[TYPO3-core] Getting an overview

Ernesto Baschny [cron IT] ernst at cron-it.de
Fri Feb 9 16:54:28 CET 2007


Michael Stucki wrote: on 09.02.2007 01:40:

>>>    * Request parameters could not be validated
>>>      http://bugs.typo3.org/view.php?id=4940
>> I picked this one and added a small patch for it (see in bugtracker).
>> "pageNotFoundOnCHashError" was set to true by default between beta3 and
>> RC1. So if an extension (perhaps an old one) doesn't use the cHash (eg
>> "typolink.useCHash=1") the error page will be shown. So my solution is
>> to let "pageNotFoundOnCHashError" as it is and to define a new config
>> variable "pageNotFoundOnCHashEmpty", which is set to false by default.
>> If the admin wants the error page if cHash is empty he could enable this
>> in his local TYPO3 installation. What do you think?
>> Additionally I could also add a RFC on that and post it to a new thread.
> 
> No, I think you shouldn't do that. It doesn't make much sense to allow empty 
> cHashes if they should be checked. See my detailed explanation inside the 
> bugtracker...


Hi Michael,

I had a problem with the new default in my USER FE-plugins that were
using POST and no GET parameters at all. So my form was build like that:

<form action="index.php?id=155" method="post">
  ...
 <input type="text" name="tx_cronextension_pi[swords]" />
  ...
</form>

on that page I had my plugin. I created the action link with typoLink,
but no cHash was added because we have no piVars on that link!

But then when submitting the FORM, the piVars come from
t3lib_div::GParrayMerged, which merge GET and POST vars. So piVars end
up with many values. After the TYPO3 update this form no longer works
because the cHash check comes into action and I get

  Reason: Request parameters could not be validated (&cHash empty)

How should POST forms be build then?

Cheers,
Ernesto


More information about the TYPO3-team-core mailing list