Merge branch '4.3-dev' into add_ldap_tests

.gitignore

@@ -107,3 +107,6 @@ RoboFile.ini
 !/tests/cypress/screenshots/.gitkeep
 /tests/cypress/videos
 !/tests/cypress/videos/.gitkeep
+
+# WebAuthn FIDO metadata cache
+/plugins/system/webauthn/fido.jwt

administrator/components/com_admin/script.php

@@ -6450,6 +6450,8 @@ public function deleteUnexistingFiles($dryRun = false, $suppressOutput = false)
             '/media/vendor/hotkeys.js/js/hotkeys.min.js',
             '/media/vendor/hotkeys.js/js/hotkeys.min.js.gz',
             '/media/vendor/hotkeys.js/LICENSE',
+            // From 4.2.1 to 4.2.2
+            '/administrator/cache/fido.jwt',
         );
 
         $folders = array(

administrator/components/com_admin/src/View/Sysinfo/HtmlView.php

@@ -12,7 +12,6 @@
 
 use Exception;
 use Joomla\CMS\Access\Exception\NotAllowed;
-use Joomla\CMS\Factory;
 use Joomla\CMS\Language\Text;
 use Joomla\CMS\MVC\View\HtmlView as BaseHtmlView;
 use Joomla\CMS\Router\Route;

administrator/components/com_languages/src/View/Overrides/HtmlView.php

@@ -10,7 +10,6 @@
 
 namespace Joomla\Component\Languages\Administrator\View\Overrides;
 
-use Joomla\CMS\Factory;
 use Joomla\CMS\Helper\ContentHelper;
 use Joomla\CMS\Language\Text;
 use Joomla\CMS\MVC\View\GenericDataException;

administrator/components/com_media/resources/scripts/components/browser/items/image.vue

@@ -16,7 +16,7 @@
           class="image-cropped"
           :src="getURL"
           :alt="altTag"
-          loading="lazy"
+          :loading="loading"
           :width="width"
           :height="height"
         >
@@ -76,10 +76,13 @@ export default {
         : `${this.item.thumb_path}`;
     },
     width() {
-      return this.item.width;
+      return this.item.width > 0 ? this.item.width : null;
     },
     height() {
-      return this.item.height;
+      return this.item.height > 0 ? this.item.height : null;
+    },
+    loading() {
+      return this.item.width > 0 ? 'lazy' : null;
     },
     altTag() {
       return this.item.name;

administrator/components/com_menus/forms/filter_itemsadmin.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<form>
+<form addfieldprefix="Joomla\Component\Menus\Administrator\Field">
 	<field
 		name="client_id"
 		type="list"
@@ -55,6 +55,15 @@
 			>
 			<option value="">JOPTION_SELECT_MAX_LEVELS</option>
 		</field>
+		<field
+			name="parent_id"
+			type="MenuItemByType"
+			label="COM_MENUS_FILTER_PARENT_MENU_ITEM_LABEL"
+			client_id="1"
+			onchange="this.form.submit();"
+			>
+			<option value="">COM_MENUS_FILTER_SELECT_PARENT_MENU_ITEM</option>
+		</field>
 	</fields>
 	<fields name="list">
 		<field

administrator/components/com_menus/src/Field/MenuItemByTypeField.php

@@ -13,6 +13,7 @@
 use Joomla\CMS\Factory;
 use Joomla\CMS\Form\Field\GroupedlistField;
 use Joomla\CMS\HTML\HTMLHelper;
+use Joomla\CMS\Language\Text;
 use Joomla\Component\Menus\Administrator\Helper\MenusHelper;
 
 // phpcs:disable PSR1.Files.SideEffects
@@ -220,10 +221,12 @@ protected function getGroups()
                     $lang = '';
                 }
 
+                $text = Text::_($link->text);
+
                 $groups[$menuTitle][] = HTMLHelper::_(
                     'select.option',
                     $link->value,
-                    $levelPrefix . $link->text . $lang,
+                    $levelPrefix . $text . $lang,
                     'value',
                     'text',
                     in_array($link->type, $this->disable)
@@ -247,10 +250,12 @@ protected function getGroups()
                         $lang = '';
                     }
 
