[TASK] Use ModuleTemplate API for EXT:setup
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / Classes / Controller / SetupModuleController.php
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Template\Components\ButtonBar;
23 use TYPO3\CMS\Backend\Utility\BackendUtility;
24 use TYPO3\CMS\Core\Imaging\Icon;
25 use TYPO3\CMS\Core\Imaging\IconFactory;
26 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
27 use TYPO3\CMS\Core\Database\DatabaseConnection;
28 use TYPO3\CMS\Core\DataHandling\DataHandler;
29 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
30 use TYPO3\CMS\Core\Messaging\FlashMessage;
31 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
32 use TYPO3\CMS\Core\Resource\ResourceFactory;
33 use TYPO3\CMS\Core\Utility\GeneralUtility;
34
35 /**
36 * Script class for the Setup module
37 */
38 class SetupModuleController extends AbstractModule
39 {
40 /**
41 * Flag if password has not been updated
42 */
43 const PASSWORD_NOT_UPDATED = 0;
44
45 /**
46 * Flag if password has been updated
47 */
48 const PASSWORD_UPDATED = 1;
49
50 /**
51 * Flag if both new passwords do not match
52 */
53 const PASSWORD_NOT_THE_SAME = 2;
54
55 /**
56 * Flag if the current password given was not identical to the real
57 * current password
58 */
59 const PASSWORD_OLD_WRONG = 3;
60
61 /**
62 * @var array
63 */
64 public $MOD_MENU = array();
65
66 /**
67 * @var array
68 */
69 public $MOD_SETTINGS = array();
70
71 /**
72 * @var \TYPO3\CMS\Backend\Template\DocumentTemplate
73 */
74 public $doc;
75
76 /**
77 * @var string
78 */
79 public $content;
80
81 /**
82 * @var array
83 */
84 public $overrideConf;
85
86 /**
87 * backend user object, set during simulate-user operation
88 *
89 * @var \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
90 */
91 public $OLD_BE_USER;
92
93 /**
94 * @var bool
95 */
96 public $languageUpdate;
97
98 /**
99 * @var bool
100 */
101 protected $pagetreeNeedsRefresh = false;
102
103 /**
104 * @var bool
105 */
106 protected $isAdmin;
107
108 /**
109 * @var array
110 */
111 protected $tsFieldConf;
112
113 /**
114 * @var bool
115 */
116 protected $saveData = false;
117
118 /**
119 * @var int
120 */
121 protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
122
123 /**
124 * @var bool
125 */
126 protected $passwordIsSubmitted = false;
127
128 /**
129 * @var bool
130 */
131 protected $setupIsUpdated = false;
132
133 /**
134 * @var bool
135 */
136 protected $tempDataIsCleared = false;
137
138 /**
139 * @var bool
140 */
141 protected $settingsAreResetToDefault = false;
142
143 /**
144 * Form protection instance
145 *
146 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
147 */
148 protected $formProtection;
149
150 /**
151 * @var string
152 */
153 protected $simulateSelector = '';
154
155 /**
156 * @var string
157 */
158 protected $simUser = '';
159
160 /**
161 * The name of the module
162 *
163 * @var string
164 */
165 protected $moduleName = 'user_setup';
166
167 /**
168 * @var ModuleLoader
169 */
170 protected $loadModules;
171
172 /**
173 * Instantiate the form protection before a simulated user is initialized.
174 */
175 public function __construct()
176 {
177 parent::__construct();
178 $this->formProtection = FormProtectionFactory::get();
179 }
180
181 /**
182 * Getter for the form protection instance.
183 *
184 * @return \TYPO3\CMS\Core\FormProtection\BackendFormProtection
185 */
186 public function getFormProtection()
187 {
188 return $this->formProtection;
189 }
190
191 /**
192 * If settings are submitted to _POST[DATA], store them
193 * NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\DocumentTemplate
194 * is included. See bottom of document.
