projects / Packages / TYPO3.CMS.git / blob
? search:


b833508750e9fa46bbbe2ea1fd9b6aaf1c9b9e9a
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_frontendedit.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2008 Jeff Segars <jeff@webempoweredchurch.org>
6 * (c) 2008 David Slayback <dave@webempoweredchurch.org>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 * A copy is found in the textfile GPL.txt and important notices to the license
18 * from the author is found in LICENSE.txt distributed with these scripts.
19 *
20 *
21 * This script is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * This copyright notice MUST APPEAR in all copies of the script!
27 ***************************************************************/
28 /**
29 * Controller class for frontend editing.
30 *
31 * $Id$
32 *
33 * @author Jeff Segars <jeff@webempoweredchurch.org>
34 * @author David Slayback <dave@webempoweredchurch.org>
35 * @package TYPO3
36 * @subpackage t3lib
37 */
38 class t3lib_frontendedit {
39
40 /**
41 * TCEmain object.
42 *
43 * @var t3lib_tcemain
44 */
45 protected $tce;
46
47
48 /**
49 * Force preview?
50 *
51 * @var boolean
52 */
53 protected $ext_forcePreview = false;
54
55 /**
56 * Comma separated list of page UIDs to be published.
57 *
58 * @var string
59 */
60 protected $extPublishList = '';
61
62 /**
63 * Creates and initializes the TCEmain object.
64 *
65 * @return void
66 */
67 public function __construct() {
68 $this->tce = t3lib_div::makeInstance('t3lib_TCEmain');
69 $this->tce->stripslashes_values=0;
70 }
71
72 /**
73 * Initializes configuration options.
74 *
75 * @return void
76 */
77 public function initConfigOptions() {
78 $this->saveConfigOptions();
79 $this->TSFE_EDIT = t3lib_div::_POST('TSFE_EDIT');
80
81 // Setting some values based on the admin panel
82 $GLOBALS['TSFE']->forceTemplateParsing = $this->extGetFeAdminValue('tsdebug', 'forceTemplateParsing');
83 $GLOBALS['TSFE']->displayEditIcons = $this->extGetFeAdminValue('edit', 'displayIcons');
84 $GLOBALS['TSFE']->displayFieldEditIcons = $this->extGetFeAdminValue('edit', 'displayFieldIcons');
85
86 if ($this->extGetFeAdminValue('tsdebug', 'displayQueries')) {
87 if ($GLOBALS['TYPO3_DB']->explainOutput == 0) { // do not override if the value is already set in t3lib_db
88 // Enable execution of EXPLAIN SELECT queries
89 $GLOBALS['TYPO3_DB']->explainOutput = 3;
90 }
91 }
92
93 if (t3lib_div::_GP('ADMCMD_editIcons')) {
94 $GLOBALS['TSFE']->displayFieldEditIcons=1;
95 $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['edit_editNoPopup']=1;
96 }
97
98 if (t3lib_div::_GP('ADMCMD_simUser')) {
99 $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['preview_simulateUserGroup']=intval(t3lib_div::_GP('ADMCMD_simUser'));
100 $this->ext_forcePreview = true;
101 }
102
103 if (t3lib_div::_GP('ADMCMD_simTime')) {
104 $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['preview_simulateDate']=intval(t3lib_div::_GP('ADMCMD_simTime'));
105 $this->ext_forcePreview = true;
106 }
107
108 // Include classes for editing IF editing module in Admin Panel is open
109 if (($this->isAdminModuleEnabled('edit') && $this->isAdminModuleOpen('edit')) || $GLOBALS['TSFE']->displayEditIcons == 1) {
110 $GLOBALS['TSFE']->includeTCA();
111 if ($this->isEditAction()) {
112 require_once (PATH_t3lib . 'class.t3lib_tcemain.php');
113 $this->editAction();
114 }
115
116 if ($this->isEditFormShown()) {
117 require_once(PATH_t3lib . 'class.t3lib_tceforms.php');
118 require_once(PATH_t3lib . 'class.t3lib_iconworks.php');
119 require_once(PATH_t3lib . 'class.t3lib_loaddbgroup.php');
120 require_once(PATH_t3lib . 'class.t3lib_transferdata.php');
121 }
122 }
123
124 if ($GLOBALS['TSFE']->forceTemplateParsing || $GLOBALS['TSFE']->displayEditIcons || $GLOBALS['TSFE']->displayFieldEditIcons) {
125 $GLOBALS['TSFE']->set_no_cache();
126 }
127 }
128
129
130 /**
131 * Delegates to the appropriate view and renders the admin panel content.
