Permalink
Browse files

Merge branch 'hotfix/2.11.9' into lts

  • Loading branch information...
leofeyer committed Feb 5, 2013
2 parents bfa7fe6 + 999a51f commit 4bd7b999b08b3fd2365e898fb79fed782d3a90f5
Showing with 429 additions and 77 deletions.
  1. +41 −0 CHANGELOG.md
  2. +12 −0 contao/password.php
  3. +2 −0 plugins/tinyMCE/plugins/spellchecker/classes/GoogleSpell.php
  4. +124 −0 plugins/tinyMCE/tiny_mce_gzip.js
  5. +1 −1 system/constants.php
  6. +29 −5 system/drivers/DC_Table.php
  7. +4 −4 system/functions.php
  8. +15 −11 system/libraries/Controller.php
  9. +84 −12 system/libraries/Date.php
  10. +25 −21 system/libraries/Widget.php
  11. +1 −1 system/modules/backend/DataContainer.php
  12. +3 −3 system/modules/backend/dca/tl_member.php
  13. +17 −0 system/modules/backend/dca/tl_theme.php
  14. +1 −0 system/modules/backend/languages/de/tl_theme.php
  15. +1 −0 system/modules/backend/languages/en/tl_theme.php
  16. +1 −1 system/modules/faq/ModuleFaqPage.php
  17. +1 −1 system/modules/frontend/Form.php
  18. +11 −5 system/modules/frontend/ModulePersonalData.php
  19. +1 −1 system/modules/frontend/templates/moo_mediabox.html5
  20. +2 −1 system/modules/frontend/templates/moo_slimbox.html5
  21. +9 −3 system/modules/registration/ModuleRegistration.php
  22. +3 −1 system/modules/rep_base/RepositorySettings.php
  23. +1 −1 system/modules/rep_client/themes/default/backend.css
  24. +28 −0 system/modules/rep_client/themes/default/backend_src.css
  25. BIN system/themes/default/images/store.gif
  26. +1 −1 system/themes/default/main.css
  27. +11 −1 system/themes/default/src/main.css
  28. +0 −1 system/tmp/bc2b06d0d6aef24c1d8441404a74cef4.txt
  29. +0 −1 system/tmp/e0bda8197e58839fe38b56adbfec55ff.txt
  30. +0 −1 system/tmp/fed36e93a0509e20f2dc96cbbd85b678.txt
View
@@ -1,6 +1,47 @@
Contao Open Source CMS Changelog
================================
+Version 2.11.9 (2013-02-05)
+---------------------------
+
+### Fixed
+Support numeric front end dates in the form generator (see #5238).
+
+### Fixed
+Support whitespace characters when parsing simple tokens (see #5323).
+
+### Fixed
+Allow to run multiple TinyMCE instances with different configurations on the
+same page (thanks to Andreas Schempp) (see #4453).
+
+### Fixed
+Correctly trigger the "saveNewPassword" hook (see #5247).
+
+### Fixed
+Consider the `save_callback` of the password field in `tl_user` when a back end
+user is forced to change his password (see #5138).
+
+### Fixed
+Do not group standalone lightbox elements on HTML5 pages (see #3742).
+
+### Fixed
+Anonymize IP addresses in `Form::processFormData()` (see #5255).
+
+### Fixed
+Replaced the 1200 pixel limit when resizing images with the values defined in
+the system settings (see #5268).
+
+### Fixed
+Make sure there is an array in `Controller::generateMargin()` (see #5217).
+
+### Fixed
+More robust input validation in the back end filter menu and no more absolute
+paths in error messages printed to the screen (thanks to aulmn) (see #4971).
+
+### Fixed
+Unset non-existing fields when restoring versions (see #5219).
