[BUGFIX] Help texts in Backend User Settings do not appear
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / Classes / Controller / SetupModuleController.php
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Utility\BackendUtility;
23 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
24 use TYPO3\CMS\Core\Database\DatabaseConnection;
25 use TYPO3\CMS\Core\DataHandling\DataHandler;
26 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
27 use TYPO3\CMS\Core\Imaging\Icon;
28 use TYPO3\CMS\Core\Imaging\IconFactory;
29 use TYPO3\CMS\Core\Messaging\FlashMessage;
30 use TYPO3\CMS\Core\Messaging\FlashMessageService;
31 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
32 use TYPO3\CMS\Core\Resource\ResourceFactory;
33 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
34 use TYPO3\CMS\Core\Utility\GeneralUtility;
35
36 /**
37 * Script class for the Setup module
38 */
39 class SetupModuleController extends AbstractModule
40 {
41 /**
42 * Flag if password has not been updated
43 */
44 const PASSWORD_NOT_UPDATED = 0;
45
46 /**
47 * Flag if password has been updated
48 */
49 const PASSWORD_UPDATED = 1;
50
51 /**
52 * Flag if both new passwords do not match
53 */
54 const PASSWORD_NOT_THE_SAME = 2;
55
56 /**
57 * Flag if the current password given was not identical to the real
58 * current password
59 */
60 const PASSWORD_OLD_WRONG = 3;
61
62 /**
63 * @var array
64 */
65 public $MOD_MENU = array();
66
67 /**
68 * @var array
69 */
70 public $MOD_SETTINGS = array();
71
72 /**
73 * @var string
74 */
75 public $content;
76
77 /**
78 * @var array
79 */
80 public $overrideConf;
81
82 /**
83 * backend user object, set during simulate-user operation
84 *
85 * @var \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
86 */
87 public $OLD_BE_USER;
88
89 /**
90 * @var bool
91 */
92 public $languageUpdate;
93
94 /**
95 * @var bool
96 */
97 protected $pagetreeNeedsRefresh = false;
98
99 /**
100 * @var bool
101 */
102 protected $isAdmin;
103
104 /**
105 * @var array
106 */
107 protected $tsFieldConf;
108
109 /**
110 * @var bool
111 */
112 protected $saveData = false;
113
114 /**
115 * @var int
116 */
117 protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
118
119 /**
120 * @var bool
121 */
122 protected $passwordIsSubmitted = false;
123
124 /**
125 * @var bool
126 */
127 protected $setupIsUpdated = false;
128
129 /**
130 * @var bool
131 */
132 protected $settingsAreResetToDefault = false;
133
134 /**
135 * Form protection instance
136 *
137 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
138 */
139 protected $formProtection;
140
141 /**
142 * @var string
143 */
144 protected $simulateSelector = '';
145
146 /**
147 * @var int
148 */
149 protected $simUser;
150
151 /**
152 * The name of the module
153 *
154 * @var string
155 */
156 protected $moduleName = 'user_setup';
157
158 /**
159 * @var ModuleLoader
160 */
161 protected $loadModules;
162
163 /**
164 * Instantiate the form protection before a simulated user is initialized.
165 */
166 public function __construct()
167 {
168 parent::__construct();
169 $this->formProtection = FormProtectionFactory::get();
170 $this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/Modal');
171 }
172
173 /**
174 * Getter for the form protection instance.
175 *
176 * @return \TYPO3\CMS\Core\FormProtection\BackendFormProtection
177 */
178 public function getFormProtection()
179 {
180 return $this->formProtection;
181 }
182
183 /**
184 * If settings are submitted to _POST[DATA], store them
185 * NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\ModuleTemplate
186 * is included. See bottom of document.
