Added Feature #13982: Feature: Renewal of the taskcenter Part II (thanks to Georg...
[Packages/TYPO3.CMS.git] / typo3 / sysext / sys_action / task / class.tx_sysaction_task.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * (c) 2010 Georg Ringer <typo3@ringerge.org>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 *
18 * This script is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * This copyright notice MUST APPEAR in all copies of the script!
24 ***************************************************************/
25
26
27 /**
28 * This class provides a task for the taskcenter
29 *
30 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
31 * @author Georg Ringer <typo3@ringerge.org>
32 * @package TYPO3
33 * @subpackage tx_sysaction
34 *
35 */
36 class tx_sysaction_task implements tx_taskcenter_Task {
37
38 protected $taskObject;
39 var $t3lib_TCEforms;
40
41 /**
42 * Constructor
43 */
44 public function __construct(SC_mod_user_task_index $taskObject) {
45 $this->taskObject = $taskObject;
46 $GLOBALS['LANG']->includeLLFile('EXT:sys_action/locallang.xml');
47 }
48
49
50 /**
51 * This method renders the task
52 *
53 * @return string The task as HTML
54 */
55 public function getTask() {
56 $content = '';
57 $show = intval(t3lib_div::_GP('show'));
58
59 // if no task selected, render the menu
60 if ($show == 0) {
61 $content .= $this->taskObject->description(
62 $GLOBALS['LANG']->getLL('sys_action'),
63 $GLOBALS['LANG']->getLL('description')
64 );
65
66 $content .= $this->renderActionList();
67 } else {
68 $record = t3lib_BEfunc::getRecord('sys_action', $show);
69
70 // if the action is not found
71 if (count($record) == 0) {
72 $flashMessage = t3lib_div::makeInstance(
73 't3lib_FlashMessage',
74 $GLOBALS['LANG']->getLL('action_error-not-found', true),
75 $GLOBALS['LANG']->getLL('action_error'),
76 t3lib_FlashMessage::ERROR
77 );
78 $content .= $flashMessage->render();
79 } else {
80 // render the task
81 $content .= $this->taskObject->description($record['title'], $record['description']);
82
83 // output depends on the type
84 switch ($record['type']) {
85 case 1:
86 $content .= $this->viewNewBackendUser($record);
87 break;
88 case 2:
89 $content .= $this->viewSqlQuery($record);
90 break;
91 case 3:
92 $content .= $this->viewRecordList($record);
93 break;
94 case 4:
95 $content .= $this->viewEditRecord($record);
96 break;
97 case 5:
98 $content .= $this->viewNewRecord($record);
99 break;
100 default:
101 $flashMessage = t3lib_div::makeInstance(
102 't3lib_FlashMessage',
103 $GLOBALS['LANG']->getLL('action_noType', true),
104 $GLOBALS['LANG']->getLL('action_error'),
105 t3lib_FlashMessage::ERROR
106 );
107 $content .= '<br />' . $flashMessage->render();
108 }
109 }
110 }
111
112 return $content;
113 }
114
115 /**
116 * Gemeral overview over the task in the taskcenter menu
117 *
118 * @return string Overview as HTML
119 */
120 public function getOverview() {
121 $content = '<p>' . $GLOBALS['LANG']->getLL('description') . '</p>';
122
123 // get the actions
124 $lines = $this->getActions();
125 if (count($lines) > 0) {
126 $items = '';
127
128 // render a single action menu item
129 foreach ($lines as $line) {
130 $active = (t3lib_div::_GP('show') === $line['uid']) ? ' class="active" ' : '';
131 $items .= '<li' . $active . '>
132 <a href="' . $line['link'] . '" title="' . htmlspecialchars($line['description']) . '">' .
133 htmlspecialchars($line['title']) .
134 '</a>
135 </li>';
136 }
137 $content .= '<ul>' . $items . '</ul>';
138 }
139
140 return $content;
141 }
142
143 /**
144 * Get all actions of an user. Admins can see any action, all others only those
145 * whic are allowed in sys_action record itself.
