d2c95a08d7a1e4418537ee001125c1e1d2dbeede
[Packages/TYPO3.CMS.git] / typo3 / sysext / frontend / Classes / Controller / TypoScriptFrontendController.php
1 <?php
2 namespace TYPO3\CMS\Frontend\Controller;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Error\Http\PageNotFoundException;
18 use TYPO3\CMS\Core\Utility\GeneralUtility;
19 use TYPO3\CMS\Core\Utility\HttpUtility;
20 use TYPO3\CMS\Frontend\Page\PageRepository;
21
22 /**
23 * Class for the built TypoScript based frontend. Instantiated in
24 * index_ts.php script as the global object TSFE.
25 *
26 * Main frontend class, instantiated in the index_ts.php script as the global
27 * object TSFE.
28 *
29 * This class has a lot of functions and internal variable which are used from
30 * index_ts.php.
31 *
32 * The class is instantiated as $GLOBALS['TSFE'] in index_ts.php.
33 *
34 * The use of this class should be inspired by the order of function calls as
35 * found in index_ts.php.
36 *
37 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
38 */
39 class TypoScriptFrontendController {
40
41 // CURRENT PAGE
42
43 /**
44 * The page id (int)
45 * @var string
46 */
47 public $id = '';
48
49 /**
50 * The type (read-only)
51 * @var int
52 */
53 public $type = '';
54
55 /**
56 * The submitted cHash
57 * @var string
58 */
59 public $cHash = '';
60
61 /**
62 * Page will not be cached. Write only TRUE. Never clear value (some other
63 * code might have reasons to set it TRUE).
64 * @var bool
65 */
66 public $no_cache = FALSE;
67
68 /**
69 * The rootLine (all the way to tree root, not only the current site!)
70 * @var array
71 */
72 public $rootLine = '';
73
74 /**
75 * The pagerecord
76 * @var array
77 */
78 public $page = '';
79
80 /**
81 * This will normally point to the same value as id, but can be changed to
82 * point to another page from which content will then be displayed instead.
83 * @var int
84 */
85 public $contentPid = 0;
86
87 /**
88 * Gets set when we are processing a page of type mounpoint with enabled overlay in getPageAndRootline()
89 * Used later in checkPageForMountpointRedirect() to determine the final target URL where the user
90 * should be redirected to.
91 *
92 * @var array|NULL
93 */
94 protected $originalMountPointPage = NULL;
95
96 /**
97 * Gets set when we are processing a page of type shortcut in the early stages
98 * opf init.php when we do not know about languages yet, used later in init.php
99 * to determine the correct shortcut in case a translation changes the shortcut
100 * target
101 * @var array|NULL
102 */
103 protected $originalShortcutPage = NULL;
104
105 /**
106 * sys_page-object, pagefunctions
107 *
108 * @var PageRepository
109 */
110 public $sys_page = '';
111
112 /**
113 * @var string
114 */
115 public $jumpurl = '';
116
117 /**
118 * Is set to 1 if a pageNotFound handler could have been called.
119 * @var int
120 */
121 public $pageNotFound = 0;
122
123 /**
124 * Domain start page
125 * @var int
126 */
127 public $domainStartPage = 0;
128
129 /**
130 * Array containing a history of why a requested page was not accessible.
131 * @var array
132 */
133 public $pageAccessFailureHistory = array();
134
135 /**
136 * @var string
137 */
138 public $MP = '';
139
140 /**
141 * @var string
142 */
143 public $RDCT = '';
144
145 /**
146 * This can be set from applications as a way to tag cached versions of a page
147 * and later perform some external cache management, like clearing only a part
148 * of the cache of a page...
149 * @var int
150 */
151 public $page_cache_reg1 = 0;
152
153 /**
154 * Contains the value of the current script path that activated the frontend.
155 * Typically "index.php" but by rewrite rules it could be something else! Used
156 * for Speaking Urls / Simulate Static Documents.
157 * @var string
158 */
159 public $siteScript = '';
160
161 /**
162 * The frontend user
163 *
164 * @var \TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
165 */
166 public $fe_user = '';
167
168 /**
169 * Global flag indicating that a frontend user is logged in. This is set only if
170 * a user really IS logged in. The group-list may show other groups (like added
171 * by IP filter or so) even though there is no user.
172 * @var bool
173 */
174 public $loginUser = FALSE;
175
176 /**
177 * (RO=readonly) The group list, sorted numerically. Group '0,-1' is the default
178 * group, but other groups may be added by other means than a user being logged
179 * in though...
180 * @var string
181 */
182 public $gr_list = '';
183
184 /**
185 * Flag that indicates if a backend user is logged in!
186 * @var bool
187 */
188 public $beUserLogin = FALSE;
189
190 /**
191 * Integer, that indicates which workspace is being previewed.
192 * @var int
193 */
194 public $workspacePreview = 0;
195
196 /**
197 * Shows whether logins are allowed in branch
198 * @var bool
199 */
200 public $loginAllowedInBranch = TRUE;
201
202 /**
203 * Shows specific mode (all or groups)
204 * @var string
205 */
206 public $loginAllowedInBranch_mode = '';
207
208 /**
209 * Set to backend user ID to initialize when keyword-based preview is used
210 * @var int
211 */
212 public $ADMCMD_preview_BEUSER_uid = 0;
213
214 // PREVIEW
215
216 /**
217 * Flag indication that preview is active. This is based on the login of a
218 * backend user and whether the backend user has read access to the current
219 * page. A value of 1 means ordinary preview, 2 means preview of a non-live
220 * workspace
221 * @var int
222 */
223 public $fePreview = 0;
224
225 /**
226 * Flag indicating that hidden pages should be shown, selected and so on. This
227 * goes for almost all selection of pages!
228 * @var bool
229 */
230 public $showHiddenPage = FALSE;
231
232 /**
233 * Flag indicating that hidden records should be shown. This includes
234 * sys_template, pages_language_overlay and even fe_groups in addition to all
235 * other regular content. So in effect, this includes everything except pages.
236 * @var bool
237 */
238 public $showHiddenRecords = FALSE;
239
240 /**
241 * Value that contains the simulated usergroup if any
242 * @var int
243 */
244 public $simUserGroup = 0;
245
246 // CONFIGURATION
247
248 /**
249 * Copy of $GLOBALS['TYPO3_CONF_VARS']
250 *
251 * @var array
252 */
253 public $TYPO3_CONF_VARS = array();
254
255 /**
256 * "CONFIG" object from TypoScript. Array generated based on the TypoScript
257 * configuration of the current page. Saved with the cached pages.
258 * @var array
259 */
260 public $config = '';
261
262 // TEMPLATE / CACHE
263
264 /**
265 * The TypoScript template object. Used to parse the TypoScript template
266 *
267 * @var \TYPO3\CMS\Core\TypoScript\TemplateService
268 */
269 public $tmpl = NULL;
270
271 /**
272 * Is set to the time-to-live time of cached pages. If FALSE, default is
273 * 60*60*24, which is 24 hours.
274 * @var bool|int
275 */
276 public $cacheTimeOutDefault = FALSE;
277
278 /**
279 * Set internally if cached content is fetched from the database
280 * @var bool
281 * @internal
282 */
283 public $cacheContentFlag = FALSE;
284
285 /**
286 * Set to the expire time of cached content
287 * @var int
288 */
289 public $cacheExpires = 0;
290
291 /**
292 * Set if cache headers allowing caching are sent.
293 * @var bool
294 */
295 public $isClientCachable = FALSE;
296
297 /**
298 * Used by template fetching system. This array is an identification of
299 * the template. If $this->all is empty it's because the template-data is not
300 * cached, which it must be.
301 * @var array
302 */
303 public $all = array();
304
305 /**
306 * Toplevel - objArrayName, eg 'page'
307 * @var string
308 */
309 public $sPre = '';
310
311 /**
312 * TypoScript configuration of the page-object pointed to by sPre.
313 * $this->tmpl->setup[$this->sPre.'.']
314 * @var array
315 */
316 public $pSetup = '';
317
318 /**
319 * This hash is unique to the template, the $this->id and $this->type vars and
320 * the gr_list (list of groups). Used to get and later store the cached data
321 * @var string
322 */
323 public $newHash = '';
324
325 /**
326 * If config.ftu (Frontend Track User) is set in TypoScript for the current
327 * page, the string value of this var is substituted in the rendered source-code
328 * with the string, '&ftu=[token...]' which enables GET-method usertracking as
329 * opposed to cookie based
330 * @var string
331 */
332 public $getMethodUrlIdToken = '';
333
334 /**
335 * This flag is set before inclusion of pagegen.php IF no_cache is set. If this
336 * flag is set after the inclusion of pagegen.php, no_cache is forced to be set.
337 * This is done in order to make sure that php-code from pagegen does not falsely
338 * clear the no_cache flag.
339 * @var bool
340 */
341 public $no_cacheBeforePageGen = FALSE;
342
343 /**
344 * This flag indicates if temporary content went into the cache during
345 * page-generation.
346 * @var mixed
347 */
348 public $tempContent = FALSE;
349
350 /**
351 * Passed to TypoScript template class and tells it to force template rendering
352 * @var bool
353 */
354 public $forceTemplateParsing = FALSE;
355
356 /**
357 * The array which cHash_calc is based on, see ->makeCacheHash().
358 * @var array
359 */
360 public $cHash_array = array();
361
362 /**
363 * May be set to the pagesTSconfig
364 * @var array
365 */
366 public $pagesTSconfig = '';
367
368 // PAGE-GENERATION / cOBJ
369
370 /**
371 * Eg. insert JS-functions in this array ($additionalHeaderData) to include them
372 * once. Use associative keys.
373 *
374 * Keys in use:
375 *
376 * JSFormValidate: <script type="text/javascript" src="'.$GLOBALS["TSFE"]->absRefPrefix.'typo3/sysext/frontend/Resources/Public/JavaScript/jsfunc.validateform.js"></script>
377 * JSincludeFormupdate: <script type="text/javascript" src="typo3/js/jsfunc.updateform.js"></script>
378 * JSMenuCode, JSMenuCode_menu: JavaScript for the JavaScript menu
379 * JSCode: reserved
380 *
381 * used to accumulate additional HTML-code for the header-section,
382 * <head>...</head>. Insert either associative keys (like
383 * additionalHeaderData['myStyleSheet'], see reserved keys above) or num-keys
384 * (like additionalHeaderData[] = '...')
385 *
386 * @var array
387 */
388 public $additionalHeaderData = array();
389
390 /**
391 * Used to accumulate additional HTML-code for the footer-section of the template
392 * @var array
393 */
394 public $additionalFooterData = array();
395
396 /**
397 * Used to accumulate additional JavaScript-code. Works like
398 * additionalHeaderData. Reserved keys at 'openPic' and 'mouseOver'
399 *
400 * @var array
401 */
402 public $additionalJavaScript = array();
403
404 /**
405 * Used to accumulate additional Style code. Works like additionalHeaderData.
406 *
407 * @var array
408 */
409 public $additionalCSS = array();
410
411 /**
412 * You can add JavaScript functions to each entry in these arrays. Please see
413 * how this is done in the GMENU_LAYERS script. The point is that many
414 * applications on a page can set handlers for onload, onmouseover and onmouseup
415 *
416 * @var array
417 * @deprecated since TYPO3 CMS 7, will be removed in CMS 8
418 */
419 public $JSeventFuncCalls = array(
420 'onmousemove' => array(),
421 'onmouseup' => array(),
422 'onkeydown' => array(),
423 'onkeyup' => array(),
424 'onkeypress' => array(),
425 'onload' => array(),
426 'onunload' => array()
427 );
428
429 /**
430 * Used to accumulate DHTML-layers.
431 * @var string
432 */
433 public $divSection = '';
434
435 /**
436 * Default bodytag, if nothing else is set. This can be overridden by
437 * applications like TemplaVoila.
438 * @var string
439 */
440 public $defaultBodyTag = '<body>';
441
442 // RENDERING configuration, settings from TypoScript is loaded into these
443 // vars. See pagegen.php
444
445 /**
446 * Debug flag, may output special debug html-code.
447 * @var string
448 */
449 public $debug = '';
450
451 /**
452 * Default internal target
453 * @var string
454 */
455 public $intTarget = '';
456
457 /**
458 * Default external target
459 * @var string
460 */
461 public $extTarget = '';
462
463 /**
464 * Default file link target
465 * @var string
466 */
467 public $fileTarget = '';
468
469 /**
470 * Keys are page ids and values are default &MP (mount point) values to set
471 * when using the linking features...)
472 * @var array
473 */
474 public $MP_defaults = array();
475
476 /**
477 * If set, typolink() function encrypts email addresses. Is set in pagegen-class.
478 * @var string|int
479 */
480 public $spamProtectEmailAddresses = 0;
481
482 /**
483 * Absolute Reference prefix
484 * @var string
485 */
486 public $absRefPrefix = '';
487
488 /**
489 * Factor for form-field widths compensation
490 * @var string
491 */
492 public $compensateFieldWidth = '';
493
494 /**
495 * Lock file path
496 * @var string
497 */
498 public $lockFilePath = '';
499
500 /**
501 * <A>-tag parameters
502 * @var string
503 */
504 public $ATagParams = '';
505
506 /**
507 * Search word regex, calculated if there has been search-words send. This is
508 * used to mark up the found search words on a page when jumped to from a link
509 * in a search-result.
510 * @var string
511 */
512 public $sWordRegEx = '';
513
514 /**
515 * Is set to the incoming array sword_list in case of a page-view jumped to from
516 * a search-result.
517 * @var string
518 */
519 public $sWordList = '';
520
521 /**
522 * A string prepared for insertion in all links on the page as url-parameters.
523 * Based on configuration in TypoScript where you defined which GET_VARS you
524 * would like to pass on.
525 * @var string
526 */
527 public $linkVars = '';
528
529 /**
530 * A string set with a comma list of additional GET vars which should NOT be
531 * included in the cHash calculation. These vars should otherwise be detected
532 * and involved in caching, eg. through a condition in TypoScript.
