Fixed bug #17184: Disable the CSRF protection in ExtDirect calls coming from the...
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_xml.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Contains class for creating XML output from records
29 *
30 * $Id$
31 * Revised for TYPO3 3.6 July/2003 by Kasper Skårhøj
32 *
33 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
34 */
35 /**
36 * [CLASS/FUNCTION INDEX of SCRIPT]
37 *
38 *
39 *
40 * 86: class t3lib_xml
41 * 102: function t3lib_xml($topLevelName)
42 * 113: function setRecFields($table,$list)
43 * 122: function getResult()
44 * 132: function WAPHeader()
45 * 144: function renderHeader()
46 * 155: function renderFooter()
47 * 167: function newLevel($name,$beginEndFlag=0,$params=array())
48 * 192: function output($content)
49 * 208: function indent($b)
50 * 224: function renderRecords($table,$res)
51 * 237: function addRecord($table,$row)
52 * 255: function getRowInXML($table,$row)
53 * 271: function utf8($content)
54 * 281: function substNewline($string)
55 * 292: function fieldWrap($field,$value)
56 * 301: function WAPback()
57 * 315: function addLine($str)
58 *
59 * TOTAL FUNCTIONS: 17
60 * (This index is automatically created/updated by the extension "extdeveval")
61 *
62 */
63
64
65 /**
66 * XML class, Used to create XML output from input rows.
67 * Doesn't contain a lot of advanced features - pretty straight forward, practical stuff
68 * You are encouraged to use this class in your own applications.
69 *
70 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
71 * @package TYPO3
72 * @subpackage t3lib
73 * @see user_xmlversion, user_wapversion
74 */
75 class t3lib_xml {
76 var $topLevelName = 'typo3_test'; // Top element name
77 var $XML_recFields = array(); // Contains a list of fields for each table which should be presented in the XML output
78
79 var $XMLIndent = 0;
80 var $Icode = '';
81 var $XMLdebug = 0;
82 var $includeNonEmptyValues = 0; // if set, all fields from records are rendered no matter their content. If not set, only 'true' (that is '' or zero) fields make it to the document.
83 var $lines = array();
84
85 /**
86 * Constructor, setting topLevelName to the input var
87 *
88 * @param string Top Level Name
89 * @return void
90 */
91 function t3lib_xml($topLevelName) {
92 $this->topLevelName = $topLevelName;
93 }
94
95 /**
96 * When outputting a input record in XML only fields listed in $this->XML_recFields for the current table will be rendered.
97 *
98 * @param string Table name
99 * @param string Commalist of fields names from the table, $table, which is supposed to be rendered in the XML output. If a field is not in this list, it is not rendered.
100 * @return void
101 */
102 function setRecFields($table, $list) {
103 $this->XML_recFields[$table] = $list;
104 }
105
106 /**
107 * Returns the result of the XML rendering, basically this is imploding the internal ->lines array with linebreaks.
108 *
109 * @return string
110 */
111 function getResult() {
112 $content = implode(LF, $this->lines);
113 return $this->output($content);
114 }
115
116 /**
117 * Initialize WML (WAP) document with <?xml + <!DOCTYPE header tags and setting ->topLevelName as the first level.
118 *
119 * @return void
120 */
121 function WAPHeader() {
122 $this->lines[] = '<?xml version="1.0"?>';
123 $this->lines[] = '<!DOCTYPE ' . $this->topLevelName . ' PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">';
124 $this->newLevel($this->topLevelName, 1);
125 }
126
127 /**
128 * Initialize "anonymous" XML document with <?xml + <!DOCTYPE header tags and setting ->topLevelName as the first level.
129 * Encoding is set to UTF-8!
130 *
131 * @return void
132 */
133 function renderHeader() {
134 $this->lines[] = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>';
135 $this->lines[] = '<!DOCTYPE ' . $this->topLevelName . '>';
136 $this->newLevel($this->topLevelName, 1);
137 }
138
139 /**
140 * Sets the footer (of ->topLevelName)
141 *
142 * @return void
143 */
144 function renderFooter() {
145 $this->newLevel($this->topLevelName, 0);
146 }
147
148 /**
149 * Indents/Outdents a new level named, $name
150 *
151 * @param string The name of the new element for this level
152 * @param boolean If false, then this function call will *end* the level, otherwise create it.
