Merge branch 'hotfix/3.2.5'

contao · Feb 3, 2014 · 2917c04 · 2917c04
2 parents 75c8edb + 75dac20
commit 2917c04
Show file tree

Hide file tree

Showing 63 changed files with 324 additions and 114 deletions.
diff --git a/assets/swipe/2.0/css/swipe.css b/assets/swipe/2.0/css/swipe.css
@@ -17,7 +17,7 @@
 	height:30px;
 	position:relative;
 }
-.slider-control a,.slider-control span {
+.slider-control a,.slider-control .slider-menu {
 	position:absolute;
 	top:9px;
 	display:inline-block;

diff --git a/assets/swipe/2.0/css/swipe.min.css b/assets/swipe/2.0/css/swipe.min.css
diff --git a/contao/index.php b/contao/index.php
@@ -58,7 +58,7 @@ public function __construct()
 		}
 
 		// Reload the page if authentication fails
-		elseif (Input::post('username') && Input::post('password'))
+		elseif (!empty($_POST['username']) && !empty($_POST['password']))
 		{
 			$this->reload();
 		}
@@ -101,8 +101,8 @@ public function run()
 		$this->Template->headline = $strHeadline;
 		$this->Template->curLanguage = Input::post('language') ?: str_replace('-', '_', $GLOBALS['TL_LANGUAGE']);
 		$this->Template->curUsername = Input::post('username') ?: '';
-		$this->Template->uClass = ($_POST && !Input::post('username')) ? ' class="login_error"' : '';
-		$this->Template->pClass = ($_POST && !Input::post('password')) ? ' class="login_error"' : '';
+		$this->Template->uClass = ($_POST && empty($_POST['username'])) ? ' class="login_error"' : '';
+		$this->Template->pClass = ($_POST && empty($_POST['password'])) ? ' class="login_error"' : '';
 		$this->Template->loginButton = specialchars($GLOBALS['TL_LANG']['MSC']['loginBT']);
 		$this->Template->username = $GLOBALS['TL_LANG']['tl_user']['username'][0];
 		$this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0];

diff --git a/contao/install.php b/contao/install.php
@@ -236,9 +236,9 @@ protected function storeFtpCredentials()
 		$GLOBALS['TL_CONFIG']['ftpPath'] = Input::post('path');
 		$GLOBALS['TL_CONFIG']['ftpUser'] = Input::post('username', true);
 
-		if (Input::post('password', true) != '*****')
+		if (Input::postRaw('password') != '*****')
 		{
-			$GLOBALS['TL_CONFIG']['ftpPass'] = Input::post('password', true);
+			$GLOBALS['TL_CONFIG']['ftpPass'] = Input::postRaw('password');
 		}
 
 		$GLOBALS['TL_CONFIG']['ftpSSL']  = Input::post('ssl');
@@ -319,7 +319,7 @@ protected function storeFtpCredentials()
 			$this->Config->update("\$GLOBALS['TL_CONFIG']['ftpPath']", $GLOBALS['TL_CONFIG']['ftpPath']);
 			$this->Config->update("\$GLOBALS['TL_CONFIG']['ftpUser']", $GLOBALS['TL_CONFIG']['ftpUser']);
 