533 * @var string
534 */
535 public $excludeCHashVars = '';
536
537 /**
538 * If set, edit icons are rendered aside content records. Must be set only if
539 * the ->beUserLogin flag is set and set_no_cache() must be called as well.
540 * @var string
541 */
542 public $displayEditIcons = '';
543
544 /**
545 * If set, edit icons are rendered aside individual fields of content. Must be
546 * set only if the ->beUserLogin flag is set and set_no_cache() must be called as
547 * well.
548 * @var string
549 */
550 public $displayFieldEditIcons = '';
551
552 /**
553 * Site language, 0 (zero) is default, int+ is uid pointing to a sys_language
554 * record. Should reflect which language menus, templates etc is displayed in
555 * (master language) - but not necessarily the content which could be falling
556 * back to default (see sys_language_content)
557 * @var int
558 */
559 public $sys_language_uid = 0;
560
561 /**
562 * Site language mode for content fall back.
563 * @var string
564 */
565 public $sys_language_mode = '';
566
567 /**
568 * Site content selection uid (can be different from sys_language_uid if content
569 * is to be selected from a fall-back language. Depends on sys_language_mode)
570 * @var int
571 */
572 public $sys_language_content = 0;
573
574 /**
575 * Site content overlay flag; If set - and sys_language_content is > 0 - ,
576 * records selected will try to look for a translation pointing to their uid. (If
577 * configured in [ctrl][languageField] / [ctrl][transOrigP...]
578 * @var int
579 */
580 public $sys_language_contentOL = 0;
581
582 /**
583 * Is set to the iso code of the sys_language_content if that is properly defined
584 * by the sys_language record representing the sys_language_uid. (Requires the
585 * extension "static_info_tables")
586 * @var string
587 */
588 public $sys_language_isocode = '';
589
590 // RENDERING data
591
592 /**
593 * 'Global' Storage for various applications. Keys should be 'tx_'.extKey for
594 * extensions.
595 * @var array
596 */
597 public $applicationData = array();
598
599 /**
600 * @var array
601 */
602 public $register = array();
603
604 /**
605 * Stack used for storing array and retrieving register arrays (see
606 * LOAD_REGISTER and RESTORE_REGISTER)
607 * @var array
608 */
609 public $registerStack = array();
610
611 /**
612 * Checking that the function is not called eternally. This is done by
613 * interrupting at a depth of 50
614 * @var int
615 */
616 public $cObjectDepthCounter = 50;
617
618 /**
619 * Used by cObj->RECORDS and cObj->CONTENT to ensure the a records is NOT
620 * rendered twice through it!
621 * @var array
622 */
623 public $recordRegister = array();
624
625 /**
626 * This is set to the [table]:[uid] of the latest record rendered. Note that
627 * class ContentObjectRenderer has an equal value, but that is pointing to the
628 * record delivered in the $data-array of the ContentObjectRenderer instance, if
629 * the cObjects CONTENT or RECORD created that instance
630 * @var string
631 */
632 public $currentRecord = '';
633
634 /**
635 * Used by class \TYPO3\CMS\Frontend\ContentObject\Menu\AbstractMenuContentObject
636 * to keep track of access-keys.
637 * @var array
638 */
639 public $accessKey = array();
640
641 /**
642 * Numerical array where image filenames are added if they are referenced in the
643 * rendered document. This includes only TYPO3 generated/inserted images.
644 * @var array
645 */
646 public $imagesOnPage = array();
647
648 /**
649 * Is set in ContentObjectRenderer->cImage() function to the info-array of the
650 * most recent rendered image. The information is used in
651 * ContentObjectRenderer->IMGTEXT
652 * @var array
653 */
654 public $lastImageInfo = array();
655
656 /**
657 * Used to generate page-unique keys. Point is that uniqid() functions is very
658 * slow, so a unikey key is made based on this, see function uniqueHash()
659 * @var int
660 */
661 public $uniqueCounter = 0;
662
663 /**
664 * @var string
665 */
666 public $uniqueString = '';
667
668 /**
669 * This value will be used as the title for the page in the indexer (if
670 * indexing happens)
671 * @var string
672 */
673 public $indexedDocTitle = '';
674
675 /**
676 * Alternative page title (normally the title of the page record). Can be set
677 * from applications you make.
678 * @var string
679 */
680 public $altPageTitle = '';
681
682 /**
683 * The base URL set for the page header.
684 * @var string
685 */
686 public $baseUrl = '';
687
688 /**
689 * The proper anchor prefix needed when using speaking urls. (only set if
690 * baseUrl is set)
691 * @var string
692 */
693 public $anchorPrefix = '';
694
695 /**
696 * IDs we already rendered for this page (to make sure they are unique)
697 * @var array
698 */
699 private $usedUniqueIds = array();
700
701 /**
702 * Page content render object
703 *
704 * @var \TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer
705 */
706 public $cObj = '';
707
708 // CONTENT accumulation
709
710 /**
711 * All page content is accumulated in this variable. See pagegen.php
712 * @var string
713 */
714 public $content = '';
715
716 // GENERAL
717
718 /**
719 * Set to the browser: net / msie if 4+ browsers
720 * @var string
721 */
722 public $clientInfo = '';
723
724 /**
725 * @var int
726 */
727 public $scriptParseTime = 0;
728
729 /**
730 * Character set (charset) conversion object:
731 * charset conversion class. May be used by any application.
732 *
733 * @var \TYPO3\CMS\Core\Charset\CharsetConverter
734 */
735 public $csConvObj;
736
737 /**
738 * The default charset used in the frontend if nothing else is set.
739 * @var string
740 */
741 public $defaultCharSet = 'utf-8';
742
743 /**
744 * Internal charset of the frontend during rendering. (Default: UTF-8)
745 * @var string
746 */
747 public $renderCharset = '';
748
749 /**
750 * Output charset of the websites content. This is the charset found in the
751 * header, meta tag etc. If different from $renderCharset a conversion
752 * happens before output to browser. Defaults to ->renderCharset if not set.
753 * @var string
754 */
755 public $metaCharset = '';
756
757 /**
758 * Assumed charset of locale strings.
759 * @var string
760 */
761 public $localeCharset = '';
762
763 // LANG
764
765 /**
766 * Set to the system language key (used on the site)
767 * @var string
768 */
769 public $lang = '';
770
771 /**
772 * @var array
773 */
774 public $LL_labels_cache = array();
775
776 /**
777 * @var array
778 */
779 public $LL_files_cache = array();
780
781 /**
782 * List of language dependencies for actual language. This is used for local
783 * variants of a language that depend on their "main" language, like Brazilian,
784 * Portuguese or Canadian French.
785 *
786 * @var array
787 */
788 protected $languageDependencies = array();
789
790 /**
791 * Locking object for accessing "cache_pagesection"
792 *
793 * @var \TYPO3\CMS\Core\Locking\Locker
794 */
795 public $pagesection_lockObj;
796
797 /**
798 * Locking object for accessing "cache_pages"
799 *
800 * @var \TYPO3\CMS\Core\Locking\Locker
801 */
802 public $pages_lockObj;
803
804 /**
805 * @var \TYPO3\CMS\Core\Page\PageRenderer
806 */
807 protected $pageRenderer;
808
809 /**
810 * The page cache object, use this to save pages to the cache and to
811 * retrieve them again
812 *
813 * @var \TYPO3\CMS\Core\Cache\Backend\AbstractBackend
814 */
815 protected $pageCache;
816
817 /**
818 * @var array
819 */
820 protected $pageCacheTags = array();
821
822 /**
823 * @var \TYPO3\CMS\Frontend\Page\CacheHashCalculator The cHash Service class used for cHash related functionality
824 */
825 protected $cacheHash;
826
827 /**
828 * Runtime cache of domains per processed page ids.
829 *
830 * @var array
831 */
832 protected $domainDataCache = array();
833
834 /**
835 * Class constructor
836 * Takes a number of GET/POST input variable as arguments and stores them internally.
837 * The processing of these variables goes on later in this class.
838 * Also sets internal clientInfo array (browser information) and a unique string (->uniqueString) for this script instance; A md5 hash of the microtime()
839 *
840 * @param array $TYPO3_CONF_VARS The global $TYPO3_CONF_VARS array. Will be set internally in ->TYPO3_CONF_VARS
841 * @param mixed $id The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('id')
842 * @param int $type The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('type')
843 * @param bool|string $no_cache The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('no_cache'), evaluated to 1/0
844 * @param string $cHash The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('cHash')
845 * @param string $jumpurl The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('jumpurl')
846 * @param string $MP The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('MP')
847 * @param string $RDCT The value of \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('RDCT')
848 * @see index_ts.php
849 */
850 public function __construct($TYPO3_CONF_VARS, $id, $type, $no_cache = '', $cHash = '', $jumpurl = '', $MP = '', $RDCT = '') {
851 // Setting some variables:
852 $this->TYPO3_CONF_VARS = $TYPO3_CONF_VARS;
853 $this->id = $id;
854 $this->type = $type;
855 if ($no_cache) {
856 if ($this->TYPO3_CONF_VARS['FE']['disableNoCacheParameter']) {
857 $warning = '&no_cache=1 has been ignored because $TYPO3_CONF_VARS[\'FE\'][\'disableNoCacheParameter\'] is set!';
858 $GLOBALS['TT']->setTSlogMessage($warning, 2);
859 } else {
860 $warning = '&no_cache=1 has been supplied, so caching is disabled! URL: "' . GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL') . '"';
861 $this->disableCache();
862 }
863 GeneralUtility::sysLog($warning, 'cms', GeneralUtility::SYSLOG_SEVERITY_WARNING);
864 }
865 $this->cHash = $cHash;
866 $this->jumpurl = $jumpurl;
867 $this->MP = $this->TYPO3_CONF_VARS['FE']['enable_mount_pids'] ? (string)$MP : '';
868 $this->RDCT = $RDCT;
869 $this->clientInfo = GeneralUtility::clientInfo();
870 $this->uniqueString = md5(microtime());
871 $this->csConvObj = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Charset\\CharsetConverter');
872 // Call post processing function for constructor:
873 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['tslib_fe-PostProc'])) {
874 $_params = array('pObj' => &$this);
875 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['tslib_fe-PostProc'] as $_funcRef) {
876 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
877 }
878 }
879 $this->cacheHash = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\CacheHashCalculator');
880 $this->initCaches();
881 }
882
883 /**
884 * Connect to SQL database. May exit after outputting an error message
885 * or some JavaScript redirecting to the install tool.
886 *
887 * @throws \RuntimeException
888 * @throws \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException
889 * @return void
890 */
891 public function connectToDB() {
892 try {
893 $GLOBALS['TYPO3_DB']->connectDB();
894 } catch (\RuntimeException $exception) {
895 switch ($exception->getCode()) {
896 case 1270853883:
897 // Cannot connect to current database
898 $message = 'Cannot connect to the configured database "' . TYPO3_db . '"';
899 if ($this->checkPageUnavailableHandler()) {
900 $this->pageUnavailableAndExit($message);
901 } else {
902 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
903 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648782);
904 }
905 break;
906 case 1270853884:
907 // Username / password not accepted
908 $message = 'The current username, password or host was not accepted when' . ' the connection to the database was attempted to be established!';
909 if ($this->checkPageUnavailableHandler()) {
910 $this->pageUnavailableAndExit($message);
911 } else {
912 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
913 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException('Database Error: ' . $message, 1301648945);
914 }
915 break;
916 default:
917 throw $exception;
918 }
919 }
920 // Call post processing function for DB connection:
921 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['connectToDB'])) {
922 $_params = array('pObj' => &$this);
923 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['connectToDB'] as $_funcRef) {
924 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
925 }
926 }
927 }
928
929 /**
930 * Looks up the value of $this->RDCT in the database and if it is
931 * found to be associated with a redirect URL then the redirection
932 * is carried out with a 'Location:' header
933 * May exit after sending a location-header.
934 *
935 * @return void
936 */
937 public function sendRedirect() {
938 if ($this->RDCT) {
939 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('params', 'cache_md5params', 'md5hash=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->RDCT, 'cache_md5params'));
940 if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
941 $this->updateMD5paramsRecord($this->RDCT);
942 header('Location: ' . $row['params']);
943 die;
944 }
945 }
946 }
947
948 /**
949 * Gets instance of PageRenderer
950 *
951 * @return \TYPO3\CMS\Core\Page\PageRenderer
952 */
953 public function getPageRenderer() {
954 if (!isset($this->pageRenderer)) {
955 $this->pageRenderer = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Page\\PageRenderer');
956 $this->pageRenderer->setTemplateFile('EXT:frontend/Resources/Private/Templates/MainPage.html');
957 $this->pageRenderer->setBackPath(TYPO3_mainDir);
958 }
959 return $this->pageRenderer;
960 }
961
962 /**
963 * This is needed for USER_INT processing
964 *
965 * @param \TYPO3\CMS\Core\Page\PageRenderer $pageRenderer
966 */
967 protected function setPageRenderer(\TYPO3\CMS\Core\Page\PageRenderer $pageRenderer) {
968 $this->pageRenderer = $pageRenderer;
969 }
970
971 /********************************************
972 *
973 * Initializing, resolving page id
974 *
975 ********************************************/
976 /**
977 * Initializes the caching system.
978 *
979 * @return void
980 */
981 protected function initCaches() {
982 $this->pageCache = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Cache\\CacheManager')->getCache('cache_pages');
983 }
984
985 /**
986 * Initializes the front-end login user.