187 */
188 public function storeIncomingData()
189 {
190 // First check if something is submitted in the data-array from POST vars
191 $d = GeneralUtility::_POST('data');
192 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
193 $beUser = $this->getBackendUser();
194 $beUserId = $beUser->user['uid'];
195 $storeRec = array();
196 $fieldList = $this->getFieldsFromShowItem();
197 if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
198 // UC hashed before applying changes
199 $save_before = md5(serialize($beUser->uc));
200 // PUT SETTINGS into the ->uc array:
201 // Reload left frame when switching BE language
202 if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
203 $this->languageUpdate = true;
204 }
205 // Reload pagetree if the title length is changed
206 if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
207 $this->pagetreeNeedsRefresh = true;
208 }
209 if ($d['setValuesToDefault']) {
210 // If every value should be default
211 $beUser->resetUC();
212 $this->settingsAreResetToDefault = true;
213 } elseif ($d['save']) {
214 // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
215 foreach ($columns as $field => $config) {
216 if (!in_array($field, $fieldList)) {
217 continue;
218 }
219 if ($config['table']) {
220 if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
221 if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
222 if ($config['type'] === 'check') {
223 $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
224 } else {
225 $fieldValue = $d['be_users'][$field];
226 }
227 $storeRec['be_users'][$beUserId][$field] = $fieldValue;
228 $beUser->user[$field] = $fieldValue;
229 }
230 }
231 }
232 if ($config['type'] === 'check') {
233 $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
234 } else {
235 $beUser->uc[$field] = htmlspecialchars($d[$field]);
236 }
237 }
238 // Personal data for the users be_user-record (email, name, password...)
239 // If email and name is changed, set it in the users record:
240 $be_user_data = $d['be_users'];
241 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
242 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
243 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
244 $params = array('be_user_data' => &$be_user_data);
245 GeneralUtility::callUserFunction($function, $params, $this);
246 }
247 }
248 $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
249 $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
250 // Update the real name:
251 if ($be_user_data['realName'] !== $beUser->user['realName']) {
252 $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
253 }
254 // Update the email address:
255 if ($be_user_data['email'] !== $beUser->user['email']) {
256 $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
257 }
258 // Update the password:
259 if ($passwordIsConfirmed) {
260 $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
261 $saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
262 if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
263 $this->passwordIsUpdated = self::PASSWORD_UPDATED;
264 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
265 } else {
266 $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
267 }
268 } else {
269 $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
270 }
271
272 $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
273
274 $this->saveData = true;
275 }
276 // Inserts the overriding values.
277 $beUser->overrideUC();
278 $save_after = md5(serialize($beUser->uc));
279 // If something in the uc-array of the user has changed, we save the array...
280 if ($save_before != $save_after) {
281 $beUser->writeUC($beUser->uc);
282 $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
283 $this->setupIsUpdated = true;
284 }
285 // Persist data if something has changed:
286 if (!empty($storeRec) && $this->saveData) {
287 // Make instance of TCE for storing the changes.
288 /** @var DataHandler $dataHandler */
289 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
290 // This is so the user can actually update his user record.
291 $isAdmin = $beUser->user['admin'];
292 $beUser->user['admin'] = 1;
293 $dataHandler->start($storeRec, array(), $beUser);
294 // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
295 $dataHandler->bypassWorkspaceRestrictions = true;
296 $dataHandler->process_datamap();
297 unset($tce);
298 if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
299 $this->setupIsUpdated = true;
300 }
301 // Restore admin status after processing
302 $beUser->user['admin'] = $isAdmin;
303 }
304 }
305 }
306
307 /******************************
308 *
309 * Rendering module
310 *
311 ******************************/
312 /**
313 * Initializes the module for display of the settings form.