+                    $text = Text::_($link->text);
+
                     $groups[$menu->title][] = HTMLHelper::_(
                         'select.option',
                         $link->value,
-                        $levelPrefix . $link->text . $lang,
+                        $levelPrefix . $text . $lang,
                         'value',
                         'text',
                         in_array($link->type, $this->disable)

administrator/components/com_tags/src/Table/TagTable.php

@@ -190,8 +190,10 @@ public function store($updateNulls = true)
 
         // Verify that the alias is unique
         $table = new static($this->getDbo());
-
-        if ($table->load(array('alias' => $this->alias)) && ($table->id != $this->id || $this->id == 0)) {
+        if (
+            $table->load(array('alias' => $this->alias, 'parent_id' => (int) $this->parent_id))
+            && ($table->id != $this->id || $this->id == 0)
+        ) {
             $this->setError(Text::_('COM_TAGS_ERROR_UNIQUE_ALIAS'));
 
             return false;

administrator/components/com_templates/src/Helper/TemplateHelper.php

@@ -133,7 +133,7 @@ public static function canUpload($file, $err = '')
             }
         }
 
-        // Max upload size set to 2 MB for Template Manager
+        // Max upload size set to 10 MB for Template Manager
         $maxSize = (int) ($params->get('upload_limit') * 1024 * 1024);
 
         if ($maxSize > 0 && (int) $file['size'] > $maxSize) {

administrator/components/com_templates/src/View/Template/HtmlView.php

@@ -14,6 +14,7 @@
 use Joomla\CMS\Factory;
 use Joomla\CMS\Filter\InputFilter;
 use Joomla\CMS\Form\Form;
+use Joomla\CMS\HTML\HTMLHelper;
 use Joomla\CMS\Language\Text;
 use Joomla\CMS\MVC\View\HtmlView as BaseHtmlView;
 use Joomla\CMS\Object\CMSObject;
@@ -295,7 +296,28 @@ protected function addToolbar()
         }
 
         if (count($this->updatedList) !== 0 && $this->pluginState) {
-            ToolbarHelper::custom('template.deleteOverrideHistory', 'times', '', 'COM_TEMPLATES_BUTTON_DELETE_LIST_ENTRY', true, 'updateForm');
+            $dropdown = $bar->dropdownButton('override-group')
+                ->text('COM_TEMPLATES_BUTTON_CHECK')
+                ->toggleSplit(false)
+                ->icon('icon-ellipsis-h')
+                ->buttonClass('btn btn-action')
+                ->form('updateForm')
+                ->listCheck(true);
+
+            $childBar = $dropdown->getChildToolbar();
+
+            $childBar->publish('template.publish')
+                ->text('COM_TEMPLATES_BUTTON_CHECK_LIST_ENTRY')
+                ->form('updateForm')
+                ->listCheck(true);
+            $childBar->unpublish('template.unpublish')
+                ->text('COM_TEMPLATES_BUTTON_UNCHECK_LIST_ENTRY')
+                ->form('updateForm')
+                ->listCheck(true);
+            $childBar->unpublish('template.deleteOverrideHistory')
+                ->text('COM_TEMPLATES_BUTTON_DELETE_LIST_ENTRY')
+                ->form('updateForm')
+                ->listCheck(true);
         }
 
         if ($this->type === 'home') {

administrator/components/com_templates/tmpl/template/default_updated_files.php

@@ -15,13 +15,24 @@
 use Joomla\CMS\Language\Text;
 use Joomla\CMS\Router\Route;
 
+HTMLHelper::_('bootstrap.dropdown', '.dropdown-toggle');
+
 $input = Factory::getApplication()->input;
 ?>
 
