t3lib

class.t3lib_frontendedit.php

Go to the documentation of this file.
00001 <?php
00002 /***************************************************************
00003 *  Copyright notice
00004 *
00005 *  (c) 2008 Jeff Segars <jeff@webempoweredchurch.org>
00006 *  (c) 2008 David Slayback <dave@webempoweredchurch.org>
00007 *  All rights reserved
00008 *
00009 *  This script is part of the TYPO3 project. The TYPO3 project is
00010 *  free software; you can redistribute it and/or modify
00011 *  it under the terms of the GNU General Public License as published by
00012 *  the Free Software Foundation; either version 2 of the License, or
00013 *  (at your option) any later version.
00014 *
00015 *  The GNU General Public License can be found at
00016 *  http://www.gnu.org/copyleft/gpl.html.
00017 *  A copy is found in the textfile GPL.txt and important notices to the license
00018 *  from the author is found in LICENSE.txt distributed with these scripts.
00019 *
00020 *
00021 *  This script is distributed in the hope that it will be useful,
00022 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00023 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00024 *  GNU General Public License for more details.
00025 *
00026 *  This copyright notice MUST APPEAR in all copies of the script!
00027 ***************************************************************/
00028 /**
00029  * Controller class for frontend editing.
00030  *
00031  * $Id: class.t3lib_frontendedit.php 4430 2008-11-06 20:45:50Z jsegars $
00032  *
00033  * @author  Jeff Segars <jeff@webempoweredchurch.org>
00034  * @author  David Slayback <dave@webempoweredchurch.org>
00035  * @package TYPO3
00036  * @subpackage t3lib
00037  */
00038 class t3lib_frontendedit {
00039 
00040     /**
00041      * TCEmain object.
00042      *
00043      * @var t3lib_tcemain
00044      */
00045     protected $tce;
00046 
00047 
00048     /**
00049      * Force preview?
00050      *
00051      * @var boolean
00052      */
00053     protected $ext_forcePreview = false;
00054 
00055     /**
00056      * Comma separated list of page UIDs to be published.
00057      *
00058      * @var string
00059      */
00060     protected $extPublishList = '';
00061 
00062     /**
00063      * Creates and initializes the TCEmain object.
00064      *
00065      * @return  void
00066      */
00067     public function __construct() {
00068         $this->tce = t3lib_div::makeInstance('t3lib_TCEmain');
00069         $this->tce->stripslashes_values=0;
00070     }
00071 
00072     /**
00073      * Initializes configuration options.
00074      *
00075      * @return  void
00076      */
00077     public function initConfigOptions() {
00078         $this->saveConfigOptions();
00079         $this->TSFE_EDIT = t3lib_div::_POST('TSFE_EDIT');
00080 
00081             // Setting some values based on the admin panel
00082         $GLOBALS['TSFE']->forceTemplateParsing = $this->extGetFeAdminValue('tsdebug', 'forceTemplateParsing');
00083         $GLOBALS['TSFE']->displayEditIcons = $this->extGetFeAdminValue('edit', 'displayIcons');
00084         $GLOBALS['TSFE']->displayFieldEditIcons = $this->extGetFeAdminValue('edit', 'displayFieldIcons');
00085 
00086         if ($this->extGetFeAdminValue('tsdebug', 'displayQueries')) {
00087             if ($GLOBALS['TYPO3_DB']->explainOutput == 0) {     // do not override if the value is already set in t3lib_db
00088                     // Enable execution of EXPLAIN SELECT queries
00089                 $GLOBALS['TYPO3_DB']->explainOutput = 3;
00090             }
00091         }
00092 
00093         if (t3lib_div::_GP('ADMCMD_editIcons')) {
00094             $GLOBALS['TSFE']->displayFieldEditIcons=1;
