projects / Packages / TYPO3.CMS.git / blob
? search:


61ca4db3f10665f7ce9b959fcd68b7499860c88c
[Packages/TYPO3.CMS.git] / typo3 / sysext / sys_action / task / class.tx_sysaction_task.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2010 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * (c) 2010 Georg Ringer <typo3@ringerge.org>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 *
18 * This script is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * This copyright notice MUST APPEAR in all copies of the script!
24 ***************************************************************/
25
26
27 /**
28 * This class provides a task for the taskcenter
29 *
30 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
31 * @author Georg Ringer <typo3@ringerge.org>
32 * @package TYPO3
33 * @subpackage tx_sysaction
34 *
35 */
36 class tx_sysaction_task implements tx_taskcenter_Task {
37
38 protected $taskObject;
39 var $t3lib_TCEforms;
40
41 /**
42 * Constructor
43 */
44 public function __construct(SC_mod_user_task_index $taskObject) {
45 $this->taskObject = $taskObject;
46 $GLOBALS['LANG']->includeLLFile('EXT:sys_action/locallang.xml');
47 }
48
49
50 /**
51 * This method renders the task
52 *
53 * @return string The task as HTML
54 */
55 public function getTask() {
56 $content = '';
57 $show = intval(t3lib_div::_GP('show'));
58
59 // if no task selected, render the menu
60 if ($show == 0) {
61 $content .= $this->taskObject->description(
62 $GLOBALS['LANG']->getLL('sys_action'),
63 $GLOBALS['LANG']->getLL('description')
64 );
65
66 $content .= $this->renderActionList();
67 } else {
68 $record = t3lib_BEfunc::getRecord('sys_action', $show);
69
70 // if the action is not found
71 if (count($record) == 0) {
72 $flashMessage = t3lib_div::makeInstance(
73 't3lib_FlashMessage',
74 $GLOBALS['LANG']->getLL('action_error-not-found', TRUE),
75 $GLOBALS['LANG']->getLL('action_error'),
76 t3lib_FlashMessage::ERROR
77 );
78 $content .= $flashMessage->render();
79 } else {
80 // render the task
81 $content .= $this->taskObject->description($record['title'], $record['description']);
82
83 // output depends on the type
84 switch ($record['type']) {
85 case 1:
86 $content .= $this->viewNewBackendUser($record);
87 break;
88 case 2:
89 $content .= $this->viewSqlQuery($record);
90 break;
91 case 3:
92 $content .= $this->viewRecordList($record);
93 break;
94 case 4:
95 $content .= $this->viewEditRecord($record);
96 break;
97 case 5:
98 $content .= $this->viewNewRecord($record);
99 break;
100 default:
101 $flashMessage = t3lib_div::makeInstance(
102 't3lib_FlashMessage',
103 $GLOBALS['LANG']->getLL('action_noType', TRUE),
104 $GLOBALS['LANG']->getLL('action_error'),
105 t3lib_FlashMessage::ERROR
106 );
107 $content .= '<br />' . $flashMessage->render();
108 }
109 }
110 }
111
112 return $content;
113 }
114
115 /**
116 * Gemeral overview over the task in the taskcenter menu
117 *
118 * @return string Overview as HTML
119 */
120 public function getOverview() {
121 $content = '<p>' . $GLOBALS['LANG']->getLL('description') . '</p>';
122
123 // get the actions
124 $actionList = $this->getActions();
125 if (count($actionList) > 0) {
126 $items = '';
127
128 // render a single action menu item
129 foreach ($actionList as $action) {
130 $active = (t3lib_div::_GP('show') === $action['uid']) ? ' class="active" ' : '';
131 $items .= '<li' . $active . '>
132 <a href="' . $action['link'] . '" title="' . htmlspecialchars($action['description']) . '">' .
133 htmlspecialchars($action['title']) .
134 '</a>
135 </li>';
136 }
137 $content .= '<ul>' . $items . '</ul>';
138 }
139
140 return $content;
141 }
142
143 /**
144 * Get all actions of an user. Admins can see any action, all others only those
145 * whic are allowed in sys_action record itself.
146 *
147 * @param boolean $toOverview: If TRUE, the link redirects to the taskcenter
148 * @return array Array holding every needed information of a sys_action
149 */
150 protected function getActions() {
151 $actionList = array();
152
153 // admins can see any record
154 if ($GLOBALS['BE_USER']->isAdmin()) {
155 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
156 '*',
157 'sys_action',
158 '',
159 '',
160 'sys_action.sorting'
161 );
162 } else {
163 // editors can only see the actions which are assigned to a usergroup they belong to
164 $additionalWhere = 'be_groups.uid IN (' . ($GLOBALS['BE_USER']->groupList ? $GLOBALS['BE_USER']->groupList : 0) . ')';
165
166 $res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query(
167 'sys_action.*',
168 'sys_action',
169 'sys_action_asgr_mm',
170 'be_groups',
171 ' AND sys_action.hidden=0 AND ' . $additionalWhere,
172 'sys_action.uid',
173 'sys_action.sorting'
174 );
175 }
176
177 while($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
178 $editActionLink = '';
179
180 // admins are allowed to edit sys_action records
181 if ($GLOBALS['BE_USER']->isAdmin()) {
182 $returnUrl = rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'));
183 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl . '&edit[sys_action][' . $actionRow['uid'] . ']=edit';
184
185 $editActionLink = '<a class="edit" href="' . $link . '">' .
186 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' title="' . $GLOBALS['LANG']->getLL('edit-sys_action') . '" alt="" />' .
187 $GLOBALS['LANG']->getLL('edit-sys_action') .
188 '</a>';
189 }
190
191 $actionList[] = array(
192 'uid' => $actionRow['uid'],
193 'title' => $actionRow['title'],
194 'description' => $actionRow['description'],
195 'descriptionHtml' => nl2br(htmlspecialchars($actionRow['description'])) . $editActionLink,
196 'link' => 'mod.php?M=user_task&SET[function]=sys_action.tx_sysaction_task&show=' . $actionRow['uid'],
197 'icon' => 'EXT:sys_action/sys_action.gif'
198 );
199 }
200 $GLOBALS['TYPO3_DB']->sql_free_result($res);
201
202 return $actionList;
203 }
204
205 /**
206 * Render the menu of sys_actions
207 *
208 * @return string list of sys_actions as HTML
209 */
210 protected function renderActionList() {
211 $content = '';
212
213 // get the sys_action records
214 $actionList = $this->getActions();
215
216 // if any actions are found for the current users
217 if (count($actionList) > 0) {
218 $content .= $this->taskObject->renderListMenu($actionList);
219 } else {
220 $flashMessage = t3lib_div::makeInstance (
221 't3lib_FlashMessage',
222 $GLOBALS['LANG']->getLL('action_not-found-description', TRUE),
223 $GLOBALS['LANG']->getLL('action_not-found'),
224 t3lib_FlashMessage::INFO
225 );
226 $content .= $flashMessage->render();
227 }
228
229 // Admin users can create a new action
230 if ($GLOBALS['BE_USER']->isAdmin()) {
231 $returnUrl = rawurlencode('mod.php?M=user_task');
232 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[sys_action][0]=new';
233
234 $content .= '<br />
235 <a href="' . $link . '" title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '">' .
236 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/new_record.gif') . ' title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '" alt="" /> ' .
237 $GLOBALS['LANG']->getLL('new-sys_action') .
238 '</a>';
239 }
240
241 return $content;
242 }
243
244 /**
245 * Action to create a new BE user
246 *
247 * @param array $record: sys_action record
248 * @return string form to create a new user
249 */
250 protected function viewNewBackendUser($record) {
251 $content = '';
252
253 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
254 // a record is neeed which is used as copy for the new user
255 if (!is_array($beRec)) {
256 $flashMessage = t3lib_div::makeInstance(
257 't3lib_FlashMessage',
258 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
259 $GLOBALS['LANG']->getLL('action_error'),
260 t3lib_FlashMessage::ERROR
261 );
262 $content .= $flashMessage->render();
263
264 return $content;
265 }
266
267 $vars = t3lib_div::_POST('data');
268 $key = 'NEW';
269
270 if ($vars['sent'] == 1) {
271 $errors = array();
272
273 // basic error checks
274 if (!empty($vars['email']) && !t3lib_div::validEmail($vars['email'])) {
275 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-email');
276 }
277 if (empty($vars['username'])) {
278 $errors[] = $GLOBALS['LANG']->getLL('error-username-empty');
279 }
280 if (empty($vars['password'])) {
281 $errors[] = $GLOBALS['LANG']->getLL('error-password-empty');
282 }
283 if ($vars['key'] !== 'NEW' && !$this->isCreatedByUser($vars['key'], $record)) {
284 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-user');
