[TASK] Remove second parameter of sL - Part 1/3
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / Classes / Controller / SetupModuleController.php
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Utility\BackendUtility;
23 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
24 use TYPO3\CMS\Core\Database\ConnectionPool;
25 use TYPO3\CMS\Core\Database\Query\QueryBuilder;
26 use TYPO3\CMS\Core\DataHandling\DataHandler;
27 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
28 use TYPO3\CMS\Core\Imaging\Icon;
29 use TYPO3\CMS\Core\Imaging\IconFactory;
30 use TYPO3\CMS\Core\Messaging\FlashMessage;
31 use TYPO3\CMS\Core\Messaging\FlashMessageService;
32 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
33 use TYPO3\CMS\Core\Resource\ResourceFactory;
34 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
35 use TYPO3\CMS\Core\Utility\GeneralUtility;
36
37 /**
38 * Script class for the Setup module
39 */
40 class SetupModuleController extends AbstractModule
41 {
42 /**
43 * Flag if password has not been updated
44 */
45 const PASSWORD_NOT_UPDATED = 0;
46
47 /**
48 * Flag if password has been updated
49 */
50 const PASSWORD_UPDATED = 1;
51
52 /**
53 * Flag if both new passwords do not match
54 */
55 const PASSWORD_NOT_THE_SAME = 2;
56
57 /**
58 * Flag if the current password given was not identical to the real
59 * current password
60 */
61 const PASSWORD_OLD_WRONG = 3;
62
63 /**
64 * @var array
65 */
66 public $MOD_MENU = array();
67
68 /**
69 * @var array
70 */
71 public $MOD_SETTINGS = array();
72
73 /**
74 * @var string
75 */
76 public $content;
77
78 /**
79 * @var array
80 */
81 public $overrideConf;
82
83 /**
84 * backend user object, set during simulate-user operation
85 *
86 * @var \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
87 */
88 public $OLD_BE_USER;
89
90 /**
91 * @var bool
92 */
93 public $languageUpdate;
94
95 /**
96 * @var bool
97 */
98 protected $pagetreeNeedsRefresh = false;
99
100 /**
101 * @var bool
102 */
103 protected $isAdmin;
104
105 /**
106 * @var array
107 */
108 protected $tsFieldConf;
109
110 /**
111 * @var bool
112 */
113 protected $saveData = false;
114
115 /**
116 * @var int
117 */
118 protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
119
120 /**
121 * @var bool
122 */
123 protected $passwordIsSubmitted = false;
124
125 /**
126 * @var bool
127 */
128 protected $setupIsUpdated = false;
129
130 /**
131 * @var bool
132 */
133 protected $settingsAreResetToDefault = false;
134
135 /**
136 * Form protection instance
137 *
138 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
139 */
140 protected $formProtection;
141
142 /**
143 * @var string
144 */
145 protected $simulateSelector = '';
146
147 /**
148 * @var int
149 */
150 protected $simUser;
151
152 /**
153 * The name of the module
154 *
155 * @var string
156 */
157 protected $moduleName = 'user_setup';
158
159 /**
160 * @var ModuleLoader
161 */
162 protected $loadModules;
163
164 /**
165 * Instantiate the form protection before a simulated user is initialized.
166 */
167 public function __construct()
168 {
169 parent::__construct();
170 $this->formProtection = FormProtectionFactory::get();
171 $this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/Modal');
172 }
173
174 /**
175 * Getter for the form protection instance.
176 *
177 * @return \TYPO3\CMS\Core\FormProtection\BackendFormProtection
178 */
179 public function getFormProtection()
180 {
181 return $this->formProtection;
182 }
183
184 /**
185 * If settings are submitted to _POST[DATA], store them
186 * NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\ModuleTemplate
187 * is included. See bottom of document.
188 */
189 public function storeIncomingData()
190 {
191 // First check if something is submitted in the data-array from POST vars
192 $d = GeneralUtility::_POST('data');
193 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
194 $beUser = $this->getBackendUser();
195 $beUserId = $beUser->user['uid'];
196 $storeRec = array();
197 $fieldList = $this->getFieldsFromShowItem();
198 if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
199 // UC hashed before applying changes
200 $save_before = md5(serialize($beUser->uc));
201 // PUT SETTINGS into the ->uc array:
202 // Reload left frame when switching BE language
203 if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
204 $this->languageUpdate = true;
205 }
206 // Reload pagetree if the title length is changed
207 if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
208 $this->pagetreeNeedsRefresh = true;
209 }
210 if ($d['setValuesToDefault']) {
211 // If every value should be default
212 $beUser->resetUC();
213 $this->settingsAreResetToDefault = true;
214 } elseif ($d['save']) {
215 // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
216 foreach ($columns as $field => $config) {
217 if (!in_array($field, $fieldList)) {
218 continue;
219 }
220 if ($config['table']) {
221 if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
222 if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
223 if ($config['type'] === 'check') {
224 $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
225 } else {
226 $fieldValue = $d['be_users'][$field];
227 }
228 $storeRec['be_users'][$beUserId][$field] = $fieldValue;
229 $beUser->user[$field] = $fieldValue;
230 }
231 }
232 }
233 if ($config['type'] === 'check') {
234 $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
235 } else {
236 $beUser->uc[$field] = htmlspecialchars($d[$field]);
237 }
238 }
239 // Personal data for the users be_user-record (email, name, password...)
240 // If email and name is changed, set it in the users record:
241 $be_user_data = $d['be_users'];
242 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
243 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
244 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
245 $params = array('be_user_data' => &$be_user_data);
246 GeneralUtility::callUserFunction($function, $params, $this);
247 }
248 }
249 $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
250 $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
251 // Update the real name:
252 if ($be_user_data['realName'] !== $beUser->user['realName']) {
253 $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
254 }
255 // Update the email address:
256 if ($be_user_data['email'] !== $beUser->user['email']) {
257 $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
258 }
259 // Update the password:
260 if ($passwordIsConfirmed) {
261 $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
262 $saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
263 if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
264 $this->passwordIsUpdated = self::PASSWORD_UPDATED;
265 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
266 } else {
267 $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
268 }
269 } else {
270 $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
271 }
272
273 $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
274
275 $this->saveData = true;
276 }
277 // Inserts the overriding values.
278 $beUser->overrideUC();
279 $save_after = md5(serialize($beUser->uc));
280 // If something in the uc-array of the user has changed, we save the array...
281 if ($save_before != $save_after) {
282 $beUser->writeUC($beUser->uc);
283 $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
284 $this->setupIsUpdated = true;
285 }
286 // Persist data if something has changed:
287 if (!empty($storeRec) && $this->saveData) {
288 // Make instance of TCE for storing the changes.
289 /** @var DataHandler $dataHandler */
290 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
291 // This is so the user can actually update his user record.
292 $isAdmin = $beUser->user['admin'];
293 $beUser->user['admin'] = 1;
294 $dataHandler->start($storeRec, array(), $beUser);
295 // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
296 $dataHandler->bypassWorkspaceRestrictions = true;
297 $dataHandler->process_datamap();
298 unset($tce);
299 if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
300 $this->setupIsUpdated = true;
301 }
302 // Restore admin status after processing
303 $beUser->user['admin'] = $isAdmin;
304 }
305 }
306 }
307
308 /******************************
309 *
310 * Rendering module
311 *
312 ******************************/
313 /**
314 * Initializes the module for display of the settings form.