146 *
147 * @param boolean $toOverview: If true, the link redirects to the taskcenter
148 * @return array Array holding every needed information of a sys_action
149 */
150 protected function getActions() {
151 $lines = array();
152
153 // admins can see any record
154 if ($GLOBALS['BE_USER']->isAdmin()) {
155 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
156 '*',
157 'sys_action',
158 '',
159 '',
160 'sys_action.sorting'
161 );
162 } else {
163 // editors can only see the actions which are assigned to a usergroup they belong to
164 $additionalWhere = 'be_groups.uid IN (' . ($GLOBALS['BE_USER']->groupList ? $GLOBALS['BE_USER']->groupList : 0) . ')';
165
166 $res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query(
167 'sys_action.*',
168 'sys_action',
169 'sys_action_asgr_mm',
170 'be_groups',
171 ' AND sys_action.hidden=0 AND ' . $additionalWhere,
172 'sys_action.uid',
173 'sys_action.sorting'
174 );
175 }
176
177 while($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
178 $editActionLink = '';
179
180 // admins are allowed to edit sys_action records
181 if ($GLOBALS['BE_USER']->isAdmin()) {
182 $returnUrl = rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'));
183 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl . '&edit[sys_action][' . $actionRow['uid'] . ']=edit';
184
185 $editActionLink = '<a class="edit" href="' . $link . '">' .
186 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' title="' . $GLOBALS['LANG']->getLL('edit-sys_action') . '" alt="" />' .
187 $GLOBALS['LANG']->getLL('edit-sys_action') .
188 '</a>';
189 }
190
191 $lines[] = array(
192 'uid' => $actionRow['uid'],
193 'title' => $actionRow['title'],
194 'description' => $actionRow['description'],
195 'descriptionHtml' => nl2br(htmlspecialchars($actionRow['description'])) . $editActionLink,
196 'link' => 'mod.php?M=user_task&SET[function]=sys_action.tasks&show=' . $actionRow['uid'],
197 'icon' => 'EXT:sys_action/sys_action.gif'
198 );
199 }
200 $GLOBALS['TYPO3_DB']->sql_free_result($res);
201
202 return $lines;
203 }
204
205 /**
206 * Render the menu of sys_actions
207 *
208 * @return string list of sys_actions as HTML
209 */
210 protected function renderActionList() {
211 $content = '';
212
213 // get the sys_action records
214 $lines = $this->getActions();
215
216 // if any actions are found for the current users
217 if (count($lines) > 0) {
218 $content .= $this->taskObject->renderListMenu($lines);
219 } else {
220 $flashMessage = t3lib_div::makeInstance (
221 't3lib_FlashMessage',
222 $GLOBALS['LANG']->getLL('action_not-found-description', true),
223 $GLOBALS['LANG']->getLL('action_not-found'),
224 t3lib_FlashMessage::INFO
225 );
226 $content .= $flashMessage->render();
227 }
228
229 // Admin users can create a new action
230 if ($GLOBALS['BE_USER']->isAdmin()) {
231 $returnUrl = rawurlencode('mod.php?M=user_task');
232 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[sys_action][0]=new';
233
234 $content .= '<br />
235 <a href="' . $link . '" title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '">' .
236 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/new_record.gif') . ' title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '" alt="" /> ' .
237 $GLOBALS['LANG']->getLL('new-sys_action') .