153 * @param array Array of attributes in key/value pairs which will be added to the element (tag), $name
154 * @return void
155 */
156 function newLevel($name, $beginEndFlag = 0, $params = array()) {
157 if ($beginEndFlag) {
158 $pList = '';
159 if (count($params)) {
160 $par = array();
161 foreach ($params as $key => $val) {
162 $par[] = $key . '="' . htmlspecialchars($val) . '"';
163 }
164 $pList = ' ' . implode(' ', $par);
165 }
166 $this->lines[] = $this->Icode . '<' . $name . $pList . '>';
167 $this->indent(1);
168 } else {
169 $this->indent(0);
170 $this->lines[] = $this->Icode . '</' . $name . '>';
171 }
172 }
173
174 /**
175 * Function that will return the content from string $content. If the internal ->XMLdebug flag is set the content returned will be formatted in <pre>-tags
176 *
177 * @param string The XML content to output
178 * @return string Output
179 */
180 function output($content) {
181 if ($this->XMLdebug) {
182 return '<pre>' . htmlspecialchars($content) . '</pre>
183 <hr /><font color="red">Size: ' . strlen($content) . '</font>';
184 } else {
185 return $content;
186 }
187 }
188
189 /**
190 * Increments/Decrements Indentation counter, ->XMLIndent
191 * Sets and returns ->Icode variable which is a line prefix consisting of a number of tab-chars corresponding to the indent-levels of the current posision (->XMLindent)
192 *
193 * @param boolean If true the XMLIndent var is increased, otherwise decreased
194 * @return string ->Icode - the prefix string with TAB-chars.
195 */
196 function indent($b) {
197 if ($b) {
198 $this->XMLIndent++;
199 } else {
200 $this->XMLIndent--;
201 }
202 $this->Icode = '';
203 for ($a = 0; $a < $this->XMLIndent; $a++) {
204 $this->Icode .= TAB;
205 }
206 return $this->Icode;
207 }
208
209 /**
210 * Takes a SQL result for $table and traverses it, adding rows
211 *
212 * @param string Tablename
213 * @param pointer SQL resource pointer, should be reset
214 * @return void
215 */
216 function renderRecords($table, $res) {
217 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
218 $this->addRecord($table, $row);
219 }
220 }
221
222 /**
223 * Adds record, $row, from table, $table, to the internal array of XML-lines
224 *
225 * @param string Table name
226 * @param array The row to add to XML structure from the table name
227 * @return void
228 */
229 function addRecord($table, $row) {
230 $this->lines[] = $this->Icode . '<' . $table . ' uid="' . $row["uid"] . '">';
231 $this->indent(1);
232 $this->getRowInXML($table, $row);
233 $this->indent(0);
234 $this->lines[] = $this->Icode . '</' . $table . '>';
235 }
236
237 /**
238 * Internal function for adding the actual content of the $row from $table to the internal structure.
239 * Notice that only fields from $table that are listed in $this->XML_recFields[$table] (set by setRecFields()) will be rendered (and in the order found in that array!)
240 * Content from the row will be htmlspecialchar()'ed, UTF-8 encoded and have LF (newlines) exchanged for '<newline/>' tags. The element name for a value equals the fieldname from the record.
241 *
242 * @param string Table name
243 * @param array Row from table to add.
244 * @return void
245 * @access private
246 */
247 function getRowInXML($table, $row) {
248 $fields = t3lib_div::trimExplode(',', $this->XML_recFields[$table], 1);
249 foreach ($fields as $field) {
250 if ($row[$field] || $this->includeNonEmptyValues) {
251 $this->lines[] = $this->Icode . $this->fieldWrap($field, $this->substNewline($this->utf8(htmlspecialchars($row[$field]))));
252 }
253 }
254 }
255
256 /**
257 * UTF-8 encodes the input content (from ISO-8859-1!)
258 *
259 * @param string String content to UTF-8 encode
260 * @return string Encoded content.
261 */
262 function utf8($content) {
263 return utf8_encode($content);
264 }
265
266 /**
267 * Substitutes LF characters with a '<newline/>' tag.
268 *
269 * @param string Input value
270 * @return string Processed input value
271 */
272 function substNewline($string) {
273 return str_replace(LF, '<newline/>', $string);
274 }
275
276 /**
277 * Wraps the value in tags with element name, $field.
278 *
279 * @param string Fieldname from a record - will be the element name
280 * @param string Value from the field - will be wrapped in the elements.
281 * @return string The wrapped string.
282 */
283 function fieldWrap($field, $value) {
284 return '<' . $field . '>' . $value . '</' . $field . '>';
285 }
286
287 /**
288 * Creates the BACK button for WAP documents
289 *
290 * @return void
291 */
292 function WAPback() {
293 $this->newLevel('template', 1);
294 $this->newLevel('do', 1, array('type' => 'accept', 'label' => 'Back'));
295 $this->addLine('<prev/>');
296 $this->newLevel('do');
297 $this->newLevel('template');
298 }
299
300 /**
301 * Add a line to the internal XML structure (automatically prefixed with ->Icode.
302 *
303 * @param string Line to add to the $this->lines array
304 * @return void
305 */
306 function addLine($str) {
307 $this->lines[] = $this->Icode . $str;
308 }
309 }
310
311
312 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_xml.php'])) {
313 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_xml.php']);
314 }
315 ?>