[BUGFIX] Hide password hash for RsaInputField
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / Classes / Form / Element / RsaInputElement.php
1 <?php
2 namespace TYPO3\CMS\Rsaauth\Form\Element;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Form\Element\AbstractFormElement;
18 use TYPO3\CMS\Core\Utility\GeneralUtility;
19 use TYPO3\CMS\Core\Utility\MathUtility;
20 use TYPO3\CMS\Core\Utility\StringUtility;
21
22 /**
23 * Generation of form element of the type rsaInput
24 */
25 class RsaInputElement extends AbstractFormElement
26 {
27 /**
28 * Default field wizards enabled for this element.
29 *
30 * @var array
31 */
32 protected $defaultFieldWizard = [
33 'otherLanguageContent' => [
34 'renderType' => 'otherLanguageContent',
35 ],
36 'defaultLanguageDifferences' => [
37 'renderType' => 'defaultLanguageDifferences',
38 'after' => [
39 'otherLanguageContent',
40 ],
41 ],
42 ];
43
44 /**
45 * This will render a single-line input form field, possibly with various control/validation features
46 *
47 * @return array As defined in initializeResultArray() of AbstractNode
48 */
49 public function render()
50 {
51 $fieldName = $this->data['fieldName'];
52 $parameterArray = $this->data['parameterArray'];
53 $resultArray = $this->initializeResultArray();
54 $resultArray['requireJsModules'] = ['TYPO3/CMS/Rsaauth/RsaEncryptionModule'];
55
56 $itemValue = $parameterArray['itemFormElValue'] ? '*********' : '';
57 $config = $parameterArray['fieldConf']['config'];
58 $size = MathUtility::forceIntegerInRange($config['size'] ?: $this->defaultInputWidth, $this->minimumInputWidth, $this->maxInputWidth);
59 $evalList = GeneralUtility::trimExplode(',', $config['eval'], true);
60 $width = (int)$this->formMaxWidth($size);
61
62 if ($config['readOnly']) {
63 $html = [];
64 $html[] = '<div class="t3js-formengine-field-item">';
65 $html[] = '<div class="form-wizards-wrap">';
66 $html[] = '<div class="form-wizards-element">';
67 $html[] = '<div class="form-control-wrap" style="max-width: ' . $width . 'px">';
68 $html[] = '<input class="form-control" value="' . htmlspecialchars($itemValue) . '" type="text" disabled>';
69 $html[] = '</div>';
70 $html[] = '</div>';
71 $html[] = '</div>';
72 $html[] = '</div>';
73 $resultArray['html'] = implode(LF, $html);
74 return $resultArray;
75 }
76
77 // @todo: The whole eval handling is a mess and needs refactoring
78 foreach ($evalList as $func) {
79 // @todo: This is ugly: The code should find out on it's own whether a eval definition is a
80 // @todo: keyword like "date", or a class reference. The global registration could be dropped then
81 // Pair hook to the one in \TYPO3\CMS\Core\DataHandling\DataHandler::checkValue_input_Eval()
82 if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tce']['formevals'][$func])) {
83 if (class_exists($func)) {
84 $evalObj = GeneralUtility::makeInstance($func);
85 if (method_exists($evalObj, 'deevaluateFieldValue')) {
86 $_params = [
87 'value' => $itemValue
88 ];
89 $itemValue = $evalObj->deevaluateFieldValue($_params);
90 }
91 if (method_exists($evalObj, 'returnFieldJS')) {
92 $resultArray['additionalJavaScriptPost'][] = 'TBE_EDITOR.customEvalFunctions[' . GeneralUtility::quoteJSvalue($func) . ']'
93 . ' = function(value) {' . $evalObj->returnFieldJS() . '};';
94 }
95 }
96 }
97 }
98 $evalList = array_filter($evalList, function ($value) {
