From 88cae8f56aee36932da13baff7a715d7c9fdda4a Mon Sep 17 00:00:00 2001 From: Guite Date: Wed, 13 Nov 2019 14:13:26 +0100 Subject: [PATCH] backported selected fixes from 3.0 to 2.0.14 --- CHANGELOG-2.0.md | 10 ++++++ .../CoreBundle/Controller/MainController.php | 5 +++ .../Twig/Extension/CoreExtension.php | 2 +- .../Form/Type/LocaleType.php | 33 ++++++++++++------- .../Resources/config/services.yml | 3 ++ .../ExtensionsModule/Menu/ActionsMenu.php | 2 +- .../ExtensionsInterface/header.html.twig | 2 +- .../GroupsModule/Entity/GroupEntity.php | 2 +- .../Form/Type/MainSettingsType.php | 2 +- .../Resources/views/Settings/main.html.twig | 2 +- .../SettingsModuleInstaller.php | 2 +- src/system/UsersModule/Constant.php | 3 +- .../Controller/ConfigController.php | 7 +++- 13 files changed, 55 insertions(+), 20 deletions(-) diff --git a/CHANGELOG-2.0.md b/CHANGELOG-2.0.md index ef35c1167e..4f3d2c2779 100644 --- a/CHANGELOG-2.0.md +++ b/CHANGELOG-2.0.md @@ -8,6 +8,16 @@ CHANGELOG - ZIKULA 2.0.x - Use constant time comparison in UriSigner (CVE-2019-18887). - Prevent argument injection in a MimeTypeGuesser (CVE-2019-18888). + - Fixes: + - Improved setting meta data for start page settings (#3929, #3932). + - Clear cache after changing active authentication methods (#3936). + - Prevent exception caused by modification of uninitialised extensions. + - Fixed invalid reference to "use compression" option in general settings form. + - Escape `groups` table name since it became a reserved word in MySQL 8. + - Improved input value checks for `yesNo` Twig filter. + - Dynamically determine available locales from locale api in custom locale form type. + - Increased amount of letters for top level domains in email address validation pattern (#3980). + - Vendor updates: - components/bootstrap updated from 3.4.0 to 3.4.1 - components/jquery updated from 3.3.1 to 3.4.1 diff --git a/src/lib/Zikula/Bundle/CoreBundle/Controller/MainController.php b/src/lib/Zikula/Bundle/CoreBundle/Controller/MainController.php index 1880c62008..09f9de0b5b 100644 --- a/src/lib/Zikula/Bundle/CoreBundle/Controller/MainController.php +++ b/src/lib/Zikula/Bundle/CoreBundle/Controller/MainController.php @@ -63,7 +63,12 @@ public function homeAction(Request $request) $attributes['_controller'] = $controller; $subRequest = $request->duplicate(null, null, $attributes); list($moduleName) = explode(':', $controller); + + $subRequest->attributes->set('_zkBundle', $moduleName); $subRequest->attributes->set('_zkModule', $moduleName); + // fix for #3929, #3932 + $request->attributes->set('_zkBundle', $moduleName); + $request->attributes->set('_zkModule', $moduleName); return $this->kernel ->handle($subRequest, HttpKernelInterface::SUB_REQUEST); diff --git a/src/lib/Zikula/Bundle/CoreBundle/Twig/Extension/CoreExtension.php b/src/lib/Zikula/Bundle/CoreBundle/Twig/Extension/CoreExtension.php index 877c41375e..34139beedf 100644 --- a/src/lib/Zikula/Bundle/CoreBundle/Twig/Extension/CoreExtension.php +++ b/src/lib/Zikula/Bundle/CoreBundle/Twig/Extension/CoreExtension.php @@ -97,7 +97,7 @@ public function languageName($code) */ public function yesNo($string) { - if ('0' != $string && '1' != $string) { + if (null !== $string && !in_array($string, ['', '0', '1'], true)) { return $string; } diff --git a/src/lib/Zikula/Bundle/FormExtensionBundle/Form/Type/LocaleType.php b/src/lib/Zikula/Bundle/FormExtensionBundle/Form/Type/LocaleType.php index 8ed9fe877b..693ae7e3af 100644 --- a/src/lib/Zikula/Bundle/FormExtensionBundle/Form/Type/LocaleType.php +++ b/src/lib/Zikula/Bundle/FormExtensionBundle/Form/Type/LocaleType.php @@ -14,38 +14,49 @@ use Symfony\Component\Form\AbstractType; use Symfony\Component\Form\Extension\Core\Type\ChoiceType; use Symfony\Component\OptionsResolver\OptionsResolver; -use Zikula\Common\Translator\IdentityTranslator; +use