[!!!][FEATURE] Introduce PSR-7-based Routing for Backend AJAX Requests
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Controller / File / FileController.php
1 <?php
2 namespace TYPO3\CMS\Backend\Controller\File;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Core\Imaging\Icon;
20 use TYPO3\CMS\Core\Imaging\IconFactory;
21 use TYPO3\CMS\Core\Resource\DuplicationBehavior;
22 use TYPO3\CMS\Core\Resource\Folder;
23 use TYPO3\CMS\Core\Utility\GeneralUtility;
24 use TYPO3\CMS\Backend\Utility\BackendUtility;
25 use TYPO3\CMS\Core\Utility\File\ExtendedFileUtility;
26
27 /**
28 * Gateway for TCE (TYPO3 Core Engine) file-handling through POST forms.
29 * This script serves as the file administration part of the TYPO3 Core Engine.
30 * Basically it includes two libraries which are used to manipulate files on the server.
31 * Before TYPO3 4.3, it was located in typo3/tce_file.php and redirected back to a
32 * $redirectURL. Since 4.3 this class is also used for accessing via AJAX
33 */
34 class FileController {
35
36 /**
37 * Array of file-operations.
38 *
39 * @var array
40 */
41 protected $file;
42
43 /**
44 * Clipboard operations array
45 *
46 * @var array
47 */
48 protected $CB;
49
50 /**
51 * Defines behaviour when uploading files with names that already exist; possible values are
52 * the values of the \TYPO3\CMS\Core\Resource\DuplicationBehavior enumeration
53 *
54 * @var \TYPO3\CMS\Core\Resource\DuplicationBehavior
55 */
56 protected $overwriteExistingFiles;
57
58 /**
59 * VeriCode - a hash of server specific value and other things which
60 * identifies if a submission is OK. (see $GLOBALS['BE_USER']->veriCode())
61 *
62 * @var string
63 */
64 protected $vC;
65
66 /**
67 * The page where the user should be redirected after everything is done
68 *
69 * @var string
70 */
71 protected $redirect;
72
73 /**
74 * Internal, dynamic:
75 * File processor object
76 *
77 * @var ExtendedFileUtility
78 */
79 protected $fileProcessor;
80
81 /**
82 * The result array from the file processor
83 *
84 * @var array
85 */
86 protected $fileData;
87
88 /**
89 * Constructor
90 */
91 public function __construct() {
92 $GLOBALS['SOBE'] = $this;
93 $this->init();
94 }
95
96 /**
97 * Registering incoming data
98 *
99 * @return void
100 */
101 protected function init() {
102 // Set the GPvars from outside
103 $this->file = GeneralUtility::_GP('file');
104 $this->CB = GeneralUtility::_GP('CB');
105 $this->overwriteExistingFiles = DuplicationBehavior::cast(GeneralUtility::_GP('overwriteExistingFiles'));
106 $this->vC = GeneralUtility::_GP('vC');
107 $this->redirect = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('redirect'));
108 $this->initClipboard();
109 $this->fileProcessor = GeneralUtility::makeInstance(ExtendedFileUtility::class);
110 }
111
112 /**
113 * Initialize the Clipboard. This will fetch the data about files to paste/delete if such an action has been sent.
114 *
115 * @return void
116 */
117 public function initClipboard() {
118 if (is_array($this->CB)) {
119 $clipObj = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Clipboard\Clipboard::class);
120 $clipObj->initializeClipboard();
121 if ($this->CB['paste']) {
122 $clipObj->setCurrentPad($this->CB['pad']);
123 $this->file = $clipObj->makePasteCmdArray_file($this->CB['paste'], $this->file);
124 }
125 if ($this->CB['delete']) {
126 $clipObj->setCurrentPad($this->CB['pad']);
127 $this->file = $clipObj->makeDeleteCmdArray_file($this->file);
128 }
129 }
130 }
131
132 /**
133 * Performing the file admin action:
134 * Initializes the objects, setting permissions, sending data to object.
135 *
136 * @return void
137 */
138 public function main() {
139 // Initializing:
140 $this->fileProcessor->init(array(), $GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']);
141 $this->fileProcessor->setActionPermissions();
142 $this->fileProcessor->setExistingFilesConflictMode($this->overwriteExistingFiles);
143 // Checking referrer / executing:
144 $refInfo = parse_url(GeneralUtility::getIndpEnv('HTTP_REFERER'));
145 $httpHost = GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY');
146 if ($httpHost !== $refInfo['host'] && $this->vC !== $this->getBackendUser()->veriCode() && !$GLOBALS['TYPO3_CONF_VARS']['SYS']['doNotCheckReferer']) {
147 $this->fileProcessor->writeLog(0, 2, 1, 'Referrer host "%s" and server host "%s" did not match!', array($refInfo['host'], $httpHost));
148 } else {
149 $this->fileProcessor->start($this->file);
150 $this->fileData = $this->fileProcessor->processData();
151 }
152 }
153
154 /**
155 * Redirecting the user after the processing has been done.
156 * Might also display error messages directly, if any.
