TYPO3 Forge: Issueshttp://forge.typo3.org/http://forge.typo3.org/themes/typo3_forge/favicon/favicon.png?17058661692024-03-06T11:07:42ZTYPO3 Forge
Redmine TYPO3 Core - Bug #103299 (New): Date or Date+Time is cleared after manual editinghttp://forge.typo3.org/issues/1032992024-03-06T11:07:42ZXavier Perseguersxavier@typo3.org
<p>This has been spotted right now while working with TYPO3 v11. Problem does not exist in TYPO3 v10. Did not test yet in newer TYPO3 versions.</p>
<a name="How-to-reproduce"></a>
<h2 >How to reproduce<a href="#How-to-reproduce" class="wiki-anchor">¶</a></h2>
<p>1. Any any record<br />2. Switch to some date or date/time field (e.g., "end date" within "Access")<br />3. Choose a date with the date picker<br />4. Click in the input field to manually change the month:<br /> <img src="http://forge.typo3.org/attachments/download/38297/field.png" alt="" loading="lazy" /><br />5. Change the month to some <strong>1 digit</strong> month number (e.g., "04-3-2024")<br />6. Go away of the field by clicking somewhere else</p>
<a name="Expected-behaviour-working-in-TYPO3-v10"></a>
<h2 >Expected behaviour (working in TYPO3 v10)<a href="#Expected-behaviour-working-in-TYPO3-v10" class="wiki-anchor">¶</a></h2>
<p>- The date field is normalized to 04-03-2024 (possibly with a time associated)</p>
<a name="Actual-behaviour"></a>
<h2 >Actual behaviour<a href="#Actual-behaviour" class="wiki-anchor">¶</a></h2>
<p>- The date field is cleared</p> TYPO3 Core - Bug #102343 (Under Review): Empty $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemLocale']...http://forge.typo3.org/issues/1023432023-11-07T14:42:49ZXavier Perseguersxavier@typo3.org
<p>After uploading a PDF file in File > Filelist with TYPO3 v12, I could not show the directory anymore, it always fails with "500 - Internal Server Error".</p>
<p>Nothing in logs, nor in php.log, Development environment, ...</p>
<p>I tracked the problem down to <code>\TYPO3\CMS\Core\Utility\CommandUtility::escapeShellArguments():447</code> where the call</p>
<pre>
setlocale(LC_CTYPE, $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemLocale']);
</pre>
<p>is the culprit.</p>
<p>It turns out <code>systemLocale</code> is empty on that development environment.</p>
<p>That calls is done when <code>$GLOBALS['TYPO3_CONF_VARS']['SYS']['UTF8filesystem']</code> is true.</p>
<p>After setting <code>systemLocale</code> to <code>en_US.UTF-8</code>, the call doesn't fail anymore and everything's fine.</p>
<p>=> this kind of misconfiguration should not cause a very hard to debug Internal Server Error.</p>
<p>=> maybe the resolution may be backported.</p> TYPO3 Core - Bug #102081 (Under Review): Cannot provide TOTP in a Frontend contexthttp://forge.typo3.org/issues/1020812023-10-04T05:06:53ZXavier Perseguersxavier@typo3.org
<p>While working on making EXT:cf_google_authenticator compatible with TYPO3 v11 and v12 and trying to use the new "mfa" field from the fe_users table instead of custom ones, I figured out there is no way to instruct the authentication process that MFA has been validated.</p>
<p>Edit: in the mean time and since EXT:cf_google_authenticator is not properly maintained anymore, I created a fresh MFA extension EXT:mfa_frontend available off TER.</p>
<a name="Context"></a>
<h2 >Context<a href="#Context" class="wiki-anchor">¶</a></h2>
<p>- Configure TOTP with some Frontend user. You can do so with:<br /> <pre>composer req causal/mfa-frontend "dev-bugfix/102081-core-cannot-provide-totp-in-frontend"</pre><br />- Go to the Frontend and try to login with username + password + (valid) TOTP</p>
<a name="Expected"></a>
<h2 >Expected<a href="#Expected" class="wiki-anchor">¶</a></h2>
<p>You are authenticated.</p>
<a name="Actual"></a>
<h2 >Actual<a href="#Actual" class="wiki-anchor">¶</a></h2>