+
+
Version 2.11.8 (2013-01-07)
---------------------------
View
@@ -113,6 +113,18 @@ public function run()
}
else
{
+ $this->loadDataContainer('tl_user');
+
+ // Trigger the save_callback
+ if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback']))
+ {
+ foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'] as $callback)
+ {
+ $this->import($callback[0]);
+ $pw = $this->$callback[0]->$callback[1]($pw);
+ }
+ }
+
$strSalt = substr(md5(uniqid(mt_rand(), true)), 0, 23);
$strPassword = sha1($strSalt . $pw);
@@ -53,6 +53,8 @@ function &getSuggestions($lang, $word) {
}
function &_getMatches($lang, $str) {
+ $lang = preg_replace('/[^a-z\-]/i', '', $lang); // Sanitize, remove everything but a-z or -
+ $str = preg_replace('/[\x00-\x1F\x7F]/', '', $str); // Sanitize, remove all control characters
$server = "www.google.com";
$port = 443;
$path = "/tbproxy/spell?lang=" . $lang . "&hl=en";
@@ -1,3 +1,12 @@
+/**
+ * tiny_mce_gzip.js
+ *
+ * Copyright 2010, Moxiecode Systems AB
+ * Released under LGPL License.
+ *
+ * License: http://tinymce.moxiecode.com/license
+ * Contributing: http://tinymce.moxiecode.com/contributing
+ */
var tinyMCE_GZ = {
settings : {
themes : '',
@@ -135,3 +144,118 @@ var tinyMCE_GZ = {
se.parentNode.removeChild(se);
}
};
+
+
+/**
+ * Allow to run multiple TinyMCE instances with different
+ * configurations on the same page
+ *
+ * @copyright Andreas Schempp, 2013
+ */
+var tinyMCE_GZ_shim = tinyMCE_GZ_shim || (function() {
+ "use strict";
+
+ var tinyMCE_GZ = window.tinyMCE_GZ,
+ tinyMCE = null,
+ initialized = false,
+ config_gz = [],
+ config_tiny = {};
+
+ var create_shim = function(t, s) {
+ var shim, k;
+
+ if (Object.create) {
+ shim = Object.create(t);
+ for (k in s) {
+ if (s.hasOwnProperty(k)) {
+ shim[k] = s[k];
+ }
+ }
+ } else {
+ shim = s;
+ shim.__proto__ = t;
+ }
+
+ return shim;
+ }
+
+ var array_unique = function(arr) {
+ var unique = [],
+ i, total;
+
+ arr = arr.sort();
+
+ for (i=0, total=arr.length; i<total; i++) {
+ if (arr[i + 1] != arr[i]) {
+ unique.push(arr[i]);
+ }
+ }
+
+ return unique;
+ }
+
+ var tinyMCE_GZ_shim = {
+ init: function(s) {
+ config_gz.push(s)
+ }
+ }
+
+ var tinyMCE_shim = {
+ init: function(s) {
+ var elements = s.elements.split(','),
+ i, total;
+
+ for (i=0, total=elements.length; i<total; i++) {
+ config_tiny[elements[i]] = s;
+ }
+ },
+ execCommand: function(c, u, v) {
+ initialize();
+
+ if (tinyMCE && typeof config_tiny[v] != 'undefined') {
+ tinyMCE.init(config_tiny[v]);
+ tinyMCE.execCommand(c, u, v);
+ }
+ }
+ }
+
+ var initialize = function() {
+ if (initialized) return;
+
+ var settings = {plugins:[], themes:[], languages:[]},
+ i, s, k, total;
+
+ for (i=0, total=config_gz.length;i<total; i++) {
+ s = config_gz[i];
+
+ for (k in s) {
+ if (k == 'plugins' || k == 'themes' || k == 'languages') {
+ [].push.apply(settings[k], s[k].split(','));
+ }
+ else if (s.hasOwnProperty(k)) {
+ settings[k] = s[k];
+ }
+ }
+ }
+
+ settings.plugins = array_unique(settings.plugins).join(',');
+ settings.themes = array_unique(settings.themes).join(',');
+ settings.languages = array_unique(settings.languages).join(',');
+
+ // load tinyMCE
+ tinyMCE_GZ.init(settings);
+
+ tinyMCE = window.tinyMCE;
+ tinyMCE_shim = create_shim(tinyMCE, tinyMCE_shim);
+ window.tinyMCE = tinyMCE_shim;
+
+ initialized = true;
+ }
+
+ window.tinyMCE = tinyMCE_shim;
+ tinyMCE_GZ_shim = create_shim(tinyMCE_GZ, tinyMCE_GZ_shim);
+
+ return tinyMCE_GZ_shim;
+})();
+
+window.tinyMCE_GZ = tinyMCE_GZ_shim;
View
@@ -57,7 +57,7 @@
* the web browser reload those resources after a Contao update.
