Releases: in2code-de/femanager
Releases · in2code-de/femanager
7.0.1 Security Release
- [BUGFIX] (!!!) Security Fix - Broken Access Control in Usergroup Validation (Andreas Nedbal - in2code) - thx to TYPO3 Security Team
- [BUGFIX] login after registration (Re-fetch session from database to update 'userSession' property of TSFE) - thx to Thomas Off
- [BUGFIX] CleanUserGroup DataProcessor - thx to Daniel Hoffmann (in2code)
2.7.0 Security Release
You will find here security backports for TYPO3 7.6 LTS. If you use TYPO3 8 or 9 please use version 5.x
Upgrade
Due to changes in some templates, you need to adjust your templates, if you use your own ones.
- Added element id for new / edit / invitation templates: If you use your own HTML templates of new/edit/invitation-templates you should compare them with the one from EXT:femanager. There is a new additional attribute inside the form viewhelper: data-femanager-plugin, which contains the content element id.
- If you use a modified version of the Validation.js, there are also changes: plugin and action parameter is send to
the eID-Script now - The edit template has to be adjusted, as there is a new parameter 'token' is introduced. (see example below)
Example
Please update these partials:
:file:/Partials/Misc/DeleteLink.html
The argument token was introduced :html:(token:token)
old template code
<f:link.action
action="delete"
arguments="{user:user}"
class="btn btn-warning btn-large"
additionalAttributes="{data-confirm:'{f:translate(key:\'UserDeleteConfirmation\')}'}">
<i class="icon-trash icon-white"></i>
<f:translate key="deleteProfile" />
</f:link.action>
new template code:
<f:link.action
action="delete"
arguments="{user:user, token:token}"
class="btn btn-warning btn-large"
additionalAttributes="{data-confirm:'{f:translate(key:\'UserDeleteConfirmation\')}'}">
<i class="icon-trash icon-white"></i>
<f:translate key="deleteProfile" />
</f:link.action>
:file:/Templates/Edit/Edit.html
You need to add: :html:<f:form.hidden name="token" value="{token}" /> between the form tag.
Example:
<f:form
name="user"
object="{user}"
action="update"
enctype="multipart/form-data"
additionalAttributes="{data-femanager-plugin:data.uid}"
class="form-horizontal {f:if(condition:'{settings.edit.validation._enable.client}',then:'feManagerValidation',else:'')}">
<fieldset>
<legend>
<f:translate key="titleUpdateProfile" />
</legend>
<f:form.hidden name="token" value="{token}" />
more stuff here in the template file…
</f:form>
6.3.2 Maintenance Release
* [TASK] Add setter to allow modification of email object inside event listeners - thx to https://github.com/mediaessenz
* [TASK] Refactor forceValues to FrontendUtility and add a test - thx to https://github.com/ute-arbeit
* [TASK] Remove TCA configuration showRecordFieldList - thx to https://github.com/Patta
* [BUGFIX] Make forceValues work for field names with underscores - thx to https://github.com/ute-arbeit
* [BUGFIX] Allow frontend user login via EXT:femanager - thx to https://github.com/webian
* [BUGFIX] repairs confirmation view due to missing state column - thx to in2code / Bastien Lutz
* [BUGFIX] refusing users from the admin confirmation backend list - Thx to https://github.com/fwg
* [BUGFIX] correct v10 Extbase persistence config - thx to jonaseberle
* [BUGFIX] add missing field mapping for custom properties for TYPO3v10+ - thx to jonaseberle
* [BUGFIX] embedded images in emails - thx to https://github.com/fwg
* [BUGFIX] Email subject for sendCreateUserConfirmationMail - thx to Pixelant
6.3.1 Security Release
- [BUGFIX] Security: Disallow SVG as Filetype
- [DOCS] added security notes for detail / show view (see: https://docs.typo3.org/p/in2code/femanager/6.3/en-us/Features/ShowListUsers/Index.html)
Security Release
- [BUGFIX] Security: Disallow SVG as Filetype
- [DOCS] added security notes for detail / show view (see: https://docs.typo3.org/p/in2code/femanager/5.5/en-us/Features/ShowListUsers/Index.html)
Minor Release: New Gender and country options
- [FEATURE] Add divers as gender - thx to spoonerWeb
- [FEATURE] Add possibility to set preferred or limited countries to selector - thx to spoonerWeb
- [TASK] Use USER_INT instead of no_cache for better performance - thx to
- [TASK] Update Behat Tests and Test Environment - thx to in2code
- [TASK] Add option to run single behat test - thx to in2code
- [TASK] Add terupload via Github Action - thx to in2code
- [BUGIFX] subject translation for createUserConfirmationMail - thx to https://github.com/martinschoene
- [BUGFIX] Fix field validation messages - thx to https://github.com/dahaupt
- [BUGFIX] Fix link generation in general redirect method - thx to Andre Spindler
- [BUGFIX] If user confirmation sent, do not send admin confirmation - thx to SpoonerWeb
- [BUGFIX] Use exact email to check for resending confirmation mail - thx to SpoonerWeb
Bugfix Release
Make femanager Backend Module great again :-)
Minor Release
* [FEATURE] Add RateLimiter for registration form - :ref:`see documentation <countryselect>`
* [BUGFIX] Improve date validation - thx to https://github.com/pfuju
* [BUGFIX] Validation for checkUniqueDb ignores starttime/endtime - thx to in2code
* [BUGFIX] return true for FileReferences - https://github.com/marclindemann
* [BUGFIX] Template missing for New->create - https://github.com/kitzberger
* [BUGFIX] Select previously saved state in state menu - ttps://github.com/mabolek
* [BUGFIX] Subject not translated on confirmation email - thx to https://github.com/Moongazer
* [BUGFIX] Remove unnecessary paramter from disable url - thx to https://github.com/Patta
* [TASK] change language detection to language aspect - thx to https://github.com/cehret
* [TASK] Add validation for all unicode letters - thx to in2code
* [TASK] Add Behaviour Test for terms and conditions - thx to in2code
* [TASK] Add tests for countries and states, update test data - thx to in2code
* [TASK] Resolve TYPO3 V11 breaking change for plugin registration - thx to https://github.com/Footrotflat
5.5.0
Minor Release
- [FEATURE] Add RateLimiter for registration form
- [BUGFIX] Template missing for New->create - https://github.com/kitzberger
Bugfix Release
[BUGFIX] JavaScript error in FeManager.js - thanks to https://github.com/grischpel