|
TYPO3 API
SVNRelease
|
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com) 00006 * (c) 2010-2011 Georg Ringer <typo3@ringerge.org> 00007 * All rights reserved 00008 * 00009 * This script is part of the TYPO3 project. The TYPO3 project is 00010 * free software; you can redistribute it and/or modify 00011 * it under the terms of the GNU General Public License as published by 00012 * the Free Software Foundation; either version 2 of the License, or 00013 * (at your option) any later version. 00014 * 00015 * The GNU General Public License can be found at 00016 * http://www.gnu.org/copyleft/gpl.html. 00017 * 00018 * This script is distributed in the hope that it will be useful, 00019 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00020 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00021 * GNU General Public License for more details. 00022 * 00023 * This copyright notice MUST APPEAR in all copies of the script! 00024 ***************************************************************/ 00025 00026 00027 /** 00028 * This class provides a task for the taskcenter 00029 * 00030 * @author Kasper Skårhøj <kasperYYYY@typo3.com> 00031 * @author Georg Ringer <typo3@ringerge.org> 00032 * @package TYPO3 00033 * @subpackage tx_sysaction 00034 * 00035 */ 00036 class tx_sysaction_task implements tx_taskcenter_Task { 00037 00038 protected $taskObject; 00039 var $t3lib_TCEforms; 00040 00041 /** 00042 * Constructor 00043 */ 00044 public function __construct(SC_mod_user_task_index $taskObject) { 00045 $this->taskObject = $taskObject; 00046 $GLOBALS['LANG']->includeLLFile('EXT:sys_action/locallang.xml'); 00047 } 00048 00049 00050 /** 00051 * This method renders the task 00052 * 00053 * @return string The task as HTML 00054 */ 00055 public function getTask() { 00056 $content = ''; 00057 $show = intval(t3lib_div::_GP('show')); 00058 00059 // if no task selected, render the menu 00060 if ($show == 0) { 00061 $content .= $this->taskObject->description( 00062 $GLOBALS['LANG']->getLL('sys_action'), 00063 $GLOBALS['LANG']->getLL('description') 00064 ); 00065 00066 $content .= $this->renderActionList(); 00067 } else { 00068 $record = t3lib_BEfunc::getRecord('sys_action', $show); 00069 00070 // if the action is not found 00071 if (count($record) == 0) { 00072 $flashMessage = t3lib_div::makeInstance( 00073 't3lib_FlashMessage', 00074 $GLOBALS['LANG']->getLL('action_error-not-found', TRUE), 00075 $GLOBALS['LANG']->getLL('action_error'), 00076 t3lib_FlashMessage::ERROR 00077 ); 00078 $content .= $flashMessage->render(); 00079 } else { 00080 // render the task 00081 $content .= $this->taskObject->description($record['title'], $record['description']); 00082 00083 // output depends on the type 00084 switch ($record['type']) { 00085 case 1: 00086 $content .= $this->viewNewBackendUser($record); 00087 break; 00088 case 2: 00089 $content .= $this->viewSqlQuery($record); 00090 break; 00091 case 3: 00092 $content .= $this->viewRecordList($record); 00093 break; 00094 case 4: 00095 $content .= $this->viewEditRecord($record); 00096 break; 00097 case 5: 00098 $content .= $this->viewNewRecord($record); 00099 break; 00100 default: 00101 $flashMessage = t3lib_div::makeInstance( 00102 't3lib_FlashMessage', 00103 $GLOBALS['LANG']->getLL('action_noType', TRUE), 00104 $GLOBALS['LANG']->getLL('action_error'), 00105 t3lib_FlashMessage::ERROR 00106 ); 00107 $content .= '<br />' . $flashMessage->render(); 00108 } 00109 } 00110 } 00111 00112 return $content; 00113 } 00114 00115 /** 00116 * Gemeral overview over the task in the taskcenter menu 00117 * 00118 * @return string Overview as HTML 00119 */ 00120 public function getOverview() { 00121 $content = '<p>' . $GLOBALS['LANG']->getLL('description') . '</p>'; 00122 00123 // get the actions 00124 $actionList = $this->getActions(); 00125 if (count($actionList) > 0) { 00126 $items = ''; 00127 00128 // render a single action menu item 00129 foreach ($actionList as $action) { 00130 $active = (t3lib_div::_GP('show') === $action['uid']) ? ' class="active" ' : ''; 00131 $items .= '<li' . $active . '> 00132 <a href="' . $action['link'] . '" title="' . htmlspecialchars($action['description']) . '">' . 00133 htmlspecialchars($action['title']) . 00134 '</a> 00135 </li>'; 00136 } 00137 $content .= '<ul>' . $items . '</ul>'; 00138 } 00139 00140 return $content; 00141 } 00142 00143 /** 00144 * Get all actions of an user. Admins can see any action, all others only those 00145 * whic are allowed in sys_action record itself. 