-			if (Input::post('password', true) != '*****')
+			if (Input::postRaw('password') != '*****')
 			{
 				$this->Config->update("\$GLOBALS['TL_CONFIG']['ftpPass']", $GLOBALS['TL_CONFIG']['ftpPass']);
 			}
@@ -359,7 +359,7 @@ protected function loginUser()
 		// The password has been generated with crypt()
 		if (Encryption::test($GLOBALS['TL_CONFIG']['installPassword']))
 		{
-			if (crypt(Input::post('password', true), $GLOBALS['TL_CONFIG']['installPassword']) == $GLOBALS['TL_CONFIG']['installPassword'])
+			if (crypt(Input::postRaw('password'), $GLOBALS['TL_CONFIG']['installPassword']) == $GLOBALS['TL_CONFIG']['installPassword'])
 			{
 				$this->setAuthCookie();
 				$this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0);
@@ -369,12 +369,12 @@ protected function loginUser()
 		else
 		{
 			list($strPassword, $strSalt) = explode(':', $GLOBALS['TL_CONFIG']['installPassword']);
-			$blnAuthenticated = ($strSalt == '') ? ($strPassword == sha1(Input::post('password', true))) : ($strPassword == sha1($strSalt . Input::post('password', true)));
+			$blnAuthenticated = ($strSalt == '') ? ($strPassword == sha1(Input::postRaw('password'))) : ($strPassword == sha1($strSalt . Input::postRaw('password')));
 
 			if ($blnAuthenticated)
 			{
 				// Store a crypt() version of the password
-				$strPassword = Encryption::hash(Input::post('password', true));
+				$strPassword = Encryption::hash(Input::postRaw('password'));
 				$this->Config->update("\$GLOBALS['TL_CONFIG']['installPassword']", $strPassword);
 
 				$this->setAuthCookie();
@@ -394,10 +394,10 @@ protected function loginUser()
 	 */
 	protected function storeInstallToolPassword()
 	{
-		$strPassword = Input::post('password', true);
+		$strPassword = Input::postRaw('password');
 
 		// The passwords do not match
-		if ($strPassword != Input::post('confirm_password', true))
+		if ($strPassword != Input::postRaw('confirm_password'))
 		{
 			$this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordMatch'];
 		}
@@ -602,9 +602,9 @@ protected function adjustDatabaseTables()
 	{
 		if (Input::post('FORM_SUBMIT') == 'tl_tables')
 		{
-			$sql = deserialize(Input::post('sql'));
+			$sql = Input::post('sql');
 
-			if (is_array($sql))
+			if (!empty($sql) && is_array($sql))
 			{
 				foreach ($sql as $key)
 				{

diff --git a/contao/password.php b/contao/password.php
@@ -59,8 +59,8 @@ public function run()
 
 		if (Input::post('FORM_SUBMIT') == 'tl_password')
 		{
-			$pw = Input::post('password', true);
-			$cnf = Input::post('confirm', true);
+			$pw = Input::postRaw('password');
+			$cnf = Input::postRaw('confirm');
 
 			// The passwords do not match
 			if ($pw != $cnf)

diff --git a/share/index.php b/share/index.php
@@ -23,8 +23,8 @@
  */
 if (Input::get('p') == 'facebook')
 {
-	$query  = '?u=' . rawurlencode(Input::get('u'));
-	$query .= '&t=' . rawurlencode(Input::get('t'));
+	$query  = '?u=' . rawurlencode(Input::get('u', true));
+	$query .= '&t=' . rawurlencode(Input::get('t', true));
 	$query .= '&display=popup';
 	$query .= '&redirect_uri=http%3A%2F%2Fwww.facebook.com';
 	header('Location: http://www.facebook.com/sharer/sharer.php' . $query);
@@ -37,8 +37,8 @@
  */
 elseif (Input::get('p') == 'twitter')
 {
-	$query  = '?url=' . rawurlencode(Input::get('u'));
-	$query .= '&text=' . rawurlencode(Input::get('t'));
+	$query  = '?url=' . rawurlencode(Input::get('u', true));
+	$query .= '&text=' . rawurlencode(Input::get('t', true));
 	header('Location: http://twitter.com/share' . $query);
 	exit;
 }
@@ -49,7 +49,7 @@
  */
 elseif (Input::get('p') == 'gplus')
 {
-	$query  = '?url=' . rawurlencode(Input::get('u'));
+	$query  = '?url=' . rawurlencode(Input::get('u', true));
 	header('Location: https://plus.google.com/share' . $query);
 	exit;
 }

diff --git a/system/config/constants.php b/system/config/constants.php
@@ -15,7 +15,7 @@
  * Core version
  */
 define('VERSION', '3.2');
-define('BUILD', '4');
+define('BUILD', '5');
 define('LONG_TERM_SUPPORT', true);
 