987 *
988 * @return void
989 */
990 public function initFEuser() {
991 $this->fe_user = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Authentication\\FrontendUserAuthentication');
992 $this->fe_user->lockIP = $this->TYPO3_CONF_VARS['FE']['lockIP'];
993 $this->fe_user->checkPid = $this->TYPO3_CONF_VARS['FE']['checkFeUserPid'];
994 $this->fe_user->lifetime = (int)$this->TYPO3_CONF_VARS['FE']['lifetime'];
995 // List of pid's acceptable
996 $pid = GeneralUtility::_GP('pid');
997 $this->fe_user->checkPid_value = $pid ? $GLOBALS['TYPO3_DB']->cleanIntList($pid) : 0;
998 // Check if a session is transferred:
999 if (GeneralUtility::_GP('FE_SESSION_KEY')) {
1000 $fe_sParts = explode('-', GeneralUtility::_GP('FE_SESSION_KEY'));
1001 // If the session key hash check is OK:
1002 if (md5(($fe_sParts[0] . '/' . $this->TYPO3_CONF_VARS['SYS']['encryptionKey'])) === (string)$fe_sParts[1]) {
1003 $cookieName = \TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication::getCookieName();
1004 $_COOKIE[$cookieName] = $fe_sParts[0];
1005 if (isset($_SERVER['HTTP_COOKIE'])) {
1006 // See http://forge.typo3.org/issues/27740
1007 $_SERVER['HTTP_COOKIE'] .= ';' . $cookieName . '=' . $fe_sParts[0];
1008 }
1009 $this->fe_user->forceSetCookie = 1;
1010 unset($cookieName);
1011 }
1012 }
1013 $this->fe_user->start();
1014 $this->fe_user->unpack_uc('');
1015 // Gets session data
1016 $this->fe_user->fetchSessionData();
1017 $recs = GeneralUtility::_GP('recs');
1018 // If any record registration is submitted, register the record.
1019 if (is_array($recs)) {
1020 $this->fe_user->record_registration($recs, $this->TYPO3_CONF_VARS['FE']['maxSessionDataSize']);
1021 }
1022 // Call hook for possible manipulation of frontend user object
1023 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['initFEuser'])) {
1024 $_params = array('pObj' => &$this);
1025 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['initFEuser'] as $_funcRef) {
1026 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1027 }
1028 }
1029 // For every 60 seconds the is_online timestamp is updated.
1030 if (is_array($this->fe_user->user) && $this->fe_user->user['uid'] && $this->fe_user->user['is_online'] < $GLOBALS['EXEC_TIME'] - 60) {
1031 $GLOBALS['TYPO3_DB']->exec_UPDATEquery('fe_users', 'uid=' . (int)$this->fe_user->user['uid'], array('is_online' => $GLOBALS['EXEC_TIME']));
1032 }
1033 }
1034
1035 /**
1036 * Initializes the front-end user groups.
1037 * Sets ->loginUser and ->gr_list based on front-end user status.
1038 *
1039 * @return void
1040 */
1041 public function initUserGroups() {
1042 // This affects the hidden-flag selecting the fe_groups for the user!
1043 $this->fe_user->showHiddenRecords = $this->showHiddenRecords;
1044 // no matter if we have an active user we try to fetch matching groups which can be set without an user (simulation for instance!)
1045 $this->fe_user->fetchGroupData();
1046 if (is_array($this->fe_user->user) && count($this->fe_user->groupData['uid'])) {
1047 // global flag!
1048 $this->loginUser = TRUE;
1049 // group -2 is not an existing group, but denotes a 'default' group when a user IS logged in. This is used to let elements be shown for all logged in users!
1050 $this->gr_list = '0,-2';
1051 $gr_array = $this->fe_user->groupData['uid'];
1052 } else {
1053 $this->loginUser = FALSE;
1054 // group -1 is not an existing group, but denotes a 'default' group when not logged in. This is used to let elements be hidden, when a user is logged in!
1055 $this->gr_list = '0,-1';
1056 if ($this->loginAllowedInBranch) {
1057 // For cases where logins are not banned from a branch usergroups can be set based on IP masks so we should add the usergroups uids.
1058 $gr_array = $this->fe_user->groupData['uid'];
1059 } else {
1060 // Set to blank since we will NOT risk any groups being set when no logins are allowed!
1061 $gr_array = array();
1062 }
1063 }
1064 // Clean up.
1065 // Make unique...
1066 $gr_array = array_unique($gr_array);
1067 // sort
1068 sort($gr_array);
1069 if (count($gr_array) && !$this->loginAllowedInBranch_mode) {
1070 $this->gr_list .= ',' . implode(',', $gr_array);
1071 }
1072 if ($this->fe_user->writeDevLog) {
1073 GeneralUtility::devLog('Valid usergroups for TSFE: ' . $this->gr_list, 'TYPO3\\CMS\\Frontend\\Controller\\TypoScriptFrontendController');
1074 }
1075 }
1076
1077 /**
1078 * Checking if a user is logged in or a group constellation different from "0,-1"
1079 *
1080 * @return bool TRUE if either a login user is found (array fe_user->user) OR if the gr_list is set to something else than '0,-1' (could be done even without a user being logged in!)
1081 */
1082 public function isUserOrGroupSet() {
1083 return is_array($this->fe_user->user) || $this->gr_list !== '0,-1';
1084 }
1085
1086 /**
1087 * Provides ways to bypass the '?id=[xxx]&type=[xx]' format, using either PATH_INFO or virtual HTML-documents (using Apache mod_rewrite)
1088 *
1089 * Two options:
1090 * 1) Use PATH_INFO (also Apache) to extract id and type from that var. Does not require any special modules compiled with apache. (less typical)
1091 * 2) Using hook which enables features like those provided from "realurl" extension (AKA "Speaking URLs")
1092 *
1093 * @return void
1094 */
1095 public function checkAlternativeIdMethods() {
1096 $this->siteScript = GeneralUtility::getIndpEnv('TYPO3_SITE_SCRIPT');
1097 // Call post processing function for custom URL methods.
1098 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkAlternativeIdMethods-PostProc'])) {
1099 $_params = array('pObj' => &$this);
1100 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkAlternativeIdMethods-PostProc'] as $_funcRef) {
1101 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1102 }
1103 }
1104 }
1105
1106 /**
1107 * Clears the preview-flags, sets sim_exec_time to current time.
1108 * Hidden pages must be hidden as default, $GLOBALS['SIM_EXEC_TIME'] is set to $GLOBALS['EXEC_TIME']
1109 * in bootstrap initializeGlobalTimeVariables(). Alter it by adding or subtracting seconds.
1110 *
1111 * @return void
1112 */
1113 public function clear_preview() {
1114 $this->showHiddenPage = FALSE;
1115 $this->showHiddenRecords = FALSE;
1116 $GLOBALS['SIM_EXEC_TIME'] = $GLOBALS['EXEC_TIME'];
1117 $GLOBALS['SIM_ACCESS_TIME'] = $GLOBALS['ACCESS_TIME'];
1118 $this->fePreview = 0;
1119 }
1120
1121 /**
1122 * Checks if a backend user is logged in
1123 *
1124 * @return bool whether a backend user is logged in
1125 */
1126 public function isBackendUserLoggedIn() {
1127 return (bool)$this->beUserLogin;
1128 }
1129
1130 /**
1131 * Creates the backend user object and returns it.
1132 *
1133 * @return \TYPO3\CMS\Backend\FrontendBackendUserAuthentication the backend user object
1134 */
1135 public function initializeBackendUser() {
1136 // PRE BE_USER HOOK
1137 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'])) {
1138 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] as $_funcRef) {
1139 $_params = array();
1140 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1141 }
1142 }
1143 /** @var $BE_USER \TYPO3\CMS\Backend\FrontendBackendUserAuthentication */
1144 $BE_USER = NULL;
1145 // If the backend cookie is set,
1146 // we proceed and check if a backend user is logged in.
1147 if ($_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
1148 $GLOBALS['TYPO3_MISC']['microtime_BE_USER_start'] = microtime(TRUE);
1149 $GLOBALS['TT']->push('Back End user initialized', '');
1150 // TODO: validate the comment below: is this necessary? if so,
1151 // formfield_status should be set to "" in \TYPO3\CMS\Backend\FrontendBackendUserAuthentication
1152 // which is a subclass of \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
1153 // ----
1154 // the value this->formfield_status is set to empty in order to
1155 // disable login-attempts to the backend account through this script
1156 // New backend user object
1157 $BE_USER = GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\FrontendBackendUserAuthentication');
1158 $BE_USER->OS = TYPO3_OS;
1159 $BE_USER->lockIP = $this->TYPO3_CONF_VARS['BE']['lockIP'];
1160 // Object is initialized
1161 $BE_USER->start();
1162 $BE_USER->unpack_uc('');
1163 if (!empty($BE_USER->user['uid'])) {
1164 $BE_USER->fetchGroupData();
1165 $this->beUserLogin = TRUE;
1166 }
1167 // Unset the user initialization.
1168 if (!$BE_USER->checkLockToIP() || !$BE_USER->checkBackendAccessSettingsFromInitPhp() || empty($BE_USER->user['uid'])) {
1169 $BE_USER = NULL;
1170 $this->beUserLogin = FALSE;
1171 $_SESSION['TYPO3-TT-start'] = FALSE;
1172 }
1173 $GLOBALS['TT']->pull();
1174 $GLOBALS['TYPO3_MISC']['microtime_BE_USER_end'] = microtime(TRUE);
1175 }
1176 // POST BE_USER HOOK
1177 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'])) {
1178 $_params = array(
1179 'BE_USER' => &$BE_USER
1180 );
1181 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] as $_funcRef) {
1182 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1183 }
1184 }
1185 return $BE_USER;
1186 }
1187
1188 /**
1189 * Determines the id and evaluates any preview settings
1190 * Basically this function is about determining whether a backend user is logged in, if he has read access to the page and if he's previewing the page. That all determines which id to show and how to initialize the id.
1191 *
1192 * @return void
1193 */
1194 public function determineId() {
1195 // Call pre processing function for id determination
1196 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PreProcessing'])) {
1197 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PreProcessing'] as $functionReference) {
1198 $parameters = array('parentObject' => $this);
1199 GeneralUtility::callUserFunction($functionReference, $parameters, $this);
1200 }
1201 }
1202 // Getting ARG-v values if some
1203 $this->setIDfromArgV();
1204 // If there is a Backend login we are going to check for any preview settings:
1205 $GLOBALS['TT']->push('beUserLogin', '');
1206 $originalFrontendUser = NULL;
1207 if ($this->beUserLogin || $this->doWorkspacePreview()) {
1208 // Backend user preview features:
1209 if ($this->beUserLogin && $GLOBALS['BE_USER']->adminPanel instanceof \TYPO3\CMS\Frontend\View\AdminPanelView) {
1210 $this->fePreview = (bool)$GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview');
1211 // If admin panel preview is enabled...
1212 if ($this->fePreview) {
1213 if ($this->fe_user->user) {
1214 $originalFrontendUser = $this->fe_user->user;
1215 }
1216 $this->showHiddenPage = (bool)$GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'showHiddenPages');
1217 $this->showHiddenRecords = (bool)$GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'showHiddenRecords');
1218 // Simulate date
1219 $simTime = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'simulateDate');
1220 if ($simTime) {
1221 $GLOBALS['SIM_EXEC_TIME'] = $simTime;
1222 $GLOBALS['SIM_ACCESS_TIME'] = $simTime - $simTime % 60;
1223 }
1224 // simulate user
1225 $simUserGroup = $GLOBALS['BE_USER']->adminPanel->extGetFeAdminValue('preview', 'simulateUserGroup');
1226 $this->simUserGroup = $simUserGroup;
1227 if ($simUserGroup) {
1228 if ($this->fe_user->user) {
1229 $this->fe_user->user[$this->fe_user->usergroup_column] = $simUserGroup;
1230 } else {
1231 $this->fe_user->user = array(
1232 $this->fe_user->usergroup_column => $simUserGroup
1233 );
1234 }
1235 }
1236 if (!$simUserGroup && !$simTime && !$this->showHiddenPage && !$this->showHiddenRecords) {
1237 $this->fePreview = 0;
1238 }
1239 }
1240 }
1241 if ($this->id) {
1242 if ($this->determineIdIsHiddenPage()) {
1243 // The preview flag is set only if the current page turns out to actually be hidden!
1244 $this->fePreview = 1;
1245 $this->showHiddenPage = TRUE;
1246 }
1247 // For Live workspace: Check root line for proper connection to tree root (done because of possible preview of page / branch versions)
1248 if (!$this->fePreview && $this->whichWorkspace() === 0) {
1249 // Initialize the page-select functions to check rootline:
1250 $temp_sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1251 $temp_sys_page->init($this->showHiddenPage);
1252 // If root line contained NO records and ->error_getRootLine_failPid tells us that it was because of a pid=-1 (indicating a "version" record)...:
1253 if (!count($temp_sys_page->getRootLine($this->id, $this->MP)) && $temp_sys_page->error_getRootLine_failPid == -1) {
1254 // Setting versioningPreview flag and try again:
1255 $temp_sys_page->versioningPreview = TRUE;
1256 if (count($temp_sys_page->getRootLine($this->id, $this->MP))) {
1257 // Finally, we got a root line (meaning that it WAS due to versioning preview of a page somewhere) and we set the fePreview flag which in itself will allow sys_page class to display previews of versionized records.
1258 $this->fePreview = 1;
1259 }
1260 }
1261 }
1262 }
1263 // The preview flag will be set if a backend user is in an offline workspace
1264 if (($GLOBALS['BE_USER']->user['workspace_preview'] || GeneralUtility::_GP('ADMCMD_view') || $this->doWorkspacePreview()) && ($this->whichWorkspace() === -1 || $this->whichWorkspace() > 0)) {
1265 // Will show special preview message.
1266 $this->fePreview = 2;
1267 }
1268 // If the front-end is showing a preview, caching MUST be disabled.
1269 if ($this->fePreview) {
1270 $this->disableCache();
1271 }
1272 }
1273 $GLOBALS['TT']->pull();
1274 // Now, get the id, validate access etc:
1275 $this->fetch_the_id();
1276 // Check if backend user has read access to this page. If not, recalculate the id.
1277 if ($this->beUserLogin && $this->fePreview) {
1278 if (!$GLOBALS['BE_USER']->doesUserHaveAccess($this->page, 1)) {
1279 // Resetting
1280 $this->clear_preview();
1281 $this->fe_user->user = $originalFrontendUser;
1282 // Fetching the id again, now with the preview settings reset.