195 *
196 * @see \TYPO3\CMS\Backend\Template\DocumentTemplate
197 */
198 public function storeIncomingData()
199 {
200 // First check if something is submitted in the data-array from POST vars
201 $d = GeneralUtility::_POST('data');
202 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
203 $beUser = $this->getBackendUser();
204 $beUserId = $beUser->user['uid'];
205 $storeRec = array();
206 $fieldList = $this->getFieldsFromShowItem();
207 if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
208 // UC hashed before applying changes
209 $save_before = md5(serialize($beUser->uc));
210 // PUT SETTINGS into the ->uc array:
211 // Reload left frame when switching BE language
212 if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
213 $this->languageUpdate = true;
214 }
215 // Reload pagetree if the title length is changed
216 if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
217 $this->pagetreeNeedsRefresh = true;
218 }
219 if ($d['setValuesToDefault']) {
220 // If every value should be default
221 $beUser->resetUC();
222 $this->settingsAreResetToDefault = true;
223 } elseif ($d['clearSessionVars']) {
224 foreach ($beUser->uc as $key => $value) {
225 if (!isset($columns[$key])) {
226 unset($beUser->uc[$key]);
227 }
228 }
229 $this->tempDataIsCleared = true;
230 } elseif ($d['save']) {
231 // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
232 foreach ($columns as $field => $config) {
233 if (!in_array($field, $fieldList)) {
234 continue;
235 }
236 if ($config['table']) {
237 if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
238 if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
239 if ($config['type'] === 'check') {
240 $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
241 } else {
242 $fieldValue = $d['be_users'][$field];
243 }
244 $storeRec['be_users'][$beUserId][$field] = $fieldValue;
245 $beUser->user[$field] = $fieldValue;
246 }
247 }
248 }
249 if ($config['type'] === 'check') {
250 $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
251 } else {
252 $beUser->uc[$field] = htmlspecialchars($d[$field]);
253 }
254 }
255 // Personal data for the users be_user-record (email, name, password...)
256 // If email and name is changed, set it in the users record:
257 $be_user_data = $d['be_users'];
258 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
259 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
260 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
261 $params = array('be_user_data' => &$be_user_data);
262 GeneralUtility::callUserFunction($function, $params, $this);
263 }
264 }
265 $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
266 $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
267 // Update the real name:
268 if ($be_user_data['realName'] !== $beUser->user['realName']) {
269 $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
270 }
271 // Update the email address:
272 if ($be_user_data['email'] !== $beUser->user['email']) {
273 $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
274 }
275 // Update the password:
276 if ($passwordIsConfirmed) {
277 $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
278 $saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
279 if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
280 $this->passwordIsUpdated = self::PASSWORD_UPDATED;
281 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
282 } else {
283 $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
284 }
285 } else {
286 $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
287 }
288
289 $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
290
291 $this->saveData = true;
292 }
293 // Inserts the overriding values.
294 $beUser->overrideUC();
295 $save_after = md5(serialize($beUser->uc));
296 // If something in the uc-array of the user has changed, we save the array...
297 if ($save_before != $save_after) {
298 $beUser->writeUC($beUser->uc);
299 $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
300 $this->setupIsUpdated = true;
301 }
302 // If the temporary data has been cleared, lets make a log note about it
303 if ($this->tempDataIsCleared) {
304 $beUser->writelog(254, 1, 0, 1, $this->getLanguageService()->getLL('tempDataClearedLog'), array());
305 }
306 // Persist data if something has changed:
307 if (!empty($storeRec) && $this->saveData) {
308 // Make instance of TCE for storing the changes.
309 /** @var DataHandler $dataHandler */
310 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
311 $dataHandler->stripslashes_values = false;
312 // This is so the user can actually update his user record.
313 $isAdmin = $beUser->user['admin'];
314 $beUser->user['admin'] = 1;
315 $dataHandler->start($storeRec, array(), $beUser);
316 // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
317 $dataHandler->bypassWorkspaceRestrictions = true;
318 $dataHandler->process_datamap();
319 unset($tce);
320 if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
321 $this->setupIsUpdated = true;
322 }
323 // Restore admin status after processing
324 $beUser->user['admin'] = $isAdmin;
325 }
326 }
327 }
328
329 /******************************
330 *
331 * Rendering module
332 *
333 ******************************/
334 /**
335 * Initializes the module for display of the settings form.
336 *
337 * @return void
338 */
339 public function init()
340 {
341 $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
342
343 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
344 $scriptUser = $this->getRealScriptUserObj();
345
346 $this->isAdmin = $scriptUser->isAdmin();
347 // Getting the 'override' values as set might be set in User TSconfig
348 $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
349 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
350 $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
351 // id password is disabled, disable repeat of password too (password2)
352 if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
353 $this->tsFieldConf['password2.']['disabled'] = 1;
354 $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
355 }
356 // Create instance of object for output of data
357 $this->doc = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Template\DocumentTemplate::class);
358 $this->moduleTemplate->setForm(
359 '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" name="usersetup" enctype="multipart/form-data">'
360 );
361 }
362
363 /**
364 * Generate necessary JavaScript
365 *
366 * @return string
367 */
368 protected function getJavaScript()
369 {
370 $javaScript = '';
371 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
372 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
373 $params = array();
374 $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
375 }
376 }
377 return $javaScript;
378 }
379
380 /**
381 * Generate the main settings form:
382 *
383 * @return void
384 */
385 public function main()
386 {
387 if ($this->languageUpdate) {
388 $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
389 if (top.refreshMenu) {
390 top.refreshMenu();
391 } else {
392 top.TYPO3ModuleMenu.refreshMenu();
393 }
394 ');
395 }
396 if ($this->pagetreeNeedsRefresh) {
397 BackendUtility::setUpdateSignal('updatePageTree');
398 }
399 // Start page:
400 $this->moduleTemplate->loadJavascriptLib('sysext/backend/Resources/Public/JavaScript/md5.js');
401 // Use a wrapper div
402 $this->content .= '<div id="user-setup-wrapper">';
403 // Load available backend modules
404 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
405 $this->loadModules->observeWorkspaces = true;
406 $this->loadModules->load($GLOBALS['TBE_MODULES']);
407 $this->content .= $this->doc->header($this->getLanguageService()->getLL('UserSettings'));
408 // Show if setup was saved
409 if ($this->setupIsUpdated && !$this->tempDataIsCleared && !$this->settingsAreResetToDefault) {
410 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('setupWasUpdated'), $this->getLanguageService()->getLL('UserSettings'));
411 $this->content .= $flashMessage->render();
412 }
413
414 // Show if temporary data was cleared
415 if ($this->tempDataIsCleared) {
416 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('tempDataClearedFlashMessage'), $this->getLanguageService()->getLL('tempDataCleared'));
417 $this->content .= $flashMessage->render();
418 }
419
420 // Show if temporary data was cleared
421 if ($this->settingsAreResetToDefault) {
422 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('settingsAreReset'), $this->getLanguageService()->getLL('resetConfiguration'));
423 $this->content .= $flashMessage->render();
424 }
425
426 // Notice
427 if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
428 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('activateChanges'), '', FlashMessage::INFO);
429 $this->content .= $flashMessage->render();
430 }
431
432 // If password is updated, output whether it failed or was OK.
433 if ($this->passwordIsSubmitted) {
434 $flashMessage = null;
435 switch ($this->passwordIsUpdated) {
436 case self::PASSWORD_OLD_WRONG:
437 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('oldPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
438 break;
439 case self::PASSWORD_NOT_THE_SAME:
440 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
441 break;
442 case self::PASSWORD_UPDATED:
443 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_ok'), $this->getLanguageService()->getLL('newPassword'));
444 break;
445 }
446 if ($flashMessage) {
447 $this->content .= $flashMessage->render();
448 }
449 }
450
451 // Render user switch
452 $this->content .= $this->renderSimulateUserSelectAndLabel();
453
454 // Render the menu items
455 $menuItems = $this->renderUserSetup();
456 $this->content .= $this->doc->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
457 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
458 $this->content .= $this->doc->section('', '<input type="hidden" name="simUser" value="' . $this->simUser . '" />
459 <input type="hidden" name="formToken" value="' . $formToken . '" />
460 <input type="hidden" value="1" name="data[save]" />
461 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />
462 <input type="hidden" name="data[clearSessionVars]" value="0" id="clearSessionVars" />');
463 // End of wrapper div
464 $this->content .= '</div>';
465 // Setting up the buttons and markers for docheader
466 $this->getButtons();
467 // Build the <body> for the module
468 // Renders the module page
469 $this->moduleTemplate->setContent($this->content);
470 }
471
472
473 /**
474 * Injects the request object for the current request or subrequest
475 * Simply calls main() and init() and writes the content to the response
476 *
477 * @param ServerRequestInterface $request the current request
478 * @param ResponseInterface $response
479 * @return ResponseInterface the response with the content
480 */
481 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
482 {
483 $GLOBALS['SOBE'] = $this;
484 $this->simulateUser();
485 $this->storeIncomingData();
486 $this->init();
487 $this->main();
488
489 $response->getBody()->write($this->moduleTemplate->renderContent());
490 return $response;
491 }
492
493 /**
494 * Prints the content / ends page
495 *
496 * @return void
497 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8
498 */
499 public function printContent()
500 {
501 GeneralUtility::logDeprecatedFunction();
502 echo $this->content;
503 }
504
505 /**
506 * Create the panel of buttons for submitting the form or otherwise perform operations.
507 */
508 protected function getButtons()
509 {
510 $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
511 /** @var IconFactory $iconFactory */
512 $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
513 $cshButton = $buttonBar->makeFullyRenderedButton()
514 ->setHtmlSource(BackendUtility::cshItem('_MOD_user_setup', ''));
515 $buttonBar->addButton($cshButton, ButtonBar::BUTTON_POSITION_RIGHT, 99);
516
517 $saveButton = $buttonBar->makeInputButton()
518 ->setName('data[save]')
519 ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
520 ->setValue('1')
521 ->setShowLabelText(true)
522 ->setIcon($iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL));
523
524 $buttonBar->addButton($saveButton);
525 if ($this->getBackendUser()->mayMakeShortcut()) {
526 $shortCutButton = $buttonBar->makeFullyRenderedButton()
527 ->setHtmlSource($this->moduleTemplate->makeShortcutIcon('', '', $this->moduleName));
528 $buttonBar->addButton($shortCutButton, ButtonBar::BUTTON_POSITION_RIGHT);
529 }
530 }
531
532 /******************************
533 *
534 * Render module
535 *
536 ******************************/
537
538 /**
539 * renders the data for all tabs in the user setup and returns
540 * everything that is needed with tabs and dyntab menu
541 *
542 * @return array Ready to use for the dyntabmenu itemarray
543 */
544 protected function renderUserSetup()
545 {
546 $html = '';
547 $result = array();
548 $firstTabLabel = '';
549 $code = array();
550 $fieldArray = $this->getFieldsFromShowItem();
551 $tabLabel = '';
552 foreach ($fieldArray as $fieldName) {
553 $more = '';
554 if (substr($fieldName, 0, 8) === '--div--;') {
555 if ($firstTabLabel === '') {
556 // First tab
557 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
558 $firstTabLabel = $tabLabel;
559 } else {
560 $result[] = array(
561 'label' => $tabLabel,
562 'content' => count($code) ? implode(LF, $code) : ''
563 );
564 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
565 $code = array();
566 }
567 continue;
568 }
569 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
570
571 // Field my be disabled in setup.fields
572 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
573 continue;
574 }
575 if (isset($config['access']) && !$this->checkAccess($config)) {
576 continue;
577 }
578 $label = $this->getLabel($config['label'], $fieldName);
579 $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
580 $type = $config['type'];
581 $class = $config['class'];
582
583 if ($type !== 'check') {
584 $class .= ' form-control';
585 }
586
587 $style = $config['style'];
588 if ($class) {
589 $more .= ' class="' . $class . '"';
590 }
591 if ($style) {
592 $more .= ' style="' . $style . '"';
593 }
594 if (isset($this->overrideConf[$fieldName])) {
595 $more .= ' disabled="disabled"';
596 }
597 $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
598 if (!$value && isset($config['default'])) {
599 $value = $config['default'];
600 }
601 $dataAdd = '';
602 if ($config['table'] === 'be_users') {
603 $dataAdd = '[be_users]';
604 }
605
606 switch ($type) {
607 case 'text':
608 case 'email':
609 case 'password':
610 $noAutocomplete = '';
611 if ($type === 'password') {
612 $value = '';
613 $noAutocomplete = 'autocomplete="off" ';
614 $more .= ' data-rsa-encryption=""';
615 }
616 $html = '<input id="field_' . $fieldName . '"
617 type="' . $type . '"
618 name="data' . $dataAdd . '[' . $fieldName . ']" ' .
619 $noAutocomplete .
620 'value="' . htmlspecialchars($value) . '" ' .
621 $more .
622 ' />';
623 break;
624 case 'check':
625 $html = $label . '<div class="checkbox"><label><input id="field_' . $fieldName . '"
626 type="checkbox"
627 name="data' . $dataAdd . '[' . $fieldName . ']"' .
628 ($value ? ' checked="checked"' : '') .
629 $more .
630 ' /></label></div>';
631 $label = '';
632 break;
633 case 'select':
634 if ($config['itemsProcFunc']) {
635 $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this, '');
636 } else {
637 $html = '<select id="field_' . $fieldName . '"
638 name="data' . $dataAdd . '[' . $fieldName . ']"' .
