Overview of merged pull requests¶
In case the search string appeared multiple times in the haystack
startsWith would not correctly report the occurance at the beginning
as it used the same code as endsWith. This is now fixed by using
AbstractTemplateView::renderSection is called on a section that
has partials inside, it can happen that for parsing the partial the
ParserConfiguration is not set. This depends on the cache status of the
section and partial template.
If this happens, no Interceptors are applied to the partial. As that includes the Escaping interceptor it might be a “security issue” when the system runs in development context.
The usage of method_exists() checks inside the proxy class code was wrong by checking the existence on the parent class of $this, which might in some circumstances not be the current proxy class (ie. when checking method was originally called from a doctrine proxy).
This change fixes the method_exists calls by using the get_parent_class() without parameter. Also, the method_exists check is added to the remaining method checks, that currently only rely on is_callable, which in turn is always true on hierarchies that implement __call magic method.
Trying to use file_get_contents(“resource://yourhashhere”) led to an exception in the StreamWrapper. This fix addresses the issue by correctly setting the StreamWrapper handle to the opened resource.
Additionally a test is provided to demonstrate the problem.
So far all constructor arguments were treated as autowired unless configured otherwise. This can result in problems and one example is seen with the constructor of ArrayObject starting from PHP 7.0.2.
Unfortunately PHP does not allow Reflection of built-in functions arguments. This includes methods of built-in classes like ArrayObject. This results in our ReflectionService to report null as default for those arguments which will then be autowired. Since PHP 7.0.2 all three arguments of the ArrayObject constructor are reported correctly by Reflection but due to our autowiring the third argument will be given as null in the proxy class which results in a fatal error.
The solution is to mark configured arguments that use the default or null to be not autowired and do not give them to the original constructor if they are not followed by an autowired argument.
FLOW-431 #close Fixes the issue by changing the way we apply default values
The ExceptionHandler includes the Flow Exception class directly by using the relative path. This might not work out if at some point we decide to combine autoloaded classes as this class is autoloaded and the relative path will be wrong then. Using the FLOW_PATH_FLOW constant we can easily construct a full path to the file.
In the method “unlockSite” the order for unlocking a file is wrong. Under Windows you first have to flock/fclose and then unlink (otherwise the lockfile is locked by OS and can not be removed). Then you get in Context Production the Errormessage “Site is currently locked, exiting.”. The above reordering will fix this.
If this is violated, very funny error will appear because proxy classes have already been built without taking the new Policy.yaml into account.
This change has been re-targeted for 3.0 from https://github.com/neos/flow-development-collection/pull/27
For cases where an entity A references entity B and B in turn references A (as first property), the validator chain would not validate the reference to A inside B, even though those might be different instances. This is due to the newly created ObjectValidator for B not being added to the CollectionValidator inside A - so when B again visits A, the returned validator collection is empty and hence not added to the validator chain.
This change fixes that, by adding the new ObjectValidator to the chain early, and only removing it later on, if it is still empty after all properties being checked. This could potentially lead to a deeper validator chain than would be necessary (cycle of empty ObjectValidators), but should not break anything or degrade performance.
- Fixes: FLOW-352
DebugExceptionHandler renders “more information” links
pointing to wiki.typo3.org. This was never really used to document
exceptions and with the departure from the TYPO3 project this should
be removed. A possible replacement can be readded later.
Windows SET command does not parse out quotes of the variable value but rather treats them as part of the value, which currently results in an error on windows since the fix for FLOW-381:
Flow could not create the directory “”C:/workspace/Flow/Data/Temporary”/Development/”.
Note the extra quotes around the temporary base path.
This change fixes that by properly escaping the SET command arguments on windows by using escapeshellcmd instead of escapeshellarg.
FLOW-425 #comment Fix for 2.3.x