132 *
133 * @return string.
134 */
135 public function displayAdmin() {
136 $content = '';
137 $adminClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['admin'];
138 if ($adminClass && !$GLOBALS['BE_USER']->extAdminConfig['hide']) {
139 $admin = &t3lib_div::getUserObj($adminClass);
140 if (is_object($admin)) {
141 $content = $admin->display();
142 }
143 }
144
145 return $content;
146 }
147
148 /**
149 * Generates the "edit panels" which can be shown for a page or records on a page when the Admin Panel is enabled for a backend users surfing the frontend.
150 * With the "edit panel" the user will see buttons with links to editing, moving, hiding, deleting the element
151 * This function is used for the cObject EDITPANEL and the stdWrap property ".editPanel"
152 *
153 * @param string A content string containing the content related to the edit panel. For cObject "EDITPANEL" this is empty but not so for the stdWrap property. The edit panel is appended to this string and returned.
154 * @param array TypoScript configuration properties for the editPanel
155 * @param string The "table:uid" of the record being shown. If empty string then $this->currentRecord is used. For new records (set by $conf['newRecordFromTable']) it's auto-generated to "[tablename]:NEW"
156 * @param array Alternative data array to use. Default is $this->data
157 * @return string The input content string with the editPanel appended. This function returns only an edit panel appended to the content string if a backend user is logged in (and has the correct permissions). Otherwise the content string is directly returned.
158 * @link http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=375&cHash=7d8915d508
159 */
160 public function displayEditPanel($content, array $conf, $currentRecord, array $dataArray) {
161 if ($conf['newRecordFromTable']) {
162 $currentRecord = $conf['newRecordFromTable'] . ':NEW';
163 $conf['allow'] = 'new';
164 }
165
166 list($table, $uid) = explode(':', $currentRecord);
167
168 // Page ID for new records, 0 if not specified
169 $newRecordPid = intval($conf['newRecordInPid']);
170 if (!$conf['onlyCurrentPid'] || $dataArray['pid'] == $GLOBALS['TSFE']->id) {
171 if ($table=='pages') {
172 $newUid = $uid;
173 } else {
174 if ($conf['newRecordFromTable']) {
175 $newUid = $GLOBALS['TSFE']->id;
176 if ($newRecordPid) {
177 $newUid = $newRecordPid;
178 }
179 } else {
180 $newUid = -1 * $uid;
181 }
182 }
183 }
184
185 if ($GLOBALS['TSFE']->displayEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $this->allowedToEditLanguage($table, $dataArray)) {
186 $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
187 if ($editClass) {
188 $edit = &t3lib_div::getUserObj($editClass, false);
189 if (is_object($edit)) {
190 $allowedActions = $this->getAllowedEditActions($table, $conf, $dataArray['pid']);
191 $content = $edit->editPanel($content, $conf, $currentRecord, $dataArray, $table, $allowedActions, $newUid, $this->getHiddenFieldArray($dataArray));
192 }
193 }
194 }
195
196 return $content;
197 }
198
199 /**
200 * Gets the hidden fields (array key=field name, value=field value) to be used in the edit panel for a particular content element.
201 * In the normal case, no hidden fields are needed but special controllers such as TemplaVoila need to track flexform pointers, etc.
202 *
203 * @param array The data array for a specific content element.
204 * @return array
205 */
206 public function getHiddenFieldArray(array $dataArray) {
207 // No special hidden fields needed.
208 return array();
209 }
210
211 /**
212 * Adds an edit icon to the content string. The edit icon links to alt_doc.php with proper parameters for editing the table/fields of the context.
213 * This implements TYPO3 context sensitive editing facilities. Only backend users will have access (if properly configured as well).
214 *
215 * @param string The content to which the edit icons should be appended
216 * @param string The parameters defining which table and fields to edit. Syntax is [tablename]:[fieldname],[fieldname],[fieldname],... OR [fieldname],[fieldname],[fieldname],... (basically "[tablename]:" is optional, default table is the one of the "current record" used in the function). The fieldlist is sent as "&columnsOnly=" parameter to alt_doc.php
217 * @param array TypoScript properties for configuring the edit icons.
218 * @param string The "table:uid" of the record being shown. If empty string then $this->currentRecord is used. For new records (set by $conf['newRecordFromTable']) it's auto-generated to "[tablename]:NEW"
219 * @param array Alternative data array to use. Default is $this->data
220 * @param string Additional URL parameters for the link pointing to alt_doc.php
221 * @return string The input content string, possibly with edit icons added (not necessarily in the end but just after the last string of normal content.
222 */
223
224 public function displayEditIcons($content, $params, array $conf=array(), $currentRecord = '', array $dataArray = array(), $addUrlParamStr = '') {
225 // Check incoming params:
226 list($currentRecordTable, $currentRecordUID) = explode(':', $currentRecord);
227 list($fieldList, $table) = array_reverse(t3lib_div::trimExplode(':', $params, 1)); // Reverse the array because table is optional
228 if (!$table) {
229 $table = $currentRecordTable;
230 } elseif ($table != $currentRecordTable) {
231 return $content; // If the table is set as the first parameter, and does not match the table of the current record, then just return.
232 }
233
234 $editUid = $dataArray['_LOCALIZED_UID'] ? $dataArray['_LOCALIZED_UID'] : $currentRecordUID;
235
236 // Edit icons imply that the editing action is generally allowed, assuming page and content element permissions permit it.
237 if(!array_key_exists('allow', $conf)) {
238 $conf['allow'] = 'edit';
239 }
240
241 if ($GLOBALS['TSFE']->displayFieldEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $fieldList && $this->allowedToEditLanguage($table, $dataArray)) {
242 $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
243 if ($editClass) {
244 $edit = &t3lib_div::getUserObj($editClass);
245 if (is_object($edit)) {
246 $content = $edit->editIcons($content, $params, $conf, $currentRecord, $dataArray, $addURLParamStr, $table, $editUid, $fieldList);
247 }
248 }
249 }
250
251 return $content;
252 }
253
254 /**
255 * Checks if a Admin Panel section ("module") is available for the user. If so, true is returned.
256 *
257 * @param string The module key, eg. "edit", "preview", "info" etc.
258 * @return boolean
259 */
260 public function isAdminModuleEnabled($key) {
261 // Returns true if the module checked is "preview" and the forcePreview flag is set.
262 if ($key=='preview' && $this->ext_forcePreview) {
263 return true;
264 }
265
266 // If key is not set, only "all" is checked
267 if ($GLOBALS['BE_USER']->extAdminConfig['enable.']['all']) {
268 return true;
269 }
270
271 if ($GLOBALS['BE_USER']->extAdminConfig['enable.'][$key]) {
272 return true;
273 }
274 }
275
276 /**
277 * Saves any change in settings made in the Admin Panel.
278 * Called from index_ts.php right after access check for the Admin Panel
279 *
280 * @return void
281 */
282 public function saveConfigOptions() {
283 $input = t3lib_div::_GP('TSFE_ADMIN_PANEL');
284 if (is_array($input)) {
285 // Setting
286 $GLOBALS['BE_USER']->uc['TSFE_adminConfig'] = array_merge(!is_array($GLOBALS['BE_USER']->uc['TSFE_adminConfig']) ? array() : $GLOBALS['BE_USER']->uc['TSFE_adminConfig'], $input); // Candidate for t3lib_div::array_merge() if integer-keys will some day make trouble...
287 unset($GLOBALS['BE_USER']->uc['TSFE_adminConfig']['action']);
288
289 // Actions:
290 if ($input['action']['clearCache'] && $this->isAdminModuleEnabled('cache')) {
291 $GLOBALS['BE_USER']->extPageInTreeInfo=array();
292 $theStartId = intval($input['cache_clearCacheId']);
293 $GLOBALS['TSFE']->clearPageCacheContent_pidList($GLOBALS['BE_USER']->extGetTreeList($theStartId, $this->extGetFeAdminValue('cache', 'clearCacheLevels'), 0, $GLOBALS['BE_USER']->getPagePermsClause(1)) . $theStartId);
294 }
295 if ($input['action']['publish'] && $this->isAdminModuleEnabled('publish')) {
296 $theStartId = intval($input['publish_id']);
297 $this->extPublishList = $GLOBALS['BE_USER']->extGetTreeList($theStartId, $this->extGetFeAdminValue('publish', 'levels'), 0, $GLOBALS['BE_USER']->getPagePermsClause(1)) . $theStartId;
298 }
299
300 // Saving
301 $GLOBALS['BE_USER']->writeUC();
302 }
303 $GLOBALS['TT']->LR = $this->extGetFeAdminValue('tsdebug', 'LR');
304
305 if ($this->extGetFeAdminValue('cache', 'noCache')) {
306 $GLOBALS['TSFE']->set_no_cache();
307 }
308
309 // Hook for post processing the frontend admin configuration. Added with TYPO3 4.2, so naming is now incorrect but preserves compatibility.
310 // @deprecated since TYPO3 4.3
311 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extSaveFeAdminConfig-postProc'])) {
312 $_params = array('input' => &$input, 'pObj' => &$this);
313 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extSaveFeAdminConfig-postProc'] as $_funcRef) {
314 t3lib_div::callUserFunction($_funcRef, $_params, $this);
315 }
316 }
317 }
318
319 /**
320 * Returns the value for a Admin Panel setting. You must specify both the module-key and the internal setting key.
321 *
322 * @param string Module key
323 * @param string Setting key
324 * @return string The setting value
325 */
326 public function extGetFeAdminValue($pre, $val='') {
327 // Check if module is enabled.
328 if ($this->isAdminModuleEnabled($pre)) {
329 // Exceptions where the values can be overridden from backend:
330 // deprecated
331 if ($pre . '_' . $val == 'edit_displayIcons' && $GLOBALS['BE_USER']->extAdminConfig['module.']['edit.']['forceDisplayIcons']) {
332 return true;
333 }
334 if ($pre . '_' . $val == 'edit_displayFieldIcons' && $GLOBALS['BE_USER']->extAdminConfig['module.']['edit.']['forceDisplayFieldIcons']) {
335 return true;
336 }
337
338 // override all settings with user TSconfig
339 if ($GLOBALS['BE_USER']->extAdminConfig['override.'][$pre . '.'][$val] && $val) {
340 return $GLOBALS['BE_USER']->extAdminConfig['override.'][$pre . '.'][$val];
341 }
342 if ($GLOBALS['BE_USER']->extAdminConfig['override.'][$pre]) {
343 return $GLOBALS['BE_USER']->extAdminConfig['override.'][$pre];
344 }
345
346 $retVal = $val ? $GLOBALS['BE_USER']->uc['TSFE_adminConfig'][$pre . '_' . $val] : 1;
347
348 if ($pre=='preview' && $this->ext_forcePreview) {
349 if (!$val) {
350 return true;
351 } else {
352 return $retVal;
353 }
354 }
355 // regular check:
356 if ($this->isAdminModuleOpen($pre)) { // See if the menu is expanded!
357 return $retVal;
358 }
359
360 // Hook for post processing the frontend admin configuration. Added with TYPO3 4.2, so naming is now incorrect but preserves compatibility.
361 // @deprecated since TYPO3 4.3
362 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction-postProc'])) {
363 $_params = array('cmd' => &$cmd, 'tce' => &$this->tce, 'pObj' => &$this);
364 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction-postProc'] as $_funcRef) {
365 t3lib_div::callUserFunction($_funcRef, $_params, $this);
366 }
367 }
368 }
369 }
370
371 /**
372 * Returns the comma-separated list of page UIDs to be published.
373 *
374 * @return string
375 */
376 public function getExtPublishList() {
377 return $this->extPublishList;
378 }
379
380 /**
381 * Returns true if admin panel module is open
382 *
383 * @param string Module key
384 * @return boolean True, if the admin panel is open for the specified admin panel module key.
385 */
386 public function isAdminModuleOpen($pre) {
387 return $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['display_top'] && $GLOBALS['BE_USER']->uc['TSFE_adminConfig']['display_' . $pre];
388 }
389
390 /*****************************************************
391 *
392 * Frontend Editing
393 *
394 ****************************************************/
395
396 /**
397 * Returns true in an edit-action is sent from the Admin Panel
398 *
399 * @return boolean
400 * @see index_ts.php
401 */
402 public function isEditAction() {
403 if (is_array($this->TSFE_EDIT)) {
404 if ($this->TSFE_EDIT['cancel']) {
405 unset($this->TSFE_EDIT['cmd']);
406 } else {
407 $cmd = (string) $this->TSFE_EDIT['cmd'];
408 if (($cmd != 'edit' || (is_array($this->TSFE_EDIT['data']) && ($this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close']))) && $cmd != 'new') {
409 // $cmd can be a command like "hide" or "move". If $cmd is "edit" or "new" it's an indication to show the formfields. But if data is sent with update-flag then $cmd = edit is accepted because edit may be sendt because of .keepGoing flag.
410 return true;
411 }
412 }
413 }
414 return false;
415 }
416
417 /**
418 * Returns true if an edit form is shown on the page.
419 * Used from index_ts.php where a true return-value will result in classes etc. being included.
420 *
421 * @return boolean
422 * @see index_ts.php
423 */
424 public function isEditFormShown() {
425 if (is_array($this->TSFE_EDIT)) {
426 $cmd = (string) $this->TSFE_EDIT['cmd'];
427 if ($cmd=='edit' || $cmd=='new') {
428 return true;
429 }
430 }
431 }
432
433 /**
434 * Management of the on-page frontend editing forms and edit panels.
435 * Basically taking in the data and commands and passes them on to the proper classes as they should be.
436 *
437 * @return void
438 * @throws UnexpectedValueException if TSFE_EDIT[cmd] is not a valid command
439 * @see index_ts.php
440 */
441 public function editAction() {
442 // Commands:
443 list($table, $uid) = explode(':', $this->TSFE_EDIT['record']);
444 $cmd = $this->TSFE_EDIT['cmd'];
445
446 if ($cmd && $table && $uid && isset($GLOBALS['TCA'][$table])) {
447 // Hook for defining custom editing actions. Naming is incorrect, but preserves compatibility.
448 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'])) {
449 $_params = array();
450 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['extEditAction'] as $_funcRef) {
451 t3lib_div::callUserFunction($_funcRef, $_params, $this);
452 }
453 }
454 // Perform the requested editing command.
455 if(is_callable(array($this, $cmd))) {
456 $this->$cmd($table, $uid);
457 } else {
458 throw new UnexpectedValueException(
459 'The specified frontend edit command (' . $cmd . ') is not valid.',
460 1225818120
461 );
462 }
463 }
464 // Data:
465 if (($this->TSFE_EDIT['doSave'] || $this->TSFE_EDIT['update'] || $this->TSFE_EDIT['update_close']) && is_array($this->TSFE_EDIT['data'])) {
466 $this->save($this->TSFE_EDIT['data']);
467 // pass this on if needed
468 if ($newuid = $this->tce->substNEWwithIDs['NEW']) {
469 $this->TSFE_EDIT['newUID'] = $newuid;
470 }
471 }
472 }
473
474 /**
475 * Hides a specific record.
476 *
477 * @param string The table name for the record to hide.
478 * @param integer The UID for the record to hide.
479 * @return void
480 */
481 public function hide($table, $uid) {
482 $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
483 if ($hideField) {
484 $recData = array();
485 $recData[$table][$uid][$hideField] = 1;
486 $this->tce->start($recData, array());
487 $this->tce->process_datamap();
488 }
489 }
490
491 /**
492 * Unhides (shows) a specific record.
493 *
494 * @param string The table name for the record to unhide.
495 * @param integer The UID for the record to unhide.
496 * @return void
497 */
498 public function unhide($table, $uid) {
499 $hideField = $GLOBALS['TCA'][$table]['ctrl']['enablecolumns']['disabled'];
500 if ($hideField) {
501 $recData = array();
502 $recData[$table][$uid][$hideField] = 0;
503 $this->tce->start($recData, array());
504 $this->tce->process_datamap();
505 }
506 }
507
508 /**
509 * Moves a record up.
510 *
511 * @param string The table name for the record to move.
512 * @param integer The UID for the record to hide.
513 * @return void
514 */
515 public function up($table, $uid) {
516 $this->move($table, $uid, 'up');
517 }
518
519 /**
520 * Moves a record down.
521 *
522 * @param string The table name for the record to move.
523 * @param integer The UID for the record to move.
524 * @return void
525 */
526 public function down($table, $uid) {
527 $this->move($table, $uid, 'down');
528 }
529
530 /**
531 * Moves a record in the specified direction.
532 *
533 * @param string The table name for the record to move.
534 * @param integer The UID for the record to move.
535 * @param string The direction to move, either 'up' or 'down'.
536 * @return void
537 */
538 protected function move($table, $uid, $direction) {
539 $cmdData = array();
540 if ($direction == 'up') {
541 $operator = '<';
542 $order = 'DESC';
543 } else {
544 $operator = '>';
545 $order = 'ASC';
546 }
547
548 $sortField = $GLOBALS['TCA'][$table]['ctrl']['sortby'];
549 if ($sortField) {
550 // Get self:
551 $fields = array_unique(t3lib_div::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'] . ',uid,pid,' . $sortField, true));
552 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(implode(',', $fields), $table, 'uid=' . $uid);
553 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
554 // record before or after
555 $preview = $this->extGetFeAdminValue('preview');
556 $copyAfterFieldsQuery = '';
557 if ($preview) {
558 $ignore = array('starttime'=>1, 'endtime'=>1, 'disabled'=>1, 'fe_group'=>1);
559 }
560 if ($GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields']) {
561 $cAFields = t3lib_div::trimExplode(',', $GLOBALS['TCA'][$table]['ctrl']['copyAfterDuplFields'], false);
562 foreach($cAFields as $fieldName) {
563 $copyAfterFieldsQuery .= ' AND ' . $fieldName . '="' . $row[$fieldName] . '"';
564 }
565 }
566
567 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
568 'uid,pid',
569 $table,
570 'pid=' . intval($row['pid']) .
571 ' AND ' . $sortField . $operator . intval($row[$sortField]) .
572 $copyAfterFieldsQuery .
573 $GLOBALS['TSFE']->sys_page->enableFields($table, '', $ignore),
574 '',
575 $sortField . ' ' . $order,
576 '2'
577 );
578 if ($row2 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
579 if ($direction == 'down') {
580 $cmdData[$table][$uid]['move'] = -$row2['uid'];
581 } elseif ($row3 = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { // Must take the second record above...
582 $cmdData[$table][$uid]['move'] = -$row3['uid'];
583 } else { // ... and if that does not exist, use pid
584 $cmdData[$table][$uid]['move'] = $row['pid'];
585 }
586 } elseif ($direction == 'up') {
587 $cmdData[$table][$uid]['move'] = $row['pid'];
588 }
589 }
590 if (count($cmdData)) {
591 $this->tce->start(array(), $cmdData);
592 $this->tce->process_cmdmap();
593 }
594 }
595 }
596
597 /**
598 * Deletes a specific record.
599 *
600 * @param string The table name for the record to delete.
601 * @param integer The UID for the record to delete.
602 * @return void
603 */
604 public function delete($table, $uid) {
605 $cmdData[$table][$uid]['delete'] = 1;
606 if (count($cmdData)) {
607 $this->tce->start(array(), $cmdData);
608 $this->tce->process_cmdmap();
609 }
610 }
611
612 /**
613 * Saves a record based on its data array.
