a6542c3aef65572fa3bf98a84cf09fbddee8a1f2
[Packages/TYPO3.CMS.git] / typo3 / sysext / frontend / Classes / Controller / TypoScriptFrontendController.php
1 <?php
2 namespace TYPO3\CMS\Frontend\Controller;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 1999-2013 Kasper Skårhøj (kasperYYYY@typo3.com)
8 * All rights reserved
9 *
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
18 * A copy is found in the text file GPL.txt and important notices to the license
19 * from the author is found in LICENSE.txt distributed with these scripts.
20 *
21 *
22 * This script is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * This copyright notice MUST APPEAR in all copies of the script!
28 ***************************************************************/
29
30 use TYPO3\CMS\Core\Utility\GeneralUtility;
31 use TYPO3\CMS\Core\Utility\HttpUtility;
32
33 /**
34 * Class for the built TypoScript based Front End. Instantiated in
35 * index_ts.php script as the global object TSFE
36 * Main frontend class, instantiated in the index_ts.php script as the global object TSFE
37 *
38 * This class has a lot of functions and internal variable which are use from index_ts.php.
39 * The class is instantiated as $GLOBALS['TSFE'] in index_ts.php.
40 * The use of this class should be inspired by the order of function calls as found in index_ts.php.
41 *
42 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
43 */
44 class TypoScriptFrontendController {
45
46 // CURRENT PAGE:
47 // The page id (int)
48 /**
49 * @todo Define visibility
50 */
51 public $id = '';
52
53 // RO The type (int)
54 /**
55 * @todo Define visibility
56 */
57 public $type = '';
58
59 // The submitted cHash
60 /**
61 * @todo Define visibility
62 */
63 public $cHash = '';
64
65 // Page will not be cached. Write only TRUE. Never clear value (some other code might have reasons to set it TRUE)
66 /**
67 * @todo Define visibility
68 */
69 public $no_cache = '';
70
71 // The rootLine (all the way to tree root, not only the current site!) (array)
72 /**
73 * @todo Define visibility
74 */
75 public $rootLine = '';
76
77 // The pagerecord (array)
78 /**
79 * @todo Define visibility
80 */
81 public $page = '';
82
83 // This will normally point to the same value as id, but can be changed to point to another page from which content will then be displayed instead.
84 /**
85 * @todo Define visibility
86 */
87 public $contentPid = 0;
88
89 // Gets set when we are processing a page of type shortcut in the early stages opf init.php when we do not know about languages yet, used later in init.php to determine the correct shortcut in case a translation changes the shortcut target (array)
90 protected $originalShortcutPage = NULL;
91
92 /**
93 * sys_page-object, pagefunctions
94 *
95 * @var \TYPO3\CMS\Frontend\Page\PageRepository
96 * @todo Define visibility
97 */
98 public $sys_page = '';
99
100 /**
101 * @todo Define visibility
102 */
103 public $jumpurl = '';
104
105 // Is set to 1 if a pageNotFound handler could have been called.
106 /**
107 * @todo Define visibility
108 */
109 public $pageNotFound = 0;
110
111 // Domain start page
112 /**
113 * @todo Define visibility
114 */
115 public $domainStartPage = 0;
116
117 // Array containing a history of why a requested page was not accessible.
118 /**
119 * @todo Define visibility
120 */
121 public $pageAccessFailureHistory = array();
122
123 /**
124 * @todo Define visibility
125 */
126 public $MP = '';
127
128 /**
129 * @todo Define visibility
130 */
131 public $RDCT = '';
132
133 // This can be set from applications as a way to tag cached versions of a page and later perform some external cache management, like clearing only a part of the cache of a page...
134 /**
135 * @todo Define visibility
136 */
137 public $page_cache_reg1 = 0;
138
139 // Contains the value of the current script path that activated the frontend. Typically "index.php" but by rewrite rules it could be something else! Used for Speaking Urls / Simulate Static Documents.
140 /**
141 * @todo Define visibility
142 */
143 public $siteScript = '';
144
145 /**
146 * The FE user
147 *
148 * @var \TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
149 * @todo Define visibility
150 */
151 public $fe_user = '';
152
153 // Global flag indicating that a front-end user is logged in. This is set only if a user really IS logged in. The group-list may show other groups (like added by IP filter or so) even though there is no user.
154 /**
155 * @todo Define visibility
156 */
157 public $loginUser = '';
158
159 // (RO=readonly) The group list, sorted numerically. Group '0,-1' is the default group, but other groups may be added by other means than a user being logged in though...
160 /**
161 * @todo Define visibility
162 */
163 public $gr_list = '';
164
165 // Flag that indicates if a Backend user is logged in!
166 /**
167 * @todo Define visibility
168 */
169 public $beUserLogin = '';
170
171 // Integer, that indicates which workspace is being previewed.
172 /**
173 * @todo Define visibility
174 */
175 public $workspacePreview = 0;
176
177 // Shows whether logins are allowed in branch
178 /**
179 * @todo Define visibility
180 */
181 public $loginAllowedInBranch = TRUE;
182
183 // Shows specific mode (all or groups)
184 /**
185 * @todo Define visibility
186 */
187 public $loginAllowedInBranch_mode = '';
188
189 // Integer, set to backend user ID to initialize when keyword-based preview is used.
190 /**
191 * @todo Define visibility
192 */
193 public $ADMCMD_preview_BEUSER_uid = 0;
194
195 // PREVIEW
196 // Flag indication that preview is active. This is based on the login of a backend user and whether the backend user has read access to the current page. A value of 1 means ordinary preview, 2 means preview of a non-live workspace
197 /**
198 * @todo Define visibility
199 */
200 public $fePreview = '';
201
202 // Flag indicating that hidden pages should be shown, selected and so on. This goes for almost all selection of pages!
203 /**
204 * @todo Define visibility
205 */
206 public $showHiddenPage = '';
207
208 // Flag indicating that hidden records should be shown. This includes sys_template, pages_language_overlay and even fe_groups in addition to all other regular content. So in effect, this includes everything except pages.
209 /**
210 * @todo Define visibility
211 */
212 public $showHiddenRecords = '';
213
214 // Value that contains the simulated usergroup if any
215 /**
216 * @todo Define visibility
217 */
218 public $simUserGroup = '0';
219
220 // CONFIGURATION
221 /**
222 * Copy of $GLOBALS['TYPO3_CONF_VARS']
223 *
224 * @var array
225 */
226 public $TYPO3_CONF_VARS = array();
227
228 // "CONFIG" object from TypoScript. Array generated based on the TypoScript configuration of the current page. Saved with the cached pages.
229 /**
230 * @todo Define visibility
231 */
232 public $config = '';
233
234 // TEMPLATE / CACHE
235 /**
236 * The TypoScript template object. Used to parse the TypoScript template
237 *
238 * @var \TYPO3\CMS\Core\TypoScript\TemplateService
239 * @todo Define visibility
240 */
241 public $tmpl = '';
242
243 // Is set to the time-to-live time of cached pages. If FALSE, default is 60*60*24, which is 24 hours.
244 /**
245 * @todo Define visibility
246 */
247 public $cacheTimeOutDefault = FALSE;
248
249 // Set internally if cached content is fetched from the database
250 /**
251 * @todo Define visibility
252 */
253 public $cacheContentFlag = 0;
254
255 // Set to the expire time of cached content
256 /**
257 * @todo Define visibility
258 */
259 public $cacheExpires = 0;
260
261 // Set if cache headers allowing caching are sent.
262 /**
263 * @todo Define visibility
264 */
265 public $isClientCachable = FALSE;
266
267 // $all used by template fetching system. This array is an identification of the template. If $this->all is empty it's because the template-data is not cached, which it must be.
268 /**
269 * @todo Define visibility
270 */
271 public $all = '';
272
273 // toplevel - objArrayName, eg 'page'
274 /**
275 * @todo Define visibility
276 */
277 public $sPre = '';
278
279 // TypoScript configuration of the page-object pointed to by sPre. $this->tmpl->setup[$this->sPre.'.']
280 /**
281 * @todo Define visibility
282 */
283 public $pSetup = '';
284
285 // This hash is unique to the template, the $this->id and $this->type vars and the gr_list (list of groups). Used to get and later store the cached data
286 /**
287 * @todo Define visibility
288 */
289 public $newHash = '';
290
291 // If config.ftu (Frontend Track User) is set in TypoScript for the current page, the string value of this var is substituted in the rendered source-code with the string, '&ftu=[token...]' which enables GET-method usertracking as opposed to cookie based
292 /**
293 * @todo Define visibility
294 */
295 public $getMethodUrlIdToken = '';
296
297 // This flag is set before inclusion of pagegen.php IF no_cache is set. If this flag is set after the inclusion of pagegen.php, no_cache is forced to be set. This is done in order to make sure that php-code from pagegen does not falsely clear the no_cache flag.
298 /**
299 * @todo Define visibility
300 */
301 public $no_cacheBeforePageGen = '';
302
303 // This flag indicates if temporary content went into the cache during page-generation.
304 /**
305 * @todo Define visibility
306 */
307 public $tempContent = FALSE;
308
309 // Boolean, passed to TypoScript template class and tells it to render the template forcibly
310 /**
311 * @todo Define visibility
312 */
313 public $forceTemplateParsing = '';
314
315 // The array which cHash_calc is based on, see ->makeCacheHash().
316 /**
317 * @todo Define visibility
318 */
319 public $cHash_array = array();
320
321 // May be set to the pagesTSconfig
322 /**
323 * @todo Define visibility
324 */
325 public $pagesTSconfig = '';
326
327 // PAGE-GENERATION / cOBJ
328 /*
329 Eg. insert JS-functions in this array ($additionalHeaderData) to include them once. Use associative keys.
330 Keys in use:
331 JSFormValidate : <script type="text/javascript" src="'.$GLOBALS["TSFE"]->absRefPrefix.'typo3/sysext/frontend/Resources/Public/JavaScript/jsfunc.validateform.js"></script>
332 JSincludeFormupdate : <script type="text/javascript" src="typo3/js/jsfunc.updateform.js"></script>
333 JSMenuCode, JSMenuCode_menu : JavaScript for the JavaScript menu
334 JSCode : reserved
335 JSImgCode : reserved
336 */
337 // used to accumulate additional HTML-code for the header-section, <head>...</head>. Insert either associative keys (like additionalHeaderData['myStyleSheet'], see reserved keys above) or num-keys (like additionalHeaderData[] = '...')
338 /**
339 * @todo Define visibility
340 */
341 public $additionalHeaderData = array();
342
343 // used to accumulate additional HTML-code for the footer-section of the template
344 public $additionalFooterData = array();
345
346 // used to accumulate additional JavaScript-code. Works like additionalHeaderData. Reserved keys at 'openPic' and 'mouseOver'
347 /**
348 * @todo Define visibility
349 */
350 public $additionalJavaScript = array();
351
352 // used to accumulate additional Style code. Works like additionalHeaderData.
353 /**
354 * @todo Define visibility
355 */
356 public $additionalCSS = array();
357
358 // you can add JavaScript functions to each entry in these arrays. Please see how this is done in the GMENU_LAYERS script. The point is that many applications on a page can set handlers for onload, onmouseover and onmouseup
359 /**
360 * @todo Define visibility
361 */
362 public $JSeventFuncCalls = array(
363 'onmousemove' => array(),
364 'onmouseup' => array(),
365 'onkeydown' => array(),
366 'onkeyup' => array(),
367 'onkeypress' => array(),
368 'onload' => array(),
369 'onunload' => array()
370 );
371
372 // Used to accumulate JavaScript loaded images (by menus)
373 /**
374 * @todo Define visibility
375 */
376 public $JSImgCode = '';
377
378 // Used to accumulate DHTML-layers.
379 /**
380 * @todo Define visibility
381 */
382 public $divSection = '';
383
384 // Default bodytag, if nothing else is set. This can be overridden by applications like TemplaVoila.
385 /**
386 * @todo Define visibility
387 */
388 public $defaultBodyTag = '<body>';
389
390 // RENDERING configuration, settings from TypoScript is loaded into these vars. See pagegen.php
391 // Debug flag, may output special debug html-code.
392 /**
393 * @todo Define visibility
394 */
395 public $debug = '';
396
397 // Default internal target
398 /**
399 * @todo Define visibility
400 */
401 public $intTarget = '';
402
403 // Default external target
404 /**
405 * @todo Define visibility
406 */
407 public $extTarget = '';
408
409 // Default file link target
410 /**
411 * @todo Define visibility
412 */
413 public $fileTarget = '';
414
415 // Keys are page ids and values are default &MP (mount point) values to set when using the linking features...)
416 /**
417 * @todo Define visibility
418 */
419 public $MP_defaults = array();
420
421 // If set, typolink() function encrypts email addresses. Is set in pagegen-class.
422 /**
423 * @todo Define visibility
424 */
425 public $spamProtectEmailAddresses = 0;
426
427 // Absolute Reference prefix
428 /**
429 * @todo Define visibility
430 */
431 public $absRefPrefix = '';
432
433 // Absolute Reference prefix force flag. This is set, if the type and id is retrieve from PATH_INFO and thus we NEED to prefix urls with at least '/'
434 /**
435 * @todo Define visibility
436 */
437 public $absRefPrefix_force = 0;
438
439 // Factor for form-field widths compensation
440 /**
441 * @todo Define visibility
442 */
443 public $compensateFieldWidth = '';
444
445 // Lock file path
446 /**
447 * @todo Define visibility
448 */
449 public $lockFilePath = '';
450
451 // <A>-tag parameters
452 /**
453 * @todo Define visibility
454 */
455 public $ATagParams = '';
456
457 // Search word regex, calculated if there has been search-words send. This is used to mark up the found search words on a page when jumped to from a link in a search-result.
458 /**
459 * @todo Define visibility
460 */
461 public $sWordRegEx = '';
462
463 // Is set to the incoming array sword_list in case of a page-view jumped to from a search-result.
464 /**
465 * @todo Define visibility
466 */
467 public $sWordList = '';
468
469 // A string prepared for insertion in all links on the page as url-parameters. Based on configuration in TypoScript where you defined which GET_VARS you would like to pass on.