00095             $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_editNoPopup']=1;
00096         }
00097 
00098         if (t3lib_div::_GP('ADMCMD_simUser')) {
00099             $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['preview_simulateUserGroup']=intval(t3lib_div::_GP('ADMCMD_simUser'));
00100             $this->ext_forcePreview = true;
00101         }
00102 
00103         if (t3lib_div::_GP('ADMCMD_simTime')) {
00104             $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['preview_simulateDate']=intval(t3lib_div::_GP('ADMCMD_simTime'));
00105             $this->ext_forcePreview = true;
00106         }
00107 
00108             // Include classes for editing IF editing module in Admin Panel is open
00109         if (($this->isAdminModuleEnabled('edit') && $this->isAdminModuleOpen('edit')) || $GLOBALS['TSFE']->displayEditIcons == 1) {
00110             $GLOBALS['TSFE']->includeTCA();
00111             if ($this->isEditAction()) {
00112                 require_once (PATH_t3lib . 'class.t3lib_tcemain.php');
00113                 $this->editAction();
00114             }
00115 
00116             if ($this->isEditFormShown()) {
00117                 require_once(PATH_t3lib . 'class.t3lib_tceforms.php');
00118                 require_once(PATH_t3lib . 'class.t3lib_iconworks.php');
00119                 require_once(PATH_t3lib . 'class.t3lib_loaddbgroup.php');
00120                 require_once(PATH_t3lib . 'class.t3lib_transferdata.php');
00121             }
00122         }
00123 
00124         if ($GLOBALS['TSFE']->forceTemplateParsing || $GLOBALS['TSFE']->displayEditIcons || $GLOBALS['TSFE']->displayFieldEditIcons) {
00125             $GLOBALS['TSFE']->set_no_cache(); 
00126         }
00127     }
00128 
00129 
00130     /**
00131      * Delegates to the appropriate view and renders the admin panel content.
00132      *
00133      * @return  string.
00134      */
00135     public function displayAdmin() {
00136         $content = '';
00137         $adminClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['admin'];
00138         if ($adminClass && !$GLOBALS['BE_USER']->extAdminConfig['hide']) {
00139             $admin = &t3lib_div::getUserObj($adminClass);
00140             if (is_object($admin)) {
00141                 $content =  $admin->display();
00142             }
00143         }
00144 
00145         return $content;
00146     }
00147 
00148     /**
00149      * Generates the "edit panels" which can be shown for a page or records on a page when the Admin Panel is enabled for a backend users surfing the frontend.
00150      * With the "edit panel" the user will see buttons with links to editing, moving, hiding, deleting the element
00151      * This function is used for the cObject EDITPANEL and the stdWrap property ".editPanel"
00152      *
00153      * @param   string      A content string containing the content related to the edit panel. For cObject "EDITPANEL" this is empty but not so for the stdWrap property. The edit panel is appended to this string and returned.
00154      * @param   array       TypoScript configuration properties for the editPanel
00155      * @param   string      The "table:uid" of the record being shown. If empty string then $this->currentRecord is used. For new records (set by $conf['newRecordFromTable']) it's auto-generated to "[tablename]:NEW"
00156      * @param   array       Alternative data array to use. Default is $this->data
00157      * @return  string      The input content string with the editPanel appended. This function returns only an edit panel appended to the content string if a backend user is logged in (and has the correct permissions). Otherwise the content string is directly returned.
