Prepare for 3.0.3 release

administrator/includes/framework.php

@@ -17,7 +17,7 @@
 /*
  * Installation check, and check on removal of the install directory.
  */
-if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) /*|| file_exists(JPATH_INSTALLATION.'/index.php')*/)
+if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) || file_exists(JPATH_INSTALLATION.'/index.php'))
 {
 	header('Location: ../installation/index.php');
 	exit();

administrator/manifests/files/joomla.xml

@@ -7,7 +7,7 @@
 	<copyright>(C) 2005 - 2013 Open Source Matters. All rights reserved</copyright>
 	<license>GNU General Public License version 2 or later; see     LICENSE.txt</license>
 	<version>3.0.3</version>
-	<creationDate>January 2013</creationDate>
+	<creationDate>February 2013</creationDate>
 	<description>FILES_JOOMLA_XML_DESCRIPTION</description>
 
 	<scriptfile>administrator/components/com_admin/script.php</scriptfile>

build/build.php

@@ -32,7 +32,7 @@
 
 // Set release for each build
 // Release is third digit (like '0', '1', or '2')
-$release = '2';
+$release = '3';
 
 // Set path to git binary (e.g., /usr/local/git/bin/git or /urs/bin/git)
 $gitPath = '/usr/bin/git';

components/com_finder/views/search/tmpl/default_result.php

@@ -18,7 +18,7 @@
 // Get the route with highlighting information.
 if (!empty($this->query->highlight) && empty($this->result->mime) && $this->params->get('highlight_terms', 1) && JPluginHelper::isEnabled('system', 'highlight'))
 {
-	$route = $this->result->route . '&highlight=' . base64_encode(serialize($this->query->highlight));
+	$route = $this->result->route . '&highlight=' . base64_encode(json_encode($this->query->highlight));
 } else {
 	$route = $this->result->route;
 }

components/com_users/models/remind.php

@@ -95,9 +95,9 @@ public function processRemindRequest($data)
 		if ($data === false)
 		{
 			// Get the validation messages from the form.
-			foreach ($form->getErrors() as $message)
+			foreach ($form->getErrors() as $formError)
 			{
-				$this->setError($message);
+				$this->setError($formError->getMessage());
 			}
 			return false;
 		}

components/com_users/models/reset.php

@@ -135,9 +135,9 @@ function processResetComplete($data)
 		if ($return === false)
 		{
 			// Get the validation messages from the form.
-			foreach ($form->getErrors() as $message)
+			foreach ($form->getErrors() as $formError)
 			{
-				$this->setError($message);
+				$this->setError($formError->getMessage());
 			}
 			return false;
 		}
@@ -221,9 +221,9 @@ function processResetConfirm($data)
 		if ($return === false)
 		{
 			// Get the validation messages from the form.
-			foreach ($form->getErrors() as $message)
+			foreach ($form->getErrors() as $formError)
 			{
-				$this->setError($message);
+				$this->setError($formError->getMessage());
 			}
 			return false;
 		}
@@ -320,9 +320,9 @@ public function processResetRequest($data)
 		if ($return === false)
 		{
 			// Get the validation messages from the form.
-			foreach ($form->getErrors() as $message)
+			foreach ($form->getErrors() as $formError)
 			{
-				$this->setError($message);
+				$this->setError($formError->getMessage());
 			}
 			return false;
 		}

includes/framework.php

@@ -18,7 +18,7 @@
 // Installation check, and check on removal of the install directory.
 //
 
-if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) /*|| file_exists(JPATH_INSTALLATION.'/index.php')*/) {
+if (!file_exists(JPATH_CONFIGURATION.'/configuration.php') || (filesize(JPATH_CONFIGURATION.'/configuration.php') < 10) || file_exists(JPATH_INSTALLATION.'/index.php')) {
 
 	if (file_exists(JPATH_INSTALLATION.'/index.php'))
 	{

installation/CHANGELOG

@@ -26,14 +26,16 @@ $ -> Language fix or change
 - -> Removed
 ! -> Note
 
- 03-February-2013 Jean-Marie Simonet
+-------------------- 3.0.3 Stable Release [4-Feb-2013] ------------------
+
+03-February-2013 Jean-Marie Simonet
  $ Updating installation lang file: he-IL
 
- 02-February-2013 Jean-Marie Simonet
+02-February-2013 Jean-Marie Simonet
  $ Updating installation lang file: et-EE, zh-CN
  $ Updating installation lang file: fa-IR, nb-NO
 
- 01-February-2013 Jean-Marie Simonet
+01-February-2013 Jean-Marie Simonet
  $ Updating installation lang file: nl-NL
 
 31-Jan-2013 Jean-Marie Simonet

installation/sql/mysql/joomla.sql

@@ -532,7 +532,7 @@ INSERT INTO `#__extensions` (`extension_id`, `name`, `type`, `element`, `folder`
 (507, 'isis', 'template', 'isis', '', 1, 1, 1, 0, '{"name":"isis","type":"template","creationDate":"3\\/30\\/2012","author":"Kyle Ledbetter","copyright":"Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.","authorEmail":"[email protected]","authorUrl":"","version":"1.0","description":"TPL_ISIS_XML_DESCRIPTION","group":""}', '{"templateColor":"","logoFile":""}', '', '', 0, '0000-00-00 00:00:00', 0, 0),
 (600, 'English (United Kingdom)', 'language', 'en-GB', '', 0, 1, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 0, 0),
 (601, 'English (United Kingdom)', 'language', 'en-GB', '', 1, 1, 1, 1, '', '', '', '', 0, '0000-00-00 00:00:00', 0, 0),
-(700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"legacy":false,"name":"files_joomla","type":"file","creationDate":"January 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '0000-00-00 00:00:00', 0, 0);
+(700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"legacy":false,"name":"files_joomla","type":"file","creationDate":"February 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '0000-00-00 00:00:00', 0, 0);
 