*/
define('VERSION', '2.11');
-define('BUILD', '8');
+define('BUILD', '9');
define('LONG_TERM_SUPPORT', true);
define('CODEMIRROR', '2.2');
define('DATEPICKER', '2.1.1');
@@ -1575,6 +1575,18 @@ public function edit($intID=null, $ajaxId=null)
if (is_array($data))
{
+ // Get the currently available fields
+ $arrFields = array_flip($this->Database->getFieldnames($this->strTable));
+
+ // Unset fields that do not exist (see #5219)
+ foreach (array_keys($data) as $k)
+ {
+ if (!isset($arrFields[$k]))
+ {
+ unset($data[$k]);
+ }
+ }
+
$this->Database->prepare("UPDATE " . $objData->fromTable . " %s WHERE id=?")
->set($data)
->execute($this->intId);
@@ -4295,8 +4307,14 @@ protected function sortMenu()
// Set sorting from user input
if ($this->Input->post('FORM_SUBMIT') == 'tl_filters')
{
- $session['sorting'][$this->strTable] = in_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$this->Input->post('tl_sort')]['flag'], array(2, 4, 6, 8, 10, 12)) ? $this->Input->post('tl_sort').' DESC' : $this->Input->post('tl_sort');
- $this->Session->setData($session);
+ $strSort = $this->Input->post('tl_sort');
+
+ // Validate the user input (thanks to aulmn) (see #4971)
+ if (in_array($strSort, $sortingFields))
+ {
+ $session['sorting'][$this->strTable] = in_array($GLOBALS['TL_DCA'][$this->strTable]['fields'][$strSort]['flag'], array(2, 4, 6, 8, 10, 12)) ? "$strSort DESC" : $strSort;
+ $this->Session->setData($session);
+ }
}
// Overwrite the "orderBy" value with the session value
@@ -4354,13 +4372,19 @@ protected function limitMenu($blnOptional=false)
// Set limit from user input
if ($this->Input->post('FORM_SUBMIT') == 'tl_filters' || $this->Input->post('FORM_SUBMIT') == 'tl_filters_limit')
{
- if ($this->Input->post('tl_limit') != 'tl_limit')
+ $strLimit = $this->Input->post('tl_limit');
+
+ if ($strLimit == 'tl_limit')
{
- $session['filter'][$filter]['limit'] = $this->Input->post('tl_limit');
+ unset($session['filter'][$filter]['limit']);
}
else
{
- unset($session['filter'][$filter]['limit']);
+ // Validate the user input (thanks to aulmn) (see #4971)
+ if ($strLimit == 'all' || preg_match('/^[0-9]+,[0-9]+$/', $strLimit))
+ {
+ $session['filter'][$filter]['limit'] = $strLimit;
+ }
}
$this->Session->setData($session);
View
@@ -153,11 +153,11 @@ function __error($intType, $strMessage, $strFile, $intLine)
$strMessage = sprintf('<strong>%s</strong>: %s in <strong>%s</strong> on line <strong>%s</strong>',
$arrErrors[$intType],
$strMessage,
- $strFile,
+ str_replace(TL_ROOT, '', $strFile), // see #4971
$intLine);
$e = new Exception();
- $strMessage .= "\n" . '<pre style="margin:11px 0 0">' . "\n" . $e->getTraceAsString() . "\n" . '</pre>';
+ $strMessage .= "\n" . '<pre style="margin:11px 0 0">' . "\n" . str_replace(TL_ROOT, '', $e->getTraceAsString()) . "\n" . '</pre>';
echo '<br>' . $strMessage;
}
}
@@ -194,10 +194,10 @@ function __exception($e)
$strMessage = sprintf('<strong>Fatal error</strong>: Uncaught exception <strong>%s</strong> with message <strong>%s</strong> thrown in <strong>%s</strong> on line <strong>%s</strong>',
get_class($e),
$e->getMessage(),
- $e->getFile(),
+ str_replace(TL_ROOT, '', $e->getFile()), // see #4971