-<form action="<?php echo Route::_('index.php?option=com_templates&view=template&id=' . $input->getInt('id') . '&file=' . $this->file); ?>" method="post" name="updateForm" id="updateForm">
-    <div class="row mt-2">
-        <div class="col-md-12">
-            <?php if (count($this->updatedList) !== 0) : ?>
+<?php if (count($this->updatedList) === 0) : ?>
+    <div class="alert alert-success">
+        <span class="icon-check-circle" aria-hidden="true"></span><span class="visually-hidden"><?php echo Text::_('NOTICE'); ?></span>
+        <?php echo Text::_('COM_TEMPLATES_OVERRIDE_UPTODATE'); ?>
+    </div>
+<?php else : ?>
+    <div class="alert alert-info">
+        <span class="icon-info-circle" aria-hidden="true"></span><span class="visually-hidden"><?php echo Text::_('INFO'); ?></span>
+        <?php echo Text::_('COM_TEMPLATES_OVERRIDE_NOT_UPTODATE'); ?>
+    </div>
+    <form action="<?php echo Route::_('index.php?option=com_templates&view=template&id=' . $input->getInt('id') . '&file=' . $this->file); ?>" method="post" name="updateForm" id="updateForm">
+        <div class="row mt-2">
+            <div class="col-md-12">
                 <table class="table">
                     <thead>
                         <tr>
@@ -78,12 +89,7 @@
                 <input type="hidden" name="task" value="">
                 <input type="hidden" name="boxchecked" value="0">
                 <?php echo HTMLHelper::_('form.token'); ?>
-            <?php else : ?>
-                <div class="alert alert-success">
-                    <span class="icon-check-circle" aria-hidden="true"></span><span class="visually-hidden"><?php echo Text::_('NOTICE'); ?></span>
-                    <?php echo Text::_('COM_TEMPLATES_OVERRIDE_UPTODATE'); ?>
-                </div>
-            <?php endif; ?>
+            </div>
         </div>
-    </div>
-</form>
+    </form>
+<?php endif; ?>

administrator/components/com_templates/tmpl/templates/default.php

@@ -118,7 +118,9 @@
                                 <?php if ($this->pluginState) : ?>
                                     <td class="d-none d-md-table-cell text-center">
                                         <?php if (!empty($item->updated)) : ?>
-                                            <span class="badge bg-warning text-dark"><?php echo Text::plural('COM_TEMPLATES_N_CONFLICT', $item->updated); ?></span>
+                                            <a href="<?php echo Route::_('index.php?option=com_templates&view=template&id=' . (int) $item->extension_id . '#files'); ?>">
+                                                <span class="badge bg-warning text-dark"><?php echo Text::plural('COM_TEMPLATES_N_CONFLICT', $item->updated); ?></span>
+                                            </a>
                                         <?php else : ?>
                                             <span class="badge bg-success"><?php echo Text::_('COM_TEMPLATES_UPTODATE'); ?></span>
                                         <?php endif; ?>

administrator/components/com_users/forms/group.xml

@@ -21,7 +21,9 @@
 			type="groupparent"
 			label="COM_USERS_GROUP_FIELD_PARENT_LABEL"
 			validate="options"
-		/>
+			>
+			<option value="0" disabled="disabled">COM_USERS_GROUP_FIELD_PARENT_SELECT</option>
+		</field>
 
 		<field
 			name="actions"

administrator/components/com_users/tmpl/method/edit.php

@@ -25,9 +25,9 @@
     $cancelURL = $this->escape(base64_decode($this->returnURL));
 }
 
-$recordId     = (int)$this->record->id ?? 0;
+$recordId     = (int) $this->record->id ?? 0;
 $method       = $this->record->method ?? $this->getModel()->getState('method');
-$userId       = (int)$this->user->id ?? 0;
+$userId       = (int) $this->user->id ?? 0;
 $headingLevel = 2;
 $hideSubmit   = !$this->renderOptions['show_submit'] && !$this->isEditExisting
 ?>