315 *
316 * @return void
317 */
318 public function init()
319 {
320 $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
321
322 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
323 $scriptUser = $this->getRealScriptUserObj();
324
325 $this->isAdmin = $scriptUser->isAdmin();
326 // Getting the 'override' values as set might be set in User TSconfig
327 $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
328 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
329 $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
330 // id password is disabled, disable repeat of password too (password2)
331 if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
332 $this->tsFieldConf['password2.']['disabled'] = 1;
333 $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
334 }
335 }
336
337 /**
338 * Generate necessary JavaScript
339 *
340 * @return string
341 */
342 protected function getJavaScript()
343 {
344 $javaScript = '';
345 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
346 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
347 $params = array();
348 $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
349 }
350 }
351 return $javaScript;
352 }
353
354 /**
355 * Generate the main settings form:
356 *
357 * @return void
358 */
359 public function main()
360 {
361 $this->content .= '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" id="SetupModuleController" name="usersetup" enctype="multipart/form-data">';
362 if ($this->languageUpdate) {
363 $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
364 if (top && top.TYPO3.ModuleMenu.App) {
365 top.TYPO3.ModuleMenu.App.refreshMenu();
366 }
367 ');
368 }
369 if ($this->pagetreeNeedsRefresh) {
370 BackendUtility::setUpdateSignal('updatePageTree');
371 }
372 // Start page:
373 $this->moduleTemplate->loadJavascriptLib(ExtensionManagementUtility::extRelPath('backend') . 'Resources/Public/JavaScript/md5.js');
374 // Use a wrapper div
375 $this->content .= '<div id="user-setup-wrapper">';
376 // Load available backend modules
377 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
378 $this->loadModules->observeWorkspaces = true;
379 $this->loadModules->load($GLOBALS['TBE_MODULES']);
380 $this->content .= $this->moduleTemplate->header($this->getLanguageService()->getLL('UserSettings'));
381 $this->addFlashMessages();
382
383 // Render user switch
384 $this->content .= $this->renderSimulateUserSelectAndLabel();
385
386 // Render the menu items
387 $menuItems = $this->renderUserSetup();
388 $this->content .= $this->moduleTemplate->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
389 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
390 $this->content .= '<div>';
391 $this->content .= '<input type="hidden" name="simUser" value="' . (int)$this->simUser . '" />
392 <input type="hidden" name="formToken" value="' . htmlspecialchars($formToken) . '" />
393 <input type="hidden" value="1" name="data[save]" />
394 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />';
395 $this->content .= '</div>';
396 // End of wrapper div
397 $this->content .= '</div>';
398 // Setting up the buttons and markers for docheader
399 $this->getButtons();
400 // Build the <body> for the module
401 // Renders the module page
402 $this->moduleTemplate->setContent($this->content);
403 $this->content .= '</form>';
404 }
405
406 /**
407 * Injects the request object for the current request or subrequest
408 * Simply calls main() and init() and writes the content to the response
409 *
410 * @param ServerRequestInterface $request the current request
411 * @param ResponseInterface $response
412 * @return ResponseInterface the response with the content
413 */
414 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
415 {
416 $GLOBALS['SOBE'] = $this;
417 $this->simulateUser();
418 $this->storeIncomingData();
419 $this->init();
420 $this->main();
421
422 $response->getBody()->write($this->moduleTemplate->renderContent());
423 return $response;
424 }
425
426 /**
427 * Create the panel of buttons for submitting the form or otherwise perform operations.
428 */
429 protected function getButtons()
430 {
431 $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
432 $cshButton = $buttonBar->makeHelpButton()
433 ->setModuleName('_MOD_user_setup')
434 ->setFieldName('');
435 $buttonBar->addButton($cshButton);
436
437 $saveButton = $buttonBar->makeInputButton()
438 ->setName('data[save]')
439 ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
440 ->setValue('1')
441 ->setForm('SetupModuleController')
442 ->setShowLabelText(true)
443 ->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
444
445 $buttonBar->addButton($saveButton);
446 $shortcutButton = $buttonBar->makeShortcutButton()
447 ->setModuleName($this->moduleName);
448 $buttonBar->addButton($shortcutButton);
449 }
450
451 /******************************