00146 * 00147 * @param boolean $toOverview: If TRUE, the link redirects to the taskcenter 00148 * @return array Array holding every needed information of a sys_action 00149 */ 00150 protected function getActions() { 00151 $actionList = array(); 00152 00153 // admins can see any record 00154 if ($GLOBALS['BE_USER']->isAdmin()) { 00155 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery( 00156 '*', 00157 'sys_action', 00158 '', 00159 '', 00160 'sys_action.sorting' 00161 ); 00162 } else { 00163 // editors can only see the actions which are assigned to a usergroup they belong to 00164 $additionalWhere = 'be_groups.uid IN (' . ($GLOBALS['BE_USER']->groupList ? $GLOBALS['BE_USER']->groupList : 0) . ')'; 00165 00166 $res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query( 00167 'sys_action.*', 00168 'sys_action', 00169 'sys_action_asgr_mm', 00170 'be_groups', 00171 ' AND sys_action.hidden=0 AND ' . $additionalWhere, 00172 'sys_action.uid', 00173 'sys_action.sorting' 00174 ); 00175 } 00176 00177 while($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { 00178 $editActionLink = ''; 00179 00180 // admins are allowed to edit sys_action records 00181 if ($GLOBALS['BE_USER']->isAdmin()) { 00182 $returnUrl = rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')); 00183 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl . '&edit[sys_action][' . $actionRow['uid'] . ']=edit'; 00184 00185 $editActionLink = '<a class="edit" href="' . $link . '">' . 00186 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' title="' . $GLOBALS['LANG']->getLL('edit-sys_action') . '" alt="" />' . 00187 $GLOBALS['LANG']->getLL('edit-sys_action') . 00188 '</a>'; 00189 } 00190 00191 $actionList[] = array( 00192 'uid' => $actionRow['uid'], 00193 'title' => $actionRow['title'], 00194 'description' => $actionRow['description'], 00195 'descriptionHtml' => nl2br(htmlspecialchars($actionRow['description'])) . $editActionLink, 00196 'link' => 'mod.php?M=user_task&SET[function]=sys_action.tx_sysaction_task&show=' . $actionRow['uid'], 00197 'icon' => 'EXT:sys_action/sys_action.gif' 00198 ); 00199 } 00200 $GLOBALS['TYPO3_DB']->sql_free_result($res); 00201 00202 return $actionList; 00203 } 00204 00205 /** 00206 * Render the menu of sys_actions 00207 * 00208 * @return string list of sys_actions as HTML 00209 */ 00210 protected function renderActionList() { 00211 $content = ''; 00212 00213 // get the sys_action records 00214 $actionList = $this->getActions(); 00215 00216 // if any actions are found for the current users 00217 if (count($actionList) > 0) { 00218 $content .= $this->taskObject->renderListMenu($actionList); 00219 } else { 00220 $flashMessage = t3lib_div::makeInstance ( 00221 't3lib_FlashMessage', 00222 $GLOBALS['LANG']->getLL('action_not-found-description', TRUE), 00223 $GLOBALS['LANG']->getLL('action_not-found'), 00224 t3lib_FlashMessage::INFO 00225 ); 00226 $content .= $flashMessage->render(); 00227 } 00228 00229 // Admin users can create a new action 00230 if ($GLOBALS['BE_USER']->isAdmin()) { 00231 $returnUrl = rawurlencode('mod.php?M=user_task'); 00232 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[sys_action][0]=new'; 00233 00234 $content .= '<br /> 00235 <a href="' . $link . '" title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '">' . 00236 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/new_record.gif') . ' title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '" alt="" /> ' . 00237 $GLOBALS['LANG']->getLL('new-sys_action') . 00238 '</a>'; 00239 } 00240 00241 return $content; 00242 } 00243 00244 /** 00245 * Action to create a new BE user 00246 * 00247 * @param array $record: sys_action record 00248 * @return string form to create a new user 00249 */ 00250 protected function viewNewBackendUser($record) { 00251 $content = ''; 00252 00253 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user'])); 00254 // a record is neeed which is used as copy for the new user 00255 if (!is_array($beRec)) { 00256 $flashMessage = t3lib_div::makeInstance( 00257 't3lib_FlashMessage', 00258 $GLOBALS['LANG']->getLL('action_notReady', TRUE), 00259 $GLOBALS['LANG']->getLL('action_error'), 00260 t3lib_FlashMessage::ERROR 00261 ); 00262 $content .= $flashMessage->render(); 00263 00264 return $content; 00265 } 00266 00267 $vars = t3lib_div::_POST('data'); 00268 $key = 'NEW'; 00269 00270 if ($vars['sent'] == 1) { 00271 $errors = array(); 00272 00273 // basic error checks 00274 if (!empty($vars['email']) && !t3lib_div::validEmail($vars['email'])) { 00275 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-email'); 00276 } 00277 if (empty($vars['username'])) { 00278 $errors[] = $GLOBALS['LANG']->getLL('error-username-empty'); 00279 } 00280 if (empty($vars['password'])) { 00281 $errors[] = $GLOBALS['LANG']->getLL('error-password-empty'); 00282 } 00283 if ($vars['key'] !== 'NEW' && !