470 /**
471 * @todo Define visibility
472 */
473 public $linkVars = '';
474
475 // A string set with a comma list of additional GET vars which should NOT be included in the cHash calculation. These vars should otherwise be detected and involved in caching, eg. through a condition in TypoScript.
476 /**
477 * @todo Define visibility
478 */
479 public $excludeCHashVars = '';
480
481 // If set, edit icons are rendered aside content records. Must be set only if the ->beUserLogin flag is set and set_no_cache() must be called as well.
482 /**
483 * @todo Define visibility
484 */
485 public $displayEditIcons = '';
486
487 // If set, edit icons are rendered aside individual fields of content. Must be set only if the ->beUserLogin flag is set and set_no_cache() must be called as well.
488 /**
489 * @todo Define visibility
490 */
491 public $displayFieldEditIcons = '';
492
493 // Site language, 0 (zero) is default, int+ is uid pointing to a sys_language record. Should reflect which language menus, templates etc is displayed in (master language) - but not necessarily the content which could be falling back to default (see sys_language_content)
494 /**
495 * @todo Define visibility
496 */
497 public $sys_language_uid = 0;
498
499 // Site language mode for content fall back.
500 /**
501 * @todo Define visibility
502 */
503 public $sys_language_mode = '';
504
505 // Site content selection uid (can be different from sys_language_uid if content is to be selected from a fall-back language. Depends on sys_language_mode)
506 /**
507 * @todo Define visibility
508 */
509 public $sys_language_content = 0;
510
511 // Site content overlay flag; If set - and sys_language_content is > 0 - , records selected will try to look for a translation pointing to their uid. (If configured in [ctrl][languageField] / [ctrl][transOrigP...]
512 /**
513 * @todo Define visibility
514 */
515 public $sys_language_contentOL = 0;
516
517 // Is set to the iso code of the sys_language_content if that is properly defined by the sys_language record representing the sys_language_uid. (Requires the extension "static_info_tables")
518 /**
519 * @todo Define visibility
520 */
521 public $sys_language_isocode = '';
522
523 // RENDERING data
524 // 'Global' Storage for various applications. Keys should be 'tx_'.extKey for extensions.
525 /**
526 * @todo Define visibility
527 */
528 public $applicationData = array();
529
530 /**
531 * @todo Define visibility
532 */
533 public $register = array();
534
535 // Stack used for storing array and retrieving register arrays (see LOAD_REGISTER and RESTORE_REGISTER)
536 /**
537 * @todo Define visibility
538 */
539 public $registerStack = array();
540
541 // Checking that the function is not called eternally. This is done by interrupting at a depth of 50
542 /**
543 * @todo Define visibility
544 */
545 public $cObjectDepthCounter = 50;
546
547 // used by cObj->RECORDS and cObj->CONTENT to ensure the a records is NOT rendered twice through it!
548 /**
549 * @todo Define visibility
550 */
551 public $recordRegister = array();
552
553 // This is set to the [table]:[uid] of the latest record rendered. Note that class ContentObjectRenderer has an equal value, but that is pointing to the record delivered in the $data-array of the ContentObjectRenderer instance, if the cObjects CONTENT or RECORD created that instance
554 /**
555 * @todo Define visibility
556 */
557 public $currentRecord = '';
558
559 // Used by class \TYPO3\CMS\Frontend\ContentObject\Menu\AbstractMenuContentObject to keep track of access-keys.
560 /**
561 * @todo Define visibility
562 */
563 public $accessKey = array();
564
565 // Numerical array where image filenames are added if they are referenced in the rendered document. This includes only TYPO3 generated/inserted images.
566 /**
567 * @todo Define visibility
568 */
569 public $imagesOnPage = array();
570
571 // Is set in ContentObjectRenderer->cImage() function to the info-array of the most recent rendered image. The information is used in ContentObjectRenderer->IMGTEXT
572 /**
573 * @todo Define visibility
574 */
575 public $lastImageInfo = array();
576
577 // Used to generate page-unique keys. Point is that uniqid() functions is very slow, so a unikey key is made based on this, see function uniqueHash()
578 /**
579 * @todo Define visibility
580 */
581 public $uniqueCounter = 0;
582
583 /**
584 * @todo Define visibility
585 */
586 public $uniqueString = '';
587
588 // This value will be used as the title for the page in the indexer (if indexing happens)
589 /**
590 * @todo Define visibility
591 */
592 public $indexedDocTitle = '';
593
594 // Alternative page title (normally the title of the page record). Can be set from applications you make.
595 /**
596 * @todo Define visibility
597 */
598 public $altPageTitle = '';
599
600 // The base URL set for the page header.
601 /**
602 * @todo Define visibility
603 */
604 public $baseUrl = '';
605
606 // The proper anchor prefix needed when using speaking urls. (only set if baseUrl is set)
607 /**
608 * @todo Define visibility
609 */
610 public $anchorPrefix = '';
611
612 /**
613 * IDs we already rendered for this page (to make sure they are unique)
614 */
615 private $usedUniqueIds = array();
616
617 /**
618 * Page content render object
619 *
620 * @var \TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer
621 * @todo Define visibility
622 */
623 public $cObj = '';
624
625 // CONTENT accumulation
626 // All page content is accumulated in this variable. See pagegen.php
627 /**
628 * @todo Define visibility
629 */
630 public $content = '';
631
632 // GENERAL
633 // Set to the browser: net / msie if 4+ browsers
634 /**
635 * @todo Define visibility
636 */
637 public $clientInfo = '';
638
639 /**
640 * @todo Define visibility
641 */
642 public $scriptParseTime = 0;
643
644 // Character set (charset) conversion object:
645 /**
646 * charset conversion class. May be used by any application.
647 *
648 * @var \TYPO3\CMS\Core\Charset\CharsetConverter
649 * @todo Define visibility
650 */
651 public $csConvObj;
652
653 // The default charset used in the frontend if nothing else is set.
654 /**
655 * @todo Define visibility
656 */
657 public $defaultCharSet = 'utf-8';
658
659 // Internal charset of the frontend during rendering. (Default: UTF-8)
660 /**
661 * @todo Define visibility
662 */
663 public $renderCharset = '';
664
665 // Output charset of the websites content. This is the charset found in the header, meta tag etc. If different from $renderCharset a conversion happens before output to browser. Defaults to ->renderCharset if not set.
666 /**
667 * @todo Define visibility
668 */
669 public $metaCharset = '';
670
671 // Assumed charset of locale strings.
672 /**
673 * @todo Define visibility
674 */
675 public $localeCharset = '';
676
677 // LANG:
678 // Set to the system language key (used on the site)
679 /**
680 * @todo Define visibility
681 */
682 public $lang = '';
683
684 /**
685 * @todo Define visibility
686 */
687 public $LL_labels_cache = array();
688
689 /**
690 * @todo Define visibility
691 */
692 public $LL_files_cache = array();
693
694 /**
695 * List of language dependencies for actual language. This is used for local variants of a language
696 * that depend on their "main" language, like Brazilian Portuguese or Canadian French.
697 *
698 * @var array
699 */
700 protected $languageDependencies = array();
701
702 /**
703 * Locking object for accessing "cache_pagesection"
704 *
705 * @var \TYPO3\CMS\Core\Locking\Locker
706 * @todo Define visibility
707 */
708 public $pagesection_lockObj;
709
710 /**
711 * Locking object for accessing "cache_pages"
712 *
713 * @var \TYPO3\CMS\Core\Locking\Locker
714 * @todo Define visibility
715 */
716 public $pages_lockObj;
717
718 /**
719 * @var \TYPO3\CMS\Core\Page\PageRenderer
720 */
721 protected $pageRenderer;
722
723 /**
724 * The page cache object, use this to save pages to the cache and to
725 * retrieve them again
726 *
727 * @var \TYPO3\CMS\Core\Cache\Backend\AbstractBackend
728 */
729 protected $pageCache;
730
731 protected $pageCacheTags = array();
732
733 /**
734 * @var \TYPO3\CMS\Frontend\Page\CacheHashCalculator The cHash Service class used for cHash related functionality
735 */
736 protected $cacheHash;
737
738 /**
739 * Runtime cache of domains per processed page ids.
740 *
741 * @var array
742 */
743 protected $domainDataCache = array();
744
745 /**
746 * Class constructor
747 * Takes a number of GET/POST input variable as arguments and stores them internally.
748 * The processing of these variables goes on later in this class.
749 * Also sets internal clientInfo array (browser information) and a unique string (->uniqueString) for this script instance; A md5 hash of the microtime()
750 *
751 * @param array $TYPO3_CONF_VARS The global $TYPO3_CONF_VARS array. Will be set internally in ->TYPO3_CONF_VARS
752 * @param mixed $id The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('id')
753 * @param integer $type The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('type')
754 * @param boolean $no_cache The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('no_cache'), evaluated to 1/0
755 * @param string $cHash The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('cHash')
756 * @param string $jumpurl The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('jumpurl')
757 * @param string $MP The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('MP')
758 * @param string $RDCT The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('RDCT')
759 * @see index_ts.php
760 * @todo Define visibility
761 */
762 public function __construct($TYPO3_CONF_VARS, $id, $type, $no_cache = '', $cHash = '', $jumpurl = '', $MP = '', $RDCT = '') {
763 // Setting some variables:
764 $this->TYPO3_CONF_VARS = $TYPO3_CONF_VARS;
765 $this->id = $id;
766 $this->type = $type;
767 if ($no_cache) {
768 if ($this->TYPO3_CONF_VARS['FE']['disableNoCacheParameter']) {
769 $warning = '&no_cache=1 has been ignored because $TYPO3_CONF_VARS[\'FE\'][\'disableNoCacheParameter\'] is set!';
770 $GLOBALS['TT']->setTSlogMessage($warning, 2);
771 } else {
772 $warning = '&no_cache=1 has been supplied, so caching is disabled! URL: "' . GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL') . '"';
773 $this->disableCache();
774 }
775 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($warning, 'cms', GeneralUtility::SYSLOG_SEVERITY_WARNING);
776 }
777 $this->cHash = $cHash;
778 $this->jumpurl = $jumpurl;
779 $this->MP = $this->TYPO3_CONF_VARS['FE']['enable_mount_pids'] ? (string) $MP : '';
780 $this->RDCT = $RDCT;
781 $this->clientInfo = GeneralUtility::clientInfo();
782 $this->uniqueString = md5(microtime());
783 $this->csConvObj = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Charset\\CharsetConverter');
784 // Call post processing function for constructor:
785 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['tslib_fe-PostProc'])) {
786 $_params = array('pObj' => &$this);
787 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['tslib_fe-PostProc'] as $_funcRef) {
788 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
789 }
790 }
791 $this->cacheHash = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\CacheHashCalculator');
792 $this->initCaches();
793 }
794
795 /**
796 * Connect to SQL database. May exit after outputting an error message
797 * or some JavaScript redirecting to the install tool.
798 *
799 * @throws \RuntimeException
800 * @throws \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException
801 * @return void
802 */
803 public function connectToDB() {
804 try {
805 $GLOBALS['TYPO3_DB']->connectDB();
806 } catch (\RuntimeException $exception) {
807 switch ($exception->getCode()) {
808 case 1270853883:
809 // Cannot connect to current database
810 $message = 'Cannot connect to the configured database "' . TYPO3_db . '"';
811 if ($this->checkPageUnavailableHandler()) {
812 $this->pageUnavailableAndExit($message);
813 } else {
814 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
815 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648782);
816 }
817 break;
818 case 1270853884:
819 // Username / password not accepted
820 $message = 'The current username, password or host was not accepted when' . ' the connection to the database was attempted to be established!';
821 if ($this->checkPageUnavailableHandler()) {
822 $this->pageUnavailableAndExit($message);
823 } else {
824 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
825 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException('Database Error: ' . $message, 1301648945);
826 }
827 break;
828 default:
829 throw $exception;
830 }
831 }
832 // Call post processing function for DB connection:
833 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['connectToDB'])) {
834 $_params = array('pObj' => &$this);
835 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['connectToDB'] as $_funcRef) {
836 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
837 }
838 }
839 }
840
841 /**
842 * Looks up the value of $this->RDCT in the database and if it is
843 * found to be associated with a redirect URL then the redirection
844 * is carried out with a 'Location:' header
845 * May exit after sending a location-header.
846 *
847 * @return void
848 */
849 public function sendRedirect() {
850 if ($this->RDCT) {
851 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->RDCT, 'cache_md5params'));
852 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
853 $this->updateMD5paramsRecord($this->RDCT);
854 header('Location: ' . $row['params']);
855 die;
856 }
857 }
858 }
859
860 /**
861 * Gets instance of PageRenderer
862 *
863 * @return \TYPO3\CMS\Core\Page\PageRenderer
864 */
865 public function getPageRenderer() {
866 if (!isset($this->pageRenderer)) {
867 $this->pageRenderer = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Page\\PageRenderer');
868 $this->pageRenderer->setTemplateFile(PATH_tslib . 'templates/tslib_page_frontend.html');
869 $this->pageRenderer->setBackPath(TYPO3_mainDir);
870 }
871 return $this->pageRenderer;
872 }
873
874 /**
875 * This is needed for USER_INT processing
876 *
877 * @param \TYPO3\CMS\Core\Page\PageRenderer $pageRenderer
878 */
879 protected function setPageRenderer(\TYPO3\CMS\Core\Page\PageRenderer $pageRenderer) {
880 $this->pageRenderer = $pageRenderer;
881 }
882
883 /********************************************
884 *
885 * Initializing, resolving page id
886 *
887 ********************************************/
888 /**
889 * Initializes the caching system.
890 *
891 * @return void
892 */
893 protected function initCaches() {
894 $this->pageCache = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Cache\\CacheManager')->getCache('cache_pages');
895 }
896
897 /**
898 * Initializes the front-end login user.
899 *
900 * @return void
901 * @todo Define visibility
902 */
903 public function initFEuser() {
904 $this->fe_user = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Authentication\\FrontendUserAuthentication');
905 $this->fe_user->lockIP = $this->TYPO3_CONF_VARS['FE']['lockIP'];
906 $this->fe_user->checkPid = $this->TYPO3_CONF_VARS['FE']['checkFeUserPid'];
907 $this->fe_user->lifetime = (int)$this->TYPO3_CONF_VARS['FE']['lifetime'];
908 // List of pid's acceptable
909 $pid = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('pid');
910 $this->fe_user->checkPid_value = $pid ? $GLOBALS['TYPO3_DB']->cleanIntList($pid) : 0;
911 // Check if a session is transferred:
912 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('FE_SESSION_KEY')) {
913 $fe_sParts = explode('-', GeneralUtility::_GP('FE_SESSION_KEY'));
914 // If the session key hash check is OK:
915 if (md5(($fe_sParts[0] . '/' . $this->TYPO3_CONF_VARS['SYS']['encryptionKey'])) === (string)$fe_sParts[1]) {
916 $cookieName = \TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getCookieName();
917 $_COOKIE[$cookieName] = $fe_sParts[0];
918 if (isset($_SERVER['HTTP_COOKIE'])) {
919 // See http://forge.typo3.org/issues/27740
920 $_SERVER['HTTP_COOKIE'] .= ';' . $cookieName . '=' . $fe_sParts[0];
921 }
922 $this->fe_user->forceSetCookie = 1;
923 unset($cookieName);
924 }
925 }
926 $this->fe_user->start();
927 $this->fe_user->unpack_uc('');
928 // Gets session data
929 $this->fe_user->fetchSessionData();
930 $recs = GeneralUtility::_GP('recs');
931 // If any record registration is submitted, register the record.
932 if (is_array($recs)) {
933 $this->fe_user->record_registration($recs, $this->TYPO3_CONF_VARS['FE']['maxSessionDataSize']);
934 }
935 // Call hook for possible manipulation of frontend user object
936 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['initFEuser'])) {
937 $_params = array('pObj' => &$this);
938 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['initFEuser'] as $_funcRef) {
939 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
940 }
941 }
942 // For every 60 seconds the is_online timestamp is updated.
943 if (is_array($this->fe_user->user) && $this->fe_user->user['uid'] && $this->fe_user->user['is_online'] < $GLOBALS['EXEC_TIME'] - 60) {
944 $GLOBALS['TYPO3_DB']->exec_UPDATEquery('fe_users', 'uid=' . (int)$this->fe_user->user['uid'], array('is_online' => $GLOBALS['EXEC_TIME']));
945 }
946 }
947
948 /**
949 * Initializes the front-end user groups.
950 * Sets ->loginUser and ->gr_list based on front-end user status.
951 *
952 * @return void
953 * @todo Define visibility
954 */
955 public function initUserGroups() {
956 // This affects the hidden-flag selecting the fe_groups for the user!
957 $this->fe_user->showHiddenRecords = $this->showHiddenRecords;
958 // no matter if we have an active user we try to fetch matching groups which can be set without an user (simulation for instance!)
959 $this->fe_user->fetchGroupData();
960 if (is_array($this->fe_user->user) && count($this->fe_user->groupData['uid'])) {
961 // global flag!
962 $this->loginUser = 1;
963 // group -2 is not an existing group, but denotes a 'default' group when a user IS logged in. This is used to let elements be shown for all logged in users!
964 $this->gr_list = '0,-2';
965 $gr_array = $this->fe_user->groupData['uid'];
966 } else {
967 $this->loginUser = 0;
968 // group -1 is not an existing group, but denotes a 'default' group when not logged in. This is used to let elements be hidden, when a user is logged in!
969 $this->gr_list = '0,-1';
970 if ($this->loginAllowedInBranch) {
971 // For cases where logins are not banned from a branch usergroups can be set based on IP masks so we should add the usergroups uids.
972 $gr_array = $this->fe_user->groupData['uid'];
973 } else {
974 // Set to blank since we will NOT risk any groups being set when no logins are allowed!
975 $gr_array = array();
976 }
977 }
978 // Clean up.
979 // Make unique...
980 $gr_array = array_unique($gr_array);
981 // sort
982 sort($gr_array);
983 if (count($gr_array) && !$this->loginAllowedInBranch_mode) {
984 $this->gr_list .= ',' . implode(',', $gr_array);
985 }
986 if ($this->fe_user->writeDevLog) {
987 \TYPO3\CMS\Core\Utility\GeneralUtility::devLog('Valid usergroups for TSFE: ' . $this->gr_list, 'TYPO3\\CMS\\Frontend\\Controller\\TypoScriptFrontendController');
988 }
989 }
990
991 /**
992 * Checking if a user is logged in or a group constellation different from "0,-1"
993 *
994 * @return boolean TRUE if either a login user is found (array fe_user->user) OR if the gr_list is set to something else than '0,-1' (could be done even without a user being logged in!)
995 * @todo Define visibility
996 */
997 public function isUserOrGroupSet() {
998 return is_array($this->fe_user->user) || $this->gr_list !== '0,-1';
999 }
1000
1001 /**
1002 * Provides ways to bypass the '?id=[xxx]&type=[xx]' format, using either PATH_INFO or virtual HTML-documents (using Apache mod_rewrite)
1003 *
1004 * Two options:
1005 * 1) Use PATH_INFO (also Apache) to extract id and type from that var. Does not require any special modules compiled with apache. (less typical)
1006 * 2) Using hook which enables features like those provided from "realurl" extension (AKA "Speaking URLs")
1007 *
1008 * @return void
1009 * @todo Define visibility
1010 */
1011 public function checkAlternativeIdMethods() {
1012 $this->siteScript = GeneralUtility::getIndpEnv('TYPO3_SITE_SCRIPT');
1013 // Call post processing function for custom URL methods.
1014 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkAlternativeIdMethods-PostProc'])) {
1015 $_params = array('pObj' => &$this);
1016 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkAlternativeIdMethods-PostProc'] as $_funcRef) {
1017 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1018 }
1019 }
1020 }
1021
1022 /**
1023 * Clears the preview-flags, sets sim_exec_time to current time.
1024 * Hidden pages must be hidden as default, $GLOBALS['SIM_EXEC_TIME'] is set to $GLOBALS['EXEC_TIME']
1025 * in bootstrap initializeGlobalTimeVariables(). Alter it by adding or subtracting seconds.
1026 *
1027 * @return void
1028 * @todo Define visibility
1029 */
1030 public function clear_preview() {
1031 $this->showHiddenPage = 0;
1032 $this->showHiddenRecords = 0;
1033 $GLOBALS['SIM_EXEC_TIME'] = $GLOBALS['EXEC_TIME'];
1034 $GLOBALS['SIM_ACCESS_TIME'] = $GLOBALS['ACCESS_TIME'];
1035 $this->fePreview = 0;
1036 }
1037
1038 /**
1039 * Checks if a backend user is logged in
1040 *
1041 * @return boolean whether a backend user is logged in
1042 */
1043 public function isBackendUserLoggedIn() {
1044 return $this->beUserLogin ? TRUE : FALSE;
1045 }
1046
1047 /**
1048 * Creates the backend user object and returns it.
1049 *
1050 * @return \TYPO3\CMS\Backend\FrontendBackendUserAuthentication the backend user object
1051 */
1052 public function initializeBackendUser() {
1053 // PRE BE_USER HOOK
1054 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'])) {
1055 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] as $_funcRef) {
1056 $_params = array();
1057 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1058 }
1059 }
1060 /** @var $BE_USER \TYPO3\CMS\Backend\FrontendBackendUserAuthentication */
1061 $BE_USER = NULL;
1062 // If the backend cookie is set,
1063 // we proceed and check if a backend user is logged in.
1064 if ($_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
1065 $GLOBALS['TYPO3_MISC']['microtime_BE_USER_start'] = microtime(TRUE);
1066 $GLOBALS['TT']->push('Back End user initialized', '');
1067 // TODO: validate the comment below: is this necessary? if so,
1068 // formfield_status should be set to "" in \TYPO3\CMS\Backend\FrontendBackendUserAuthentication
1069 // which is a subclass of \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1070 // ----
1071 // the value this->formfield_status is set to empty in order to
1072 // disable login-attempts to the backend account through this script
1073 // New backend user object
1074 $BE_USER = GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\FrontendBackendUserAuthentication');
1075 $BE_USER->OS = TYPO3_OS;
1076 $BE_USER->lockIP = $this->TYPO3_CONF_VARS['BE']['lockIP'];
1077 // Object is initialized
1078 $BE_USER->start();
1079 $BE_USER->unpack_uc('');
1080 if ($BE_USER->user['uid']) {
1081 $BE_USER->fetchGroupData();
1082 $this->beUserLogin = 1;
1083 }
1084 // Unset the user initialization.
1085 if (!$BE_USER->checkLockToIP() || !$BE_USER->checkBackendAccessSettingsFromInitPhp() || !$BE_USER->user['uid']) {
1086 $BE_USER = NULL;
1087 $this->beUserLogin = 0;
1088 $_SESSION['TYPO3-TT-start'] = FALSE;
1089 }
1090 $GLOBALS['TT']->pull();
1091 $GLOBALS['TYPO3_MISC']['microtime_BE_USER_end'] = microtime(TRUE);
1092 }
1093 // POST BE_USER HOOK
1094 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'])) {
1095 $_params = array(
1096 'BE_USER' => &$BE_USER
1097 );
1098 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] as $_funcRef) {
1099 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1100 }
1101 }
1102 return $BE_USER;
1103 }
1104
1105 /**
1106 * Determines the id and evaluates any preview settings
1107 * Basically this function is about determining whether a backend user is logged in, if he has read access to the page and if he's previewing the page. That all determines which id to show and how to initialize the id.
1108 *
1109 * @return void
1110 * @todo Define visibility
1111 */
1112 public function determineId() {
1113 // Call pre processing function for id determination
1114 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PreProcessing'])) {
1115 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PreProcessing'] as $functionReference) {
1116 $parameters = array('parentObject' => $this);
1117 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($functionReference, $parameters, $this);
1118 }
1119 }
1120 // Getting ARG-v values if some
1121 $this->setIDfromArgV();
1122 // If there is a Backend login we are going to check for any preview settings:
1123 $GLOBALS['TT']->push('beUserLogin', '');
1124 $originalFrontendUser = NULL;
1125 if ($this->beUserLogin || $this->doWorkspacePreview()) {
1126 // Backend user preview features:
1127 if ($this->beUserLogin && $GLOBALS['BE_USER']->adminPanel instanceof \TYPO3\CMS\Frontend\View\AdminPanelView) {
1128 $this->fePreview = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview') ? TRUE : FALSE;
1129 // If admin panel preview is enabled...
1130 if ($this->fePreview) {
1131 if ($this->fe_user->user) {
1132 $originalFrontendUser = $this->fe_user->user;
1133 }
1134 $this->showHiddenPage = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'showHiddenPages');
1135 $this->showHiddenRecords = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'showHiddenRecords');
1136 // Simulate date
1137 $simTime = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'simulateDate');
1138 if ($simTime) {
1139 $GLOBALS['SIM_EXEC_TIME'] = $simTime;
1140 $GLOBALS['SIM_ACCESS_TIME'] = $simTime - $simTime % 60;
1141 }
1142 // simulate user
1143 $simUserGroup = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'simulateUserGroup');
1144 $this->simUserGroup = $simUserGroup;
1145 if ($simUserGroup) {
1146 if ($this->fe_user->user) {
1147 $this->fe_user->user[$this->fe_user->usergroup_column] = $simUserGroup;
1148 } else {
1149 $this->fe_user->user = array(
1150 $this->fe_user->usergroup_column => $simUserGroup
1151 );
1152 }
1153 }
1154 if (!$simUserGroup && !$simTime && !$this->showHiddenPage && !$this->showHiddenRecords) {
1155 $this->fePreview = 0;
1156 }
1157 }
1158 }
1159 if ($this->id) {
1160 if ($this->determineIdIsHiddenPage()) {
1161 // The preview flag is set only if the current page turns out to actually be hidden!
1162 $this->fePreview = 1;
1163 $this->showHiddenPage = 1;
1164 }
1165 // For Live workspace: Check root line for proper connection to tree root (done because of possible preview of page / branch versions)
1166 if (!$this->fePreview && $this->whichWorkspace() === 0) {
1167 // Initialize the page-select functions to check rootline:
1168 $temp_sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1169 $temp_sys_page->init($this->showHiddenPage);
1170 // If root line contained NO records and ->error_getRootLine_failPid tells us that it was because of a pid=-1 (indicating a "version" record)...:
1171 if (!count($temp_sys_page->getRootLine($this->id, $this->MP)) && $temp_sys_page->error_getRootLine_failPid == -1) {
1172 // Setting versioningPreview flag and try again:
1173 $temp_sys_page->versioningPreview = TRUE;
1174 if (count($temp_sys_page->getRootLine($this->id, $this->MP))) {
1175 // Finally, we got a root line (meaning that it WAS due to versioning preview of a page somewhere) and we set the fePreview flag which in itself will allow sys_page class to display previews of versionized records.
1176 $this->fePreview = 1;
1177 }
1178 }
1179 }
1180 }
1181 // The preview flag will be set if a backend user is in an offline workspace
1182 if (($GLOBALS['BE_USER']->user['workspace_preview'] || GeneralUtility::_GP('ADMCMD_view') || $this->doWorkspacePreview()) && ($this->whichWorkspace() === -1 || $this->whichWorkspace() > 0)) {
1183 // Will show special preview message.
1184 $this->fePreview = 2;
1185 }
1186 // If the front-end is showing a preview, caching MUST be disabled.
1187 if ($this->fePreview) {
1188 $this->disableCache();
1189 }
1190 }
1191 $GLOBALS['TT']->pull();
1192 // Now, get the id, validate access etc:
1193 $this->fetch_the_id();
1194 // Check if backend user has read access to this page. If not, recalculate the id.
1195 if ($this->beUserLogin && $this->fePreview) {
1196 if (!$GLOBALS['BE_USER']->doesUserHaveAccess($this->page, 1)) {
1197 // Resetting
1198 $this->clear_preview();
1199 $this->fe_user->user = $originalFrontendUser;
1200 // Fetching the id again, now with the preview settings reset.
1201 $this->fetch_the_id();
1202 }
1203 }
1204 // Checks if user logins are blocked for a certain branch and if so, will unset user login and re-fetch ID.
