Merge branch 'develop' into mmikkel-patch-5

Author: brandonkelly

CHANGELOG.md

@@ -2,12 +2,15 @@
 
 ## Unreleased
 
+- Volumes no longer validate if their field layout contains a field called `extension`, `filename`, `height`, `kind`, `size`, or `width`.
 - Stack traces returned by `craft\helpers\App::backtrace()` now more closely resemble exception stack traces.
 - “Element query executed before Craft is fully initialized” warnings now include a stack trace.
+- Fixed a bug where queue-runner Ajax requests triggered on the front end weren’t getting closed before running the queue, potentially causing long front-end load delays.
 - Fixed a user enumeration timing attack vulnerability.
 - Fixed a SQL error that could occur when upgrading to Craft 4, if any `matrixblocks` table rows referenced nonexistent element IDs. ([#13121](https://github.com/craftcms/cms/issues/13121))
 - Fixed a SQL error that could occur when upgrading to Craft 4, if anything triggered an asset or volume query. ([#13130](https://github.com/craftcms/cms/issues/13130))
 - Fixed a SQL error that occurred when deleting a category group on PostgreSQL, when configured with a table prefix. ([#13127](https://github.com/craftcms/cms/issues/13127))
+- Fixed a bug where it was possible to query for elements with soft-deleted site IDs.
 - Fixed a JavaScript error that could occur on the control panel login form.
 
 ## 4.4.8 - 2023-04-25

src/elements/db/ElementQuery.php

@@ -32,6 +32,7 @@
 use craft\helpers\ElementHelper;
 use craft\helpers\StringHelper;
 use craft\models\Site;
+use Illuminate\Support\Collection;
 use ReflectionClass;
 use ReflectionException;
 use ReflectionProperty;
@@ -2643,11 +2644,21 @@ private function _applyRevisionParams(): void
      */
     private function _normalizeSiteId(): void
     {
+        $sitesService = Craft::$app->getSites();
         if (!$this->siteId) {
             // Default to the current site
-            $this->siteId = Craft::$app->getSites()->getCurrentSite()->id;
+            $this->siteId = $sitesService->getCurrentSite()->id;
         } elseif ($this->siteId === '*') {
-            $this->siteId = Craft::$app->getSites()->getAllSiteIds();
+            $this->siteId = $sitesService->getAllSiteIds();
+        } elseif (is_numeric($this->siteId) || ArrayHelper::isNumeric($this->siteId)) {
+            // Filter out any invalid site IDs
+            $siteIds = Collection::make((array)$this->siteId)
+                ->filter(fn($siteId) => $sitesService->getSiteById($siteId, true) !== null)
+                ->all();
+            if (empty($siteIds)) {
+                throw new QueryAbortedException();
+            }
+            $this->siteId = is_array($this->siteId) ? $siteIds : reset($siteIds);
         }
     }
 

src/models/Volume.php

@@ -186,8 +186,14 @@ public function validateFieldLayout(): void
         $fieldLayout = $this->getFieldLayout();
         $fieldLayout->reservedFieldHandles = [
             'alt',
+            'extension',
+            'filename',
             'folder',
+            'height',
+            'kind',
+            'size',
             'volume',
+            'width',
         ];
 
         if (!$fieldLayout->validate()) {

src/queue/Queue.php

@@ -616,26 +616,13 @@ public function handleResponse(): void
 <script type="text/javascript">
 /*<![CDATA[*/
 (function(){
-    var XMLHttpFactories = [
-        function () {return new XMLHttpRequest()},
-        function () {return new ActiveXObject("Msxml2.XMLHTTP")},
-        function () {return new ActiveXObject("Msxml3.XMLHTTP")},
-        function () {return new ActiveXObject("Microsoft.XMLHTTP")}
-    ];
-    var req = false;
-    for (var i = 0; i < XMLHttpFactories.length; i++) {
-        try {
-            req = XMLHttpFactories[i]();
-        }
-        catch (e) {
-            continue;
-        }
-        break;
-    }
-    if (!req) return;
+  try {
+    var req = new XMLHttpRequest();
     req.open('GET', $url, true);
-    if (req.readyState == 4) return;
+    req.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
+    if (req.readyState === 4) return;
     req.send();
+  } catch (e) {}
 })();
 /*]]>*/
 </script>