$this->isCreatedByUser($vars['key'], $record)) { 00284 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-user'); 00285 } 00286 00287 // show errors if there are any 00288 if (count($errors) > 0) { 00289 $flashMessage = t3lib_div::makeInstance ( 00290 't3lib_FlashMessage', 00291 implode('<br />', $errors), 00292 $GLOBALS['LANG']->getLL('action_error'), 00293 t3lib_FlashMessage::ERROR 00294 ); 00295 $content .= $flashMessage->render() . '<br />'; 00296 } else { 00297 // save user 00298 $key = $this->saveNewBackendUser($record, $vars); 00299 00300 // success messsage 00301 $flashMessage = t3lib_div::makeInstance ( 00302 't3lib_FlashMessage', 00303 ($vars['key'] === 'NEW' ? $GLOBALS['LANG']->getLL('success-user-created') : $GLOBALS['LANG']->getLL('success-user-updated')), 00304 $GLOBALS['LANG']->getLL('success'), 00305 t3lib_FlashMessage::OK 00306 ); 00307 $content .= $flashMessage->render() . '<br />' ; 00308 } 00309 00310 } 00311 00312 // load BE user to edit 00313 if (intval(t3lib_div::_GP('be_users_uid')) > 0) { 00314 $tmpUserId = intval(t3lib_div::_GP('be_users_uid')); 00315 00316 // check if the selected user is created by the current user 00317 $rawRecord = $this->isCreatedByUser($tmpUserId, $record); 00318 if ($rawRecord) { 00319 // delete user 00320 if (t3lib_div::_GP('delete') == 1) { 00321 $this->deleteUser($tmpUserId, $record['uid']); 00322 } 00323 00324 $key = $tmpUserId; 00325 $vars = $rawRecord; 00326 } 00327 } 00328 00329 $this->JScode(); 00330 $loadDB = t3lib_div::makeInstance('t3lib_loadDBGroup'); 00331 $loadDB->start($vars['db_mountpoints'], 'pages'); 00332 00333 $content .= '<form action="" method="post" enctype="multipart/form-data"> 00334 <fieldset class="fields"> 00335 <legend>General fields</legend> 00336 <div class="row"> 00337 <label for="field_disable">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.disable') . '</label> 00338 <input type="checkbox" id="field_disable" name="data[disable]" value="1" class="checkbox" ' . ($vars['disable'] == 1 ? ' checked="checked" ' : '') . ' /> 00339 </div> 00340 <div class="row"> 00341 <label for="field_realname">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.name') . '</label> 00342 <input type="text" id="field_realname" name="data[realName]" value="' . htmlspecialchars($vars['realName']) .'" /> 00343 </div> 00344 <div class="row"> 00345 <label for="field_username">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.username') . '</label> 00346 <input type="text" id="field_username" name="data[username]" value="' . htmlspecialchars($vars['username']) .'" /> 00347 </div> 00348 <div class="row"> 00349 <label for="field_password">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.password') . '</label> 00350 <input type="password" id="field_password" name="data[password]" value="" /> 00351 </div> 00352 <div class="row"> 00353 <label for="field_email">' .$GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.email') . '</label> 00354 <input type="text" id="field_email" name="data[email]" value="' . htmlspecialchars($vars['email']) .'" /> 00355 </div> 00356 </fieldset> 00357 <fieldset class="fields"> 00358 <legend>Configuration</legend> 00359 00360 <div class="row"> 00361 <label for="field_usergroup">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.usergroup') . '</label> 00362 <select id="field_usergroup" name="data[usergroup][]" multiple="multiple"> 00363 ' . $this->getUsergroups($record, $vars) . ' 00364 </select> 00365 </div> 00366 <div class="row"> 00367 <label for="field_db_mountpoints">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.options_db_mounts') . '</label> 00368 ' . $this->t3lib_TCEforms->dbFileIcons('data[db_mountpoints]', 'db', 'pages', $loadDB->itemArray, '', array('size' => 3)) . ' 00369 </div> 00370 <div class="row"> 00371 <input type="hidden" name="data[key]" value="' . $key . '" /> 00372 <input type="hidden" name="data[sent]" value="1" /> 00373 <input type="submit" value="' . ($key === 'NEW' ? $GLOBALS['LANG']->getLL('action_Create') : $GLOBALS['LANG']->getLL('action_Update')) . '" /> 00374 </div> 00375 </fieldset> 00376 </form>'; 00377 00378 $content .= $this->getCreatedUsers($record, $key); 00379 00380 return $content; 00381 } 00382 00383 /** 00384 * Delete a BE user and redirect to the action by its id 00385 * 00386 * @param int $userId: Id of the BE user 00387 * @param int $actionId: Id of the action 00388 * @return void 00389 */ 00390 protected function deleteUser($userId, $actionId) { 00391 $GLOBALS['TYPO3_DB']->exec_UPDATEquery( 00392 'be_users', 00393 'uid=' . $userId, 00394 array ( 00395 'deleted' => 1, 00396 'tstamp' => $GLOBALS['ACCESS_TIME'] 00397 ) 00398 ); 00399 00400 // redirect to the original task 00401 $redirectUrl = 'mod.php?M=user_task&show=' . $actionId; 00402 t3lib_utility_Http::redirect($redirectUrl); 00403 } 00404 00405 /** 00406 * Check if a BE user is created by the current user 00407 * 00408 * @param int $id: Id of the BE user 00409 * @param array $action: sys_action record. 