|
TYPO3 API
SVNRelease
|
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) 1999-2009 Kasper Skårhøj (kasperYYYY@typo3.com) 00006 * All rights reserved 00007 * 00008 * This script is part of the TYPO3 project. The TYPO3 project is 00009 * free software; you can redistribute it and/or modify 00010 * it under the terms of the GNU General Public License as published by 00011 * the Free Software Foundation; either version 2 of the License, or 00012 * (at your option) any later version. 00013 * 00014 * The GNU General Public License can be found at 00015 * http://www.gnu.org/copyleft/gpl.html. 00016 * A copy is found in the textfile GPL.txt and important notices to the license 00017 * from the author is found in LICENSE.txt distributed with these scripts. 00018 * 00019 * 00020 * This script is distributed in the hope that it will be useful, 00021 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00022 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00023 * GNU General Public License for more details. 00024 * 00025 * This copyright notice MUST APPEAR in all copies of the script! 00026 ***************************************************************/ 00027 /** 00028 * FE admin lib 00029 * 00030 * $Id: fe_adminLib.inc 6454 2009-11-17 16:51:32Z steffenk $ 00031 * Revised for TYPO3 3.6 June/2003 by Kasper Skårhøj 00032 * 00033 * @author Kasper Skårhøj <kasperYYYY@typo3.com> 00034 */ 00035 /** 00036 * [CLASS/FUNCTION INDEX of SCRIPT] 00037 * 00038 * 00039 * 00040 * 132: class user_feAdmin 00041 * 179: function init($content,$conf) 00042 * 00043 * SECTION: Data processing 00044 * 423: function parseValues() 00045 * 518: function processFiles($cmdParts,$theField) 00046 * 624: function overrideValues() 00047 * 640: function defaultValues() 00048 * 659: function evalValues() 00049 * 781: function userProcess($mConfKey,$passVar) 00050 * 799: function userProcess_alt($confVal,$confArr,$passVar) 00051 * 00052 * SECTION: Database manipulation functions 00053 * 841: function save() 00054 * 899: function deleteRecord() 00055 * 929: function deleteFilesFromRecord($uid) 00056 * 00057 * SECTION: Command "display" functions 00058 * 986: function displayDeleteScreen() 00059 * 1014: function displayCreateScreen() 00060 * 1037: function displayEditScreen() 00061 * 1088: function displayEditForm($origArr) 00062 * 1116: function procesSetFixed() 00063 * 00064 * SECTION: Template processing functions 00065 * 1205: function removeRequired($templateCode,$failure) 00066 * 1223: function getPlainTemplate($key,$r='') 00067 * 1240: function modifyDataArrForFormUpdate($inputArr) 00068 * 1309: function setCObjects($templateCode,$currentArr=array(),$markerArray='',$specialPrefix='') 00069 * 00070 * SECTION: Emailing 00071 * 1371: function sendInfoMail() 00072 * 1419: function compileMail($key, $DBrows, $recipient, $setFixedConfig=array()) 00073 * 1465: function sendMail($recipient, $admin, $content='', $adminContent='') 00074 * 1510: function isHTMLContent($c) 00075 * 1531: function sendHTMLMail($content,$recipient,$dummy,$fromEmail,$fromName,$replyTo='') 00076 * 00077 * SECTION: Various helper functions 00078 * 1615: function aCAuth($r) 00079 * 1629: function authCode($r,$extra='') 00080 * 1655: function setfixed($markerArray, $setfixed, $r) 00081 * 1693: function setfixedHash($recCopy,$fields='') 00082 * 1714: function isPreview() 00083 * 1723: function createFileFuncObj() 00084 * 1734: function clearCacheIfSet() 00085 * 1749: function getFailure($theField, $theCmd, $label) 00086 * 00087 * TOTAL FUNCTIONS: 33 00088 * (This index is automatically created/updated by the extension "extdeveval") 00089 * 00090 */ 00091 /** 00092 * This library provides a HTML-template file based framework for Front End creating/editing/deleting records authenticated by email or fe_user login. 00093 * It is used in the extensions "direct_mail_subscription" and "feuser_admin" (and the deprecated(!) static template "plugin.feadmin.dmailsubscription" and "plugin.feadmin.fe_users" which are the old versions of these two extensions) 00094 * Further the extensions "t3consultancies" and "t3references" also uses this library but contrary to the "direct_mail_subscription" and "feuser_admin" extensions which relies on external HTML templates which must be adapted these two extensions delivers the HTML template code from inside. 00095 * Generally the fe_adminLib appears to be hard to use. Personally I feel turned off by all the template-file work involved and since it is very feature rich (and for that sake pretty stable!) there are lots of things that can go wrong - you feel. Therefore I like the concept used by "t3consultancies"/"t3references" since those extensions uses the library by supplying the HTML-template code automatically. 00096 * Suggestions for improvement and streamlining is welcome so this powerful class could be used more and effectively. 00097 * 00098 * @author Kasper Skårhøj <kasperYYYY@typo3.com> 00099 * @package TYPO3 00100 * @subpackage tslib 00101 * @link http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=396&cHash=d267c36546 00102 */ 00103 class user_feAdmin { 00104 00105 // External, static: 00106 var $recInMarkersHSC = TRUE; // If true, values from the record put into markers going out into HTML will be passed through htmlspecialchars()! 00107 00108 var $dataArr = array(); 00109 var $failureMsg = array(); 00110 var $theTable = ''; 00111 var $thePid = 0; 00112 var $markerArray = array(); 00113 var $templateCode=''; 00114 var $cObj; 00115 00116 var $cmd; 00117 var $preview; 00118 var $backURL; 00119 var $recUid; 00120 var $failure=0; // is set if data did not have the required fields set. 00121 var $error=''; 00122 var $saved=0; // is set if data is saved 00123 var $requiredArr; 00124 var $currentArr = array(); 00125 var $previewLabel=''; 00126 var $nc = ''; // '&no_cache=1' if you want that parameter sent. 00127 var $additionalUpdateFields=''; 00128 var $emailMarkPrefix = 'EMAIL_TEMPLATE_'; 00129 var $codeLength; 00130 var $cmdKey; 00131 var $fileFunc=''; // Set to a basic_filefunc object 00132 var $filesStoredInUploadFolders=array(); // This array will hold the names of files transferred to the uploads/* folder if any. If the records are NOT saved, these files should be deleted!! Currently this is not working! 00133 00134 // Internal vars, dynamic: 00135 var $unlinkTempFiles = array(); // Is loaded with all temporary filenames used for upload which should be deleted before exit... 00136 00137 /** 00138 * Main function. Called from TypoScript. 00139 * This 00140 * - initializes internal variables, 00141 * - fills in the markerArray with default substitution string 00142 * - saves/emails if such commands are sent 00143 * - calls functions for display of the screen for editing/creation/deletion etc. 00144 * 00145 * @param string Empty string, ignore. 00146 * @param array TypoScript properties following the USER_INT object which uses this library 00147 * @return string HTML content 00148 * @link http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=396&cHash=d267c36546 00149 */ 00150 function init($content,$conf) { 00151 $this->conf = $conf; 00152 00153 // template file is fetched. 00154 $this->templateCode = $this->conf['templateContent'] ? $this->conf['templateContent'] : $this->cObj->fileResource($this->conf['templateFile']); 00155 00156 // Getting the cmd var 00157 $this->cmd = (string)t3lib_div::_GP('cmd'); 00158 // Getting the preview var 00159 $this->preview = (string)t3lib_div::_GP('preview'); 00160 // backURL is a given URL to return to when login is performed 00161 $this->backURL = t3lib_div::_GP('backURL'); 00162 if (strstr($this->backURL, '"') || strstr($this->backURL, "'") || preg_match('/(javascript|vbscript):/i', $this->backURL) || stristr($this->backURL, "fromcharcode") || strstr($this->backURL, "<") || strstr($this->backURL, ">")) { 00163 $this->backURL = ''; // Clear backURL if it seems to contain XSS code - only URLs are allowed 00164 } 00165 // Remove host from URL: Make sure that $this->backURL maps to the current site 00166 $this->backURL = preg_replace('|[A-Za-z]+://[^/]+|', '', $this->backURL); 00167 // Uid to edit: 00168 $this->recUid = t3lib_div::_GP('rU'); 00169 // Authentication code: 00170 $this->authCode = t3lib_div::_GP('aC'); 00171 // get table 00172 $this->theTable = $this->conf['table']; 00173 // link configuration 00174 $linkConf = is_array($this->conf['formurl.']) ? $this->conf['formurl.'] : array(); 00175 // pid 00176 $this->thePid = intval($this->conf['pid']) ? intval($this->conf['pid']) : $GLOBALS['TSFE']->id; 00177 // 00178 $this->codeLength = intval($this->conf['authcodeFields.']['codeLength']) ? intval($this->conf['authcodeFields.']['codeLength']) : 8; 00179 00180 // Setting the hardcoded lists of fields allowed for editing and creation. 00181 $this->fieldList=implode(',',t3lib_div::trimExplode(',',$GLOBALS['TCA'][$this->theTable]['feInterface']['fe_admin_fieldList'],1)); 00182 00183 // globally substituted markers, fonts and colors. 00184 $splitMark = md5(microtime()); 00185 list($this->markerArray['###GW1B###'],$this->markerArray['###GW1E###']) = explode($splitMark,$this->cObj->stdWrap($splitMark,$this->conf['wrap1.'])); 00186 list($this->markerArray['###GW2B###'],$this->markerArray['###GW2E###']) = explode($splitMark,$this->cObj->stdWrap($splitMark,$this->conf['wrap2.'])); 00187 $this->markerArray['###GC1###'] = $this->cObj->stdWrap($this->conf['color1'],$this->conf['color1.']); 00188 $this->markerArray['###GC2###'] = $this->cObj->stdWrap($this->conf['color2'],$this->conf['color2.']); 00189 $this->markerArray['###GC3###'] = $this->cObj->stdWrap($this->conf['color3'],$this->conf['color3.']); 00190 00191 if (intval($this->conf['no_cache']) && !isset($linkConf['no_cache'])) { // needed for backwards compatibility 00192 $linkConf['no_cache'] = 1; 00193 } 00194 if(!$linkConf['parameter']) { 00195 $linkConf['parameter'] = $GLOBALS['TSFE']->id; 00196 } 00197 if(!$linkConf['additionalParams']) { // needed for backwards compatibility 00198 $linkConf['additionalParams'] = $this->conf['addParams']; 00199 } 00200 00201 $formURL = $this->cObj->typoLink_URL($linkConf); 00202 if(!strstr($formURL,'?')) { 00203 $formURL .= '?'; 00204 } 00205 00206 // Initialize markerArray, setting FORM_URL and HIDDENFIELDS 00207 $this->markerArray['###FORM_URL###'] = $formURL; 00208 $this->markerArray['###FORM_URL_ENC###'] = rawurlencode($this->markerArray['###FORM_URL###']); 00209 $this->markerArray['###FORM_URL_HSC###'] = htmlspecialchars($this->markerArray['###FORM_URL###']); 00210 00211 $this->markerArray['###BACK_URL###'] = $this->backURL; 00212 $this->markerArray['###BACK_URL_ENC###'] = rawurlencode($this->markerArray['###BACK_URL###']); 00213 $this->markerArray['###BACK_URL_HSC###'] = htmlspecialchars($this->markerArray['###BACK_URL###']); 00214 00215 $this->markerArray['###THE_PID###'] = $this->thePid; 00216 $this->markerArray['###REC_UID###'] = $this->recUid; 00217 $this->markerArray['###AUTH_CODE###'] = $this->authCode; 00218 $this->markerArray['###THIS_ID###'] = $GLOBALS['TSFE']->id; 00219 $this->markerArray['###THIS_URL###'] = htmlspecialchars(t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR')); 00220 $this->markerArray['###HIDDENFIELDS###'] = 00221 ($this->cmd?'<input type="hidden" name="cmd" value="'.htmlspecialchars($this->cmd).'" />':''). 00222 ($this->authCode?'<input type="hidden" name="aC" value="'.htmlspecialchars($this->authCode).'" />':''). 00223 ($this->backURL?'<input type="hidden" name="backURL" value="'.htmlspecialchars($this->backURL).'" />':''); 00224 00225 00226 // Setting cmdKey which is either 'edit' or 'create' 00227 switch($this->cmd) { 00228 case 'edit': 00229 $this->cmdKey='edit'; 00230 break; 00231 default: 00232 $this->cmdKey='create'; 00233 break; 00234 } 00235 // Setting requiredArr to the fields in 'required' intersected field the total field list in order to remove invalid fields. 00236 $this->requiredArr = array_intersect( 00237 t3lib_div::trimExplode(',',$this->conf[$this->cmdKey.'.']['required'],1), 00238 t3lib_div::trimExplode(',',$this->conf[$this->cmdKey.'.']['fields'],1) 00239 ); 00240 00241 // Setting incoming data. Non-stripped 00242 $fe=t3lib_div::_GP('FE'); 00243 $this->dataArr = $fe[$this->theTable]; // Incoming data. 00244 00245 // Checking template file and table value 00246 if (!$this->templateCode) { 00247 $content = 'No template file found: '.$this->conf['templateFile']; 00248 return $content; 00249 } 00250 00251 if (!$this->theTable || !$this->fieldList) { 00252 $content = 'Wrong table: '.$this->theTable; 00253 return $content; // Not listed or editable table! 00254 } 00255 00256 // ***************** 00257 // If data is submitted, we take care of it here. 00258 // ******************* 00259 if ($this->cmd=='delete' && !$this->preview && !t3lib_div::_GP('doNotSave')) { // Delete record if delete command is sent + the preview flag is NOT set. 00260 $this->deleteRecord(); 00261 } 00262 // If incoming data is seen... 00263 if (is_array($this->dataArr)) { 00264 // Evaluation of data: 00265 $this->parseValues(); 00266 $this->overrideValues(); 00267 $this->evalValues(); 00268 if ($this->conf['evalFunc']) { 00269 $this->dataArr = $this->userProcess('evalFunc',$this->dataArr); 00270 } 00271 00272 /* 00273 debug($this->dataArr); 00274 debug($this->failure); 00275 debug($this->preview); 00276 */ 00277 // if not preview and no failures, then set data... 00278 if (!$this->failure && !$this->preview && !t3lib_div::_GP('doNotSave')) { // doNotSave is a global var (eg a 'Cancel' submit button) that prevents the data from being processed 00279 $this->save(); 00280 } else { 00281 if ($this->conf['debug']) debug($this->failure); 00282 } 00283 } else { 00284 $this->defaultValues(); // If no incoming data, this will set the default values. 00285 $this->preview = 0; // No preview if data is not received 00286 } 00287 if ($this->failure) {$this->preview=0;} // No preview flag if a evaluation failure has occured 00288 $this->previewLabel = $this->preview ? '_PREVIEW' : ''; // Setting preview label prefix. 00289 00290 00291 // ********************* 00292 // DISPLAY FORMS: 00293 // *********************** 00294 if ($this->saved) { 00295 // Clear page cache 00296 $this->clearCacheIfSet(); 00297 00298 // Displaying the page here that says, the record has been saved. You're able to include the saved values by markers. 00299 switch($this->cmd) { 00300 case 'delete': 00301 $key='DELETE'; 00302 break; 00303 case 'edit': 00304 $key='EDIT'; 00305 break; 00306 default: 00307 $key='CREATE'; 00308 break; 00309 } 00310 // Output message 00311 $templateCode = $this->cObj->getSubpart($this->templateCode, '###TEMPLATE_'.$key.'_SAVED###'); 00312 $this->setCObjects($templateCode,$this->currentArr); 00313 $markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $this->currentArr, '', TRUE, 'FIELD_', $this->recInMarkersHSC); 00314 $content = $this->cObj->substituteMarkerArray($templateCode, $markerArray); 00315 00316 // email message: 00317 $this->compileMail( 00318 $key.'_SAVED', 00319 array($this->currentArr), 00320 $this->currentArr[$this->conf['email.']['field']], 00321 $this->conf['setfixed.'] 00322 ); 00323 00324 } elseif ($this->error) { // If there was an error, we return the template-subpart with the error message 00325 $templateCode = $this->cObj->getSubpart($this->templateCode, $this->error); 00326 $this->setCObjects($templateCode); 00327 $content = $this->cObj->substituteMarkerArray($templateCode, $this->markerArray); 00328 } else { 00329 // Finally, if there has been no attempt to save. That is either preview or just displaying and empty or not correctly filled form: 00330 if (!$this->cmd) { 00331 $this->cmd=$this->conf['defaultCmd']; 00332 } 00333 if ($this->conf['debug']) debug('Display form: '.$this->cmd,1); 00334 switch($this->cmd) { 00335 case 'setfixed': 00336 $content = $this->procesSetFixed(); 00337 break; 00338 case 'infomail': 00339 $content = $this->sendInfoMail(); 00340 break; 00341 case 'delete': 00342 $content = $this->displayDeleteScreen(); 00343 break; 00344 case 'edit': 00345 $content = $this->displayEditScreen(); 00346 break; 00347 case 'create': 00348 $content = $this->displayCreateScreen(); 00349 break; 00350 } 00351 } 00352 00353 // Delete temp files: 00354 foreach($this->unlinkTempFiles as $tempFileName) { 00355 t3lib_div::unlink_tempfile($tempFileName); 00356 } 00357 00358 // Return content: 00359 return $content; 00360 } 00361 00362 00363 00364 00365 00366 00367 00368 00369 00370 00371 00372 00373 00374 00375 00376 00377 00378 00379 00380 00381 00382 00383 00384 /***************************************** 00385 * 00386 * Data processing 00387 * 00388 *****************************************/ 00389 00390 /** 00391 * Performs processing on the values found in the input data array, $this->dataArr. 00392 * The processing is done according to configuration found in TypoScript 00393 * Examples of this could be to force a value to an integer, remove all non-alphanumeric characters, trimming a value, upper/lowercase it, or process it due to special types like files submitted etc. 00394 * Called from init() if the $this->dataArr is found to be an array 00395 * 00396 * @return void 00397 * @see init() 00398 */ 00399 function parseValues() { 00400 if (is_array($this->conf['parseValues.'])) { 00401 foreach ($this->conf['parseValues.'] as $theField => $theValue) { 00402 $listOfCommands = t3lib_div::trimExplode(',',$theValue,1); 00403 foreach ($listOfCommands as $cmd) { 00404 $cmdParts = preg_split('/\[|\]/', $cmd); // Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array. 