639 $more . '>' . LF;
640 foreach ($config['items'] as $key => $optionLabel) {
641 $html .= '<option value="' . $key . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
642 }
643 $html .= '</select>';
644 }
645 break;
646 case 'user':
647 $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this, '');
648 break;
649 case 'button':
650 if ($config['onClick']) {
651 $onClick = $config['onClick'];
652 if ($config['onClickLabels']) {
653 foreach ($config['onClickLabels'] as $key => $labelclick) {
654 $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
655 }
656 $onClick = vsprintf($onClick, $config['onClickLabels']);
657 }
658 $html = '<br><input class="btn btn-default" type="button"
659 value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
660 onclick="' . $onClick . '" />';
661 }
662 break;
663 case 'avatar':
664 // Get current avatar image
665 $html = '<br>';
666 $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
667
668 if ($avatarFileUid) {
669 $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
670 $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
671 if ($avatarImage) {
672 $icon = '<span class="avatar"><span class="avatar-image">' .
673 '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
674 ' width="' . (int)$avatarImage->getWidth() . '" ' .
675 'height="' . (int)$avatarImage->getHeight() . '" />' .
676 '</span></span>';
677 $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
678 }
679 }
680 $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
681 'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
682 ' value="' . $avatarFileUid . '" />';
683
684 $html .= '<div class="btn-group">';
685 if ($avatarFileUid) {
686 $html .= '<a id="clear_button_' . htmlspecialchars($fieldName) . '" onclick="clearExistingImage(); return false;" class="btn btn-default"><span class="t3-icon fa t3-icon fa fa-remove"> </span></a>';
687 }
688 $html .= '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar" onclick="openFileBrowser();return false;"><span class="t3-icon t3-icon-actions t3-icon-actions-insert t3-icon-insert-record"> </span></a>' .
689 '</div>';
690
691 $this->addAvatarButtonJs($fieldName);
692 break;
693 default:
694 $html = '';
695 }
696
697 $code[] = '<div class="form-section"><div class="form-group">' .
698 $label .
699 $html .
700 '</div></div>';
701 }
702
703 $result[] = array(
704 'label' => $tabLabel,
705 'content' => count($code) ? implode(LF, $code) : ''
706 );
707 return $result;
708 }
709
710 /******************************
711 *
712 * Helper functions
713 *
714 ******************************/
715 /**
716 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
717 * Anyway: The REAL user is returned - the one logged in.
718 *
719 * @return BackendUserAuthentication The REAL user is returned - the one logged in.
720 */
721 protected function getRealScriptUserObj()
722 {
723 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
724 }
725
726 /**
727 * Return a select with available languages
728 *
729 * @param array $params
730 *
731 * @return string Complete select as HTML string or warning box if something went wrong.
732 */
733 public function renderLanguageSelect($params)
734 {
735 $languageOptions = array();
736 // Compile the languages dropdown
737 $langDefault = $this->getLanguageService()->getLL('lang_default', true);
738 $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
739 // Traverse the number of languages
740 /** @var $locales \TYPO3\CMS\Core\Localization\Locales */
741 $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
742 $languages = $locales->getLanguages();
743 foreach ($languages as $locale => $name) {
744 if ($locale !== 'default') {
745 $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
746 $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
747 if ($localizedName === '') {
748 $localizedName = htmlspecialchars($name);
749 }
750 $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
751 $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
752 if ($available) {
753 $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
754 }
755 }
756 }
757 ksort($languageOptions);
758 $languageCode = '
759 <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
760 </select>';
761 if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
762 $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed.<br />' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
763 $languageUnavailableMessage = GeneralUtility::makeInstance(FlashMessage::class, $languageUnavailableWarning, '', FlashMessage::WARNING);
764 $languageCode = $languageUnavailableMessage->render() . $languageCode;
765 }
766 return $languageCode;
767 }
768
769 /**
770 * Returns a select with all modules for startup
771 *
772 * @param array $params
773 * @param SetupModuleController $pObj
774 *
775 * @return string Complete select as HTML string
776 */
777 public function renderStartModuleSelect($params, $pObj)
778 {
779 $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
780 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
781 if (!empty($modData['sub']) && is_array($modData['sub'])) {
782 $modules = '';
783 foreach ($modData['sub'] as $subData) {
784 $modName = $subData['name'];
785 $modules .= '<option value="' . htmlspecialchars($modName) . '"';
786 $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
787 $modules .= '>' . $this->getLanguageService()->moduleLabels['tabs'][$modName . '_tab'] . '</option>';
788 }
789 $groupLabel = $this->getLanguageService()->moduleLabels['tabs'][$mainMod . '_tab'];
790 $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
791 }
792 }
793 return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
794 }
795
796 /**
797 * Will make the simulate-user selector if the logged in user is administrator.