157 *
158 * @return void
159 */
160 public function finish() {
161 // Push errors to flash message queue, if there are any
162 $this->fileProcessor->pushErrorMessagesToFlashMessageQueue();
163 BackendUtility::setUpdateSignal('updateFolderTree');
164 if ($this->redirect) {
165 \TYPO3\CMS\Core\Utility\HttpUtility::redirect($this->redirect);
166 }
167 }
168
169 /**
170 * Injects the request object for the current request or subrequest
171 * As this controller goes only through the main() method, it just redirects to the given URL afterwards.
172 *
173 * @param ServerRequestInterface $request the current request
174 * @param ResponseInterface $response
175 * @return ResponseInterface the response with the content
176 */
177 public function mainAction(ServerRequestInterface $request, ResponseInterface $response) {
178 $this->main();
179
180 // Push errors to flash message queue, if there are any
181 $this->fileProcessor->pushErrorMessagesToFlashMessageQueue();
182 BackendUtility::setUpdateSignal('updateFolderTree');
183
184 if ($this->redirect) {
185 return $response
186 ->withHeader('Location', GeneralUtility::locationHeaderUrl($this->redirect))
187 ->withStatus(303);
188 } else {
189 // empty response
190 return $response;
191 }
192 }
193
194 /**
195 * Handles the actual process from within the ajaxExec function
196 * therefore, it does exactly the same as the real typo3/tce_file.php
197 * but without calling the "finish" method, thus makes it simpler to deal with the
198 * actual return value
199 *
200 * @param ServerRequestInterface $request
201 * @param ResponseInterface $response
202 * @return ResponseInterface
203 */
204 public function processAjaxRequest(ServerRequestInterface $request, ResponseInterface $response) {
205 $this->main();
206 $errors = $this->fileProcessor->getErrorMessages();
207 if (!empty($errors)) {
208 $response->getBody()->write(implode(',', $errors));
209 $response = $response->withHeader('Content-Type', 'text/html; charset=utf-8');
210 } else {
211 $flatResult = array();
212 foreach ($this->fileData as $action => $results) {
213 foreach ($results as $result) {
214 if (is_array($result)) {
215 foreach ($result as $subResult) {
216 $flatResult[$action][] = $this->flattenResultDataValue($subResult);
217 }
218 } else {
219 $flatResult[$action][] = $this->flattenResultDataValue($result);
220 }
221 }
222 }
223 $content = ['result' => $flatResult];
224 if ($this->redirect) {
225 $content['redirect'] = $this->redirect;
226 }
227 $response->getBody()->write(json_encode($content));
228 }
229 return $response;
230 }
231
232 /**
233 * Ajax entry point to check if a file exists in a folder
234 *
235 * @param ServerRequestInterface $request
236 * @param ResponseInterface $response
237 * @return ResponseInterface
238 */
239 public function fileExistsInFolderAction(ServerRequestInterface $request, ResponseInterface $response) {
240 $fileName = isset($request->getParsedBody()['fileName']) ? $request->getParsedBody()['fileName'] : $request->getQueryParams()['fileName'];
241 $fileTarget = isset($request->getParsedBody()['fileTarget']) ? $request->getParsedBody()['fileTarget'] : $request->getQueryParams()['fileTarget'];
242
243 /** @var \TYPO3\CMS\Core\Resource\ResourceFactory $fileFactory */
244 $fileFactory = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Resource\ResourceFactory::class);
245 /** @var Folder $fileTargetObject */
246 $fileTargetObject = $fileFactory->retrieveFileOrFolderObject($fileTarget);
247 $processedFileName = $fileTargetObject->getStorage()->sanitizeFileName($fileName, $fileTargetObject);
248
249 $result = FALSE;
250 if ($fileTargetObject->hasFile($processedFileName)) {
251 $result = $this->flattenResultDataValue($fileTargetObject->getStorage()->getFileInFolder($processedFileName, $fileTargetObject));
252 }
253 $response->getBody()->write(json_encode($result));
254 return $response;
255 }
256
257 /**
258 * Flatten result value from FileProcessor
259 *
260 * The value can be a File, Folder or boolean
261 *
262 * @param bool|\TYPO3\CMS\Core\Resource\File|\TYPO3\CMS\Core\Resource\Folder $result
263 * @return bool|string|array
264 */
265 protected function flattenResultDataValue($result) {
266 if ($result instanceof \TYPO3\CMS\Core\Resource\File) {
267 $thumbUrl = '';
268 if (GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $result->getExtension())) {
269 $processedFile = $result->process(\TYPO3\CMS\Core\Resource\ProcessedFile::CONTEXT_IMAGEPREVIEW, array());
270 if ($processedFile) {
271 $thumbUrl = $processedFile->getPublicUrl(TRUE);
272 }
273 }
274 $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
275 $result = array_merge(
276 $result->toArray(),
277 array (
278 'date' => BackendUtility::date($result->getModificationTime()),
279 'icon' => $iconFactory->getIconForFileExtension($result->getExtension(), Icon::SIZE_SMALL)->render(),
280 'thumbUrl' => $thumbUrl
281 )
282 );
283 } elseif ($result instanceof \TYPO3\CMS\Core\Resource\Folder) {
284 $result = $result->getIdentifier();
285 }
286
287 return $result;
288 }
289
290 /**
291 * Returns the current BE user.
292 *
293 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
294 */
295 protected function getBackendUser() {
296 return $GLOBALS['BE_USER'];
297 }
298
299 }