Closed magicHatOfTYPO3 closed 1 month ago
The first version (#234) was susceptible to an SQL injection, so I immediately withdrew it. Please don't use it under any circumstances. The new version (#235) checks the input before further processing.
The method IndexerBase->addTagsToRecords should be refactored though, the database queries are difficult to understand and susceptible to serious security vulnerabilities if the method arguments have not been carefully checked and cleaned up. This should happen within the method.
The "Automated Tagging" feature does not respect the configured page typed in the Pages-Indexer. Therefore for non-standard Page types no tags were set.