<p>Exception MfaRequiredException (1613687097) is thrown</p>
<a name="Cause"></a>
<h2 >Cause<a href="#Cause" class="wiki-anchor">¶</a></h2>
<p>The session just created does not contain the key 'mfa' set to true.</p>
<a name="Further-info"></a>
<h2 >Further info<a href="#Further-info" class="wiki-anchor">¶</a></h2>
<p>This problem does not exist in the Backend context as the authentication with MFA is done in a 2-step process where username+password is first checked and THEN MFA is required. This is easily possible because the Backend login has a full-screen layout and may easily be replaced by another single-field MFA input form thanks to a Middleware.</p>
<p>In a Frontend context however, it is common to ask for all 3 information (username + password + TOTP) in a single custom form tailored to the website's design. This means TOTP/MFA may be checked during the authentication process by some third-party extension like any custom authentication service authenticating with OIDC or LDAP.</p>
<p>Problem has been spotted while working on TYPO3 v11, right when MFA support has been added to the Core but only actually implemented for Backend.</p>
<p>Since MFA for Frontend cannot be implemented properly with current problem and MFA is very important in term of security, this ticket is marked as a bug fix going back to TYPO3 v11.</p>
<p>The submitted patch may naturally be discussed and solution adapted if needed. The patch to apply to the bugfix branch discussed above:</p>
<pre>
diff --git a/Classes/Service/MfaAuthenticationService.php b/Classes/Service/MfaAuthenticationService.php
index d6727f4..ad0066d 100644
--- a/Classes/Service/MfaAuthenticationService.php
+++ b/Classes/Service/MfaAuthenticationService.php
@@ -50,6 +50,11 @@ class MfaAuthenticationService extends AuthenticationService
// Reset failed attempts
$mfa['totp']['attempts'] = 0;
+ // MFA has been validated, we need to instruct TYPO3 it's OK to proceed
+ $userSession = $this->pObj->getSession();
+ $userSession->set('mfa', true);
+ $userSession->setUseDataForNewSession(true);
+
$code = static::AUTH_SUCCEED_AND_PROCEED;
} else {
// Increase failed attempts
</pre>
<p>=> Apply that patch and check with the Core patch that authentication now works properly.</p> TYPO3 Core - Bug #99893 (Closed): + in directory name is crashing the File > List modulehttp://forge.typo3.org/issues/998932023-02-09T09:45:54ZXavier Perseguersxavier@typo3.org
<p>When you have a folder with a "+" in its name, the context menu does not pop up.</p>
<p>Reason: the AJAX call is passing the non-urlencoded name as parameter, thus replacing the "+" with a blank space.</p>
<a name="How-to-reproduce"></a>
<h2 >How to reproduce<a href="#How-to-reproduce" class="wiki-anchor">¶</a></h2>
<p>Create a directory with a "+" symbol (cannot be done from TYPO3, do it in terminal):</p>
<pre>
$ cd /path/to/fileadmin
$ mkdir two\+words
</pre>
<p>Go to Fileadmin in TYPO3 Backend and try to show the context menu on that directory, within the file tree:</p>
<p><img src="http://forge.typo3.org/attachments/download/37403/folder.png" alt="" loading="lazy" /></p>
<p>Nothing happens!</p>
<a name="Technical-info"></a>
<h2 >Technical info<a href="#Technical-info" class="wiki-anchor">¶</a></h2>
<p>- AJAX: <a class="external" href="https://v10.typo3dev.loc/typo3/index.php?route=%2Fajax%2Fcontext-menu&token=6204a3c98a8d4faed6ddc60d361a99d0748d6def&table=sys_file&uid=1:/a-foo/two+words/&context=tree">https://v10.typo3dev.loc/typo3/index.php?route=%2Fajax%2Fcontext-menu&token=6204a3c98a8d4faed6ddc60d361a99d0748d6def&table=sys_file&uid=1:/a-foo/two+words/&context=tree</a><br />- We read the vanilla argument <code>uid=1:/a-foo/two+words/</code> instead of the URL encoded one, the one you get when you show a file within that directory using the corresponding action button:<br /> - <a class="external" href="https://v10.typo3dev.loc/fileadmin/a-foo/two%2Bwords/foo.txt">https://v10.typo3dev.loc/fileadmin/a-foo/two%2Bwords/foo.txt</a><br /> - <code>uid=1:/a-foo/two%2Bwords/</code></p> TYPO3 Core - Bug #99527 (In Progress): indexed_search does not properly index XLSX and PPTX fileshttp://forge.typo3.org/issues/995272023-01-12T14:22:51ZXavier Perseguersxavier@typo3.org
