stefan Bürk <stefan@buerk.tech>