00410 * @return mixed the record of the BE user if found, otherwise FALSE 00411 */ 00412 protected function isCreatedByUser($id, $action) { 00413 $record = t3lib_BEfunc::getRecord( 00414 'be_users', 00415 $id, 00416 '*', 00417 ' AND cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . $action['uid'] 00418 ); 00419 00420 if (is_array($record)) { 00421 return $record; 00422 } else { 00423 return FALSE; 00424 } 00425 } 00426 00427 00428 /** 00429 * Render all users who are created by the current BE user including a link to edit the record 00430 * 00431 * @param array $action: sys_action record. 00432 * @param int $selectedUser: Id of a selected user 00433 * @return html list of users 00434 */ 00435 protected function getCreatedUsers($action, $selectedUser) { 00436 $content = ''; 00437 $userList = array(); 00438 00439 // List of users 00440 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery( 00441 '*', 00442 'be_users', 00443 'cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . intval($action['uid']) . t3lib_BEfunc::deleteClause('be_users'), 00444 '', 00445 'username' 00446 ); 00447 00448 // render the user records 00449 while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { 00450 $icon = t3lib_iconworks::getSpriteIconForRecord('be_users', $row, array('title' => 'uid=' . $row['uid'])); 00451 $line = $icon . $this->action_linkUserName($row['username'], $row['realName'], $action['uid'], $row['uid']); 00452 00453 // selected user 00454 if ($row['uid'] == $selectedUser) { 00455 $line = '<strong>' . $line . '</strong>'; 00456 } 00457 00458 $userList[] = $line; 00459 } 00460 $GLOBALS['TYPO3_DB']->sql_free_result($res); 00461 00462 // if any records found 00463 if (count($userList)) { 00464 $content .= '<br />' . $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t1_listOfUsers'), implode('<br />', $userList)); 00465 } 00466 00467 return $content; 00468 } 00469 00470 00471 /** 00472 * Create a link to edit a user 00473 * 00474 * @param string $username: Username 00475 * @param string $realName: Real name of the user 00476 * @param int $sysActionUid: Id of the sys_action record 00477 * @param int $userId: Id of the user 00478 * @return html link 00479 */ 00480 protected function action_linkUserName($username, $realName, $sysActionUid, $userId) { 00481 if (!empty($realName)) { 00482 $username .= ' (' . $realName . ')'; 00483 } 00484 00485 // link to update the user record 00486 $href = 'mod.php?M=user_task&SET[function]=sys_action.tx_sysaction_task&show=' . intval($sysActionUid) . '&be_users_uid=' . intval($userId); 00487 $link = '<a href="' . htmlspecialchars($href) . '">' . htmlspecialchars($username) . '</a>'; 00488 00489 // link to delete the user record 00490 $onClick = ' onClick="return confirm('.$GLOBALS['LANG']->JScharCode($GLOBALS['LANG']->getLL("lDelete_warning")).');"'; 00491 $link .= ' 00492 <a href="' . htmlspecialchars($href . '&delete=1') . '" ' . $onClick . '> 00493 <img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/delete_record.gif') . ' alt="" /> 00494 </a>'; 00495 return $link; 00496 } 00497 00498 /** 00499 * Save/Update a BE user 00500 * 00501 * @param array $record: Current action record 00502 * @param array $vars: POST vars 00503 * @return int Id of the new/updated user 00504 */ 00505 protected function saveNewBackendUser($record, $vars) { 00506 // check if the db mount is a page the current user is allowed to.); 00507 $vars['db_mountpoints'] = $this->fixDbMount($vars['db_mountpoints']); 00508 // check if the usergroup is allowed 00509 $vars['usergroup'] = $this->fixUserGroup($vars['usergroup'], $record); 00510 // check if md5 is used as password encryption 00511 if (strpos($GLOBALS['TCA']['be_users']['columns']['password']['config']['eval'], 'md5') !