PHORAX/formhandler

tt_address.hidden field prevents authcode generation?

Opened this issue · 1 comments

TrueType commented

working with a more current fork of this one (https://github.com/dmind-gmbh/formhandler) and the discontinued EXT:formhandler_subscription on TYPO3 v9:

  • an tt_address record is created with tt_address.hidden = 1. The record is supposed to stay hidden until the double opt-in by email-link is done, which takes the hidden flag away.
  • this was the case with the older version of Finisher/GenerateAuthCode.php
    using exec_SELECTquery() f676f4c#diff-66782a4338e40dd2907a310cbf419c7c
  • further down in the named commit are several $queryBuilder->getRestrictions()->removeByType(HiddenRestriction::class);

Is that not needed in GenerateAuthCode.php, too?

TrueType commented 
Index: Classes/Finisher/GenerateAuthCode.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- Classes/Finisher/GenerateAuthCode.php	(revision d1eb69adbe5cfa5fe31596bb3d475c68b7e9f32a)
+++ Classes/Finisher/GenerateAuthCode.php	(revision 68ed5aa563ea2f6a7945c4a1c2171348146bcf1b)
@@ -16,6 +16,7 @@
 
 use TYPO3\CMS\Core\Database\ConnectionPool;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Database\Query\Restriction\HiddenRestriction;
 
 /**
  * This finisher generates a unique code for a database entry.
@@ -60,13 +61,17 @@
         $uidField = $firstInsertInfo['uidField'] ?: 'uid';
 
         if ($table && $uid) {
-            $conn = GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($table);
-
-            $selectFields = '*';
-            if ($this->settings['selectFields']) {
-                $selectFields = $this->utilityFuncs->getSingle($this->settings, 'selectFields');
-            }
-            $row = $conn->select(explode(',', $selectFields), $table, [$uidField => $uid])->fetch();
+            $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($table);
+            $queryBuilder->getRestrictions()->removeByType(HiddenRestriction::class);
+            $row = $queryBuilder->select('*')
+                                ->from($table)
+                                ->where(
+                                    $queryBuilder->expr()->eq(
+                                        $uidField,
+                                        $queryBuilder->createNamedParameter($uid, \PDO::PARAM_INT)
+                                    )
+                                )
+                                ->execute()->fetch();
             if (!empty($row)) {
                 $authCode = $this->generateAuthCode($row);
                 $this->gp['generated_authCode'] = $authCode;
  • 👍1