452 *
453 * Render module
454 *
455 ******************************/
456
457 /**
458 * renders the data for all tabs in the user setup and returns
459 * everything that is needed with tabs and dyntab menu
460 *
461 * @return array Ready to use for the dyntabmenu itemarray
462 */
463 protected function renderUserSetup()
464 {
465 $html = '';
466 $result = array();
467 $firstTabLabel = '';
468 $code = array();
469 $fieldArray = $this->getFieldsFromShowItem();
470 $tabLabel = '';
471 foreach ($fieldArray as $fieldName) {
472 $more = '';
473 if (substr($fieldName, 0, 8) === '--div--;') {
474 if ($firstTabLabel === '') {
475 // First tab
476 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
477 $firstTabLabel = $tabLabel;
478 } else {
479 $result[] = array(
480 'label' => $tabLabel,
481 'content' => count($code) ? implode(LF, $code) : ''
482 );
483 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
484 $code = array();
485 }
486 continue;
487 }
488 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
489
490 // Field my be disabled in setup.fields
491 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
492 continue;
493 }
494 if (isset($config['access']) && !$this->checkAccess($config)) {
495 continue;
496 }
497 $label = $this->getLabel($config['label'], $fieldName);
498 $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
499 $type = $config['type'];
500 $class = $config['class'];
501
502 if ($type !== 'check') {
503 $class .= ' form-control';
504 }
505
506 $style = $config['style'];
507 if ($class) {
508 $more .= ' class="' . htmlspecialchars($class) . '"';
509 }
510 if ($style) {
511 $more .= ' style="' . htmlspecialchars($style) . '"';
512 }
513 if (isset($this->overrideConf[$fieldName])) {
514 $more .= ' disabled="disabled"';
515 }
516 $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
517 if (!$value && isset($config['default'])) {
518 $value = $config['default'];
519 }
520 $dataAdd = '';
521 if ($config['table'] === 'be_users') {
522 $dataAdd = '[be_users]';
523 }
524
525 switch ($type) {
526 case 'text':
527 case 'email':
528 case 'password':
529 $noAutocomplete = '';
530 if ($type === 'password') {
531 $value = '';
532 $noAutocomplete = 'autocomplete="off" ';
533 $more .= ' data-rsa-encryption=""';
534 }
535 $html = '<input id="field_' . htmlspecialchars($fieldName) . '"
536 type="' . htmlspecialchars($type) . '"
537 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']" ' .
538 $noAutocomplete .
539 'value="' . htmlspecialchars($value) . '" ' .
540 $more .
541 ' />';
542 break;
543 case 'check':
544 $html = $label . '<div class="checkbox"><label><input id="field_' . htmlspecialchars($fieldName) . '"
545 type="checkbox"
546 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
547 ($value ? ' checked="checked"' : '') .
548 $more .
549 ' /></label></div>';
550 $label = '';
551 break;
552 case 'select':
553 if ($config['itemsProcFunc']) {
554 $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this);
555 } else {
556 $html = '<select id="field_' . htmlspecialchars($fieldName) . '"
557 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
558 $more . '>' . LF;
559 foreach ($config['items'] as $key => $optionLabel) {
560 $html .= '<option value="' . htmlspecialchars($key) . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
561 }
562 $html .= '</select>';
563 }
564 break;
565 case 'user':
566 $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this);
567 break;
568 case 'button':
569 if ($config['onClick']) {
570 $onClick = $config['onClick'];
571 if ($config['onClickLabels']) {
572 foreach ($config['onClickLabels'] as $key => $labelclick) {
573 $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
574 }
575 $onClick = vsprintf($onClick, $config['onClickLabels']);
576 }
577 $html = '<br><input class="btn btn-default" type="button"
578 value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
579 onclick="' . $onClick . '" />';
580 }
581 if (!empty($config['confirm'])) {
582 $confirmData = $config['confirmData'];
583 $html = '<br><input class="btn btn-default t3js-modal-trigger" type="button"'
584 . ' value="' . $this->getLabel($config['buttonlabel'], '', false) . '"'
585 . ' data-href="javascript:' . htmlspecialchars($confirmData['jsCodeAfterOk']) . '"'
586 . ' data-severity="warning"'
587 . ' data-title="' . $this->getLabel($config['label'], '', false) . '"'
588 . ' data-content="' . $this->getLabel($confirmData['message'], '', false) . '" />';
589 }
590 break;
591 case 'avatar':
592 // Get current avatar image
593 $html = '<br>';
594 $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
595
596 if ($avatarFileUid) {
597 $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
598 $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
599 if ($avatarImage) {
600 $icon = '<span class="avatar"><span class="avatar-image">' .