<p>Working on a client's install, it turns out indexed_search is not capable of properly indexing XLSX and PPTX files.</p>
<ul>
<li>Problem for XLSX: the wrong "unzipped" file is indexed, that file contains some kind of metadata which are basically only pointers (integers). The content extracted is plain wrong and useless</li>
<li>Problem for PPTX: only the content of Slide 1 is extracted, it misses content from all other slides</li>
</ul> TYPO3 Core - Bug #97769 (Closed): Cannot open Admin modules anymorehttp://forge.typo3.org/issues/977692022-06-14T11:42:02ZXavier Perseguersxavier@typo3.org
<p>It looks like v10.4.29 introduces a regression where the various admin modules (Environment, ...) cannot be opened anymore, either locally in debug mode without any password or on production when trying to use the Install Tool password:</p>
<pre>
The install tool session expired. Please reload the backend and try again.
</pre> TYPO3 Core - Task #95961 (Closed): Streamline order of buttons for announcing the notificationhttp://forge.typo3.org/issues/959612021-11-11T18:01:45ZXavier Perseguersxavier@typo3.org
<p>When first opening a TYPO3 website, we get a dialog suggesting to accept notifications:</p>
<p><img src="http://forge.typo3.org/attachments/download/36542/notification.png" alt="" loading="lazy" /></p>
<p>Problem: I felt as if the "Yes" button was wrongly placed in regard to my experience with other applications. This is something I could easily confirm, first with Chrome itself. Here is what it shows right after you click the Yes button:</p>
<p><img src="http://forge.typo3.org/attachments/download/36540/chrome.png" alt="" loading="lazy" /></p>
<p>The "Accept" button, so positive or confirmation action is on the left handsome.</p>
<p>Here is another example coming from Adobe Illustrator, to confirm a destructive action, in French but you'll get it :)</p>
<p><img src="http://forge.typo3.org/attachments/download/36541/illustrator.jpg" alt="" loading="lazy" /></p>
<p>So my suggestion is to streamline the UX and ensure the order of buttons is consistent with best practices.</p> TYPO3 Core - Bug #95733 (Closed): Form name shows double apostrophehttp://forge.typo3.org/issues/957332021-10-22T11:13:30ZXavier Perseguersxavier@typo3.org
<p>With following YAML form definition:</p>
<pre>
renderingOptions:
submitButtonLabel: 'Confirmer mon inscription'
type: Form
identifier: registration
label: 'Ouverture d''un compte'
prototypeName: standard
</pre>
<p>The Backend shows a double apostrophe:</p>
<p><img src="http://forge.typo3.org/attachments/download/36491/double-apostrophe.png" alt="" loading="lazy" /></p> TYPO3 Core - Bug #95689 (New): Cannot scroll textarea from IRREhttp://forge.typo3.org/issues/956892021-10-18T13:50:44ZXavier Perseguersxavier@typo3.org
<p>If your TCA has an IRRE with a field being a textarea, you cannot scroll that textarea since there's a CSS class that makes</p>
<pre>
overflow: hidden
</pre>
<p>which prevents that.</p>
<p>Editing the IRRE record on its own shows no problem, only when editing in the context of the parent record.</p>
<p>Browser: latest Chrome on macOS</p> TYPO3 Core - Bug #95599 (Closed): Password recovery explanation lacks the minimum length settingshttp://forge.typo3.org/issues/955992021-10-12T14:49:10ZXavier Perseguersxavier@typo3.org