1205 $this->loginAllowedInBranch = $this->checkIfLoginAllowedInBranch();
1206 // Logins are not allowed:
1207 if (!$this->loginAllowedInBranch) {
1208 // Only if there is a login will we run this...
1209 if ($this->isUserOrGroupSet()) {
1210 if ($this->loginAllowedInBranch_mode == 'all') {
1211 // Clear out user and group:
1212 unset($this->fe_user->user);
1213 $this->gr_list = '0,-1';
1214 } else {
1215 $this->gr_list = '0,-2';
1216 }
1217 // Fetching the id again, now with the preview settings reset.
1218 $this->fetch_the_id();
1219 }
1220 }
1221 // Final cleaning.
1222 // Make sure it's an integer
1223 $this->id = ($this->contentPid = (int)$this->id);
1224 // Make sure it's an integer
1225 $this->type = (int)$this->type;
1226 // Call post processing function for id determination:
1227 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PostProc'])) {
1228 $_params = array('pObj' => &$this);
1229 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PostProc'] as $_funcRef) {
1230 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1231 }
1232 }
1233 }
1234
1235 /**
1236 * Checks if the page is hidden in the active workspace.
1237 * If it is hidden, preview flags will be set.
1238 *
1239 * @return boolean
1240 */
1241 protected function determineIdIsHiddenPage() {
1242 $field = \TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->id) ? 'uid' : 'alias';
1243 $pageSelectCondition = $field . '=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'pages');
1244 $page = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('uid,hidden,starttime,endtime', 'pages', $pageSelectCondition . ' AND pid>=0 AND deleted=0');
1245 $workspace = $this->whichWorkspace();
1246 if ($workspace !== 0 && $workspace !== FALSE) {
1247 // Fetch overlay of page if in workspace and check if it is hidden
1248 $pageSelectObject = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1249 $pageSelectObject->versioningPreview = TRUE;
1250 $pageSelectObject->init(FALSE);
1251 $targetPage = $pageSelectObject->getWorkspaceVersionOfRecord($this->whichWorkspace(), 'pages', $page['uid']);
1252 $result = $targetPage === -1 || $targetPage === -2;
1253 } else {
1254 $result = is_array($page) && ($page['hidden'] || $page['starttime'] > $GLOBALS['SIM_EXEC_TIME'] || $page['endtime'] != 0 && $page['endtime'] <= $GLOBALS['SIM_EXEC_TIME']);
1255 }
1256 return $result;
1257 }
1258
1259 /**
1260 * Get The Page ID
1261 * This gets the id of the page, checks if the page is in the domain and if the page is accessible
1262 * Sets variables such as $this->sys_page, $this->loginUser, $this->gr_list, $this->id, $this->type, $this->domainStartPage
1263 *
1264 * @return void
1265 * @access private
1266 * @todo Define visibility
1267 */
1268 public function fetch_the_id() {
1269 $GLOBALS['TT']->push('fetch_the_id initialize/', '');
1270 // Initialize the page-select functions.
1271 $this->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1272 $this->sys_page->versioningPreview = $this->fePreview === 2 || (int)$this->workspacePreview || GeneralUtility::_GP('ADMCMD_view') ? TRUE : FALSE;
1273 $this->sys_page->versioningWorkspaceId = $this->whichWorkspace();
1274 $this->sys_page->init($this->showHiddenPage);
1275 // Set the valid usergroups for FE
1276 $this->initUserGroups();
1277 // Sets sys_page where-clause
1278 $this->setSysPageWhereClause();
1279 // Splitting $this->id by a period (.).
1280 // First part is 'id' and second part (if exists) will overrule the &type param
1281 $idParts = explode('.', $this->id, 2);
1282 $this->id = $idParts[0];
1283 if (isset($idParts[1])) {
1284 $this->type = $idParts[1];
1285 }
1286
1287 // If $this->id is a string, it's an alias
1288 $this->checkAndSetAlias();
1289 // The id and type is set to the integer-value - just to be sure...
1290 $this->id = (int)$this->id;
1291 $this->type = (int)$this->type;
1292 $GLOBALS['TT']->pull();
1293 // We find the first page belonging to the current domain
1294 $GLOBALS['TT']->push('fetch_the_id domain/', '');
1295 // The page_id of the current domain
1296 $this->domainStartPage = $this->findDomainRecord($this->TYPO3_CONF_VARS['SYS']['recursiveDomainSearch']);
1297 if (!$this->id) {
1298 if ($this->domainStartPage) {
1299 // If the id was not previously set, set it to the id of the domain.
1300 $this->id = $this->domainStartPage;
1301 } else {
1302 // Find the first 'visible' page in that domain
1303 $theFirstPage = $this->sys_page->getFirstWebPage($this->id);
1304 if ($theFirstPage) {
1305 $this->id = $theFirstPage['uid'];
1306 } else {
1307 $message = 'No pages are found on the rootlevel!';
1308 if ($this->checkPageUnavailableHandler()) {
1309 $this->pageUnavailableAndExit($message);
1310 } else {
1311 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1312 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648975);
1313 }
1314 }
1315 }
1316 }
1317 $GLOBALS['TT']->pull();
1318 $GLOBALS['TT']->push('fetch_the_id rootLine/', '');
1319 // We store the originally requested id
1320 $requestedId = $this->id;
1321 $this->getPageAndRootlineWithDomain($this->domainStartPage);
1322 $GLOBALS['TT']->pull();
1323 if ($this->pageNotFound && $this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1324 $pNotFoundMsg = array(
1325 1 => 'ID was not an accessible page',
1326 2 => 'Subsection was found and not accessible',
1327 3 => 'ID was outside the domain',
1328 4 => 'The requested page alias does not exist'
1329 );
1330 $this->pageNotFoundAndExit($pNotFoundMsg[$this->pageNotFound]);
1331 }
1332 if ($this->page['url_scheme'] > 0) {
1333 $newUrl = '';
1334 $requestUrlScheme = parse_url(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), PHP_URL_SCHEME);
1335 if ((int)$this->page['url_scheme'] === HttpUtility::SCHEME_HTTP && $requestUrlScheme == 'https') {
1336 $newUrl = 'http://' . substr(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), 8);
1337 } elseif ((int)$this->page['url_scheme'] === HttpUtility::SCHEME_HTTPS && $requestUrlScheme == 'http') {
1338 $newUrl = 'https://' . substr(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), 7);
1339 }
1340 if ($newUrl !== '') {
1341 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
1342 $headerCode = HttpUtility::HTTP_STATUS_303;
1343 } else {
1344 $headerCode = HttpUtility::HTTP_STATUS_301;
1345 }
1346 HttpUtility::redirect($newUrl, $headerCode);
1347 }
1348 }
1349 // Set no_cache if set
1350 if ($this->page['no_cache']) {
1351 $this->set_no_cache('no_cache is set in page properties');
1352 }
1353 // Init SYS_LASTCHANGED
1354 $this->register['SYS_LASTCHANGED'] = (int)$this->page['tstamp'];
1355 if ($this->register['SYS_LASTCHANGED'] < (int)$this->page['SYS_LASTCHANGED']) {
1356 $this->register['SYS_LASTCHANGED'] = (int)$this->page['SYS_LASTCHANGED'];
1357 }
1358 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['fetchPageId-PostProcessing'])) {
1359 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['fetchPageId-PostProcessing'] as $functionReference) {
1360 $parameters = array('parentObject' => $this);
1361 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($functionReference, $parameters, $this);
1362 }
1363 }
1364 }
1365
1366 /**
1367 * Gets the page and rootline arrays based on the id, $this->id
1368 *
1369 * If the id does not correspond to a proper page, the 'previous' valid page in the rootline is found
1370 * If the page is a shortcut (doktype=4), the ->id is loaded with that id
1371 *
1372 * Whether or not the ->id is changed to the shortcut id or the previous id in rootline (eg if a page is hidden), the ->page-array and ->rootline is found and must also be valid.
1373 *
1374 * Sets or manipulates internal variables such as: $this->id, $this->page, $this->rootLine, $this->MP, $this->pageNotFound
1375 *
1376 * @return void
1377 * @access private
1378 * @todo Define visibility
1379 */
1380 public function getPageAndRootline() {
1381 $this->page = $this->sys_page->getPage($this->id);
1382 if (!count($this->page)) {
1383 // If no page, we try to find the page before in the rootLine.
1384 // Page is 'not found' in case the id itself was not an accessible page. code 1
1385 $this->pageNotFound = 1;
1386 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1387 if (count($this->rootLine)) {
1388 $c = count($this->rootLine) - 1;
1389 while ($c > 0) {
1390 // Add to page access failure history:
1391 $this->pageAccessFailureHistory['direct_access'][] = $this->rootLine[$c];
1392 // Decrease to next page in rootline and check the access to that, if OK, set as page record and ID value.
1393 $c--;
1394 $this->id = $this->rootLine[$c]['uid'];
1395 $this->page = $this->sys_page->getPage($this->id);
1396 if (count($this->page)) {
1397 break;
1398 }
1399 }
1400 }
1401 // If still no page...
1402 if (!count($this->page)) {
1403 $message = 'The requested page does not exist!';
1404 if ($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1405 $this->pageNotFoundAndExit($message);
1406 } else {
1407 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1408 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException($message, 1301648780);
1409 }
1410 }
1411 }
1412 // Spacer is not accessible in frontend
1413 if ($this->page['doktype'] == \TYPO3\CMS\Frontend\Page\PageRepository::DOKTYPE_SPACER) {
1414 $message = 'The requested page does not exist!';
1415 if ($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1416 $this->pageNotFoundAndExit($message);
1417 } else {
1418 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1419 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException($message, 1301648781);
1420 }
1421 }
1422 // Is the ID a link to another page??
1423 if ($this->page['doktype'] == \TYPO3\CMS\Frontend\Page\PageRepository::DOKTYPE_SHORTCUT) {
1424 // We need to clear MP if the page is a shortcut. Reason is if the short cut goes to another page, then we LEAVE the rootline which the MP expects.
1425 $this->MP = '';
1426 // saving the page so that we can check later - when we know
1427 // about languages - whether we took the correct shortcut or
1428 // whether a translation of the page overwrites the shortcut
1429 // target and we need to follow the new target
1430 $this->originalShortcutPage = $this->page;
1431 $this->page = $this->getPageShortcut($this->page['shortcut'], $this->page['shortcut_mode'], $this->page['uid']);
1432 $this->id = $this->page['uid'];
1433 }
1434 // Gets the rootLine
1435 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1436 // If not rootline we're off...
1437 if (!count($this->rootLine)) {
1438 $ws = $this->whichWorkspace();
1439 if ($this->sys_page->error_getRootLine_failPid == -1 && $ws) {
1440 $this->sys_page->versioningPreview = TRUE;
1441 $this->versioningWorkspaceId = $ws;
1442 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1443 }
1444 if (!count($this->rootLine)) {
1445 $message = 'The requested page didn\'t have a proper connection to the tree-root!';
1446 if ($this->checkPageUnavailableHandler()) {
1447 $this->pageUnavailableAndExit($message);
1448 } else {
1449 $rootline = '(' . $this->sys_page->error_getRootLine . ')';
1450 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1451 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message . '<br /><br />' . $rootline, 1301648167);
1452 }
1453 }
1454 $this->fePreview = 1;
1455 }
1456 // Checking for include section regarding the hidden/starttime/endtime/fe_user (that is access control of a whole subbranch!)
1457 if ($this->checkRootlineForIncludeSection()) {
1458 if (!count($this->rootLine)) {
1459 $message = 'The requested page was not accessible!';
1460 if ($this->checkPageUnavailableHandler()) {
1461 $this->pageUnavailableAndExit($message);
1462 } else {
1463 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1464 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648234);
1465 }
1466 } else {
1467 $el = reset($this->rootLine);
1468 $this->id = $el['uid'];
1469 $this->page = $this->sys_page->getPage($this->id);
1470 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1471 }
1472 }
1473 }
1474
1475 /**
1476 * Get page shortcut; Finds the records pointed to by input value $SC (the shortcut value)
1477 *
1478 * @param integer $SC The value of the "shortcut" field from the pages record
1479 * @param integer $mode The shortcut mode: 1 will select first subpage, 2 a random subpage, 3 the parent page; default is the page pointed to by $SC
1480 * @param integer $thisUid The current page UID of the page which is a shortcut
1481 * @param integer $itera Safety feature which makes sure that the function is calling itself recursively max 20 times (since this function can find shortcuts to other shortcuts to other shortcuts...)
1482 * @param array $pageLog An array filled with previous page uids tested by the function - new page uids are evaluated against this to avoid going in circles.
1483 * @return mixed Returns the page record of the page that the shortcut pointed to.