== FALSE) { 00512 $vars['password'] = md5($vars['password']); 00513 } 00514 00515 $key = $vars['key']; 00516 $data = ''; 00517 $newUserId = 0; 00518 00519 if ($key === 'NEW') { 00520 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user'])); 00521 if (is_array($beRec)) { 00522 $data = array(); 00523 $data['be_users'][$key] = $beRec; 00524 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']); 00525 $data['be_users'][$key]['password'] = (trim($vars['password'])); 00526 $data['be_users'][$key]['realName'] = $vars['realName']; 00527 $data['be_users'][$key]['email'] = $vars['email']; 00528 $data['be_users'][$key]['disable'] = intval($vars['disable']); 00529 $data['be_users'][$key]['admin'] = 0; 00530 $data['be_users'][$key]['usergroup'] = $vars['usergroup']; 00531 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints']; 00532 $data['be_users'][$key]['createdByAction'] = $record['uid']; 00533 } 00534 } else { 00535 // check ownership 00536 $beRec = t3lib_BEfunc::getRecord('be_users', intval($key)); 00537 if (is_array($beRec) && $beRec['cruser_id'] == $GLOBALS['BE_USER']->user['uid']) { 00538 $data=array(); 00539 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']); 00540 if (trim($vars['password'])) { 00541 $data['be_users'][$key]['password'] = (trim($vars['password'])); 00542 } 00543 00544 $data['be_users'][$key]['realName'] = $vars['realName']; 00545 $data['be_users'][$key]['email'] = $vars['email']; 00546 $data['be_users'][$key]['disable'] = intval($vars['disable']); 00547 $data['be_users'][$key]['admin'] = 0; 00548 $data['be_users'][$key]['usergroup'] = $vars['usergroup']; 00549 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints']; 00550 $newUserId = $key; 00551 } 00552 } 00553 00554 // save/update user by using TCEmain 00555 if (is_array($data)) { 00556 $tce = t3lib_div::makeInstance("t3lib_TCEmain"); 00557 $tce->stripslashes_values = 0; 00558 $tce->start($data, array(), $GLOBALS['BE_USER']); 00559 $tce->admin = 1; 00560 $tce->process_datamap(); 00561 $newUserId = intval($tce->substNEWwithIDs['NEW']); 00562 00563 if ($newUserId) { 00564 // Create 00565 $this->action_createDir($newUserId); 00566 } else { 00567 // update 00568 $newUserId = intval($key); 00569 } 00570 unset($tce); 00571 } 00572 return $newUserId; 00573 } 00574 00575 /** 00576 * Create the username based on the given username and the prefix 00577 * 00578 * @param string $username: username 00579 * @param string $prefix: prefix 00580 * @return string Combined username 00581 */ 00582 private function fixUsername($username, $prefix) { 00583 return trim($prefix) . trim($username); 00584 } 00585 00586 /** 00587 * Clean the to be applied usergroups from not allowed ones 00588 * 00589 * @param array $appliedUsergroups: array of to be applied user groups 00590 * @return array Cleaned array 00591 */ 00592 protected function fixUserGroup($appliedUsergroups, $actionRecord) { 00593 if (is_array($appliedUsergroups)) { 00594 $cleanGroupList = array(); 00595 00596 // create an array from the allowed usergroups using the uid as key 00597 $allowedUsergroups = array_flip(explode(',', $actionRecord['t1_allowed_groups'])); 00598 00599 // walk through the array and check every uid if it is undder the allowed ines 00600 foreach ($appliedUsergroups as $group) { 00601 if (isset($allowedUsergroups[$group])) { 00602 $cleanGroupList[] = $group; 00603 } 00604 } 00605 $appliedUsergroups = $cleanGroupList; 00606 } 00607 00608 return $appliedUsergroups; 00609 } 00610 00611 /** 00612 * Clean the to be applied DB-Mounts from not allowed ones 00613 * 00614 * @param string $appliedDbMounts: List of pages like pages_123,pages456 00615 * @return string Cleaned list 00616 */ 00617 protected function fixDbMount($appliedDbMounts) { 00618 // Admins can see any page, no need to check there 00619 if (!empty($appliedDbMounts) && !$GLOBALS['BE_USER']->isAdmin()) { 00620 $cleanDbMountList = array(); 00621 $dbMounts = t3lib_div::trimExplode(',', $appliedDbMounts, 1); 00622 00623 // walk through every wanted DB-Mount and check if it allowed for the current user 00624 foreach ($dbMounts as $dbMount) { 00625 $uid = intval(substr($dbMount, (strrpos($dbMount, '_') + 1))); 00626 $page = t3lib_BEfunc::getRecord('pages', $uid); 00627 00628 // check rootline and access rights 00629 if ($this->checkRootline($uid) && $GLOBALS['BE_USER']->calcPerms($page)) { 00630 $cleanDbMountList[] = 'pages_' . $uid; 00631 } 00632 } 00633 // build the clean list 00634 $appliedDbMounts = implode(',', $cleanDbMountList); 00635 } 00636 00637 return $appliedDbMounts; 00638 } 00639 00640 /** 00641 * Check if a page is inside the rootline the current user can see 00642 * 00643 * @param int $pageId: Id of the the page to be checked 00644 * @return boolean Access to the page 00645 */ 00646 protected function checkRootline($pageId) { 00647 $access = FALSE; 00648 00649 $dbMounts = array_flip(explode(',', trim($GLOBALS['BE_USER']->dataLists['webmount_list'], ','))); 00650 $rootline = t3lib_BEfunc::BEgetRootLine($pageId); 00651 foreach ($rootline as $page) { 00652 if (isset($dbMounts[$page['uid']]) && !