00158      * @link    http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=375&cHash=7d8915d508
00159      */
00160     public function displayEditPanel($content, array $conf, $currentRecord, array $dataArray) {
00161         if ($conf['newRecordFromTable']) {
00162             $currentRecord = $conf['newRecordFromTable'] . ':NEW';
00163             $conf['allow'] = 'new';
00164         }
00165 
00166         list($table, $uid) = explode(':', $currentRecord);
00167 
00168             // Page ID for new records, 0 if not specified
00169         $newRecordPid = intval($conf['newRecordInPid']);
00170         if (!$conf['onlyCurrentPid'] || $dataArray['pid'] == $GLOBALS['TSFE']->id) {
00171             if ($table=='pages') {
00172                 $newUid = $uid;
00173             } else {
00174                 if ($conf['newRecordFromTable']) {
00175                     $newUid = $GLOBALS['TSFE']->id;
00176                     if ($newRecordPid) {
00177                          $newUid = $newRecordPid;
00178                     }
00179                 } else {
00180                     $newUid = -1 * $uid;
00181                 }
00182             }
00183         }
00184 
00185         if ($GLOBALS['TSFE']->displayEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $this->allowedToEditLanguage($table, $dataArray)) {
00186             $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
00187             if ($editClass) {
00188                 $edit = &t3lib_div::getUserObj($editClass, false);
00189                 if (is_object($edit)) {
00190                     $allowedActions = $this->getAllowedEditActions($table, $conf, $dataArray['pid']);
00191                     $content = $edit->editPanel($content, $conf, $currentRecord, $dataArray, $table, $allowedActions, $newUid, $this->getHiddenFieldArray($dataArray));
00192                 }
00193             }
00194         }
00195 
00196         return $content;
00197     }
00198 
00199     /**
00200      * Gets the hidden fields (array key=field name, value=field value) to be used in the edit panel for a particular content element. 
00201      * In the normal case, no hidden fields are needed but special controllers such as TemplaVoila need to track flexform pointers, etc.
00202      *
00203      * @param   array   The data array for a specific content element.
00204      * @return  array
00205      */
00206     public function getHiddenFieldArray(array $dataArray) {
00207             // No special hidden fields needed.
00208         return array();
00209     }
00210 
00211     /**
00212      * Adds an edit icon to the content string. The edit icon links to alt_doc.php with proper parameters for editing the table/fields of the context.
00213      * This implements TYPO3 context sensitive editing facilities. Only backend users will have access (if properly configured as well).
00214      *
00215      * @param   string      The content to which the edit icons should be appended
00216      * @param   string      The parameters defining which table and fields to edit. Syntax is [tablename]:[fieldname],[fieldname],[fieldname],... OR [fieldname],[fieldname],[fieldname],... (basically "[tablename]:" is optional, default table is the one of the "current record" used in the function). The fieldlist is sent as "&columnsOnly=" parameter to alt_doc.php
00217      * @param   array       TypoScript properties for configuring the edit icons.
00218      * @param   string      The "table:uid" of the record being shown. If empty string then $this->currentRecord is used. For new records (set by $conf['newRecordFromTable']) it's auto-generated to "[tablename]:NEW"
00219      * @param   array       Alternative data array to use. Default is $this->data
00220      * @param   string      Additional URL parameters for the link pointing to alt_doc.php
00221      * @return  string      The input content string, possibly with edit icons added (not necessarily in the end but just after the last string of normal content.
00222      */
00223 
00224     public function displayEditIcons($content, $params, array $conf=array(), $currentRecord = '', array $dataArray = array(), $addUrlParamStr = '') {
00225             // Check incoming params:
00226         list($currentRecordTable, $currentRecordUID) = explode(':', $currentRecord);
00227         list($fieldList, $table) = array_reverse(t3lib_div::trimExplode(':', $params, 1)); // Reverse the array because table is optional
00228         if (!$table) {
00229             $table = $currentRecordTable;
00230         } elseif ($table != $currentRecordTable) {
00231                 return $content;    // If the table is set as the first parameter, and does not match the table of the current record, then just return.
00232         }
00233 
00234         $editUid = $dataArray['_LOCALIZED_UID'] ? $dataArray['_LOCALIZED_UID'] : $currentRecordUID;
00235 
00236             // Edit icons imply that the editing action is generally allowed, assuming page and content element permissions permit it.