601 '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
602 ' width="' . (int)$avatarImage->getWidth() . '" ' .
603 'height="' . (int)$avatarImage->getHeight() . '" />' .
604 '</span></span>';
605 $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
606 }
607 }
608 $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
609 'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
610 ' value="' . (int)$avatarFileUid . '" />';
611
612 $html .= '<div class="btn-group">';
613 $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
614 if ($avatarFileUid) {
615 $html .=
616 '<a id="clear_button_' . htmlspecialchars($fieldName) . '" '
617 . 'onclick="clearExistingImage(); return false;" class="btn btn-default">'
618 . $iconFactory->getIcon('actions-delete', Icon::SIZE_SMALL)
619 . '</a>';
620 }
621 $html .=
622 '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar"'
623 . ' onclick="openFileBrowser();return false;">'
624 . $iconFactory->getIcon('actions-insert-record', Icon::SIZE_SMALL)
625 . '</a></div>';
626
627 $this->addAvatarButtonJs($fieldName);
628 break;
629 default:
630 $html = '';
631 }
632
633 $code[] = '<div class="form-section"><div class="row"><div class="form-group col-md-12">' .
634 $label .
635 $html .
636 '</div></div></div>';
637 }
638
639 $result[] = array(
640 'label' => $tabLabel,
641 'content' => count($code) ? implode(LF, $code) : ''
642 );
643 return $result;
644 }
645
646 /******************************
647 *
648 * Helper functions
649 *
650 ******************************/
651 /**
652 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
653 * Anyway: The REAL user is returned - the one logged in.
654 *
655 * @return BackendUserAuthentication The REAL user is returned - the one logged in.
656 */
657 protected function getRealScriptUserObj()
658 {
659 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
660 }
661
662 /**
663 * Return a select with available languages
664 *
665 * @param array $params
666 *
667 * @return string Complete select as HTML string or warning box if something went wrong.
668 */
669 public function renderLanguageSelect($params)
670 {
671 $languageOptions = array();
672 // Compile the languages dropdown
673 $langDefault = htmlspecialchars($this->getLanguageService()->getLL('lang_default'));
674 $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
675 // Traverse the number of languages
676 /** @var $locales \TYPO3\CMS\Core\Localization\Locales */
677 $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
678 $languages = $locales->getLanguages();
679 foreach ($languages as $locale => $name) {
680 if ($locale !== 'default') {
681 $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
682 $localizedName = htmlspecialchars($this->getLanguageService()->getLL('lang_' . $locale));
683 if ($localizedName === '') {
684 $localizedName = htmlspecialchars($name);
685 }
686 $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
687 $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
688 if ($available) {
689 $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
690 }
691 }
692 }
693 ksort($languageOptions);
694 $languageCode = '
695 <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
696 </select>';
697 if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
698 // TODO: The text constants have to be moved into language files
699 $languageUnavailableWarning = 'The selected language "' . htmlspecialchars($this->getLanguageService()->getLL('lang_' . $this->getBackendUser()->uc['lang'])) . '" is not available before the language files are installed.&nbsp;&nbsp;<br />&nbsp;&nbsp;' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
700 $languageCode = '<br /><span class="label label-danger">' . $languageUnavailableWarning . '</span><br /><br />' . $languageCode;
701 }
702 return $languageCode;
703 }
704
705 /**
706 * Returns a select with all modules for startup
707 *
708 * @param array $params
709 * @param SetupModuleController $pObj
710 *
711 * @return string Complete select as HTML string
712 */
713 public function renderStartModuleSelect($params, $pObj)
714 {
715 // Load available backend modules
716 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
717 $this->loadModules->observeWorkspaces = true;
718 $this->loadModules->load($GLOBALS['TBE_MODULES']);
719 $startModuleSelect = '<option value="">' . htmlspecialchars($this->getLanguageService()->getLL('startModule.firstInMenu')) . '</option>';
720 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
721 if (!empty($modData['sub']) && is_array($modData['sub'])) {
722 $modules = '';
723 foreach ($modData['sub'] as $subData) {
724 $modName = $subData['name'];
725 $modules .= '<option value="' . htmlspecialchars($modName) . '"';
726 $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
727 $modules .= '>' . htmlspecialchars($this->getLanguageService()->sL($this->loadModules->getLabelsForModule($modName)['title'])) . '</option>';
728 }
729 $groupLabel = htmlspecialchars($this->getLanguageService()->sL($this->loadModules->getLabelsForModule($mainMod)['title']));
730 $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
731 }
732 }
733 return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
734 }
735
736 /**
737 * Will make the simulate-user selector if the logged in user is administrator.