$access) { 00653 $access = TRUE; 00654 } 00655 } 00656 return $access; 00657 } 00658 00659 /** 00660 * Add additional JavaScript to use the tceform select box 00661 * 00662 * @param int $uid: Id of the user record 00663 * @return void 00664 */ 00665 protected function JScode() { 00666 $this->t3lib_TCEforms = t3lib_div::makeInstance("t3lib_TCEforms"); 00667 $this->t3lib_TCEforms->backPath = $GLOBALS['BACK_PATH']; 00668 $js = $this->t3lib_TCEforms->dbFileCon(); 00669 $this->taskObject->doc->JScodeArray[] = $js; 00670 00671 return $js; 00672 } 00673 00674 /** 00675 * Create a user directory if defined 00676 * 00677 * @param int $uid: Id of the user record 00678 * @return void 00679 */ 00680 protected function action_createDir($uid) { 00681 $path = $this->action_getUserMainDir(); 00682 if ($path) { 00683 t3lib_div::mkdir($path . $uid); 00684 t3lib_div::mkdir($path . $uid . '/_temp_/'); 00685 } 00686 } 00687 00688 /** 00689 * Get the path to the user home directory which is set in the localconf.php 00690 * 00691 * @return string path 00692 */ 00693 protected function action_getUserMainDir() { 00694 $path = $GLOBALS['TYPO3_CONF_VARS']['BE']['userHomePath']; 00695 00696 // if path is set and a valid directory 00697 if ($path && @is_dir($path) && 00698 $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath'] && 00699 t3lib_div::isFirstPartOfStr($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath']) && 00700 substr($path,-1) == '/' 00701 ) { 00702 return $path; 00703 } 00704 } 00705 00706 /** 00707 * Get all allowed usergroups which can be applied to a user record 00708 * 00709 * @param array $record sys_action record 00710 * @param array $vars Selected be_user record 00711 * @return string rendered user groups 00712 */ 00713 protected function getUsergroups($record, $vars) { 00714 $content = ''; 00715 // do nothing if no groups are allowed 00716 if (empty($record['t1_allowed_groups'])) { 00717 return $content; 00718 } 00719 00720 $content .= '<option value=""></option>'; 00721 $grList = t3lib_div::trimExplode(',', $record['t1_allowed_groups'], 1); 00722 foreach($grList as $group) { 00723 $checkGroup = t3lib_BEfunc::getRecord('be_groups', $group); 00724 if (is_array($checkGroup)) { 00725 $selected = (is_array($vars['usergroup']) && t3lib_div::inList(implode(',', $vars['usergroup']), $checkGroup['uid'])) ? ' selected="selected" ' : ''; 00726 $content .= '<option ' . $selected . 'value="' . $checkGroup['uid'] . '">' . htmlspecialchars($checkGroup['title']) . '</option>'; 00727 } 00728 } 00729 00730 return $content; 00731 } 00732 00733 00734 /** 00735 * Action to create a new record 00736 * 00737 * @param array $record: sys_action record 00738 * @return redirect to form to create a record 00739 */ 00740 protected function viewNewRecord($record) { 00741 $returnUrl = rawurlencode('mod.php?M=user_task'); 00742 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[' . $record['t3_tables'] . '][' . intval($record['t3_listPid']) . ']=new'; 00743 t3lib_utility_Http::redirect($link); 00744 } 00745 00746 /** 00747 * Action to edit records 00748 * 00749 * @param array $record: sys_action record 00750 * @return string list of records 00751 */ 00752 protected function viewEditRecord($record) { 00753 $content = ''; 00754 $actionList = array(); 00755 00756 $dbAnalysis = t3lib_div::makeInstance('t3lib_loadDBGroup'); 00757 $dbAnalysis->fromTC = 0; 00758 $dbAnalysis->start($record['t4_recordsToEdit'], '*'); 00759 $dbAnalysis->getFromDB(); 00760 00761 // collect the records 00762 foreach ($dbAnalysis->itemArray as $el) { 00763 $path = t3lib_BEfunc::getRecordPath ($el['id'], $this->taskObject->perms_clause, $GLOBALS['BE_USER']->uc['titleLen']); 00764 $record = t3lib_BEfunc::getRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']]); 00765 $title = t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]); 00766 $description = $GLOBALS['LANG']->sL($GLOBALS['TCA'][$el['table']]['ctrl']['title'], 1); 00767 if (isset($record['crdate'])) { // @todo: which information could be needfull 00768 $description .= ' - ' . t3lib_BEfunc::dateTimeAge($record['crdate']); 00769 } 00770 00771 $actionList[$el['id']] = array( 00772 'title' => $title, 00773 'description' => t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]), 00774 'descriptionHtml' => $description, 00775 'link' => $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv("REQUEST_URI")) . '&edit[' . $el['table'] . '][' . $el['id'] . ']=edit', 00776 'icon' => t3lib_iconworks::getSpriteIconForRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']], array('title' => htmlspecialchars($path))) 00777 ); 00778 } 00779 00780 // render the record list 00781 $content .