00237         if(!array_key_exists('allow', $conf)) {
00238             $conf['allow'] = 'edit';
00239         }
00240 
00241         if ($GLOBALS['TSFE']->displayFieldEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $fieldList && $this->allowedToEditLanguage($table, $dataArray)) {
00242             $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
00243             if ($editClass) {
00244                 $edit = &t3lib_div::getUserObj($editClass);
00245                 if (is_object($edit)) {
00246                     $content = $edit->editIcons($content, $params, $conf, $currentRecord, $dataArray, $addURLParamStr, $table, $editUid, $fieldList);
00247                 }
00248             }
00249         }
00250 
00251         return $content;
00252     }
00253 
00254     /**
00255      * Checks if a Admin Panel section ("module") is available for the user. If so, true is returned.
00256      *
00257      * @param   string      The module key, eg. "edit", "preview", "info" etc.
00258      * @return  boolean
00259      */
00260     public function isAdminModuleEnabled($key) {
00261             // Returns true if the module checked is "preview" and the forcePreview flag is set.
00262         if ($key=='preview' && $this->ext_forcePreview) {
00263             return true;
00264         }
00265 
00266             // If key is not set, only "all" is checked
00267         if ($GLOBALS['BE_USER']->extAdminConfig['enable.']['all']) {
00268             return true;
00269         }
00270 
00271         if ($GLOBALS['BE_USER']->extAdminConfig['enable.'][$key]) {
00272             return true;
00273         }
00274     }
00275 
00276     /**
00277      * Saves any change in settings made in the Admin Panel.
00278      * Called from index_ts.php right after access check for the Admin Panel
00279      *
00280      * @return  void
00281      */
00282     public function saveConfigOptions() {
00283         $input = t3lib_div::_GP('TSFE_ADMIN_PANEL');
00284         if (is_array($input)) {
00285                 // Setting
00286             $GLOBALS['BE_USER']->uc['TSFE_adminConfig'] = array_merge(!is_array($GLOBALS['BE_USER']->uc['TSFE_adminConfig']) ? array() : $GLOBALS['BE_USER']->uc['TSFE_adminConfig'], $input);          // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
00287             unset($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['action']);
00288 
00289                 // Actions:
00290             if ($input['action']['clearCache'] && $this->isAdminModuleEnabled('cache')) {
00291                 $GLOBALS['BE_USER']->extPageInTreeInfo=array();
00292                 $theStartId = intval($input['cache_clearCacheId']);
00293                 $GLOBALS['TSFE']->clearPageCacheContent_pidList($GLOBALS['BE_USER']->extGetTreeList($theStartId, $this->extGetFeAdminValue('cache', 'clearCacheLevels'), 0, $GLOBALS['BE_USER']->getPagePermsClause(1)) . $theStartId);
00294             }
00295             if ($input['action']['publish'] && $this->isAdminModuleEnabled('publish')) {
00296                 $theStartId = intval($input['publish_id']);
00297                 $this->extPublishList = $GLOBALS['BE_USER']->extGetTreeList($theStartId, $this->extGetFeAdminValue('publish', 'levels'), 0, $GLOBALS['BE_USER']->getPagePermsClause(1)) . $theStartId;
00298             }
00299 
00300                 // Saving
00301             $GLOBALS['BE_USER']->writeUC();
00302         }
00303         $GLOBALS['TT']->LR = $this->extGetFeAdminValue('tsdebug', 'LR');
00304 
00305         if ($this->extGetFeAdminValue('cache', 'noCache')) {
00306             $GLOBALS['TSFE']->set_no_cache();
00307         }
00308 
00309             // Hook for post processing the frontend admin configuration. Added with TYPO3 4.2, so naming is now incorrect but preserves compatibility.
00310             // @deprecated  since TYPO3 4.3
00311         if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extSaveFeAdminConfig-postProc'])) {
00312             $_params = array('input' => &$input, 'pObj' => &$this);
00313             foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extSaveFeAdminConfig-postProc'] as $_funcRef) {
00314                 t3lib_div::callUserFunction($_funcRef, $_params, $this);
00315             }
00316         }
00317     }
00318 
00319     /**
00320      * Returns the value for a Admin Panel setting. You must specify both the module-key and the internal setting key.