00405 $theCmd=trim($cmdParts[0]); 00406 switch($theCmd) { 00407 case 'int': 00408 $this->dataArr[$theField]=intval($this->dataArr[$theField]); 00409 break; 00410 case 'lower': 00411 case 'upper': 00412 $this->dataArr[$theField] = $this->cObj->caseshift($this->dataArr[$theField],$theCmd); 00413 break; 00414 case 'nospace': 00415 $this->dataArr[$theField] = str_replace(' ', '', $this->dataArr[$theField]); 00416 break; 00417 case 'alpha': 00418 $this->dataArr[$theField] = preg_replace('/[^a-zA-Z]/','',$this->dataArr[$theField]); 00419 break; 00420 case 'num': 00421 $this->dataArr[$theField] = preg_replace('/[^0-9]/','',$this->dataArr[$theField]); 00422 break; 00423 case 'alphanum': 00424 $this->dataArr[$theField] = preg_replace('/[^a-zA-Z0-9]/','',$this->dataArr[$theField]); 00425 break; 00426 case 'alphanum_x': 00427 $this->dataArr[$theField] = preg_replace('/[^a-zA-Z0-9_-]/','',$this->dataArr[$theField]); 00428 break; 00429 case 'trim': 00430 $this->dataArr[$theField] = trim($this->dataArr[$theField]); 00431 break; 00432 case 'random': 00433 $this->dataArr[$theField] = substr(md5(uniqid(microtime(),1)),0,intval($cmdParts[1])); 00434 break; 00435 case 'files': 00436 if ($this->cmdKey=='create' && !t3lib_div::_GP('doNotSave')) { 00437 $this->processFiles($cmdParts,$theField); 00438 } else unset($this->dataArr[$theField]); // Fields with files cannot be edited - only created. 00439 break; 00440 case 'setEmptyIfAbsent': 00441 if (!isset($this->dataArr[$theField])) { 00442 $this->dataArr[$theField]=''; 00443 } 00444 break; 00445 case 'multiple': 00446 if (is_array($this->dataArr[$theField])) { 00447 $this->dataArr[$theField] = implode(',',$this->dataArr[$theField]); 00448 } 00449 break; 00450 case 'checkArray': 00451 if (is_array($this->dataArr[$theField])) { 00452 $val = 0; 00453 foreach ($this->dataArr[$theField] as $kk => $vv) { 00454 $kk = t3lib_div::intInRange($kk,0); 00455 if ($kk<=30) { 00456 if ($vv) { 00457 $val|=pow(2,$kk); 00458 } 00459 } 00460 } 00461 $this->dataArr[$theField] = $val; 00462 } else {$this->dataArr[$theField]=0;} 00463 break; 00464 case 'uniqueHashInt': 00465 $otherFields = t3lib_div::trimExplode(';',$cmdParts[1],1); 00466 $hashArray=array(); 00467 foreach ($otherFields as $fN) { 00468 $vv = $this->dataArr[$fN]; 00469 $vv = preg_replace('/[[:space:]]/','',$vv); 00470 $vv = preg_replace('/[^[:alnum:]]/','',$vv); 00471 $vv = strtolower($vv); 00472 $hashArray[]=$vv; 00473 } 00474 $this->dataArr[$theField]=hexdec(substr(md5(serialize($hashArray)),0,8)); 00475 break; 00476 } 00477 } 00478 } 00479 } 00480 } 00481 00482 /** 00483 * Processing of files. 00484 * NOTICE: for now files can be handled only on creation of records. But a more advanced feature is that PREVIEW of files is handled. 00485 * 00486 * @param array Array with cmd-parts (from parseValues()). This will for example contain information about allowed file extensions and max size of uploaded files. 00487 * @param string The fieldname with the files. 00488 * @return void 00489 * @access private 00490 * @see parseValues() 00491 */ 00492 function processFiles($cmdParts,$theField) { 00493 //debug($_FILES); 00494 // First, make an array with the filename and file reference, whether the file is just uploaded or a preview 00495 $filesArr = array(); 00496 00497 if (is_string($this->dataArr[$theField])) { // files from preview. 00498 $tmpArr = explode(',',$this->dataArr[$theField]); 00499 foreach ($tmpArr as $val) { 00500 $valParts = explode('|',$val); 00501 $filesArr[] = array ( 00502 'name'=>$valParts[1], 00503 'tmp_name'=>PATH_site.'typo3temp/'.$valParts[0] 00504 ); 00505 } 00506 } elseif (is_array($_FILES['FE'][$this->theTable][$theField]['name'])) { // Files from upload 00507 foreach ($_FILES['FE'][$this->theTable][$theField]['name'] as $kk => $vv) { 00508 if ($vv) { 00509 $tmpFile = t3lib_div::upload_to_tempfile($_FILES['FE'][$this->theTable][$theField]['tmp_name'][$kk]); 00510 if ($tmpFile) { 00511 $this->unlinkTempFiles[]=$tmpFile; 00512 $filesArr[] = array ( 00513 'name'=>$vv, 00514 'tmp_name'=>$tmpFile 00515 ); 00516 } 00517 } 00518 } 00519 } elseif (is_array($_FILES['FE']['name'][$this->theTable][$theField])) { // Files from upload 00520 foreach ($_FILES['FE']['name'][$this->theTable][$theField] as $kk => $vv) { 00521 if ($vv) { 00522 $tmpFile = t3lib_div::upload_to_tempfile($_FILES['FE']['tmp_name'][$this->theTable][$theField][$kk]); 00523 if ($tmpFile) { 00524 $this->unlinkTempFiles[]=$tmpFile; 00525 $filesArr[] = array ( 00526 'name'=>$vv, 00527 'tmp_name'=>$tmpFile 00528 ); 00529 } 00530 } 00531 } 00532 } 00533 00534 // Then verify the files in that array; check existence, extension and size 00535 $this->dataArr[$theField]=''; 00536 $finalFilesArr=array(); 00537 if (count($filesArr)) { 00538 $extArray = t3lib_div::trimExplode(';',strtolower($cmdParts[1]),1); 00539 $maxSize = intval($cmdParts[3]); 00540 foreach ($filesArr as $infoArr) { 00541 $fI = pathinfo($infoArr['name']); 00542 if (t3lib_div::verifyFilenameAgainstDenyPattern($fI['name'])) { 00543 if (!count($extArray) || in_array(strtolower($fI['extension']), $extArray)) { 00544 $tmpFile = $infoArr['tmp_name']; 00545 if (@is_file($tmpFile)) { 00546 if (!$maxSize || filesize($tmpFile)<$maxSize*1024) { 00547 $finalFilesArr[]=$infoArr; 00548 } elseif ($this->conf['debug']) {debug('Size is beyond '.$maxSize.' kb ('.filesize($tmpFile).' bytes) and the file cannot be saved.');} 00549 } elseif ($this->conf['debug']) {debug('Surprisingly there was no file for '.$vv.' in '.$tmpFile);} 00550 } elseif ($this->conf['debug']) {debug('Extension "'.$fI['extension'].'" not allowed');} 00551 } elseif ($this->conf['debug']) {debug('Filename matched illegal pattern.');} 00552 } 00553 } 00554 // Copy the files in the resulting array to the proper positions based on preview/non-preview. 00555 $fileNameList=array(); 00556 foreach ($finalFilesArr as $infoArr) { 00557 if ($this->isPreview()) { // If the form is a preview form (and data is therefore not going into the database...) do this. 00558 $this->createFileFuncObj(); 00559 $fI = pathinfo($infoArr['name']); 00560 $tmpFilename = $this->theTable.'_'.t3lib_div::shortmd5(uniqid($infoArr['name'])).'.'.$fI['extension']; 00561 $theDestFile = $this->fileFunc->getUniqueName($this->fileFunc->cleanFileName($tmpFilename), PATH_site.'typo3temp/'); 00562 t3lib_div::upload_copy_move($infoArr['tmp_name'],$theDestFile); 00563 // Setting the filename in the list 00564 $fI2 = pathinfo($theDestFile); 00565 $fileNameList[] = $fI2['basename'].'|'.$infoArr['name']; 00566 } else { 00567 $this->createFileFuncObj(); 00568 $GLOBALS['TSFE']->includeTCA(); 00569 t3lib_div::loadTCA($this->theTable); 00570 if (is_array($GLOBALS['TCA'][$this->theTable]['columns'][$theField])) { 00571 $uploadPath = $GLOBALS['TCA'][$this->theTable]['columns'][$theField]['config']['uploadfolder']; 00572 } 00573 if ($uploadPath) { 00574 $theDestFile = $this->fileFunc->getUniqueName($this->fileFunc->cleanFileName($infoArr['name']), PATH_site.$uploadPath); 00575 t3lib_div::upload_copy_move($infoArr['tmp_name'],$theDestFile); 00576 // Setting the filename in the list 00577 $fI2 = pathinfo($theDestFile); 00578 $fileNameList[] = $fI2['basename']; 00579 $this->filesStoredInUploadFolders[]=$theDestFile; 00580 } 00581 } 00582 // Implode the list of filenames 00583 $this->dataArr[$theField] = implode(',',$fileNameList); 00584 } 00585 } 00586 00587 /** 00588 * Overriding values in $this->dataArr if configured for that in TypoScript ([edit/create].overrideValues) 00589 * 00590 * @return void 00591 * @see init() 00592 */ 00593 function overrideValues() { 00594 // Addition of overriding values 00595 if (is_array($this->conf[$this->cmdKey.'.']['overrideValues.'])) { 00596 foreach ($this->conf[$this->cmdKey.'.']['overrideValues.'] as $theField => $theValue) { 00597 $this->dataArr[$theField] = $theValue; 00598 } 00599 } 00600 } 00601 00602 /** 00603 * Called if there is no input array in $this->dataArr. Then this function sets the default values configured in TypoScript 00604 * 00605 * @return void 00606 * @see init() 00607 */ 00608 function defaultValues() { 00609 // Addition of default values 00610 if (is_array($this->conf[$this->cmdKey.'.']['defaultValues.'])) { 00611 foreach ($this->conf[$this->cmdKey.'.']['defaultValues.'] as $theField => $theValue) { 00612 $this->dataArr[$theField] = $theValue; 00613 } 00614 } 00615 } 00616 00617 /** 00618 * This will evaluate the input values from $this->dataArr to see if they conforms with the requirements configured in TypoScript per field. 00619 * For example this could be checking if a field contains a valid email address, a unique value, a value within a certain range etc. 00620 * It will populate arrays like $this->failure and $this->failureMsg with error messages (which can later be displayed in the template). Mostly it does NOT alter $this->dataArr (such parsing of values was done by parseValues()) 00621 * Works based on configuration in TypoScript key [create/edit].evalValues 00622 * 00623 * @return void 00624 * @see init(), parseValues() 00625 */ 00626 function evalValues() { 00627 // Check required, set failure if not ok. 00628 $tempArr=array(); 00629 foreach ($this->requiredArr as $theField) { 00630 if (!trim($this->dataArr[$theField])) { 00631 $tempArr[]=$theField; 00632 } 00633 } 00634 00635 // Evaluate: This evaluates for more advanced things than 'required' does. But it returns the same error code, so you must let the required-message tell, if further evaluation has failed! 