= $this->taskObject->renderListMenu($actionList); 00782 00783 return $content; 00784 } 00785 00786 /** 00787 * Action to view the result of a SQL query 00788 * 00789 * @param array $record: sys_action record 00790 * @return string result of the query 00791 */ 00792 protected function viewSqlQuery($record) { 00793 $content = ''; 00794 00795 if (t3lib_extMgm::isLoaded('lowlevel')) { 00796 $sql_query = unserialize($record['t2_data']); 00797 00798 if (!is_array($sql_query) || 00799 (is_array($sql_query) && strtoupper(substr(trim($sql_query['qSelect']), 0, 6)) === 'SELECT')) { 00800 00801 $actionContent = ''; 00802 00803 $fullsearch = t3lib_div::makeInstance('t3lib_fullsearch'); 00804 $fullsearch->formW = 40; 00805 $fullsearch->noDownloadB = 1; 00806 00807 $type = $sql_query['qC']['search_query_makeQuery']; 00808 if ($sql_query['qC']['labels_noprefix'] === 'on') { 00809 $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] = 'on'; 00810 } 00811 $sqlQuery = $sql_query['qSelect']; 00812 $queryIsEmpty = FALSE; 00813 00814 if ($sqlQuery) { 00815 $res = $GLOBALS['TYPO3_DB']->sql_query($sqlQuery); 00816 00817 if (!$GLOBALS['TYPO3_DB']->sql_error()) { 00818 $fullsearch->formW = 48; 00819 // additional configuration 00820 $GLOBALS['SOBE']->MOD_SETTINGS['search_result_labels'] = 1; 00821 $cP = $fullsearch->getQueryResultCode($type, $res, $sql_query['qC']['queryTable']); 00822 $actionContent = $cP['content']; 00823 00824 // if the result is rendered as csv or xml, show a download link 00825 if ($type === 'csv' || $type === 'xml') { 00826 $actionContent .= '<br /><br /><a href="' . t3lib_div::getIndpEnv('REQUEST_URI') . '&download_file=1"><strong>' . $GLOBALS['LANG']->getLL('action_download_file') . '</strong></a>'; 00827 } 00828 } else { 00829 $actionContent .= $GLOBALS['TYPO3_DB']->sql_error(); 00830 } 00831 } else { 00832 // query is empty (not built) 00833 $queryIsEmpty = TRUE; 00834 $flashMessage = t3lib_div::makeInstance ( 00835 't3lib_FlashMessage', 00836 $GLOBALS['LANG']->getLL('action_emptyQuery', TRUE), 00837 $GLOBALS['LANG']->getLL('action_error'), 00838 t3lib_FlashMessage::ERROR 00839 ); 00840 $content .= '<br />' . $flashMessage->render(); 00841 } 00842 // Admin users are allowed to see and edit the query 00843 if ($GLOBALS['BE_USER']->isAdmin()) { 00844 if (!$queryIsEmpty) { 00845 $actionContent .= '<hr /> ' . $fullsearch->tableWrap($sql_query['qSelect']); 00846 } 00847 $actionContent .= '<br /><a title="' . $GLOBALS['LANG']->getLL('action_editQuery') . '" href="' . $GLOBALS['BACK_PATH'] . t3lib_extMgm::extRelPath('lowlevel') . 'dbint/index.php?id=' . 00848 '&SET[function]=search' . 00849 '&SET[search]=query' . 00850 '&storeControl[STORE]=-' . $record['uid'] . 00851 '&storeControl[LOAD]=1' . 00852 '"> 00853 <img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' alt="" />' . 00854 $GLOBALS['LANG']->getLL($queryIsEmpty ? 'action_createQuery' : 'action_editQuery') . '</a><br /><br />'; 00855 } 00856 00857 $content .= $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t2_result'), $actionContent, 0, 1); 00858 } else { 00859 // query is not configured 00860 $flashMessage = t3lib_div::makeInstance ( 00861 't3lib_FlashMessage', 00862 $GLOBALS['LANG']->getLL('action_notReady', TRUE), 00863 $GLOBALS['LANG']->getLL('action_error'), 00864 t3lib_FlashMessage::ERROR 00865 ); 00866 $content .= '<br />' . $flashMessage->render(); 00867 } 00868 } else { 00869 // required sysext lowlevel is not installed 00870 $flashMessage = t3lib_div::makeInstance ( 00871 't3lib_FlashMessage', 00872 $GLOBALS['LANG']->getLL('action_lowlevelMissing', TRUE), 00873 $GLOBALS['LANG']->getLL('action_error'), 00874 t3lib_FlashMessage::ERROR 00875 ); 00876 $content .= '<br />' . $flashMessage->render(); 00877 } 00878 return $content; 00879 } 00880 00881 /** 00882 * Action to create a list of records of a specific table and pid 00883 * 00884 * @param array $record: sys_action record 00885 * @return string list of records 00886 */ 00887 protected function viewRecordList($record) { 00888 $content = ''; 00889 00890 $this->id = intval($record['t3_listPid']); 00891 $this->table = $record['t3_tables']; 00892 00893 if ($this->id == 0 || $this->table == '') { 00894 $flashMessage = t3lib_div::makeInstance( 00895 't3lib_FlashMessage', 00896 $GLOBALS['LANG']->getLL('action_notReady', TRUE), 00897 $GLOBALS['LANG']->getLL('action_error'), 00898 t3lib_FlashMessage::ERROR 00899 ); 00900 $content .= '<br />' . $flashMessage->render(); 00901 00902 return $content; 00903 } 00904 00905 require_once($GLOBALS['BACK_PATH'] . 'class.db_list.inc'); 00906 require_once($GLOBALS['BACK_PATH'] . 'class.db_list_extra.inc'); 00907 00908 // Loading current page record and checking access: 00909 $this->pageinfo = t3lib_BEfunc::readPageAccess($this->id,$this->taskObject->perms_clause); 00910 $access = is_array($this->pageinfo) ? 