administrator/language/en-GB/com_cpanel.ini

@@ -15,7 +15,7 @@ COM_CPANEL_MESSAGES_BODY_NOCLOSE="There are important post-installation messages
 COM_CPANEL_MESSAGES_BODYMORE_NOCLOSE="This information area won't appear when you have hidden all the messages."
 COM_CPANEL_MESSAGES_REVIEW="Read Messages"
 COM_CPANEL_MESSAGES_TITLE="You have post-installation messages"
-COM_CPANEL_MSG_ADDNOSNIFF_BODY="<p>Joomla is now shipped with additional security hardenings in the default htaccess.txt and web.config.txt files. These hardenings disable the so called MIME-type sniffing feature in web browsers. The sniffing leads to specific attack vectors, where scripts in normally harmless file formats (eg images) will be executed, leading to Cross-Site-Scripting vulnerabilities.</p><p>The security team recommends to manually apply the necessary changes to existing .htaccess or web.config files, as those files can not be updated automatically.</p><p><strong>Changes for .htaccess</strong><br>Add the following lines before \"## Mod_rewrite in use.\":</p><pre>&lt;IfModule mod_headers.c&gt;\nHeader always set X-Content-Type-Options \"nosniff\"\n&lt;/IfModule&gt;</pre><p><strong>Changes for web.config</strong><br>Add the following lines right after \"&lt;/rewrite&gt;\":</p><pre>&lt;httpProtocol&gt;\n  &lt;customHeaders&gt;\n    &lt;add name=\"X-Content-Type-Options\" value=\"nosniff\" /&gt;\n  &lt;/customHeaders&gt;\n&lt;/httpProtocol&gt;</pre>" ; Translators: Don't touch the code part in the message, Starting with ## Mod_rewrite ...
+COM_CPANEL_MSG_ADDNOSNIFF_BODY="<p>Joomla is now shipped with additional security hardenings in the default htaccess.txt and web.config.txt files. These hardenings disable the so called MIME-type sniffing feature in web browsers. The sniffing leads to specific attack vectors, where scripts in normally harmless file formats (eg images) will be executed, leading to Cross-Site-Scripting vulnerabilities.</p><p>The security team recommends to manually apply the necessary changes to existing .htaccess or web.config files, as those files can not be updated automatically.</p><p><strong>Changes for .htaccess</strong><br>Add the following lines before \"## Mod_rewrite in use.\":</p><pre>&lt;IfModule mod_headers.c&gt;\nHeader always set X-Content-Type-Options \"nosniff\"\n&lt;/IfModule&gt;</pre><p><strong>Changes for web.config</strong><br>Add the following lines right after \"&lt;/rewrite&gt;\":</p><pre>&lt;httpProtocol&gt;\n  &lt;customHeaders&gt;\n    &lt;add name=\"X-Content-Type-Options\" value=\"nosniff\" /&gt;\n  &lt;/customHeaders&gt;\n&lt;/httpProtocol&gt;</pre>" ; Translators: Don't touch the code part in the message, Starting with ## Mod_rewrite &hellip;
 COM_CPANEL_MSG_ADDNOSNIFF_TITLE=".htaccess & web.config Security Update"
 COM_CPANEL_MSG_HTACCESSSVG_BODY="<p>Since 3.9.21 Joomla is shipped with an additional security rule in the default htaccess.txt. This rule will protect users of svg files from potential Cross-Site-Scripting (XSS) vulnerabilities.<br>The security team recommends to manually apply the necessary changes to any existing .htaccess file, as this file can not be updated automatically.</p><p><strong>Changes for .htaccess</strong></p><pre>&lt;FilesMatch \"\.svg$\"&gt;\n  &lt;IfModule mod_headers.c&gt;\n    Header always set Content-Security-Policy \"script-src 'none'\"\n  &lt;/IfModule&gt;\n&lt;/FilesMatch&gt;</pre><p>Currently we are not aware of a method to conditionally configure this on IIS web servers, please contact your hosting provider for further assistance.</p>"
 COM_CPANEL_MSG_HTACCESSSVG_TITLE="Additional XSS protection for the usage of SVG files"

administrator/language/en-GB/com_joomlaupdate.ini

@@ -93,7 +93,7 @@ COM_JOOMLAUPDATE_VIEW_DEFAULT_DESCRIPTION_BREAK="Extensions marked with <span cl
 COM_JOOMLAUPDATE_VIEW_DEFAULT_DESCRIPTION_MISSING_TAG="Extensions marked with <span class='badge bg-secondary'>Missing Compatibility Tag</span> indicate the developer has not included <a href='https://docs.joomla.org/Special:MyLanguage/Deploying_an_Update_Server' target='_blank' rel='noopener noreferrer'>compatibility information.</a>"
 COM_JOOMLAUPDATE_VIEW_DEFAULT_DESCRIPTION_UPDATE_REQUIRED="Extensions marked with <span class='badge bg-warning text-dark'>Yes (X.X.X)</span> might require an update."
 COM_JOOMLAUPDATE_VIEW_DEFAULT_DIRECTIVE="Directive"
-COM_JOOMLAUPDATE_VIEW_DEFAULT_DOWNLOAD_IN_PROGRESS="Downloading update file. Please wait ..."
+COM_JOOMLAUPDATE_VIEW_DEFAULT_DOWNLOAD_IN_PROGRESS="Downloading update file. Please wait &hellip;"
 COM_JOOMLAUPDATE_VIEW_DEFAULT_EXPLANATION_AND_LINK_TO_DOCS="The pre-update check provides you with information about the readiness of your server, settings and installed extensions for the update.<br>You can find more information about this page and how to prepare for updating Joomla in the <a class='pre-update-docs' href='https://docs.joomla.org/Special:MyLanguage/Pre-Update_Check' target='_blank' rel='noopener noreferrer'>pre-update check documentation</a>."
 COM_JOOMLAUPDATE_VIEW_DEFAULT_EXTENSION_COMPATIBLE="Compatible"
 COM_JOOMLAUPDATE_VIEW_DEFAULT_EXTENSION_COMPATIBLE_WITH_JOOMLA_VERSION="%s Compatible"

administrator/language/en-GB/com_media.ini

@@ -33,7 +33,7 @@ COM_MEDIA_ERROR_NO_PROVIDERS="No filesystem providers have been found. Please en
 COM_MEDIA_ERROR_NOT_AUTHENTICATED="You are not authenticated. Please login."
 COM_MEDIA_ERROR_NOT_AUTHORIZED="You are not authorised"
 COM_MEDIA_ERROR_NOT_FOUND="File or Folder not found"
-COM_MEDIA_ERROR_WARNFILETOOLARGE="This file is too large to upload."
+COM_MEDIA_ERROR_WARNFILETOOLARGE="This file is too large to upload. You can change the limits for your site in the component options."
 COM_MEDIA_FIELD_CHECK_MIME_DESC="Use MIME Magic or Fileinfo to attempt to verify files. Try disabling this if you get invalid mime type errors."
 COM_MEDIA_FIELD_CHECK_MIME_LABEL="Check MIME Types"
 COM_MEDIA_FIELD_IGNORED_EXTENSIONS_DESC="Ignored file extensions for MIME type checking and restricted uploads."

administrator/language/en-GB/com_tags.ini

@@ -37,7 +37,7 @@ COM_TAGS_COUNT_UNPUBLISHED_ITEMS="Unpublished items"
 COM_TAGS_EMPTYSTATE_BUTTON_ADD="Add your first tag"
 COM_TAGS_EMPTYSTATE_CONTENT="Tags in Joomla! provide a flexible way of organizing content. The same tag can be applied to many different content items across content types."
 COM_TAGS_EMPTYSTATE_TITLE="No Tags have been created yet."
-COM_TAGS_ERROR_UNIQUE_ALIAS="Another Tag has the same alias (remember it may be a trashed item)."
+COM_TAGS_ERROR_UNIQUE_ALIAS="Another Tag with the same parent tag has the same alias (remember it may be a trashed item)."
 COM_TAGS_EXCLUDE="Exclude"
 COM_TAGS_FIELD_CONTENT_TYPE_LABEL="Content types"
 COM_TAGS_FIELD_FULL_LABEL="Full Image"