<p>Template <code>PasswordRecovery/ShowChangePassword.html</code> makes use of <code>settings.newPasswordMinLength</code> but this setting does not exist anymore.</p>
<p>Reason is a refactoring during <a class="issue tracker-10 status-5 priority-4 priority-default closed parent" title="Epic: [FEATURE] Update felogin to extbase (Closed)" href="http://forge.typo3.org/issues/84262">#84262</a> where that setting got refactored as a validator only:</p>
<pre>
passwordValidators {
10 = TYPO3\CMS\Extbase\Validation\Validator\NotEmptyValidator
20 {
className = TYPO3\CMS\Extbase\Validation\Validator\StringLengthValidator
options {
minimum = {$styles.content.loginform.newPasswordMinLength}
}
}
}
</pre>
<p>I suspect this may be related to former versions of TYPO3 as well.</p> TYPO3 Core - Bug #95513 (New): SQL error: 'Incorrect integer value: '' for column 'grade' at row 1'http://forge.typo3.org/issues/955132021-10-07T07:28:20ZXavier Perseguersxavier@typo3.org
<p>Having this definition:</p>
<pre>
'grade' => [
'exclude' => true,
'label' => 'LLL:EXT:myext/Resources/Private/Language/locallang_db.xlf:tx_myext_domain_model_location.grade',
'config' => [
'type' => 'select',
'renderType' => 'selectSingle',
'items' => [
['', 0],
],
'foreign_table' => 'tx_myext_domain_model_grade',
'foreign_table_where' => 'ORDER BY tx_myext_domain_model_grade.name',
],
],
</pre>
<p>One can properly choose a "grade" in the selector and persist it. But as soon as the default empty option is selected (0), persisting the record fails with:</p>
<pre>
SQL error: 'Incorrect integer value: '' for column 'grade' at row 1' (tx_myext_domain_model_location:1)
</pre>
<p>Somehow the 0 is detected as "empty" and transformed into an empty string when sent to the database.</p> TYPO3 Core - Task #94961 (New): Add automatic mapping for tstamp and crdate fieldshttp://forge.typo3.org/issues/949612021-08-23T11:08:40ZXavier Perseguersxavier@typo3.org
<p>Many users are struggling getting the DB columns <code>tstamp</code> and <code>crdate</code> mapped with their domain model.</p>
<p>What they do is adding a member field to their domain model and corresponding getter:</p>
<pre>
/**
* tstamp
* @var int
*/
protected $tstamp = 0;
public function getTstamp(): int
{
return $this->tstamp
}
</pre>
<p>as they do with all their other fields, but this never works and they keep asking about the way to go in the Slack channel.</p>
<p>The solution is straightforward when one knows about it: it's all about adding the "missing" TCA definition for <code>tstamp</code> as a <code>passthrough</code> and that's it.</p>
<a name="Suggestion"></a>
<h2 >Suggestion<a href="#Suggestion" class="wiki-anchor">¶</a></h2>
<p>Common columns such as</p>
<ul>
<li><code>crdate</code></li>
<li><code>tstamp</code></li>
</ul>
<p>(possibly others as well)</p>
<p>should be automatically configured as <code>passthrough</code> if they are not already defined (e.g., when a developer configures the <code>tstamp</code> with a custom renderer to show the last modification to their editors).</p>
<p>This would be the most straightforward I'd say.</p>
<p>Alternatively, Extbase could be taught about those fields.</p>
<a name="Rationale"></a>
<h2 >Rationale<a href="#Rationale" class="wiki-anchor">¶</a></h2>
<p>Getting those creation and modification dates into one's domain model is a really common use case. Struggling getting those dumb information mapped is hurting the developer experience.</p> TYPO3 Core - Bug #94621 (Closed): startime/endtime are forced to "today" after savinghttp://forge.typo3.org/issues/946212021-07-23T09:20:52ZXavier Perseguersxavier@typo3.org
<p>Since v10.4.18 we face a regression when using @'range' on a date/time field.</p>
<a name="How-to-reproduce"></a>
<h2 >How to reproduce<a href="#How-to-reproduce" class="wiki-anchor">¶</a></h2>
<p>Take any TCA definition and put some <code>lower</code> constraint on the range of <code>startime</code> and/or <code>endtime</code>. Here is an example of such a problematic definition (which originates back from many versions of TYPO3):</p>
<pre>
'endtime' => [
'exclude' => 1,
'label' => 'LLL:EXT:core/Resources/Private/Language/locallang_general.xlf:LGL.endtime',
'config' => [
'type' => 'input',
'size' => 13,
'eval' => 'datetime',
'checkbox' => 0,
'default' => 0,
'range' => [
'lower' => mktime(0, 0, 0, date('m'), date('d'), date('Y'))
],
'behaviour' => [
'allowLanguageSynchronization' => true,
],
'renderType' => 'inputDateTime',
],
],
</pre>
<p>Even if that definition not really makes sense anymore since TCA is cached since TYPO3 v9, this was never a problem but is suddenly breaking (typically) custom records:</p>
<ul>
<li>Create a (or update an existing) record having those <code>starttime</code>, <code>endtime</code></li>
<li>Upon saving the (empty) start/end fields are now populated with the date on midnight (+ GMT/timezone offset) of the day you last cleared the whole cache</li>
<li>You CANNOT clear that field again</li>
</ul>
<p>This is highly breaking because typically for the <code>endtime</code> field, this has impact on records you create/edit and can be particularly weird in relation with IRRE where you don't always see that such a visibility restriction has been enforced.</p>
<a name="Analysis"></a>
<h2 >Analysis<a href="#Analysis" class="wiki-anchor">¶</a></h2>
<p>Thanks to Benni, it looks like that the culprit commit is <a class="external" href="https://git.typo3.org/Packages/TYPO3.CMS.git/blobdiff/ae55eef595bdd4d0676d3b9d96cfc08a4f327527..adce6dbe8b305c71c447929bc14e5c87b4ad6954:/typo3/sysext/core/Classes/DataHandling/DataHandler.php">https://git.typo3.org/Packages/TYPO3.CMS.git/blobdiff/ae55eef595bdd4d0676d3b9d96cfc08a4f327527..adce6dbe8b305c71c447929bc14e5c87b4ad6954:/typo3/sysext/core/Classes/DataHandling/DataHandler.php</a></p>
<p>and particularly (for me, by reading) to this part:</p>
<pre>
+ && (
+ !isset($tcaFieldConf['default'])
+ || floor($res['value']) !== (int)$tcaFieldConf['default']
+ || ceil($res['value']) !== (int)$tcaFieldConf['default']
+ )
</pre>
<p>Indeed, there's the use of <code>ceil()</code> and <code>floor()</code> with a strict comparison with an <code>int</code>-cast of the default value. having "0" as value in the field (if empty), leads to <code>floor()</code> and <code>ceil()</code> to return a <b>double</b> which is strictly compared to an int and can logically never be true.</p>
<a name="Suggestion"></a>
<h2 >Suggestion<a href="#Suggestion" class="wiki-anchor">¶</a></h2>
<p>Again, by reading only, not tested so far:</p>
<pre>
+ && (
+ !isset($tcaFieldConf['default'])
+ || (int)floor($res['value']) !== (int)$tcaFieldConf['default']
+ || (int)ceil($res['value']) !== (int)$tcaFieldConf['default']
+ )
</pre> TYPO3 Core - Feature #94284 (Needs Feedback): <f:format.date> is broken (no localization in Backend)http://forge.typo3.org/issues/942842021-06-08T07:58:27ZXavier Perseguersxavier@typo3.org
<p>Show your Backend in another language than English</p>
<p>Put that in a template:</p>
<pre>
<f:format.date format="%A">now</f:format.date>
</pre>
<p>Expected: Day of week in German, French, ... whichever you chose</p>
<p>Actual: Day of week in English.</p>
<p>This worked in TYPO3 v9</p> TYPO3 Core - Bug #94039 (New): Change of the tt_content plugin can lead to corrupted FlexFormhttp://forge.typo3.org/issues/940392021-05-03T07:28:22ZXavier Perseguersxavier@typo3.org
<p>One of my webmasters changed a EXT:news plugin to become a EXT:file_list plugin.</p>