00321      *
00322      * @param   string      Module key
00323      * @param   string      Setting key
00324      * @return  string      The setting value
00325      */
00326     public function extGetFeAdminValue($pre, $val='') {
00327                 // Check if module is enabled.
00328         if ($this->isAdminModuleEnabled($pre)) {
00329                 // Exceptions where the values can be overridden from backend:
00330                 // deprecated
00331             if ($pre . '_' . $val == 'edit_displayIcons' && $GLOBALS['BE_USER']->extAdminConfig['module.']['edit.']['forceDisplayIcons']) {
00332                 return true;
00333             }
00334             if ($pre . '_' . $val == 'edit_displayFieldIcons' && $GLOBALS['BE_USER']->extAdminConfig['module.']['edit.']['forceDisplayFieldIcons']) {
00335                 return true;
00336             }
00337 
00338                 // override all settings with user TSconfig
00339             if ($GLOBALS['BE_USER']->extAdminConfig['override.'][$pre . '.'][$val] && $val) {
00340                 return $GLOBALS['BE_USER']->extAdminConfig['override.'][$pre . '.'][$val];
00341             }
00342             if ($GLOBALS['BE_USER']->extAdminConfig['override.'][$pre]) {
00343                 return $GLOBALS['BE_USER']->extAdminConfig['override.'][$pre];
00344             }
00345 
00346             $retVal = $val ? $GLOBALS['BE_USER']->uc['TSFE_adminConfig'][$pre . '_' . $val] : 1;
00347 
00348             if ($pre=='preview' && $this->ext_forcePreview) {
00349                 if (!$val) {
00350                     return true;
00351                 } else {
00352                     return $retVal;
00353                 }
00354             }
00355                 // regular check:
00356             if ($this->isAdminModuleOpen($pre)) {   // See if the menu is expanded!
00357                 return $retVal;
00358             }
00359 
00360                 // Hook for post processing the frontend admin configuration. Added with TYPO3 4.2, so naming is now incorrect but preserves compatibility.
00361                 // @deprecated  since TYPO3 4.3
00362             if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction-postProc'])) {
00363                 $_params = array('cmd' => &$cmd, 'tce' => &$this->tce, 'pObj' => &$this);
00364                 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction-postProc'] as $_funcRef) {
00365                     t3lib_div::callUserFunction($_funcRef, $_params, $this);
00366                 }
00367             }
00368         }
00369     }
00370 
00371     /**
00372      * Returns the comma-separated list of page UIDs to be published.
00373      *
00374      * @return  string
00375      */
00376     public function getExtPublishList() {
00377         return $this->extPublishList;
00378     }
00379 
00380     /**
00381      * Returns true if admin panel module is open
00382      *
00383      * @param   string      Module key
00384      * @return  boolean     True, if the admin panel is open for the specified admin panel module key.
00385      */
00386     public function isAdminModuleOpen($pre) {
00387         return $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['display_top'] && $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['display_' . $pre];
00388     }
00389 
00390     /*****************************************************
00391      *
00392      * Frontend Editing
00393      *
00394      ****************************************************/
00395 
00396     /**
00397      * Returns true in an edit-action is sent from the Admin Panel
00398      *
00399      * @return  boolean
00400      * @see index_ts.php
00401      */
00402     public function isEditAction() {
00403         if (is_array($this->TSFE_EDIT)) {
00404             if ($this->TSFE_EDIT['cancel']) {
00405                 unset($this->TSFE_EDIT['cmd']);
00406             } else {
00407                 $cmd = (string) $this->TSFE_EDIT['cmd'];
00408                 if (($cmd != 'edit' || (is_array($this->TSFE_EDIT['data']) && ($this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close']))) && $cmd != 'new') {
00409                         // $cmd can be a command like "hide" or "move". If $cmd is "edit" or "new" it's an indication to show the formfields. But if data is sent with update-flag then $cmd = edit is accepted because edit may be sendt because of .keepGoing flag.