Zikula\Common\Translator\TranslatorInterface; +use Zikula\Common\Translator\TranslatorTrait; +use Zikula\SettingsModule\Api\ApiInterface\LocaleApiInterface; /** * Locale form type. */ class LocaleType extends AbstractType { + use TranslatorTrait; + /** - * {@inheritdoc} + * @var LocaleApiInterface */ + protected $localeApi; + + public function __construct(TranslatorInterface $translator, LocaleApiInterface $localeApi) + { + $this->setTranslator($translator); + $this->localeApi = $localeApi; + } + + public function setTranslator(TranslatorInterface $translator): void + { + $this->translator = $translator; + } + public function configureDefaultOptions(OptionsResolver $resolver) { $resolver->setDefaults([ - 'choices' => ['English' => 'en'], + 'choices' => $this->localeApi->getSupportedLocaleNames(), 'label' => 'Locale', 'required' => false, - 'placeholder' => 'All', - 'translator' => new IdentityTranslator() + 'placeholder' => $this->__('All'), + 'attr' => ['class' => 'locale-switcher-block'] ]); } - /** - * {@inheritdoc} - */ public function getBlockPrefix() { return 'zikula_locale'; } - /** - * {@inheritdoc} - */ public function getParent() { return ChoiceType::class; diff --git a/src/lib/Zikula/Bundle/FormExtensionBundle/Resources/config/services.yml b/src/lib/Zikula/Bundle/FormExtensionBundle/Resources/config/services.yml index afb489aa6a..be22833881 100644 --- a/src/lib/Zikula/Bundle/FormExtensionBundle/Resources/config/services.yml +++ b/src/lib/Zikula/Bundle/FormExtensionBundle/Resources/config/services.yml @@ -1,6 +1,9 @@ services: zikula.form.type.locale: class: Zikula\Bundle\FormExtensionBundle\Form\Type\LocaleType + arguments: + - "@translator.default" + - "@zikula_settings_module.locale_api" tags: - { name: form.type, alias: zikula_locale } diff --git a/src/system/ExtensionsModule/Menu/ActionsMenu.php b/src/system/ExtensionsModule/Menu/ActionsMenu.php index 8aef150960..f7f26bde14 100644 --- a/src/system/ExtensionsModule/Menu/ActionsMenu.php +++ b/src/system/ExtensionsModule/Menu/ActionsMenu.php @@ -104,7 +104,7 @@ public function adminExtensionsMenu(FactoryInterface $factory, array $options) break; } - if (Constant::STATE_INVALID != $extension->getState()) { + if (!in_array($extension->getState(), [Constant::STATE_UNINITIALISED, Constant::STATE_INVALID])) { $menu->addChild($this->__f('Edit %s', ['%s' => $extension->getDisplayname()]), [ 'route' => 'zikulaextensionsmodule_module_modify', 'routeParameters' => ['id' => $extension->getId()], diff --git a/src/system/ExtensionsModule/Resources/views/ExtensionsInterface/header.html.twig b/src/system/ExtensionsModule/Resources/views/ExtensionsInterface/header.html.twig index 0e36f0cbff..e65bfcdcde 100644 --- a/src/system/ExtensionsModule/Resources/views/ExtensionsInterface/header.html.twig +++ b/src/system/ExtensionsModule/Resources/views/ExtensionsInterface/header.html.twig @@ -6,7 +6,7 @@ {% endif %} {% if menufirst %}{{ moduleLinks(type) }}{% endif %}
- {% if image %}{{ title }}{% endif %} + {% if image %}{{ title }}{% endif %} {% if title %}

{{ title }}

{% endif %}
{% if not menufirst %}{{ moduleLinks(type) }}{% endif %} diff --git a/src/system/GroupsModule/Entity/GroupEntity.php b/src/system/GroupsModule/Entity/GroupEntity.php index b59878b8d6..75cbdeb1a6 100644 --- a/src/system/GroupsModule/Entity/GroupEntity.php +++ b/src/system/GroupsModule/Entity/GroupEntity.php @@ -20,7 +20,7 @@ * Group entity class. * * @ORM\Entity(repositoryClass="Zikula\GroupsModule\Entity\Repository\GroupRepository") - * @ORM\Table(name="groups") + * @ORM\Table(name="`groups`") */ class GroupEntity extends EntityAccess { diff --git a/src/system/SettingsModule/Form/Type/MainSettingsType.php b/src/system/SettingsModule/Form/Type/MainSettingsType.php index cfd75d96d1..1931e84aeb 100644 --- a/src/system/SettingsModule/Form/Type/MainSettingsType.php +++ b/src/system/SettingsModule/Form/Type/MainSettingsType.php @@ -109,7 +109,7 @@ function($submittedPageTitle) { 'required' => false, 'help' => $this->translator->__('Separate with & for example:') . ' foo=2&bar=5' ]) - ->add('useCompression', CheckboxType::class, [ + ->add('UseCompression', CheckboxType::class, [ 'label' => $this->translator->__('Activate compression'), 'required' => false ]) diff --git a/src/system/SettingsModule/Resources/views/Settings/main.html.twig b/src/system/SettingsModule/Resources/views/Settings/main.html.twig index 6363b3a0f1..8cc501042e 100644 --- a/src/system/SettingsModule/Resources/views/Settings/main.html.twig +++ b/src/system/SettingsModule/Resources/views/Settings/main.html.twig @@ -70,7 +70,7 @@
{{ __('General settings') }} - {{ form_row(form.useCompression) }} + {{ form_row(form.UseCompression) }} {% if zlibEnabled is defined and not zlibEnabled %}

{{ __('Notice: The PHP Zlib extension is not enabled on your host. This setting will not do anything in this case.') }}

diff --git a/src/system/SettingsModule/SettingsModuleInstaller.php b/src/system/SettingsModule/SettingsModuleInstaller.php index 87f22778e0..a57c5b49f4 100644 --- a/src/system/SettingsModule/SettingsModuleInstaller.php +++ b/src/system/SettingsModule/SettingsModuleInstaller.php @@ -132,7 +132,7 @@ public function upgrade($oldversion) $newStargArgs = str_replace(',', '&', $this->getSystemVar('startargs')); // replace comma with `&` $this->setSystemVar('startargs', $newStargArgs); case '2.9.11': - $this->setSystemVar('useCompression', (bool)$this->getSystemVar('useCompression')); + $this->setSystemVar('UseCompression', (bool)$this->getSystemVar('UseCompression')); case '2.9.12': // ship with Core-1.4.4 // reconfigure TZ settings $this->setGuestTimeZone(); diff --git a/src/system/UsersModule/Constant.php b/src/system/UsersModule/Constant.php index d300a2155b..814901a4ea 100644 --- a/src/system/UsersModule/Constant.php +++ b/src/system/UsersModule/Constant.php @@ -253,7 +253,8 @@ class Constant /** * The PCRE regular expression fragment used to validate e-mail address domains. + * Note the last part's allowed length is indeed 64 characters (based on RFC 1034), see #3980 for more information. */ - const EMAIL_DOMAIN_VALIDATION_PATTERN = '(?:[^\\s\\000-\\037\\177\\(\\)<>@,;:\\\\"\\[\\]]\\.?)+\\.[a-z]{2,6}'; + const EMAIL_DOMAIN_VALIDATION_PATTERN = '(?:[^\\s\\000-\\037\\177\\(\\)<>@,;:\\\\"\\[\\]]\\.?)+\\.[a-z]{2,64}'; } } diff --git a/src/system/UsersModule/Controller/ConfigController.php b/src/system/UsersModule/Controller/ConfigController.php index 582394c02d..63752bfff4 100644 --- a/src/system/UsersModule/Controller/ConfigController.php +++ b/src/system/UsersModule/Controller/ConfigController.php @@ -102,12 +102,17 @@ public function authenticationMethodsAction(Request $request) if ($form->get('save')->isClicked()) { $data = $form->getData(); if (!in_array(true, $data['authenticationMethodsStatus'])) { - $data['authenticationMethodsStatus']['native_uname'] = true; // do not allow all methods to be inactive. + // do not allow all methods to be inactive. + $data['authenticationMethodsStatus']['native_uname'] = true; $this->addFlash('info', $this->__f('All methods cannot be inactive. At least one methods must be enabled. (%m has been enabled).', ['%m' => $allMethods['native_uname']->getDisplayName()])); } $this->get('zikula_extensions_module.api.variable')->set(VariableApi::CONFIG, 'authenticationMethodsStatus', $data['authenticationMethodsStatus']); $this->addFlash('status', $this->__('Done! Configuration updated.')); + // clear cache to reflect the updated state (#3936) + $this->get('zikula.cache_clearer')->clear('symfony'); + $this->get('zikula.cache_clearer')->clear('twig'); + return $this->redirectToRoute('zikulausersmodule_config_authenticationmethods'); } if ($form->get('cancel')->isClicked()) {