314 *
315 * @return void
316 */
317 public function init()
318 {
319 $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
320
321 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
322 $scriptUser = $this->getRealScriptUserObj();
323
324 $this->isAdmin = $scriptUser->isAdmin();
325 // Getting the 'override' values as set might be set in User TSconfig
326 $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
327 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
328 $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
329 // id password is disabled, disable repeat of password too (password2)
330 if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
331 $this->tsFieldConf['password2.']['disabled'] = 1;
332 $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
333 }
334 }
335
336 /**
337 * Generate necessary JavaScript
338 *
339 * @return string
340 */
341 protected function getJavaScript()
342 {
343 $javaScript = '';
344 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
345 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
346 $params = array();
347 $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
348 }
349 }
350 return $javaScript;
351 }
352
353 /**
354 * Generate the main settings form:
355 *
356 * @return void
357 */
358 public function main()
359 {
360 $this->content .= '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" id="SetupModuleController" name="usersetup" enctype="multipart/form-data">';
361 if ($this->languageUpdate) {
362 $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
363 if (top && top.TYPO3.ModuleMenu.App) {
364 top.TYPO3.ModuleMenu.App.refreshMenu();
365 }
366 ');
367 }
368 if ($this->pagetreeNeedsRefresh) {
369 BackendUtility::setUpdateSignal('updatePageTree');
370 }
371 // Start page:
372 $this->moduleTemplate->loadJavascriptLib(ExtensionManagementUtility::extRelPath('backend') . 'Resources/Public/JavaScript/md5.js');
373 // Use a wrapper div
374 $this->content .= '<div id="user-setup-wrapper">';
375 // Load available backend modules
376 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
377 $this->loadModules->observeWorkspaces = true;
378 $this->loadModules->load($GLOBALS['TBE_MODULES']);
379 $this->content .= $this->moduleTemplate->header($this->getLanguageService()->getLL('UserSettings'));
380 $this->addFlashMessages();
381
382 // Render user switch
383 $this->content .= $this->renderSimulateUserSelectAndLabel();
384
385 // Render the menu items
386 $menuItems = $this->renderUserSetup();
387 $this->content .= $this->moduleTemplate->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
388 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
389 $this->content .= '<div>';
390 $this->content .= '<input type="hidden" name="simUser" value="' . (int)$this->simUser . '" />
391 <input type="hidden" name="formToken" value="' . htmlspecialchars($formToken) . '" />
392 <input type="hidden" value="1" name="data[save]" />
393 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />';
394 $this->content .= '</div>';
395 // End of wrapper div
396 $this->content .= '</div>';
397 // Setting up the buttons and markers for docheader
398 $this->getButtons();
399 // Build the <body> for the module
400 // Renders the module page
401 $this->moduleTemplate->setContent($this->content);
402 $this->content .= '</form>';
403 }
404
405 /**
406 * Injects the request object for the current request or subrequest
407 * Simply calls main() and init() and writes the content to the response
408 *
409 * @param ServerRequestInterface $request the current request
410 * @param ResponseInterface $response
411 * @return ResponseInterface the response with the content
412 */
413 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
414 {
415 $GLOBALS['SOBE'] = $this;
416 $this->simulateUser();
417 $this->storeIncomingData();
418 $this->init();
419 $this->main();
420
421 $response->getBody()->write($this->moduleTemplate->renderContent());
422 return $response;
423 }
424
425 /**
426 * Create the panel of buttons for submitting the form or otherwise perform operations.