1283 $this->fetch_the_id();
1284 }
1285 }
1286 // Checks if user logins are blocked for a certain branch and if so, will unset user login and re-fetch ID.
1287 $this->loginAllowedInBranch = $this->checkIfLoginAllowedInBranch();
1288 // Logins are not allowed:
1289 if (!$this->loginAllowedInBranch) {
1290 // Only if there is a login will we run this...
1291 if ($this->isUserOrGroupSet()) {
1292 if ($this->loginAllowedInBranch_mode == 'all') {
1293 // Clear out user and group:
1294 unset($this->fe_user->user);
1295 $this->gr_list = '0,-1';
1296 } else {
1297 $this->gr_list = '0,-2';
1298 }
1299 // Fetching the id again, now with the preview settings reset.
1300 $this->fetch_the_id();
1301 }
1302 }
1303 // Final cleaning.
1304 // Make sure it's an integer
1305 $this->id = ($this->contentPid = (int)$this->id);
1306 // Make sure it's an integer
1307 $this->type = (int)$this->type;
1308 // Call post processing function for id determination:
1309 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PostProc'])) {
1310 $_params = array('pObj' => &$this);
1311 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['determineId-PostProc'] as $_funcRef) {
1312 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1313 }
1314 }
1315 }
1316
1317 /**
1318 * Checks if the page is hidden in the active workspace.
1319 * If it is hidden, preview flags will be set.
1320 *
1321 * @return bool
1322 */
1323 protected function determineIdIsHiddenPage() {
1324 $field = \TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->id) ? 'uid' : 'alias';
1325 $pageSelectCondition = $field . '=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'pages');
1326 $page = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('uid,hidden,starttime,endtime', 'pages', $pageSelectCondition . ' AND pid>=0 AND deleted=0');
1327 $workspace = $this->whichWorkspace();
1328 if ($workspace !== 0 && $workspace !== FALSE) {
1329 // Fetch overlay of page if in workspace and check if it is hidden
1330 $pageSelectObject = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1331 $pageSelectObject->versioningPreview = TRUE;
1332 $pageSelectObject->init(FALSE);
1333 $targetPage = $pageSelectObject->getWorkspaceVersionOfRecord($this->whichWorkspace(), 'pages', $page['uid']);
1334 $result = $targetPage === -1 || $targetPage === -2;
1335 } else {
1336 $result = is_array($page) && ($page['hidden'] || $page['starttime'] > $GLOBALS['SIM_EXEC_TIME'] || $page['endtime'] != 0 && $page['endtime'] <= $GLOBALS['SIM_EXEC_TIME']);
1337 }
1338 return $result;
1339 }
1340
1341 /**
1342 * Get The Page ID
1343 * This gets the id of the page, checks if the page is in the domain and if the page is accessible
1344 * Sets variables such as $this->sys_page, $this->loginUser, $this->gr_list, $this->id, $this->type, $this->domainStartPage
1345 *
1346 * @throws \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException
1347 * @return void
1348 * @access private
1349 */
1350 public function fetch_the_id() {
1351 $GLOBALS['TT']->push('fetch_the_id initialize/', '');
1352 // Initialize the page-select functions.
1353 $this->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
1354 $this->sys_page->versioningPreview = $this->fePreview === 2 || (int)$this->workspacePreview || (bool)GeneralUtility::_GP('ADMCMD_view');
1355 $this->sys_page->versioningWorkspaceId = $this->whichWorkspace();
1356 $this->sys_page->init($this->showHiddenPage);
1357 // Set the valid usergroups for FE
1358 $this->initUserGroups();
1359 // Sets sys_page where-clause
1360 $this->setSysPageWhereClause();
1361 // Splitting $this->id by a period (.).
1362 // First part is 'id' and second part (if exists) will overrule the &type param
1363 $idParts = explode('.', $this->id, 2);
1364 $this->id = $idParts[0];
1365 if (isset($idParts[1])) {
1366 $this->type = $idParts[1];
1367 }
1368
1369 // If $this->id is a string, it's an alias
1370 $this->checkAndSetAlias();
1371 // The id and type is set to the integer-value - just to be sure...
1372 $this->id = (int)$this->id;
1373 $this->type = (int)$this->type;
1374 $GLOBALS['TT']->pull();
1375 // We find the first page belonging to the current domain
1376 $GLOBALS['TT']->push('fetch_the_id domain/', '');
1377 // The page_id of the current domain
1378 $this->domainStartPage = $this->findDomainRecord($this->TYPO3_CONF_VARS['SYS']['recursiveDomainSearch']);
1379 if (!$this->id) {
1380 if ($this->domainStartPage) {
1381 // If the id was not previously set, set it to the id of the domain.
1382 $this->id = $this->domainStartPage;
1383 } else {
1384 // Find the first 'visible' page in that domain
1385 $theFirstPage = $this->sys_page->getFirstWebPage($this->id);
1386 if ($theFirstPage) {
1387 $this->id = $theFirstPage['uid'];
1388 } else {
1389 $message = 'No pages are found on the rootlevel!';
1390 if ($this->checkPageUnavailableHandler()) {
1391 $this->pageUnavailableAndExit($message);
1392 } else {
1393 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1394 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648975);
1395 }
1396 }
1397 }
1398 }
1399 $GLOBALS['TT']->pull();
1400 $GLOBALS['TT']->push('fetch_the_id rootLine/', '');
1401 // We store the originally requested id
1402 $requestedId = $this->id;
1403 $this->getPageAndRootlineWithDomain($this->domainStartPage);
1404 $GLOBALS['TT']->pull();
1405 if ($this->pageNotFound && $this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1406 $pNotFoundMsg = array(
1407 1 => 'ID was not an accessible page',
1408 2 => 'Subsection was found and not accessible',
1409 3 => 'ID was outside the domain',
1410 4 => 'The requested page alias does not exist'
1411 );
1412 $this->pageNotFoundAndExit($pNotFoundMsg[$this->pageNotFound]);
1413 }
1414 if ($this->page['url_scheme'] > 0) {
1415 $newUrl = '';
1416 $requestUrlScheme = parse_url(GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), PHP_URL_SCHEME);
1417 if ((int)$this->page['url_scheme'] === HttpUtility::SCHEME_HTTP && $requestUrlScheme == 'https') {
1418 $newUrl = 'http://' . substr(GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), 8);
1419 } elseif ((int)$this->page['url_scheme'] === HttpUtility::SCHEME_HTTPS && $requestUrlScheme == 'http') {
1420 $newUrl = 'https://' . substr(GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'), 7);
1421 }
1422 if ($newUrl !== '') {
1423 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
1424 $headerCode = HttpUtility::HTTP_STATUS_303;
1425 } else {
1426 $headerCode = HttpUtility::HTTP_STATUS_301;
1427 }
1428 HttpUtility::redirect($newUrl, $headerCode);
1429 }
1430 }
1431 // Set no_cache if set
1432 if ($this->page['no_cache']) {
1433 $this->set_no_cache('no_cache is set in page properties');
1434 }
1435 // Init SYS_LASTCHANGED
1436 $this->register['SYS_LASTCHANGED'] = (int)$this->page['tstamp'];
1437 if ($this->register['SYS_LASTCHANGED'] < (int)$this->page['SYS_LASTCHANGED']) {
1438 $this->register['SYS_LASTCHANGED'] = (int)$this->page['SYS_LASTCHANGED'];
1439 }
1440 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['fetchPageId-PostProcessing'])) {
1441 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['fetchPageId-PostProcessing'] as $functionReference) {
1442 $parameters = array('parentObject' => $this);
1443 GeneralUtility::callUserFunction($functionReference, $parameters, $this);
1444 }
1445 }
1446 }
1447
1448 /**
1449 * Gets the page and rootline arrays based on the id, $this->id
1450 *
1451 * If the id does not correspond to a proper page, the 'previous' valid page in the rootline is found
1452 * If the page is a shortcut (doktype=4), the ->id is loaded with that id
1453 *
1454 * Whether or not the ->id is changed to the shortcut id or the previous id in rootline (eg if a page is hidden), the ->page-array and ->rootline is found and must also be valid.
1455 *
1456 * Sets or manipulates internal variables such as: $this->id, $this->page, $this->rootLine, $this->MP, $this->pageNotFound
1457 *
1458 * @throws \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException
1459 * @throws PageNotFoundException
1460 * @return void
1461 * @access private
1462 */
1463 public function getPageAndRootline() {
1464 $this->page = $this->sys_page->getPage($this->id);
1465 if (!count($this->page)) {
1466 // If no page, we try to find the page before in the rootLine.
1467 // Page is 'not found' in case the id itself was not an accessible page. code 1
1468 $this->pageNotFound = 1;
1469 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1470 if (count($this->rootLine)) {
1471 $c = count($this->rootLine) - 1;
1472 while ($c > 0) {
1473 // Add to page access failure history:
1474 $this->pageAccessFailureHistory['direct_access'][] = $this->rootLine[$c];
1475 // Decrease to next page in rootline and check the access to that, if OK, set as page record and ID value.
1476 $c--;
1477 $this->id = $this->rootLine[$c]['uid'];
1478 $this->page = $this->sys_page->getPage($this->id);
1479 if (count($this->page)) {
1480 break;
1481 }
1482 }
1483 }
1484 // If still no page...
1485 if (!count($this->page)) {
1486 $message = 'The requested page does not exist!';
1487 if ($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1488 $this->pageNotFoundAndExit($message);
1489 } else {
1490 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1491 throw new PageNotFoundException($message, 1301648780);
1492 }
1493 }
1494 }
1495 // Spacer is not accessible in frontend
1496 if ($this->page['doktype'] == PageRepository::DOKTYPE_SPACER) {
1497 $message = 'The requested page does not exist!';
1498 if ($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling']) {
1499 $this->pageNotFoundAndExit($message);
1500 } else {
1501 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1502 throw new PageNotFoundException($message, 1301648781);
1503 }
1504 }
1505 // Is the ID a link to another page??
1506 if ($this->page['doktype'] == PageRepository::DOKTYPE_SHORTCUT) {
1507 // We need to clear MP if the page is a shortcut. Reason is if the short cut goes to another page, then we LEAVE the rootline which the MP expects.
1508 $this->MP = '';
1509 // saving the page so that we can check later - when we know
1510 // about languages - whether we took the correct shortcut or
1511 // whether a translation of the page overwrites the shortcut
1512 // target and we need to follow the new target
1513 $this->originalShortcutPage = $this->page;
1514 $this->page = $this->getPageShortcut($this->page['shortcut'], $this->page['shortcut_mode'], $this->page['uid']);
1515 $this->id = $this->page['uid'];
1516 }
1517 // If the page is a mountpoint which should be overlaid with the contents of the mounted page,
1518 // it must never be accessible directly, but only in the mountpoint context. Therefore we change
1519 // the current ID and the user is redirected by checkPageForMountpointRedirect().
1520 if ($this->page['doktype'] === PageRepository::DOKTYPE_MOUNTPOINT && $this->page['mount_pid_ol']) {
1521 $this->originalMountPointPage = $this->page;
1522 $this->page = $this->sys_page->getPage($this->page['mount_pid']);
1523 if (empty($this->page)) {
1524 $message = 'This page (ID ' . $this->originalMountPointPage['uid'] . ') is of type "Mount point" and '
1525 . 'mounts a page which is not accessible (ID ' . $this->originalMountPointPage['mount_pid'] . ').';
1526 throw new PageNotFoundException($message, 1402043263);
1527 }
1528 $this->MP = $this->page['uid'] . '-' . $this->originalMountPointPage['uid'];
1529 $this->id = $this->page['uid'];
1530 }
1531 // Gets the rootLine
1532 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1533 // If not rootline we're off...
1534 if (!count($this->rootLine)) {
1535 $ws = $this->whichWorkspace();
1536 if ($this->sys_page->error_getRootLine_failPid == -1 && $ws) {
1537 $this->sys_page->versioningPreview = TRUE;
1538 $this->versioningWorkspaceId = $ws;
1539 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1540 }
1541 if (!count($this->rootLine)) {
1542 $message = 'The requested page didn\'t have a proper connection to the tree-root!';
1543 if ($this->checkPageUnavailableHandler()) {
1544 $this->pageUnavailableAndExit($message);
1545 } else {
1546 $rootline = '(' . $this->sys_page->error_getRootLine . ')';
1547 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1548 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message . '<br /><br />' . $rootline, 1301648167);
1549 }
1550 }
1551 $this->fePreview = 1;
1552 }
1553 // Checking for include section regarding the hidden/starttime/endtime/fe_user (that is access control of a whole subbranch!)
1554 if ($this->checkRootlineForIncludeSection()) {
1555 if (!count($this->rootLine)) {
1556 $message = 'The requested page was not accessible!';
1557 if ($this->checkPageUnavailableHandler()) {
1558 $this->pageUnavailableAndExit($message);
1559 } else {
1560 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1561 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1301648234);
1562 }
1563 } else {
1564 $el = reset($this->rootLine);
1565 $this->id = $el['uid'];
1566 $this->page = $this->sys_page->getPage($this->id);
1567 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
1568 }
1569 }
1570 }
1571
1572 /**
1573 * Get page shortcut; Finds the records pointed to by input value $SC (the shortcut value)
1574 *
1575 * @param int $SC The value of the "shortcut" field from the pages record
1576 * @param int $mode The shortcut mode: 1 will select first subpage, 2 a random subpage, 3 the parent page; default is the page pointed to by $SC
1577 * @param int $thisUid The current page UID of the page which is a shortcut
1578 * @param int $itera Safety feature which makes sure that the function is calling itself recursively max 20 times (since this function can find shortcuts to other shortcuts to other shortcuts...)
1579 * @param array $pageLog An array filled with previous page uids tested by the function - new page uids are evaluated against this to avoid going in circles.
1580 * @param bool $disableGroupCheck If true, the group check is disabled when fetching the target page (needed e.g. for menu generation)
1581 * @throws \RuntimeException
1582 * @throws PageNotFoundException
1583 * @return mixed Returns the page record of the page that the shortcut pointed to.