798 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
799 *
800 * @return void
801 */
802 public function simulateUser()
803 {
804 // If admin, allow simulation of another user
805 $this->simUser = 0;
806 $this->simulateSelector = '';
807 unset($this->OLD_BE_USER);
808 if ($this->getBackendUser()->isAdmin()) {
809 $this->simUser = (int)GeneralUtility::_GP('simUser');
810 // Make user-selector:
811 $db = $this->getDatabaseConnection();
812 $where = 'AND username NOT LIKE ' . $db->fullQuoteStr($db->escapeStrForLike('_cli_', 'be_users') . '%', 'be_users');
813 $where .= ' AND uid <> ' . (int)$this->getBackendUser()->user['uid'] . BackendUtility::BEenableFields('be_users');
814 $users = BackendUtility::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', $where);
815 $opt = array();
816 foreach ($users as $rr) {
817 $label = htmlspecialchars(($rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '')));
818 $opt[] = '<option value="' . $rr['uid'] . '"' . ($this->simUser == $rr['uid'] ? ' selected="selected"' : '') . '>' . $label . '</option>';
819 }
820 if (!empty($opt)) {
821 $this->simulateSelector = '<select id="field_simulate" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
822 }
823 }
824 // This can only be set if the previous code was executed.
825 if ($this->simUser > 0) {
826 // Save old user...
827 $this->OLD_BE_USER = $this->getBackendUser();
828 unset($GLOBALS['BE_USER']);
829 // Unset current
830 // New backend user object
831 $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
832 $BE_USER->setBeUserByUid($this->simUser);
833 $BE_USER->fetchGroupData();
834 $BE_USER->backendSetUC();
835 // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
836 $GLOBALS['BE_USER'] = $BE_USER;
837 }
838 }
839
840 /**
841 * Render simulate user select and label
842 *
843 * @return string
844 */
845 protected function renderSimulateUserSelectAndLabel()
846 {
847 if ($this->simulateSelector === '') {
848 return '';
849 }
850
851 return '<p>' .
852 '<label for="field_simulate" style="margin-right: 20px;">' .
853 $this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate') .
854 '</label>' .
855 $this->simulateSelector .
856 '</p>';
857 }
858
859 /**
860 * Returns access check (currently only "admin" is supported)
861 *
862 * @param array $config Configuration of the field, access mode is defined in key 'access'
863 * @return bool Whether it is allowed to modify the given field
864 */
865 protected function checkAccess(array $config)
866 {
867 $access = $config['access'];
868
869 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
870 if (class_exists($access)) {
871 $accessObject = GeneralUtility::makeInstance($access);
872 if (method_exists($accessObject, 'accessLevelCheck')) {
873 // Initialize vars. If method fails, $set will be set to FALSE
874 return $accessObject->accessLevelCheck($config);
875 }
876 }
877 } elseif ($access == 'admin') {
878 return $this->isAdmin;
879 }
880
881 return false;
882 }
883
884 /**
885 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
886 *
887 * @param string $str Locallang key
888 * @param string $key Alternative override-config key
889 * @param bool $addLabelTag Defines whether the string should be wrapped in a <label> tag.
890 * @param string $altLabelTagId Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
891 * @return string HTML output.
892 */
893 protected function getLabel($str, $key = '', $addLabelTag = true, $altLabelTagId = '')
894 {
895 if (substr($str, 0, 4) === 'LLL:') {
896 $out = $this->getLanguageService()->sL($str);
897 } else {
898 $out = htmlspecialchars($str);
899 }
900 if (isset($this->overrideConf[$key ?: $str])) {
901 $out = '<span style="color:#999999">' . $out . '</span>';
902 }
903 if ($addLabelTag) {
904 $out = '<label for="' . ($altLabelTagId ?: 'field_' . $key) . '">' . $out . '</label>';
905 }
906 return $out;
907 }
908
909 /**
910 * Returns the CSH Icon for given string
911 *
912 * @param string $str Locallang key
913 * @param string $label The label to be used, that should be wrapped in help
914 * @return string HTML output.