738 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
739 *
740 * @return void
741 */
742 public function simulateUser()
743 {
744 // If admin, allow simulation of another user
745 $this->simUser = 0;
746 $this->simulateSelector = '';
747 unset($this->OLD_BE_USER);
748 if ($this->getBackendUser()->isAdmin()) {
749 $this->simUser = (int)GeneralUtility::_GP('simUser');
750 /** @var QueryBuilder $queryBuilder */
751 $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
752 $users = $queryBuilder
753 ->select('*')
754 ->from('be_users')
755 ->where($queryBuilder->expr()->neq('uid', (int)$this->getBackendUser()->user['uid']))
756 ->andWhere($queryBuilder->expr()->notLike('username', $queryBuilder->createNamedParameter('_cli_%')))
757 ->orderBy('username')
758 ->execute()
759 ->fetchAll();
760 $opt = array();
761 foreach ($users as $rr) {
762 $label = $rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '');
763 $opt[] = '<option value="' . (int)$rr['uid'] . '"' . ($this->simUser === (int)$rr['uid'] ? ' selected="selected"' : '') . '>' . htmlspecialchars($label) . '</option>';
764 }
765 if (!empty($opt)) {
766 $this->simulateSelector = '<select id="field_simulate" class="form-control" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
767 }
768 }
769 // This can only be set if the previous code was executed.
770 if ($this->simUser > 0) {
771 // Save old user...
772 $this->OLD_BE_USER = $this->getBackendUser();
773 unset($GLOBALS['BE_USER']);
774 // Unset current
775 // New backend user object
776 $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
777 $BE_USER->setBeUserByUid($this->simUser);
778 $BE_USER->fetchGroupData();
779 $BE_USER->backendSetUC();
780 // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
781 $GLOBALS['BE_USER'] = $BE_USER;
782 }
783 }
784
785 /**
786 * Render simulate user select and label
787 *
788 * @return string
789 */
790 protected function renderSimulateUserSelectAndLabel()
791 {
792 if ($this->simulateSelector === '') {
793 return '';
794 }
795
796 return '<div class="form-inline"><div class="form-group"><p>'
797 . '<label for="field_simulate" style="margin-right: 20px;">'
798 . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate'))
799 . '</label>'
800 . $this->simulateSelector
801 . '</p></div></div>';
802 }
803
804 /**
805 * Returns access check (currently only "admin" is supported)
806 *
807 * @param array $config Configuration of the field, access mode is defined in key 'access'
808 * @return bool Whether it is allowed to modify the given field
809 */
810 protected function checkAccess(array $config)
811 {
812 $access = $config['access'];
813
814 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
815 if (class_exists($access)) {
816 $accessObject = GeneralUtility::makeInstance($access);
817 if (method_exists($accessObject, 'accessLevelCheck')) {
818 // Initialize vars. If method fails, $set will be set to FALSE
819 return $accessObject->accessLevelCheck($config);
820 }
821 }
822 } elseif ($access == 'admin') {
823 return $this->isAdmin;
824 }
825
826 return false;
827 }
828
829 /**
830 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
831 *
832 * @param string $str Locallang key
833 * @param string $key Alternative override-config key
834 * @param bool $addLabelTag Defines whether the string should be wrapped in a <label> tag.
835 * @param string $altLabelTagId Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
836 * @return string HTML output.
