[TASK] Removes extra empty lines
[Packages/TYPO3.CMS.git] / typo3 / sysext / setup / Classes / Controller / SetupModuleController.php
1 <?php
2 namespace TYPO3\CMS\Setup\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Backend\Avatar\DefaultAvatarProvider;
20 use TYPO3\CMS\Backend\Module\AbstractModule;
21 use TYPO3\CMS\Backend\Module\ModuleLoader;
22 use TYPO3\CMS\Backend\Utility\BackendUtility;
23 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
24 use TYPO3\CMS\Core\Database\DatabaseConnection;
25 use TYPO3\CMS\Core\DataHandling\DataHandler;
26 use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
27 use TYPO3\CMS\Core\Imaging\Icon;
28 use TYPO3\CMS\Core\Messaging\FlashMessage;
29 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
30 use TYPO3\CMS\Core\Resource\ResourceFactory;
31 use TYPO3\CMS\Core\Utility\GeneralUtility;
32
33 /**
34 * Script class for the Setup module
35 */
36 class SetupModuleController extends AbstractModule
37 {
38 /**
39 * Flag if password has not been updated
40 */
41 const PASSWORD_NOT_UPDATED = 0;
42
43 /**
44 * Flag if password has been updated
45 */
46 const PASSWORD_UPDATED = 1;
47
48 /**
49 * Flag if both new passwords do not match
50 */
51 const PASSWORD_NOT_THE_SAME = 2;
52
53 /**
54 * Flag if the current password given was not identical to the real
55 * current password
56 */
57 const PASSWORD_OLD_WRONG = 3;
58
59 /**
60 * @var array
61 */
62 public $MOD_MENU = array();
63
64 /**
65 * @var array
66 */
67 public $MOD_SETTINGS = array();
68
69 /**
70 * @var \TYPO3\CMS\Backend\Template\DocumentTemplate
71 */
72 public $doc;
73
74 /**
75 * @var string
76 */
77 public $content;
78
79 /**
80 * @var array
81 */
82 public $overrideConf;
83
84 /**
85 * backend user object, set during simulate-user operation
86 *
87 * @var \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
88 */
89 public $OLD_BE_USER;
90
91 /**
92 * @var bool
93 */
94 public $languageUpdate;
95
96 /**
97 * @var bool
98 */
99 protected $pagetreeNeedsRefresh = false;
100
101 /**
102 * @var bool
103 */
104 protected $isAdmin;
105
106 /**
107 * @var array
108 */
109 protected $tsFieldConf;
110
111 /**
112 * @var bool
113 */
114 protected $saveData = false;
115
116 /**
117 * @var int
118 */
119 protected $passwordIsUpdated = self::PASSWORD_NOT_UPDATED;
120
121 /**
122 * @var bool
123 */
124 protected $passwordIsSubmitted = false;
125
126 /**
127 * @var bool
128 */
129 protected $setupIsUpdated = false;
130
131 /**
132 * @var bool
133 */
134 protected $settingsAreResetToDefault = false;
135
136 /**
137 * Form protection instance
138 *
139 * @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection
140 */
141 protected $formProtection;
142
143 /**
144 * @var string
145 */
146 protected $simulateSelector = '';
147
148 /**
149 * @var string
150 */
151 protected $simUser = '';
152
153 /**
154 * The name of the module
155 *
156 * @var string
157 */
158 protected $moduleName = 'user_setup';
159
160 /**
161 * @var ModuleLoader
162 */
163 protected $loadModules;
164
165 /**
166 * Instantiate the form protection before a simulated user is initialized.
167 */
168 public function __construct()
169 {
170 parent::__construct();
171 $this->formProtection = FormProtectionFactory::get();
172 }
173
174 /**
175 * Getter for the form protection instance.
176 *
177 * @return \TYPO3\CMS\Core\FormProtection\BackendFormProtection
178 */
179 public function getFormProtection()
180 {
181 return $this->formProtection;
182 }
183
184 /**
185 * If settings are submitted to _POST[DATA], store them
186 * NOTICE: This method is called before the \TYPO3\CMS\Backend\Template\DocumentTemplate
187 * is included. See bottom of document.
188 *
189 * @see \TYPO3\CMS\Backend\Template\DocumentTemplate
190 */
191 public function storeIncomingData()
192 {
193 // First check if something is submitted in the data-array from POST vars
194 $d = GeneralUtility::_POST('data');
195 $columns = $GLOBALS['TYPO3_USER_SETTINGS']['columns'];
196 $beUser = $this->getBackendUser();
197 $beUserId = $beUser->user['uid'];
198 $storeRec = array();
199 $fieldList = $this->getFieldsFromShowItem();
200 if (is_array($d) && $this->formProtection->validateToken((string)GeneralUtility::_POST('formToken'), 'BE user setup', 'edit')) {
201 // UC hashed before applying changes
202 $save_before = md5(serialize($beUser->uc));
203 // PUT SETTINGS into the ->uc array:
204 // Reload left frame when switching BE language
205 if (isset($d['lang']) && $d['lang'] != $beUser->uc['lang']) {
206 $this->languageUpdate = true;
207 }
208 // Reload pagetree if the title length is changed
209 if (isset($d['titleLen']) && $d['titleLen'] !== $beUser->uc['titleLen']) {
210 $this->pagetreeNeedsRefresh = true;
211 }
212 if ($d['setValuesToDefault']) {
213 // If every value should be default
214 $beUser->resetUC();
215 $this->settingsAreResetToDefault = true;
216 } elseif ($d['save']) {
217 // Save all submitted values if they are no array (arrays are with table=be_users) and exists in $GLOBALS['TYPO3_USER_SETTINGS'][columns]
218 foreach ($columns as $field => $config) {
219 if (!in_array($field, $fieldList)) {
220 continue;
221 }
222 if ($config['table']) {
223 if ($config['table'] === 'be_users' && !in_array($field, array('password', 'password2', 'passwordCurrent', 'email', 'realName', 'admin', 'avatar'))) {
224 if (!isset($config['access']) || $this->checkAccess($config) && $beUser->user[$field] !== $d['be_users'][$field]) {
225 if ($config['type'] === 'check') {
226 $fieldValue = isset($d['be_users'][$field]) ? 1 : 0;
227 } else {
228 $fieldValue = $d['be_users'][$field];
229 }
230 $storeRec['be_users'][$beUserId][$field] = $fieldValue;
231 $beUser->user[$field] = $fieldValue;
232 }
233 }
234 }
235 if ($config['type'] === 'check') {
236 $beUser->uc[$field] = isset($d[$field]) ? 1 : 0;
237 } else {
238 $beUser->uc[$field] = htmlspecialchars($d[$field]);
239 }
240 }
241 // Personal data for the users be_user-record (email, name, password...)
242 // If email and name is changed, set it in the users record:
243 $be_user_data = $d['be_users'];
244 // Possibility to modify the transmitted values. Useful to do transformations, like RSA password decryption
245 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'])) {
246 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['modifyUserDataBeforeSave'] as $function) {
247 $params = array('be_user_data' => &$be_user_data);
248 GeneralUtility::callUserFunction($function, $params, $this);
249 }
250 }
251 $this->passwordIsSubmitted = (string)$be_user_data['password'] !== '';
252 $passwordIsConfirmed = $this->passwordIsSubmitted && $be_user_data['password'] === $be_user_data['password2'];
253 // Update the real name:
254 if ($be_user_data['realName'] !== $beUser->user['realName']) {
255 $beUser->user['realName'] = ($storeRec['be_users'][$beUserId]['realName'] = substr($be_user_data['realName'], 0, 80));
256 }
257 // Update the email address:
258 if ($be_user_data['email'] !== $beUser->user['email']) {
259 $beUser->user['email'] = ($storeRec['be_users'][$beUserId]['email'] = substr($be_user_data['email'], 0, 80));
260 }
261 // Update the password:
262 if ($passwordIsConfirmed) {
263 $currentPasswordHashed = $GLOBALS['BE_USER']->user['password'];
264 $saltFactory = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($currentPasswordHashed);
265 if ($saltFactory->checkPassword($be_user_data['passwordCurrent'], $currentPasswordHashed)) {
266 $this->passwordIsUpdated = self::PASSWORD_UPDATED;
267 $storeRec['be_users'][$beUserId]['password'] = $be_user_data['password'];
268 } else {
269 $this->passwordIsUpdated = self::PASSWORD_OLD_WRONG;
270 }
271 } else {
272 $this->passwordIsUpdated = self::PASSWORD_NOT_THE_SAME;
273 }
274
275 $this->setAvatarFileUid($beUserId, $be_user_data['avatar'], $storeRec);
276
277 $this->saveData = true;
278 }
279 // Inserts the overriding values.
280 $beUser->overrideUC();
281 $save_after = md5(serialize($beUser->uc));
282 // If something in the uc-array of the user has changed, we save the array...
283 if ($save_before != $save_after) {
284 $beUser->writeUC($beUser->uc);
285 $beUser->writelog(254, 1, 0, 1, 'Personal settings changed', array());
286 $this->setupIsUpdated = true;
287 }
288 // Persist data if something has changed:
289 if (!empty($storeRec) && $this->saveData) {
290 // Make instance of TCE for storing the changes.
291 /** @var DataHandler $dataHandler */
292 $dataHandler = GeneralUtility::makeInstance(DataHandler::class);
293 $dataHandler->stripslashes_values = false;
294 // This is so the user can actually update his user record.
295 $isAdmin = $beUser->user['admin'];
296 $beUser->user['admin'] = 1;
297 $dataHandler->start($storeRec, array(), $beUser);
298 // This is to make sure that the users record can be updated even if in another workspace. This is tolerated.
299 $dataHandler->bypassWorkspaceRestrictions = true;
300 $dataHandler->process_datamap();
301 unset($tce);
302 if ($this->passwordIsUpdated === self::PASSWORD_NOT_UPDATED || count($storeRec['be_users'][$beUserId]) > 1) {
303 $this->setupIsUpdated = true;
304 }
305 // Restore admin status after processing
306 $beUser->user['admin'] = $isAdmin;
307 }
308 }
309 }
310
311 /******************************
312 *
313 * Rendering module
314 *
315 ******************************/
316 /**
317 * Initializes the module for display of the settings form.
318 *
319 * @return void
320 */
321 public function init()
322 {
323 $this->getLanguageService()->includeLLFile('EXT:setup/Resources/Private/Language/locallang.xlf');
324
325 // Returns the script user - that is the REAL logged in user! ($GLOBALS[BE_USER] might be another user due to simulation!)
326 $scriptUser = $this->getRealScriptUserObj();
327
328 $this->isAdmin = $scriptUser->isAdmin();
329 // Getting the 'override' values as set might be set in User TSconfig
330 $this->overrideConf = $this->getBackendUser()->getTSConfigProp('setup.override');
331 // Getting the disabled fields might be set in User TSconfig (eg setup.fields.password.disabled=1)
332 $this->tsFieldConf = $this->getBackendUser()->getTSConfigProp('setup.fields');
333 // id password is disabled, disable repeat of password too (password2)
334 if (isset($this->tsFieldConf['password.']) && $this->tsFieldConf['password.']['disabled']) {
335 $this->tsFieldConf['password2.']['disabled'] = 1;
336 $this->tsFieldConf['passwordCurrent.']['disabled'] = 1;
337 }
338 // Create instance of object for output of data
339 $this->doc = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Template\DocumentTemplate::class);
340 }
341
342 /**
343 * Generate necessary JavaScript
344 *
345 * @return string
346 */
347 protected function getJavaScript()
348 {
349 $javaScript = '';
350 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'])) {
351 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/setup/mod/index.php']['setupScriptHook'] as $function) {
352 $params = array();
353 $javaScript .= GeneralUtility::callUserFunction($function, $params, $this);
354 }
355 }
356 return $javaScript;
357 }
358
359 /**
360 * Generate the main settings form:
361 *
362 * @return void
363 */
364 public function main()
365 {
366 $this->content .= '<form action="' . BackendUtility::getModuleUrl('user_setup') . '" method="post" id="SetupModuleController" name="usersetup" enctype="multipart/form-data">';
367 if ($this->languageUpdate) {
368 $this->moduleTemplate->addJavaScriptCode('languageUpdate', '
369 if (top.refreshMenu) {
370 top.refreshMenu();
371 } else {
372 top.TYPO3ModuleMenu.refreshMenu();
373 }
374 ');
375 }
376 if ($this->pagetreeNeedsRefresh) {
377 BackendUtility::setUpdateSignal('updatePageTree');
378 }
379 // Start page:
380 $this->moduleTemplate->loadJavascriptLib('sysext/backend/Resources/Public/JavaScript/md5.js');
381 // Use a wrapper div
382 $this->content .= '<div id="user-setup-wrapper">';
383 // Load available backend modules
384 $this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
385 $this->loadModules->observeWorkspaces = true;
386 $this->loadModules->load($GLOBALS['TBE_MODULES']);
387 $this->content .= $this->doc->header($this->getLanguageService()->getLL('UserSettings'));
388 // Show if setup was saved
389 if ($this->setupIsUpdated && !$this->settingsAreResetToDefault) {
390 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('setupWasUpdated'), $this->getLanguageService()->getLL('UserSettings'));
391 $this->content .= $flashMessage->render();
392 }
393
394 // Show if temporary data was cleared
395 if ($this->settingsAreResetToDefault) {
396 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('settingsAreReset'), $this->getLanguageService()->getLL('resetConfiguration'));
397 $this->content .= $flashMessage->render();
398 }
399
400 // Notice
401 if ($this->setupIsUpdated || $this->settingsAreResetToDefault) {
402 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('activateChanges'), '', FlashMessage::INFO);
403 $this->content .= $flashMessage->render();
404 }
405
406 // If password is updated, output whether it failed or was OK.
