Project

General

Profile

Actions

Bug #42921

closed

t3lib_div->trimExplode fills database table sys_log

Added by Christian Finkemeier about 12 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
Miscellaneous
Target version:
-
Start date:
2012-11-13
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.5
PHP Version:
5.3
Tags:
Complexity:
easy
Is Regression:
Sprint Focus:

Description

There are several uses of t3lib_div::trimExplode with wrong parameter types.

The second parameter must be a string, otherwise a php warning is stored to the sys_log database table, e.g. in tslib_fe::initFEuser (line 623) where the argument is null or in t3lib_userAuth::getAuthInfoArray (line 1299) where the argument is an integer...

This could be easily resolved by mapping the variable $string to string like this:

public static function trimExplode($delim, $string, $removeEmptyValues = FALSE, $limit = 0) {
        $explodedValues = explode($delim, (string)$string);

best regards
Christian


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #50913: t3lib_div->trimExplode fills database table sys_logClosed2013-08-08

Actions
Actions #1

Updated by Markus Klein about 12 years ago

Hi Christian,

can you please post your PHP settings. Did you activate STRICT mode?
Usually the implicit conversion from integer to string should not issue a PHP warning.

Actions #2

Updated by Patrick Broens about 12 years ago

  • Category set to Miscellaneous
  • Status changed from New to Needs Feedback
Actions #3

Updated by Christian Finkemeier about 12 years ago

My PHP settings for error_reporting is "E_ALL & ~E_DEPRECATED"

Actions #4

Updated by Markus Klein about 12 years ago

That should be ok.

Can you please post the complete error message from the log and maybe a stack trace?

Actions #5

Updated by Christian Finkemeier about 12 years ago

This is the error message from sys_log:

Core: Error handler (FE): PHP Warning: explode() expects parameter 2 to be string, null given in /typo3_src-4.5.22/t3lib/class.t3lib_div.php on line 1950

And this is an backtrace from t3lib_div::trimExplode:
require(YPO3/typo3_src-4.5.22/typo3/sysext/cms/tslib/index_ts.php),YPO3/typo3_src-4.5.22/index.php#83 // tslib_fe->initFEuser#260 // t3lib_DB->cleanIntList#623 // t3lib_div::intExplode#856 // t3lib_div::trimExplode#1913

Actions #6

Updated by Alexander Opitz over 11 years ago

  • Status changed from Needs Feedback to New
Actions #7

Updated by Gerrit Code Review over 11 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22327

Actions #8

Updated by Gerrit Code Review over 11 years ago

Patch set 1 for branch TYPO3_6-1 has been pushed to the review server.
It is available at https://review.typo3.org/22338

Actions #9

Updated by Gerrit Code Review over 11 years ago

Patch set 1 for branch TYPO3_6-0 has been pushed to the review server.
It is available at https://review.typo3.org/22339

Actions #10

Updated by Gerrit Code Review over 11 years ago

Patch set 1 for branch TYPO3_4-7 has been pushed to the review server.
It is available at https://review.typo3.org/22340

Actions #11

Updated by Gerrit Code Review over 11 years ago

Patch set 1 for branch TYPO3_4-5 has been pushed to the review server.
It is available at https://review.typo3.org/22341

Actions #12

Updated by Markus Klein over 11 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #13

Updated by Christian Finkemeier over 11 years ago

Thanks for updating tslib_fe::initFEuser. But you forgot t3lib_userAuth::getAuthInfoArray :-)
It should be

@@ -1282,20 1282,24 @@ t3lib_userAuth::getAuthInfoArray
    function getAuthInfoArray() {
        $authInfo = array();
        $authInfo['loginType'] = $this->loginType;
        $authInfo['refInfo'] = parse_url(t3lib_div::getIndpEnv('HTTP_REFERER'));
        $authInfo['HTTP_HOST'] = t3lib_div::getIndpEnv('HTTP_HOST');
        $authInfo['REMOTE_ADDR'] = t3lib_div::getIndpEnv('REMOTE_ADDR');
        $authInfo['REMOTE_HOST'] = t3lib_div::getIndpEnv('REMOTE_HOST');
        $authInfo['security_level'] = $this->security_level;
        $authInfo['showHiddenRecords'] = $this->showHiddenRecords;
            // can be overidden in localconf by SVCONF:
        $authInfo['db_user']['table'] = $this->user_table;
        $authInfo['db_user']['userid_column'] = $this->userid_column;
        $authInfo['db_user']['username_column'] = $this->username_column;
        $authInfo['db_user']['userident_column'] = $this->userident_column;
        $authInfo['db_user']['usergroup_column'] = $this->usergroup_column;
        $authInfo['db_user']['enable_clause'] = $this->user_where_clause();
-        $authInfo['db_user']['checkPidList'] = $this->checkPid ? $this->checkPid_value : '';
+        $authInfo['db_user']['checkPidList'] = ($this->checkPid && $this->checkPid_value)
+            ? $this->checkPid_value
+            : '';
-        $authInfo['db_user']['check_pid_clause'] = $this->checkPid ? ' AND pid IN (' . $GLOBALS['TYPO3_DB']->cleanIntList($authInfo['db_user']['checkPidList']) . ')' : '';
+        $authInfo['db_user']['check_pid_clause'] = ($this->checkPid && $this->checkPid_value)
+            ? ' AND pid IN (' . $GLOBALS['TYPO3_DB']->cleanIntList($authInfo['db_user']['checkPidList']) . ')'
+            : '';
        $authInfo['db_groups']['table'] = $this->usergroup_table;
        return $authInfo;
    }

Actions #14

Updated by Markus Klein over 11 years ago

@Christian: Indeed, I forgot about it.

Could you please file another forge issue and add this as related.
Feel free to add me as watcher as well.
Thanks.

Actions #15

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF