523a56ed4450a137f96f52bc4ec745f1342d7c93
[Packages/TYPO3.CMS.git] / typo3 / sysext / fluid / Classes / ViewHelpers / FormViewHelper.php
1 <?php
2
3 /* *
4 * This script belongs to the FLOW3 package "Fluid". *
5 * *
6 * It is free software; you can redistribute it and/or modify it under *
7 * the terms of the GNU General Public License as published by the Free *
8 * Software Foundation, either version 3 of the License, or (at your *
9 * option) any later version. *
10 * *
11 * This script is distributed in the hope that it will be useful, but *
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHAN- *
13 * TABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General *
14 * Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with the script. *
18 * If not, see http://www.gnu.org/licenses/gpl.html *
19 * *
20 * The TYPO3 project - inspiring people to share! *
21 * */
22
23 /**
24 */
25
26 /**
27 * Form view helper. Generates a <form> Tag.
28 *
29 * = Basic usage =
30 *
31 * Use <f:form> to output an HTML <form> tag which is targeted at the specified action, in the current controller and package.
32 * It will submit the form data via a POST request. If you want to change this, use method="get" as an argument.
33 * <code title="Example">
34 * <f:form action="...">...</f:form>
35 * </code>
36 *
37 * = A complex form with a specified encoding type =
38 *
39 * <code title="Form with enctype set">
40 * <f:form action=".." controller="..." package="..." enctype="multipart/form-data">...</f:form>
41 * </code>
42 *
43 * = A Form which should render a domain object =
44 *
45 * <code title="Binding a domain object to a form">
46 * <f:form action="..." name="customer" object="{customer}">
47 * <f:form.hidden property="id" />
48 * <f:form.textbox property="name" />
49 * </f:form>
50 * </code>
51 * This automatically inserts the value of {customer.name} inside the textbox and adjusts the name of the textbox accordingly.
52 *
53 * @license http://opensource.org/licenses/gpl-license.php GNU Public License, version 2
54 */
55 class Tx_Fluid_ViewHelpers_FormViewHelper extends Tx_Fluid_ViewHelpers_Form_AbstractFormViewHelper {
56
57 /**
58 * @var string
59 */
60 protected $tagName = 'form';
61
62 /**
63 * @var Tx_Extbase_Security_Channel_RequestHashService
64 */
65 protected $requestHashService;
66
67 /**
68 * @var Tx_Extbase_Service_ExtensionService
69 */
70 protected $extensionService;
71
72 /**
73 * We need the arguments of the formActionUri on requesthash calculation
74 * therefore we will store them in here right after calling uriBuilder
75 *
76 * @var array
77 */
78 protected $formActionUriArguments;
79
80 /**
81 * Inject a request hash service
82 *
83 * @param Tx_Extbase_Security_Channel_RequestHashService $requestHashService The request hash service
84 * @return void
85 * @author Sebastian Kurfürst <sebastian@typo3.org>
86 */
87 public function injectRequestHashService(Tx_Extbase_Security_Channel_RequestHashService $requestHashService) {
88 $this->requestHashService = $requestHashService;
89 }
90
91 /**
92 * @param Tx_Extbase_Service_ExtensionService $extensionService
93 * @return void
94 */
95 public function injectExtensionService(Tx_Extbase_Service_ExtensionService $extensionService) {
96 $this->extensionService = $extensionService;
97 }
98
99 /**
100 * Initialize arguments.
101 *
102 * @return void
103 */
104 public function initializeArguments() {
105 $this->registerTagAttribute('enctype', 'string', 'MIME type with which the form is submitted');
106 $this->registerTagAttribute('method', 'string', 'Transfer type (GET or POST)');
107 $this->registerTagAttribute('name', 'string', 'Name of form');
108 $this->registerTagAttribute('onreset', 'string', 'JavaScript: On reset of the form');
109 $this->registerTagAttribute('onsubmit', 'string', 'JavaScript: On submit of the form');
110
111 $this->registerUniversalTagAttributes();
112 }
113
114 /**
115 * Render the form.
116 *
117 * @param string $action Target action
118 * @param array $arguments Arguments
119 * @param string $controller Target controller
120 * @param string $extensionName Target Extension Name (without "tx_" prefix and no underscores). If NULL the current extension name is used
121 * @param string $pluginName Target plugin. If empty, the current plugin name is used
122 * @param integer $pageUid Target page uid
123 * @param mixed $object Object to use for the form. Use in conjunction with the "property" attribute on the sub tags
124 * @param integer $pageType Target page type
125 * @param boolean $noCache set this to disable caching for the target page. You should not need this.