614 *
615 * @param array Array of record data to be saved.
616 * @return void
617 */
618 public function save(array $data) {
619 $this->tce->start($data, array());
620 $this->tce->process_uploads($_FILES);
621 $this->tce->process_datamap();
622 }
623
624 /**
625 * Checks whether the user has access to edit the language for the
626 * requested record.
627 *
628 * @param string The name of the table.
629 * @param array The record.
630 * @return boolean
631 */
632 protected function allowedToEditLanguage($table, array $currentRecord) {
633 // If no access right to record languages, return immediately
634 if ($table === 'pages') {
635 $lang = $GLOBALS['TSFE']->sys_language_uid;
636 } elseif ($table === 'tt_content') {
637 $lang = $GLOBALS['TSFE']->sys_language_content;
638 } elseif ($GLOBALS['TCA'][$table]['ctrl']['languageField']) {
639 $lang = $currentRecord[$GLOBALS['TCA'][$table]['ctrl']['languageField']];
640 } else {
641 $lang = -1;
642 }
643
644 if ($GLOBALS['BE_USER']->checkLanguageAccess($lang)) {
645 $languageAccess = true;
646 } else {
647 $languageAccess = false;
648 }
649
650 return $languageAccess;
651 }
652
653 /**
654 * Checks whether the user is allowed to edit the requested table.
655 *
656 * @param string The name of the table.
657 * @param array The data array.
658 * @param array The configuration array for the edit panel.
659 * @return boolean
660 */
661 protected function allowedToEdit($table, array $dataArray, array $conf) {
662
663 // Unless permissions specifically allow it, editing is not allowed.
664 $mayEdit = false;
665
666 if ($table=='pages') {
667 // 2 = permission to edit the page
668 if($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
669 $mayEdit = true;
670 }
671 } else {
672 // 16 = permission to edit content on the page
673 if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16)) {
674 $mayEdit = true;
675 }
676 }
677
678 if (!$conf['onlyCurrentPid'] || ($dataArray['pid'] == $GLOBALS['TSFE']->id)) {
679 // Permissions:
680 $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']),1);
681 $allow = array_flip($types);
682
683 $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
684 if ($table == 'pages') {
685 $allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
686
687 // Can only display editbox if there are options in the menu
688 if (count($allow)) {
689 $mayEdit = true;
690 }
691 } else {
692 $mayEdit = count($allow) && ($perms & 16);
693 }
694 }
695
696 return $mayEdit;
697 }
698
699 /**
700 * Takes an array of generally allowed actions and filters that list based on page and content permissions.
701 *
702 * @param string The name of the table.
703 * @param array The configuration array.
704 * @param integer The PID where editing will occur.
705 * @param string Comma-separated list of actions that are allowed in general.
706 * @return array
707 */
708 protected function getAllowedEditActions($table, array $conf, $pid, $allow = '') {
709
710 if (!$allow) {
711 $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']), true);
712 $allow = array_flip($types);
713 }
714
715 if (!$conf['onlyCurrentPid'] || $pid == $GLOBALS['TSFE']->id) {
716 // Permissions:
717 $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']), true);
718 $allow = array_flip($types);
719
720 $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
721 if ($table=='pages') {
722 // rootpage!
723 if (count($GLOBALS['TSFE']->config['rootLine']) == 1) {
724 unset($allow['move']);
725 unset($allow['hide']);
726 unset($allow['delete']);
727 }
728 if (!($perms & 2)){
729 unset($allow['edit']);
730 unset($allow['move']);
731 unset($allow['hide']);
732 }
733 if (!($perms & 4)) {
734 unset($allow['delete']);
735 }
736 if (!($perms&8)) {
737 unset($allow['new']);
738 }
739 }
740 }
741
742 return $allow;
743 }
744 }
745
746 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_frontendedit.php']) {
747 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_frontendedit.php']);
748 }
749
750 ?>
TYPO3 CMS Core Development