427 */
428 protected function getButtons()
429 {
430 $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
431 $cshButton = $buttonBar->makeHelpButton()
432 ->setModuleName('_MOD_user_setup')
433 ->setFieldName('');
434 $buttonBar->addButton($cshButton);
435
436 $saveButton = $buttonBar->makeInputButton()
437 ->setName('data[save]')
438 ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
439 ->setValue('1')
440 ->setForm('SetupModuleController')
441 ->setShowLabelText(true)
442 ->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
443
444 $buttonBar->addButton($saveButton);
445 $shortcutButton = $buttonBar->makeShortcutButton()
446 ->setModuleName($this->moduleName);
447 $buttonBar->addButton($shortcutButton);
448 }
449
450 /******************************
451 *
452 * Render module
453 *
454 ******************************/
455
456 /**
457 * renders the data for all tabs in the user setup and returns
458 * everything that is needed with tabs and dyntab menu
459 *
460 * @return array Ready to use for the dyntabmenu itemarray
461 */
462 protected function renderUserSetup()
463 {
464 $html = '';
465 $result = array();
466 $firstTabLabel = '';
467 $code = array();
468 $fieldArray = $this->getFieldsFromShowItem();
469 $tabLabel = '';
470 foreach ($fieldArray as $fieldName) {
471 $more = '';
472 if (substr($fieldName, 0, 8) === '--div--;') {
473 if ($firstTabLabel === '') {
474 // First tab
475 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
476 $firstTabLabel = $tabLabel;
477 } else {
478 $result[] = array(
479 'label' => $tabLabel,
480 'content' => count($code) ? implode(LF, $code) : ''
481 );
482 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
483 $code = array();
484 }
485 continue;
486 }
487 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
488
489 // Field my be disabled in setup.fields
490 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
491 continue;
492 }
493 if (isset($config['access']) && !$this->checkAccess($config)) {
494 continue;
495 }
496 $label = $this->getLabel($config['label'], $fieldName);
497 $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
498 $type = $config['type'];
499 $class = $config['class'];
500
501 if ($type !== 'check') {
502 $class .= ' form-control';
503 }
504
505 $style = $config['style'];
506 if ($class) {
507 $more .= ' class="' . htmlspecialchars($class) . '"';
508 }
509 if ($style) {
510 $more .= ' style="' . htmlspecialchars($style) . '"';
511 }
512 if (isset($this->overrideConf[$fieldName])) {
513 $more .= ' disabled="disabled"';
514 }
515 $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
516 if (!$value && isset($config['default'])) {
517 $value = $config['default'];
518 }
519 $dataAdd = '';
520 if ($config['table'] === 'be_users') {
521 $dataAdd = '[be_users]';
522 }
523
524 switch ($type) {
525 case 'text':
526 case 'email':
527 case 'password':
528 $noAutocomplete = '';
529 if ($type === 'password') {
530 $value = '';
531 $noAutocomplete = 'autocomplete="off" ';
532 $more .= ' data-rsa-encryption=""';
533 }
534 $html = '<input id="field_' . htmlspecialchars($fieldName) . '"
535 type="' . htmlspecialchars($type) . '"
536 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']" ' .
537 $noAutocomplete .
538 'value="' . htmlspecialchars($value) . '" ' .
539 $more .
540 ' />';
541 break;
542 case 'check':
543 $html = $label . '<div class="checkbox"><label><input id="field_' . htmlspecialchars($fieldName) . '"
544 type="checkbox"
545 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
546 ($value ? ' checked="checked"' : '') .
547 $more .
548 ' /></label></div>';
549 $label = '';
550 break;
551 case 'select':
552 if ($config['itemsProcFunc']) {
553 $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this);
554 } else {
555 $html = '<select id="field_' . htmlspecialchars($fieldName) . '"
556 name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' .
557 $more . '>' . LF;
558 foreach ($config['items'] as $key => $optionLabel) {
559 $html .= '<option value="' . htmlspecialchars($key) . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
560 }
561 $html .= '</select>';
562 }
563 break;
564 case 'user':
565 $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this);
566 break;
567 case 'button':
568 if ($config['onClick']) {
569 $onClick = $config['onClick'];
570 if ($config['onClickLabels']) {
571 foreach ($config['onClickLabels'] as $key => $labelclick) {
572 $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
573 }
574 $onClick = vsprintf($onClick, $config['onClickLabels']);
575 }
576 $html = '<br><input class="btn btn-default" type="button"
577 value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
578 onclick="' . $onClick . '" />';
579 }
580 if (!empty($config['confirm'])) {
581 $confirmData = $config['confirmData'];
582 $html = '<br><input class="btn btn-default t3js-modal-trigger" type="button"'
583 . ' value="' . $this->getLabel($config['buttonlabel'], '', false) . '"'
584 . ' data-href="javascript:' . htmlspecialchars($confirmData['jsCodeAfterOk']) . '"'
585 . ' data-severity="warning"'
586 . ' data-title="' . $this->getLabel($config['label'], '', false) . '"'
587 . ' data-content="' . $this->getLabel($confirmData['message'], '', false) . '" />';
588 }
589 break;
590 case 'avatar':
591 // Get current avatar image
592 $html = '<br>';
593 $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
594
595 if ($avatarFileUid) {
596 $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
597 $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
598 if ($avatarImage) {
599 $icon = '<span class="avatar"><span class="avatar-image">' .