00636 $recExist=0; 00637 if (is_array($this->conf[$this->cmdKey.'.']['evalValues.'])) { 00638 switch($this->cmd) { 00639 case 'edit': 00640 if (isset($this->dataArr['pid'])) { // This may be tricked if the input has the pid-field set but the edit-field list does NOT allow the pid to be edited. Then the pid may be false. 00641 $recordTestPid = intval($this->dataArr['pid']); 00642 } else { 00643 $tempRecArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$this->dataArr['uid']); 00644 $recordTestPid = intval($tempRecArr['pid']); 00645 } 00646 $recExist=1; 00647 break; 00648 default: 00649 $recordTestPid = $this->thePid ? $this->thePid : t3lib_div::intval_positive($this->dataArr['pid']); 00650 break; 00651 } 00652 00653 foreach ($this->conf[$this->cmdKey.'.']['evalValues.'] as $theField => $theValue) { 00654 $listOfCommands = t3lib_div::trimExplode(',',$theValue,1); 00655 foreach ($listOfCommands as $cmd) { 00656 $cmdParts = preg_split('/\[|\]/', $cmd); // Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array. 00657 $theCmd = trim($cmdParts[0]); 00658 switch($theCmd) { 00659 case 'uniqueGlobal': 00660 if ($DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,$theField,$this->dataArr[$theField],'','','','1')) { 00661 if (!$recExist || $DBrows[0]['uid']!=$this->dataArr['uid']) { // Only issue an error if the record is not existing (if new...) and if the record with the false value selected was not our self. 00662 $tempArr[]=$theField; 00663 $this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'The value existed already. Enter a new value.'); 00664 } 00665 } 00666 break; 00667 case 'uniqueLocal': 00668 if ($DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,$theField,$this->dataArr[$theField], 'AND pid IN ('.$recordTestPid.')','','','1')) { 00669 if (!$recExist || $DBrows[0]['uid']!=$this->dataArr['uid']) { // Only issue an error if the record is not existing (if new...) and if the record with the false value selected was not our self. 00670 $tempArr[]=$theField; 00671 $this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'The value existed already. Enter a new value.'); 00672 } 00673 } 00674 break; 00675 case 'twice': 00676 if (strcmp($this->dataArr[$theField], $this->dataArr[$theField.'_again'])) { 00677 $tempArr[]=$theField; 00678 $this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter the same value twice'); 00679 } 00680 break; 00681 case 'email': 00682 if (!$this->cObj->checkEmail($this->dataArr[$theField])) { 00683 $tempArr[]=$theField; 00684 $this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter a valid email address'); 00685 } 00686 break; 00687 case 'required': 00688 if (!trim($this->dataArr[$theField])) { 00689 $tempArr[]=$theField; 00690 $this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter a value!'); 00691 } 00692 break; 00693 case 'atLeast': 00694 $chars=intval($cmdParts[1]); 00695 if (strlen($this->dataArr[$theField])<$chars) { 00696 $tempArr[]=$theField; 00697 $this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'You must enter at least %s characters!'), $chars); 00698 } 00699 break; 00700 case 'atMost': 00701 $chars=intval($cmdParts[1]); 00702 if (strlen($this->dataArr[$theField])>$chars) { 00703 $tempArr[]=$theField; 00704 $this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'You must enter at most %s characters!'), $chars); 00705 } 00706 break; 00707 case 'inBranch': 00708 $pars = explode(';',$cmdParts[1]); 00709 if (intval($pars[0])) { 00710 $pid_list = $this->cObj->getTreeList( 00711 intval($pars[0]), 00712 intval($pars[1]) ? intval($pars[1]) : 999, 00713 intval($pars[2]) 00714 ); 00715 if (!$pid_list || !t3lib_div::inList($pid_list,$this->dataArr[$theField])) { 00716 $tempArr[]=$theField; 00717 $this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'The value was not a valid valud from this list: %s'), $pid_list); 00718 } 00719 } 00720 break; 00721 case 'unsetEmpty': 00722 if (!$this->dataArr[$theField]) { 00723 $hash = array_flip($tempArr); 00724 unset($hash[$theField]); 00725 $tempArr = array_keys($hash); 00726 unset($this->failureMsg[$theField]); 00727 unset($this->dataArr[$theField]); // This should prevent the field from entering the database. 00728 } 00729 break; 00730 } 00731 } 00732 $this->markerArray['###EVAL_ERROR_FIELD_'.$theField.'###'] = is_array($this->failureMsg[$theField]) ? implode('<br />',$this->failureMsg[$theField]) : ''; 00733 } 00734 } 00735 $this->failure=implode(',',$tempArr); //$failure will show which fields were not OK 00736 } 00737 00738 /** 00739 * Preforms user processing of input array - triggered right after the function call to evalValues() IF TypoScript property "evalFunc" was set. 00740 * 00741 * @param string Key pointing to the property in TypoScript holding the configuration for this processing (here: "evalFunc.*"). Well: at least its safe to say that "parentObj" in this array passed to the function is a reference back to this object. 00742 * @param array The $this->dataArr passed for processing 00743 * @return array The processed $passVar ($this->dataArr) 00744 * @see init(), evalValues() 00745 */ 00746 function userProcess($mConfKey,$passVar) { 00747 if ($this->conf[$mConfKey]) { 00748 $funcConf = $this->conf[$mConfKey.'.']; 00749 $funcConf['parentObj'] = $this; 00750 $passVar = $GLOBALS['TSFE']->cObj->callUserFunction($this->conf[$mConfKey], $funcConf, $passVar); 00751 } 00752 return $passVar; 00753 } 00754 00755 /** 00756 * User processing of contnet 00757 * 00758 * @param string Value of the TypoScript object triggering the processing. 00759 * @param array Properties of the TypoScript object triggering the processing. The key "parentObj" in this array is passed to the function as a reference back to this object. 00760 * @param mixed Input variable to process 00761 * @return mixed Processed input variable, $passVar 00762 * @see userProcess(), save(), modifyDataArrForFormUpdate() 00763 */ 00764 function userProcess_alt($confVal,$confArr,$passVar) { 00765 if ($confVal) { 00766 $funcConf = $confArr; 00767 $funcConf['parentObj'] = $this; 00768 $passVar = $GLOBALS['TSFE']->cObj->callUserFunction($confVal, $funcConf, $passVar); 00769 } 00770 return $passVar; 00771 } 00772 00773 00774 00775 00776 00777 00778 00779 00780 00781 00782 00783 00784 00785 00786 00787 00788 00789 00790 00791 00792 00793 00794 /***************************************** 00795 * 00796 * Database manipulation functions 00797 * 00798 *****************************************/ 00799 00800 /** 00801 * Performs the saving of records, either edited or created. 00802 * 00803 * @return void 00804 * @see init() 00805 */ 00806 function save() { 00807 switch($this->cmd) { 00808 case 'edit': 00809 $theUid = $this->dataArr['uid']; 00810 $origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$theUid); // Fetches the original record to check permissions 00811 if ($this->conf['edit'] && ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr))) { // Must be logged in in order to edit (OR be validated by email) 00812 $newFieldList = implode(',',array_intersect(explode(',',$this->fieldList),t3lib_div::trimExplode(',',$this->conf['edit.']['fields'],1))); 00813 if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr,$GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf'])) { 00814 $this->cObj->DBgetUpdate($this->theTable, $theUid, $this->dataArr, $newFieldList, TRUE); 00815 $this->currentArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$theUid); 00816 $this->userProcess_alt($this->conf['edit.']['userFunc_afterSave'],$this->conf['edit.']['userFunc_afterSave.'],array('rec'=>$this->currentArr, 'origRec'=>$origArr)); 00817 $this->saved=1; 00818 } else { 00819 $this->error='###TEMPLATE_NO_PERMISSIONS###'; 00820 } 00821 } 00822 break; 00823 default: 00824 if ($this->conf['create']) { 00825 $newFieldList = implode(',',array_intersect(explode(',',$this->fieldList),t3lib_div::trimExplode(',',$this->conf['create.']['fields'],1))); 00826 $this->cObj->DBgetInsert($this->theTable, $this->thePid, $this->dataArr, $newFieldList, TRUE); 00827 $newId = $GLOBALS['TYPO3_DB']->sql_insert_id(); 00828 00829 if ($this->theTable=='fe_users' && $this->conf['fe_userOwnSelf']) { // enables users, creating logins, to own them self. 00830 $extraList=''; 00831 $dataArr = array(); 00832 if ($GLOBALS['TCA'][$this->theTable]['ctrl']['fe_cruser_id']) { 00833 $field=$GLOBALS['TCA'][$this->theTable]['ctrl']['fe_cruser_id']; 00834 $dataArr[$field]=$newId; 00835 $extraList.=','.$field; 00836 } 00837 if ($GLOBALS['TCA'][$this->theTable]['ctrl']['fe_crgroup_id']) { 00838 $field=$GLOBALS['TCA'][$this->theTable]['ctrl']['fe_crgroup_id']; 00839 list($dataArr[$field])=explode(',',$this->dataArr['usergroup']); 00840 $dataArr[$field]=intval($dataArr[$field]); 00841 $extraList.=','.