<p>As usual, the former FlexForm is kept instead of being cleared and both FlexForm start being interleaved.</p>
<pre>
<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
<T3FlexForms>
<data>
<sheet index="sDEF">
<language index="lDEF">
<field index="settings.mode">
<value index="vDEF">FOLDER</value>
</field>
<field index="settings.path">
<value index="vDEF"><![CDATA[t3://folder?storage=1&identifier=REMOVED]]></value>
</field>
<field index="settings.orderBy">
<value index="vDEF">NAME</value>
</field>
<field index="settings.sortDirection">
<value index="vDEF">ASC</value>
</field>
<field index="settings.includeSubfolders">
<value index="vDEF">0</value>
</field>
<field index="settings.orderDirection">
<value index="vDEF"></value>
</field>
<field index="settings.dateField">
<value index="vDEF"></value>
</field>
<field index="settings.categoryConjunction">
<value index="vDEF"></value>
</field>
<field index="settings.categories">
<value index="vDEF"></value>
</field>
<field index="settings.includeSubCategories">
<value index="vDEF">0</value>
</field>
<field index="settings.archiveRestriction">
<value index="vDEF"></value>
</field>
<field index="settings.timeRestriction">
<value index="vDEF"></value>
</field>
<field index="settings.timeRestrictionHigh">
<value index="vDEF"></value>
</field>
<field index="settings.topNewsRestriction">
<value index="vDEF"></value>
</field>
<field index="settings.singleNews">
<value index="vDEF"></value>
</field>
<field index="settings.previewHiddenRecords">
<value index="vDEF">2</value>
</field>
<field index="settings.startingpoint">
<value index="vDEF"></value>
</field>
<field index="settings.recursive">
<value index="vDEF"></value>
</field>
<field index="settings.selectedList">
<value index="vDEF"></value>
</field>
</language>
</sheet>
<sheet index="display">
<language index="lDEF">
<field index="settings.newDuration">
<value index="vDEF">0</value>
</field>
<field index="settings.templateLayout">
<value index="vDEF">Simple</value>
</field>
</language>
</sheet>
<sheet index="additional">
<language index="lDEF">
<field index="settings.detailPid">
<value index="vDEF"></value>
</field>
<field index="settings.listPid">
<value index="vDEF"></value>
</field>
<field index="settings.backPid">
<value index="vDEF"></value>
</field>
<field index="settings.limit">
<value index="vDEF"></value>
</field>
<field index="settings.offset">
<value index="vDEF"></value>
</field>
<field index="settings.tags">
<value index="vDEF"></value>
</field>
<field index="settings.hidePagination">
<value index="vDEF">0</value>
</field>
<field index="settings.list.paginate.itemsPerPage">
<value index="vDEF"></value>
</field>
<field index="settings.topNewsFirst">
<value index="vDEF">0</value>
</field>
<field index="settings.excludeAlreadyDisplayedNews">
<value index="vDEF">0</value>
</field>
<field index="settings.disableOverrideDemand">
<value index="vDEF">1</value>
</field>
</language>
</sheet>
<sheet index="template">
<language index="lDEF">
<field index="settings.media.maxWidth">
<value index="vDEF"></value>
</field>
<field index="settings.media.maxHeight">
<value index="vDEF"></value>
</field>
<field index="settings.cropMaxCharacters">
<value index="vDEF"></value>
</field>
<field index="settings.templateLayout">
<value index="vDEF"></value>
</field>
</language>
</sheet>
</data>
</T3FlexForms>
</pre>
<p>Problem is that EXT:file_list has <code>settings.templateLayout</code> as well, but not under the same "sheet", EXT:news has it under sheet "display" whereas EXT:file_list has it under sheet "template".</p>
<p>When my webmaster choose another template, the key from sheet "display" is updated, instead of the (correct) key under sheet "template". This leads to the key being empty and the EXT:file_list plugin just cannot be properly updated.</p>