285 }
286
287 // show errors if there are any
288 if (count($errors) > 0) {
289 $flashMessage = t3lib_div::makeInstance (
290 't3lib_FlashMessage',
291 implode('<br />', $errors),
292 $GLOBALS['LANG']->getLL('action_error'),
293 t3lib_FlashMessage::ERROR
294 );
295 $content .= $flashMessage->render() . '<br />';
296 } else {
297 // save user
298 $key = $this->saveNewBackendUser($record, $vars);
299
300 // success messsage
301 $flashMessage = t3lib_div::makeInstance (
302 't3lib_FlashMessage',
303 ($vars['key'] === 'NEW' ? $GLOBALS['LANG']->getLL('success-user-created') : $GLOBALS['LANG']->getLL('success-user-updated')),
304 $GLOBALS['LANG']->getLL('success'),
305 t3lib_FlashMessage::OK
306 );
307 $content .= $flashMessage->render() . '<br />' ;
308 }
309
310 }
311
312 // load BE user to edit
313 if (intval(t3lib_div::_GP('be_users_uid')) > 0) {
314 $tmpUserId = intval(t3lib_div::_GP('be_users_uid'));
315
316 // check if the selected user is created by the current user
317 $rawRecord = $this->isCreatedByUser($tmpUserId, $record);
318 if ($rawRecord) {
319 // delete user
320 if (t3lib_div::_GP('delete') == 1) {
321 $this->deleteUser($tmpUserId, $record['uid']);
322 }
323
324 $key = $tmpUserId;
325 $vars = $rawRecord;
326 }
327 }
328
329 $this->JScode();
330 $loadDB = t3lib_div::makeInstance('t3lib_loadDBGroup');
331 $loadDB->start($vars['db_mountpoints'], 'pages');
332
333 $content .= '<form action="" method="post" enctype="multipart/form-data">
334 <fieldset class="fields">
335 <legend>General fields</legend>
336 <div class="row">
337 <label for="field_disable">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.disable') . '</label>
338 <input type="checkbox" id="field_disable" name="data[disable]" value="1" class="checkbox" ' . ($vars['disable'] == 1 ? ' checked="checked" ' : '') . ' />
339 </div>
340 <div class="row">
341 <label for="field_realname">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.name') . '</label>
342 <input type="text" id="field_realname" name="data[realName]" value="' . htmlspecialchars($vars['realName']) .'" />
343 </div>
344 <div class="row">
345 <label for="field_username">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.username') . '</label>
346 <input type="text" id="field_username" name="data[username]" value="' . htmlspecialchars($vars['username']) .'" />
347 </div>
348 <div class="row">
349 <label for="field_password">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.password') . '</label>
350 <input type="password" id="field_password" name="data[password]" value="" />
351 </div>
352 <div class="row">
353 <label for="field_email">' .$GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.email') . '</label>
354 <input type="text" id="field_email" name="data[email]" value="' . htmlspecialchars($vars['email']) .'" />
355 </div>
356 </fieldset>
357 <fieldset class="fields">
358 <legend>Configuration</legend>
359
360 <div class="row">
361 <label for="field_usergroup">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.usergroup') . '</label>
362 <select id="field_usergroup" name="data[usergroup][]" multiple="multiple">
363 ' . $this->getUsergroups($record, $vars) . '
364 </select>
365 </div>
366 <div class="row">
367 <label for="field_db_mountpoints">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.options_db_mounts') . '</label>
368 ' . $this->t3lib_TCEforms->dbFileIcons('data[db_mountpoints]', 'db', 'pages', $loadDB->itemArray, '', array('size' => 3)) . '
369 </div>
370 <div class="row">
371 <input type="hidden" name="data[key]" value="' . $key . '" />
372 <input type="hidden" name="data[sent]" value="1" />
373 <input type="submit" value="' . ($key === 'NEW' ? $GLOBALS['LANG']->getLL('action_Create') : $GLOBALS['LANG']->getLL('action_Update')) . '" />
374 </div>
375 </fieldset>
376 </form>';
377
378 $content .= $this->getCreatedUsers($record, $key);
379
380 return $content;
381 }
382
383 /**
384 * Delete a BE user and redirect to the action by its id
385 *
386 * @param int $userId: Id of the BE user
387 * @param int $actionId: Id of the action
388 * @return void
389 */
390 protected function deleteUser($userId, $actionId) {
391 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
392 'be_users',
393 'uid=' . $userId,
394 array (
395 'deleted' => 1,
396 'tstamp' => $GLOBALS['ACCESS_TIME']
397 )
398 );
399
400 // redirect to the original task
401 $redirectUrl = 'mod.php?M=user_task&show=' . $actionId;
402 t3lib_utility_Http::redirect($redirectUrl);
403 }
404
405 /**
406 * Check if a BE user is created by the current user
407 *
408 * @param int $id: Id of the BE user
409 * @param array $action: sys_action record.