1484 * @access private
1485 * @see getPageAndRootline()
1486 * @todo Define visibility
1487 */
1488 public function getPageShortcut($SC, $mode, $thisUid, $itera = 20, $pageLog = array()) {
1489 $idArray = GeneralUtility::intExplode(',', $SC);
1490 // Find $page record depending on shortcut mode:
1491 switch ($mode) {
1492 case \TYPO3\CMS\Frontend\Page\PageRepository::SHORTCUT_MODE_FIRST_SUBPAGE:
1493
1494 case \TYPO3\CMS\Frontend\Page\PageRepository::SHORTCUT_MODE_RANDOM_SUBPAGE:
1495 $pageArray = $this->sys_page->getMenu($idArray[0] ? $idArray[0] : $thisUid, '*', 'sorting', 'AND pages.doktype<199 AND pages.doktype!=' . \TYPO3\CMS\Frontend\Page\PageRepository::DOKTYPE_BE_USER_SECTION);
1496 $pO = 0;
1497 if ($mode == \TYPO3\CMS\Frontend\Page\PageRepository::SHORTCUT_MODE_RANDOM_SUBPAGE && count($pageArray)) {
1498 $randval = (int)rand(0, count($pageArray) - 1);
1499 $pO = $randval;
1500 }
1501 $c = 0;
1502 foreach ($pageArray as $pV) {
1503 if ($c == $pO) {
1504 $page = $pV;
1505 break;
1506 }
1507 $c++;
1508 }
1509 if (count($page) == 0) {
1510 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to a subpage. ' . 'However, this page has no accessible subpages.';
1511 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException($message, 1301648328);
1512 }
1513 break;
1514 case \TYPO3\CMS\Frontend\Page\PageRepository::SHORTCUT_MODE_PARENT_PAGE:
1515 $parent = $this->sys_page->getPage($thisUid);
1516 $page = $this->sys_page->getPage($parent['pid']);
1517 if (count($page) == 0) {
1518 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to its parent page. ' . 'However, the parent page is not accessible.';
1519 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException($message, 1301648358);
1520 }
1521 break;
1522 default:
1523 $page = $this->sys_page->getPage($idArray[0]);
1524 if (count($page) == 0) {
1525 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to a page, which is not accessible (ID ' . $idArray[0] . ').';
1526 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException($message, 1301648404);
1527 }
1528 }
1529 // Check if short cut page was a shortcut itself, if so look up recursively:
1530 if ($page['doktype'] == \TYPO3\CMS\Frontend\Page\PageRepository::DOKTYPE_SHORTCUT) {
1531 if (!in_array($page['uid'], $pageLog) && $itera > 0) {
1532 $pageLog[] = $page['uid'];
1533 $page = $this->getPageShortcut($page['shortcut'], $page['shortcut_mode'], $page['uid'], $itera - 1, $pageLog);
1534 } else {
1535 $pageLog[] = $page['uid'];
1536 $message = 'Page shortcuts were looping in uids ' . implode(',', $pageLog) . '...!';
1537 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1538 throw new \RuntimeException($message, 1294587212);
1539 }
1540 }
1541 // Return resulting page:
1542 return $page;
1543 }
1544
1545 /**
1546 * Checks the current rootline for defined sections.
1547 *
1548 * @return boolean
1549 * @access private
1550 * @todo Define visibility
1551 */
1552 public function checkRootlineForIncludeSection() {
1553 $c = count($this->rootLine);
1554 $removeTheRestFlag = 0;
1555 for ($a = 0; $a < $c; $a++) {
1556 if (!$this->checkPagerecordForIncludeSection($this->rootLine[$a])) {
1557 // Add to page access failure history:
1558 $this->pageAccessFailureHistory['sub_section'][] = $this->rootLine[$a];
1559 $removeTheRestFlag = 1;
1560 }
1561 if ($this->rootLine[$a]['doktype'] == \TYPO3\CMS\Frontend\Page\PageRepository::DOKTYPE_BE_USER_SECTION) {
1562 // If there is a backend user logged in, check if he has read access to the page:
1563 if ($this->beUserLogin) {
1564 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'uid=' . (int)$this->id . ' AND ' . $GLOBALS['BE_USER']->getPagePermsClause(1));
1565 // versionOL()?
1566 list($isPage) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
1567 if (!$isPage) {
1568 // If there was no page selected, the user apparently did not have read access to the current PAGE (not position in rootline) and we set the remove-flag...
1569 $removeTheRestFlag = 1;
1570 }
1571 } else {
1572 // Dont go here, if there is no backend user logged in.
1573 $removeTheRestFlag = 1;
1574 }
1575 }
1576 if ($removeTheRestFlag) {
1577 // Page is 'not found' in case a subsection was found and not accessible, code 2
1578 $this->pageNotFound = 2;
1579 unset($this->rootLine[$a]);
1580 }
1581 }
1582 return $removeTheRestFlag;
1583 }
1584
1585 /**
1586 * Checks page record for enableFields
1587 * Returns TRUE if enableFields does not disable the page record.
1588 * Takes notice of the ->showHiddenPage flag and uses SIM_ACCESS_TIME for start/endtime evaluation
1589 *
1590 * @param array $row The page record to evaluate (needs fields: hidden, starttime, endtime, fe_group)
1591 * @param boolean $bypassGroupCheck Bypass group-check
1592 * @return boolean TRUE, if record is viewable.
1593 * @see TYPO3\\CMS\\Frontend\\ContentObject\\ContentObjectRenderer::getTreeList(), checkPagerecordForIncludeSection()
1594 * @todo Define visibility
1595 */
1596 public function checkEnableFields($row, $bypassGroupCheck = FALSE) {
1597 if (isset($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields']) && is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields'])) {
1598 $_params = array('pObj' => $this, 'row' => &$row, 'bypassGroupCheck' => &$bypassGroupCheck);
1599 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields'] as $_funcRef) {
1600 // Call hooks: If one returns FALSE, method execution is aborted with result "This record is not available"
1601 $return = GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1602 if ($return === FALSE) {
1603 return FALSE;
1604 }
1605 }
1606 }
1607 if ((!$row['hidden'] || $this->showHiddenPage) && $row['starttime'] <= $GLOBALS['SIM_ACCESS_TIME'] && ($row['endtime'] == 0 || $row['endtime'] > $GLOBALS['SIM_ACCESS_TIME']) && ($bypassGroupCheck || $this->checkPageGroupAccess($row))) {
1608 return TRUE;
1609 }
1610 }
1611
1612 /**
1613 * Check group access against a page record
1614 *
1615 * @param array $row The page record to evaluate (needs field: fe_group)
1616 * @param mixed $groupList List of group id's (comma list or array). Default is $this->gr_list
1617 * @return boolean TRUE, if group access is granted.
1618 * @access private
1619 * @todo Define visibility
1620 */
1621 public function checkPageGroupAccess($row, $groupList = NULL) {
1622 if (is_null($groupList)) {
1623 $groupList = $this->gr_list;
1624 }
1625 if (!is_array($groupList)) {
1626 $groupList = explode(',', $groupList);
1627 }
1628 $pageGroupList = explode(',', $row['fe_group'] ?: 0);
1629 return count(array_intersect($groupList, $pageGroupList)) > 0;
1630 }
1631
1632 /**
1633 * Checks page record for include section
1634 *
1635 * @param array $row The page record to evaluate (needs fields: extendToSubpages + hidden, starttime, endtime, fe_group)
1636 * @return boolean Returns TRUE if either extendToSubpages is not checked or if the enableFields does not disable the page record.
1637 * @access private
1638 * @see checkEnableFields(), TYPO3\\CMS\\Frontend\\ContentObject\\ContentObjectRenderer::getTreeList(), checkRootlineForIncludeSection()
1639 * @todo Define visibility
1640 */
1641 public function checkPagerecordForIncludeSection($row) {
1642 return !$row['extendToSubpages'] || $this->checkEnableFields($row) ? 1 : 0;
1643 }
1644
1645 /**
1646 * Checks if logins are allowed in the current branch of the page tree. Traverses the full root line and returns TRUE if logins are OK, otherwise FALSE (and then the login user must be unset!)
1647 *
1648 * @return boolean returns TRUE if logins are OK, otherwise FALSE (and then the login user must be unset!)
1649 * @todo Define visibility
1650 */
1651 public function checkIfLoginAllowedInBranch() {
1652 // Initialize:
1653 $c = count($this->rootLine);
1654 $disable = FALSE;
1655 // Traverse root line from root and outwards:
1656 for ($a = 0; $a < $c; $a++) {
1657 // If a value is set for login state:
1658 if ($this->rootLine[$a]['fe_login_mode'] > 0) {
1659 // Determine state from value:
1660 if ((int)$this->rootLine[$a]['fe_login_mode'] === 1) {
1661 $disable = TRUE;
1662 $this->loginAllowedInBranch_mode = 'all';
1663 } elseif ((int)$this->rootLine[$a]['fe_login_mode'] === 3) {
1664 $disable = TRUE;
1665 $this->loginAllowedInBranch_mode = 'groups';
1666 } else {
1667 $disable = FALSE;
1668 }
1669 }
1670 }
1671 return !$disable;
1672 }
1673
1674 /**
1675 * Analysing $this->pageAccessFailureHistory into a summary array telling which features disabled display and on which pages and conditions. That data can be used inside a page-not-found handler
1676 *
1677 * @return array Summary of why page access was not allowed.
1678 * @todo Define visibility
1679 */
1680 public function getPageAccessFailureReasons() {
1681 $output = array();
1682 $combinedRecords = array_merge(is_array($this->pageAccessFailureHistory['direct_access']) ? $this->pageAccessFailureHistory['direct_access'] : array(array('fe_group' => 0)), is_array($this->pageAccessFailureHistory['sub_section']) ? $this->pageAccessFailureHistory['sub_section'] : array());
1683 if (count($combinedRecords)) {
1684 foreach ($combinedRecords as $k => $pagerec) {
1685 // If $k=0 then it is the very first page the original ID was pointing at and that will get a full check of course
1686 // If $k>0 it is parent pages being tested. They are only significant for the access to the first page IF they had the extendToSubpages flag set, hence checked only then!
1687 if (!$k || $pagerec['extendToSubpages']) {
1688 if ($pagerec['hidden']) {
1689 $output['hidden'][$pagerec['uid']] = TRUE;
1690 }
1691 if ($pagerec['starttime'] > $GLOBALS['SIM_ACCESS_TIME']) {
1692 $output['starttime'][$pagerec['uid']] = $pagerec['starttime'];
1693 }
1694 if ($pagerec['endtime'] != 0 && $pagerec['endtime'] <= $GLOBALS['SIM_ACCESS_TIME']) {
1695 $output['endtime'][$pagerec['uid']] = $pagerec['endtime'];
1696 }
1697 if (!$this->checkPageGroupAccess($pagerec)) {
1698 $output['fe_group'][$pagerec['uid']] = $pagerec['fe_group'];
1699 }
1700 }
1701 }
1702 }
1703 return $output;
1704 }
1705
1706 /**
1707 * This checks if there are ARGV-parameters in the QUERY_STRING and if so, those are used for the id
1708 * $this->id must be 'FALSE' in order for any processing to happen in here
1709 * If an id/alias value is extracted from the QUERY_STRING it is set in $this->id
1710 *
1711 * @return void
1712 * @access private
1713 * @todo Define visibility
1714 */
1715 public function setIDfromArgV() {
1716 if (!$this->id) {
1717 list($theAlias) = explode('&', GeneralUtility::getIndpEnv('QUERY_STRING'));
1718 $theAlias = trim($theAlias);
1719 $this->id = $theAlias != '' && strpos($theAlias, '=') === FALSE ? $theAlias : 0;
1720 }
1721 }
1722
1723 /**
1724 * Gets ->page and ->rootline information based on ->id. ->id may change during this operation.
1725 * If not inside domain, then default to first page in domain.
1726 *
1727 * @param integer $domainStartPage Page uid of the page where the found domain record is (pid of the domain record)
1728 * @return void
1729 * @access private
1730 * @todo Define visibility
1731 */
1732 public function getPageAndRootlineWithDomain($domainStartPage) {
1733 $this->getPageAndRootline();
1734 // Checks if the $domain-startpage is in the rootLine. This is necessary so that references to page-id's from other domains are not possible.
1735 if ($domainStartPage && is_array($this->rootLine)) {
1736 $idFound = 0;
1737 foreach ($this->rootLine as $key => $val) {
1738 if ($val['uid'] == $domainStartPage) {
1739 $idFound = 1;
1740 break;
1741 }
1742 }
1743 if (!$idFound) {
1744 // Page is 'not found' in case the id was outside the domain, code 3
1745 $this->pageNotFound = 3;
1746 $this->id = $domainStartPage;
1747 // re-get the page and rootline if the id was not found.
1748 $this->getPageAndRootline();
1749 }
1750 }
1751 }
1752
1753 /**
1754 * Sets sys_page where-clause
1755 *
1756 * @return void
1757 * @access private
1758 * @todo Define visibility
1759 */
1760 public function setSysPageWhereClause() {
1761 $this->sys_page->where_hid_del .= ' AND pages.doktype<200';
1762 $this->sys_page->where_groupAccess = $this->sys_page->getMultipleGroupsWhereClause('pages.fe_group', 'pages');
1763 }
1764
1765 /**
1766 * Looking up a domain record based on HTTP_HOST
1767 *
1768 * @param boolean $recursive If set, it looks "recursively" meaning that a domain like "123.456.typo3.com" would find a domain record like "typo3.com" if "123.456.typo3.com" or "456.typo3.com" did not exist.
1769 * @return integer Returns the page id of the page where the domain record was found.
1770 * @access private
1771 * @todo Define visibility
1772 */
1773 public function findDomainRecord($recursive = 0) {
1774 if ($recursive) {
1775 $host = explode('.', GeneralUtility::getIndpEnv('HTTP_HOST'));
1776 while (count($host)) {
1777 $pageUid = $this->sys_page->getDomainStartPage(implode('.', $host), GeneralUtility::getIndpEnv('SCRIPT_NAME'), GeneralUtility::getIndpEnv('REQUEST_URI'));
1778 if ($pageUid) {
1779 return $pageUid;
1780 } else {
1781 array_shift($host);
1782 }
1783 }
1784 return $pageUid;
1785 } else {
1786 return $this->sys_page->getDomainStartPage(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('HTTP_HOST'), GeneralUtility::getIndpEnv('SCRIPT_NAME'), GeneralUtility::getIndpEnv('REQUEST_URI'));
1787 }
1788 }
1789
1790 /**
1791 * Page unavailable handler for use in frontend plugins from extensions.
1792 *
1793 * @param string $reason Reason text
1794 * @param string $header HTTP header to send
1795 * @return void Function exits.
1796 * @todo Define visibility
1797 */
1798 public function pageUnavailableAndExit($reason = '', $header = '') {
1799 $header = $header ?: $this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling_statheader'];
1800 $this->pageUnavailableHandler($this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling'], $header, $reason);
1801 die;
1802 }
1803
1804 /**
1805 * Page-not-found handler for use in frontend plugins from extensions.
1806 *
1807 * @param string $reason Reason text
1808 * @param string $header HTTP header to send
1809 * @return void Function exits.
1810 * @todo Define visibility
1811 */
1812 public function pageNotFoundAndExit($reason = '', $header = '') {
1813 $header = $header ?: $this->TYPO3_CONF_VARS['FE']['pageNotFound_handling_statheader'];
1814 $this->pageNotFoundHandler($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling'], $header, $reason);
1815 die;
1816 }
1817
1818 /**
1819 * Checks whether the pageUnavailableHandler should be used. To be used, pageUnavailable_handling must be set
1820 * and devIPMask must not match the current visitor's IP address.
1821 *
1822 * @return boolean TRUE/FALSE whether the pageUnavailable_handler should be used.
1823 * @todo Define visibility
1824 */
1825 public function checkPageUnavailableHandler() {
1826 if (
1827 $this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling']
1828 && !\TYPO3\CMS\Core\Utility\GeneralUtility::cmpIP(
1829 \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('REMOTE_ADDR'),
1830 $this->TYPO3_CONF_VARS['SYS']['devIPmask']
1831 )
1832 ) {
1833 $checkPageUnavailableHandler = TRUE;
1834 } else {
1835 $checkPageUnavailableHandler = FALSE;
1836 }
1837 return $checkPageUnavailableHandler;
1838 }
1839
1840 /**
1841 * Page unavailable handler. Acts a wrapper for the pageErrorHandler method.
1842 *
1843 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1844 * @param string $header If set, this is passed directly to the PHP function, header()
1845 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1846 * @return void (The function exits!)
1847 * @todo Define visibility
1848 */
1849 public function pageUnavailableHandler($code, $header, $reason) {
1850 $this->pageErrorHandler($code, $header, $reason);
1851 }
1852
1853 /**
1854 * Page not found handler. Acts a wrapper for the pageErrorHandler method.
1855 *
1856 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1857 * @param string $header If set, this is passed directly to the PHP function, header()
1858 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1859 * @return void (The function exits!)
1860 * @todo Define visibility
1861 */
1862 public function pageNotFoundHandler($code, $header = '', $reason = '') {
1863 $this->pageErrorHandler($code, $header, $reason);
1864 }
1865
1866 /**
1867 * Generic error page handler.
1868 * Exits.
1869 *
1870 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1871 * @param string $header If set, this is passed directly to the PHP function, header()
1872 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1873 * @return void (The function exits!)
1874 * @todo Define visibility
1875 */
1876 public function pageErrorHandler($code, $header = '', $reason = '') {
1877 // Issue header in any case:
1878 if ($header) {
1879 $headerArr = preg_split('/\\r|\\n/', $header, -1, PREG_SPLIT_NO_EMPTY);
1880 foreach ($headerArr as $header) {
1881 header($header);
1882 }
1883 }
1884 // Create response:
1885 // Simply boolean; Just shows TYPO3 error page with reason:
1886 if (gettype($code) == 'boolean' || (string)$code === '1') {
1887 $title = 'Page Not Found';
1888 $message = 'The page did not exist or was inaccessible.' . ($reason ? ' Reason: ' . htmlspecialchars($reason) : '');
1889 $messagePage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\ErrorpageMessage', $message, $title);
1890 $messagePage->output();
1891 die;
1892 } elseif (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($code, 'USER_FUNCTION:')) {
1893 $funcRef = trim(substr($code, 14));
1894 $params = array(
1895 'currentUrl' => GeneralUtility::getIndpEnv('REQUEST_URI'),
1896 'reasonText' => $reason,
1897 'pageAccessFailureReasons' => $this->getPageAccessFailureReasons()
1898 );
1899 echo GeneralUtility::callUserFunction($funcRef, $params, $this);
1900 } elseif (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($code, 'READFILE:')) {
1901 $readFile = GeneralUtility::getFileAbsFileName(trim(substr($code, 9)));
1902 if (@is_file($readFile)) {
1903 echo str_replace(
1904 array(
1905 '###CURRENT_URL###',
1906 '###REASON###'
1907 ),
1908 array(
1909 GeneralUtility::getIndpEnv('REQUEST_URI'),
1910 htmlspecialchars($reason)
1911 ),
1912 GeneralUtility::getUrl($readFile)
1913 );
1914 } else {
1915 throw new \RuntimeException('Configuration Error: 404 page "' . $readFile . '" could not be found.', 1294587214);
1916 }
1917 } elseif (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($code, 'REDIRECT:')) {
1918 HttpUtility::redirect(substr($code, 9));
1919 } elseif (strlen($code)) {
1920 // Check if URL is relative
1921 $url_parts = parse_url($code);
1922 if ($url_parts['host'] == '') {
1923 $url_parts['host'] = GeneralUtility::getIndpEnv('HTTP_HOST');
1924 if ($code[0] === '/') {
1925 $code = GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST') . $code;
1926 } else {
1927 $code = GeneralUtility::getIndpEnv('TYPO3_REQUEST_DIR') . $code;
1928 }
1929 $checkBaseTag = FALSE;
1930 } else {
1931 $checkBaseTag = TRUE;
1932 }
1933 // Check recursion
1934 if ($code == GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL')) {
1935 if ($reason == '') {
1936 $reason = 'Page cannot be found.';
1937 }
1938 $reason .= LF . LF . 'Additionally, ' . $code . ' was not found while trying to retrieve the error document.';
1939 throw new \RuntimeException(nl2br(htmlspecialchars($reason)), 1294587215);
1940 }
1941 // Prepare headers
1942 $headerArr = array(
1943 'User-agent: ' . GeneralUtility::getIndpEnv('HTTP_USER_AGENT'),
1944 'Referer: ' . GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL')
1945 );
1946 $res = GeneralUtility::getUrl($code, 1, $headerArr);
1947 // Header and content are separated by an empty line
1948 list($header, $content) = explode(CRLF . CRLF, $res, 2);
1949 $content .= CRLF;
1950 if (FALSE === $res) {
1951 // Last chance -- redirect
1952 HttpUtility::redirect($code);
1953 } else {
1954 // Forward these response headers to the client
1955 $forwardHeaders = array(
1956 'Content-Type:'
1957 );
1958 $headerArr = preg_split('/\\r|\\n/', $header, -1, PREG_SPLIT_NO_EMPTY);
1959 foreach ($headerArr as $header) {
1960 foreach ($forwardHeaders as $h) {
1961 if (preg_match('/^' . $h . '/', $header)) {
1962 header($header);
1963 }
1964 }
1965 }
1966 // Put <base> if necesary
1967 if ($checkBaseTag) {
1968 // If content already has <base> tag, we do not need to do anything
1969 if (FALSE === stristr($content, '<base ')) {
1970 // Generate href for base tag
1971 $base = $url_parts['scheme'] . '://';
1972 if ($url_parts['user'] != '') {
1973 $base .= $url_parts['user'];
1974 if ($url_parts['pass'] != '') {
1975 $base .= ':' . $url_parts['pass'];
1976 }
1977 $base .= '@';
1978 }
1979 $base .= $url_parts['host'];
1980 // Add path portion skipping possible file name
1981 $base .= preg_replace('/(.*\\/)[^\\/]*/', '${1}', $url_parts['path']);
1982 // Put it into content (generate also <head> if necessary)
1983 $replacement = LF . '<base href="' . htmlentities($base) . '" />' . LF;
1984 if (stristr($content, '<head>')) {
1985 $content = preg_replace('/(<head>)/i', '\\1' . $replacement, $content);
1986 } else {
1987 $content = preg_replace('/(<html[^>]*>)/i', '\\1<head>' . $replacement . '</head>', $content);
1988 }
1989 }
1990 }
1991 // Output the content
1992 echo $content;
1993 }
1994 } else {
1995 $title = 'Page Not Found';
1996 $message = $reason ? 'Reason: ' . htmlspecialchars($reason) : 'Page cannot be found.';
1997 $messagePage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\ErrorpageMessage', $message, $title);
1998 $messagePage->output();
1999 }
2000 die;
2001 }
2002
2003 /**
2004 * Fetches the integer page id for a page alias.
2005 * Looks if ->id is not an integer and if so it will search for a page alias and if found the page uid of that page is stored in $this->id
2006 *
2007 * @return void
2008 * @access private
2009 * @todo Define visibility
2010 */
2011 public function checkAndSetAlias() {
2012 if ($this->id && !\TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->id)) {
2013 $aid = $this->sys_page->getPageIdFromAlias($this->id);
2014 if ($aid) {
2015 $this->id = $aid;
2016 } else {
2017 $this->pageNotFound = 4;
2018 }
2019 }
2020 }
2021
2022 /**
2023 * Merging values into the global $_GET
2024 *
2025 * @param array $GET_VARS Array of key/value pairs that will be merged into the current GET-vars. (Non-escaped values)
2026 * @return void
2027 * @todo Define visibility
2028 */
2029 public function mergingWithGetVars($GET_VARS) {
2030 if (is_array($GET_VARS)) {
2031 // Getting $_GET var, unescaped.
2032 $realGet = GeneralUtility::_GET();
2033 if (!is_array($realGet)) {
2034 $realGet = array();
2035 }
2036 // Merge new values on top:
2037 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($realGet, $GET_VARS);
2038 // Write values back to $_GET:
2039 \TYPO3\CMS\Core\Utility\GeneralUtility::_GETset($realGet);
2040 // Setting these specifically (like in the init-function):
2041 if (isset($GET_VARS['type'])) {
2042 $this->type = (int)$GET_VARS['type'];
2043 }
2044 if (isset($GET_VARS['cHash'])) {
2045 $this->cHash = $GET_VARS['cHash'];
2046 }
2047 if (isset($GET_VARS['jumpurl'])) {
2048 $this->jumpurl = $GET_VARS['jumpurl'];
2049 }
2050 if (isset($GET_VARS['MP'])) {
2051 $this->MP = $this->TYPO3_CONF_VARS['FE']['enable_mount_pids'] ? $GET_VARS['MP'] : '';
2052 }
2053 if (isset($GET_VARS['no_cache']) && $GET_VARS['no_cache']) {
2054 $this->set_no_cache('no_cache is requested via GET parameter');
2055 }
2056 }
2057 }
2058
2059 /********************************************
2060 *
2061 * Template and caching related functions.
2062 *
2063 *******************************************/
2064 /**
2065 * Calculates a hash string based on additional parameters in the url.
2066 *
2067 * Calculated hash is stored in $this->cHash_array.
2068 * This is used to cache pages with more parameters than just id and type.
2069 *
2070 * @return void
2071 * @see reqCHash()
2072 * @todo Define visibility
2073 */
2074 public function makeCacheHash() {
2075 // No need to test anything if caching was already disabled.
2076 if ($this->no_cache && !$this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2077 return;
2078 }
2079 $GET = GeneralUtility::_GET();
2080 if ($this->cHash && is_array($GET)) {
2081 $this->cHash_array = $this->cacheHash->getRelevantParameters(\TYPO3\CMS\Core\Utility\GeneralUtility::implodeArrayForUrl('', $GET));
2082 $cHash_calc = $this->cacheHash->calculateCacheHash($this->cHash_array);
2083 if ($cHash_calc != $this->cHash) {
2084 if ($this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2085 $this->pageNotFoundAndExit('Request parameters could not be validated (&cHash comparison failed)');
2086 } else {
2087 $this->disableCache();
2088 $GLOBALS['TT']->setTSlogMessage('The incoming cHash "' . $this->cHash . '" and calculated cHash "' . $cHash_calc . '" did not match, so caching was disabled. The fieldlist used was "' . implode(',', array_keys($this->cHash_array)) . '"', 2);
2089 }
2090 }
2091 } elseif (is_array($GET)) {
2092 // No cHash is set, check if that is correct
2093 if ($this->cacheHash->doParametersRequireCacheHash(\TYPO3\CMS\Core\Utility\GeneralUtility::implodeArrayForUrl('', $GET))) {
2094 $this->reqCHash();
2095 }
2096 }
2097 }
2098
2099 /**
2100 * Will disable caching if the cHash value was not set.
2101 * This function should be called to check the _existence_ of "&cHash" whenever a plugin generating cachable output is using extra GET variables. If there _is_ a cHash value the validation of it automatically takes place in makeCacheHash() (see above)
2102 *
2103 * @return void
2104 * @see makeCacheHash(), \TYPO3\CMS\Frontend\Plugin\AbstractPlugin::pi_cHashCheck()
2105 * @todo Define visibility
2106 */
2107 public function reqCHash() {
2108 if (!$this->cHash) {
2109 if ($this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2110 if ($this->tempContent) {
2111 $this->clearPageCacheContent();
2112 }
2113 $this->pageNotFoundAndExit('Request parameters could not be validated (&cHash empty)');
2114 } else {
2115 $this->disableCache();
2116 $GLOBALS['TT']->setTSlogMessage('TSFE->reqCHash(): No &cHash parameter was sent for GET vars though required so caching is disabled', 2);
2117 }
2118 }
2119 }
2120
2121 /**
2122 * Initialize the TypoScript template parser
2123 *
2124 * @return void
2125 * @todo Define visibility
2126 */
2127 public function initTemplate() {
2128 $this->tmpl = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\TypoScript\\TemplateService');
2129 $this->tmpl->init();
2130 $this->tmpl->tt_track = $this->beUserLogin ? 1 : 0;
2131 }
2132
2133 /**
2134 * See if page is in cache and get it if so
2135 * Stores the page content in $this->content if something is found.
2136 *
2137 * @return void
2138 * @todo Define visibility
2139 */
2140 public function getFromCache() {
2141 if (!$this->no_cache) {
2142 $cc = $this->tmpl->getCurrentPageData();
2143 if (!is_array($cc)) {
2144 $key = $this->id . '::' . $this->MP;
2145 // Returns TRUE if the lock is active now
2146 $isLocked = $this->acquirePageGenerationLock($this->pagesection_lockObj, $key);
2147 if (!$isLocked) {
2148 // Lock is no longer active, the data in "cache_pagesection" is now ready
2149 $cc = $this->tmpl->getCurrentPageData();
2150 if (is_array($cc)) {
2151 // Release the lock
2152 $this->releasePageGenerationLock($this->pagesection_lockObj);
2153 }
2154 }
2155 }
2156 if (is_array($cc)) {
2157 // BE CAREFUL to change the content of the cc-array. This array is serialized and an md5-hash based on this is used for caching the page.
2158 // If this hash is not the same in here in this section and after page-generation, then the page will not be properly cached!
2159 // This array is an identification of the template. If $this->all is empty it's because the template-data is not cached, which it must be.
2160 $cc = $this->tmpl->matching($cc);
2161 ksort($cc);
2162 $this->all = $cc;
2163 }
2164 unset($cc);
2165 }
2166 // clearing the content-variable, which will hold the pagecontent
2167 $this->content = '';
2168 // Unsetting the lowlevel config
2169 unset($this->config);
2170 $this->cacheContentFlag = 0;
2171 // Look for page in cache only if caching is not disabled and if a shift-reload is not sent to the server.
2172 if (!$this->no_cache && !$this->headerNoCache()) {
2173 $lockHash = $this->getLockHash();
2174 if ($this->all) {
2175 $this->newHash = $this->getHash();
2176 $GLOBALS['TT']->push('Cache Row', '');
2177 $row = $this->getFromCache_queryRow();
2178 if (!is_array($row)) {
2179 $isLocked = $this->acquirePageGenerationLock($this->pages_lockObj, $lockHash);
2180 if (!$isLocked) {
2181 // Lock is no longer active, the data in "cache_pages" is now ready
2182 $row = $this->getFromCache_queryRow();
2183 if (is_array($row)) {
2184 // Release the lock
2185 $this->releasePageGenerationLock($this->pages_lockObj);
2186 }
2187 }
2188 }
2189 if (is_array($row)) {
2190 // Release this lock
2191 $this->releasePageGenerationLock($this->pages_lockObj);
2192 // Call hook when a page is retrieved from cache:
2193 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['pageLoadedFromCache'])) {
2194 $_params = array('pObj' => &$this, 'cache_pages_row' => &$row);
2195 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['pageLoadedFromCache'] as $_funcRef) {
2196 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2197 }
2198 }
2199 // Fetches the lowlevel config stored with the cached data
2200 $this->config = $row['cache_data'];
2201 // Getting the content
2202 $this->content = $row['content'];
2203 // Flag for temp content
2204 $this->tempContent = $row['temp_content'];
2205 // Setting flag, so we know, that some cached content has been loaded
2206 $this->cacheContentFlag = 1;
2207 $this->cacheExpires = $row['expires'];
2208 if ($this->TYPO3_CONF_VARS['FE']['debug'] || isset($this->config['config']['debug']) && $this->config['config']['debug']) {
2209 $dateFormat = $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'];
2210 $timeFormat = $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm'];
2211 $this->content .= LF . '<!-- Cached page generated ' . date(($dateFormat . ' ' . $timeFormat), $row['tstamp']) . '. Expires ' . Date(($dateFormat . ' ' . $timeFormat), $row['expires']) . ' -->';
2212 }
2213 }
2214 $GLOBALS['TT']->pull();
2215 } else {
2216 $this->acquirePageGenerationLock($this->pages_lockObj, $lockHash);
2217 }
2218 }
2219 }
2220
2221 /**
2222 * Returning the cached version of page with hash = newHash
2223 *
2224 * @return array Cached row, if any. Otherwise void.
2225 * @todo Define visibility
2226 */
2227 public function getFromCache_queryRow() {
2228 $GLOBALS['TT']->push('Cache Query', '');
2229 $row = $this->pageCache->get($this->newHash);
2230 $GLOBALS['TT']->pull();
2231 return $row;
2232 }
2233
2234 /**
2235 * Detecting if shift-reload has been clicked
2236 * Will not be called if re-generation of page happens by other reasons (for instance that the page is not in cache yet!)
2237 * Also, a backend user MUST be logged in for the shift-reload to be detected due to DoS-attack-security reasons.
2238 *
2239 * @return boolean If shift-reload in client browser has been clicked, disable getting cached page (and regenerate it).
2240 * @todo Define visibility
2241 */
2242 public function headerNoCache() {
2243 $disableAcquireCacheData = FALSE;
2244 if ($this->beUserLogin) {
2245 if (strtolower($_SERVER['HTTP_CACHE_CONTROL']) === 'no-cache' || strtolower($_SERVER['HTTP_PRAGMA']) === 'no-cache') {
2246 $disableAcquireCacheData = TRUE;
2247 }
2248 }
2249 // Call hook for possible by-pass of requiring of page cache (for recaching purpose)
2250 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['headerNoCache'])) {
2251 $_params = array('pObj' => &$this, 'disableAcquireCacheData' => &$disableAcquireCacheData);
2252 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['headerNoCache'] as $_funcRef) {
2253 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2254 }
2255 }
2256 return $disableAcquireCacheData;
2257 }
2258
2259 /**
2260 * Calculates the cache-hash
2261 * This hash is unique to the template, the variables ->id, ->type, ->gr_list (list of groups), ->MP (Mount Points) and cHash array
2262 * Used to get and later store the cached data.
2263 *
2264 * @return string MD5 hash of serialized hash base from createHashBase()
2265 * @access private
2266 * @see getFromCache(), getLockHash()
2267 * @todo Define visibility
2268 */
2269 public function getHash() {
2270 return md5($this->createHashBase(FALSE));
2271 }
2272
2273 /**
2274 * Calculates the lock-hash
2275 * This hash is unique to the above hash, except that it doesn't contain the template information in $this->all.
2276 *
2277 * @return string MD5 hash
2278 * @access private
2279 * @see getFromCache(), getHash()
2280 * @todo Define visibility
2281 */
2282 public function getLockHash() {
2283 $lockHash = $this->createHashBase(TRUE);
2284 return md5($lockHash);
2285 }
2286
2287 /**
2288 * Calculates the cache-hash (or the lock-hash)
2289 * This hash is unique to the template,
2290 * the variables ->id, ->type, ->gr_list (list of groups),
2291 * ->MP (Mount Points) and cHash array
2292 * Used to get and later store the cached data.
2293 *
2294 * @param boolean $createLockHashBase Whether to create the lock hash, which doesn't contain the "this->all" (the template information)
2295 * @return string the serialized hash base
2296 */
2297 protected function createHashBase($createLockHashBase = FALSE) {
2298 $hashParameters = array(
2299 'id' => (int)$this->id,
2300 'type' => (int)$this->type,
2301 'gr_list' => (string) $this->gr_list,
2302 'MP' => (string) $this->MP,
2303 'cHash' => $this->cHash_array,
2304 'domainStartPage' => $this->domainStartPage
2305 );
2306 // Include the template information if we shouldn't create a lock hash
2307 if (!$createLockHashBase) {
2308 $hashParameters['all'] = $this->all;
2309 }
2310 // Call hook to influence the hash calculation
2311 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['createHashBase'])) {
2312 $_params = array(
2313 'hashParameters' => &$hashParameters,
2314 'createLockHashBase' => $createLockHashBase
2315 );
2316 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['createHashBase'] as $_funcRef) {
2317 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2318 }
2319 }
2320 return serialize($hashParameters);
2321 }
2322
2323 /**
2324 * Checks if config-array exists already but if not, gets it
2325 *
2326 * @return void
2327 * @todo Define visibility
2328 */
2329 public function getConfigArray() {
2330 $setStatPageName = FALSE;
2331 // If config is not set by the cache (which would be a major mistake somewhere) OR if INTincScripts-include-scripts have been registered, then we must parse the template in order to get it
2332 if (!is_array($this->config) || is_array($this->config['INTincScript']) || $this->forceTemplateParsing) {
2333 $GLOBALS['TT']->push('Parse template', '');
2334 // Force parsing, if set?:
2335 $this->tmpl->forceTemplateParsing = $this->forceTemplateParsing;
2336 // Start parsing the TS template. Might return cached version.
2337 $this->tmpl->start($this->rootLine);
2338 $GLOBALS['TT']->pull();
2339 if ($this->tmpl->loaded) {
2340 $GLOBALS['TT']->push('Setting the config-array', '');
2341 // toplevel - objArrayName
2342 $this->sPre = $this->tmpl->setup['types.'][$this->type];
2343 $this->pSetup = $this->tmpl->setup[$this->sPre . '.'];
2344 if (!is_array($this->pSetup)) {
2345 $message = 'The page is not configured! [type=' . $this->type . '][' . $this->sPre . '].';
2346 if ($this->checkPageUnavailableHandler()) {
2347 $this->pageUnavailableAndExit($message);
2348 } else {
2349 $explanation = 'This means that there is no TypoScript object of type PAGE with typeNum=' . $this->type . ' configured.';
2350 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2351 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message . ' ' . $explanation, 1294587217);
2352 }
2353 } else {
2354 $this->config['config'] = array();
2355 // Filling the config-array, first with the main "config." part
2356 if (is_array($this->tmpl->setup['config.'])) {
2357 $this->config['config'] = $this->tmpl->setup['config.'];
2358 }
2359 // override it with the page/type-specific "config."
2360 if (is_array($this->pSetup['config.'])) {
2361 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($this->config['config'], $this->pSetup['config.']);
2362 }
2363 if ($this->config['config']['typolinkEnableLinksAcrossDomains']) {
2364 $this->config['config']['typolinkCheckRootline'] = TRUE;
2365 }
2366 // Set default values for removeDefaultJS and inlineStyle2TempFile so CSS and JS are externalized if compatversion is higher than 4.0
2367 if (\TYPO3\CMS\Core\Utility\GeneralUtility::compat_version('4.0')) {
2368 if (!isset($this->config['config']['removeDefaultJS'])) {
2369 $this->config['config']['removeDefaultJS'] = 'external';
2370 }
2371 if (!isset($this->config['config']['inlineStyle2TempFile'])) {
2372 $this->config['config']['inlineStyle2TempFile'] = 1;
2373 }
2374 }
2375 if (!isset($this->config['config']['compressJs'])) {
2376 $this->config['config']['compressJs'] = 0;
2377 }
2378 // Processing for the config_array:
2379 $this->config['rootLine'] = $this->tmpl->rootLine;
2380 $this->config['mainScript'] = trim($this->config['config']['mainScript']) ?: 'index.php';
2381 // Class for render Header and Footer parts
2382 $template = '';
2383 if ($this->pSetup['pageHeaderFooterTemplateFile']) {
2384 $file = $this->tmpl->getFileName($this->pSetup['pageHeaderFooterTemplateFile']);
2385 if ($file) {
2386 $this->getPageRenderer()->setTemplateFile($file);
2387 }
2388 }
2389 }
2390 $GLOBALS['TT']->pull();
2391 } else {
2392 if ($this->checkPageUnavailableHandler()) {
2393 $this->pageUnavailableAndExit('No TypoScript template found!');
2394 } else {
2395 $message = 'No TypoScript template found!';
2396 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2397 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1294587218);
2398 }
2399 }
2400 }
2401
2402 // No cache
2403 // Set $this->no_cache TRUE if the config.no_cache value is set!
2404 if ($this->config['config']['no_cache']) {
2405 $this->set_no_cache('config.no_cache is set');
2406 }
2407 // Merge GET with defaultGetVars
2408 if (!empty($this->config['config']['defaultGetVars.'])) {
2409 $modifiedGetVars = GeneralUtility::removeDotsFromTS($this->config['config']['defaultGetVars.']);
2410 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($modifiedGetVars, GeneralUtility::_GET());
2411 GeneralUtility::_GETset($modifiedGetVars);
2412 }
2413 // Hook for postProcessing the configuration array
2414 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['configArrayPostProc'])) {
2415 $params = array('config' => &$this->config['config']);
2416 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['configArrayPostProc'] as $funcRef) {
2417 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($funcRef, $params, $this);
2418 }
2419 }
2420 }
2421
2422 /********************************************
2423 *
2424 * Further initialization and data processing
2425 * (jumpurl/submission of forms)
2426 *
2427 *******************************************/
2428
2429 /**
2430 * Get the compressed $GLOBALS['TCA'] array for use in the front-end
2431 * A compressed $GLOBALS['TCA'] array holds only the ctrl- and feInterface-part for each table.
2432 * But the column-definitions are omitted in order to save some memory and be more efficient.
2433 * Operates on the global variable, $TCA
2434 *
2435 * @return void
2436 * @deprecated since 6,1, will be removed in two versions.
2437 */
2438 public function getCompressedTCarray() {
2439 // Full TCA is always loaded during bootstrap in FE, this method is obsolete.
2440 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
2441 }
2442
2443 /**
2444 * Includes TCA definitions from loaded extensions (ext_tables.php files).
2445 * Normally in the frontend only a part of the global $TCA array is loaded,
2446 * namely the "ctrl" part. Thus it doesn't take up too much memory. To load
2447 * full TCA for the table, use GeneralUtility::loadTCA($tableName)
2448 * after calling this function.
2449 *
2450 * @param integer $TCAloaded Probably, keep hands of this value. Just don't set it.
2451 * @return void
2452 * @see getCompressedTCarray()
2453 * @deprecated since 6.1, will be removed in two versions. Obsolete in regular frontend, eid scripts should use \TYPO3\CMS\Frontend\Utility\EidUtility::initTCA()
2454 */
2455 public function includeTCA($TCAloaded = 1) {
2456 // Full TCA is always loaded during bootstrap in FE, this method is obsolete.
2457 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
2458
2459 // Compatibility layer:
2460 // The if below is NOT true in usual frontend (non eid) context, TCA is loaded by bootstrap.
2461 // If an eid script calls this method to load TCA, use
2462 // \TYPO3\CMS\Frontend\Utility\EidUtility::initTCA() instead.
2463 if (!isset($GLOBALS['TCA']['pages'])) {
2464 \TYPO3\CMS\Core\Core\Bootstrap::getInstance()->loadCachedTca();
2465 }
2466 }
2467
2468 /**
2469 * Setting the language key that will be used by the current page.
2470 * In this function it should be checked, 1) that this language exists, 2) that a page_overlay_record exists, .. and if not the default language, 0 (zero), should be set.
2471 *
2472 * @return void
2473 * @access private
2474 * @todo Define visibility
2475 */
2476 public function settingLanguage() {
2477 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_preProcess'])) {
2478 $_params = array();
2479 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_preProcess'] as $_funcRef) {
2480 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2481 }
2482 }
2483
2484 // Initialize charset settings etc.
2485 $this->initLLvars();
2486
2487 // Get values from TypoScript:
2488 $this->sys_language_uid = ($this->sys_language_content = (int)$this->config['config']['sys_language_uid']);
2489 list($this->sys_language_mode, $sys_language_content) = GeneralUtility::trimExplode(';', $this->config['config']['sys_language_mode']);
2490 $this->sys_language_contentOL = $this->config['config']['sys_language_overlay'];
2491 // If sys_language_uid is set to another language than default:
2492 if ($this->sys_language_uid > 0) {
2493 // check whether a shortcut is overwritten by a translated page
2494 // we can only do this now, as this is the place where we get
2495 // to know about translations
2496 $this->checkTranslatedShortcut();
2497 // Request the overlay record for the sys_language_uid:
2498 $olRec = $this->sys_page->getPageOverlay($this->id, $this->sys_language_uid);
2499 if (!count($olRec)) {
2500 // If no OL record exists and a foreign language is asked for...
2501 if ($this->sys_language_uid) {
2502 // If requested translation is not available:
2503 if (\TYPO3\CMS\Core\Utility\GeneralUtility::hideIfNotTranslated($this->page['l18n_cfg'])) {
2504 $this->pageNotFoundAndExit('Page is not available in the requested language.');
2505 } else {
2506 switch ((string) $this->sys_language_mode) {
2507 case 'strict':
2508 $this->pageNotFoundAndExit('Page is not available in the requested language (strict).');
2509 break;
2510 case 'content_fallback':
2511 $fallBackOrder = GeneralUtility::intExplode(',', $sys_language_content);
2512 foreach ($fallBackOrder as $orderValue) {
2513 if ((string)$orderValue === '0' || count($this->sys_page->getPageOverlay($this->id, $orderValue))) {
2514 $this->sys_language_content = $orderValue;
2515 // Setting content uid (but leaving the sys_language_uid)
2516 break;
2517 }
2518 }
2519 break;
2520 case 'ignore':
2521 $this->sys_language_content = $this->sys_language_uid;
2522 break;
2523 default:
2524 // Default is that everything defaults to the default language...
2525 $this->sys_language_uid = ($this->sys_language_content = 0);
2526 }
2527 }
2528 }
2529 } else {
2530 // Setting sys_language if an overlay record was found (which it is only if a language is used)
2531 $this->page = $this->sys_page->getPageOverlay($this->page, $this->sys_language_uid);
2532 }
2533 }
2534 // Setting sys_language_uid inside sys-page:
2535 $this->sys_page->sys_language_uid = $this->sys_language_uid;
2536 // If default translation is not available:
2537 if ((!$this->sys_language_uid || !$this->sys_language_content) && $this->page['l18n_cfg'] & 1) {
2538 $message = 'Page is not available in default language.';
2539 \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2540 $this->pageNotFoundAndExit($message);
2541 }
2542 $this->updateRootLinesWithTranslations();
2543 // Finding the ISO code:
2544 if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('static_info_tables') && $this->sys_language_content) {
2545 // using sys_language_content because the ISO code only (currently) affect content selection from FlexForms - which should follow "sys_language_content"
2546 // Set the fourth parameter to TRUE in the next two getRawRecord() calls to
2547 // avoid versioning overlay to be applied as it generates an SQL error
2548 $sys_language_row = $this->sys_page->getRawRecord('sys_language', $this->sys_language_content, 'static_lang_isocode', TRUE);
2549 if (is_array($sys_language_row) && $sys_language_row['static_lang_isocode']) {
2550 $stLrow = $this->sys_page->getRawRecord('static_languages', $sys_language_row['static_lang_isocode'], 'lg_iso_2', TRUE);
2551 $this->sys_language_isocode = $stLrow['lg_iso_2'];
2552 }
2553 }
2554 // Setting softMergeIfNotBlank:
2555 $table_fields = GeneralUtility::trimExplode(',', $this->config['config']['sys_language_softMergeIfNotBlank'], TRUE);
2556 foreach ($table_fields as $TF) {
2557 list($tN, $fN) = explode(':', $TF);
2558 $GLOBALS['TCA'][$tN]['columns'][$fN]['l10n_mode'] = 'mergeIfNotBlank';
2559 }
2560 // Setting softExclude:
2561 $table_fields = GeneralUtility::trimExplode(',', $this->config['config']['sys_language_softExclude'], TRUE);
2562 foreach ($table_fields as $TF) {
2563 list($tN, $fN) = explode(':', $TF);
2564 $GLOBALS['TCA'][$tN]['columns'][$fN]['l10n_mode'] = 'exclude';
2565 }
2566 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_postProcess'])) {
2567 $_params = array();
2568 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_postProcess'] as $_funcRef) {
2569 \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2570 }
2571 }
2572 }
2573
2574 /**
2575 * Updating content of the two rootLines IF the language key is set!
2576 */
2577 protected function updateRootLinesWithTranslations() {
2578 if ($this->sys_language_uid) {
2579 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
2580 $this->tmpl->updateRootlineData($this->rootLine);
2581 }
2582 }
2583
2584 /**
2585 * Setting locale for frontend rendering
2586 *
2587 * @return void
2588 * @todo Define visibility
2589 */
2590 public function settingLocale() {
2591 // Setting locale
2592 if ($this->config['config']['locale_all']) {
2593 // There's a problem that PHP parses float values in scripts wrong if the
2594 // locale LC_NUMERIC is set to something with a comma as decimal point
2595 // Do we set all except LC_NUMERIC
2596 $locale = setlocale(LC_COLLATE, $this->config['config']['locale_all']);
2597 if ($locale) {
2598 // PHP fatals with uppercase I characters in method names with turkish locale LC_CTYPE
2599 // @see http://bugs.php.net/bug.php?id=35050
2600 if (substr($this->config['config']['locale_all'], 0, 2) != 'tr') {
2601 setlocale(LC_CTYPE, $this->config['config']['locale_all']);
2602 }
2603 setlocale(LC_MONETARY, $this->config['config']['locale_all']);
2604 setlocale(LC_TIME, $this->config['config']['locale_all']);
2605 $this->localeCharset = $this->csConvObj->get_locale_charset($this->config['config']['locale_all']);
2606 } else {
2607 $GLOBALS['TT']->setTSlogMessage('Locale "' . htmlspecialchars($this->config['config']['locale_all']) . '" not found.', 3);
2608 }
2609 }
2610 }
2611
2612 /**
2613 * Checks whether a translated shortcut page has a different shortcut
2614 * target than the original language page.
2615 * If that is the case, things get corrected to follow that alternative
2616 * shortcut
2617 *
2618 * @return void
2619 * @author Ingo Renner <ingo@typo3.org>
2620 */
2621 protected function checkTranslatedShortcut() {
2622 if (!is_null($this->originalShortcutPage)) {
2623 $originalShortcutPageOverlay = $this->sys_page->getPageOverlay($this->originalShortcutPage['uid'], $this->sys_language_uid);
2624 if (!empty($originalShortcutPageOverlay['shortcut']) && $originalShortcutPageOverlay['shortcut'] != $this->id) {
2625 // the translation of the original shortcut page has a different shortcut target!
2626 // set the correct page and id
2627 $shortcut = $this->getPageShortcut($originalShortcutPageOverlay['shortcut'], $originalShortcutPageOverlay['shortcut_mode'], $originalShortcutPageOverlay['uid']);
2628 $this->id = ($this->contentPid = $shortcut['uid']);
2629 $this->page = $this->sys_page->getPage($this->id);
2630 // Fix various effects on things like menus f.e.
2631 $this->fetch_the_id();
2632 $this->tmpl->rootLine = array_reverse($this->rootLine);
2633 }
2634 }
2635 }
2636
2637 /**
2638 * Handle data submission
2639 *
2640 * @return void
2641 */
2642 public function handleDataSubmission() {
2643 // Check Submission of data.
2644 // This is done at this point, because we need the config values
2645 switch ($this->checkDataSubmission()) {
2646 case 'email':
2647 $this->sendFormmail();
2648 break;
2649 }
2650 }
2651
2652 /**
2653 * Checks if any email-submissions
2654 *
2655 * @return string "email" if a formmail has been sent, "" if none.
2656 */
2657 protected function checkDataSubmission() {
2658 $ret = '';
2659 $formtype_mail = isset($_POST['formtype_mail']) || isset($_POST['formtype_mail_x']);
2660 if ($formtype_mail) {
2661 $refInfo = parse_url(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('HTTP_REFERER'));
2662 if (\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY') == $refInfo['host'] || $this->TYPO3_CONF_VARS['SYS']['doNotCheckReferer']) {
2663 if ($this->locDataCheck($_POST['locationData'])) {
2664 if ($formtype_mail) {
2665 $ret = 'email';
2666 }
2667 $GLOBALS['TT']->setTSlogMessage('"Check Data Submission": Return value: ' . $ret, 0);
2668 return $ret;
2669 }
2670 } else {
2671 $GLOBALS['TT']->setTSlogMessage('"Check Data Submission": HTTP_HOST and REFERER HOST did not match when processing submitted formdata!', 3);
2672 }
2673 }
2674 // Hook for processing data submission to extensions:
2675 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkDataSubmission'])) {
2676 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkDataSubmission'] as $_classRef) {
2677 $_procObj = GeneralUtility::getUserObj($_classRef);
2678 $_procObj->checkDataSubmission($this);
2679 }
2680 }
2681 return $ret;
2682 }
2683
2684 /**
2685 * Checks if a formmail submission can be sent as email
2686 *
2687 * @param string $locationData The input from $_POST['locationData']
2688 * @return void
2689 * @access private
2690 * @see checkDataSubmission()
2691 * @todo Define visibility
2692 */
2693 public function locDataCheck($locationData) {
2694 $locData = explode(':', $locationData);
2695 if (!$locData[1] || $this->sys_page->checkRecord($locData[1], $locData[2], 1)) {
2696 // $locData[1] -check means that a record is checked only if the locationData has a value for a record else than the page.
2697 if (count($this->sys_page->getPage($locData[0]))) {
2698 return 1;
2699 } else {
2700 $GLOBALS['TT']->setTSlogMessage('LocationData Error: The page pointed to by location data (' . $locationData . ') was not accessible.', 2);
2701 }
2702 } else {
2703 $GLOBALS['TT']->setTSlogMessage('LocationData Error: Location data (' . $locationData . ') record pointed to was not accessible.', 2);
2704 }
2705 }
2706
2707 /**
2708 * Sends the emails from the formmail content object.
2709 *
2710 * @return void
2711 * @see checkDataSubmission()
2712 */
2713 protected function sendFormmail() {
2714 /** @var $formmail \TYPO3\CMS\Frontend\Controller\DataSubmissionController */
2715 $formmail = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Controller\\DataSubmissionController');
2716 $EMAIL_VARS = GeneralUtility::_POST();
2717 $locationData = $EMAIL_VARS['locationData'];
2718 unset($EMAIL_VARS['locationData']);
2719 unset($EMAIL_VARS['formtype_mail'], $EMAIL_VARS['formtype_mail_x'], $EMAIL_VARS['formtype_mail_y']);
2720 $integrityCheck = $this->TYPO3_CONF_VARS['FE']['strictFormmail'];
2721 if (!$this->TYPO3_CONF_VARS['FE']['secureFormmail']) {
2722 // Check recipient field:
2723 // These two fields are the ones which contain recipient addresses that can be misused to send mail from foreign servers.
2724 $encodedFields = explode(',', 'recipient, recipient_copy');
2725 foreach ($encodedFields as $fieldKey) {
2726 if (strlen($EMAIL_VARS[$fieldKey])) {
2727 // Decode...
2728 if ($res = $this->codeString($EMAIL_VARS[$fieldKey], TRUE)) {
2729 $EMAIL_VARS[$fieldKey] = $res;
2730 } elseif ($integrityCheck) {
2731 // Otherwise abort:
2732 $GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field (' . $fieldKey . ') which could not be decoded to a valid string. Sending formmail aborted due to security reasons!', 3);
2733 return FALSE;
2734 } else {
2735 $GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field (' . $fieldKey . ') which could not be decoded to a valid string. The security level accepts this, but you should consider a correct coding though!', 2);
2736 }
2737 }
2738 }
2739 } else {
2740 $locData = explode(':', $locationData);
2741 $record = $this->sys_page->checkRecord($locData[1], $locData[2], 1);
2742 $EMAIL_VARS['recipient'] = $record['subheader'];
2743 $EMAIL_VARS['recipient_copy'] = $this->extractRecipientCopy($record['bodytext']);
2744 }
2745 // Hook for preprocessing of the content for formmails:
2746 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'])) {
2747 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'] as $_classRef) {
2748 $_procObj = GeneralUtility::getUserObj($_classRef);
2749 $EMAIL_VARS = $_procObj->sendFormmail_preProcessVariables($EMAIL_VARS, $this);
2750 }
2751 }
2752 $formmail->start($EMAIL_VARS);
2753 $formmail->sendtheMail();
2754 $GLOBALS['TT']->setTSlogMessage('"Formmail" invoked, sending mail to ' . $EMAIL_VARS['recipient'], 0);
2755 }
2756
2757 /**
2758 * Extracts the value of recipient copy field from a formmail CE bodytext
2759 *
2760 * @param string $bodytext The content of the related bodytext field
2761 * @return string The value of the recipient_copy field, or an empty string
2762 * @todo Define visibility
2763 */
2764 public function extractRecipientCopy($bodytext) {
2765 $recipient_copy = '';
2766 $fdef = array();
2767 //|recipient_copy=hidden|karsten@localhost.localdomain
2768 preg_match('/^[\\s]*\\|[\\s]*recipient_copy[\\s]*=[\\s]*hidden[\\s]*\\|(.*)$/m', $bodytext, $fdef);
2769 $recipient_copy = $fdef[1] ?: '';
2770 return $recipient_copy;
2771 }
2772
2773 /**
2774 * Sets the jumpurl for page type "External URL"
2775 *
2776 * @return void
2777 * @todo Define visibility
2778 */
2779 public function setExternalJumpUrl() {
2780 if ($extUrl = $this->sys_page->getExtURL($this->page, $this->config['config']['disablePageExternalUrl'])) {
2781 $this->jumpurl = $extUrl;
2782 \TYPO3\CMS\Core\Utility\GeneralUtility::_GETset(\TYPO3\CMS\Core\Utility\GeneralUtility::hmac($this->jumpurl, 'jumpurl'), 'juHash');
2783 }
2784 }
2785
2786 /**
2787 * Check the jumpUrl referer if required
2788 *
2789 * @return void
2790 * @todo Define visibility
2791 */
2792 public function checkJumpUrlReferer() {