126 * @param boolean $noCacheHash set this to supress the cHash query parameter created by TypoLink. You should not need this.
127 * @param string $section The anchor to be added to the action URI (only active if $actionUri is not set)
128 * @param string $format The requested format (e.g. ".html") of the target page (only active if $actionUri is not set)
129 * @param array $additionalParams additional action URI query parameters that won't be prefixed like $arguments (overrule $arguments) (only active if $actionUri is not set)
130 * @param boolean $absolute If set, an absolute action URI is rendered (only active if $actionUri is not set)
131 * @param boolean $addQueryString If set, the current query parameters will be kept in the action URI (only active if $actionUri is not set)
132 * @param array $argumentsToBeExcludedFromQueryString arguments to be removed from the action URI. Only active if $addQueryString = TRUE and $actionUri is not set
133 * @param string $fieldNamePrefix Prefix that will be added to all field names within this form. If not set the prefix will be tx_yourExtension_plugin
134 * @param string $actionUri can be used to overwrite the "action" attribute of the form tag
135 * @param string $objectName name of the object that is bound to this form. If this argument is not specified, the name attribute of this form is used to determine the FormObjectName
136 * @return string rendered form
137 */
138 public function render($action = NULL, array $arguments = array(), $controller = NULL, $extensionName = NULL, $pluginName = NULL, $pageUid = NULL, $object = NULL, $pageType = 0, $noCache = FALSE, $noCacheHash = FALSE, $section = '', $format = '', array $additionalParams = array(), $absolute = FALSE, $addQueryString = FALSE, array $argumentsToBeExcludedFromQueryString = array(), $fieldNamePrefix = NULL, $actionUri = NULL, $objectName = NULL) {
139 $this->setFormActionUri();
140
141 if (strtolower($this->arguments['method']) === 'get') {
142 $this->tag->addAttribute('method', 'get');
143 } else {
144 $this->tag->addAttribute('method', 'post');
145 }
146
147 $this->addFormObjectNameToViewHelperVariableContainer();
148 $this->addFormObjectToViewHelperVariableContainer();
149 $this->addFieldNamePrefixToViewHelperVariableContainer();
150 $this->addFormFieldNamesToViewHelperVariableContainer();
151
152 $formContent = $this->renderChildren();
153
154 $content = chr(10) . '<div style="display: none">';
155 $content .= $this->renderHiddenIdentityField($this->arguments['object'], $this->getFormObjectName());
156 $content .= $this->renderAdditionalIdentityFields();
157 $content .= $this->renderHiddenReferrerFields();
158 $content .= $this->renderRequestHashField(); // Render hmac after everything else has been rendered
159 $content .= chr(10) . '</div>' . chr(10);
160 $content .= $formContent;
161
162 $this->tag->setContent($content);
163
164 $this->removeFieldNamePrefixFromViewHelperVariableContainer();
165 $this->removeFormObjectFromViewHelperVariableContainer();
166 $this->removeFormObjectNameFromViewHelperVariableContainer();
167 $this->removeFormFieldNamesFromViewHelperVariableContainer();
168 $this->removeCheckboxFieldNamesFromViewHelperVariableContainer();
169
170 return $this->tag->render();
171 }
172
173 /**
174 * Sets the "action" attribute of the form tag
175 *
176 * @return void
177 */
178 protected function setFormActionUri() {
179 if ($this->arguments->hasArgument('actionUri')) {
180 $formActionUri = $this->arguments['actionUri'];
181 } else {
182 $uriBuilder = $this->controllerContext->getUriBuilder();
183 $formActionUri = $uriBuilder
184 ->reset()
185 ->setTargetPageUid($this->arguments['pageUid'])
186 ->setTargetPageType($this->arguments['pageType'])
187 ->setNoCache($this->arguments['noCache'])
188 ->setUseCacheHash(!$this->arguments['noCacheHash'])
189 ->setSection($this->arguments['section'])
190 ->setCreateAbsoluteUri($this->arguments['absolute'])
191 ->setArguments((array)$this->arguments['additionalParams'])
192 ->setAddQueryString($this->arguments['addQueryString'])
193 ->setArgumentsToBeExcludedFromQueryString((array)$this->arguments['argumentsToBeExcludedFromQueryString'])
194 ->setFormat($this->arguments['format'])
195 ->uriFor($this->arguments['action'], $this->arguments['arguments'], $this->arguments['controller'], $this->arguments['extensionName'], $this->arguments['pluginName']);
196 $this->formActionUriArguments = $uriBuilder->getArguments();
197 }
198 $this->tag->addAttribute('action', $formActionUri);
199 }
200
201 /**
202 * Render additional identity fields which were registered by form elements.