1584 * @access private
1585 * @see getPageAndRootline()
1586 */
1587 public function getPageShortcut($SC, $mode, $thisUid, $itera = 20, $pageLog = array(), $disableGroupCheck = FALSE) {
1588 $idArray = GeneralUtility::intExplode(',', $SC);
1589 // Find $page record depending on shortcut mode:
1590 switch ($mode) {
1591 case PageRepository::SHORTCUT_MODE_FIRST_SUBPAGE:
1592
1593 case PageRepository::SHORTCUT_MODE_RANDOM_SUBPAGE:
1594 $pageArray = $this->sys_page->getMenu($idArray[0] ? $idArray[0] : $thisUid, '*', 'sorting', 'AND pages.doktype<199 AND pages.doktype!=' . PageRepository::DOKTYPE_BE_USER_SECTION);
1595 $pO = 0;
1596 if ($mode == PageRepository::SHORTCUT_MODE_RANDOM_SUBPAGE && count($pageArray)) {
1597 $randval = (int)rand(0, count($pageArray) - 1);
1598 $pO = $randval;
1599 }
1600 $c = 0;
1601 foreach ($pageArray as $pV) {
1602 if ($c == $pO) {
1603 $page = $pV;
1604 break;
1605 }
1606 $c++;
1607 }
1608 if (count($page) == 0) {
1609 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to a subpage. ' . 'However, this page has no accessible subpages.';
1610 throw new PageNotFoundException($message, 1301648328);
1611 }
1612 break;
1613 case PageRepository::SHORTCUT_MODE_PARENT_PAGE:
1614 $parent = $this->sys_page->getPage($thisUid, $disableGroupCheck);
1615 $page = $this->sys_page->getPage($parent['pid'], $disableGroupCheck);
1616 if (count($page) == 0) {
1617 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to its parent page. ' . 'However, the parent page is not accessible.';
1618 throw new PageNotFoundException($message, 1301648358);
1619 }
1620 break;
1621 default:
1622 $page = $this->sys_page->getPage($idArray[0], $disableGroupCheck);
1623 if (count($page) == 0) {
1624 $message = 'This page (ID ' . $thisUid . ') is of type "Shortcut" and configured to redirect to a page, which is not accessible (ID ' . $idArray[0] . ').';
1625 throw new PageNotFoundException($message, 1301648404);
1626 }
1627 }
1628 // Check if short cut page was a shortcut itself, if so look up recursively:
1629 if ($page['doktype'] == PageRepository::DOKTYPE_SHORTCUT) {
1630 if (!in_array($page['uid'], $pageLog) && $itera > 0) {
1631 $pageLog[] = $page['uid'];
1632 $page = $this->getPageShortcut($page['shortcut'], $page['shortcut_mode'], $page['uid'], $itera - 1, $pageLog, $disableGroupCheck);
1633 } else {
1634 $pageLog[] = $page['uid'];
1635 $message = 'Page shortcuts were looping in uids ' . implode(',', $pageLog) . '...!';
1636 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
1637 throw new \RuntimeException($message, 1294587212);
1638 }
1639 }
1640 // Return resulting page:
1641 return $page;
1642 }
1643
1644 /**
1645 * Checks the current rootline for defined sections.
1646 *
1647 * @return bool
1648 * @access private
1649 */
1650 public function checkRootlineForIncludeSection() {
1651 $c = count($this->rootLine);
1652 $removeTheRestFlag = 0;
1653 for ($a = 0; $a < $c; $a++) {
1654 if (!$this->checkPagerecordForIncludeSection($this->rootLine[$a])) {
1655 // Add to page access failure history:
1656 $this->pageAccessFailureHistory['sub_section'][] = $this->rootLine[$a];
1657 $removeTheRestFlag = 1;
1658 }
1659 if ($this->rootLine[$a]['doktype'] == PageRepository::DOKTYPE_BE_USER_SECTION) {
1660 // If there is a backend user logged in, check if he has read access to the page:
1661 if ($this->beUserLogin) {
1662 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid', 'pages', 'uid=' . (int)$this->id . ' AND ' . $GLOBALS['BE_USER']->getPagePermsClause(1));
1663 // versionOL()?
1664 list($isPage) = $GLOBALS['TYPO3_DB']->sql_fetch_row($res);
1665 if (!$isPage) {
1666 // If there was no page selected, the user apparently did not have read access to the current PAGE (not position in rootline) and we set the remove-flag...
1667 $removeTheRestFlag = 1;
1668 }
1669 } else {
1670 // Dont go here, if there is no backend user logged in.
1671 $removeTheRestFlag = 1;
1672 }
1673 }
1674 if ($removeTheRestFlag) {
1675 // Page is 'not found' in case a subsection was found and not accessible, code 2
1676 $this->pageNotFound = 2;
1677 unset($this->rootLine[$a]);
1678 }
1679 }
1680 return $removeTheRestFlag;
1681 }
1682
1683 /**
1684 * Checks page record for enableFields
1685 * Returns TRUE if enableFields does not disable the page record.
1686 * Takes notice of the ->showHiddenPage flag and uses SIM_ACCESS_TIME for start/endtime evaluation
1687 *
1688 * @param array $row The page record to evaluate (needs fields: hidden, starttime, endtime, fe_group)
1689 * @param bool $bypassGroupCheck Bypass group-check
1690 * @return bool TRUE, if record is viewable.
1691 * @see TYPO3\\CMS\\Frontend\\ContentObject\\ContentObjectRenderer::getTreeList(), checkPagerecordForIncludeSection()
1692 */
1693 public function checkEnableFields($row, $bypassGroupCheck = FALSE) {
1694 if (isset($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields']) && is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields'])) {
1695 $_params = array('pObj' => $this, 'row' => &$row, 'bypassGroupCheck' => &$bypassGroupCheck);
1696 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['hook_checkEnableFields'] as $_funcRef) {
1697 // Call hooks: If one returns FALSE, method execution is aborted with result "This record is not available"
1698 $return = GeneralUtility::callUserFunction($_funcRef, $_params, $this);
1699 if ($return === FALSE) {
1700 return FALSE;
1701 }
1702 }
1703 }
1704 if ((!$row['hidden'] || $this->showHiddenPage) && $row['starttime'] <= $GLOBALS['SIM_ACCESS_TIME'] && ($row['endtime'] == 0 || $row['endtime'] > $GLOBALS['SIM_ACCESS_TIME']) && ($bypassGroupCheck || $this->checkPageGroupAccess($row))) {
1705 return TRUE;
1706 }
1707 }
1708
1709 /**
1710 * Check group access against a page record
1711 *
1712 * @param array $row The page record to evaluate (needs field: fe_group)
1713 * @param mixed $groupList List of group id's (comma list or array). Default is $this->gr_list
1714 * @return bool TRUE, if group access is granted.
1715 * @access private
1716 */
1717 public function checkPageGroupAccess($row, $groupList = NULL) {
1718 if (is_null($groupList)) {
1719 $groupList = $this->gr_list;
1720 }
1721 if (!is_array($groupList)) {
1722 $groupList = explode(',', $groupList);
1723 }
1724 $pageGroupList = explode(',', $row['fe_group'] ?: 0);
1725 return count(array_intersect($groupList, $pageGroupList)) > 0;
1726 }
1727
1728 /**
1729 * Checks page record for include section
1730 *
1731 * @param array $row The page record to evaluate (needs fields: extendToSubpages + hidden, starttime, endtime, fe_group)
1732 * @return bool Returns TRUE if either extendToSubpages is not checked or if the enableFields does not disable the page record.
1733 * @access private
1734 * @see checkEnableFields(), TYPO3\\CMS\\Frontend\\ContentObject\\ContentObjectRenderer::getTreeList(), checkRootlineForIncludeSection()
1735 */
1736 public function checkPagerecordForIncludeSection($row) {
1737 return !$row['extendToSubpages'] || $this->checkEnableFields($row) ? 1 : 0;
1738 }
1739
1740 /**
1741 * Checks if logins are allowed in the current branch of the page tree. Traverses the full root line and returns TRUE if logins are OK, otherwise FALSE (and then the login user must be unset!)
1742 *
1743 * @return bool returns TRUE if logins are OK, otherwise FALSE (and then the login user must be unset!)
1744 */
1745 public function checkIfLoginAllowedInBranch() {
1746 // Initialize:
1747 $c = count($this->rootLine);
1748 $disable = FALSE;
1749 // Traverse root line from root and outwards:
1750 for ($a = 0; $a < $c; $a++) {
1751 // If a value is set for login state:
1752 if ($this->rootLine[$a]['fe_login_mode'] > 0) {
1753 // Determine state from value:
1754 if ((int)$this->rootLine[$a]['fe_login_mode'] === 1) {
1755 $disable = TRUE;
1756 $this->loginAllowedInBranch_mode = 'all';
1757 } elseif ((int)$this->rootLine[$a]['fe_login_mode'] === 3) {
1758 $disable = TRUE;
1759 $this->loginAllowedInBranch_mode = 'groups';
1760 } else {
1761 $disable = FALSE;
1762 }
1763 }
1764 }
1765 return !$disable;
1766 }
1767
1768 /**
1769 * Analysing $this->pageAccessFailureHistory into a summary array telling which features disabled display and on which pages and conditions. That data can be used inside a page-not-found handler
1770 *
1771 * @return array Summary of why page access was not allowed.
1772 */
1773 public function getPageAccessFailureReasons() {
1774 $output = array();
1775 $combinedRecords = array_merge(is_array($this->pageAccessFailureHistory['direct_access']) ? $this->pageAccessFailureHistory['direct_access'] : array(array('fe_group' => 0)), is_array($this->pageAccessFailureHistory['sub_section']) ? $this->pageAccessFailureHistory['sub_section'] : array());
1776 if (count($combinedRecords)) {
1777 foreach ($combinedRecords as $k => $pagerec) {
1778 // If $k=0 then it is the very first page the original ID was pointing at and that will get a full check of course
1779 // If $k>0 it is parent pages being tested. They are only significant for the access to the first page IF they had the extendToSubpages flag set, hence checked only then!
1780 if (!$k || $pagerec['extendToSubpages']) {
1781 if ($pagerec['hidden']) {
1782 $output['hidden'][$pagerec['uid']] = TRUE;
1783 }
1784 if ($pagerec['starttime'] > $GLOBALS['SIM_ACCESS_TIME']) {
1785 $output['starttime'][$pagerec['uid']] = $pagerec['starttime'];
1786 }
1787 if ($pagerec['endtime'] != 0 && $pagerec['endtime'] <= $GLOBALS['SIM_ACCESS_TIME']) {
1788 $output['endtime'][$pagerec['uid']] = $pagerec['endtime'];
1789 }
1790 if (!$this->checkPageGroupAccess($pagerec)) {
1791 $output['fe_group'][$pagerec['uid']] = $pagerec['fe_group'];
1792 }
1793 }
1794 }
1795 }
1796 return $output;
1797 }
1798
1799 /**
1800 * This checks if there are ARGV-parameters in the QUERY_STRING and if so, those are used for the id
1801 * $this->id must be 'FALSE' in order for any processing to happen in here
1802 * If an id/alias value is extracted from the QUERY_STRING it is set in $this->id
1803 *
1804 * @return void
1805 * @access private
1806 */
1807 public function setIDfromArgV() {
1808 if (!$this->id) {
1809 list($theAlias) = explode('&', GeneralUtility::getIndpEnv('QUERY_STRING'));
1810 $theAlias = trim($theAlias);
1811 $this->id = $theAlias != '' && strpos($theAlias, '=') === FALSE ? $theAlias : 0;
1812 }
1813 }
1814
1815 /**
1816 * Gets ->page and ->rootline information based on ->id. ->id may change during this operation.
1817 * If not inside domain, then default to first page in domain.
1818 *
1819 * @param int $domainStartPage Page uid of the page where the found domain record is (pid of the domain record)
1820 * @return void
1821 * @access private
1822 */
1823 public function getPageAndRootlineWithDomain($domainStartPage) {
1824 $this->getPageAndRootline();
1825 // Checks if the $domain-startpage is in the rootLine. This is necessary so that references to page-id's from other domains are not possible.
1826 if ($domainStartPage && is_array($this->rootLine)) {
1827 $idFound = 0;
1828 foreach ($this->rootLine as $key => $val) {
1829 if ($val['uid'] == $domainStartPage) {
1830 $idFound = 1;
1831 break;
1832 }
1833 }
1834 if (!$idFound) {
1835 // Page is 'not found' in case the id was outside the domain, code 3
1836 $this->pageNotFound = 3;
1837 $this->id = $domainStartPage;
1838 // re-get the page and rootline if the id was not found.
1839 $this->getPageAndRootline();
1840 }
1841 }
1842 }
1843
1844 /**
1845 * Sets sys_page where-clause
1846 *
1847 * @return void
1848 * @access private
1849 */
1850 public function setSysPageWhereClause() {
1851 $this->sys_page->where_hid_del .= ' AND pages.doktype<200';
1852 $this->sys_page->where_groupAccess = $this->sys_page->getMultipleGroupsWhereClause('pages.fe_group', 'pages');
1853 }
1854
1855 /**
1856 * Looking up a domain record based on HTTP_HOST
1857 *
1858 * @param bool $recursive If set, it looks "recursively" meaning that a domain like "123.456.typo3.com" would find a domain record like "typo3.com" if "123.456.typo3.com" or "456.typo3.com" did not exist.
1859 * @return int Returns the page id of the page where the domain record was found.