$e->getLine());
- $strMessage .= "\n" . '<pre style="margin:11px 0 0">' . "\n" . $e->getTraceAsString() . "\n" . '</pre>';
+ $strMessage .= "\n" . '<pre style="margin:11px 0 0">' . "\n" . str_replace(TL_ROOT, '', $e->getTraceAsString()) . "\n" . '</pre>';
echo '<br>' . $strMessage;
}
@@ -1006,7 +1006,7 @@ protected function getImage($image, $width, $height, $mode='', $target=null, $fo
}
// Return the path to the original image if the GDlib cannot handle it
- if (!extension_loaded('gd') || !$objFile->isGdImage || $objFile->width > $GLOBALS['TL_CONFIG']['gdMaxImgWidth'] || $objFile->height > $GLOBALS['TL_CONFIG']['gdMaxImgHeight'] || (!$width && !$height) || $width > 1200 || $height > 1200)
+ if (!extension_loaded('gd') || !$objFile->isGdImage || $objFile->width > $GLOBALS['TL_CONFIG']['gdMaxImgWidth'] || $objFile->height > $GLOBALS['TL_CONFIG']['gdMaxImgHeight'] || (!$width && !$height) || $width > $GLOBALS['TL_CONFIG']['gdMaxImgWidth'] || $height > $GLOBALS['TL_CONFIG']['gdMaxImgHeight'])
{
return $this->urlEncode($image);
}
@@ -2486,11 +2486,11 @@ protected function parseSimpleTokens($strBuffer, $arrData)
{
if (strncmp($strTag, '{if', 3) === 0)
{
- $strReturn .= preg_replace('/\{if ([A-Za-z0-9_]+)([=!<>]+)([^;$\(\)\[\] ]+).*\}/i', '<?php if ($arrData[\'$1\'] $2 $3): ?>', $strTag);
+ $strReturn .= preg_replace('/\{if ([A-Za-z0-9_]+)([=!<>]+)([^;$\(\)\[\]\}]+).*\}/i', '<?php if ($arrData[\'$1\'] $2 $3): ?>', $strTag);
}
elseif (strncmp($strTag, '{elseif', 7) === 0)
{
- $strReturn .= preg_replace('/\{elseif ([A-Za-z0-9_]+)([=!<>]+)([^;$\(\)\[\] ]+).*\}/i', '<?php elseif ($arrData[\'$1\'] $2 $3): ?>', $strTag);
+ $strReturn .= preg_replace('/\{elseif ([A-Za-z0-9_]+)([=!<>]+)([^;$\(\)\[\]\}]+).*\}/i', '<?php elseif ($arrData[\'$1\'] $2 $3): ?>', $strTag);
}
elseif (strncmp($strTag, '{else', 5) === 0)
{
@@ -2561,6 +2561,12 @@ protected function generateImage($src, $alt='', $attributes='')
*/
protected function generateMargin($arrValues, $strType='margin')
{
+ // Initialize an empty array (see #5217)
+ if (!is_array($arrValues))
+ {
+ $arrValues = array('top'=>'', 'right'=>'', 'bottom'=>'', 'left'=>'', 'unit'=>'');
+ }
+
$top = $arrValues['top'];
$right = $arrValues['right'];
$bottom = $arrValues['bottom'];
@@ -2587,15 +2593,8 @@ protected function generateMargin($arrValues, $strType='margin')
}
}
- $arrDir = array
- (
- 'top'=>$top,
- 'right'=>$right,
- 'bottom'=>$bottom,
- 'left'=>$left
- );
-
$return = array();
+ $arrDir = array('top'=>$top, 'right'=>$right, 'bottom'=>$bottom, 'left'=>$left);
foreach ($arrDir as $k=>$v)
{
@@ -3090,6 +3089,11 @@ protected function getChildRecords($arrParentIds, $strTable, $blnSorting=false,
$arrParentIds = array($arrParentIds);
}
+ if (empty($arrParentIds))
+ {
+ return $arrReturn;
+ }
+
$arrParentIds = array_map('intval', $arrParentIds);
$objChilds = $this->Database->execute("SELECT id, pid FROM " . $strTable . " WHERE pid IN(" . implode(',', $arrParentIds) . ")" . ($blnSorting ? " ORDER BY " . $this->Database->findInSet('pid', $arrParentIds) . ", sorting" : ""));
Oops, something went wrong.

0 comments on commit 4bd7b99

Please sign in to comment.