Index: typo3/sysext/install/mod/class.tx_install.php =================================================================== --- typo3/sysext/install/mod/class.tx_install.php (revision 6190) +++ typo3/sysext/install/mod/class.tx_install.php (working copy) @@ -255,7 +255,7 @@ // **************************** $this->INSTALL = t3lib_div::_GP('TYPO3_INSTALL'); $this->mode = t3lib_div::_GP('mode'); - $this->step = t3lib_div::_GP('step'); + $this->step = intval(t3lib_div::_GP('step')); $this->redirect_url = t3lib_div::_GP('redirect_url'); if ($_GET['TYPO3_INSTALL']['type']) { @@ -331,7 +331,7 @@ * Returns true if submitted password is ok. Else displays a form in which to enter password. * * @param [type] $uKey: ... - * @return bool whether the submitted password is ok + * @return bool whether the submitted password is ok */ function checkPassword($uKey) { $p = t3lib_div::_GP('password'); @@ -386,7 +386,7 @@ $content = '

- +

@@ -494,7 +494,7 @@ $this->generateConfigForm('get_form'); $content = $this->printAll(); - $content = ''.$content.'

+ $content = ''.$content.'

'.$this->fw('NOTICE: By clicking this button, localconf.php is updated with new values for the parameters listed above!
').'
'; $this->output($this->outputWrapper($content)); @@ -653,7 +653,7 @@

- +
'.$this->fontTag2.'Username: @@ -723,7 +723,7 @@

- + '; + $lines[]=''; } $fileList='
'.$this->fontTag2.' @@ -938,19 +938,19 @@ $wrap=array('',''); $fileFound = 1; } else {$wrap=array();} - $lines[]='
'.$this->fw($wrap[0].basename($file).$wrap[1].'   ').''.$this->fw(t3lib_div::formatSize(filesize($file))).'
'.$this->fw($wrap[0].basename($file).$wrap[1].'   ').''.$this->fw(t3lib_div::formatSize(filesize($file))).'
'.implode('',$lines).'
'; $fileList.='
('.$EDIT_path.')'; if ($this->allowFileEditOutsite_typo3conf_dir) { - $fileList.='
+ $fileList.='
'.PATH_site.' '; } // create link for deleting temp_CACHED files - $fileList .= '

Delete temp_CACHED* files'; + $fileList .= '

Delete temp_CACHED* files'; if ($fileFound && @is_file($this->INSTALL['typo3conf_files'])) { $this->headerStyle = ' @@ -963,7 +963,7 @@ $backupFile = $this->getBackupFilename($this->INSTALL['typo3conf_files']); $fileContent = t3lib_div::getUrl($this->INSTALL['typo3conf_files']); - $this->contentBeforeTable.= '
'.(substr($this->INSTALL['typo3conf_files'],-1)!='~' && !strstr($this->INSTALL['typo3conf_files'],'_bak') ? ' + $this->contentBeforeTable.= ''.(substr($this->INSTALL['typo3conf_files'],-1)!='~' && !strstr($this->INSTALL['typo3conf_files'],'_bak') ? '  ' : '').'
File: '.$this->INSTALL['typo3conf_files'].' @@ -1194,7 +1194,7 @@ '; - $form = ''.$content.' + $form = ''.$content.'
@@ -1285,7 +1285,7 @@ } $content = ' '; - $form = '
'.$content.'
'; + $form = '
'.$content.'
'; $this->message($headCode,'Statistics',' Number cached image sizes: '.$cachedImageSizesCounter.'
'.$form,1); @@ -1659,7 +1659,7 @@ case 'get_form': $out=' You can check the mail() function by entering your email address here and press the button. You should then receive a testmail from test@test.test.
Since almost all mails in TYPO3 are sent using the t3lib_htmlmail class, sending with this class can be tested by checking the box Test t3lib_htmlmail below. The return-path of the mail is set to null@'.t3lib_div::getIndpEnv('HTTP_HOST').'. Some mail servers won\'t send the mail if the host of the return-path is not resolved correctly. -

+
'; break; default: @@ -1909,7 +1909,7 @@ $this->message($ext, 'Available ImageMagick/GraphicsMagick installations:',''.$theCode.'
',-1); } $this->message($ext, 'Search for ImageMagick:',' -
+ INSTALL['checkIM']['lzw']?' checked="checked"':'').'> Check this path for ImageMagick installation: @@ -2073,7 +2073,7 @@ case 'get_form': // Database: $out=' - + '; $out.=$this->wrapInCells('Username:', ''.($this->config_array['sql.safe_mode_user']?"
sql.safe_mode_user: ".$this->config_array['sql.safe_mode_user']."":"")); @@ -2273,11 +2273,11 @@ if ($showOutput) { switch($returnVal) { case 'continue': - $content = '

'.implode($this->messages,'
').'

Click to continue...'; + $content = '

'.implode($this->messages,'
').'

Click to continue...'; $this->outputExitBasedOnStep($content); break; case 'nochange': - $content = 'Writing to \'localconf.php\':

No values were changed, so nothing is updated!

Click to continue...'; + $content = 'Writing to \'localconf.php\':

No values were changed, so nothing is updated!

Click to continue...'; $this->outputExitBasedOnStep('
'.$content); break; } @@ -3426,7 +3426,7 @@ $directJump=''; while(list($k,$file)=each($sql_files)) { if ($this->mode=="123" && !count($whichTables) && strstr($file,'_testsite')) { - $directJump = $this->action.'&TYPO3_INSTALL[database_type]=import|'.rawurlencode($file); + $directJump = htmlspecialchars($this->action.'&TYPO3_INSTALL[database_type]=import|'.rawurlencode($file)); } $lf=t3lib_div::testInt($k); $fShortName = substr($file,strlen(PATH_site)); @@ -3836,7 +3836,7 @@ $this->isBasicComplete($headCode); - if ($result) { + if ($result) { $this->message($headCode,'User created',' Username: '.htmlspecialchars($username).'
Password: '.htmlspecialchars($pass).'
', @@ -4028,7 +4028,7 @@ if ($updateWizardBoxes) { $updateWizardBoxes = '
'.$updateWizardBoxes.'
'; $content = ' - + '.$updateWizardBoxes.'
'; } else { @@ -4217,7 +4217,7 @@ * @return [type] ... */ function getUpdateDbFormWrap($action_type, $content, $label='Write to database') { - $form = '
'.$content.'
'; + $form = ''.$content.'
'; return $form; }