1860 * @access private
1861 */
1862 public function findDomainRecord($recursive = FALSE) {
1863 if ($recursive) {
1864 $host = explode('.', GeneralUtility::getIndpEnv('HTTP_HOST'));
1865 while (count($host)) {
1866 $pageUid = $this->sys_page->getDomainStartPage(implode('.', $host), GeneralUtility::getIndpEnv('SCRIPT_NAME'), GeneralUtility::getIndpEnv('REQUEST_URI'));
1867 if ($pageUid) {
1868 return $pageUid;
1869 } else {
1870 array_shift($host);
1871 }
1872 }
1873 return $pageUid;
1874 } else {
1875 return $this->sys_page->getDomainStartPage(GeneralUtility::getIndpEnv('HTTP_HOST'), GeneralUtility::getIndpEnv('SCRIPT_NAME'), GeneralUtility::getIndpEnv('REQUEST_URI'));
1876 }
1877 }
1878
1879 /**
1880 * Page unavailable handler for use in frontend plugins from extensions.
1881 *
1882 * @param string $reason Reason text
1883 * @param string $header HTTP header to send
1884 * @return void Function exits.
1885 */
1886 public function pageUnavailableAndExit($reason = '', $header = '') {
1887 $header = $header ?: $this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling_statheader'];
1888 $this->pageUnavailableHandler($this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling'], $header, $reason);
1889 die;
1890 }
1891
1892 /**
1893 * Page-not-found handler for use in frontend plugins from extensions.
1894 *
1895 * @param string $reason Reason text
1896 * @param string $header HTTP header to send
1897 * @return void Function exits.
1898 */
1899 public function pageNotFoundAndExit($reason = '', $header = '') {
1900 $header = $header ?: $this->TYPO3_CONF_VARS['FE']['pageNotFound_handling_statheader'];
1901 $this->pageNotFoundHandler($this->TYPO3_CONF_VARS['FE']['pageNotFound_handling'], $header, $reason);
1902 die;
1903 }
1904
1905 /**
1906 * Checks whether the pageUnavailableHandler should be used. To be used, pageUnavailable_handling must be set
1907 * and devIPMask must not match the current visitor's IP address.
1908 *
1909 * @return bool TRUE/FALSE whether the pageUnavailable_handler should be used.
1910 */
1911 public function checkPageUnavailableHandler() {
1912 if (
1913 $this->TYPO3_CONF_VARS['FE']['pageUnavailable_handling']
1914 && !GeneralUtility::cmpIP(
1915 GeneralUtility::getIndpEnv('REMOTE_ADDR'),
1916 $this->TYPO3_CONF_VARS['SYS']['devIPmask']
1917 )
1918 ) {
1919 $checkPageUnavailableHandler = TRUE;
1920 } else {
1921 $checkPageUnavailableHandler = FALSE;
1922 }
1923 return $checkPageUnavailableHandler;
1924 }
1925
1926 /**
1927 * Page unavailable handler. Acts a wrapper for the pageErrorHandler method.
1928 *
1929 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1930 * @param string $header If set, this is passed directly to the PHP function, header()
1931 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1932 * @return void (The function exits!)
1933 */
1934 public function pageUnavailableHandler($code, $header, $reason) {
1935 $this->pageErrorHandler($code, $header, $reason);
1936 }
1937
1938 /**
1939 * Page not found handler. Acts a wrapper for the pageErrorHandler method.
1940 *
1941 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1942 * @param string $header If set, this is passed directly to the PHP function, header()
1943 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1944 * @return void (The function exits!)
1945 */
1946 public function pageNotFoundHandler($code, $header = '', $reason = '') {
1947 $this->pageErrorHandler($code, $header, $reason);
1948 }
1949
1950 /**
1951 * Generic error page handler.
1952 * Exits.
1953 *
1954 * @param mixed $code Which type of handling; If a true PHP-boolean or TRUE then a \TYPO3\CMS\Core\Messaging\ErrorpageMessage is outputted. If integer an error message with that number is shown. Otherwise the $code value is expected to be a "Location:" header value.
1955 * @param string $header If set, this is passed directly to the PHP function, header()
1956 * @param string $reason If set, error messages will also mention this as the reason for the page-not-found.
1957 * @throws \RuntimeException
1958 * @return void (The function exits!)
1959 */
1960 public function pageErrorHandler($code, $header = '', $reason = '') {
1961 // Issue header in any case:
1962 if ($header) {
1963 $headerArr = preg_split('/\\r|\\n/', $header, -1, PREG_SPLIT_NO_EMPTY);
1964 foreach ($headerArr as $header) {
1965 header($header);
1966 }
1967 }
1968 // Create response:
1969 // Simply boolean; Just shows TYPO3 error page with reason:
1970 if (gettype($code) == 'boolean' || (string)$code === '1') {
1971 $title = 'Page Not Found';
1972 $message = 'The page did not exist or was inaccessible.' . ($reason ? ' Reason: ' . htmlspecialchars($reason) : '');
1973 $messagePage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\ErrorpageMessage', $message, $title);
1974 $messagePage->output();
1975 die;
1976 } elseif (GeneralUtility::isFirstPartOfStr($code, 'USER_FUNCTION:')) {
1977 $funcRef = trim(substr($code, 14));
1978 $params = array(
1979 'currentUrl' => GeneralUtility::getIndpEnv('REQUEST_URI'),
1980 'reasonText' => $reason,
1981 'pageAccessFailureReasons' => $this->getPageAccessFailureReasons()
1982 );
1983 echo GeneralUtility::callUserFunction($funcRef, $params, $this);
1984 } elseif (GeneralUtility::isFirstPartOfStr($code, 'READFILE:')) {
1985 $readFile = GeneralUtility::getFileAbsFileName(trim(substr($code, 9)));
1986 if (@is_file($readFile)) {
1987 echo str_replace(
1988 array(
1989 '###CURRENT_URL###',
1990 '###REASON###'
1991 ),
1992 array(
1993 GeneralUtility::getIndpEnv('REQUEST_URI'),
1994 htmlspecialchars($reason)
1995 ),
1996 GeneralUtility::getUrl($readFile)
1997 );
1998 } else {
1999 throw new \RuntimeException('Configuration Error: 404 page "' . $readFile . '" could not be found.', 1294587214);
2000 }
2001 } elseif (GeneralUtility::isFirstPartOfStr($code, 'REDIRECT:')) {
2002 HttpUtility::redirect(substr($code, 9));
2003 } elseif (strlen($code)) {
2004 // Check if URL is relative
2005 $url_parts = parse_url($code);
2006 if ($url_parts['host'] == '') {
2007 $url_parts['host'] = GeneralUtility::getIndpEnv('HTTP_HOST');
2008 if ($code[0] === '/') {
2009 $code = GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST') . $code;
2010 } else {
2011 $code = GeneralUtility::getIndpEnv('TYPO3_REQUEST_DIR') . $code;
2012 }
2013 $checkBaseTag = FALSE;
2014 } else {
2015 $checkBaseTag = TRUE;
2016 }
2017 // Check recursion
2018 if ($code == GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL')) {
2019 if ($reason == '') {
2020 $reason = 'Page cannot be found.';
2021 }
2022 $reason .= LF . LF . 'Additionally, ' . $code . ' was not found while trying to retrieve the error document.';
2023 throw new \RuntimeException(nl2br(htmlspecialchars($reason)), 1294587215);
2024 }
2025 // Prepare headers
2026 $headerArr = array(
2027 'User-agent: ' . GeneralUtility::getIndpEnv('HTTP_USER_AGENT'),
2028 'Referer: ' . GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL')
2029 );
2030 $res = GeneralUtility::getUrl($code, 1, $headerArr);
2031 // Header and content are separated by an empty line
2032 list($header, $content) = explode(CRLF . CRLF, $res, 2);
2033 $content .= CRLF;
2034 if (FALSE === $res) {
2035 // Last chance -- redirect
2036 HttpUtility::redirect($code);
2037 } else {
2038 // Forward these response headers to the client
2039 $forwardHeaders = array(
2040 'Content-Type:'
2041 );
2042 $headerArr = preg_split('/\\r|\\n/', $header, -1, PREG_SPLIT_NO_EMPTY);
2043 foreach ($headerArr as $header) {
2044 foreach ($forwardHeaders as $h) {
2045 if (preg_match('/^' . $h . '/', $header)) {
2046 header($header);
2047 }
2048 }
2049 }
2050 // Put <base> if necesary
2051 if ($checkBaseTag) {
2052 // If content already has <base> tag, we do not need to do anything
2053 if (FALSE === stristr($content, '<base ')) {
2054 // Generate href for base tag
2055 $base = $url_parts['scheme'] . '://';
2056 if ($url_parts['user'] != '') {
2057 $base .= $url_parts['user'];
2058 if ($url_parts['pass'] != '') {
2059 $base .= ':' . $url_parts['pass'];
2060 }
2061 $base .= '@';
2062 }
2063 $base .= $url_parts['host'];
2064 // Add path portion skipping possible file name
2065 $base .= preg_replace('/(.*\\/)[^\\/]*/', '${1}', $url_parts['path']);
2066 // Put it into content (generate also <head> if necessary)
2067 $replacement = LF . '<base href="' . htmlentities($base) . '" />' . LF;
2068 if (stristr($content, '<head>')) {
2069 $content = preg_replace('/(<head>)/i', '\\1' . $replacement, $content);
2070 } else {
2071 $content = preg_replace('/(<html[^>]*>)/i', '\\1<head>' . $replacement . '</head>', $content);
2072 }
2073 }
2074 }
2075 // Output the content
2076 echo $content;
2077 }
2078 } else {
2079 $title = 'Page Not Found';
2080 $message = $reason ? 'Reason: ' . htmlspecialchars($reason) : 'Page cannot be found.';
2081 $messagePage = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\ErrorpageMessage', $message, $title);
2082 $messagePage->output();
2083 }
2084 die;
2085 }
2086
2087 /**
2088 * Fetches the integer page id for a page alias.
2089 * Looks if ->id is not an integer and if so it will search for a page alias and if found the page uid of that page is stored in $this->id
2090 *
2091 * @return void
2092 * @access private
2093 */
2094 public function checkAndSetAlias() {
2095 if ($this->id && !\TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->id)) {
2096 $aid = $this->sys_page->getPageIdFromAlias($this->id);
2097 if ($aid) {
2098 $this->id = $aid;
2099 } else {
2100 $this->pageNotFound = 4;
2101 }
2102 }
2103 }
2104
2105 /**
2106 * Merging values into the global $_GET
2107 *
2108 * @param array $GET_VARS Array of key/value pairs that will be merged into the current GET-vars. (Non-escaped values)
2109 * @return void
2110 */
2111 public function mergingWithGetVars($GET_VARS) {
2112 if (is_array($GET_VARS)) {
2113 // Getting $_GET var, unescaped.
2114 $realGet = GeneralUtility::_GET();
2115 if (!is_array($realGet)) {
2116 $realGet = array();
2117 }
2118 // Merge new values on top:
2119 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($realGet, $GET_VARS);
2120 // Write values back to $_GET:
2121 GeneralUtility::_GETset($realGet);
2122 // Setting these specifically (like in the init-function):
2123 if (isset($GET_VARS['type'])) {
2124 $this->type = (int)$GET_VARS['type'];
2125 }
2126 if (isset($GET_VARS['cHash'])) {
2127 $this->cHash = $GET_VARS['cHash'];
2128 }
2129 if (isset($GET_VARS['jumpurl'])) {
2130 $this->jumpurl = $GET_VARS['jumpurl'];
2131 }
2132 if (isset($GET_VARS['MP'])) {
2133 $this->MP = $this->TYPO3_CONF_VARS['FE']['enable_mount_pids'] ? $GET_VARS['MP'] : '';
2134 }
2135 if (isset($GET_VARS['no_cache']) && $GET_VARS['no_cache']) {
2136 $this->set_no_cache('no_cache is requested via GET parameter');
2137 }
2138 }
2139 }
2140
2141 /********************************************
2142 *
2143 * Template and caching related functions.
2144 *
2145 *******************************************/
2146 /**
2147 * Calculates a hash string based on additional parameters in the url.
2148 *
2149 * Calculated hash is stored in $this->cHash_array.
2150 * This is used to cache pages with more parameters than just id and type.
2151 *
2152 * @return void
2153 * @see reqCHash()
2154 */
2155 public function makeCacheHash() {
2156 // No need to test anything if caching was already disabled.
2157 if ($this->no_cache && !$this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2158 return;
2159 }
2160 $GET = GeneralUtility::_GET();
2161 if ($this->cHash && is_array($GET)) {
2162 $this->cHash_array = $this->cacheHash->getRelevantParameters(GeneralUtility::implodeArrayForUrl('', $GET));
2163 $cHash_calc = $this->cacheHash->calculateCacheHash($this->cHash_array);
2164 if ($cHash_calc != $this->cHash) {
2165 if ($this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2166 $this->pageNotFoundAndExit('Request parameters could not be validated (&cHash comparison failed)');
2167 } else {
2168 $this->disableCache();
2169 $GLOBALS['TT']->setTSlogMessage('The incoming cHash "' . $this->cHash . '" and calculated cHash "' . $cHash_calc . '" did not match, so caching was disabled. The fieldlist used was "' . implode(',', array_keys($this->cHash_array)) . '"', 2);
2170 }
2171 }
2172 } elseif (is_array($GET)) {
2173 // No cHash is set, check if that is correct
2174 if ($this->cacheHash->doParametersRequireCacheHash(GeneralUtility::implodeArrayForUrl('', $GET))) {
2175 $this->reqCHash();
2176 }
2177 }
2178 }
2179
2180 /**
2181 * Will disable caching if the cHash value was not set.
2182 * This function should be called to check the _existence_ of "&cHash" whenever a plugin generating cachable output is using extra GET variables. If there _is_ a cHash value the validation of it automatically takes place in makeCacheHash() (see above)
2183 *
2184 * @return void
2185 * @see makeCacheHash(), \TYPO3\CMS\Frontend\Plugin\AbstractPlugin::pi_cHashCheck()
2186 */
2187 public function reqCHash() {
2188 if (!$this->cHash) {
2189 if ($this->TYPO3_CONF_VARS['FE']['pageNotFoundOnCHashError']) {
2190 if ($this->tempContent) {
2191 $this->clearPageCacheContent();
2192 }
2193 $this->pageNotFoundAndExit('Request parameters could not be validated (&cHash empty)');
2194 } else {
2195 $this->disableCache();
2196 $GLOBALS['TT']->setTSlogMessage('TSFE->reqCHash(): No &cHash parameter was sent for GET vars though required so caching is disabled', 2);
2197 }
2198 }
2199 }
2200
2201 /**
2202 * Initialize the TypoScript template parser
2203 *
2204 * @return void
2205 */
2206 public function initTemplate() {
2207 $this->tmpl = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\TypoScript\\TemplateService');
2208 $this->tmpl->setVerbose((bool)$this->beUserLogin);
2209 $this->tmpl->init();
2210 $this->tmpl->tt_track = (bool)$this->beUserLogin;
2211 }
2212
2213 /**
2214 * See if page is in cache and get it if so
2215 * Stores the page content in $this->content if something is found.
2216 *
2217 * @return void
2218 */
2219 public function getFromCache() {
2220 if (!$this->no_cache) {
2221 $cc = $this->tmpl->getCurrentPageData();
2222 if (!is_array($cc)) {
2223 $key = $this->id . '::' . $this->MP;
2224 // Returns TRUE if the lock is active now
2225 $isLocked = $this->acquirePageGenerationLock($this->pagesection_lockObj, $key);
2226 if (!$isLocked) {
2227 // Lock is no longer active, the data in "cache_pagesection" is now ready
2228 $cc = $this->tmpl->getCurrentPageData();
2229 if (is_array($cc)) {
2230 // Release the lock
2231 $this->releasePageGenerationLock($this->pagesection_lockObj);
2232 }
2233 }
2234 }
2235 if (is_array($cc)) {
2236 // BE CAREFUL to change the content of the cc-array. This array is serialized and an md5-hash based on this is used for caching the page.
2237 // If this hash is not the same in here in this section and after page-generation, then the page will not be properly cached!
2238 // This array is an identification of the template. If $this->all is empty it's because the template-data is not cached, which it must be.
2239 $cc = $this->tmpl->matching($cc);
2240 ksort($cc);
2241 $this->all = $cc;
2242 }
2243 unset($cc);
2244 }
2245 // clearing the content-variable, which will hold the pagecontent
2246 $this->content = '';
2247 // Unsetting the lowlevel config
2248 unset($this->config);
2249 $this->cacheContentFlag = FALSE;
2250 // Look for page in cache only if caching is not disabled and if a shift-reload is not sent to the server.
2251 if (!$this->no_cache && !$this->headerNoCache()) {
2252 $lockHash = $this->getLockHash();
2253 if ($this->all) {
2254 $this->newHash = $this->getHash();
2255 $GLOBALS['TT']->push('Cache Row', '');
2256 $row = $this->getFromCache_queryRow();
2257 if (!is_array($row)) {
2258 $isLocked = $this->acquirePageGenerationLock($this->pages_lockObj, $lockHash);
2259 if (!$isLocked) {
2260 // Lock is no longer active, the data in "cache_pages" is now ready
2261 $row = $this->getFromCache_queryRow();
2262 if (is_array($row)) {
2263 // Release the lock
2264 $this->releasePageGenerationLock($this->pages_lockObj);
2265 }
2266 }
2267 }
2268 if (is_array($row)) {
2269 // Release this lock
2270 $this->releasePageGenerationLock($this->pages_lockObj);
2271 // Call hook when a page is retrieved from cache:
2272 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['pageLoadedFromCache'])) {
2273 $_params = array('pObj' => &$this, 'cache_pages_row' => &$row);
2274 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['pageLoadedFromCache'] as $_funcRef) {
2275 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2276 }
2277 }
2278 // Fetches the lowlevel config stored with the cached data
2279 $this->config = $row['cache_data'];
2280 // Getting the content
2281 $this->content = $row['content'];
2282 // Flag for temp content
2283 $this->tempContent = $row['temp_content'];
2284 // Setting flag, so we know, that some cached content has been loaded
2285 $this->cacheContentFlag = TRUE;
2286 $this->cacheExpires = $row['expires'];
2287
2288 if (isset($this->config['config']['debug'])) {
2289 $debugCacheTime = (bool)$this->config['config']['debug'];
2290 } else {
2291 $debugCacheTime = !empty($this->TYPO3_CONF_VARS['FE']['debug']);
2292 }
2293 if ($debugCacheTime) {
2294 $dateFormat = $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'];
2295 $timeFormat = $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm'];
2296 $this->content .= LF . '<!-- Cached page generated ' . date(($dateFormat . ' ' . $timeFormat), $row['tstamp']) . '. Expires ' . Date(($dateFormat . ' ' . $timeFormat), $row['expires']) . ' -->';
2297 }
2298 }
2299 $GLOBALS['TT']->pull();
2300 } else {
2301 $this->acquirePageGenerationLock($this->pages_lockObj, $lockHash);
2302 }
2303 }
2304 }
2305
2306 /**
2307 * Returning the cached version of page with hash = newHash
2308 *
2309 * @return array Cached row, if any. Otherwise void.
2310 */
2311 public function getFromCache_queryRow() {
2312 $GLOBALS['TT']->push('Cache Query', '');
2313 $row = $this->pageCache->get($this->newHash);
2314 $GLOBALS['TT']->pull();
2315 return $row;
2316 }
2317
2318 /**
2319 * Detecting if shift-reload has been clicked
2320 * Will not be called if re-generation of page happens by other reasons (for instance that the page is not in cache yet!)
2321 * Also, a backend user MUST be logged in for the shift-reload to be detected due to DoS-attack-security reasons.
2322 *
2323 * @return bool If shift-reload in client browser has been clicked, disable getting cached page (and regenerate it).
2324 */
2325 public function headerNoCache() {
2326 $disableAcquireCacheData = FALSE;
2327 if ($this->beUserLogin) {
2328 if (strtolower($_SERVER['HTTP_CACHE_CONTROL']) === 'no-cache' || strtolower($_SERVER['HTTP_PRAGMA']) === 'no-cache') {
2329 $disableAcquireCacheData = TRUE;
2330 }
2331 }
2332 // Call hook for possible by-pass of requiring of page cache (for recaching purpose)
2333 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['headerNoCache'])) {
2334 $_params = array('pObj' => &$this, 'disableAcquireCacheData' => &$disableAcquireCacheData);
2335 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['headerNoCache'] as $_funcRef) {
2336 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2337 }
2338 }
2339 return $disableAcquireCacheData;
2340 }
2341
2342 /**
2343 * Calculates the cache-hash
2344 * This hash is unique to the template, the variables ->id, ->type, ->gr_list (list of groups), ->MP (Mount Points) and cHash array
2345 * Used to get and later store the cached data.
2346 *
2347 * @return string MD5 hash of serialized hash base from createHashBase()
2348 * @access private
2349 * @see getFromCache(), getLockHash()
2350 */
2351 public function getHash() {
2352 return md5($this->createHashBase(FALSE));
2353 }
2354
2355 /**
2356 * Calculates the lock-hash
2357 * This hash is unique to the above hash, except that it doesn't contain the template information in $this->all.
2358 *
2359 * @return string MD5 hash
2360 * @access private
2361 * @see getFromCache(), getHash()
2362 */
2363 public function getLockHash() {
2364 $lockHash = $this->createHashBase(TRUE);
2365 return md5($lockHash);
2366 }
2367
2368 /**
2369 * Calculates the cache-hash (or the lock-hash)
2370 * This hash is unique to the template,
2371 * the variables ->id, ->type, ->gr_list (list of groups),
2372 * ->MP (Mount Points) and cHash array
2373 * Used to get and later store the cached data.
2374 *
2375 * @param bool $createLockHashBase Whether to create the lock hash, which doesn't contain the "this->all" (the template information)
2376 * @return string the serialized hash base
2377 */
2378 protected function createHashBase($createLockHashBase = FALSE) {
2379 $hashParameters = array(
2380 'id' => (int)$this->id,
2381 'type' => (int)$this->type,
2382 'gr_list' => (string)$this->gr_list,
2383 'MP' => (string)$this->MP,
2384 'cHash' => $this->cHash_array,
2385 'domainStartPage' => $this->domainStartPage
2386 );
2387 // Include the template information if we shouldn't create a lock hash
2388 if (!$createLockHashBase) {
2389 $hashParameters['all'] = $this->all;
2390 }
2391 // Call hook to influence the hash calculation
2392 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['createHashBase'])) {
2393 $_params = array(
2394 'hashParameters' => &$hashParameters,
2395 'createLockHashBase' => $createLockHashBase
2396 );
2397 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['createHashBase'] as $_funcRef) {
2398 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2399 }
2400 }
2401 return serialize($hashParameters);
2402 }
2403
2404 /**
2405 * Checks if config-array exists already but if not, gets it
2406 *
2407 * @throws \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException
2408 * @return void
2409 */
2410 public function getConfigArray() {
2411 $setStatPageName = FALSE;
2412 // If config is not set by the cache (which would be a major mistake somewhere) OR if INTincScripts-include-scripts have been registered, then we must parse the template in order to get it
2413 if (!is_array($this->config) || is_array($this->config['INTincScript']) || $this->forceTemplateParsing) {
2414 $GLOBALS['TT']->push('Parse template', '');
2415 // Force parsing, if set?:
2416 $this->tmpl->forceTemplateParsing = $this->forceTemplateParsing;
2417 // Start parsing the TS template. Might return cached version.
2418 $this->tmpl->start($this->rootLine);
2419 $GLOBALS['TT']->pull();
2420 if ($this->tmpl->loaded) {
2421 $GLOBALS['TT']->push('Setting the config-array', '');
2422 // toplevel - objArrayName
2423 $this->sPre = $this->tmpl->setup['types.'][$this->type];
2424 $this->pSetup = $this->tmpl->setup[$this->sPre . '.'];
2425 if (!is_array($this->pSetup)) {
2426 $message = 'The page is not configured! [type=' . $this->type . '][' . $this->sPre . '].';
2427 if ($this->checkPageUnavailableHandler()) {
2428 $this->pageUnavailableAndExit($message);
2429 } else {
2430 $explanation = 'This means that there is no TypoScript object of type PAGE with typeNum=' . $this->type . ' configured.';
2431 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2432 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message . ' ' . $explanation, 1294587217);
2433 }
2434 } else {
2435 $this->config['config'] = array();
2436 // Filling the config-array, first with the main "config." part
2437 if (is_array($this->tmpl->setup['config.'])) {
2438 $this->config['config'] = $this->tmpl->setup['config.'];
2439 }
2440 // override it with the page/type-specific "config."
2441 if (is_array($this->pSetup['config.'])) {
2442 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($this->config['config'], $this->pSetup['config.']);
2443 }
2444 if ($this->config['config']['typolinkEnableLinksAcrossDomains']) {
2445 $this->config['config']['typolinkCheckRootline'] = TRUE;
2446 }
2447 // Set default values for removeDefaultJS and inlineStyle2TempFile so CSS and JS are externalized if compatversion is higher than 4.0
2448 if (GeneralUtility::compat_version('4.0')) {
2449 if (!isset($this->config['config']['removeDefaultJS'])) {
2450 $this->config['config']['removeDefaultJS'] = 'external';
2451 }
2452 if (!isset($this->config['config']['inlineStyle2TempFile'])) {
2453 $this->config['config']['inlineStyle2TempFile'] = 1;
2454 }
2455 }
2456 if (!isset($this->config['config']['compressJs'])) {
2457 $this->config['config']['compressJs'] = 0;
2458 }
2459 // Processing for the config_array:
2460 $this->config['rootLine'] = $this->tmpl->rootLine;
2461 $this->config['mainScript'] = trim($this->config['config']['mainScript']) ?: 'index.php';
2462 // Class for render Header and Footer parts
2463 $template = '';
2464 if ($this->pSetup['pageHeaderFooterTemplateFile']) {
2465 $file = $this->tmpl->getFileName($this->pSetup['pageHeaderFooterTemplateFile']);
2466 if ($file) {
2467 $this->getPageRenderer()->setTemplateFile($file);
2468 }
2469 }
2470 }
2471 $GLOBALS['TT']->pull();
2472 } else {
2473 if ($this->checkPageUnavailableHandler()) {
2474 $this->pageUnavailableAndExit('No TypoScript template found!');
2475 } else {
2476 $message = 'No TypoScript template found!';
2477 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2478 throw new \TYPO3\CMS\Core\Error\Http\ServiceUnavailableException($message, 1294587218);
2479 }
2480 }
2481 }
2482
2483 // No cache
2484 // Set $this->no_cache TRUE if the config.no_cache value is set!
2485 if ($this->config['config']['no_cache']) {
2486 $this->set_no_cache('config.no_cache is set');
2487 }
2488 // Merge GET with defaultGetVars
2489 if (!empty($this->config['config']['defaultGetVars.'])) {
2490 $modifiedGetVars = GeneralUtility::removeDotsFromTS($this->config['config']['defaultGetVars.']);
2491 \TYPO3\CMS\Core\Utility\ArrayUtility::mergeRecursiveWithOverrule($modifiedGetVars, GeneralUtility::_GET());
2492 GeneralUtility::_GETset($modifiedGetVars);
2493 }
2494 // Hook for postProcessing the configuration array
2495 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['configArrayPostProc'])) {
2496 $params = array('config' => &$this->config['config']);
2497 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['configArrayPostProc'] as $funcRef) {
2498 GeneralUtility::callUserFunction($funcRef, $params, $this);
2499 }
2500 }
2501 }
2502
2503 /********************************************
2504 *
2505 * Further initialization and data processing
2506 * (jumpurl/submission of forms)
2507 *
2508 *******************************************/
2509
2510 /**
2511 * Setting the language key that will be used by the current page.
2512 * In this function it should be checked, 1) that this language exists, 2) that a page_overlay_record exists, .. and if not the default language, 0 (zero), should be set.
2513 *
2514 * @return void
2515 * @access private
2516 */
2517 public function settingLanguage() {
2518 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_preProcess'])) {
2519 $_params = array();
2520 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_preProcess'] as $_funcRef) {
2521 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2522 }
2523 }
2524
2525 // Initialize charset settings etc.