00410                     return true;
00411                 }
00412             }
00413         }
00414         return false;
00415     }
00416 
00417     /**
00418      * Returns true if an edit form is shown on the page.
00419      * Used from index_ts.php where a true return-value will result in classes etc. being included.
00420      *
00421      * @return  boolean
00422      * @see index_ts.php
00423      */
00424     public function isEditFormShown() {
00425         if (is_array($this->TSFE_EDIT)) {
00426             $cmd = (string) $this->TSFE_EDIT['cmd'];
00427             if ($cmd=='edit' || $cmd=='new') {
00428                 return true;
00429             }
00430         }
00431     }
00432 
00433     /**
00434      * Management of the on-page frontend editing forms and edit panels.
00435      * Basically taking in the data and commands and passes them on to the proper classes as they should be.
00436      *
00437      * @return  void
00438      * @throws UnexpectedValueException if TSFE_EDIT[cmd] is not a valid command
00439      * @see index_ts.php
00440      */
00441     public function editAction() {
00442             // Commands:
00443         list($table, $uid) = explode(':', $this->TSFE_EDIT['record']);
00444         $cmd = $this->TSFE_EDIT['cmd'];
00445 
00446         if ($cmd && $table && $uid && isset($GLOBALS['TCA'][$table])) {
00447                 // Hook for defining custom editing actions. Naming is incorrect, but preserves compatibility.
00448             if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'])) {
00449                 $_params = array();
00450                 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'] as $_funcRef) {
00451                     t3lib_div::callUserFunction($_funcRef, $_params, $this);
00452                 }
00453             }
00454                 // Perform the requested editing command.
00455             if(is_callable(array($this, $cmd))) {
00456                 $this->$cmd($table, $uid);
00457             } else {
00458                 throw new UnexpectedValueException(
00459                     'The specified frontend edit command (' . $cmd . ') is not valid.',
00460                     1225818120
00461                 );
00462             }
00463         }
00464             // Data:
00465         if (($this->TSFE_EDIT['doSave'] || $this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close']) && is_array($this->TSFE_EDIT['data'])) {
00466             $this->save($this->TSFE_EDIT['data']);
00467             // pass this on if needed
00468             if ($newuid = $this->tce->substNEWwithIDs['NEW']) {
00469                 $this->TSFE_EDIT['newUID'] = $newuid;
00470             }
00471         }
00472     }
00473 
00474     /**
00475      * Hides a specific record.
00476      *
00477      * @param   string      The table name for the record to hide.
00478      * @param   integer     The UID for the record to hide.
00479      * @return  void
00480      */
00481     public function hide($table, $uid) {
00482         $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
00483         if ($hideField) {
00484             $recData = array();
00485             $recData[$table][$uid][$hideField] = 1;
00486             $this->tce->start($recData, array());
00487             $this->tce->process_datamap();
00488         }
00489     }
00490 
00491     /**
00492      * Unhides (shows) a specific record.
00493      *
00494      * @param   string      The table name for the record to unhide.
00495      * @param   integer     The UID for the record to unhide.
00496      * @return  void
00497      */
00498     public function unhide($table, $uid) {
00499         $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
00500         if ($hideField) {
00501             $recData = array();
00502             $recData[$table][$uid][$hideField] = 0;
00503             $this->tce->start($recData, array());
00504             $this->tce->process_datamap();
00505         }
00506     }
00507 
00508     /**
00509      * Moves a record up.
00510      *
00511      * @param   string      The table name for the record to move.
00512      * @param   integer     The UID for the record to hide.
00513      * @return  void
00514      */
00515     public function up($table, $uid) {
00516         $this->move($table, $uid, 'up');
00517     }
00518 
00519     /**
00520      * Moves a record down.
00521      *
00522      * @param   string      The table name for the record to move.
00523      * @param   integer     The UID for the record to move.