203 * This happens if a form field is defined like property="bla.blubb" - then we might need an identity property for the sub-object "bla".
204 *
205 * @return string HTML-string for the additional identity properties
206 * @author Sebastian Kurfürst <sebastian@typo3.org>
207 */
208 protected function renderAdditionalIdentityFields() {
209 if ($this->viewHelperVariableContainer->exists('Tx_Fluid_ViewHelpers_FormViewHelper', 'additionalIdentityProperties')) {
210 $additionalIdentityProperties = $this->viewHelperVariableContainer->get('Tx_Fluid_ViewHelpers_FormViewHelper', 'additionalIdentityProperties');
211 $output = '';
212 foreach ($additionalIdentityProperties as $identity) {
213 $output .= chr(10) . $identity;
214 }
215 return $output;
216 }
217 return '';
218 }
219
220 /**
221 * Renders hidden form fields for referrer information about
222 * the current controller and action.
223 *
224 * @return string Hidden fields with referrer information
225 * @todo filter out referrer information that is equal to the target (e.g. same packageKey)
226 */
227 protected function renderHiddenReferrerFields() {
228 $request = $this->controllerContext->getRequest();
229 $extensionName = $request->getControllerExtensionName();
230 $controllerName = $request->getControllerName();
231 $actionName = $request->getControllerActionName();
232
233 $result = chr(10);
234 $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[extensionName]') . '" value="' . $extensionName . '" />' . chr(10);
235 $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[controllerName]') . '" value="' . $controllerName . '" />' . chr(10);
236 $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[actionName]') . '" value="' . $actionName . '" />' . chr(10);
237 return $result;
238 }
239
240 /**
241 * Adds the form object name to the ViewHelperVariableContainer if "objectName" argument or "name" attribute is specified.
242 *
243 * @return void
244 */
245 protected function addFormObjectNameToViewHelperVariableContainer() {
246 $formObjectName = $this->getFormObjectName();
247 if ($formObjectName !== NULL) {
248 $this->viewHelperVariableContainer->add('Tx_Fluid_ViewHelpers_FormViewHelper', 'formObjectName', $formObjectName);
249 }
250 }
251
252 /**
253 * Removes the form name from the ViewHelperVariableContainer.
254 *
255 * @return void
256 */
257 protected function removeFormObjectNameFromViewHelperVariableContainer() {
258 $formObjectName = $this->getFormObjectName();
259 if ($formObjectName !== NULL) {
260 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_FormViewHelper', 'formObjectName');
261 }
262 }
263
264 /**
265 * Returns the name of the object that is bound to this form.
266 * If the "objectName" argument has been specified, this is returned. Otherwise the name attribute of this form.
267 * If neither objectName nor name arguments have been set, NULL is returned.
268 *
269 * @return string specified Form name or NULL if neither $objectName nor $name arguments have been specified
270 * @author Bastian Waidelich <bastian@typo3.org>
271 */
272 protected function getFormObjectName() {
273 $formObjectName = NULL;
274 if ($this->arguments->hasArgument('objectName')) {
275 $formObjectName = $this->arguments['objectName'];
276 } elseif ($this->arguments->hasArgument('name')) {
277 $formObjectName = $this->arguments['name'];
278 }
279 return $formObjectName;
280 }
281 /**
282 * Adds the object that is bound to this form to the ViewHelperVariableContainer if the formObject attribute is specified.
283 *
284 * @return void
285 */
286 protected function addFormObjectToViewHelperVariableContainer() {
287 if ($this->arguments->hasArgument('object')) {
288 $this->viewHelperVariableContainer->add('Tx_Fluid_ViewHelpers_FormViewHelper', 'formObject', $this->arguments['object']);
289 $this->viewHelperVariableContainer->add('Tx_Fluid_ViewHelpers_FormViewHelper', 'additionalIdentityProperties', array());
290 }
291 }
292
293 /**
294 * Removes the form object from the ViewHelperVariableContainer.