600 '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
601 ' width="' . (int)$avatarImage->getWidth() . '" ' .
602 'height="' . (int)$avatarImage->getHeight() . '" />' .
603 '</span></span>';
604 $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
605 }
606 }
607 $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
608 'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
609 ' value="' . (int)$avatarFileUid . '" />';
610
611 $html .= '<div class="btn-group">';
612 $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
613 if ($avatarFileUid) {
614 $html .=
615 '<a id="clear_button_' . htmlspecialchars($fieldName) . '" '
616 . 'onclick="clearExistingImage(); return false;" class="btn btn-default">'
617 . $iconFactory->getIcon('actions-delete', Icon::SIZE_SMALL)
618 . '</a>';
619 }
620 $html .=
621 '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar"'
622 . ' onclick="openFileBrowser();return false;">'
623 . $iconFactory->getIcon('actions-insert-record', Icon::SIZE_SMALL)
624 . '</a></div>';
625
626 $this->addAvatarButtonJs($fieldName);
627 break;
628 default:
629 $html = '';
630 }
631
632 $code[] = '<div class="form-section"><div class="row"><div class="form-group col-md-12">' .
633 $label .
634 $html .
635 '</div></div></div>';
636 }
637
638 $result[] = array(
639 'label' => $tabLabel,
640 'content' => count($code) ? implode(LF, $code) : ''
641 );
642 return $result;
643 }
644
645 /******************************
646 *
647 * Helper functions
648 *
649 ******************************/
650 /**
651 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
652 * Anyway: The REAL user is returned - the one logged in.
653 *
654 * @return BackendUserAuthentication The REAL user is returned - the one logged in.
655 */
656 protected function getRealScriptUserObj()
657 {
658 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
659 }
660
661 /**
662 * Return a select with available languages
663 *
664 * @param array $params
665 *
666 * @return string Complete select as HTML string or warning box if something went wrong.
667 */
668 public function renderLanguageSelect($params)
669 {
670 $languageOptions = array();
671 // Compile the languages dropdown
672 $langDefault = $this->getLanguageService()->getLL('lang_default', true);
673 $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
674 // Traverse the number of languages
675 /** @var $locales \TYPO3\CMS\Core\Localization\Locales */
676 $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
677 $languages = $locales->getLanguages();
678 foreach ($languages as $locale => $name) {
679 if ($locale !== 'default') {
680 $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
681 $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
682 if ($localizedName === '') {
683 $localizedName = htmlspecialchars($name);
684 }
685 $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
686 $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
687 if ($available) {
688 $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
689 }
690 }
691 }
692 ksort($languageOptions);
693 $languageCode = '
694 <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
695 </select>';
696 if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
697 // TODO: The text constants have to be moved into language files
698 $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed.&nbsp;&nbsp;<br />&nbsp;&nbsp;' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
699 $languageCode = '<br /><span class="label label-danger">' . $languageUnavailableWarning . '</span><br /><br />' . $languageCode;
700 }
701 return $languageCode;
702 }
703
704 /**
705 * Returns a select with all modules for startup
706 *
707 * @param array $params
708 * @param SetupModuleController $pObj
709 *
710 * @return string Complete select as HTML string
711 */
712 public function renderStartModuleSelect($params, $pObj)
713 {
714 // Load available backend modules
715 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
716 $this->loadModules->observeWorkspaces = true;
717 $this->loadModules->load($GLOBALS['TBE_MODULES']);
718 $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
719 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
720 if (!empty($modData['sub']) && is_array($modData['sub'])) {
721 $modules = '';
722 foreach ($modData['sub'] as $subData) {
723 $modName = $subData['name'];
724 $modules .= '<option value="' . htmlspecialchars($modName) . '"';
725 $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
726 $modules .= '>' . $this->getLanguageService()->sL($this->loadModules->getLabelsForModule($modName)['title'], true) . '</option>';
727 }
728 $groupLabel = $this->getLanguageService()->sL($this->loadModules->getLabelsForModule($mainMod)['title'], true);
729 $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
730 }
731 }
732 return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
733 }
734
735 /**
736 * Will make the simulate-user selector if the logged in user is administrator.
737 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
738 *
739 * @return void
740 */
741 public function simulateUser()
742 {
743 // If admin, allow simulation of another user
744 $this->simUser = 0;
745 $this->simulateSelector = '';
746 unset($this->OLD_BE_USER);
747 if ($this->getBackendUser()->isAdmin()) {
748 $this->simUser = (int)GeneralUtility::_GP('simUser');
749 // Make user-selector:
750 $db = $this->getDatabaseConnection();
751 $where = 'AND username NOT LIKE ' . $db->fullQuoteStr($db->escapeStrForLike('_cli_', 'be_users') . '%', 'be_users');
752 $where .= ' AND uid <> ' . (int)$this->getBackendUser()->user['uid'] . BackendUtility::BEenableFields('be_users');
753 $users = BackendUtility::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', $where);
754 $opt = array();
755 foreach ($users as $rr) {
756 $label = $rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '');
757 $opt[] = '<option value="' . (int)$rr['uid'] . '"' . ($this->simUser === (int)$rr['uid'] ? ' selected="selected"' : '') . '>' . htmlspecialchars($label) . '</option>';
758 }
759 if (!empty($opt)) {
760 $this->simulateSelector = '<select id="field_simulate" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
761 }
762 }
763 // This can only be set if the previous code was executed.
764 if ($this->simUser > 0) {
765 // Save old user...
766 $this->OLD_BE_USER = $this->getBackendUser();
767 unset($GLOBALS['BE_USER']);
768 // Unset current
769 // New backend user object
770 $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
771 $BE_USER->setBeUserByUid($this->simUser);
772 $BE_USER->fetchGroupData();
773 $BE_USER->backendSetUC();
774 // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
775 $GLOBALS['BE_USER'] = $BE_USER;
776 }
777 }
778
779 /**
780 * Render simulate user select and label
781 *
782 * @return string
783 */
784 protected function renderSimulateUserSelectAndLabel()
785 {
786 if ($this->simulateSelector === '') {
787 return '';
788 }
789
790 return '<p>'
791 . '<label for="field_simulate" style="margin-right: 20px;">'
792 . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate'))
793 . '</label>'
794 . $this->simulateSelector
795 . '</p>';
796 }
797
798 /**
799 * Returns access check (currently only "admin" is supported)
800 *
801 * @param array $config Configuration of the field, access mode is defined in key 'access'
802 * @return bool Whether it is allowed to modify the given field
803 */
804 protected function checkAccess(array $config)
805 {
806 $access = $config['access'];
807
808 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
809 if (class_exists($access)) {
810 $accessObject = GeneralUtility::makeInstance($access);
811 if (method_exists($accessObject, 'accessLevelCheck')) {
812 // Initialize vars. If method fails, $set will be set to FALSE
813 return $accessObject->accessLevelCheck($config);
814 }
815 }
816 } elseif ($access == 'admin') {
817 return $this->isAdmin;
818 }
819
820 return false;
821 }
822
823 /**
824 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
825 *
826 * @param string $str Locallang key
827 * @param string $key Alternative override-config key
828 * @param bool $addLabelTag Defines whether the string should be wrapped in a <label> tag.
829 * @param string $altLabelTagId Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
830 * @return string HTML output.
831 */
832 protected function getLabel($str, $key = '', $addLabelTag = true, $altLabelTagId = '')
833 {
834 if (substr($str, 0, 4) === 'LLL:') {
835 $out = htmlspecialchars($this->getLanguageService()->sL($str));
836 } else {
837 $out = htmlspecialchars($str);
838 }
839 if (isset($this->overrideConf[$key ?: $str])) {
840 $out = '<span style="color:#999999">' . $out . '</span>';
841 }
842 if ($addLabelTag) {
843 $out = '<label>' . $out . '</label>';
844 }
845 return $out;
846 }
847
848 /**
849 * Returns the CSH Icon for given string
850 *
851 * @param string $str Locallang key
852 * @param string $label The label to be used, that should be wrapped in help
853 * @return string HTML output.
854 */
855 protected function getCSH($str, $label)
856 {
857 $context = '_MOD_user_setup';
858 $field = $str;
859 $strParts = explode(':', $str);
860 if (count($strParts) > 1) {
861 // Setting comes from another extension
862 $context = $strParts[0];
863 $field = $strParts[1];
864 } elseif ($str !== 'language' && $str !== 'simuser' && $str !== 'reset') {
865 $field = 'option_' . $str;
866 }
867 return BackendUtility::wrapInHelp($context, $field, $label);
868 }
869
870 /**
871 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
872 *
873 * @return array Array with fieldnames visible in form
874 */
875 protected function getFieldsFromShowItem()
876 {
877 return GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
878 }
879
880 /**
881 * Get Avatar fileUid
882 *
883 * @param int $beUserId
884 * @return int
885 */
886 protected function getAvatarFileUid($beUserId)
887 {
888 $file = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
889 'uid_local',
890 'sys_file_reference',
891 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
892 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId .
893 BackendUtility::BEenableFields('sys_file_reference') . BackendUtility::deleteClause('sys_file_reference')
894 );
895 return $file ? $file['uid_local'] : 0;
896 }
897
898 /**
899 * Set avatar fileUid for backend user
900 *
901 * @param int $beUserId
902 * @param int $fileUid
903 * @param array $storeRec
904 */
905 protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
906 {
907
908 // Update is only needed when new fileUid is set
909 if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
910 return;
911 }
912
913 // Delete old file reference
914 $this->getDatabaseConnection()->exec_DELETEquery(
915 'sys_file_reference',
916 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
917 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId
918 );
919
920 // Create new reference
921 if ($fileUid) {
922
923 // Get file object
924 try {
925 $file = ResourceFactory::getInstance()->getFileObject($fileUid);
926 } catch (FileDoesNotExistException $e) {
927 $file = false;
928 }
929
930 // Check if user is allowed to use the image (only when not in simulation mode)
931 if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
932 $file = false;
933 }
934
935 // Check if extension is allowed
936 if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
937
938 // Create new file reference
939 $storeRec['sys_file_reference']['NEW1234'] = array(
940 'uid_local' => (int)$fileUid,
941 'uid_foreign' => (int)$beUserId,
942 'tablenames' => 'be_users',
943 'fieldname' => 'avatar',
944 'pid' => 0,
945 'table_local' => 'sys_file',
946 );
947 $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
948 }
949 }
950 }
951
952 /**
953 * Add JavaScript to for browse files button
954 *
955 * @param string $fieldName
956 */
957 protected function addAvatarButtonJs($fieldName)
958 {
959 $this->moduleTemplate->addJavaScriptCode('avatar-button', '
960 var browserWin="";
961
962 function openFileBrowser() {
963 var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
964 browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
965 browserWin.focus();
966 }
967
968 function clearExistingImage() {
969 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#image_' . htmlspecialchars($fieldName)) . ').hide();
970 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#clear_button_' . htmlspecialchars($fieldName)) . ').hide();
971 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(\'\');
972 }
973
974 function setFileUid(field, value, fileUid) {
975 clearExistingImage();
976 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#field_' . htmlspecialchars($fieldName)) . ').val(fileUid);
977 TYPO3.jQuery(' . GeneralUtility::quoteJSvalue('#add_button_' . htmlspecialchars($fieldName)) . ').removeClass(\'btn-default\').addClass(\'btn-info\');
978
979 browserWin.close();
980 }
981 ');
982 }
983
984 /**
985 * Returns the current BE user.
986 *
987 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
988 */
989 protected function getBackendUser()
990 {
991 return $GLOBALS['BE_USER'];
992 }
993
994 /**
995 * Returns LanguageService
996 *
997 * @return \TYPO3\CMS\Lang\LanguageService
998 */
999 protected function getLanguageService()
1000 {
1001 return $GLOBALS['LANG'];
1002 }
1003
1004 /**
1005 * @return DatabaseConnection
1006 */
1007 protected function getDatabaseConnection()
1008 {
1009 return $GLOBALS['TYPO3_DB'];
1010 }
1011
1012 /**
1013 * Add FlashMessages for various actions
1014 *
1015 * @return void
1016 */
1017 protected function addFlashMessages()
1018 {
1019 $flashMessages = [];
1020
1021 // Show if setup was saved
1022 if ($this->setupIsUpdated && !$this->settingsAreResetToDefault) {
1023 $flashMessages[] = $this->getFlashMessage('setupWasUpdated', 'UserSettings');
1024 }
1025
1026 // Show if temporary data was cleared
1027 if ($this->settingsAreResetToDefault) {
1028 $flashMessages[] = $this->getFlashMessage('settingsAreReset', 'resetConfiguration');
1029 }
1030
1031 // Notice
1032 if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
1033 $flashMessages[] = $this->getFlashMessage('activateChanges', '', FlashMessage::INFO);
1034 }
1035
1036 // If password is updated, output whether it failed or was OK.
1037 if ($this->passwordIsSubmitted) {
1038 $flashMessage = null;
1039 switch ($this->passwordIsUpdated) {
1040 case self::PASSWORD_OLD_WRONG:
1041 $flashMessages[] = $this->getFlashMessage('oldPassword_failed', 'newPassword', FlashMessage::ERROR);
1042 break;
1043 case self::PASSWORD_NOT_THE_SAME:
1044 $flashMessages[] = $this->getFlashMessage('newPassword_failed', 'newPassword', FlashMessage::ERROR);
1045 break;
1046 case self::PASSWORD_UPDATED:
1047 $flashMessages[] = $this->getFlashMessage('newPassword_ok', 'newPassword');
1048 break;
1049 }
1050 }
1051 if (!empty($flashMessages)) {
1052 $this->enqueueFlashMessages($flashMessages);
1053 }
1054 }
1055
1056 /**
1057 * @param array $flashMessages
1058 * @throws \TYPO3\CMS\Core\Exception
1059 * @return void
1060 */
1061 protected function enqueueFlashMessages(array $flashMessages)
1062 {
1063 $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
1064 $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
1065 foreach ($flashMessages as $flashMessage) {
1066 $defaultFlashMessageQueue->enqueue($flashMessage);
1067 }
1068 }
1069
1070 /**
1071 * @param string $message
1072 * @param string $title
1073 * @param int $severity
1074 * @return FlashMessage
1075 */
1076 protected function getFlashMessage($message, $title, $severity = FlashMessage::OK)
1077 {
1078 $title = !empty($title) ? $this->getLanguageService()->getLL($title) : ' ';
1079 return GeneralUtility::makeInstance(
1080 FlashMessage::class,
1081 $this->getLanguageService()->getLL($message),
1082 $title,
1083 $severity
1084 );
1085 }
1086 }