2526 $this->initLLvars();
2527
2528 // Get values from TypoScript:
2529 $this->sys_language_uid = ($this->sys_language_content = (int)$this->config['config']['sys_language_uid']);
2530 list($this->sys_language_mode, $sys_language_content) = GeneralUtility::trimExplode(';', $this->config['config']['sys_language_mode']);
2531 $this->sys_language_contentOL = $this->config['config']['sys_language_overlay'];
2532 // If sys_language_uid is set to another language than default:
2533 if ($this->sys_language_uid > 0) {
2534 // check whether a shortcut is overwritten by a translated page
2535 // we can only do this now, as this is the place where we get
2536 // to know about translations
2537 $this->checkTranslatedShortcut();
2538 // Request the overlay record for the sys_language_uid:
2539 $olRec = $this->sys_page->getPageOverlay($this->id, $this->sys_language_uid);
2540 if (!count($olRec)) {
2541 // If no OL record exists and a foreign language is asked for...
2542 if ($this->sys_language_uid) {
2543 // If requested translation is not available:
2544 if (GeneralUtility::hideIfNotTranslated($this->page['l18n_cfg'])) {
2545 $this->pageNotFoundAndExit('Page is not available in the requested language.');
2546 } else {
2547 switch ((string)$this->sys_language_mode) {
2548 case 'strict':
2549 $this->pageNotFoundAndExit('Page is not available in the requested language (strict).');
2550 break;
2551 case 'content_fallback':
2552 $fallBackOrder = GeneralUtility::intExplode(',', $sys_language_content);
2553 foreach ($fallBackOrder as $orderValue) {
2554 if ((string)$orderValue === '0' || count($this->sys_page->getPageOverlay($this->id, $orderValue))) {
2555 $this->sys_language_content = $orderValue;
2556 // Setting content uid (but leaving the sys_language_uid)
2557 break;
2558 }
2559 }
2560 break;
2561 case 'ignore':
2562 $this->sys_language_content = $this->sys_language_uid;
2563 break;
2564 default:
2565 // Default is that everything defaults to the default language...
2566 $this->sys_language_uid = ($this->sys_language_content = 0);
2567 }
2568 }
2569 }
2570 } else {
2571 // Setting sys_language if an overlay record was found (which it is only if a language is used)
2572 $this->page = $this->sys_page->getPageOverlay($this->page, $this->sys_language_uid);
2573 }
2574 }
2575 // Setting sys_language_uid inside sys-page:
2576 $this->sys_page->sys_language_uid = $this->sys_language_uid;
2577 // If default translation is not available:
2578 if ((!$this->sys_language_uid || !$this->sys_language_content) && $this->page['l18n_cfg'] & 1) {
2579 $message = 'Page is not available in default language.';
2580 GeneralUtility::sysLog($message, 'cms', GeneralUtility::SYSLOG_SEVERITY_ERROR);
2581 $this->pageNotFoundAndExit($message);
2582 }
2583 $this->updateRootLinesWithTranslations();
2584 // Finding the ISO code:
2585 if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('static_info_tables') && $this->sys_language_content) {
2586 // using sys_language_content because the ISO code only (currently) affect content selection from FlexForms - which should follow "sys_language_content"
2587 // Set the fourth parameter to TRUE in the next two getRawRecord() calls to
2588 // avoid versioning overlay to be applied as it generates an SQL error
2589 $sys_language_row = $this->sys_page->getRawRecord('sys_language', $this->sys_language_content, 'static_lang_isocode', TRUE);
2590 if (is_array($sys_language_row) && $sys_language_row['static_lang_isocode']) {
2591 $stLrow = $this->sys_page->getRawRecord('static_languages', $sys_language_row['static_lang_isocode'], 'lg_iso_2', TRUE);
2592 $this->sys_language_isocode = $stLrow['lg_iso_2'];
2593 }
2594 }
2595 // Setting softMergeIfNotBlank:
2596 $table_fields = GeneralUtility::trimExplode(',', $this->config['config']['sys_language_softMergeIfNotBlank'], TRUE);
2597 foreach ($table_fields as $TF) {
2598 list($tN, $fN) = explode(':', $TF);
2599 $GLOBALS['TCA'][$tN]['columns'][$fN]['l10n_mode'] = 'mergeIfNotBlank';
2600 }
2601 // Setting softExclude:
2602 $table_fields = GeneralUtility::trimExplode(',', $this->config['config']['sys_language_softExclude'], TRUE);
2603 foreach ($table_fields as $TF) {
2604 list($tN, $fN) = explode(':', $TF);
2605 $GLOBALS['TCA'][$tN]['columns'][$fN]['l10n_mode'] = 'exclude';
2606 }
2607 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_postProcess'])) {
2608 $_params = array();
2609 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['settingLanguage_postProcess'] as $_funcRef) {
2610 GeneralUtility::callUserFunction($_funcRef, $_params, $this);
2611 }
2612 }
2613 }
2614
2615 /**
2616 * Updating content of the two rootLines IF the language key is set!
2617 */
2618 protected function updateRootLinesWithTranslations() {
2619 if ($this->sys_language_uid) {
2620 $this->rootLine = $this->sys_page->getRootLine($this->id, $this->MP);
2621 $this->tmpl->updateRootlineData($this->rootLine);
2622 }
2623 }
2624
2625 /**
2626 * Setting locale for frontend rendering
2627 *
2628 * @return void
2629 */
2630 public function settingLocale() {
2631 // Setting locale
2632 if ($this->config['config']['locale_all']) {
2633 // There's a problem that PHP parses float values in scripts wrong if the
2634 // locale LC_NUMERIC is set to something with a comma as decimal point
2635 // Do we set all except LC_NUMERIC
2636 $locale = setlocale(LC_COLLATE, $this->config['config']['locale_all']);
2637 if ($locale) {
2638 // PHP fatals with uppercase I characters in method names with turkish locale LC_CTYPE
2639 // @see http://bugs.php.net/bug.php?id=35050
2640 if (substr($this->config['config']['locale_all'], 0, 2) != 'tr') {
2641 setlocale(LC_CTYPE, $this->config['config']['locale_all']);
2642 }
2643 setlocale(LC_MONETARY, $this->config['config']['locale_all']);
2644 setlocale(LC_TIME, $this->config['config']['locale_all']);
2645 $this->localeCharset = $this->csConvObj->get_locale_charset($this->config['config']['locale_all']);
2646 } else {
2647 $GLOBALS['TT']->setTSlogMessage('Locale "' . htmlspecialchars($this->config['config']['locale_all']) . '" not found.', 3);
2648 }
2649 }
2650 }
2651
2652 /**
2653 * Checks whether a translated shortcut page has a different shortcut
2654 * target than the original language page.
2655 * If that is the case, things get corrected to follow that alternative
2656 * shortcut
2657 *
2658 * @return void
2659 * @author Ingo Renner <ingo@typo3.org>
2660 */
2661 protected function checkTranslatedShortcut() {
2662 if (!is_null($this->originalShortcutPage)) {
2663 $originalShortcutPageOverlay = $this->sys_page->getPageOverlay($this->originalShortcutPage['uid'], $this->sys_language_uid);
2664 if (!empty($originalShortcutPageOverlay['shortcut']) && $originalShortcutPageOverlay['shortcut'] != $this->id) {
2665 // the translation of the original shortcut page has a different shortcut target!
2666 // set the correct page and id
2667 $shortcut = $this->getPageShortcut($originalShortcutPageOverlay['shortcut'], $originalShortcutPageOverlay['shortcut_mode'], $originalShortcutPageOverlay['uid']);
2668 $this->id = ($this->contentPid = $shortcut['uid']);
2669 $this->page = $this->sys_page->getPage($this->id);
2670 // Fix various effects on things like menus f.e.
2671 $this->fetch_the_id();
2672 $this->tmpl->rootLine = array_reverse($this->rootLine);
2673 }
2674 }
2675 }
2676
2677 /**
2678 * Handle data submission
2679 *
2680 * @return void
2681 */
2682 public function handleDataSubmission() {
2683 // Check Submission of data.
2684 // This is done at this point, because we need the config values
2685 switch ($this->checkDataSubmission()) {
2686 case 'email':
2687 $this->sendFormmail();
2688 break;
2689 }
2690 }
2691
2692 /**
2693 * Checks if any email-submissions
2694 *
2695 * @return string "email" if a formmail has been sent, "" if none.
2696 */
2697 protected function checkDataSubmission() {
2698 $ret = '';
2699 $formtype_mail = isset($_POST['formtype_mail']) || isset($_POST['formtype_mail_x']);
2700 if ($formtype_mail) {
2701 $refInfo = parse_url(GeneralUtility::getIndpEnv('HTTP_REFERER'));
2702 if (GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY') == $refInfo['host'] || $this->TYPO3_CONF_VARS['SYS']['doNotCheckReferer']) {
2703 if ($this->locDataCheck($_POST['locationData'])) {
2704 if ($formtype_mail) {
2705 $ret = 'email';
2706 }
2707 $GLOBALS['TT']->setTSlogMessage('"Check Data Submission": Return value: ' . $ret, 0);
2708 return $ret;
2709 }
2710 } else {
2711 $GLOBALS['TT']->setTSlogMessage('"Check Data Submission": HTTP_HOST and REFERER HOST did not match when processing submitted formdata!', 3);
2712 }
2713 }
2714 // Hook for processing data submission to extensions:
2715 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkDataSubmission'])) {
2716 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkDataSubmission'] as $_classRef) {
2717 $_procObj = GeneralUtility::getUserObj($_classRef);
2718 $_procObj->checkDataSubmission($this);
2719 }
2720 }
2721 return $ret;
2722 }
2723
2724 /**
2725 * Checks if a formmail submission can be sent as email
2726 *
2727 * @param string $locationData The input from $_POST['locationData']
2728 * @return void
2729 * @access private
2730 * @see checkDataSubmission()
2731 */
2732 public function locDataCheck($locationData) {
2733 $locData = explode(':', $locationData);
2734 if (!$locData[1] || $this->sys_page->checkRecord($locData[1], $locData[2], 1)) {
2735 // $locData[1] -check means that a record is checked only if the locationData has a value for a record else than the page.
2736 if (count($this->sys_page->getPage($locData[0]))) {
2737 return 1;
2738 } else {
2739 $GLOBALS['TT']->setTSlogMessage('LocationData Error: The page pointed to by location data (' . $locationData . ') was not accessible.', 2);
2740 }
2741 } else {
2742 $GLOBALS['TT']->setTSlogMessage('LocationData Error: Location data (' . $locationData . ') record pointed to was not accessible.', 2);
2743 }
2744 }
2745
2746 /**
2747 * Sends the emails from the formmail content object.
2748 *
2749 * @return void
2750 * @see checkDataSubmission()
2751 */
2752 protected function sendFormmail() {
2753 /** @var $formmail \TYPO3\CMS\Frontend\Controller\DataSubmissionController */
2754 $formmail = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Controller\\DataSubmissionController');
2755 $EMAIL_VARS = GeneralUtility::_POST();
2756 $locationData = $EMAIL_VARS['locationData'];
2757 unset($EMAIL_VARS['locationData']);
2758 unset($EMAIL_VARS['formtype_mail'], $EMAIL_VARS['formtype_mail_x'], $EMAIL_VARS['formtype_mail_y']);
2759 $integrityCheck = $this->TYPO3_CONF_VARS['FE']['strictFormmail'];
2760 if (!$this->TYPO3_CONF_VARS['FE']['secureFormmail']) {
2761 // Check recipient field:
2762 // These two fields are the ones which contain recipient addresses that can be misused to send mail from foreign servers.
2763 $encodedFields = explode(',', 'recipient, recipient_copy');
2764 foreach ($encodedFields as $fieldKey) {
2765 if (strlen($EMAIL_VARS[$fieldKey])) {
2766 // Decode...
2767 if ($res = $this->codeString($EMAIL_VARS[$fieldKey], TRUE)) {
2768 $EMAIL_VARS[$fieldKey] = $res;
2769 } elseif ($integrityCheck) {
2770 // Otherwise abort:
2771 $GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field (' . $fieldKey . ') which could not be decoded to a valid string. Sending formmail aborted due to security reasons!', 3);
2772 return FALSE;
2773 } else {
2774 $GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field (' . $fieldKey . ') which could not be decoded to a valid string. The security level accepts this, but you should consider a correct coding though!', 2);
2775 }
2776 }
2777 }
2778 } else {
2779 $locData = explode(':', $locationData);
2780 $record = $this->sys_page->checkRecord($locData[1], $locData[2], 1);
2781 $EMAIL_VARS['recipient'] = $record['subheader'];
2782 $EMAIL_VARS['recipient_copy'] = $this->extractRecipientCopy($record['bodytext']);
2783 }
2784 // Hook for preprocessing of the content for formmails:
2785 if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'])) {
2786 foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'] as $_classRef) {
2787 $_procObj = GeneralUtility::getUserObj($_classRef);
2788 $EMAIL_VARS = $_procObj->sendFormmail_preProcessVariables($EMAIL_VARS, $this);
2789 }
2790 }
2791 $formmail->start($EMAIL_VARS);
2792 $formmail->sendtheMail();
2793 $GLOBALS['TT']->setTSlogMessage('"Formmail" invoked, sending mail to ' . $EMAIL_VARS['recipient'], 0);
2794 }
2795
2796 /**
2797 * Extracts the value of recipient copy field from a formmail CE bodytext
2798 *
2799 * @param string $bodytext The content of the related bodytext field
2800 * @return string The value of the recipient_copy field, or an empty string
2801 */
2802 public function extractRecipientCopy($bodytext) {
2803 $recipient_copy = '';
2804 $fdef = array();
2805 //|recipient_copy=hidden|karsten@localhost.localdomain
2806 preg_match('/^[\\s]*\\|[\\s]*recipient_copy[\\s]*=[\\s]*hidden[\\s]*\\|(.*)$/m', $bodytext, $fdef);
2807 $recipient_copy = $fdef[1] ?: '';
2808 return $recipient_copy;