[TASK] unserialize() without objects in impexp
[Packages/TYPO3.CMS.git] / typo3 / sysext / impexp / Classes / Domain / Repository / PresetRepository.php
1 <?php
2 namespace TYPO3\CMS\Impexp\Domain\Repository;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Database\DatabaseConnection;
18 use TYPO3\CMS\Core\Messaging\FlashMessage;
19 use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
20 use TYPO3\CMS\Core\Messaging\FlashMessageService;
21 use TYPO3\CMS\Core\Utility\GeneralUtility;
22
23 /**
24 * Handling of presets
25 */
26 class PresetRepository
27 {
28 /**
29 * @param int $pageId
30 * @return array
31 */
32 public function getPresets($pageId)
33 {
34 $options = array('');
35 $where = '(public>0 OR user_uid=' . (int)$this->getBackendUser()->user['uid'] . ')'
36 . ($pageId ? ' AND (item_uid=' . (int)$pageId . ' OR item_uid=0)' : '');
37 $presets = $this->getDatabaseConnection()->exec_SELECTgetRows('*', 'tx_impexp_presets', $where);
38 if (is_array($presets)) {
39 foreach ($presets as $presetCfg) {
40 $options[$presetCfg['uid']] = $presetCfg['title'] . ' [' . $presetCfg['uid'] . ']'
41 . ($presetCfg['public'] ? ' [Public]' : '')
42 . ($presetCfg['user_uid'] === $this->getBackendUser()->user['uid'] ? ' [Own]' : '');
43 }
44 }
45 return $options;
46 }
47
48 /**
49 * Get single preset record
50 *
51 * @param int $uid Preset record
52 * @return array Preset record, if any (otherwise FALSE)
53 */
54 public function getPreset($uid)
55 {
56 return $this->getDatabaseConnection()->exec_SELECTgetSingleRow('*', 'tx_impexp_presets', 'uid=' . (int)$uid);
57 }
58
59 /**
60 * Manipulate presets
61 *
62 * @param array $inData In data array, passed by reference!
63 * @return void
64 */
65 public function processPresets(&$inData)
66 {
67 $presetData = GeneralUtility::_GP('preset');
68 $err = false;
69 $msg = '';
70 // Save preset
71 $beUser = $this->getBackendUser();
72 // cast public checkbox to int, since this is an int field and NULL is not allowed
73 $inData['preset']['public'] = (int)$inData['preset']['public'];
74 if (isset($presetData['save'])) {
75 $preset = $this->getPreset($presetData['select']);
76 // Update existing
77 if (is_array($preset)) {
78 if ($beUser->isAdmin() || $preset['user_uid'] === $beUser->user['uid']) {
79 $fields_values = array(
80 'public' => $inData['preset']['public'],
81 'title' => $inData['preset']['title'],
82 'item_uid' => $inData['pagetree']['id'],
83 'preset_data' => serialize($inData)
84 );
85 $this->getDatabaseConnection()->exec_UPDATEquery('tx_impexp_presets', 'uid=' . (int)$preset['uid'], $fields_values);
86 $msg = 'Preset #' . $preset['uid'] . ' saved!';
87 } else {
88 $msg = 'ERROR: The preset was not saved because you were not the owner of it!';
89 $err = true;
90 }
91 } else {
92 // Insert new:
93 $fields_values = array(
94 'user_uid' => $beUser->user['uid'],
95 'public' => $inData['preset']['public'],
96 'title' => $inData['preset']['title'],
97 'item_uid' => (int)$inData['pagetree']['id'],
98 'preset_data' => serialize($inData)
99 );
100 $this->getDatabaseConnection()->exec_INSERTquery('tx_impexp_presets', $fields_values);
101 $msg = 'New preset "' . htmlspecialchars($inData['preset']['title']) . '" is created';
102 }
103 }
104 // Delete preset:
105 if (isset($presetData['delete'])) {
106 $preset = $this->getPreset($presetData['select']);
107 if (is_array($preset)) {
108 // Update existing
109 if ($beUser->isAdmin() || $preset['user_uid'] === $beUser->user['uid']) {
110 $this->getDatabaseConnection()->exec_DELETEquery('tx_impexp_presets', 'uid=' . (int)$preset['uid']);
111 $msg = 'Preset #' . $preset['uid'] . ' deleted!';
112 } else {
113 $msg = 'ERROR: You were not the owner of the preset so you could not delete it.';
114 $err = true;
115 }
116 } else {
117 $msg = 'ERROR: No preset selected for deletion.';
118 $err = true;
119 }
120 }
121 // Load preset
122 if (isset($presetData['load']) || isset($presetData['merge'])) {
123 $preset = $this->getPreset($presetData['select']);
124 if (is_array($preset)) {
125 // Update existing
126 $inData_temp = unserialize($preset['preset_data'], ['allowed_classes' => false]);
127 if (is_array($inData_temp)) {
128 if (isset($presetData['merge'])) {
129 // Merge records in:
130 if (is_array($inData_temp['record'])) {
131 $inData['record'] = array_merge((array)$inData['record'], $inData_temp['record']);
132 }
133 // Merge lists in:
134 if (is_array($inData_temp['list'])) {
135 $inData['list'] = array_merge((array)$inData['list'], $inData_temp['list']);
136 }
137 } else {
138 $msg = 'Preset #' . $preset['uid'] . ' loaded!';
139 $inData = $inData_temp;
140 }
141 } else {
142 $msg = 'ERROR: No configuratio data found in preset record!';
143 $err = true;
144 }
145 } else {
146 $msg = 'ERROR: No preset selected for loading.';
147 $err = true;
148 }
149 }
150 // Show message:
151 if ($msg !== '') {
152 /** @var FlashMessage $flashMessage */
153 $flashMessage = GeneralUtility::makeInstance(
154 FlashMessage::class,
155 'Presets',
156 $msg,
157 $err ? FlashMessage::ERROR : FlashMessage::INFO
158 );
159 /** @var $flashMessageService FlashMessageService */
160 $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
161 /** @var $defaultFlashMessageQueue FlashMessageQueue */
162 $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
163 $defaultFlashMessageQueue->enqueue($flashMessage);
164 }
165 }
166
167 /**
168 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
169 */
170 protected function getBackendUser()
171 {
172 return $GLOBALS['BE_USER'];
173 }
174
175 /**
176 * @return DatabaseConnection
177 */
178 protected function getDatabaseConnection()
179 {
180 return $GLOBALS['TYPO3_DB'];
181 }
182 }