00524      * @return  void
00525      */
00526     public function down($table, $uid) {
00527         $this->move($table, $uid, 'down');
00528     }
00529 
00530     /**
00531      * Moves a record in the specified direction.
00532      *
00533      * @param   string      The table name for the record to move.
00534      * @param   integer     The UID for the record to move.
00535      * @param   string      The direction to move, either 'up' or 'down'.
00536      * @return  void
00537      */
00538     protected function move($table, $uid, $direction) {
00539         $cmdData = array();
00540         if ($direction == 'up') {
00541             $operator = '<';
00542             $order = 'DESC';
00543         } else {
00544             $operator = '>';
00545             $order = 'ASC';
00546         }
00547 
00548         $sortField = $GLOBALS['TCA'][$table]['ctrl']['sortby'];
00549         if ($sortField) {
00550                 // Get self:
00551             $fields = array_unique(t3lib_div::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'] . ',uid,pid,' . $sortField, true));
00552             $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(implode(',', $fields), $table, 'uid=' . $uid);
00553             if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
00554                     // record before or after
00555                 $preview = $this->extGetFeAdminValue('preview');
00556                 $copyAfterFieldsQuery = '';
00557                 if ($preview) {
00558                     $ignore = array('starttime'=>1, 'endtime'=>1, 'disabled'=>1, 'fe_group'=>1);
00559                 }
00560                 if ($GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields']) {
00561                     $cAFields = t3lib_div::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'], false);
00562                     foreach($cAFields as $fieldName) {
00563                         $copyAfterFieldsQuery .= ' AND ' . $fieldName . '="' . $row[$fieldName] . '"';
00564                     }
00565                 }
00566 
00567                 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
00568                             'uid,pid',
00569                             $table,
00570                             'pid=' . intval($row['pid']) .
00571                                 ' AND ' . $sortField . $operator . intval($row[$sortField]) .
00572                                 $copyAfterFieldsQuery .
00573                                 $GLOBALS['TSFE']->sys_page->enableFields($table, '', $ignore),
00574                             '',
00575                             $sortField . ' ' . $order,
00576                             '2'
00577                         );
00578                 if ($row2 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
00579                     if ($direction == 'down') {
00580                         $cmdData[$table][$uid]['move'] = -$row2['uid'];
00581                     } elseif ($row3 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {    // Must take the second record above...
00582                         $cmdData[$table][$uid]['move'] = -$row3['uid'];
00583                     } else {    // ... and if that does not exist, use pid
00584                         $cmdData[$table][$uid]['move'] = $row['pid'];
00585                     }
00586                 } elseif ($direction == 'up') {
00587                     $cmdData[$table][$uid]['move'] = $row['pid'];
00588                 }
00589             }
00590             if (count($cmdData)) {
00591                 $this->tce->start(array(), $cmdData);
00592                 $this->tce->process_cmdmap();
00593             }
00594         }
00595     }
00596 
00597     /**
00598      * Deletes a specific record.
00599      *
00600      * @param   string      The table name for the record to delete.
00601      * @param   integer     The UID for the record to delete.
00602      * @return  void
00603      */
00604     public function delete($table, $uid) {
00605         $cmdData[$table][$uid]['delete'] = 1;
00606         if (count($cmdData)) {
00607             $this->tce->start(array(), $cmdData);
00608             $this->tce->process_cmdmap();
00609         }
00610     }
00611 
00612     /**
00613      * Saves a record based on its data array.
00614      *
00615      * @param   array       Array of record data to be saved.
00616      * @return  void
00617      */
00618     public function save(array $data) {
00619         $this->tce->start($data, array());
00620         $this->tce->process_uploads($_FILES);
00621         $this->tce->process_datamap();
00622     }
00623 
00624     /**
00625      * Checks whether the user has access to edit the language for the
00626      * requested record.
00627      *
00628      * @param   string      The name of the table.
00629      * @param   array       The record.