$field; 00842 } 00843 if (count($dataArr)) { 00844 $this->cObj->DBgetUpdate($this->theTable, $newId, $dataArr, $extraList, TRUE); 00845 } 00846 } 00847 00848 $this->currentArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$newId); 00849 $this->userProcess_alt($this->conf['create.']['userFunc_afterSave'],$this->conf['create.']['userFunc_afterSave.'],array('rec'=>$this->currentArr)); 00850 $this->saved=1; 00851 } 00852 break; 00853 } 00854 } 00855 00856 /** 00857 * Deletes the record from table/uid, $this->theTable/$this->recUid, IF the fe-user has permission to do so. 00858 * If the deleted flag should just be set, then it is done so. Otherwise the record truely is deleted along with any attached files. 00859 * Called from init() if "cmd" was set to "delete" (and some other conditions) 00860 * 00861 * @return string void 00862 * @see init() 00863 */ 00864 function deleteRecord() { 00865 if ($this->conf['delete']) { // If deleting is enabled 00866 $origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable, $this->recUid); 00867 if ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr)) { // Must be logged in OR be authenticated by the aC code in order to delete 00868 // If the recUid selects a record.... (no check here) 00869 if (is_array($origArr)) { 00870 if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr, $GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf'])) { // Display the form, if access granted. 00871 if (!$GLOBALS['TCA'][$this->theTable]['ctrl']['delete']) { // If the record is fully deleted... then remove the image (or any file) attached. 00872 $this->deleteFilesFromRecord($this->recUid); 00873 } 00874 $this->cObj->DBgetDelete($this->theTable, $this->recUid, TRUE); 00875 $this->currentArr = $origArr; 00876 $this->saved = 1; 00877 } else { 00878 $this->error = '###TEMPLATE_NO_PERMISSIONS###'; 00879 } 00880 } 00881 } 00882 } 00883 } 00884 00885 /** 00886 * Deletes the files attached to a record and updates the record. 00887 * Table/uid is $this->theTable/$uid 00888 * 00889 * @param integer Uid number of the record to delete from $this->theTable 00890 * @return void 00891 * @access private 00892 * @see deleteRecord() 00893 */ 00894 function deleteFilesFromRecord($uid) { 00895 $table = $this->theTable; 00896 $rec = $GLOBALS['TSFE']->sys_page->getRawRecord($table,$uid); 00897 00898 $GLOBALS['TSFE']->includeTCA(); 00899 t3lib_div::loadTCA($table); 00900 $iFields=array(); 00901 foreach ($GLOBALS['TCA'][$table]['columns'] as $field => $conf) { 00902 if ($conf['config']['type']=='group' && $conf['config']['internal_type']=='file') { 00903 00904 $GLOBALS['TYPO3_DB']->exec_UPDATEquery($table, 'uid='.intval($uid), array($field => '')); 00905 00906 $delFileArr = explode(',',$rec[$field]); 00907 foreach ($delFileArr as $n) { 00908 if ($n) { 00909 $fpath = $conf['config']['uploadfolder'].'/'.$n; 00910 unlink($fpath); 00911 } 00912 } 00913 } 00914 } 00915 } 00916 00917 00918 00919 00920 00921 00922 00923 00924 00925 00926 00927 00928 00929 00930 00931 00932 00933 00934 00935 00936 00937 /***************************************** 00938 * 00939 * Command "display" functions 00940 * 00941 *****************************************/ 00942 00943 /** 00944 * Creates the preview display of delete actions 00945 * 00946 * @return string HTML content 00947 * @see init() 00948 */ 00949 function displayDeleteScreen() { 00950 if ($this->conf['delete']) { // If deleting is enabled 00951 $origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable, $this->recUid); 00952 if ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr)) { // Must be logged in OR be authenticated by the aC code in order to delete 00953 // If the recUid selects a record.... (no check here) 00954 if (is_array($origArr)) { 00955 if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr, $GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf'])) { // Display the form, if access granted. 00956 $this->markerArray['###HIDDENFIELDS###'].= '<input type="hidden" name="rU" value="'.$this->recUid.'" />'; 00957 $content = $this->getPlainTemplate('###TEMPLATE_DELETE_PREVIEW###', $origArr); 00958 } else { // Else display error, that you could not edit that particular record... 00959 $content = $this->getPlainTemplate('###TEMPLATE_NO_PERMISSIONS###'); 00960 } 00961 } 00962 } else { // Finally this is if there is no login user. This must tell that you must login. Perhaps link to a page with create-user or login information. 00963 $content = $this->getPlainTemplate('###TEMPLATE_AUTH###'); 00964 } 00965 } else { 00966 $content.='Delete-option is not set in TypoScript'; 00967 } 00968 return $content; 00969 } 00970 00971 /** 00972 * Creates the "create" screen for records 00973 * 00974 * @return string HTML content 00975 * @see init() 00976 */ 00977 function displayCreateScreen() { 00978 if ($this->conf['create']) { 00979 $templateCode = $this->cObj->getSubpart($this->templateCode, ((!$GLOBALS['TSFE']->loginUser||$this->conf['create.']['noSpecialLoginForm'])?'###TEMPLATE_CREATE'.$this->previewLabel.'###':'###TEMPLATE_CREATE_LOGIN'.$this->previewLabel.'###')); 00980 $failure = t3lib_div::_GP('noWarnings')?'':$this->failure; 00981 if (!$failure) $templateCode = $this->cObj->substituteSubpart($templateCode, '###SUB_REQUIRED_FIELDS_WARNING###', ''); 00982 00983 $templateCode = $this->removeRequired($templateCode,$failure); 00984 $this->setCObjects($templateCode); 00985 00986 if (!is_array($this->dataArr)) { 00987 $this->dataArr = array(); 00988 } 00989 00990 $markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $this->dataArr, '', TRUE, 'FIELD_', $this->recInMarkersHSC); 00991 if ($this->conf['create.']['preview'] && !$this->previewLabel) {$markerArray['###HIDDENFIELDS###'].= '<input type="hidden" name="preview" value="1" />';} 00992 $content = $this->cObj->substituteMarkerArray($templateCode, $markerArray); 00993 $content.=$this->cObj->getUpdateJS($this->modifyDataArrForFormUpdate($this->dataArr), $this->theTable.'_form', 'FE['.$this->theTable.']', $this->fieldList.$this->additionalUpdateFields); 00994 } 00995 return $content; 00996 } 00997 00998 /** 00999 * Creates the edit-screen for records 01000 * 01001 * @return string HTML content 01002 * @see init() 01003 */ 01004 function displayEditScreen() { 01005 if ($this->conf['edit']) { // If editing is enabled 01006 $origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable, $this->dataArr['uid']?$this->dataArr['uid']:$this->recUid); 01007 01008 if ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr)) { // Must be logged in OR be authenticated by the aC code in order to edit 01009 // If the recUid selects a record.... (no check here) 01010 if (is_array($origArr)) { 01011 if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr, $GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf'])) { // Display the form, if access granted. 01012 $content=$this->displayEditForm($origArr); 01013 } else { // Else display error, that you could not edit that particular record... 01014 $content = $this->getPlainTemplate('###TEMPLATE_NO_PERMISSIONS###'); 01015 } 01016 } elseif ($GLOBALS['TSFE']->loginUser) { // If the recUid did not select a record, we display a menu of records. (eg. if no recUid) 01017 $lockPid = $this->conf['edit.']['menuLockPid'] ? ' AND pid='.intval($this->thePid) : ''; 01018 01019 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->theTable, '1 '.$lockPid.$this->cObj->DBmayFEUserEditSelect($this->theTable,$GLOBALS['TSFE']->fe_user->user, $this->conf['allowedGroups'],$this->conf['fe_userEditSelf']).$GLOBALS['TSFE']->sys_page->deleteClause($this->theTable)); 01020 01021 if ($GLOBALS['TYPO3_DB']->sql_num_rows($res)) { // If there are menu-items ... 01022 $templateCode = $this->getPlainTemplate('###TEMPLATE_EDITMENU###'); 01023 $out=''; 01024 $itemCode = $this->cObj->getSubpart($templateCode, '###ITEM###'); 01025 while($menuRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { 01026 $markerArray = $this->cObj->fillInMarkerArray(array(), $menuRow, '', TRUE, 'FIELD_', $this->recInMarkersHSC); 01027 $markerArray = $this->setCObjects($itemCode,$menuRow,$markerArray,'ITEM_'); 01028 $out.= $this->cObj->substituteMarkerArray($itemCode, $markerArray); 01029 } 01030 $content=$this->cObj->substituteSubpart($templateCode, '###ALLITEMS###', $out); 01031 } else { // If there are not menu items.... 01032 $content = $this->getPlainTemplate('###TEMPLATE_EDITMENU_NOITEMS###'); 01033 } 01034 } else { 01035 $content = $this->getPlainTemplate('###TEMPLATE_AUTH###'); 01036 } 01037 } else { // Finally this is if there is no login user. This must tell that you must login. Perhaps link to a page with create-user or login information. 01038 $content = $this->getPlainTemplate('###TEMPLATE_AUTH###'); 01039 } 01040 } else { 01041 $content.