From a730b3599e74ed3c534dc27685f021271a8c7ec0 Mon Sep 17 00:00:00 2001 From: Kurt Gusbeth Date: Fri, 20 Jan 2023 14:57:50 +0100 Subject: [PATCH] version 4.0.3 --- Classes/Utility/HelpersUtility.php | 9 +++++++-- Documentation/ChangeLog/Index.rst | 6 ++++-- Documentation/Localization.de_DE/ChangeLog/Index.rst | 6 ++++-- README.md | 5 +++-- ext_emconf.php | 2 +- 5 files changed, 19 insertions(+), 9 deletions(-) diff --git a/Classes/Utility/HelpersUtility.php b/Classes/Utility/HelpersUtility.php index 0ada0af..b4a041c 100644 --- a/Classes/Utility/HelpersUtility.php +++ b/Classes/Utility/HelpersUtility.php @@ -83,8 +83,13 @@ public function checkLuxletterHash(array $user, string $hash): bool */ public function checkDirectmailAuthCode(array $user, string $authCode): bool { - return (preg_match('/^[0-9a-f]{40}$/', $authCode) && - ($authCode == \DirectMailTeam\DirectMail\Utility\AuthCodeUtility::getHmac($user, 'uid'))); + if (strlen($authCode) == 8) { + return (preg_match('/^[0-9a-f]{8}$/', $authCode) && + ($authCode == GeneralUtility::stdAuthCode($user, 'uid'))); + } else { + return (preg_match('/^[0-9a-f]{40}$/', $authCode) && + ($authCode == \DirectMailTeam\DirectMail\Utility\AuthCodeUtility::getHmac($user, 'uid'))); + } } /** diff --git a/Documentation/ChangeLog/Index.rst b/Documentation/ChangeLog/Index.rst index c1da6a2..d52aeab 100644 --- a/Documentation/ChangeLog/Index.rst +++ b/Documentation/ChangeLog/Index.rst @@ -119,7 +119,7 @@ Security fix: settings.doubleOptOut set from 0 to 1. You can set it to 0 if you Security fix: additional check added to the delete-action (it was possible to unsubscribe all users). -Security fix: Information Disclosure in the new- and unsubscribe-action. +Security fix: Information Disclosure in the new- and unsubscribe-action. Version 4.0.0/1: @@ -133,6 +133,8 @@ New task: import newsletter-subscribers from tt_address to fe_users. Setting preferXlfFile added. If 1, genders and email subjects will come from the xlf file instead of the settings. -Version 4.0.2: +Version 4.0.3: + +Compatibility to direct_mail 11 added. Bugfix: PHP 8 and delete-action. \ No newline at end of file diff --git a/Documentation/Localization.de_DE/ChangeLog/Index.rst b/Documentation/Localization.de_DE/ChangeLog/Index.rst index 66aa9ef..886964b 100644 --- a/Documentation/Localization.de_DE/ChangeLog/Index.rst +++ b/Documentation/Localization.de_DE/ChangeLog/Index.rst @@ -120,7 +120,7 @@ Security fix: settings.doubleOptOut von 0 auf 1 gesetzt. Kann man auf 0 setzen, Security fix: einen weiteren Check zur Abmelde-Funktion hinzugefügt (man konnte bisher alle Empfänger abmelden). -Security fix: "Information Disclosure" in der new- und unsubscribe-action. +Security fix: "Information Disclosure" in der new- und unsubscribe-action. Version 4.0.0/1: @@ -134,6 +134,8 @@ Neuer Task: importiere Newsletter-Abonnenten von tt_address nach fe_users. Setting preferXlfFile hinzugefügt. Anreden und E-Mail-Betreff kommen aus der xlf-Datei anstatt aus den Settings, wenn 1. -Version 4.0.2: +Version 4.0.3: + +Compatibility to direct_mail 11 added. Bugfix: PHP 8 und delete-action. \ No newline at end of file diff --git a/README.md b/README.md index 4d1ab26..1898995 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # fp_newsletter -version 4.0.2 +version 4.0.3 The TYPO3 extension fp_newsletter is designed to provide a newsletter subscription and unsubscription service for the table tt_address which can be used by the extension direct_mail OR for the table fe_users which can be used by luxletter. @@ -42,5 +42,6 @@ Version 4.0.0/1: - New task: import newsletter-subscribers from tt_address to fe_users. - Setting preferXlfFile added. If 1, genders and email subjects will come from the xlf file instead of the settings. -Version 4.0.2: +Version 4.0.3: +- Compatibility to direct_mail 11 added. - Bugfix: PHP 8 and delete-action. \ No newline at end of file diff --git a/ext_emconf.php b/ext_emconf.php index 9dfb5e1..ec56a1c 100644 --- a/ext_emconf.php +++ b/ext_emconf.php @@ -18,7 +18,7 @@ 'author_company' => 'fixpunkt werbeagentur gmbh', 'state' => 'stable', 'clearCacheOnLoad' => 0, - 'version' => '4.0.2', + 'version' => '4.0.3', 'constraints' => [ 'depends' => [ 'typo3' => '10.4.6-11.5.99'