837 */
838 protected function getLabel($str, $key = '', $addLabelTag = true, $altLabelTagId = '')
839 {
840 if (substr($str, 0, 4) === 'LLL:') {
841 $out = htmlspecialchars($this->getLanguageService()->sL($str));
842 } else {
843 $out = htmlspecialchars($str);
844 }
845 if (isset($this->overrideConf[$key ?: $str])) {
846 $out = '<span style="color:#999999">' . $out . '</span>';
847 }
848 if ($addLabelTag) {
849 $out = '<label>' . $out . '</label>';
850 }
851 return $out;
852 }
853
854 /**
855 * Returns the CSH Icon for given string
856 *
857 * @param string $str Locallang key
858 * @param string $label The label to be used, that should be wrapped in help
859 * @return string HTML output.
860 */
861 protected function getCSH($str, $label)
862 {
863 $context = '_MOD_user_setup';
864 $field = $str;
865 $strParts = explode(':', $str);
866 if (count($strParts) > 1) {
867 // Setting comes from another extension
868 $context = $strParts[0];
869 $field = $strParts[1];
870 } elseif ($str !== 'language' && $str !== 'simuser' && $str !== 'reset') {
871 $field = 'option_' . $str;
872 }
873 return BackendUtility::wrapInHelp($context, $field, $label);
874 }
875
876 /**
877 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
878 *
879 * @return array Array with fieldnames visible in form
880 */
881 protected function getFieldsFromShowItem()
882 {
883 return GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
884 }
885
886 /**
887 * Get Avatar fileUid
888 *
889 * @param int $beUserId
890 * @return int
891 */
892 protected function getAvatarFileUid($beUserId)
893 {
894 /** @var QueryBuilder $queryBuilder */
895 $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('sys_file_reference');
896 $file = $queryBuilder
897 ->select('uid_local')
898 ->from('sys_file_reference')
899 ->where($queryBuilder->expr()->eq('tablenames', $queryBuilder->createNamedParameter('be_users')))
900 ->andWhere($queryBuilder->expr()->eq('fieldname', $queryBuilder->createNamedParameter('avatar')))
901 ->andWhere($queryBuilder->expr()->eq('table_local', $queryBuilder->createNamedParameter('sys_file')))
902 ->andWhere($queryBuilder->expr()->eq('uid_foreign', (int)$beUserId))
903 ->execute()
904 ->fetchColumn();
905 return (int)$file;
906 }
907
908 /**
909 * Set avatar fileUid for backend user
910 *
911 * @param int $beUserId
912 * @param int $fileUid
913 * @param array $storeRec
914 */
915 protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
916 {
917
918 // Update is only needed when new fileUid is set
919 if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
920 return;
921 }
922
923 /** @var QueryBuilder $queryBuilder */
924 $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('sys_file_reference');
925 $queryBuilder
926 ->delete('sys_file_reference')
927 ->where($queryBuilder->expr()->eq('tablenames', $queryBuilder->createNamedParameter('be_users')))
928 ->andWhere($queryBuilder->expr()->eq('fieldname', $queryBuilder->createNamedParameter('avatar')))
929 ->andWhere($queryBuilder->expr()->eq('table_local', $queryBuilder->createNamedParameter('sys_file')))
930 ->andWhere($queryBuilder->expr()->eq('uid_foreign', (int)$beUserId))
931 ->execute();
932
933 // Create new reference
934 if ($fileUid) {
935
936 // Get file object
937 try {
938 $file = ResourceFactory::getInstance()->getFileObject($fileUid);
939 } catch (FileDoesNotExistException $e) {
940 $file = false;
941 }
942
943 // Check if user is allowed to use the image (only when not in simulation mode)
944 if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
945 $file = false;
946 }
947
948 // Check if extension is allowed
949 if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
950
951 // Create new file reference
952 $storeRec['sys_file_reference']['NEW1234'] = array(
953 'uid_local' => (int)$fileUid,
954 'uid_foreign' => (int)$beUserId,
955 'tablenames' => 'be_users',
956 'fieldname' => 'avatar',
957 'pid' => 0,
958 'table_local' => 'sys_file',
959 );
960 $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
961 }
962 }
963 }
964
965 /**
966 * Add JavaScript to for browse files button
967 *
968 * @param string $fieldName
969 */
970 protected function addAvatarButtonJs($fieldName)
971 {
972 $this->moduleTemplate->addJavaScriptCode('avatar-button', '
973 var browserWin="";
974
975 function openFileBrowser() {
976 var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
977 browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
978 browserWin.focus();
979 }
980
981 function clearExistingImage() {
982 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#image_' . htmlspecialchars($fieldName)) . ').hide();
983 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#clear_button_' . htmlspecialchars($fieldName)) . ').hide();
984 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(\'\');
985 }
986
987 function setFileUid(field, value, fileUid) {
988 clearExistingImage();
989 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(fileUid);
990 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#add_button_' . htmlspecialchars($fieldName)) . ').removeClass(\'btn-default\').addClass(\'btn-info\');
991
992 browserWin.close();
993 }
994 ');
995 }
996
997 /**
998 * Returns the current BE user.