='Edit-option is not set in TypoScript'; 01042 } 01043 return $content; 01044 } 01045 01046 /** 01047 * Subfunction for displayEditScreen(); Takes a record and creates an edit form based on the template code for it. 01048 * This function is called if the user is editing a record and permitted to do so. Checked in displayEditScreen() 01049 * 01050 * @param array The array with the record to edit 01051 * @return string HTML content 01052 * @access private 01053 * @see displayEditScreen() 01054 */ 01055 function displayEditForm($origArr) { 01056 $currentArr = is_array($this->dataArr) ? $this->dataArr+$origArr : $origArr; 01057 01058 if ($this->conf['debug']) debug('displayEditForm(): '.'###TEMPLATE_EDIT'.$this->previewLabel.'###',1); 01059 $templateCode = $this->cObj->getSubpart($this->templateCode, '###TEMPLATE_EDIT'.$this->previewLabel.'###'); 01060 $failure = t3lib_div::_GP('noWarnings')?'':$this->failure; 01061 if (!$failure) {$templateCode = $this->cObj->substituteSubpart($templateCode, '###SUB_REQUIRED_FIELDS_WARNING###', '');} 01062 01063 $templateCode = $this->removeRequired($templateCode,$failure); 01064 01065 $this->setCObjects($templateCode,$currentArr); 01066 01067 $markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $currentArr, '', TRUE, 'FIELD_', $this->recInMarkersHSC); 01068 01069 $markerArray['###HIDDENFIELDS###'].= '<input type="hidden" name="FE['.$this->theTable.'][uid]" value="'.$currentArr['uid'].'" />'; 01070 if ($this->conf['edit.']['preview'] && !$this->previewLabel) {$markerArray['###HIDDENFIELDS###'].= '<input type="hidden" name="preview" value="1" />';} 01071 $content = $this->cObj->substituteMarkerArray($templateCode, $markerArray); 01072 $content.=$this->cObj->getUpdateJS($this->modifyDataArrForFormUpdate($currentArr), $this->theTable.'_form', 'FE['.$this->theTable.']', $this->fieldList.$this->additionalUpdateFields); 01073 01074 return $content; 01075 } 01076 01077 /** 01078 * Processes socalled "setfixed" commands. These are commands setting a certain field in a certain record to a certain value. Like a link you can click in an email which will unhide a record to enable something. Or likewise a link which can delete a record by a single click. 01079 * The idea is that only some allowed actions like this is allowed depending on the configured TypoScript. 01080 * 01081 * @return string HTML content displaying the status of the action 01082 */ 01083 function procesSetFixed() { 01084 if ($this->conf['setfixed']) { 01085 $theUid = intval($this->recUid); 01086 $origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable, $theUid); 01087 $fD = t3lib_div::_GP('fD'); 01088 $sFK = t3lib_div::_GP('sFK'); 01089 01090 $fieldArr=array(); 01091 if (is_array($fD) || $sFK=='DELETE') { 01092 if (is_array($fD)) { 01093 foreach ($fD as $field => $value) { 01094 $origArr[$field]=$value; 01095 $fieldArr[]=$field; 01096 } 01097 } 01098 $theCode = $this->setfixedHash($origArr,$origArr['_FIELDLIST']); 01099 if (!strcmp($this->authCode,$theCode)) { 01100 if ($sFK=='DELETE') { 01101 $this->cObj->DBgetDelete($this->theTable, $theUid, TRUE); 01102 } else { 01103 $newFieldList = implode(',',array_intersect(t3lib_div::trimExplode(',',$this->fieldList),t3lib_div::trimExplode(',',implode($fieldArr,','),1))); 01104 $this->cObj->DBgetUpdate($this->theTable, $theUid, $fD, $newFieldList, TRUE); 01105 $this->currentArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$theUid); 01106 $this->userProcess_alt($this->conf['setfixed.']['userFunc_afterSave'],$this->conf['setfixed.']['userFunc_afterSave.'],array('rec'=>$this->currentArr, 'origRec'=>$origArr)); 01107 } 01108 01109 // Outputting template 01110 $this->markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $origArr, '', TRUE, 'FIELD_', $this->recInMarkersHSC); 01111 $content = $this->getPlainTemplate('###TEMPLATE_SETFIXED_OK_'.$sFK.'###'); 01112 if (!$content) {$content = $this->getPlainTemplate('###TEMPLATE_SETFIXED_OK###');} 01113 01114 // Compiling email 01115 $this->compileMail( 01116 'SETFIXED_'.$sFK, 01117 array($origArr), 01118 $origArr[$this->conf['email.']['field']], 01119 $this->conf['setfixed.'] 01120 ); 01121 // Clearing cache if set: 01122 $this->clearCacheIfSet(); 01123 } else $content = $this->getPlainTemplate('###TEMPLATE_SETFIXED_FAILED###'); 01124 } else $content = $this->getPlainTemplate('###TEMPLATE_SETFIXED_FAILED###'); 01125 } 01126 return $content; 01127 } 01128 01129 01130 01131 01132 01133 01134 01135 01136 01137 01138 01139 01140 01141 01142 01143 01144 01145 01146 01147 01148 01149 01150 01151 /***************************************** 01152 * 01153 * Template processing functions 01154 * 01155 *****************************************/ 01156 01157 01158 01159 /** 01160 * Remove required parts from template code string 01161 * Works like this: 01162 * - You insert subparts like this ###SUB_REQUIRED_FIELD_'.$theField.'### in the template that tells what is required for the field, if it's not correct filled in. 01163 * - These subparts are all removed, except if the field is listed in $failure string! 01164 * 01165 * Only fields that are found in $this->requiredArr is processed. 01166 * 01167 * @param string The template HTML code 01168 * @param string Comma list of fields which has errors (and therefore should not be removed) 01169 * @return string The processed template HTML code 01170 */ 01171 function removeRequired($templateCode,$failure) { 01172 foreach ($this->requiredArr as $theField) { 01173 if (!t3lib_div::inList($failure,$theField)) { 01174 $templateCode = $this->cObj->substituteSubpart($templateCode, '###SUB_REQUIRED_FIELD_'.$theField.'###', ''); 01175 } 01176 } 01177 return $templateCode; 01178 } 01179 01180 /** 01181 * Returns template subpart HTML code for the key given 01182 * 01183 * @param string Subpart marker to return subpart for. 01184 * @param array Optional data record array. If set, then all fields herein will also be substituted if found as markers in the template 01185 * @return string The subpart with all markers found in current $this->markerArray substituted. 01186 * @see tslib_cObj::fillInMarkerArray() 01187 */ 01188 function getPlainTemplate($key,$r='') { 01189 if ($this->conf['debug']) debug('getPlainTemplate(): '.$key,1); 01190 $templateCode = $this->cObj->getSubpart($this->templateCode, $key); 01191 $this->setCObjects($templateCode,is_array($r)?$r:array()); 01192 return $this->cObj->substituteMarkerArray( 01193 $templateCode, 01194 is_array($r) ? $this->cObj->fillInMarkerArray($this->markerArray, $r, '', TRUE, 'FIELD_', $this->recInMarkersHSC) : $this->markerArray 01195 ); 01196 } 01197 01198 /** 01199 * Modifies input array for passing on to tslib_cObj::getUpdateJS() which produces some JavaScript for form evaluation or the like. 01200 * 01201 * @param array The data array 01202 * @return array The processed input array 01203 * @see displayCreateScreen(), displayEditForm(), tslib_cObj::getUpdateJS() 01204 */ 01205 function modifyDataArrForFormUpdate($inputArr) { 01206 if (is_array($this->conf[$this->cmdKey.'.']['evalValues.'])) { 01207 foreach ($this->conf[$this->cmdKey.'.']['evalValues.'] as $theField => $theValue) { 01208 $listOfCommands = t3lib_div::trimExplode(',',$theValue,1); 01209 foreach ($listOfCommands as $cmd) { 01210 $cmdParts = preg_split('/\[|\]/', $cmd); // Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array. 01211 $theCmd = trim($cmdParts[0]); 01212 switch($theCmd) { 01213 case 'twice': 01214 if (isset($inputArr[$theField])) { 01215 if (!isset($inputArr[$theField.'_again'])) { 01216 $inputArr[$theField.'_again'] = $inputArr[$theField]; 01217 } 01218 $this->additionalUpdateFields.=','.$theField.'_again'; 01219 } 01220 break; 01221 } 01222 } 01223 } 01224 } 01225 if (is_array($this->conf['parseValues.'])) { 01226 foreach ($this->conf['parseValues.'] as $theField => $theValue) { 01227 $listOfCommands = t3lib_div::trimExplode(',',$theValue,1); 01228 foreach ($listOfCommands as $cmd) { 01229 $cmdParts = preg_split('/\[|\]/', $cmd); // Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array. 01230 $theCmd = trim($cmdParts[0]); 01231 switch($theCmd) { 01232 case 'multiple': 01233 if (isset($inputArr[$theField]) && !$this->isPreview()) { 01234 $inputArr[$theField] = explode(',',$inputArr[$theField]); 01235 } 01236 break; 01237 case 'checkArray': 01238 if ($inputArr[$theField] && !$this->isPreview()) { 01239 for($a=0;$a<=30;$a++) { 01240 if ($inputArr[$theField] & pow(2,$a)) { 01241 $alt_theField = $theField.']['.$a; 01242 $inputArr[$alt_theField] = 1; 01243 $this->additionalUpdateFields.=','.$alt_theField; 01244 } 01245 } 01246 } 01247 break; 01248 } 01249 } 01250 } 01251 } 01252 01253 01254 $inputArr = $this->userProcess_alt( 01255 $this->conf['userFunc_updateArray'], 01256 $this->conf['userFunc_updateArray.'], 01257 $inputArr 01258 ); 01259 01260 return $this->escapeHTML($inputArr); 01261 } 01262 01263 /** 01264 * Will render TypoScript cObjects (configured in $this->conf['cObjects.']) and add their content to keys in a markerArray, either the array passed to the function or the internal one ($this->markerArray) if the input $markerArray is not set. 01265 * 01266 * @param string The current template code string. Is used to check if the marker string is found and if not, the content object is not rendered! 