410 * @return mixed the record of the BE user if found, otherwise FALSE
411 */
412 protected function isCreatedByUser($id, $action) {
413 $record = t3lib_BEfunc::getRecord(
414 'be_users',
415 $id,
416 '*',
417 ' AND cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . $action['uid']
418 );
419
420 if (is_array($record)) {
421 return $record;
422 } else {
423 return FALSE;
424 }
425 }
426
427
428 /**
429 * Render all users who are created by the current BE user including a link to edit the record
430 *
431 * @param array $action: sys_action record.
432 * @param int $selectedUser: Id of a selected user
433 * @return html list of users
434 */
435 protected function getCreatedUsers($action, $selectedUser) {
436 $content = '';
437 $userList = array();
438
439 // List of users
440 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
441 '*',
442 'be_users',
443 'cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . intval($action['uid']) . t3lib_BEfunc::deleteClause('be_users'),
444 '',
445 'username'
446 );
447
448 // render the user records
449 while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
450 $icon = t3lib_iconworks::getSpriteIconForRecord('be_users', $row, array('title' => 'uid=' . $row['uid']));
451 $line = $icon . $this->action_linkUserName($row['username'], $row['realName'], $action['uid'], $row['uid']);
452
453 // selected user
454 if ($row['uid'] == $selectedUser) {
455 $line = '<strong>' . $line . '</strong>';
456 }
457
458 $userList[] = $line;
459 }
460 $GLOBALS['TYPO3_DB']->sql_free_result($res);
461
462 // if any records found
463 if (count($userList)) {
464 $content .= '<br />' . $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t1_listOfUsers'), implode('<br />', $userList));
465 }
466
467 return $content;
468 }
469
470
471 /**
472 * Create a link to edit a user
473 *
474 * @param string $username: Username
475 * @param string $realName: Real name of the user
476 * @param int $sysActionUid: Id of the sys_action record
477 * @param int $userId: Id of the user
478 * @return html link
479 */
480 protected function action_linkUserName($username, $realName, $sysActionUid, $userId) {
481 if (!empty($realName)) {
482 $username .= ' (' . $realName . ')';
483 }
484
485 // link to update the user record
486 $href = 'mod.php?M=user_task&SET[function]=sys_action.tasks&show=' . intval($sysActionUid) . '&be_users_uid=' . intval($userId);
487 $link = '<a href="' . $href . '">' . htmlspecialchars($username) . '</a>';
488
489 // link to delete the user record
490 $onClick = ' onClick="return confirm('.$GLOBALS['LANG']->JScharCode($GLOBALS['LANG']->getLL("lDelete_warning")).');"';
491 $link .= '
492 <a href="' . $href . '&delete=1" ' . $onClick . '>
493 <img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/delete_record.gif') . ' alt="" />
494 </a>';
495 return $link;
496 }
497
498 /**
499 * Save/Update a BE user
500 *
501 * @param array $record: Current action record
502 * @param array $vars: POST vars
503 * @return int Id of the new/updated user
504 */
505 protected function saveNewBackendUser($record, $vars) {
506 // check if the db mount is a page the current user is allowed to.);
507 $vars['db_mountpoints'] = $this->fixDbMount($vars['db_mountpoints']);
508 // check if the usergroup is allowed
509 $vars['usergroup'] = $this->fixUserGroup($vars['usergroup'], $record);
510 // check if md5 is used as password encryption
511 if (strpos($GLOBALS['TCA']['be_users']['columns']['password']['config']['eval'], 'md5') !== FALSE) {
512 $vars['password'] = md5($vars['password']);
513 }
514
515 $key = $vars['key'];
516 $data = '';
517 $newUserId = 0;
518
519 if ($key === 'NEW') {
520 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
521 if (is_array($beRec)) {
522 $data = array();
523 $data['be_users'][$key] = $beRec;
524 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
525 $data['be_users'][$key]['password'] = (trim($vars['password']));
526 $data['be_users'][$key]['realName'] = $vars['realName'];
527 $data['be_users'][$key]['email'] = $vars['email'];
528 $data['be_users'][$key]['disable'] = intval($vars['disable']);
529 $data['be_users'][$key]['admin'] = 0;
530 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
531 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
532 $data['be_users'][$key]['createdByAction'] = $record['uid'];
533 }
534 } else {
535 // check ownership
536 $beRec = t3lib_BEfunc::getRecord('be_users', intval($key));
537 if (is_array($beRec) && $beRec['cruser_id'] == $GLOBALS['BE_USER']->user['uid']) {
538 $data=array();
539 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
540 if (trim($vars['password'])) {
541 $data['be_users'][$key]['password'] = (trim($vars['password']));
542 }
543
544 $data['be_users'][$key]['realName'] = $vars['realName'];
545 $data['be_users'][$key]['email'] = $vars['email'];
546 $data['be_users'][$key]['disable'] = intval($vars['disable']);
547 $data['be_users'][$key]['admin'] = 0;
548 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
549 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
550 $newUserId = $key;
551 }
552 }
553
554 // save/update user by using TCEmain
555 if (is_array($data)) {
556 $tce = t3lib_div::makeInstance("t3lib_TCEmain");
557 $tce->stripslashes_values = 0;
558 $tce->start($data, array(), $GLOBALS['BE_USER']);
559 $tce->admin = 1;
560 $tce->process_datamap();
561 $newUserId = intval($tce->substNEWwithIDs['NEW']);
562
563 if ($newUserId) {
564 // Create
565 $this->action_createDir($newUserId);
566 } else {
567 // update
568 $newUserId = intval($key);
569 }
570 unset($tce);
571 }
572 return $newUserId;
573 }
574
575 /**
576 * Create the username based on the given username and the prefix
577 *
578 * @param string $username: username
579 * @param string $prefix: prefix
580 * @return string Combined username
581 */
582 private function fixUsername($username, $prefix) {
583 return trim($prefix) . trim($username);
584 }
585
586 /**
587 * Clean the to be applied usergroups from not allowed ones
588 *
589 * @param array $appliedUsergroups: array of to be applied user groups
590 * @return array Cleaned array
591 */
592 protected function fixUserGroup($appliedUsergroups, $actionRecord) {
593 if (is_array($appliedUsergroups)) {
594 $cleanGroupList = array();
595
596 // create an array from the allowed usergroups using the uid as key
597 $allowedUsergroups = array_flip(explode(',', $actionRecord['t1_allowed_groups']));
598
599 // walk through the array and check every uid if it is undder the allowed ines
600 foreach ($appliedUsergroups as $group) {
601 if (isset($allowedUsergroups[$group])) {
602 $cleanGroupList[] = $group;
603 }
604 }
605 $appliedUsergroups = $cleanGroupList;
606 }
607
608 return $appliedUsergroups;
609 }
610
611 /**
612 * Clean the to be applied DB-Mounts from not allowed ones
613 *
614 * @param string $appliedDbMounts: List of pages like pages_123,pages456
615 * @return string Cleaned list
616 */
617 protected function fixDbMount($appliedDbMounts) {
618 // Admins can see any page, no need to check there
619 if (!empty($appliedDbMounts) && !$GLOBALS['BE_USER']->isAdmin()) {
620 $cleanDbMountList = array();
621 $dbMounts = t3lib_div::trimExplode(',', $appliedDbMounts, 1);
622
623 // walk through every wanted DB-Mount and check if it allowed for the current user
624 foreach ($dbMounts as $dbMount) {
625 $uid = intval(substr($dbMount, (strrpos($dbMount, '_') + 1)));
626 $page = t3lib_BEfunc::getRecord('pages', $uid);
627
628 // check rootline and access rights
629 if ($this->checkRootline($uid) && $GLOBALS['BE_USER']->calcPerms($page)) {
630 $cleanDbMountList[] = 'pages' . $uid;
631 }
632 }
633 // build the clean list
634 $appliedDbMounts = implode(',', $cleanDbMountList);
635 }
636
637 return $appliedDbMounts;
638 }
639
640 /**
641 * Check if a page is inside the rootline the current user can see
642 *
643 * @param int $pageId: Id of the the page to be checked
644 * @return boolean Access to the page
645 */
646 protected function checkRootline($pageId) {
647 $access = FALSE;
648
649 $dbMounts = array_flip(explode(',', trim($GLOBALS['BE_USER']->dataLists['webmount_list'], ',')));
650 $rootline = t3lib_BEfunc::BEgetRootLine($pageId);
651 foreach ($rootline as $page) {
652 if (isset($dbMounts[$page['uid']]) && !$access) {
653 $access = TRUE;
654 }
655 }
656 return $access;
657 }
658
659 /**
660 * Add additional JavaScript to use the tceform select box
661 *
662 * @param int $uid: Id of the user record
663 * @return void
664 */
665 protected function JScode() {
666 $this->t3lib_TCEforms = t3lib_div::makeInstance("t3lib_TCEforms");
667 $this->t3lib_TCEforms->backPath = $GLOBALS['BACK_PATH'];
668 $js = $this->t3lib_TCEforms->dbFileCon();
669 $this->taskObject->doc->JScodeArray[] = $js;
670
671 return $js;
672 }
673
674 /**
675 * Create a user directory if defined
676 *
677 * @param int $uid: Id of the user record
678 * @return void
679 */
680 protected function action_createDir($uid) {
681 $path = $this->action_getUserMainDir();
682 if ($path) {
683 t3lib_div::mkdir($path . $uid);
684 t3lib_div::mkdir($path . $uid . '/_temp_/');
685 }
686 }
687
688 /**
689 * Get the path to the user home directory which is set in the localconf.php
690 *
691 * @return string path
692 */
693 protected function action_getUserMainDir() {
694 $path = $GLOBALS['TYPO3_CONF_VARS']['BE']['userHomePath'];
695
696 // if path is set and a valid directory
697 if ($path && @is_dir($path) &&
698 $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath'] &&
699 t3lib_div::isFirstPartOfStr($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath']) &&
700 substr($path,-1) == '/'
701 ) {
702 return $path;
703 }
704 }
705
706 /**
707 * Get all allowed usergroups which can be applied to a user record
708 *
709 * @param array $record sys_action record
710 * @param array $vars Selected be_user record
711 * @return string rendered user groups
712 */
713 protected function getUsergroups($record, $vars) {
714 $content = '';
715 // do nothing if no groups are allowed
716 if (empty($record['t1_allowed_groups'])) {
717 return $content;
718 }
719
720 $content .= '<option value=""></option>';
721 $grList = t3lib_div::trimExplode(',', $record['t1_allowed_groups'], 1);
722 foreach($grList as $group) {
723 $checkGroup = t3lib_BEfunc::getRecord('be_groups', $group);
724 if (is_array($checkGroup)) {
725 $selected = (is_array($vars['usergroup']) && t3lib_div::inList(implode(',', $vars['usergroup']), $checkGroup['uid'])) ? ' selected="selected" ' : '';
726 $content .= '<option ' . $selected . 'value="' . $checkGroup['uid'] . '">' . htmlspecialchars($checkGroup['title']) . '</option>';
727 }
728 }
729
730 return $content;
731 }
732
733
734 /**
735 * Action to create a new record
736 *
737 * @param array $record: sys_action record
738 * @return redirect to form to create a record
739 */
740 protected function viewNewRecord($record) {
741 $returnUrl = rawurlencode('mod.php?M=user_task');
742 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[' . $record['t3_tables'] . '][' . intval($record['t3_listPid']) . ']=new';
743 t3lib_utility_Http::redirect($link);
744 }
745
746 /**
747 * Action to edit records
748 *
749 * @param array $record: sys_action record
750 * @return string list of records
751 */
752 protected function viewEditRecord($record) {
753 $content = '';
754 $actionList = array();
755
756 $dbAnalysis = t3lib_div::makeInstance('t3lib_loadDBGroup');
757 $dbAnalysis->fromTC = 0;
758 $dbAnalysis->start($record['t4_recordsToEdit'], '*');
759 $dbAnalysis->getFromDB();
760
761 // collect the records
762 foreach ($dbAnalysis->itemArray as $el) {
763 $path = t3lib_BEfunc::getRecordPath ($el['id'], $this->taskObject->perms_clause, $GLOBALS['BE_USER']->uc['titleLen']);
764 $record = t3lib_BEfunc::getRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
765 $title = t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
766 $description = $GLOBALS['LANG']->sL($GLOBALS['TCA'][$el['table']]['ctrl']['title'], 1);
767 if (isset($record['crdate'])) { // @todo: which information could be needfull
768 $description .= ' - ' . t3lib_BEfunc::dateTimeAge($record['crdate']);
769 }
770
771 $actionList[$el['id']] = array(
772 'title' => $title,
773 'description' => t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]),
774 'descriptionHtml' => $description,
775 'link' => $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv("REQUEST_URI")) . '&edit[' . $el['table'] . '][' . $el['id'] . ']=edit',
776 'icon' => t3lib_iconworks::getSpriteIconForRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']], array('title' => htmlspecialchars($path)))
777 );
778 }
779
780 // render the record list
781 $content .= $this->taskObject->renderListMenu($actionList);
782
783 return $content;
784 }
785
786 /**
787 * Action to view the result of a SQL query
788 *
789 * @param array $record: sys_action record
790 * @return string result of the query
791 */
792 protected function viewSqlQuery($record) {
793 $content = '';
794
795 if (t3lib_extMgm::isLoaded('lowlevel')) {
796 $sql_query = unserialize($record['t2_data']);
797
798 if (is_array($sql_query) && strtoupper(substr(trim($sql_query['qSelect']), 0, 6)) == 'SELECT') {
799 $actionContent = '';
800
801 $fullsearch = t3lib_div::makeInstance("t3lib_fullsearch");
802 $fullsearch->formW = 40;
803 $fullsearch->noDownloadB = 1;
804
805 $type = $sql_query['qC']['search_query_makeQuery'];
806 $res = $GLOBALS['TYPO3_DB']->sql_query($sql_query['qSelect']);
807
808 if (!$GLOBALS['TYPO3_DB']->sql_error()) {
809 $fullsearch->formW = 48;
810 // additional configuration
811 $GLOBALS['SOBE']->MOD_SETTINGS['search_result_labels'] = 1;
812 $cP = $fullsearch->getQueryResultCode($type, $res, $sql_query['qC']['queryTable']);
813 $actionContent = $cP['content'];
814
815 // if the result is rendered as csv or xml, show a download link
816 if ($type == 'csv' || $type == 'xml' ) {
817 $actionContent .= '<br /><br /><a href="' . t3lib_div::getIndpEnv('REQUEST_URI') . '&download_file=1"><strong>' . $GLOBALS['LANG']->getLL('action_download_file') . '</strong></a>';
818 }
819 } else {
820 $actionContent .= $GLOBALS['TYPO3_DB']->sql_error();
821 }
822
823 // Admin users are allowed to see and edit the query
824 if ($GLOBALS['BE_USER']->isAdmin()) {
825 $actionContent .= '<hr /> ' . $fullsearch->tableWrap($sql_query['qSelect']);
826 $actionContent .= '<br /><a title="' . $GLOBALS['LANG']->getLL('action_editQuery') . '" href="' . $GLOBALS['BACK_PATH'] . t3lib_extMgm::extRelPath('lowlevel') . 'dbint/index.php?id=' .
827 '&SET[function]=search' .
828 '&SET[search]=query' .
829 '&storeControl[STORE]=-' . $record['uid'] .
830 '&storeControl[LOAD]=1' .
831 '">
832 <img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' alt="" />' .
833 $GLOBALS['LANG']->getLL('action_editQuery') . '</a><br /><br />';
834 }
835
836 $content .= $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t2_result'), $actionContent, 0, 1);
837 } else {
838 // query is not configured
839 $flashMessage = t3lib_div::makeInstance (
840 't3lib_FlashMessage',
841 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
842 $GLOBALS['LANG']->getLL('action_error'),
843 t3lib_FlashMessage::ERROR
844 );
845 $content .= '<br />' . $flashMessage->render();
846 }
847 } else {
848 // required sysext lowlevel is not installed
849 $flashMessage = t3lib_div::makeInstance (
850 't3lib_FlashMessage',
851 $GLOBALS['LANG']->getLL('action_lowlevelMissing', TRUE),
852 $GLOBALS['LANG']->getLL('action_error'),
853 t3lib_FlashMessage::ERROR
854 );
855 $content .= '<br />' . $flashMessage->render();
856 }
857 return $content;
858 }
859
860 /**
861 * Action to create a list of records of a specific table and pid
862 *
863 * @param array $record: sys_action record
864 * @return string list of records
865 */
866 protected function viewRecordList($record) {
867 $content = '';
868
869 $this->id = intval($record['t3_listPid']);
870 $this->table = $record['t3_tables'];
871
872 if ($this->id == 0 || $this->table == '') {
873 $flashMessage = t3lib_div::makeInstance(
874 't3lib_FlashMessage',
875 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
876 $GLOBALS['LANG']->getLL('action_error'),
877 t3lib_FlashMessage::ERROR
878 );
879 $content .= '<br />' . $flashMessage->render();
880
881 return $content;
882 }
883
884 require_once($GLOBALS['BACK_PATH'] . 'class.db_list.inc');
885 require_once($GLOBALS['BACK_PATH'] . 'class.db_list_extra.inc');
886
887 // Loading current page record and checking access:
888 $this->pageinfo = t3lib_BEfunc::readPageAccess($this->id,$this->taskObject->perms_clause);
889 $access = is_array($this->pageinfo) ? 1 : 0;
890
891 // If there is access to the page, then render the list contents and set up the document template object:
892 if ($access) {
893 // Initialize the dblist object:
894 $dblist = t3lib_div::makeInstance('localRecordList');
895 $dblist->script = t3lib_div::getIndpEnv('REQUEST_URI');
896 $dblist->backPath = $GLOBALS['BACK_PATH'];
897 $dblist->calcPerms = $GLOBALS['BE_USER']->calcPerms($this->pageinfo);