 

diff --git a/system/docs/CHANGELOG.md b/system/docs/CHANGELOG.md
@@ -1,6 +1,35 @@
 Contao Open Source CMS changelog
 ================================
 
+Version 3.2.5 (2014-02-03)
+--------------------------
+
+### Fixed
+Correctly load the parent pages in the navigation modules (see #6696).
+
+### Fixed
+Correctly encode URLs with GET parameters in the syndication links (see #6683).
+
+### Fixed
+Do not pass POST data to the `deserialize()` function, so it is not vulnerable
+to PHP object injection. Thanks to Pedro Ribeiro for his input (see #6695).
+
+### Fixed
+Allow any character in passwords, especially the less-than symbol (see #6447).
+
+### Fixed
+Purge the image cache if a file is being renamed (see #6641).
+
+### Fixed
+Preserve tags in custom CSS definitions (see #6667).
+
+### Fixed
+Make the swipe CSS selectors more specific (see #6666).
+
+### Fixed
+Correctly optimize floating-point numbers in style sheets (see #6674).
+
+
 Version 3.2.4 (2014-01-20)
 --------------------------
 

diff --git a/system/helper/functions.php b/system/helper/functions.php
@@ -284,9 +284,13 @@ function deserialize($varValue, $blnForceArray=false)
 		return $varValue;
 	}
 
-	if (!is_string($varValue))
+	if ($varValue === null)
 	{
-		return $blnForceArray ? (($varValue === null) ? array() : array($varValue)) : $varValue;
+		return $blnForceArray ? array() : null;
+	}
+	elseif (!is_string($varValue))
+	{
+		return $blnForceArray ? array($varValue) : $varValue;
 	}
 	elseif (trim($varValue) == '')
 	{

diff --git a/system/modules/calendar/languages/fa/modules.xlf b/system/modules/calendar/languages/fa/modules.xlf
@@ -7,7 +7,7 @@
       </trans-unit>
       <trans-unit id="MOD.calendar.1">
         <source>Manage events and display them in a calendar or event list</source>
-        <target>این ماژول به شما این امکان را می دهد که تمام رویدادها و اتفاقات را در تقویم سایت ثبت نمائید تا کاربران آنها را مشاهده نمایند.</target>
+        <target>مدیریت رویدادها و نمایش آنها در لیست تقویم یا رویداد</target>
       </trans-unit>
       <trans-unit id="MOD.tl_calendar_feed">
         <source>Calendar feeds</source>
@@ -23,31 +23,31 @@
       </trans-unit>
       <trans-unit id="FMD.calendar.1">
         <source>Adds a calendar to the page</source>
-        <target>این ماژول به شما این امکان را می دهد که به سایت خود یک تقویم اضافه نمائید .</target>
+        <target>یک تقویم به صفحه اضافه می‌کند</target>
       </trans-unit>
       <trans-unit id="FMD.eventlist.0">
         <source>Event list</source>
         <target>لیست رویداد</target>
       </trans-unit>
       <trans-unit id="FMD.eventlist.1">
         <source>Adds a list of events to the page</source>
-        <target>لیستی از رویدادها به صفحه اضافه می کند.</target>
+        <target>لیست رویدادها را به صفحه اضافه می‌کند</target>
       </trans-unit>
       <trans-unit id="FMD.eventreader.0">
         <source>Event reader</source>
         <target>رویداد خوان</target>
       </trans-unit>
       <trans-unit id="FMD.eventreader.1">
         <source>Shows the details of an event</source>
-        <target>جزئیات یک رویداد را نشان می دهد.</target>
+        <target>جزئیات یک رویداد را نشان می‌دهد.</target>
       </trans-unit>
       <trans-unit id="FMD.eventmenu.0">
         <source>Event list menu</source>
-        <target>منولیست رویداد</target>
+        <target>منو لیست رویداد</target>
       </trans-unit>
       <trans-unit id="FMD.eventmenu.1">
         <source>Generates a navigation menu to browse the event list</source>
-        <target>منوی ناوبری برای مرور لیست رویداد ایجاد می کند.</target>
+        <target>منوی ناوبری برای مرور لیست رویداد ایجاد می‌کند</target>
       </trans-unit>
     </body>
   </file>