01267 * @param array An alternative data record array (if empty then $this->dataArr is used) 01268 * @param mixed An alternative markerArray to fill in (instead of $this->markerArray). If you want to set the cobjects in the internal $this->markerArray, then just set this to non-array value. 01269 * @param string Optional prefix to set for the marker strings. 01270 * @return array The processed $markerArray (if given). 01271 */ 01272 function setCObjects($templateCode,$currentArr=array(),$markerArray='',$specialPrefix='') { 01273 if (is_array($this->conf['cObjects.'])) { 01274 01275 foreach ($this->conf['cObjects.'] as $theKey => $theConf) { 01276 if (!strstr($theKey,'.')) { 01277 if (strstr($templateCode,'###'.$specialPrefix.'CE_'.$theKey.'###')) { 01278 $cObjCode = $this->cObj->cObjGetSingle($this->conf['cObjects.'][$theKey], $this->conf['cObjects.'][$theKey.'.'], 'cObjects.'.$theKey); 01279 01280 if (!is_array($markerArray)) { 01281 $this->markerArray['###'.$specialPrefix.'CE_'.$theKey.'###'] = $cObjCode; 01282 } else { 01283 $markerArray['###'.$specialPrefix.'CE_'.$theKey.'###'] = $cObjCode; 01284 } 01285 } 01286 if (strstr($templateCode,'###'.$specialPrefix.'PCE_'.$theKey.'###')) { 01287 $local_cObj =t3lib_div::makeInstance('tslib_cObj'); 01288 $local_cObj->start(count($currentArr)?$currentArr:$this->dataArr,$this->theTable); 01289 $cObjCode = $local_cObj->cObjGetSingle($this->conf['cObjects.'][$theKey], $this->conf['cObjects.'][$theKey.'.'], 'cObjects.'.$theKey); 01290 01291 if (!is_array($markerArray)) { 01292 $this->markerArray['###'.$specialPrefix.'PCE_'.$theKey.'###'] = $cObjCode; 01293 } else { 01294 $markerArray['###'.$specialPrefix.'PCE_'.$theKey.'###'] = $cObjCode; 01295 } 01296 } 01297 } 01298 } 01299 } 01300 return $markerArray; 01301 } 01302 01303 01304 01305 01306 01307 01308 01309 01310 01311 01312 01313 01314 01315 01316 01317 01318 01319 01320 01321 /***************************************** 01322 * 01323 * Emailing 01324 * 01325 *****************************************/ 01326 01327 /** 01328 * Sends info mail to user 01329 * 01330 * @return string HTML content message 01331 * @see init(),compileMail(), sendMail() 01332 */ 01333 function sendInfoMail() { 01334 if ($this->conf['infomail'] && $this->conf['email.']['field']) { 01335 $fetch = t3lib_div::_GP('fetch'); 01336 if ($fetch) { 01337 // Getting infomail config. 01338 $key= trim(t3lib_div::_GP('key')); 01339 if (is_array($this->conf['infomail.'][$key.'.'])) { 01340 $config = $this->conf['infomail.'][$key.'.']; 01341 } else { 01342 $config = $this->conf['infomail.']['default.']; 01343 } 01344 $pidLock=''; 01345 if (!$config['dontLockPid']) { 01346 $pidLock='AND pid IN ('.$this->thePid.') '; 01347 } 01348 01349 // Getting records 01350 if (t3lib_div::testInt($fetch)) { 01351 $DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,'uid',$fetch,$pidLock,'','','1'); 01352 } elseif ($fetch) { // $this->conf['email.']['field'] must be a valid field in the table! 01353 $DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,$this->conf['email.']['field'],$fetch,$pidLock,'','','100'); 01354 } 01355 01356 // Processing records 01357 if (is_array($DBrows)) { 01358 $recipient = $DBrows[0][$this->conf['email.']['field']]; 01359 $this->compileMail($config['label'], $DBrows, $recipient, $this->conf['setfixed.']); 01360 } elseif ($this->cObj->checkEmail($fetch)) { 01361 $this->sendMail($fetch, '', trim($this->cObj->getSubpart($this->templateCode, '###'.$this->emailMarkPrefix.'NORECORD###'))); 01362 } 01363 01364 $content = $this->getPlainTemplate('###TEMPLATE_INFOMAIL_SENT###'); 01365 } else { 01366 $content = $this->getPlainTemplate('###TEMPLATE_INFOMAIL###'); 01367 } 01368 } else $content='Error: infomail option is not available or emailField is not setup in TypoScript'; 01369 return $content; 01370 } 01371 01372 /** 01373 * Compiles and sends a mail based on input values + template parts. Looks for a normal and an "-admin" template and may send both kinds of emails. See documentation in TSref. 01374 * 01375 * @param string A key which together with $this->emailMarkPrefix will identify the part from the template code to use for the email. 01376 * @param array An array of records which fields are substituted in the templates 01377 * @param mixed Mail recipient. If string then its supposed to be an email address. If integer then its a uid of a fe_users record which is looked up and the email address from here is used for sending the mail. 01378 * @param array Additional fields to set in the markerArray used in the substitution process 01379 * @return void 01380 */ 01381 function compileMail($key, $DBrows, $recipient, $setFixedConfig=array()) { 01382 $GLOBALS['TT']->push('compileMail'); 01383 $mailContent=''; 01384 $key = $this->emailMarkPrefix.$key; 01385 01386 $userContent['all'] = trim($this->cObj->getSubpart($this->templateCode, '###'.$key.'###')); 01387 $adminContent['all'] = trim($this->cObj->getSubpart($this->templateCode, '###'.$key.'-ADMIN###')); 01388 $userContent['rec'] = $this->cObj->getSubpart($userContent['all'], '###SUB_RECORD###'); 01389 $adminContent['rec'] = $this->cObj->getSubpart($adminContent['all'], '###SUB_RECORD###'); 01390 01391 foreach ($DBrows as $r) { 01392 $markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $r,'',0); 01393 $markerArray = $this->setCObjects($userContent['rec'].$adminContent['rec'],$r,$markerArray,'ITEM_'); 01394 $markerArray['###SYS_AUTHCODE###'] = $this->authCode($r); 01395 $markerArray = $this->setfixed($markerArray, $setFixedConfig, $r); 01396 01397 if ($userContent['rec']) $userContent['accum'] .=$this->cObj->substituteMarkerArray($userContent['rec'], $markerArray); 01398 if ($adminContent['rec']) $adminContent['accum'].=$this->cObj->substituteMarkerArray($adminContent['rec'], $markerArray); 01399 } 01400 01401 if ($userContent['all']) $userContent['final'] .=$this->cObj->substituteSubpart($userContent['all'], '###SUB_RECORD###', $userContent['accum']); 01402 if ($adminContent['all']) $adminContent['final'].=$this->cObj->substituteSubpart($adminContent['all'], '###SUB_RECORD###', $adminContent['accum']); 01403 01404 if (t3lib_div::testInt($recipient)) { 01405 $fe_userRec = $GLOBALS['TSFE']->sys_page->getRawRecord('fe_users',$recipient); 01406 $recipient=$fe_userRec['email']; 01407 } 01408 01409 $GLOBALS['TT']->setTSlogMessage('Template key: ###'.$key.'###, userContentLength: '.strlen($userContent['final']).', adminContentLength: '.strlen($adminContent['final'])); 01410 01411 $this->sendMail($recipient, $this->conf['email.']['admin'], $userContent['final'], $adminContent['final']); 01412 $GLOBALS['TT']->pull(); 01413 } 01414 01415 /** 01416 * Actually sends the requested mails (through $this->cObj->sendNotifyEmail or through $this->sendHTMLMail). 01417 * As of TYPO3 v4.3 with autoloader, a check for $GLOBALS['TSFE']->config['config']['incT3Lib_htmlmail'] has been included for backwards compatibility. 01418 * 01419 * @param string Recipient email address (or list) 01420 * @param string Possible "admin" email address. Will enable sending of admin emails if also $adminContent is provided 01421 * @param string Content for the regular email to user 01422 * @param string Content for the admin email to administrator 01423 * @return void 01424 * @access private 01425 * @see compileMail(), sendInfoMail() 01426 */ 01427 function sendMail($recipient, $admin, $content='', $adminContent='') { 01428 // Admin mail: 01429 if ($admin && $adminContent) { 01430 if (!$this->isHTMLContent($adminContent) || !$GLOBALS['TSFE']->config['config']['incT3Lib_htmlmail']) { 01431 $admMail = $this->cObj->sendNotifyEmail( 01432 strip_tags($adminContent), 01433 $admin, 01434 '', 01435 $this->conf['email.']['from'], 01436 $this->conf['email.']['fromName'], 01437 $recipient 01438 ); 01439 } else { 01440 $this->sendHTMLMail($adminContent, 01441 $admin, 01442 '', 01443 $this->conf['email.']['from'], 01444 $this->conf['email.']['fromName'], 01445 $recipient 01446 ); 01447 } 01448 } 01449 // user mail: 01450 if (!$this->isHTMLContent($content) || !$GLOBALS['TSFE']->config['config']['incT3Lib_htmlmail']) { 01451 $this->cObj->sendNotifyEmail( 01452 strip_tags($content), 01453 $recipient, 01454 '', // ($admMail ? '' : $admin), // If the special administration mail was not found and send, the regular is... 01455 $this->conf['email.']['from'], 01456 $this->conf['email.']['fromName'] 01457 ); 01458 } else { 01459 $this->sendHTMLMail($content, 01460 $recipient, 01461 '', // ($admMail ? '' : $admin), // If the special administration mail was not found and send, the regular is... 01462 $this->conf['email.']['from'], 01463 $this->conf['email.']