99 return $value !== 'password';
100 });
101
102 $attributes = [
103 'type' => 'text',
104 'id' => StringUtility::getUniqueId('formengine-input-'),
105 'value' => '',
106 'class' => implode(' ', [
107 'form-control',
108 't3js-clearable',
109 'hasDefaultValue',
110 ]),
111 'data-formengine-validation-rules'=> $this->getValidationDataAsJsonString($config),
112 'data-formengine-input-params' => json_encode([
113 'field' => $parameterArray['itemFormElName'],
114 'evalList' => implode(',', $evalList),
115 'is_in' => trim($config['is_in']),
116 ]),
117 'data-formengine-input-name' => htmlspecialchars($parameterArray['itemFormElName']),
118 ];
119
120 if (isset($config['max']) && (int)$config['max'] > 0) {
121 $attributes['maxlength'] = (int)$config['max'];
122 }
123 if (!empty($config['placeholder'])) {
124 $attributes['placeholder'] = trim($config['placeholder']);
125 }
126 if (isset($config['autocomplete'])) {
127 $attributes['autocomplete'] = empty($config['autocomplete']) ? 'new-' . $fieldName : 'on';
128 }
129 if (in_array('password', $evalList)) {
130 $attributes['type'] = 'password';
131 $attributes['value'] = $itemValue ? '*********' : '';
132 $attributes['autocomplete'] = 'new-' . $fieldName;
133 }
134
135 $legacyWizards = $this->renderWizards();
136 $legacyFieldControlHtml = implode(LF, $legacyWizards['fieldControl']);
137 $legacyFieldWizardHtml = implode(LF, $legacyWizards['fieldWizard']);
138
139 $fieldInformationResult = $this->renderFieldInformation();
140 $fieldInformationHtml = $fieldInformationResult['html'];
141 $resultArray = $this->mergeChildReturnIntoExistingResult($resultArray, $fieldInformationResult, false);
142
143 $fieldControlResult = $this->renderFieldControl();
144 $fieldControlHtml = $legacyFieldControlHtml . $fieldControlResult['html'];
145 $resultArray = $this->mergeChildReturnIntoExistingResult($resultArray, $fieldControlResult, false);
146
147 $fieldWizardResult = $this->renderFieldWizard();
148 $fieldWizardHtml = $legacyFieldWizardHtml . $fieldWizardResult['html'];
149 $resultArray = $this->mergeChildReturnIntoExistingResult($resultArray, $fieldWizardResult, false);
150
151 $html = [];
152 $html[] = '<div class="t3js-formengine-field-item">';
153 $html[] = $fieldInformationHtml;
154 $html[] = '<div class="form-control-wrap" style="max-width: ' . $width . 'px">';
155 $html[] = '<div class="form-wizards-wrap">';
156 $html[] = '<div class="form-wizards-element">';
157 $html[] = '<input ' . GeneralUtility::implodeAttributes($attributes, true) . ' />';
158 $html[] = '<input';
159 $html[] = ' type="hidden"';
160 $html[] = ' data-rsa-encryption=""';
161 $html[] = ' id="' . $parameterArray['itemFormElID'] . '_hidden"';
162 $html[] = ' name="' . $parameterArray['itemFormElName'] . '"';
163 $html[] = ' value="' . htmlspecialchars($itemValue) . '"';
164 $html[] = '/>';
165 $html[] = '</div>';
166 $html[] = '<div class="form-wizards-items-aside">';
167 $html[] = '<div class="btn-group">';
168 $html[] = $fieldControlHtml;
169 $html[] = '</div>';
170 $html[] = '</div>';
171 $html[] = '<div class="form-wizards-items-bottom">';
172 $html[] = $fieldWizardHtml;
173 $html[] = '</div>';
174 $html[] = '</div>';
175 $html[] = '</div>';
176 $html[] = '</div>';
177
178 $resultArray['html'] = implode(LF, $html);
179 return $resultArray;
180 }
181 }