898 $dblist->thumbs = $GLOBALS['BE_USER']->uc['thumbnailsByDefault'];
899 $dblist->returnUrl=$this->taskObject->returnUrl;
900 $dblist->allFields = 1;
901 $dblist->localizationView = 1;
902 $dblist->showClipboard = 0;
903 $dblist->disableSingleTableView = 1;
904 $dblist->pageRow = $this->pageinfo;
905 $dblist->counter++;
906 $dblist->MOD_MENU = array('bigControlPanel' => '', 'clipBoard' => '', 'localization' => '');
907 $dblist->modTSconfig = $this->taskObject->modTSconfig;
908 $dblist->dontShowClipControlPanels = $CLIENT['FORMSTYLE'] && !$this->taskObject->MOD_SETTINGS['bigControlPanel'] && $dblist->clipObj->current=='normal' && !$GLOBALS['BE_USER']->uc['disableCMlayers'] && !$this->modTSconfig['properties']['showClipControlPanelsDespiteOfCMlayers'];
909
910 // Initialize the listing object, dblist, for rendering the list:
911 $this->pointer = t3lib_div::intInRange($this->taskObject->pointer,0,100000);
912 $dblist->start($this->id,$this->table,$this->pointer,$this->taskObject->search_field,$this->taskObject->search_levels,$this->taskObject->showLimit);
913 $dblist->setDispFields();
914
915 // Render the list of tables:
916 $dblist->generateList();
917
918 // Add JavaScript functions to the page:
919 $this->taskObject->doc->JScode=$this->taskObject->doc->wrapScriptTags('
920
921 function jumpToUrl(URL) {
922 window.location.href = URL;
923 return false;
924 }
925 function jumpExt(URL,anchor) {
926 var anc = anchor?anchor:"";
927 window.location.href = URL+(T3_THIS_LOCATION?"&returnUrl="+T3_THIS_LOCATION:"")+anc;
928 return false;
929 }
930 function jumpSelf(URL) {
931 window.location.href = URL+(T3_RETURN_URL?"&returnUrl="+T3_RETURN_URL:"");
932 return false;
933 }
934
935 function setHighlight(id) {
936 top.fsMod.recentIds["web"]=id;
937 top.fsMod.navFrameHighlightedID["web"]="pages"+id+"_"+top.fsMod.currentBank; // For highlighting
938
939 if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) {
940 top.content.nav_frame.refresh_nav();
941 }
942 }
943
944 ' . $dblist->CBfunctions() . '
945 function editRecords(table,idList,addParams,CBflag) {
946 window.location.href="' . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) .
947 '&edit["+table+"]["+idList+"]=edit"+addParams;
948 }
949 function editList(table,idList) {
950 var list="";
951
952 // Checking how many is checked, how many is not
953 var pointer=0;
954 var pos = idList.indexOf(",");
955 while (pos!=-1) {
956 if (cbValue(table+"|"+idList.substr(pointer,pos-pointer))) {
957 list+=idList.substr(pointer,pos-pointer)+",";
958 }
959 pointer=pos+1;
960 pos = idList.indexOf(",",pointer);
961 }
962 if (cbValue(table+"|"+idList.substr(pointer))) {
963 list+=idList.substr(pointer)+",";
964 }
965
966 return list ? list : idList;
967 }
968 T3_THIS_LOCATION = "' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) . '";
969
970 if (top.fsMod) top.fsMod.recentIds["web"] = ' . intval($this->id) . ';
971 ');
972
973 // Setting up the context sensitive menu:
974 $this->taskObject->doc->getContextMenuCode();
975
976 // Begin to compile the whole page
977 $content .= '<form action="'.htmlspecialchars($dblist->listURL()).'" method="post" name="dblistForm">' .
978 $dblist->HTMLcode .
979 '<input type="hidden" name="cmd_table" /><input type="hidden" name="cmd" />
980 </form>';
981
982 // If a listing was produced, create the page footer with search form etc:
983 if ($dblist->HTMLcode) {
984 // Making field select box (when extended view for a single table is enabled):
985 if ($dblist->table) {
986 $tmpBackpath = $GLOBALS['BACK_PATH'];
987 $GLOBALS['BACK_PATH'] = '';
988 $content .= $dblist->fieldSelectBox($dblist->table);
989 $GLOBALS['BACK_PATH'] = $tmpBackpath;
990 }
991 }
992 } else {
993 // not enough rights to access the list view or the page
994 $flashMessage = t3lib_div::makeInstance(
995 't3lib_FlashMessage',
996 $GLOBALS['LANG']->getLL('action_error-access', TRUE),
997 $GLOBALS['LANG']->getLL('action_error'),
998 t3lib_FlashMessage::ERROR
999 );
1000 $content .= $flashMessage->render();
1001 }
1002
1003 return $content;
1004 }
1005
1006 }
1007
1008
1009 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']) {
1010 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']);
1011 }
1012
1013 ?>
TYPO3 CMS Core Development