76f3bd420a3f1c409645963ff6bd81315da3e03c
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / Classes / Controller / SetupModuleController.php
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Template\Components\ButtonBar;
23 use TYPO3\CMS\Backend\Utility\BackendUtility;
24 use TYPO3\CMS\Core\Imaging\Icon;
25 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
26 use TYPO3\CMS\Core\Database\DatabaseConnection;
27 use TYPO3\CMS\Core\DataHandling\DataHandler;
28 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
29 use TYPO3\CMS\Core\Messaging\FlashMessage;
30 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
31 use TYPO3\CMS\Core\Resource\ResourceFactory;
32 use TYPO3\CMS\Core\Utility\GeneralUtility;
33
34 /**
35 * Script class for the Setup module
36 */
37 class SetupModuleController extends AbstractModule
38 {
39 /**
40 * Flag if password has not been updated
41 */
42 const PASSWORD_NOT_UPDATED = 0;
43
44 /**
45 * Flag if password has been updated
46 */
47 const PASSWORD_UPDATED = 1;
48
49 /**
50 * Flag if both new passwords do not match
51 */
52 const PASSWORD_NOT_THE_SAME = 2;
53
54 /**
55 * Flag if the current password given was not identical to the real
56 * current password
57 */
58 const PASSWORD_OLD_WRONG = 3;
59
60 /**
61 * @var array
62 */
63 public $MOD_MENU = array();
64
65 /**
66 * @var array
67 */
68 public $MOD_SETTINGS = array();
69
70 /**
71 * @var \TYPO3\CMS\Backend\Template\DocumentTemplate
72 */
73 public $doc;
74
75 /**
76 * @var string
77 */
78 public $content;
79
80 /**
81 * @var array
82 */
83 public $overrideConf;
84
85 /**
86 * backend user object, set during simulate-user operation
87 *
88 * @var \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
89 */
90 public $OLD_BE_USER;
91
92 /**
93 * @var bool
94 */
95 public $languageUpdate;
96
97 /**
98 * @var bool
99 */
100 protected $pagetreeNeedsRefresh = false;
101
102 /**
103 * @var bool
104 */
105 protected $isAdmin;
106
107 /**
108 * @var array
109 */
110 protected $tsFieldConf;
111
112 /**
113 * @var bool
114 */
115 protected $saveData = false;
116
117 /**
118 * @var int
119 */
120 protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
121
122 /**
123 * @var bool
124 */
125 protected $passwordIsSubmitted = false;
126
127 /**
128 * @var bool
129 */
130 protected $setupIsUpdated = false;
131
132 /**
133 * @var bool
134 */
135 protected $tempDataIsCleared = false;
136
137 /**
138 * @var bool
139 */
140 protected $settingsAreResetToDefault = false;
141
142 /**
143 * Form protection instance
144 *
145 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
146 */
147 protected $formProtection;
148
149 /**
150 * @var string
151 */
152 protected $simulateSelector = '';
153
154 /**
155 * @var string
156 */
157 protected $simUser = '';
158
159 /**
160 * The name of the module
161 *
162 * @var string
163 */
164 protected $moduleName = 'user_setup';
165
166 /**
167 * @var ModuleLoader
168 */
169 protected $loadModules;
170
171 /**
172 * Instantiate the form protection before a simulated user is initialized.
173 */
174 public function __construct()
175 {
176 parent::__construct();
177 $this->formProtection = FormProtectionFactory::get();
178 }
179
180 /**
181 * Getter for the form protection instance.
182 *
183 * @return \TYPO3\CMS\Core\FormProtection\BackendFormProtection
184 */
185 public function getFormProtection()
186 {
187 return $this->formProtection;
188 }
189
190 /**
191 * If settings are submitted to _POST[DATA], store them
192 * NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\DocumentTemplate
193 * is included. See bottom of document.
194 *
195 * @see \TYPO3\CMS\Backend\Template\DocumentTemplate
196 */
197 public function storeIncomingData()
198 {
199 // First check if something is submitted in the data-array from POST vars
200 $d = GeneralUtility::_POST('data');
201 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
202 $beUser = $this->getBackendUser();
203 $beUserId = $beUser->user['uid'];
204 $storeRec = array();
205 $fieldList = $this->getFieldsFromShowItem();
206 if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
207 // UC hashed before applying changes
208 $save_before = md5(serialize($beUser->uc));
209 // PUT SETTINGS into the ->uc array:
210 // Reload left frame when switching BE language
211 if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
212 $this->languageUpdate = true;
213 }
214 // Reload pagetree if the title length is changed
215 if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
216 $this->pagetreeNeedsRefresh = true;
217 }
218 if ($d['setValuesToDefault']) {
219 // If every value should be default
220 $beUser->resetUC();
221 $this->settingsAreResetToDefault = true;
222 } elseif ($d['clearSessionVars']) {
223 foreach ($beUser->uc as $key => $value) {
224 if (!isset($columns[$key])) {
225 unset($beUser->uc[$key]);
226 }
227 }
228 $this->tempDataIsCleared = true;
229 } elseif ($d['save']) {
230 // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
231 foreach ($columns as $field => $config) {
232 if (!in_array($field, $fieldList)) {
233 continue;
234 }
235 if ($config['table']) {
236 if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
237 if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
238 if ($config['type'] === 'check') {
239 $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
240 } else {
241 $fieldValue = $d['be_users'][$field];
242 }
243 $storeRec['be_users'][$beUserId][$field] = $fieldValue;
244 $beUser->user[$field] = $fieldValue;
245 }
246 }
247 }
248 if ($config['type'] === 'check') {
249 $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
250 } else {
251 $beUser->uc[$field] = htmlspecialchars($d[$field]);
252 }
253 }
254 // Personal data for the users be_user-record (email, name, password...)
255 // If email and name is changed, set it in the users record:
256 $be_user_data = $d['be_users'];
257 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
258 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
259 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
260 $params = array('be_user_data' => &$be_user_data);
261 GeneralUtility::callUserFunction($function, $params, $this);
262 }
263 }
264 $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
265 $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
266 // Update the real name:
267 if ($be_user_data['realName'] !== $beUser->user['realName']) {
268 $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
269 }
270 // Update the email address:
271 if ($be_user_data['email'] !== $beUser->user['email']) {
272 $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
273 }
274 // Update the password:
275 if ($passwordIsConfirmed) {
276 $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
277 $saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
278 if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
279 $this->passwordIsUpdated = self::PASSWORD_UPDATED;
280 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
281 } else {
282 $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
283 }
284 } else {
285 $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
286 }
287
288 $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
289
290 $this->saveData = true;
291 }
292 // Inserts the overriding values.
293 $beUser->overrideUC();
294 $save_after = md5(serialize($beUser->uc));
295 // If something in the uc-array of the user has changed, we save the array...
296 if ($save_before != $save_after) {
297 $beUser->writeUC($beUser->uc);
298 $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
299 $this->setupIsUpdated = true;
300 }
301 // If the temporary data has been cleared, lets make a log note about it
302 if ($this->tempDataIsCleared) {
303 $beUser->writelog(254, 1, 0, 1, $this->getLanguageService()->getLL('tempDataClearedLog'), array());
304 }
305 // Persist data if something has changed:
306 if (!empty($storeRec) && $this->saveData) {
307 // Make instance of TCE for storing the changes.
308 /** @var DataHandler $dataHandler */
309 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
310 $dataHandler->stripslashes_values = false;
311 // This is so the user can actually update his user record.
312 $isAdmin = $beUser->user['admin'];
313 $beUser->user['admin'] = 1;
314 $dataHandler->start($storeRec, array(), $beUser);
315 // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
316 $dataHandler->bypassWorkspaceRestrictions = true;
317 $dataHandler->process_datamap();
318 unset($tce);
319 if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
320 $this->setupIsUpdated = true;
321 }
322 // Restore admin status after processing
323 $beUser->user['admin'] = $isAdmin;
324 }
325 }
326 }
327
328 /******************************
329 *
330 * Rendering module
331 *
332 ******************************/
333 /**
334 * Initializes the module for display of the settings form.
335 *
336 * @return void
337 */
338 public function init()
339 {
340 $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
341
342 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
343 $scriptUser = $this->getRealScriptUserObj();
344
345 $this->isAdmin = $scriptUser->isAdmin();
346 // Getting the 'override' values as set might be set in User TSconfig
347 $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
348 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
349 $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
350 // id password is disabled, disable repeat of password too (password2)
351 if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
352 $this->tsFieldConf['password2.']['disabled'] = 1;
353 $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
354 }
355 // Create instance of object for output of data
356 $this->doc = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Template\DocumentTemplate::class);
357 $this->moduleTemplate->setForm(
358 '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" name="usersetup" enctype="multipart/form-data">'
359 );
360 }
361
362 /**
363 * Generate necessary JavaScript
364 *
365 * @return string
366 */
367 protected function getJavaScript()
368 {
369 $javaScript = '';
370 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
371 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
372 $params = array();
373 $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
374 }
375 }
376 return $javaScript;
377 }
378
379 /**
380 * Generate the main settings form:
381 *
382 * @return void
383 */
384 public function main()
385 {
386 if ($this->languageUpdate) {
387 $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
388 if (top.refreshMenu) {
389 top.refreshMenu();
390 } else {
391 top.TYPO3ModuleMenu.refreshMenu();
392 }
393 ');
394 }
395 if ($this->pagetreeNeedsRefresh) {
396 BackendUtility::setUpdateSignal('updatePageTree');
397 }
398 // Start page:
399 $this->moduleTemplate->loadJavascriptLib('sysext/backend/Resources/Public/JavaScript/md5.js');
400 // Use a wrapper div
401 $this->content .= '<div id="user-setup-wrapper">';
402 // Load available backend modules
403 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
404 $this->loadModules->observeWorkspaces = true;
405 $this->loadModules->load($GLOBALS['TBE_MODULES']);
406 $this->content .= $this->doc->header($this->getLanguageService()->getLL('UserSettings'));
407 // Show if setup was saved
408 if ($this->setupIsUpdated && !$this->tempDataIsCleared && !$this->settingsAreResetToDefault) {
409 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('setupWasUpdated'), $this->getLanguageService()->getLL('UserSettings'));
410 $this->content .= $flashMessage->render();
411 }
412
413 // Show if temporary data was cleared
414 if ($this->tempDataIsCleared) {
415 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('tempDataClearedFlashMessage'), $this->getLanguageService()->getLL('tempDataCleared'));
416 $this->content .= $flashMessage->render();
417 }
418
419 // Show if temporary data was cleared
420 if ($this->settingsAreResetToDefault) {
421 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('settingsAreReset'), $this->getLanguageService()->getLL('resetConfiguration'));
422 $this->content .= $flashMessage->render();
423 }
424
425 // Notice
426 if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
427 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('activateChanges'), '', FlashMessage::INFO);
428 $this->content .= $flashMessage->render();
429 }
430
431 // If password is updated, output whether it failed or was OK.
432 if ($this->passwordIsSubmitted) {
433 $flashMessage = null;
434 switch ($this->passwordIsUpdated) {
435 case self::PASSWORD_OLD_WRONG:
436 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('oldPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
437 break;
438 case self::PASSWORD_NOT_THE_SAME:
439 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
440 break;
441 case self::PASSWORD_UPDATED:
442 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_ok'), $this->getLanguageService()->getLL('newPassword'));
443 break;
444 }
445 if ($flashMessage) {
446 $this->content .= $flashMessage->render();
447 }
448 }
449
450 // Render user switch
451 $this->content .= $this->renderSimulateUserSelectAndLabel();
452
453 // Render the menu items
454 $menuItems = $this->renderUserSetup();
455 $this->content .= $this->moduleTemplate->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
456 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
457 $this->content .= '<div>';
458 $this->content .= '<input type="hidden" name="simUser" value="' . $this->simUser . '" />
459 <input type="hidden" name="formToken" value="' . $formToken . '" />
460 <input type="hidden" value="1" name="data[save]" />
461 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />
462 <input type="hidden" name="data[clearSessionVars]" value="0" id="clearSessionVars" />';
463 $this->content .= '</div>';
464 // End of wrapper div
465 $this->content .= '</div>';
466 // Setting up the buttons and markers for docheader
467 $this->getButtons();
468 // Build the <body> for the module
469 // Renders the module page
470 $this->moduleTemplate->setContent($this->content);
471 }
472
473
474 /**
475 * Injects the request object for the current request or subrequest
476 * Simply calls main() and init() and writes the content to the response
477 *
478 * @param ServerRequestInterface $request the current request
479 * @param ResponseInterface $response
480 * @return ResponseInterface the response with the content
481 */
482 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
483 {
484 $GLOBALS['SOBE'] = $this;
485 $this->simulateUser();
486 $this->storeIncomingData();
487 $this->init();
488 $this->main();
489
490 $response->getBody()->write($this->moduleTemplate->renderContent());
491 return $response;
492 }
493
494 /**
495 * Prints the content / ends page
496 *
497 * @return void
498 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8
499 */
500 public function printContent()
501 {
502 GeneralUtility::logDeprecatedFunction();
503 echo $this->content;
504 }
505
506 /**
507 * Create the panel of buttons for submitting the form or otherwise perform operations.
508 */
509 protected function getButtons()
510 {
511 $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
512 $cshButton = $buttonBar->makeHelpButton()
513 ->setModuleName('_MOD_user_setup')
514 ->setFieldName('');
515 $buttonBar->addButton($cshButton);
516
517 $saveButton = $buttonBar->makeInputButton()
518 ->setName('data[save]')
519 ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
520 ->setValue('1')
521 ->setShowLabelText(true)
522 ->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
523
524 $buttonBar->addButton($saveButton);
525 $shortcutButton = $buttonBar->makeShortcutButton()
526 ->setModuleName($this->moduleName);
527 $buttonBar->addButton($shortcutButton);
528 }
529
530 /******************************
531 *
532 * Render module
533 *
534 ******************************/
535
536 /**
537 * renders the data for all tabs in the user setup and returns
538 * everything that is needed with tabs and dyntab menu
539 *
540 * @return array Ready to use for the dyntabmenu itemarray
541 */
542 protected function renderUserSetup()
543 {
544 $html = '';
545 $result = array();
546 $firstTabLabel = '';
547 $code = array();
548 $fieldArray = $this->getFieldsFromShowItem();
549 $tabLabel = '';
550 foreach ($fieldArray as $fieldName) {
551 $more = '';
552 if (substr($fieldName, 0, 8) === '--div--;') {
553 if ($firstTabLabel === '') {
554 // First tab
555 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
556 $firstTabLabel = $tabLabel;
557 } else {
558 $result[] = array(
559 'label' => $tabLabel,
560 'content' => count($code) ? implode(LF, $code) : ''
561 );
562 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
563 $code = array();
564 }
565 continue;
566 }
567 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
568
569 // Field my be disabled in setup.fields
570 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
571 continue;
572 }
573 if (isset($config['access']) && !$this->checkAccess($config)) {
574 continue;
575 }
576 $label = $this->getLabel($config['label'], $fieldName);
577 $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
578 $type = $config['type'];
579 $class = $config['class'];
580
581 if ($type !== 'check') {
582 $class .= ' form-control';
583 }
584
585 $style = $config['style'];
586 if ($class) {
587 $more .= ' class="' . $class . '"';
588 }
589 if ($style) {
590 $more .= ' style="' . $style . '"';
591 }
592 if (isset($this->overrideConf[$fieldName])) {
593 $more .= ' disabled="disabled"';
594 }
595 $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
596 if (!$value && isset($config['default'])) {
597 $value = $config['default'];
598 }
599 $dataAdd = '';
600 if ($config['table'] === 'be_users') {
601 $dataAdd = '[be_users]';
602 }
603
604 switch ($type) {
605 case 'text':
606 case 'email':
607 case 'password':
608 $noAutocomplete = '';
609 if ($type === 'password') {
610 $value = '';
611 $noAutocomplete = 'autocomplete="off" ';
612 $more .= ' data-rsa-encryption=""';
613 }
614 $html = '<input id="field_' . $fieldName . '"
615 type="' . $type . '"
616 name="data' . $dataAdd . '[' . $fieldName . ']" ' .
617 $noAutocomplete .
618 'value="' . htmlspecialchars($value) . '" ' .
619 $more .
620 ' />';
621 break;
622 case 'check':
623 $html = $label . '<div class="checkbox"><label><input id="field_' . $fieldName . '"
624 type="checkbox"
625 name="data' . $dataAdd . '[' . $fieldName . ']"' .
626 ($value ? ' checked="checked"' : '') .
627 $more .
628 ' /></label></div>';
629 $label = '';
630 break;
631 case 'select':
632 if ($config['itemsProcFunc']) {
633 $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this, '');
634 } else {
635 $html = '<select id="field_' . $fieldName . '"
636 name="data' . $dataAdd . '[' . $fieldName . ']"' .
637 $more . '>' . LF;
638 foreach ($config['items'] as $key => $optionLabel) {
639 $html .= '<option value="' . $key . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
640 }
641 $html .= '</select>';
642 }
643 break;
644 case 'user':
645 $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this, '');
646 break;
647 case 'button':
648 if ($config['onClick']) {
649 $onClick = $config['onClick'];
650 if ($config['onClickLabels']) {
651 foreach ($config['onClickLabels'] as $key => $labelclick) {
652 $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
653 }
654 $onClick = vsprintf($onClick, $config['onClickLabels']);
655 }
656 $html = '<br><input class="btn btn-default" type="button"
657 value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
658 onclick="' . $onClick . '" />';
659 }
660 break;
661 case 'avatar':
662 // Get current avatar image
663 $html = '<br>';
664 $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
665
666 if ($avatarFileUid) {
667 $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
668 $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
669 if ($avatarImage) {
670 $icon = '<span class="avatar"><span class="avatar-image">' .
671 '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
672 ' width="' . (int)$avatarImage->getWidth() . '" ' .
673 'height="' . (int)$avatarImage->getHeight() . '" />' .
674 '</span></span>';
675 $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
676 }
677 }
678 $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
679 'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
680 ' value="' . $avatarFileUid . '" />';
681
682 $html .= '<div class="btn-group">';
683 if ($avatarFileUid) {
684 $html .= '<a id="clear_button_' . htmlspecialchars($fieldName) . '" onclick="clearExistingImage(); return false;" class="btn btn-default"><span class="t3-icon fa t3-icon fa fa-remove"> </span></a>';
685 }
686 $html .= '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar" onclick="openFileBrowser();return false;"><span class="t3-icon t3-icon-actions t3-icon-actions-insert t3-icon-insert-record"> </span></a>' .
687 '</div>';
688
689 $this->addAvatarButtonJs($fieldName);
690 break;
691 default:
692 $html = '';
693 }
694
695 $code[] = '<div class="form-section"><div class="form-group">' .
696 $label .
697 $html .
698 '</div></div>';
699 }
700
701 $result[] = array(
702 'label' => $tabLabel,
703 'content' => count($code) ? implode(LF, $code) : ''
704 );
705 return $result;
706 }
707
708 /******************************
709 *
710 * Helper functions
711 *
712 ******************************/
713 /**
714 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
715 * Anyway: The REAL user is returned - the one logged in.
716 *
717 * @return BackendUserAuthentication The REAL user is returned - the one logged in.
718 */
719 protected function getRealScriptUserObj()
720 {
721 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
722 }
723
724 /**
725 * Return a select with available languages
726 *
727 * @param array $params
728 *
729 * @return string Complete select as HTML string or warning box if something went wrong.
730 */
731 public function renderLanguageSelect($params)
732 {
733 $languageOptions = array();
734 // Compile the languages dropdown
735 $langDefault = $this->getLanguageService()->getLL('lang_default', true);
736 $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
737 // Traverse the number of languages
738 /** @var $locales \TYPO3\CMS\Core\Localization\Locales */
739 $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
740 $languages = $locales->getLanguages();
741 foreach ($languages as $locale => $name) {
742 if ($locale !== 'default') {
743 $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
744 $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
745 if ($localizedName === '') {
746 $localizedName = htmlspecialchars($name);
747 }
748 $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
749 $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
750 if ($available) {
751 $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
752 }
753 }
754 }
755 ksort($languageOptions);
756 $languageCode = '
757 <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
758 </select>';
759 if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
760 $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed.<br />' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
761 $languageUnavailableMessage = GeneralUtility::makeInstance(FlashMessage::class, $languageUnavailableWarning, '', FlashMessage::WARNING);
762 $languageCode = $languageUnavailableMessage->render() . $languageCode;
763 }
764 return $languageCode;
765 }
766
767 /**
768 * Returns a select with all modules for startup
769 *
770 * @param array $params
771 * @param SetupModuleController $pObj
772 *
773 * @return string Complete select as HTML string
774 */
775 public function renderStartModuleSelect($params, $pObj)
776 {
777 $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
778 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
779 if (!empty($modData['sub']) && is_array($modData['sub'])) {
780 $modules = '';
781 foreach ($modData['sub'] as $subData) {
782 $modName = $subData['name'];
783 $modules .= '<option value="' . htmlspecialchars($modName) . '"';
784 $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
785 $modules .= '>' . $this->getLanguageService()->moduleLabels['tabs'][$modName . '_tab'] . '</option>';
786 }
787 $groupLabel = $this->getLanguageService()->moduleLabels['tabs'][$mainMod . '_tab'];
788 $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
789 }
790 }
791 return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
792 }
793
794 /**
795 * Will make the simulate-user selector if the logged in user is administrator.
796 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
797 *
798 * @return void
799 */
800 public function simulateUser()
801 {
802 // If admin, allow simulation of another user
803 $this->simUser = 0;
804 $this->simulateSelector = '';
805 unset($this->OLD_BE_USER);
806 if ($this->getBackendUser()->isAdmin()) {
807 $this->simUser = (int)GeneralUtility::_GP('simUser');
808 // Make user-selector:
809 $db = $this->getDatabaseConnection();
810 $where = 'AND username NOT LIKE ' . $db->fullQuoteStr($db->escapeStrForLike('_cli_', 'be_users') . '%', 'be_users');
811 $where .= ' AND uid <> ' . (int)$this->getBackendUser()->user['uid'] . BackendUtility::BEenableFields('be_users');
812 $users = BackendUtility::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', $where);
813 $opt = array();
814 foreach ($users as $rr) {
815 $label = htmlspecialchars(($rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '')));
816 $opt[] = '<option value="' . $rr['uid'] . '"' . ($this->simUser == $rr['uid'] ? ' selected="selected"' : '') . '>' . $label . '</option>';
817 }
818 if (!empty($opt)) {
819 $this->simulateSelector = '<select id="field_simulate" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
820 }
821 }
822 // This can only be set if the previous code was executed.
823 if ($this->simUser > 0) {
824 // Save old user...
825 $this->OLD_BE_USER = $this->getBackendUser();
826 unset($GLOBALS['BE_USER']);
827 // Unset current
828 // New backend user object
829 $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
830 $BE_USER->setBeUserByUid($this->simUser);
831 $BE_USER->fetchGroupData();
832 $BE_USER->backendSetUC();
833 // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
834 $GLOBALS['BE_USER'] = $BE_USER;
835 }
836 }
837
838 /**
839 * Render simulate user select and label
840 *
841 * @return string
842 */
843 protected function renderSimulateUserSelectAndLabel()
844 {
845 if ($this->simulateSelector === '') {
846 return '';
847 }
848
849 return '<p>' .
850 '<label for="field_simulate" style="margin-right: 20px;">' .
851 $this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate') .
852 '</label>' .
853 $this->simulateSelector .
854 '</p>';
855 }
856
857 /**
858 * Returns access check (currently only "admin" is supported)
859 *
860 * @param array $config Configuration of the field, access mode is defined in key 'access'
861 * @return bool Whether it is allowed to modify the given field
862 */
863 protected function checkAccess(array $config)
864 {
865 $access = $config['access'];
866
867 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
868 if (class_exists($access)) {
869 $accessObject = GeneralUtility::makeInstance($access);
870 if (method_exists($accessObject, 'accessLevelCheck')) {
871 // Initialize vars. If method fails, $set will be set to FALSE
872 return $accessObject->accessLevelCheck($config);
873 }
874 }
875 } elseif ($access == 'admin') {
876 return $this->isAdmin;
877 }
878
879 return false;
880 }
881
882 /**
883 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
884 *
885 * @param string $str Locallang key
886 * @param string $key Alternative override-config key
887 * @param bool $addLabelTag Defines whether the string should be wrapped in a <label> tag.
888 * @param string $altLabelTagId Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
889 * @return string HTML output.
890 */
891 protected function getLabel($str, $key = '', $addLabelTag = true, $altLabelTagId = '')
892 {
893 if (substr($str, 0, 4) === 'LLL:') {
894 $out = $this->getLanguageService()->sL($str);
895 } else {
896 $out = htmlspecialchars($str);
897 }
898 if (isset($this->overrideConf[$key ?: $str])) {
899 $out = '<span style="color:#999999">' . $out . '</span>';
900 }
901 if ($addLabelTag) {
902 $out = '<label for="' . ($altLabelTagId ?: 'field_' . $key) . '">' . $out . '</label>';
903 }
904 return $out;
905 }
906
907 /**
908 * Returns the CSH Icon for given string
909 *
910 * @param string $str Locallang key
911 * @param string $label The label to be used, that should be wrapped in help
912 * @return string HTML output.
913 */
914 protected function getCSH($str, $label)
915 {
916 $context = '_MOD_user_setup';
917 $field = $str;
918 $strParts = explode(':', $str);
919 if (count($strParts) > 1) {
920 // Setting comes from another extension
921 $context = $strParts[0];
922 $field = $strParts[1];
923 } elseif (!GeneralUtility::inList('language,simuser,reset', $str)) {
924 $field = 'option_' . $str;
925 }
926 return BackendUtility::wrapInHelp($context, $field, $label);
927 }
928
929 /**
930 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
931 *
932 * @return array Array with fieldnames visible in form
933 */
934 protected function getFieldsFromShowItem()
935 {
936 return GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
937 }
938
939 /**
940 * Get Avatar fileUid
941 *
942 * @param int $beUserId
943 * @return int
944 */
945 protected function getAvatarFileUid($beUserId)
946 {
947 $file = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
948 'uid_local',
949 'sys_file_reference',
950 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
951 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId .
952 BackendUtility::BEenableFields('sys_file_reference') . BackendUtility::deleteClause('sys_file_reference')
953 );
954 return $file ? $file['uid_local'] : 0;
955 }
956
957 /**
958 * Set avatar fileUid for backend user
959 *
960 * @param int $beUserId
961 * @param int $fileUid
962 * @param array $storeRec
963 */
964 protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
965 {
966
967 // Update is only needed when new fileUid is set
968 if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
969 return;
970 }
971
972 // Delete old file reference
973 $this->getDatabaseConnection()->exec_DELETEquery(
974 'sys_file_reference',
975 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
976 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId
977 );
978
979 // Create new reference
980 if ($fileUid) {
981
982 // Get file object
983 try {
984 $file = ResourceFactory::getInstance()->getFileObject($fileUid);
985 } catch (FileDoesNotExistException $e) {
986 $file = false;
987 }
988
989 // Check if user is allowed to use the image (only when not in simulation mode)
990 if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
991 $file = false;
992 }
993
994 // Check if extension is allowed
995 if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
996
997 // Create new file reference
998 $storeRec['sys_file_reference']['NEW1234'] = array(
999 'uid_local' => $fileUid,
1000 'uid_foreign' => $beUserId,
1001 'tablenames' => 'be_users',
1002 'fieldname' => 'avatar',
1003 'pid' => 0,
1004 'table_local' => 'sys_file',
1005 );
1006 $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
1007 }
1008 }
1009 }
1010
1011 /**
1012 * Add JavaScript to for browse files button
1013 *
1014 * @param string $fieldName
1015 */
1016 protected function addAvatarButtonJs($fieldName)
1017 {
1018 $this->moduleTemplate->addJavaScriptCode('avatar-button', '
1019 var browserWin="";
1020
1021 function openFileBrowser() {
1022 var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
1023 browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
1024 browserWin.focus();
1025 }
1026
1027 function clearExistingImage() {
1028 TYPO3.jQuery(\'#image_' . htmlspecialchars($fieldName) . '\').hide();
1029 TYPO3.jQuery(\'#clear_button_' . htmlspecialchars($fieldName) . '\').hide();
1030 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(\'\');
1031 }
1032
1033 function setFileUid(field, value, fileUid) {
1034 clearExistingImage();
1035 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(fileUid);
1036 TYPO3.jQuery(\'#add_button_' . htmlspecialchars($fieldName) . '\').removeClass(\'btn-default\').addClass(\'btn-info\');
1037
1038 browserWin.close();
1039 }
1040 ');
1041 }
1042
1043 /**
1044 * Returns the current BE user.
1045 *
1046 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1047 */
1048 protected function getBackendUser()
1049 {
1050 return $GLOBALS['BE_USER'];
1051 }
1052
1053 /**
1054 * Returns LanguageService
1055 *
1056 * @return \TYPO3\CMS\Lang\LanguageService
1057 */
1058 protected function getLanguageService()
1059 {
1060 return $GLOBALS['LANG'];
1061 }
1062
1063 /**
1064 * @return DatabaseConnection
1065 */
1066 protected function getDatabaseConnection()
1067 {
1068 return $GLOBALS['TYPO3_DB'];
1069 }
1070 }