- Jan 30, 2023
-
-
Oliver Bartsch authored
The method `getContentObject()` might return null. This is now properly handled in the MenuProcessor and LanguageMenuProcessor. Resolves: #99722 Releases: main, 11.5 Change-Id: Iebaa2324c59032bd10610c2a63156168777070db Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77614 Tested-by:
Oliver Bartsch <bo@cedev.de> Tested-by:
core-ci <typo3@b13.com> Reviewed-by:
Nikita Hovratov <nikita.h@live.de> Tested-by:
-
- Jan 27, 2023
-
-
Andreas Fernandez authored
The class `PageLayoutController` has some custom methods to fetch data of localized pages: * `getLocalizedPageRecord()` * `getLocalizedPageTitle()` The same data can be retrieved using the standardized method `PageRepository->getPageOverlay()`, which replaces the aforementioned methods. Resolves: #99613 Releases: main, 11.5 Change-Id: I06a374411b34211ed45d57f30d142ead7c7e6fba Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77620 Reviewed-by:
-
Oliver Bartsch authored
The "titleLen" setting is now respected in the page modules' "language mode" to prevent overlapping of long page titles. Note: Overlapping might still happen, depending on the configured "titleLen" value, the current display resolution and the number of languages being displayed (when "All languages" is selected). Resolves: #99729 Releases: main, 11.5 Change-Id: I02458e5b7b0d136303499a83fb6c2fcb5bbc0ef8 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77618 Tested-by:
-
Thomas Hohn authored
If fe_groups are deleted building the labels for the fe_groups in titleAttribForPages will throw a PHP warning. Resolves: #99712 Releases: main, 11.5 Change-Id: I61a340b74096c0da6eccc2eb0cd425c9fe02b71c Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77578 Tested-by:
Stefan Bürk <stefan@buerk.tech> Tested-by:
-
- Jan 26, 2023
-
-
Oliver Bartsch authored
When calculating the number of hidden elements for the currently displayed language columns in the page module, the corresponding language constraint is now properly set. Considering more then one language is now only done, in case language mode with a language > 0 is selected. Additionally, L=-1 is now properly taken into account. Some further cleanup of the method is done. The actually defined field names of corresponding enable columns are now used instead of the static ones. Resolves: #99720 Releases: main, 11.5 Change-Id: I751ea0d2f2de88d5eb208215bb81543fc01ca32b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77617 Tested-by:
Fabien Udriot <fudriot@omic.ch> Tested-by:
-
Andreas Fernandez authored
The method `sendChangeCommand()` now builds a proper payload by pushing data into `params.data.copy` prior to the non-exisiting `data.copy` array. Resolves: #99726 Releases: main, 11.5 Change-Id: I96f279cb2f5eedc4a6658f89f0975c8a14bd42c1 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77612 Tested-by:
-
- Jan 25, 2023
-
-
Achim Fritz authored
EXT:frontend's Preview simulation already sets the userGroup values properly, which allows to simulate a usergroup. However, this change also needs to be set in EXT:adminpanel in order to allow usergroups. This change adds the same change (see #96381) as in PreviewSimulator in EXT:adminpanel. This is required as otherwise, the Frontend user would re-set the userGroup in FrontendUserAuthentication->createUserAspect() Resolves: #99718 Related: #96381 Releases: main, 11.5 Change-Id: I346f14e2c7bd655efe3883c3a1543bddff8364e8 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77577 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
Benni Mack authored
Resolves: #98630 Releases: main, 11.5 Change-Id: Iae48bf68a9f18a33e86d79cf7826617e2b3d48c6 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77570 Reviewed-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by:
-
Oliver Bartsch authored
Prior to the introduction of the column selector in #84184, did a boolean flag "$addDateFields" define whether record date fields (tstamp and crdate) should be added to the available field list. Actually, those fields were always added, because all usages of the corresponding method set either "$addDateFields" or "$dontCheckUser" to TRUE. This fact is now restored by always adding the mentioned fields. Resolves: #98574 Related: #84184 Releases: main, 11.5 Change-Id: I4f212aaf62d9dec26530f6f7a39f1135d684d015 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77601 Tested-by:
-
- Jan 24, 2023
-
-
Thomas Hohn authored
Since $conf['externalBlocks.'][$tagName . '.'] can be null, added a null coalescing check to ensure that $cfg contains a valid value. Resolves: #99706 Releases: main, 11.5 Change-Id: Ia80bc50504e27eb0155232e1f1eb956f9b88ac79 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77576 Reviewed-by:
-
Benni Mack authored
Resolves: #98681 Releases: main, 11.5 Change-Id: I4d7bc72efe4256c5e5d9009afd9327428f2661d4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77567 Tested-by:
-
Benni Mack authored
Resolves: #99270 Related: #99572 Releases: main, 11.5 Change-Id: I0b3aed81b7ee5d8449c1db962b423fc4fb542287 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77575 Tested-by:
-
Benni Mack authored
Resolves: #99255 Releases: main, 11.5 Change-Id: I10981e55a9efe2a891bf61ca304a287ec2759aad Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77574 Tested-by:
-
Benni Mack authored
Resolves: #99315 Releases: main, 11.5 Change-Id: Ib6bae3be83742212d063bd7b746bb2885d79222b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77572 Tested-by:
-
Benni Mack authored
Change-Id: I92ccd2aaed0332becb806e83e2d886813c740909 Resolves: #98966 Resolves: #98425 Releases: main, 11.5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77573 Tested-by:
-
- Jan 23, 2023
-
-
Oliver Hader authored
When rendering preview images of online-media assets (YouTube, etc.), the corresponding image is retrieved from the remote host and stored in typo3temp. In case configured dimension and file extension of the target file are not different, the image won't be processed and thus not stored in a public FAL storage. Resolves: #99550 Releases: main, 11.5 Change-Id: Ib2e28b2e5d2bc4ea96207917ca8f26f407f53856 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77543 Reviewed-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
-
Oliver Bartsch authored
The SiteInterface provides the "getDefaultLanguage()" method, which will always return the first configured language - usually L=0. However, this language might be disabled, which means, it should not be visible in frontend context. The PageContentErrorHandler therefore now tries to fetch the first enabled language, in case the requested language id does not exist in the current site and the sites' default language is disabled. Resolves: #99530 Releases: main, 11.5 Change-Id: Ib02cbd8f01a4fc1a69be46ad2015e8863553fae0 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77440 Tested-by:
-
Nikita Hovratov authored
Resolves: #99410 Releases: 11.5 Change-Id: I354ed27532f7f07ef070488866e685762fe14165 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77426 Tested-by:
-
Georg Ringer authored
Resolves: #99213 Releases: 11.5 Change-Id: I1a664d2e4b9c84063383769f956609390e8c3021 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77371 Reviewed-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
Christian Kuhn <lolli@schwarzbu.ch> Tested-by:
-
- Jan 22, 2023
-
-
Thomas Hohn authored
Ensure that call to parse_url in http_makelinks handles parsing error correctly. Resolves: #99653 Releases: main, 11.5 Change-Id: I056d1737a27607f5f2ae9832a5ee495ccf7494c8 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77439 Tested-by:
-
- Jan 20, 2023
-
-
David Blatter authored
A tca column with a SITE: placeholder inside the foreign_table_where config whould not work when used as a foreign_selector in an irre. To make it work, this change adds the resolved site from the parent context. Resolves: #99382 Releases: main, 11.5 Change-Id: I39658576da3159c071a46505683b8641eb3bada4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77516 Tested-by:
-
Benni Mack authored
This change prevents triggering a updateModuleData in CLI, which happens when e.g. running a importer on CLI which then updates Slugs automatically via CLI, which in turn trigger setUpdateSignal in EXT:redirects' SlugService.php. Resolves: #99656 Releases: main, 11.5 Change-Id: Ia0eae69820b0f7c762542cd6c06ad6d8ee45b789 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77517 Tested-by:
-
Josef Glatz authored
This patch extends the documentation of typo3/cms-redirects by an example of redirecting to an relative target while using regular-expressions. This adds more clarity for TYPO3 integrators and administrators. Resolves: #99639 Releases: main, 11.5 Change-Id: I6f6e24b5cf0a378d0efe0c7266c9abf249559e7d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77438 Tested-by:
-
- Jan 19, 2023
-
-
linawolf authored
One place has been overseen, when stabilizing deserialization in scheduler. The automatic cleaning of stuck executions now also uses the TaskSerializer to catch potential InvalidTaskExceptions. The info log message contains dummy values in such a case. Resolves: #99605 Related: #92466 Releases: main, 11.5 Change-Id: Id100991dbba61d7761987f0a0bdd04415ad86891 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77437 Tested-by:
-
- Jan 18, 2023
-
-
Chris Müller authored
The docblock of the class is rendered for documentation, see: https://docs.typo3.org/other/typo3/view-helper-reference/main/en-us/typo3/fluid/latest/Format/Html.html This information should therefore be mentioned. Related: #99031 Resolves: #99536 Resolves: https://github.com/TYPO3-Documentation/Changelog-To-Doc/issues/250 Releases: main, 11.5 Change-Id: I6f21710975a8916e27cdcd38c0bcb83a129319ea Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77436 Tested-by:
-
Benni Mack authored
TYPO3's log is mostly covered with "Locale fr_FR.UTF-8 not found", which can be simplified, if setlocale() is not working properly. The POSIX Platform suffix "UTF-8" is then removed, and setlocale() is called again with "fr_FR" instead of "fr_FR.UTF-8" thus avoiding log flooding in some systems. Resolves: #99591 Releases: main, 11.5, 10.4 Change-Id: I4609d453c29a306d448bcdc3277b51a344af28ae Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77434 Tested-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Reviewed-by:
-
- Jan 17, 2023
-
-
Oliver Hader authored
Using CSP directive `style-src 'unsafe-inline'` seems to be fine for directly requested SVG files, since corresponding definitions are bound to the corresponding resource. Loading styles from any other external resource is still denied. Resolves: #93884 Releases: main, 11.5, 10.4 Change-Id: Ifddf8782ecaa81bf26026ae8850d8c53b7977bd7 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77456 Reviewed-by:
-
Nikita Hovratov authored
Since the introduction of always absolute (web) paths inside the TYPO3 backend, the TCA ctrl option `selicon_field` didn't work anymore since relative web paths like `fileadmin/file.png` changed to `/fileadmin/file.png`, which were not handled and resulted in a missing icon. This patch extends the condition for checking for absolute paths and prevents the GU:getFileAbsFileName method from turning web paths into empty strings. Resolves: #95572 Resolves: #97442 Related: #95027 Releases: main, 11.5 Change-Id: I1b82f71fe4f0636bd786d102f361ca60c1294af9 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77431 Tested-by:
-
Christian Kuhn authored
Resolves: #99582 Releases: main, 11.5 Change-Id: Ib7a0f546f025eed37bac6b494f29865494841787 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77430 Reviewed-by:
-
Georg Ringer authored
Set the argument `muted` if autoplay is enabled for vimeo and local videos - just as done for YouTube videos in #96320 Resolves: #99301 Resolves: #99461 Related: #96320 Releases: main, 11.5 Change-Id: I81848a724dc736b49c4c98c4c2f59627be169f8d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77432 Tested-by:
-
Oliver Klee authored
The new version finds some more potential problems. > composer req --dev phpstan/phpstan:^1.9.12 > ./Build/Scripts/runTests.sh -s phpstanGenerateBaseline Resolves: #99573 Releases: main, 11.5 Change-Id: Ieee3a5881a854946cb180965e4f182b27ea05aaf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77420 Tested-by:
-
Christian Kuhn authored
Resolves: #99572 Releases: main, 11.5 Change-Id: I65fe76b733b6b0fce9ebb7dd54759ae673ab1755 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77418 Reviewed-by:
Jasmina Ließmann <minapokhalo+typo3@gmail.com> Tested-by:
-
