Project

General

Profile

Actions

Task #80317

closed

Deprecate BackendUtility::getRecordRaw

Added by Manuel Selbach about 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Category:
-
Target version:
-
Start date:
2017-03-17
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
8
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Since we follow the principel of "prepared statement", the method getRecordRaw will break this behaviour.
Within the "where" parameter of the function it is possible to inject malicious code.

Thus we should remove it, as the queryBuilder should be used everywhere in the future
to increase visiblity of which query will be processed at a concrete point of code and to
force the concept of prepared statements.


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #81052: Non-existent field "fe_groups" is used in BackendUtility::ADMCMD_previewCmds()ClosedAndreas Kienast2017-04-27

Actions
Actions #1

Updated by Gerrit Code Review about 7 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #2

Updated by Gerrit Code Review about 7 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #3

Updated by Gerrit Code Review about 7 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #4

Updated by Gerrit Code Review almost 7 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #5

Updated by Gerrit Code Review almost 7 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #6

Updated by Gerrit Code Review almost 7 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #7

Updated by Gerrit Code Review almost 7 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #8

Updated by Gerrit Code Review almost 7 years ago

Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52075

Actions #9

Updated by Gerrit Code Review almost 7 years ago

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52125

Actions #10

Updated by Manuel Selbach almost 7 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #11

Updated by Andreas Kienast almost 7 years ago

  • Related to Bug #81052: Non-existent field "fe_groups" is used in BackendUtility::ADMCMD_previewCmds() added
Actions #12

Updated by Benni Mack over 5 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF