Bug #50913
closed
t3lib_div->trimExplode fills database table sys_log
100%
Description
There are several uses of t3lib_div::trimExplode with wrong parameter types.
The second parameter must be a string, otherwise a php warning is stored to the sys_log database table, e.g. in t3lib_userAuth::getAuthInfoArray (line 1299) where the argument is an integer...
This could be easily resolved by this:
@@ -1282,20 1282,24 @@ t3lib_userAuth::getAuthInfoArray
function getAuthInfoArray() {
$authInfo = array();
$authInfo['loginType'] = $this->loginType;
$authInfo['refInfo'] = parse_url(t3lib_div::getIndpEnv('HTTP_REFERER'));
$authInfo['HTTP_HOST'] = t3lib_div::getIndpEnv('HTTP_HOST');
$authInfo['REMOTE_ADDR'] = t3lib_div::getIndpEnv('REMOTE_ADDR');
$authInfo['REMOTE_HOST'] = t3lib_div::getIndpEnv('REMOTE_HOST');
$authInfo['security_level'] = $this->security_level;
$authInfo['showHiddenRecords'] = $this->showHiddenRecords;
// can be overidden in localconf by SVCONF:
$authInfo['db_user']['table'] = $this->user_table;
$authInfo['db_user']['userid_column'] = $this->userid_column;
$authInfo['db_user']['username_column'] = $this->username_column;
$authInfo['db_user']['userident_column'] = $this->userident_column;
$authInfo['db_user']['usergroup_column'] = $this->usergroup_column;
$authInfo['db_user']['enable_clause'] = $this->user_where_clause();
- $authInfo['db_user']['checkPidList'] = $this->checkPid ? $this->checkPid_value : '';
+ $authInfo['db_user']['checkPidList'] = ($this->checkPid && $this->checkPid_value)
+ ? $this->checkPid_value
+ : '';
- $authInfo['db_user']['check_pid_clause'] = $this->checkPid ? ' AND pid IN (' . $GLOBALS['TYPO3_DB']->cleanIntList($authInfo['db_user']['checkPidList']) . ')' : '';
+ $authInfo['db_user']['check_pid_clause'] = ($this->checkPid && $this->checkPid_value)
+ ? ' AND pid IN (' . $GLOBALS['TYPO3_DB']->cleanIntList($authInfo['db_user']['checkPidList']) . ')'
+ : '';
$authInfo['db_groups']['table'] = $this->usergroup_table;
return $authInfo;
}
Files
Updated by Gerrit Code Review over 10 years ago
- Status changed from New to Under Review
Patch set 1 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 2 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 3 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Christian Finkemeier over 10 years ago
- File class.tslib_fe.php.diff class.tslib_fe.php.diff added
- File class.t3lib_tsparser.php.diff class.t3lib_tsparser.php.diff added
- File class.tslib_pibase.php.diff class.tslib_pibase.php.diff added
- File class.tx_cssstyledcontent_pi1.php.diff class.tx_cssstyledcontent_pi1.php.diff added
- File class.tslib_content.php.diff class.tslib_content.php.diff added
I have found some more calls from core functions that trigger this PHP warning:
typo3/sysext/cms/tslib/class.tslib_fe.php typo3/sysext/cms/tslib/class.tslib_content.php typo3/sysext/cms/tslib/class.tslib_pibase.php t3lib/class.t3lib_tsparser.php typo3/sysext/css_styled_content/pi1/class.tx_cssstyledcontent_pi1.php
See diff files for details.
Updated by Markus Klein over 10 years ago
@Christian: Would you mind integrating these into the pending changeset in Gerrit?
It is twice the work, if you create a diff and somebody else has to make the patchset then.
Thanks.
Updated by Christian Finkemeier over 10 years ago
I'm sorry, but i don't know how to make the patchset itself or how to work with git.
Updated by Markus Klein over 10 years ago
If you're willing to learn, this will help you:
http://wiki.typo3.org/Contribution_Walkthrough_Tutorials
Updated by Gerrit Code Review over 10 years ago
Patch set 4 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 5 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 6 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 7 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 8 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/22956
Updated by Gerrit Code Review over 10 years ago
Patch set 1 for branch TYPO3_6-1 has been pushed to the review server.
It is available at https://review.typo3.org/24002
Updated by Gerrit Code Review over 10 years ago
Patch set 1 for branch TYPO3_6-0 has been pushed to the review server.
It is available at https://review.typo3.org/24003
Updated by Gerrit Code Review over 10 years ago
Patch set 1 for branch TYPO3_4-7 has been pushed to the review server.
It is available at https://review.typo3.org/24004
Updated by Gerrit Code Review over 10 years ago
Patch set 2 for branch TYPO3_4-7 has been pushed to the review server.
It is available at https://review.typo3.org/24004
Updated by Christian Finkemeier over 10 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 172606b36c4348c921b3cc5c43516ddb36b9fc8d.
Updated by