407 if ($this->passwordIsSubmitted) {
408 $flashMessage = null;
409 switch ($this->passwordIsUpdated) {
410 case self::PASSWORD_OLD_WRONG:
411 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('oldPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
412 break;
413 case self::PASSWORD_NOT_THE_SAME:
414 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_failed'), $this->getLanguageService()->getLL('newPassword'), FlashMessage::ERROR);
415 break;
416 case self::PASSWORD_UPDATED:
417 $flashMessage = GeneralUtility::makeInstance(FlashMessage::class, $this->getLanguageService()->getLL('newPassword_ok'), $this->getLanguageService()->getLL('newPassword'));
418 break;
419 }
420 if ($flashMessage) {
421 $this->content .= $flashMessage->render();
422 }
423 }
424
425 // Render user switch
426 $this->content .= $this->renderSimulateUserSelectAndLabel();
427
428 // Render the menu items
429 $menuItems = $this->renderUserSetup();
430 $this->content .= $this->moduleTemplate->getDynamicTabMenu($menuItems, 'user-setup', 1, false, false);
431 $formToken = $this->formProtection->generateToken('BE user setup', 'edit');
432 $this->content .= '<div>';
433 $this->content .= '<input type="hidden" name="simUser" value="' . $this->simUser . '" />
434 <input type="hidden" name="formToken" value="' . $formToken . '" />
435 <input type="hidden" value="1" name="data[save]" />
436 <input type="hidden" name="data[setValuesToDefault]" value="0" id="setValuesToDefault" />';
437 $this->content .= '</div>';
438 // End of wrapper div
439 $this->content .= '</div>';
440 // Setting up the buttons and markers for docheader
441 $this->getButtons();
442 // Build the <body> for the module
443 // Renders the module page
444 $this->moduleTemplate->setContent($this->content);
445 $this->content .= '</form>';
446 }
447
448 /**
449 * Injects the request object for the current request or subrequest
450 * Simply calls main() and init() and writes the content to the response
451 *
452 * @param ServerRequestInterface $request the current request
453 * @param ResponseInterface $response
454 * @return ResponseInterface the response with the content
455 */
456 public function mainAction(ServerRequestInterface $request, ResponseInterface $response)
457 {
458 $GLOBALS['SOBE'] = $this;
459 $this->simulateUser();
460 $this->storeIncomingData();
461 $this->init();
462 $this->main();
463
464 $response->getBody()->write($this->moduleTemplate->renderContent());
465 return $response;
466 }
467
468 /**
469 * Prints the content / ends page
470 *
471 * @return void
472 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8
473 */
474 public function printContent()
475 {
476 GeneralUtility::logDeprecatedFunction();
477 echo $this->content;
478 }
479
480 /**
481 * Create the panel of buttons for submitting the form or otherwise perform operations.
482 */
483 protected function getButtons()
484 {
485 $buttonBar = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar();
486 $cshButton = $buttonBar->makeHelpButton()
487 ->setModuleName('_MOD_user_setup')
488 ->setFieldName('');
489 $buttonBar->addButton($cshButton);
490
491 $saveButton = $buttonBar->makeInputButton()
492 ->setName('data[save]')
493 ->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
494 ->setValue('1')
495 ->setForm('SetupModuleController')
496 ->setShowLabelText(true)
497 ->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
498
499 $buttonBar->addButton($saveButton);
500 $shortcutButton = $buttonBar->makeShortcutButton()
501 ->setModuleName($this->moduleName);
502 $buttonBar->addButton($shortcutButton);
503 }
504
505 /******************************
506 *
507 * Render module
508 *
509 ******************************/
510
511 /**
512 * renders the data for all tabs in the user setup and returns
513 * everything that is needed with tabs and dyntab menu
514 *
515 * @return array Ready to use for the dyntabmenu itemarray
516 */
517 protected function renderUserSetup()
518 {
519 $html = '';
520 $result = array();
521 $firstTabLabel = '';
522 $code = array();
523 $fieldArray = $this->getFieldsFromShowItem();
524 $tabLabel = '';
525 foreach ($fieldArray as $fieldName) {
526 $more = '';
527 if (substr($fieldName, 0, 8) === '--div--;') {
528 if ($firstTabLabel === '') {
529 // First tab
530 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
531 $firstTabLabel = $tabLabel;
532 } else {
533 $result[] = array(
534 'label' => $tabLabel,
535 'content' => count($code) ? implode(LF, $code) : ''
536 );
537 $tabLabel = $this->getLabel(substr($fieldName, 8), '', false);
538 $code = array();
539 }
540 continue;
541 }
542 $config = $GLOBALS['TYPO3_USER_SETTINGS']['columns'][$fieldName];
543
544 // Field my be disabled in setup.fields
545 if (isset($this->tsFieldConf[$fieldName . '.']['disabled']) && $this->tsFieldConf[$fieldName . '.']['disabled'] == 1) {
546 continue;
547 }
548 if (isset($config['access']) && !$this->checkAccess($config)) {
549 continue;
550 }
551 $label = $this->getLabel($config['label'], $fieldName);
552 $label = $this->getCSH($config['csh'] ?: $fieldName, $label);
553 $type = $config['type'];
554 $class = $config['class'];
555
556 if ($type !== 'check') {
557 $class .= ' form-control';
558 }
559
560 $style = $config['style'];
561 if ($class) {
562 $more .= ' class="' . $class . '"';
563 }
564 if ($style) {
565 $more .= ' style="' . $style . '"';
566 }
567 if (isset($this->overrideConf[$fieldName])) {
568 $more .= ' disabled="disabled"';
569 }
570 $value = $config['table'] === 'be_users' ? $this->getBackendUser()->user[$fieldName] : $this->getBackendUser()->uc[$fieldName];
571 if (!$value && isset($config['default'])) {
572 $value = $config['default'];
573 }
574 $dataAdd = '';
575 if ($config['table'] === 'be_users') {
576 $dataAdd = '[be_users]';
577 }
578
579 switch ($type) {
580 case 'text':
581 case 'email':
582 case 'password':
583 $noAutocomplete = '';
584 if ($type === 'password') {
585 $value = '';
586 $noAutocomplete = 'autocomplete="off" ';
587 $more .= ' data-rsa-encryption=""';
588 }
589 $html = '<input id="field_' . $fieldName . '"
590 type="' . $type . '"
591 name="data' . $dataAdd . '[' . $fieldName . ']" ' .
592 $noAutocomplete .
593 'value="' . htmlspecialchars($value) . '" ' .
594 $more .
595 ' />';
596 break;
597 case 'check':
598 $html = $label . '<div class="checkbox"><label><input id="field_' . $fieldName . '"
599 type="checkbox"
600 name="data' . $dataAdd . '[' . $fieldName . ']"' .
601 ($value ? ' checked="checked"' : '') .
602 $more .
603 ' /></label></div>';
604 $label = '';
605 break;
606 case 'select':
607 if ($config['itemsProcFunc']) {
608 $html = GeneralUtility::callUserFunction($config['itemsProcFunc'], $config, $this, '');
609 } else {
610 $html = '<select id="field_' . $fieldName . '"
611 name="data' . $dataAdd . '[' . $fieldName . ']"' .
612 $more . '>' . LF;
613 foreach ($config['items'] as $key => $optionLabel) {
614 $html .= '<option value="' . $key . '"' . ($value == $key ? ' selected="selected"' : '') . '>' . $this->getLabel($optionLabel, '', false) . '</option>' . LF;
615 }
616 $html .= '</select>';
617 }
618 break;
619 case 'user':
620 $html = GeneralUtility::callUserFunction($config['userFunc'], $config, $this, '');
621 break;
622 case 'button':
623 if ($config['onClick']) {
624 $onClick = $config['onClick'];
625 if ($config['onClickLabels']) {
626 foreach ($config['onClickLabels'] as $key => $labelclick) {
627 $config['onClickLabels'][$key] = $this->getLabel($labelclick, '', false);
628 }
629 $onClick = vsprintf($onClick, $config['onClickLabels']);
630 }
631 $html = '<br><input class="btn btn-default" type="button"
632 value="' . $this->getLabel($config['buttonlabel'], '', false) . '"
633 onclick="' . $onClick . '" />';
634 }
635 break;
636 case 'avatar':
637 // Get current avatar image
638 $html = '<br>';
639 $avatarFileUid = $this->getAvatarFileUid($this->getBackendUser()->user['uid']);
640
641 if ($avatarFileUid) {
642 $defaultAvatarProvider = GeneralUtility::makeInstance(DefaultAvatarProvider::class);
643 $avatarImage = $defaultAvatarProvider->getImage($this->getBackendUser()->user, 32);
644 if ($avatarImage) {
645 $icon = '<span class="avatar"><span class="avatar-image">' .
646 '<img src="' . htmlspecialchars($avatarImage->getUrl(true)) . '"' .
647 ' width="' . (int)$avatarImage->getWidth() . '" ' .
648 'height="' . (int)$avatarImage->getHeight() . '" />' .
649 '</span></span>';
650 $html .= '<span class="pull-left" style="padding-right: 10px" id="image_' . htmlspecialchars($fieldName) . '">' . $icon . ' </span>';
651 }
652 }
653 $html .= '<input id="field_' . htmlspecialchars($fieldName) . '" type="hidden" ' .
654 'name="data' . $dataAdd . '[' . htmlspecialchars($fieldName) . ']"' . $more .
655 ' value="' . $avatarFileUid . '" />';
656
657 $html .= '<div class="btn-group">';
658 if ($avatarFileUid) {
659 $html .= '<a id="clear_button_' . htmlspecialchars($fieldName) . '" onclick="clearExistingImage(); return false;" class="btn btn-default"><span class="t3-icon fa t3-icon fa fa-remove"> </span></a>';
660 }
661 $html .= '<a id="add_button_' . htmlspecialchars($fieldName) . '" class="btn btn-default btn-add-avatar" onclick="openFileBrowser();return false;"><span class="t3-icon t3-icon-actions t3-icon-actions-insert t3-icon-insert-record"> </span></a>' .
662 '</div>';
663
664 $this->addAvatarButtonJs($fieldName);
665 break;
666 default:
667 $html = '';
668 }
669
670 $code[] = '<div class="form-section"><div class="form-group">' .
671 $label .
672 $html .
673 '</div></div>';
674 }
675
676 $result[] = array(
677 'label' => $tabLabel,
678 'content' => count($code) ? implode(LF, $code) : ''
679 );
680 return $result;
681 }
682
683 /******************************
684 *
685 * Helper functions
686 *
687 ******************************/
688 /**
689 * Returns the backend user object, either the global OR the $this->OLD_BE_USER which is set during simulate-user operation.
690 * Anyway: The REAL user is returned - the one logged in.
691 *
692 * @return BackendUserAuthentication The REAL user is returned - the one logged in.
693 */
694 protected function getRealScriptUserObj()
695 {
696 return is_object($this->OLD_BE_USER) ? $this->OLD_BE_USER : $this->getBackendUser();
697 }
698
699 /**
700 * Return a select with available languages
701 *
702 * @param array $params
703 *
704 * @return string Complete select as HTML string or warning box if something went wrong.
705 */
706 public function renderLanguageSelect($params)
707 {
708 $languageOptions = array();
709 // Compile the languages dropdown
710 $langDefault = $this->getLanguageService()->getLL('lang_default', true);
711 $languageOptions[$langDefault] = '<option value=""' . ($this->getBackendUser()->uc['lang'] === '' ? ' selected="selected"' : '') . '>' . $langDefault . '</option>';
712 // Traverse the number of languages
713 /** @var $locales \TYPO3\CMS\Core\Localization\Locales */
714 $locales = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\Locales::class);
715 $languages = $locales->getLanguages();
716 foreach ($languages as $locale => $name) {
717 if ($locale !== 'default') {
718 $defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
719 $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
720 if ($localizedName === '') {
721 $localizedName = htmlspecialchars($name);
722 }
723 $localLabel = ' - [' . htmlspecialchars($defaultName) . ']';
724 $available = is_dir(PATH_typo3conf . 'l10n/' . $locale);
725 if ($available) {
726 $languageOptions[$defaultName] = '<option value="' . $locale . '"' . ($this->getBackendUser()->uc['lang'] === $locale ? ' selected="selected"' : '') . '>' . $localizedName . $localLabel . '</option>';
727 }
728 }
729 }
730 ksort($languageOptions);
731 $languageCode = '
732 <select id="field_lang" name="data[lang]" class="form-control">' . implode('', $languageOptions) . '
733 </select>';
734 if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
735 $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed.<br />' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
736 $languageUnavailableMessage = GeneralUtility::makeInstance(FlashMessage::class, $languageUnavailableWarning, '', FlashMessage::WARNING);
737 $languageCode = $languageUnavailableMessage->render() . $languageCode;
738 }
739 return $languageCode;
740 }
741
742 /**
743 * Returns a select with all modules for startup
744 *
745 * @param array $params
746 * @param SetupModuleController $pObj
747 *
748 * @return string Complete select as HTML string
749 */
750 public function renderStartModuleSelect($params, $pObj)
751 {
752 $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
753 foreach ($pObj->loadModules->modules as $mainMod => $modData) {
754 if (!empty($modData['sub']) && is_array($modData['sub'])) {
755 $modules = '';
756 foreach ($modData['sub'] as $subData) {
757 $modName = $subData['name'];
758 $modules .= '<option value="' . htmlspecialchars($modName) . '"';
759 $modules .= $this->getBackendUser()->uc['startModule'] === $modName ? ' selected="selected"' : '';
760 $modules .= '>' . $this->getLanguageService()->moduleLabels['tabs'][$modName . '_tab'] . '</option>';
761 }
762 $groupLabel = $this->getLanguageService()->moduleLabels['tabs'][$mainMod . '_tab'];
763 $startModuleSelect .= '<optgroup label="' . htmlspecialchars($groupLabel) . '">' . $modules . '</optgroup>';
764 }
765 }
766 return '<select id="field_startModule" name="data[startModule]" class="form-control">' . $startModuleSelect . '</select>';
767 }
768
769 /**
770 * Will make the simulate-user selector if the logged in user is administrator.
771 * It will also set the GLOBAL(!) BE_USER to the simulated user selected if any (and set $this->OLD_BE_USER to logged in user)
772 *
773 * @return void
774 */
775 public function simulateUser()
776 {
777 // If admin, allow simulation of another user
778 $this->simUser = 0;
779 $this->simulateSelector = '';
780 unset($this->OLD_BE_USER);
781 if ($this->getBackendUser()->isAdmin()) {
782 $this->simUser = (int)GeneralUtility::_GP('simUser');
783 // Make user-selector:
784 $db = $this->getDatabaseConnection();
785 $where = 'AND username NOT LIKE ' . $db->fullQuoteStr($db->escapeStrForLike('_cli_', 'be_users') . '%', 'be_users');
786 $where .= ' AND uid <> ' . (int)$this->getBackendUser()->user['uid'] . BackendUtility::BEenableFields('be_users');
787 $users = BackendUtility::getUserNames('username,usergroup,usergroup_cached_list,uid,realName', $where);
788 $opt = array();
789 foreach ($users as $rr) {
790 $label = htmlspecialchars(($rr['username'] . ($rr['realName'] ? ' (' . $rr['realName'] . ')' : '')));
791 $opt[] = '<option value="' . $rr['uid'] . '"' . ($this->simUser == $rr['uid'] ? ' selected="selected"' : '') . '>' . $label . '</option>';
792 }
793 if (!empty($opt)) {
794 $this->simulateSelector = '<select id="field_simulate" name="simulateUser" onchange="window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('user_setup') . '&simUser=') . '+this.options[this.selectedIndex].value;"><option></option>' . implode('', $opt) . '</select>';
795 }
796 }
797 // This can only be set if the previous code was executed.
798 if ($this->simUser > 0) {
799 // Save old user...
800 $this->OLD_BE_USER = $this->getBackendUser();
801 unset($GLOBALS['BE_USER']);
802 // Unset current
803 // New backend user object
804 $BE_USER = GeneralUtility::makeInstance(BackendUserAuthentication::class);
805 $BE_USER->setBeUserByUid($this->simUser);
806 $BE_USER->fetchGroupData();
807 $BE_USER->backendSetUC();
808 // Must do this, because unsetting $BE_USER before apparently unsets the reference to the global variable by this name!
809 $GLOBALS['BE_USER'] = $BE_USER;
810 }
811 }
812
813 /**
814 * Render simulate user select and label
815 *
816 * @return string
817 */
818 protected function renderSimulateUserSelectAndLabel()
819 {
820 if ($this->simulateSelector === '') {
821 return '';
822 }
823
824 return '<p>' .
825 '<label for="field_simulate" style="margin-right: 20px;">' .
826 $this->getLanguageService()->sL('LLL:EXT:setup/Resources/Private/Language/locallang.xlf:simulate') .
827 '</label>' .
828 $this->simulateSelector .
829 '</p>';
830 }
831
832 /**
833 * Returns access check (currently only "admin" is supported)
834 *
835 * @param array $config Configuration of the field, access mode is defined in key 'access'
836 * @return bool Whether it is allowed to modify the given field
837 */
838 protected function checkAccess(array $config)
839 {
840 $access = $config['access'];
841
842 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck'][$access])) {
843 if (class_exists($access)) {
844 $accessObject = GeneralUtility::makeInstance($access);
845 if (method_exists($accessObject, 'accessLevelCheck')) {
846 // Initialize vars. If method fails, $set will be set to FALSE
847 return $accessObject->accessLevelCheck($config);
848 }
849 }
850 } elseif ($access == 'admin') {
851 return $this->isAdmin;
852 }
853
854 return false;
855 }
856
857 /**
858 * Returns the label $str from getLL() and grays out the value if the $str/$key is found in $this->overrideConf array
859 *
860 * @param string $str Locallang key
861 * @param string $key Alternative override-config key
862 * @param bool $addLabelTag Defines whether the string should be wrapped in a <label> tag.
863 * @param string $altLabelTagId Alternative id for use in "for" attribute of <label> tag. By default the $str key is used prepended with "field_".
864 * @return string HTML output.
865 */
866 protected function getLabel($str, $key = '', $addLabelTag = true, $altLabelTagId = '')
867 {
868 if (substr($str, 0, 4) === 'LLL:') {
869 $out = $this->getLanguageService()->sL($str);
870 } else {
871 $out = htmlspecialchars($str);
872 }
873 if (isset($this->overrideConf[$key ?: $str])) {
874 $out = '<span style="color:#999999">' . $out . '</span>';
875 }
876 if ($addLabelTag) {
877 $out = '<label for="' . ($altLabelTagId ?: 'field_' . $key) . '">' . $out . '</label>';
878 }
879 return $out;
880 }
881
882 /**
883 * Returns the CSH Icon for given string
884 *
885 * @param string $str Locallang key
886 * @param string $label The label to be used, that should be wrapped in help
887 * @return string HTML output.
888 */
889 protected function getCSH($str, $label)
890 {
891 $context = '_MOD_user_setup';
892 $field = $str;
893 $strParts = explode(':', $str);
894 if (count($strParts) > 1) {
895 // Setting comes from another extension
896 $context = $strParts[0];
897 $field = $strParts[1];
898 } elseif (!GeneralUtility::inList('language,simuser,reset', $str)) {
899 $field = 'option_' . $str;
900 }
901 return BackendUtility::wrapInHelp($context, $field, $label);
902 }
903
904 /**
905 * Returns array with fields defined in $GLOBALS['TYPO3_USER_SETTINGS']['showitem']
906 *
907 * @return array Array with fieldnames visible in form
908 */
909 protected function getFieldsFromShowItem()
910 {
911 return GeneralUtility::trimExplode(',', $GLOBALS['TYPO3_USER_SETTINGS']['showitem'], true);
912 }
913
914 /**
915 * Get Avatar fileUid
916 *
917 * @param int $beUserId
918 * @return int
919 */
920 protected function getAvatarFileUid($beUserId)
921 {
922 $file = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
923 'uid_local',
924 'sys_file_reference',
925 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
926 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId .
927 BackendUtility::BEenableFields('sys_file_reference') . BackendUtility::deleteClause('sys_file_reference')
928 );
929 return $file ? $file['uid_local'] : 0;
930 }
931
932 /**
933 * Set avatar fileUid for backend user
934 *
935 * @param int $beUserId
936 * @param int $fileUid
937 * @param array $storeRec
938 */
939 protected function setAvatarFileUid($beUserId, $fileUid, array &$storeRec)
940 {
941
942 // Update is only needed when new fileUid is set
943 if ((int)$fileUid === $this->getAvatarFileUid($beUserId)) {
944 return;
945 }
946
947 // Delete old file reference
948 $this->getDatabaseConnection()->exec_DELETEquery(
949 'sys_file_reference',
950 'tablenames = \'be_users\' AND fieldname = \'avatar\' AND ' .
951 'table_local = \'sys_file\' AND uid_foreign = ' . (int)$beUserId
952 );
953
954 // Create new reference
955 if ($fileUid) {
956
957 // Get file object
958 try {
959 $file = ResourceFactory::getInstance()->getFileObject($fileUid);
960 } catch (FileDoesNotExistException $e) {
961 $file = false;
962 }
963
964 // Check if user is allowed to use the image (only when not in simulation mode)
965 if ($file && $this->simUser === 0 && !$file->getStorage()->checkFileActionPermission('read', $file)) {
966 $file = false;
967 }
968
969 // Check if extension is allowed
970 if ($file && GeneralUtility::inList($GLOBALS['TYPO3_CONF_VARS']['GFX']['imagefile_ext'], $file->getExtension())) {
971
972 // Create new file reference
973 $storeRec['sys_file_reference']['NEW1234'] = array(
974 'uid_local' => $fileUid,
975 'uid_foreign' => $beUserId,
976 'tablenames' => 'be_users',
977 'fieldname' => 'avatar',
978 'pid' => 0,
979 'table_local' => 'sys_file',
980 );
981 $storeRec['be_users'][(int)$beUserId]['avatar'] = 'NEW1234';
982 }
983 }
984 }
985
986 /**
987 * Add JavaScript to for browse files button
988 *
989 * @param string $fieldName
990 */
991 protected function addAvatarButtonJs($fieldName)
992 {
993 $this->moduleTemplate->addJavaScriptCode('avatar-button', '
994 var browserWin="";
995
996 function openFileBrowser() {
997 var url = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('wizard_element_browser', ['mode' => 'file', 'bparams' => '||||dummy|setFileUid'])) . ';
998 browserWin = window.open(url,"Typo3WinBrowser","height=650,width=800,status=0,menubar=0,resizable=1,scrollbars=1");
999 browserWin.focus();
1000 }
1001
1002 function clearExistingImage() {
1003 TYPO3.jQuery(\'#image_' . htmlspecialchars($fieldName) . '\').hide();
1004 TYPO3.jQuery(\'#clear_button_' . htmlspecialchars($fieldName) . '\').hide();
1005 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(\'\');
1006 }
1007
1008 function setFileUid(field, value, fileUid) {
1009 clearExistingImage();
1010 TYPO3.jQuery(\'#field_' . htmlspecialchars($fieldName) . '\').val(fileUid);
1011 TYPO3.jQuery(\'#add_button_' . htmlspecialchars($fieldName) . '\').removeClass(\'btn-default\').addClass(\'btn-info\');
1012
1013 browserWin.close();
1014 }
1015 ');
1016 }
1017
1018 /**
1019 * Returns the current BE user.
1020 *
1021 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1022 */
1023 protected function getBackendUser()
1024 {
1025 return $GLOBALS['BE_USER'];
1026 }
1027
1028 /**
1029 * Returns LanguageService
1030 *
1031 * @return \TYPO3\CMS\Lang\LanguageService
1032 */
1033 protected function getLanguageService()
1034 {
1035 return $GLOBALS['LANG'];
1036 }
1037
1038 /**
1039 * @return DatabaseConnection
1040 */
1041 protected function getDatabaseConnection()
1042 {
1043 return $GLOBALS['TYPO3_DB'];
1044 }
1045 }