diff --git a/system/modules/core/classes/StyleSheets.php b/system/modules/core/classes/StyleSheets.php
@@ -907,6 +907,9 @@ public function compileDefinition($row, $blnWriteToFile=false, $vars=array(), $p
 			}
 		}
 
+		// Optimize floating-point numbers (see #6634)
+		$return = preg_replace('/([^0-9\.\+\-])0\.([0-9]+)/', '$1.$2', $return);
+
 		// CSS3PIE
 		if ($blnNeedsPie && !$parent['disablePie'])
 		{
@@ -919,7 +922,8 @@ public function compileDefinition($row, $blnWriteToFile=false, $vars=array(), $p
 			$own = trim(\String::decodeEntities($row['own']));
 			$own = preg_replace('/url\("(?!data:|\/)/', 'url("' . $strGlue, $own);
 			$own = preg_split('/[\n\r]+/', $own);
-			$return .= $lb . implode(($blnWriteToFile ? '' : $lb), $own);
+			$own = implode(($blnWriteToFile ? '' : $lb), $own);
+			$return .= $lb . (!$blnWriteToFile ? specialchars($own) : $own);
 		}
 
 		// Allow custom definitions
@@ -960,9 +964,6 @@ public function compileDefinition($row, $blnWriteToFile=false, $vars=array(), $p
 			$return = str_replace(array_keys($vars), array_values($vars), $return);
 		}
 
-		// Optimize floating-point numbers (see #6634)
-		$return = preg_replace('/(?<!\-)0\.([0-9]+)/', '.$1', $return);
-
 		// Replace insert tags (see #5512)
 		return $this->replaceInsertTags($return, false);
 	}

diff --git a/system/modules/core/dca/tl_style.php b/system/modules/core/dca/tl_style.php
@@ -593,8 +593,9 @@
 		'own' => array
 		(
 			'label'                   => &$GLOBALS['TL_LANG']['tl_style']['own'],
+			'search'                  => true,
 			'inputType'               => 'textarea',
-			'eval'                    => array('decodeEntities'=>true, 'style'=>'height:120px'),
+			'eval'                    => array('preserveTags'=>true, 'style'=>'height:120px'),
 			'sql'                     => "text NULL"
 		),
 		'invisible' => array

diff --git a/system/modules/core/drivers/DC_Folder.php b/system/modules/core/drivers/DC_Folder.php
@@ -121,9 +121,9 @@ public function __construct($strTable)
 		// Set IDs and redirect
 		if (\Input::post('FORM_SUBMIT') == 'tl_select')
 		{
-			$ids = deserialize(\Input::post('IDS'));
+			$ids = \Input::post('IDS');
 
-			if (!is_array($ids) || empty($ids))
+			if (empty($ids) || !is_array($ids))
 			{
 				$this->reload();
 			}
@@ -1339,7 +1339,7 @@ public function editAll()
 		// Save field selection in session
 		if (\Input::post('FORM_SUBMIT') == $this->strTable.'_all' && \Input::get('fields'))
 		{
-			$session['CURRENT'][$this->strTable] = deserialize(\Input::post('all_fields'));
+			$session['CURRENT'][$this->strTable] = \Input::post('all_fields');
 			$this->Session->setData($session);
 		}
 
@@ -1857,6 +1857,17 @@ protected function save($varValue)
 				throw new \Exception(sprintf($GLOBALS['TL_LANG']['ERR']['fileExists'], $varValue));
 			}
 