999 *
1000 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1001 */
1002 protected function getBackendUser()
1003 {
1004 return $GLOBALS['BE_USER'];
1005 }
1006
1007 /**
1008 * Returns LanguageService
1009 *
1010 * @return \TYPO3\CMS\Lang\LanguageService
1011 */
1012 protected function getLanguageService()
1013 {
1014 return $GLOBALS['LANG'];
1015 }
1016
1017 /**
1018 * Add FlashMessages for various actions
1019 *
1020 * @return void
1021 */
1022 protected function addFlashMessages()
1023 {
1024 $flashMessages = [];
1025
1026 // Show if setup was saved
1027 if ($this->setupIsUpdated && !$this->settingsAreResetToDefault) {
1028 $flashMessages[] = $this->getFlashMessage('setupWasUpdated', 'UserSettings');
1029 }
1030
1031 // Show if temporary data was cleared
1032 if ($this->settingsAreResetToDefault) {
1033 $flashMessages[] = $this->getFlashMessage('settingsAreReset', 'resetConfiguration');
1034 }
1035
1036 // Notice
1037 if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
1038 $flashMessages[] = $this->getFlashMessage('activateChanges', '', FlashMessage::INFO);
1039 }
1040
1041 // If password is updated, output whether it failed or was OK.
1042 if ($this->passwordIsSubmitted) {
1043 $flashMessage = null;
1044 switch ($this->passwordIsUpdated) {
1045 case self::PASSWORD_OLD_WRONG:
1046 $flashMessages[] = $this->getFlashMessage('oldPassword_failed', 'newPassword', FlashMessage::ERROR);
1047 break;
1048 case self::PASSWORD_NOT_THE_SAME:
1049 $flashMessages[] = $this->getFlashMessage('newPassword_failed', 'newPassword', FlashMessage::ERROR);
1050 break;
1051 case self::PASSWORD_UPDATED:
1052 $flashMessages[] = $this->getFlashMessage('newPassword_ok', 'newPassword');
1053 break;
1054 }
1055 }
1056 if (!empty($flashMessages)) {
1057 $this->enqueueFlashMessages($flashMessages);
1058 }
1059 }
1060
1061 /**
1062 * @param array $flashMessages
1063 * @throws \TYPO3\CMS\Core\Exception
1064 * @return void
1065 */
1066 protected function enqueueFlashMessages(array $flashMessages)
1067 {
1068 $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
1069 $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
1070 foreach ($flashMessages as $flashMessage) {
1071 $defaultFlashMessageQueue->enqueue($flashMessage);
1072 }
1073 }
1074
1075 /**
1076 * @param string $message
1077 * @param string $title
1078 * @param int $severity
1079 * @return FlashMessage
1080 */
1081 protected function getFlashMessage($message, $title, $severity = FlashMessage::OK)
1082 {
1083 $title = !empty($title) ? $this->getLanguageService()->getLL($title) : ' ';
1084 return GeneralUtility::makeInstance(
1085 FlashMessage::class,
1086 $this->getLanguageService()->getLL($message),
1087 $title,
1088 $severity
1089 );
1090 }
1091 }