00630      * @return  boolean
00631      */
00632     protected function allowedToEditLanguage($table, array $currentRecord) {
00633             // If no access right to record languages, return immediately
00634         if ($table === 'pages') {
00635             $lang = $GLOBALS['TSFE']->sys_language_uid;
00636         } elseif ($table === 'tt_content') {
00637             $lang = $GLOBALS['TSFE']->sys_language_content;
00638         } elseif ($GLOBALS['TCA'][$table]['ctrl']['languageField']) {
00639             $lang = $currentRecord[$GLOBALS['TCA'][$table]['ctrl']['languageField']];
00640         } else {
00641             $lang = -1;
00642         }
00643 
00644         if ($GLOBALS['BE_USER']->checkLanguageAccess($lang)) { 
00645             $languageAccess = true;
00646         } else {
00647             $languageAccess = false;
00648         }
00649 
00650         return $languageAccess;
00651     }
00652 
00653     /**
00654      * Checks whether the user is allowed to edit the requested table.
00655      *
00656      * @param   string  The name of the table.
00657      * @param   array   The data array.
00658      * @param   array   The configuration array for the edit panel.
00659      * @return  boolean
00660      */
00661     protected function allowedToEdit($table, array $dataArray, array $conf) {
00662 
00663             // Unless permissions specifically allow it, editing is not allowed.
00664         $mayEdit = false;
00665 
00666         if ($table=='pages') {
00667                 // 2 = permission to edit the page
00668             if($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
00669                 $mayEdit = true;
00670             }
00671         } else {
00672                 // 16 = permission to edit content on the page
00673             if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16)) {
00674                 $mayEdit = true;
00675             }
00676         }
00677 
00678         if (!$conf['onlyCurrentPid'] || ($dataArray['pid'] == $GLOBALS['TSFE']->id)) {
00679                 // Permissions:
00680             $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']),1);
00681             $allow = array_flip($types);
00682 
00683             $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
00684             if ($table == 'pages') {
00685                 $allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
00686 
00687                     // Can only display editbox if there are options in the menu
00688                 if (count($allow)) { 
00689                     $mayEdit = true;
00690                 }
00691             } else {
00692                 $mayEdit = count($allow) && ($perms & 16);
00693             }
00694         }
00695 
00696         return $mayEdit;
00697     }
00698 
00699     /**
00700      * Takes an array of generally allowed actions and filters that list based on page and content permissions.
00701      * 
00702      * @param   string  The name of the table.
00703      * @param   array   The configuration array.
00704      * @param   integer The PID where editing will occur.
00705      * @param   string  Comma-separated list of actions that are allowed in general.
00706      * @return  array
00707      */
00708     protected function getAllowedEditActions($table, array $conf, $pid, $allow = '') {
00709 
00710         if (!$allow) {
00711             $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']), true);
00712             $allow = array_flip($types);
00713         }
00714 
00715         if (!$conf['onlyCurrentPid'] || $pid == $GLOBALS['TSFE']->id) {
00716                 // Permissions:
00717             $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']), true);
00718             $allow = array_flip($types);
00719 
00720             $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
00721             if ($table=='pages') {
00722                     // rootpage!
00723                 if (count($GLOBALS['TSFE']->config['rootLine']) == 1) {
00724                     unset($allow['move']);
00725                     unset($allow['hide']);
00726                     unset($allow['delete']);
00727                 }
00728                 if (!($perms & 2)){
00729                     unset($allow['edit']);
00730                     unset($allow['move']);
00731                     unset($allow['hide']);
00732                 }
00733                 if (!($perms & 4)) {
00734                     unset($allow['delete']);
00735                 }
00736                 if (!($perms&8)) {
00737                     unset($allow['new']);
00738                 }
00739             }
00740         }
00741 
00742         return $allow;
00743     }
00744 }
00745 
00746 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_frontendedit.php']) {
00747     include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_frontendedit.php']);
00748 }
00749 
00750 ?>
Generated on Sat Jan 3 04:23:26 2009 for TYPO3 API by  doxygen 1.4.7