295 *
296 * @return void
297 */
298 protected function removeFormObjectFromViewHelperVariableContainer() {
299 if ($this->arguments->hasArgument('object')) {
300 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_FormViewHelper', 'formObject');
301 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_FormViewHelper', 'additionalIdentityProperties');
302 }
303 }
304
305 /**
306 * Adds the field name prefix to the ViewHelperVariableContainer
307 *
308 * @return void
309 */
310 protected function addFieldNamePrefixToViewHelperVariableContainer() {
311 $fieldNamePrefix = $this->getFieldNamePrefix();
312 $this->viewHelperVariableContainer->add('Tx_Fluid_ViewHelpers_FormViewHelper', 'fieldNamePrefix', $fieldNamePrefix);
313 }
314
315 /**
316 * Get the field name prefix
317 *
318 * @return string
319 */
320 protected function getFieldNamePrefix() {
321 if ($this->arguments->hasArgument('fieldNamePrefix')) {
322 return $this->arguments['fieldNamePrefix'];
323 } else {
324 return $this->getDefaultFieldNamePrefix();
325 }
326 }
327
328 /**
329 * Removes field name prefix from the ViewHelperVariableContainer
330 *
331 * @return void
332 */
333 protected function removeFieldNamePrefixFromViewHelperVariableContainer() {
334 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_FormViewHelper', 'fieldNamePrefix');
335 }
336
337 /**
338 * Adds a container for form field names to the ViewHelperVariableContainer
339 *
340 * @return void
341 * @author Sebastian Kurfürst <sebastian@typo3.org>
342 */
343 protected function addFormFieldNamesToViewHelperVariableContainer() {
344 $this->viewHelperVariableContainer->add('Tx_Fluid_ViewHelpers_FormViewHelper', 'formFieldNames', array());
345 }
346
347 /**
348 * Removes the container for form field names from the ViewHelperVariableContainer
349 *
350 * @return void
351 * @author Sebastian Kurfürst <sebastian@typo3.org>
352 */
353 protected function removeFormFieldNamesFromViewHelperVariableContainer() {
354 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_FormViewHelper', 'formFieldNames');
355 }
356
357 /**
358 * Render the request hash field
359 *
360 * @return string the hmac field
361 * @author Sebastian Kurfürst <sebastian@typo3.org>
362 */
363 protected function renderRequestHashField() {
364 $formFieldNames = $this->viewHelperVariableContainer->get('Tx_Fluid_ViewHelpers_FormViewHelper', 'formFieldNames');
365 $this->postProcessUriArgumentsForRequesthash($this->formActionUriArguments, $formFieldNames);
366 $requestHash = $this->requestHashService->generateRequestHash($formFieldNames, $this->getFieldNamePrefix());
367 // in v4, we need to prefix __hmac as well to make it show up in the request object.
368 return '<input type="hidden" name="' . $this->prefixFieldName('__hmac') . '" value="' . htmlspecialchars($requestHash) . '" />';
369 }
370
371 /**
372 * Add the URI arguments after postprocessing to the request hash as well.
373 */
374 protected function postProcessUriArgumentsForRequestHash($arguments, &$results, $currentPrefix = '', $level = 0) {
375 if (!count($arguments)) return;
376 foreach ($arguments as $argumentName => $argumentValue) {
377 if (is_array($argumentValue)) {
378 $prefix = ($level==0 ? $argumentName : $currentPrefix . '[' . $argumentName . ']');
379 $this->postProcessUriArgumentsForRequestHash($argumentValue, $results, $prefix, $level+1);
380 } else {
381 $results[] = ($level==0 ? $argumentName : $currentPrefix . '[' . $argumentName . ']');
382 }
383 }
384 }
385
386 /**
387 * Retrieves the default field name prefix for this form
388 *
389 * @return string default field name prefix
390 */
391 protected function getDefaultFieldNamePrefix() {
392 $request = $this->controllerContext->getRequest();
393 if ($this->arguments->hasArgument('extensionName')) {
394 $extensionName = $this->arguments['extensionName'];
395 } else {
396 $extensionName = $request->getControllerExtensionName();
397 }
398 if ($this->arguments->hasArgument('pluginName')) {
399 $pluginName = $this->arguments['pluginName'];
400 } else {
401 $pluginName = $request->getPluginName();
402 }
403 if ($extensionName !== NULL && $pluginName != NULL) {
404 return $this->extensionService->getPluginNamespace($extensionName, $pluginName);
405 } else {
406 return '';
407 }
408 }
409
410 /**
411 * Remove Checkbox field names from ViewHelper variable container, to start from scratch when a new form starts.
412 */
413 protected function removeCheckboxFieldNamesFromViewHelperVariableContainer() {
414 if ($this->viewHelperVariableContainer->exists('Tx_Fluid_ViewHelpers_Form_CheckboxViewHelper', 'checkboxFieldNames')) {
415 $this->viewHelperVariableContainer->remove('Tx_Fluid_ViewHelpers_Form_CheckboxViewHelper', 'checkboxFieldNames');
416 }
417 }
418 }
419
420 ?>