[SECURITY] Add trusted HTTP_HOST configuration
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Messaging / AbstractStandaloneMessage.php
1 <?php
2 namespace TYPO3\CMS\Core\Messaging;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2009-2013 Ingo Renner <ingo@typo3.org>
8 * (c) 2010-2013 Benjamin Mack <benni@typo3.org>
9 * All rights reserved
10 *
11 * This script is part of the TYPO3 project. The TYPO3 project is
12 * free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
16 *
17 * The GNU General Public License can be found at
18 * http://www.gnu.org/copyleft/gpl.html.
19 * A copy is found in the textfile GPL.txt and important notices to the license
20 * from the author is found in LICENSE.txt distributed with these scripts.
21 *
22 *
23 * This script is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
27 *
28 * This copyright notice MUST APPEAR in all copies of the script!
29 ***************************************************************/
30 /**
31 * Abstract class as base for standalone messages (error pages etc.)
32 *
33 * @author Steffen Gebert <steffen.gebert@typo3.org>
34 */
35 abstract class AbstractStandaloneMessage extends \TYPO3\CMS\Core\Messaging\AbstractMessage {
36
37 /**
38 * Path to the HTML template file, relative to PATH_site
39 *
40 * @var string
41 */
42 protected $htmlTemplate;
43
44 /**
45 * Default markers
46 *
47 * @var array
48 */
49 protected $defaultMarkers = array();
50
51 /**
52 * Markers in template to be filled
53 *
54 * @var array
55 */
56 protected $markers = array();
57
58 /**
59 * Constructor
60 *
61 * @param string $message Message
62 * @param string $title Title
63 * @param integer $severity Severity, see class constants of AbstractMessage
64 */
65 public function __construct($message = '', $title = '', $severity = \TYPO3\CMS\Core\Messaging\AbstractMessage::ERROR) {
66 if (!empty($message)) {
67 $this->setMessage($message);
68 }
69 $this->setTitle(!empty($title) ? $title : 'Error!');
70 $this->setSeverity($severity);
71 }
72
73 /**
74 * Sets the markers of the templates, which have to be replaced with the specified contents.
75 * The marker array passed, will be merged with already present markers.
76 *
77 * @param array $markers Array containing the markers and values (e.g. ###MARKERNAME### => value)
78 * @return void
79 */
80 public function setMarkers(array $markers) {
81 $this->markers = array_merge($this->markers, $markers);
82 }
83
84 /**
85 * Returns the default markers like title and message, which exist for every standalone message
86 *
87 * @return array
88 */
89 protected function getDefaultMarkers() {
90 $classes = array(
91 self::NOTICE => 'notice',
92 self::INFO => 'information',
93 self::OK => 'ok',
94 self::WARNING => 'warning',
95 self::ERROR => 'error'
96 );
97 $defaultMarkers = array(
98 '###CSS_CLASS###' => $classes[$this->severity],
99 '###TITLE###' => $this->title,
100 '###MESSAGE###' => $this->message,
101 // Avoid calling TYPO3_SITE_URL here to get the base URL as it might be that we output an exception message with
102 // invalid trusted host, which would lead to a nested exception! See: #30377
103 // Instead we calculate the relative path to the document root without involving HTTP request parameters.
104 '###BASEURL###' => substr(PATH_site, strlen(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_DOCUMENT_ROOT'))),
105 '###TYPO3_mainDir###' => TYPO3_mainDir,
106 '###TYPO3_copyright_year###' => TYPO3_copyright_year
107 );
108 return $defaultMarkers;
109 }
110
111 /**
112 * Gets the filename of the HTML template.
113 *
114 * @return string The filename of the HTML template.
115 */
116 public function getHtmlTemplate() {
117 if (!$this->htmlTemplate) {
118 throw new \RuntimeException('No HTML template file has been defined, yet', 1314390127);
119 }
120 return $this->htmlTemplate;
121 }
122
123 /**
124 * Sets the filename to the HTML template
125 *
126 * @param string $htmlTemplate The filename of the HTML template, relative to PATH_site
127 * @return void
128 */
129 public function setHtmlTemplate($htmlTemplate) {
130 $this->htmlTemplate = PATH_site . $htmlTemplate;
131 if (!file_exists($this->htmlTemplate)) {
132 throw new \RuntimeException('Template file "' . $this->htmlTemplate . '" not found', 1312830504);
133 }
134 }
135
136 /**
137 * Renders the message.
138 *
139 * @return string The message as HTML.
140 */
141 public function render() {
142 $markers = array_merge($this->getDefaultMarkers(), $this->markers);
143 $content = \TYPO3\CMS\Core\Utility\GeneralUtility::getUrl($this->htmlTemplate);
144 $content = \TYPO3\CMS\Core\Html\HtmlParser::substituteMarkerArray($content, $markers, '', FALSE, TRUE);
145 return $content;
146 }
147
148 /**
149 * Renders the message and echoes it.
150 *
151 * @return void
152 */
153 public function output() {
154 $content = $this->render();
155 echo $content;
156 }
157
158 }
159
160
161 ?>