+			$arrImageTypes = trimsplit(',', strtolower($GLOBALS['TL_CONFIG']['validImageTypes']));
+
+			// Remove potentially existing thumbnails (see #6641)
+			if (in_array(substr($this->strExtension, 1), $arrImageTypes))
+			{
+				foreach (glob(TL_ROOT . '/assets/images/*/' . $this->varValue . '-*' . $this->strExtension) as $strThumbnail)
+				{
+					$this->Files->delete(str_replace(TL_ROOT, '', $strThumbnail));
+				}
+			}
+
 			// Rename the file
 			$this->Files->rename($this->strPath . '/' . $this->varValue . $this->strExtension, $this->strPath . '/' . $varValue . $this->strExtension);
 

diff --git a/system/modules/core/drivers/DC_Table.php b/system/modules/core/drivers/DC_Table.php
@@ -146,15 +146,15 @@ public function __construct($strTable, $arrModule=array())
 		// Set IDs and redirect
 		if (\Input::post('FORM_SUBMIT') == 'tl_select')
 		{
-			$ids = deserialize(\Input::post('IDS'));
+			$ids = \Input::post('IDS');
 
-			if (!is_array($ids) || empty($ids))
+			if (empty($ids) || !is_array($ids))
 			{
 				$this->reload();
 			}
 
 			$session = $this->Session->getData();
-			$session['CURRENT']['IDS'] = deserialize(\Input::post('IDS'));
+			$session['CURRENT']['IDS'] = $ids;
 			$this->Session->setData($session);
 
 			if (isset($_POST['edit']))
@@ -2154,7 +2154,7 @@ public function editAll($intId=null, $ajaxId=null)
 		// Save field selection in session
 		if (\Input::post('FORM_SUBMIT') == $this->strTable.'_all' && \Input::get('fields'))
 		{
-			$session['CURRENT'][$this->strTable] = deserialize(\Input::post('all_fields'));
+			$session['CURRENT'][$this->strTable] = \Input::post('all_fields');
 			$this->Session->setData($session);
 		}
 
@@ -2533,7 +2533,7 @@ public function overrideAll()
 		// Save field selection in session
 		if (\Input::post('FORM_SUBMIT') == $this->strTable.'_all' && \Input::get('fields'))
 		{
-			$session['CURRENT'][$this->strTable] = deserialize(\Input::post('all_fields'));
+			$session['CURRENT'][$this->strTable] = \Input::post('all_fields');
 			$this->Session->setData($session);
 		}
 

diff --git a/system/modules/core/forms/FormCheckBox.php b/system/modules/core/forms/FormCheckBox.php
@@ -95,7 +95,7 @@ public function __get($strKey)
 	public function validate()
 	{
 		$mandatory = $this->mandatory;
-		$options = deserialize($this->getPost($this->strName));
+		$options = $this->getPost($this->strName);
 
 		// Check if there is at least one value
 		if ($mandatory && is_array($options))

diff --git a/system/modules/core/forms/FormRadioButton.php b/system/modules/core/forms/FormRadioButton.php
@@ -106,7 +106,7 @@ public function __get($strKey)
 	 */
 	public function validate()
 	{
-		$varValue = deserialize($this->getPost($this->strName));
+		$varValue = $this->getPost($this->strName);
 
 		if (!empty($varValue) && !$this->isValidOption($varValue))
 		{

diff --git a/system/modules/core/forms/FormSelectMenu.php b/system/modules/core/forms/FormSelectMenu.php
@@ -105,7 +105,7 @@ public function __set($strKey, $varValue)
 	public function validate()
 	{
 		$mandatory = $this->mandatory;
-		$options = deserialize($this->getPost($this->strName));
+		$options = $this->getPost($this->strName);
 
 		// Check if there is at least one value
 		if ($mandatory && is_array($options))