1 : 0; 00911 00912 // If there is access to the page, then render the list contents and set up the document template object: 00913 if ($access) { 00914 // Initialize the dblist object: 00915 $dblist = t3lib_div::makeInstance('localRecordList'); 00916 $dblist->script = t3lib_div::getIndpEnv('REQUEST_URI'); 00917 $dblist->backPath = $GLOBALS['BACK_PATH']; 00918 $dblist->calcPerms = $GLOBALS['BE_USER']->calcPerms($this->pageinfo); 00919 $dblist->thumbs = $GLOBALS['BE_USER']->uc['thumbnailsByDefault']; 00920 $dblist->returnUrl=$this->taskObject->returnUrl; 00921 $dblist->allFields = 1; 00922 $dblist->localizationView = 1; 00923 $dblist->showClipboard = 0; 00924 $dblist->disableSingleTableView = 1; 00925 $dblist->pageRow = $this->pageinfo; 00926 $dblist->counter++; 00927 $dblist->MOD_MENU = array('bigControlPanel' => '', 'clipBoard' => '', 'localization' => ''); 00928 $dblist->modTSconfig = $this->taskObject->modTSconfig; 00929 $dblist->dontShowClipControlPanels = $CLIENT['FORMSTYLE'] && !$this->taskObject->MOD_SETTINGS['bigControlPanel'] && $dblist->clipObj->current=='normal' && !$GLOBALS['BE_USER']->uc['disableCMlayers'] && !$this->modTSconfig['properties']['showClipControlPanelsDespiteOfCMlayers']; 00930 00931 // Initialize the listing object, dblist, for rendering the list: 00932 $this->pointer = t3lib_div::intInRange($this->taskObject->pointer,0,100000); 00933 $dblist->start($this->id,$this->table,$this->pointer,$this->taskObject->search_field,$this->taskObject->search_levels,$this->taskObject->showLimit); 00934 $dblist->setDispFields(); 00935 00936 // Render the list of tables: 00937 $dblist->generateList(); 00938 00939 // Add JavaScript functions to the page: 00940 $this->taskObject->doc->JScode=$this->taskObject->doc->wrapScriptTags(' 00941 00942 function jumpToUrl(URL) { 00943 window.location.href = URL; 00944 return false; 00945 } 00946 function jumpExt(URL,anchor) { 00947 var anc = anchor?anchor:""; 00948 window.location.href = URL+(T3_THIS_LOCATION?"&returnUrl="+T3_THIS_LOCATION:"")+anc; 00949 return false; 00950 } 00951 function jumpSelf(URL) { 00952 window.location.href = URL+(T3_RETURN_URL?"&returnUrl="+T3_RETURN_URL:""); 00953 return false; 00954 } 00955 00956 function setHighlight(id) { 00957 top.fsMod.recentIds["web"]=id; 00958 top.fsMod.navFrameHighlightedID["web"]="pages"+id+"_"+top.fsMod.currentBank; // For highlighting 00959 00960 if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) { 00961 top.content.nav_frame.refresh_nav(); 00962 } 00963 } 00964 00965 ' . $dblist->CBfunctions() . ' 00966 function editRecords(table,idList,addParams,CBflag) { 00967 window.location.href="' . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) . 00968 '&edit["+table+"]["+idList+"]=edit"+addParams; 00969 } 00970 function editList(table,idList) { 00971 var list=""; 00972 00973 // Checking how many is checked, how many is not 00974 var pointer=0; 00975 var pos = idList.indexOf(","); 00976 while (pos!=-1) { 00977 if (cbValue(table+"|"+idList.substr(pointer,pos-pointer))) { 00978 list+=idList.substr(pointer,pos-pointer)+","; 00979 } 00980 pointer=pos+1; 00981 pos = idList.indexOf(",",pointer); 00982 } 00983 if (cbValue(table+"|"+idList.substr(pointer))) { 00984 list+=idList.substr(pointer)+","; 00985 } 00986 00987 return list ? list : idList; 00988 } 00989 T3_THIS_LOCATION = "' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) . '"; 00990 00991 if (top.fsMod) top.fsMod.recentIds["web"] = ' . intval($this->id) . '; 00992 '); 00993 00994 // Setting up the context sensitive menu: 00995 $this->taskObject->doc->getContextMenuCode(); 00996 00997 // Begin to compile the whole page 00998 $content .= '<form action="'.htmlspecialchars($dblist->listURL()).'" method="post" name="dblistForm">' . 00999 $dblist->HTMLcode . 01000 '<input type="hidden" name="cmd_table" /><input type="hidden" name="cmd" /> 01001 </form>'; 01002 01003 // If a listing was produced, create the page footer with search form etc: 01004 if ($dblist->HTMLcode) { 01005 // Making field select box (when extended view for a single table is enabled): 01006 if ($dblist->table) { 01007 $tmpBackpath = $GLOBALS['BACK_PATH']; 01008 $GLOBALS['BACK_PATH'] = ''; 01009 $content .= $dblist->fieldSelectBox($dblist->table); 01010 $GLOBALS['BACK_PATH'] = $tmpBackpath; 01011 } 01012 } 01013 } else { 01014 // not enough rights to access the list view or the page 01015 $flashMessage = t3lib_div::makeInstance( 01016 't3lib_FlashMessage', 01017 $GLOBALS['LANG']->getLL('action_error-access', TRUE), 01018 $GLOBALS['LANG']->getLL('action_error'), 01019 t3lib_FlashMessage::ERROR 01020 ); 01021 $content .= $flashMessage->render(); 01022 } 01023 01024 return $content; 01025 } 01026 01027 } 01028 01029 01030 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php'])) { 01031 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']); 01032 } 01033 01034 ?>
1.8.0