['fromName'] 01464 ); 01465 } 01466 } 01467 01468 /** 01469 * Detects if content is HTML (looking for <html> tag as first and last in string) 01470 * 01471 * @param string Content string to test 01472 * @return boolean Returns true if the content begins and ends with <html></html>-tags 01473 */ 01474 function isHTMLContent($c) { 01475 $c = trim($c); 01476 $first = strtolower(substr($c,0,6)); 01477 $last = strtolower(substr($c,-7)); 01478 if ($first.$last=='<html></html>') return 1; 01479 } 01480 01481 /** 01482 * Sending HTML email, using same parameters as tslib_cObj::sendNotifyEmail() 01483 * 01484 * @param string The message content. If blank, no email is sent. 01485 * @param string Comma list of recipient email addresses 01486 * @param string IGNORE this parameter 01487 * @param string "From" email address 01488 * @param string Optional "From" name 01489 * @param string Optional "Reply-To" header email address. 01490 * @return void 01491 * @access private 01492 * @see sendMail(), tslib_cObj::sendNotifyEmail() 01493 */ 01494 function sendHTMLMail($content,$recipient,$dummy,$fromEmail,$fromName,$replyTo='') { 01495 if (trim($recipient) && trim($content)) { 01496 $parts = spliti('<title>|</title>',$content,3); 01497 $subject = trim($parts[1]) ? trim($parts[1]) : 'TYPO3 FE Admin message'; 01498 01499 $Typo3_htmlmail = t3lib_div::makeInstance('t3lib_htmlmail'); 01500 $Typo3_htmlmail->start(); 01501 $Typo3_htmlmail->useBase64(); 01502 01503 $Typo3_htmlmail->subject = $subject; 01504 $Typo3_htmlmail->from_email = $fromEmail; 01505 $Typo3_htmlmail->from_name = $fromName; 01506 $Typo3_htmlmail->replyto_email = $replyTo ? $replyTo : $fromEmail; 01507 $Typo3_htmlmail->replyto_name = $replyTo ? '' : $fromName; 01508 $Typo3_htmlmail->organisation = ''; 01509 $Typo3_htmlmail->priority = 3; 01510 01511 // HTML 01512 $Typo3_htmlmail->theParts['html']['content'] = $content; // Fetches the content of the page 01513 $Typo3_htmlmail->theParts['html']['path'] = ''; 01514 $Typo3_htmlmail->extractMediaLinks(); 01515 $Typo3_htmlmail->extractHyperLinks(); 01516 $Typo3_htmlmail->fetchHTMLMedia(); 01517 $Typo3_htmlmail->substMediaNamesInHTML(0); // 0 = relative 01518 $Typo3_htmlmail->substHREFsInHTML(); 01519 $Typo3_htmlmail->setHTML($Typo3_htmlmail->encodeMsg($Typo3_htmlmail->theParts['html']['content'])); 01520 01521 // PLAIN 01522 $Typo3_htmlmail->addPlain(''); 01523 01524 // SET Headers and Content 01525 $Typo3_htmlmail->setHeaders(); 01526 $Typo3_htmlmail->setContent(); 01527 $Typo3_htmlmail->setRecipient($recipient); 01528 01529 $Typo3_htmlmail->sendtheMail(); 01530 } 01531 } 01532 01533 01534 01535 01536 01537 01538 01539 01540 01541 01542 01543 01544 01545 01546 01547 01548 01549 01550 01551 01552 01553 01554 01555 01556 /***************************************** 01557 * 01558 * Various helper functions 01559 * 01560 *****************************************/ 01561 01562 01563 /** 01564 * Returns true if authentication is OK based on the "aC" code which is a GET parameter set from outside with a hash string which must match some internal hash string. 01565 * This allows to authenticate editing without having a fe_users login 01566 * Uses $this->authCode which is set in init() by "t3lib_div::_GP('aC');" 01567 * 01568 * @param array The data array for which to evaluate authentication 01569 * @return boolean True if authenticated OK 01570 * @see authCode(), init() 01571 */ 01572 function aCAuth($r) { 01573 if ($this->authCode && !strcmp($this->authCode,$this->authCode($r))) { 01574 return true; 01575 } 01576 } 01577 01578 /** 01579 * Creating authentication hash string based on input record and the fields listed in TypoScript property "authcodeFields" 01580 * 01581 * @param array The data record 01582 * @param string Additional string to include in the hash 01583 * @return string Hash string of $this->codeLength (if TypoScript "authcodeFields" was set) 01584 * @see aCAuth() 01585 */ 01586 function authCode($r,$extra='') { 01587 $l=$this->codeLength; 01588 if ($this->conf['authcodeFields']) { 01589 $fieldArr = t3lib_div::trimExplode(',', $this->conf['authcodeFields'], 1); 01590 $value=''; 01591 foreach ($fieldArr as $field) { 01592 $value.=$r[$field].'|'; 01593 } 01594 $value.=$extra.'|'.$this->conf['authcodeFields.']['addKey']; 01595 if ($this->conf['authcodeFields.']['addDate']) { 01596 $value.='|'.date($this->conf['authcodeFields.']['addDate']); 01597 } 01598 $value.=$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']; 01599 return substr(md5($value), 0,$l); 01600 } 01601 } 01602 01603 /** 01604 * Adding keys to the marker array with "setfixed" GET parameters 01605 * 01606 * @param array Marker-array to modify/add a key to. 01607 * @param array TypoScript properties configuring "setfixed" for the plugin. Basically this is $this->conf['setfixed.'] passed along. 01608 * @param array The data record 01609 * @return array Processed $markerArray 01610 * @see compileMail() 01611 */ 01612 function setfixed($markerArray, $setfixed, $r) { 01613 if (is_array($setfixed)) { 01614 foreach ($setfixed as $theKey => $data) { 01615 if (!strcmp($theKey,'DELETE')) { 01616 $recCopy = $r; 01617 $string='&cmd=setfixed&sFK='.rawurlencode($theKey).'&rU='.$r['uid']; 01618 $string.='&aC='.$this->setfixedHash($recCopy,$data['_FIELDLIST']); 01619 $markerArray['###SYS_SETFIXED_DELETE###'] = $string; 01620 $markerArray['###SYS_SETFIXED_HSC_DELETE###'] = htmlspecialchars($string); 01621 } elseif (strstr($theKey,'.')) { 01622 $theKey = substr($theKey,0,-1); 01623 if (is_array($data)) { 01624 $recCopy = $r; 01625 $string='&cmd=setfixed&sFK='.rawurlencode($theKey).'&rU='.$r['uid']; 01626 foreach ($data as $fieldName => $fieldValue) { 01627 $string.='&fD%5B'.$fieldName.'%5D='.rawurlencode($fieldValue); 01628 $recCopy[$fieldName]=$fieldValue; 01629 } 01630 $string.='&aC='.$this->setfixedHash($recCopy,$data['_FIELDLIST']); 01631 $markerArray['###SYS_SETFIXED_'.$theKey.'###'] = $string; 01632 $markerArray['###SYS_SETFIXED_HSC_'.$theKey.'###'] = htmlspecialchars($string); 01633 } 01634 } 01635 } 01636 } 01637 return $markerArray; 01638 } 01639 01640 /** 01641 * Creating hash string for setFixed. Much similar to authCode() 01642 * 01643 * @param array The data record 01644 * @param string List of fields to use 01645 * @return string Hash string of $this->codeLength (if TypoScript "authcodeFields" was set) 01646 * @see setfixed(),authCode() 01647 */ 01648 function setfixedHash($recCopy,$fields='') { 01649 if ($fields) { 01650 $fieldArr = t3lib_div::trimExplode(',',$fields,1); 01651 foreach ($fieldArr as $k => $v) { 01652 $recCopy_temp[$k]=$recCopy[$v]; 01653 } 01654 } else { 01655 $recCopy_temp=$recCopy; 01656 } 01657 $encStr = implode('|',$recCopy_temp).'|'.$this->conf['authcodeFields.']['addKey'].'|'.$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']; 01658 $hash = substr(md5($encStr),0,$this->codeLength); 01659 return $hash; 01660 } 01661 01662 01663 /** 01664 * Returns true if preview display is on. 01665 * 01666 * @return boolean 01667 */ 01668 function isPreview() { 01669 return ($this->conf[$this->cmdKey.'.']['preview'] && $this->preview); 01670 } 01671 01672 /** 01673 * Creates an instance of class "t3lib_basicFileFunctions" in $this->fileFunc (if not already done) 01674 * 01675 * @return void 01676 */ 01677 function createFileFuncObj() { 01678 if (!$this->fileFunc) { 01679 $this->fileFunc = t3lib_div::makeInstance('t3lib_basicFileFunctions'); 01680 } 01681 } 01682 01683 /** 01684 * If TypoScript property clearCacheOfPages is set then all page ids in this value will have their cache cleared 01685 * 01686 * @return void 01687 */ 01688 function clearCacheIfSet() { 01689 if ($this->conf['clearCacheOfPages']) { 01690 $cc_pidList = $GLOBALS['TYPO3_DB']->cleanIntList($this->conf['clearCacheOfPages']); 01691 $GLOBALS['TSFE']->clearPageCacheContent_pidList($cc_pidList); 01692 } 01693 } 01694 01695 /** 01696 * Returns an error message for the field/command combination inputted. The error message is looked up in the TypoScript properties (evalErrors.[fieldname].[command]) and if empty then the $label value is returned 01697 * 01698 * @param string Field name 01699 * @param string Command identifier string 01700 * @param string Alternative label, shown if no other error string was found 01701 * @return string The error message string 01702 */ 01703 function getFailure($theField, $theCmd, $label) { 01704 return isset($this->conf['evalErrors.'][$theField.'.'][$theCmd]) ? $this->conf['evalErrors.'][$theField.'.'][$theCmd] : $label; 01705 } 01706 01707 /** 01708 * Will escape HTML-tags 01709 * 01710 * @param mixed The unescaped data 01711 * @return mixed The processed input data 01712 */ 01713 function escapeHTML($var) { 01714 if (is_array($var)) { 01715 foreach ($var as $k => $value) { 01716 $var[$k] = $this->escapeHTML($var[$k]); 01717 } 01718 } else { 01719 $var = htmlspecialchars($var, ENT_NOQUOTES); 01720 } 01721 return $var; 01722 } 01723 } 01724 01725 01726 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['media/scripts/fe_adminLib.inc'])) { 01727 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['media/scripts/fe_adminLib.inc']); 01728 } 01729 ?>
1.8.0