 -- --------------------------------------------------------
 

installation/sql/postgresql/joomla.sql

@@ -577,7 +577,7 @@ INSERT INTO "#__extensions" ("extension_id", "name", "type", "element", "folder"
 
 -- Files Extensions
 INSERT INTO "#__extensions" ("extension_id", "name", "type", "element", "folder", "client_id", "enabled", "access", "protected", "manifest_cache", "params", "custom_data", "system_data", "checked_out", "checked_out_time", "ordering", "state") VALUES
-(700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"legacy":false,"name":"files_joomla","type":"file","creationDate":"January 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '1970-01-01 00:00:00', 0, 0);
+(700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"legacy":false,"name":"files_joomla","type":"file","creationDate":"February 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '1970-01-01 00:00:00', 0, 0);
 
 SELECT nextval('#__extensions_extension_id_seq');
 SELECT setval('#__extensions_extension_id_seq', 10000, false);

installation/sql/sqlazure/joomla.sql

@@ -897,7 +897,7 @@ UNION ALL
 SELECT 601, 'English (United Kingdom)', 'language', 'en-GB', '', 1, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 0, 0;
 
 INSERT INTO #__extensions (extension_id, name, type, element, folder, client_id, enabled, access, protected, manifest_cache, params, custom_data, system_data, checked_out, checked_out_time, ordering, state)
-VALUES (700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"name":"files_joomla","type":"file","creationDate":"January 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '1900-01-01 00:00:00', 0, 0);
+VALUES (700, 'Joomla! CMS', 'file', 'joomla', '', 0, 1, 1, 1, '{"name":"files_joomla","type":"file","creationDate":"February 2013","author":"Joomla!","copyright":"(C) 2005 - 2013 Open Source Matters. All rights reserved","authorEmail":"[email protected]","authorUrl":"www.joomla.org","version":"3.0.3","description":"FILES_JOOMLA_XML_DESCRIPTION","group":""}', '', '', '', 0, '1900-01-01 00:00:00', 0, 0);
 
 INSERT INTO #__extensions (extension_id, name,type, element, folder, client_id, enabled, access, protected, manifest_cache, params, custom_data, system_data, checked_out, checked_out_time, ordering, state) VALUES
 (800, 'joomla', 'package', 'pkg_joomla', '', 0, 1, 1, 1, '', '', '', '', 0, '1900-01-01 00:00:00', 0, 0);

libraries/cms/error/page.php

@@ -49,7 +49,10 @@ public static function render(Exception $error)
 			// Push the error object into the document
 			$document->setError($error);
 
-			ob_end_clean();
+			if (ob_get_contents())
+			{
+				ob_end_clean();
+			}
 			$document->setTitle(JText::_('Error') . ': ' . $error->getCode());
 			$data = $document->render(
 				false,

libraries/cms/version/version.php

@@ -35,7 +35,7 @@ final class JVersion
 	public $CODENAME = 'Ember';
 
 	/** @var  string  Release date. */
-	public $RELDATE = '08-January-2013';
+	public $RELDATE = '04-February-2013';
 
 	/** @var  string  Release time. */
 	public $RELTIME = '14:00';

libraries/legacy/component/helper.php

@@ -397,6 +397,7 @@ protected static function _load($option)
 		if (empty(self::$components[$option]))
 		{
 			// Fatal error.
+			$error = JText::_('JLIB_APPLICATION_ERROR_COMPONENT_NOT_FOUND');
 			JLog::add(JText::sprintf('JLIB_APPLICATION_ERROR_COMPONENT_NOT_LOADING', $option, $error), JLog::WARNING, 'jerror');
 			return false;
 		}

plugins/system/highlight/highlight.php

@@ -55,7 +55,7 @@ public function onAfterDispatch()
 
 		// Get the terms to highlight from the request.
 		$terms = $input->request->get('highlight', null, 'base64');
-		$terms = $terms ? unserialize(base64_decode($terms)) : null;
+		$terms = $terms ? json_decode(base64_decode($terms)) : null;
 
 		// Check the terms.
 		if (empty($terms))

tests/system/suite/security/security0001Test.php

@@ -23,6 +23,18 @@ function testXSS()
 		$this->open($link);
 		$this->waitForPageToLoad("30000");
 		$this->assertFalse($this->isElementPresent("//form/script[contains(text(), 'alert')]"));
+		$link = $this->cfg->path . 'index.php?option=com_content&view=category&catid=26&id=36&Itemid=-1"><script>alert(/XSS/)</script>';
+		$this->open($link);
+		$this->waitForPageToLoad("30000");
+		$this->assertFalse($this->isElementPresent("//form/script[contains(text(), 'alert')]"));
+		$link = $this->cfg->path . 'index.php?option=com_newsfeeds&view=category&catid=26&id=36&Itemid=-1"><script>alert(/XSS/)</script>';
+		$this->open($link);
+		$this->waitForPageToLoad("30000");
+		$this->assertFalse($this->isElementPresent("//form/script[contains(text(), 'alert')]"));
+		$link = $this->cfg->path . 'index.php?option=com_xxxinvalid&view=category&catid=26&id=36&Itemid=-1"><script>alert(/XSS/)</script>';
+		$this->open($link);
+		$this->waitForPageToLoad("30000");
+		$this->assertFalse($this->isElementPresent("//form/script[contains(text(), 'alert')]"));
 		$link = $this->cfg->path . 'index.php?option=com_contact&view=featured&id=16&Itemid=452&whateverehere="><script>alert(/XSS/)</script>';
 		$this->open($link);
 		$this->waitForPageToLoad("30000");