915 */
916 protected function getCSH($str, $label)
917 {
918 $context = '_MOD_user_setup';
919 $field = $str;
920 $strParts = explode(':', $str);
921 if (count($strParts) > 1) {
922 // Setting comes from another extension
923 $context = $strParts[0];
924 $field = $strParts[1];
925 } elseif (!GeneralUtility::inList('language,simuser,reset', $str)) {
926 $field = 'option_' . $str;
927 }
928 return BackendUtility::wrapInHelp($context, $field, $label);
929 }
930
931 /**
932 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
933 *
934 * @return array Array with fieldnames visible in form
935 */
936 protected function getFieldsFromShowItem()
937 {
938 return GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
939 }
940
941 /**
942 * Get Avatar fileUid
943 *
944 * @param int $beUserId
945 * @return int
946 */
947 protected function getAvatarFileUid($beUserId)
948 {
949 $file = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
950 'uid_local',
951 'sys_file_reference',
952 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
953 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId .
954 BackendUtility::BEenableFields('sys_file_reference') . BackendUtility::deleteClause('sys_file_reference')
955 );
956 return $file ? $file['uid_local'] : 0;
957 }
958
959 /**
960 * Set avatar fileUid for backend user
961 *
962 * @param int $beUserId
963 * @param int $fileUid
964 * @param array $storeRec
965 */
966 protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
967 {
968
969 // Update is only needed when new fileUid is set
970 if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
971 return;
972 }
973
974 // Delete old file reference
975 $this->getDatabaseConnection()->exec_DELETEquery(
976 'sys_file_reference',
977 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
978 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId
979 );
980
981 // Create new reference
982 if ($fileUid) {
983
984 // Get file object
985 try {
986 $file = ResourceFactory::getInstance()->getFileObject($fileUid);
987 } catch (FileDoesNotExistException $e) {
988 $file = false;
989 }
990
991 // Check if user is allowed to use the image (only when not in simulation mode)
992 if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
993 $file = false;
994 }
995
996 // Check if extension is allowed
997 if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
998
999 // Create new file reference
1000 $storeRec['sys_file_reference']['NEW1234'] = array(
1001 'uid_local' => $fileUid,
1002 'uid_foreign' => $beUserId,
1003 'tablenames' => 'be_users',
1004 'fieldname' => 'avatar',
1005 'pid' => 0,
1006 'table_local' => 'sys_file',
1007 );
1008 $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
1009 }
1010 }
1011 }
1012
1013 /**
1014 * Add JavaScript to for browse files button
1015 *
1016 * @param string $fieldName
1017 */
1018 protected function addAvatarButtonJs($fieldName)
1019 {
1020 $this->doc->JScodeArray['avatar-button'] = '
1021 var browserWin="";
1022
1023 function openFileBrowser() {
1024 var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
1025 browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
1026 browserWin.focus();
1027 }
1028
1029 function clearExistingImage() {
1030 TYPO3.jQuery(\'#image_' . htmlspecialchars($fieldName) . '\').hide();
1031 TYPO3.jQuery(\'#clear_button_' . htmlspecialchars($fieldName) . '\').hide();
1032 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(\'\');
1033 }
1034
1035 function setFileUid(field, value, fileUid) {
1036 clearExistingImage();
1037 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(fileUid);
1038 TYPO3.jQuery(\'#add_button_' . htmlspecialchars($fieldName) . '\').removeClass(\'btn-default\').addClass(\'btn-info\');
1039
1040 browserWin.close();
1041 }
1042 ';
1043 }
1044
1045 /**
1046 * Returns the current BE user.
1047 *
1048 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1049 */
1050 protected function getBackendUser()
1051 {
1052 return $GLOBALS['BE_USER'];
1053 }
1054
1055 /**
1056 * Returns LanguageService
1057 *
1058 * @return \TYPO3\CMS\Lang\LanguageService
1059 */
1060 protected function getLanguageService()
1061 {
1062 return $GLOBALS['LANG'];
1063 }
1064
1065 /**
1066 * @return DatabaseConnection
1067 */
1068 protected function getDatabaseConnection()
1069 {
1070 return $GLOBALS['TYPO3_DB'];
1071 }
1072 }