Christian Kuhn authored
Just another sanitation in lowlevel QueryGenerator. Resolves: #99568 Related: #98536 Releases: main, 11.5 Change-Id: Id7d8aa9856e7e148964bff0ef66e7c7b69bd6aaf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77414 Tested-by:
-
Torben Hansen authored
The `redirectMode=referer` configuration allows to process a redirect after a successful login to an evaluated referer value. For the legacy version of the felogin plugin, the referer value has been evaluated using the GET/POST parameter `referer` and the `HTTP_REFERER` as fallback. The extbase version of the felogin plugin currently only evaluates the GET/POST parameter `referer`. This patch adds the missing `HTTP_REFERER` fallback evaluation of the referer. Resolves: #91844 Releases: main, 11.5 Signed-off-by:
Torben Hansen <derhansen@gmail.com> Change-Id: Id4119b0425ddca09a350f4d8d8a6ebb4d3b3135b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77401 Tested-by:
-
- Jan 16, 2023
-
-
Sybille Peters authored
Checking for duplicate slugs in DataHandler will now make sure that no two fields with the same slug exist, where one of them has a language of -1. Existing records are not migrated. This could be done in a followup patch or with a community extension. When new records are created or changed which have a field of type "slug", a unique handling ensures that no records exists with the same slug (depending on the additional settings "unique", "uniqueInSite" and "uniqueInPid"). The language is considered as well: Records with the same slug can exist if the language differs. But language -1 was not considered previously. Since -1 means all language, no other record with the same slug should exist in ANY language if a record with language -1 exists. Resolves: #99529 Releases: main, 11.5 Change-Id: I919c3a3954df02cd55c701c480f6c1a8c87d84d5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77407 Tested-by:
-
Georg Ringer authored
As the selection "explain" only works for Mysql, it should also only be displayed then. Resolves: #99512 Releases: main, 11.5 Change-Id: I93ddf86d1f63ef124feb2b72e86f32d8260ad99f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77395 Tested-by:
-
linawolf authored
Resolves: #99542 Releases: main, 11.5 Change-Id: Ifa05cc27825bc4c89dd9b08f66c03505270fd815 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77393 Tested-by:
-
Elias Häußler authored
When authenticating and fetching user records, appropriate methods normally pass around either the full database record or `false` in case the user does not exist or could not be authenticated. The expected types are now added to all relevant methods in authentication services. Resolves: #99544 Releases: main, 11.5 Change-Id: Ib45440a39e64b5ac5a1f1c4799e2f59cb13526bf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77335 Reviewed-by:
-
- Jan 13, 2023
-
-
Philipp Kitzberger authored
When pressing the save+preview button for a non-page record the local PageTS is not being ignored anymore and leads the user to the right page in the frontend. Resolves: #96667 Releases: main, 11.5 Change-Id: Ibb3e9a549ca59bfd3a71649e2970d1d534c2c0e5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77377 Tested-by:
-
- Jan 12, 2023
-
-
Christian Kuhn authored
TCA "type=none" with "pass_content=false" (styleguide elements basic none_2) or without pass_content at all (styleguide elements basic none_4) double encodes the value. Testable using styleguide with some DB value like "l<u>i</u>p", which needs to be manually put into DB since none fields do not persist data using the backend. Note pass_content=true is documented to not hsc() the value at all, which is not true since TYPO3 v7, a htmlspecialchars() is still applied. Not encoding HTML is a potential security risk, so the patch now only fixes the "pass_content=false" and "not set" scenario to no longer double encode, and another patch will remove the pass_content option in v12 entirely with a TCA migration and deprecation note stating the option did not work since 2017 anyways. Resolves: #99522 Releases: main, 11.5 Change-Id: Ic19ad991d0f17925d5f56fb34126a7cf8f6e6aab Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77334 Tested-by:
-