238 '</a>';
239 }
240
241 return $content;
242 }
243
244 /**
245 * Action to create a new BE user
246 *
247 * @param array $record: sys_action record
248 * @return string form to create a new user
249 */
250 protected function viewNewBackendUser($record) {
251 $content = '';
252
253 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
254 // a record is neeed which is used as copy for the new user
255 if (!is_array($beRec)) {
256 $flashMessage = t3lib_div::makeInstance(
257 't3lib_FlashMessage',
258 $GLOBALS['LANG']->getLL('action_notReady', true),
259 $GLOBALS['LANG']->getLL('action_error'),
260 t3lib_FlashMessage::ERROR
261 );
262 $content .= $flashMessage->render();
263
264 return $content;
265 }
266
267 $userRecord = array();
268 $newFlag = 0;
269 $vars = t3lib_div::_POST('data');
270 $key = 'NEW';
271
272 if ($vars['sent'] == 1) {
273 $errors = array();
274
275 // basic error checks
276 if (!empty($vars['email']) && !t3lib_div::validEmail($vars['email'])) {
277 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-email');
278 }
279 if (empty($vars['username'])) {
280 $errors[] = $GLOBALS['LANG']->getLL('error-username-empty');
281 }
282 if (empty($vars['password'])) {
283 $errors[] = $GLOBALS['LANG']->getLL('error-password-empty');
284 }
285 if ($vars['key'] !== 'NEW' && !$this->isCreatedByUser($vars['key'], $record)) {
286 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-user');
287 }
288
289 // show errors if there are any
290 if (count($errors) > 0) {
291 $flashMessage = t3lib_div::makeInstance (
292 't3lib_FlashMessage',
293 implode('<br />', $errors),
294 $GLOBALS['LANG']->getLL('action_error'),
295 t3lib_FlashMessage::ERROR
296 );
297 $content .= $flashMessage->render() . '<br />';
298 } else {
299 // save user
300 $key = $this->saveNewBackendUser($record, $vars);
301
302 // success messsage
303 $flashMessage = t3lib_div::makeInstance (
304 't3lib_FlashMessage',
305 ($vars['key'] === 'NEW' ? $GLOBALS['LANG']->getLL('success-user-created') : $GLOBALS['LANG']->getLL('success-user-updated')),
306 $GLOBALS['LANG']->getLL('success'),
307 t3lib_FlashMessage::OK
308 );
309 $content .= $flashMessage->render() . '<br />' ;
310 }
311
312 }
313
314
315 // load BE user to edit
316 if (intval(t3lib_div::_GP('be_users_uid')) > 0) {
317 $tmpUserId = intval(t3lib_div::_GP('be_users_uid'));
318
319 $rawRecord = $this->isCreatedByUser($tmpUserId, $record);
320
321 if ($rawRecord) {
322 // delete user
323 if (t3lib_div::_GP('delete') == 1) {
324 $this->deleteUser($tmpUserId, $record['uid']);
325 }
326
327 $key = $tmpUserId;
328 $vars = $rawRecord;
329 }
330
331 }
332
333 $this->JScode();
334 $loadDB = t3lib_div::makeInstance('t3lib_loadDBGroup');
335 $loadDB->start($vars['db_mountpoints'], 'pages');
336
337 $content .= '<form action="" method="post" enctype="multipart/form-data">
338 <fieldset class="fields">
339 <legend>General fields</legend>
340 <div class="row">
341 <label for="disable">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.disable') . '</label>
342 <input type="checkbox" id="disable" name="data[disable]" value="1" class="checkbox" ' . ($vars['disable'] == 1 ? ' checked="checked" ' : '') . ' />
343 </div>
344 <div class="row">
345 <label for="realname">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.name') . '</label>
346 <input type="text" id="realname" name="data[realName]" value="' . htmlspecialchars($vars['realName']) .'" />
347 </div>
348 <div class="row">
349 <label for="username">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.username') . '</label>
350 <input type="text" id="username" name="data[username]" value="' . htmlspecialchars($vars['username']) .'" />
351 </div>
352 <div class="row">
353 <label for="password">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.password') . '</label>
354 <input type="password" id="password" name="data[password]" value="" />
355 </div>
356 <div class="row">
357 <label for="email">' .$GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.email') . '</label>
358 <input type="text" id="email" name="data[email]" value="' . htmlspecialchars($vars['email']) .'" />
359 </div>
360 </fieldset>
361 <fieldset class="fields">
362 <legend>Configuration</legend>
363
364 <div class="row">
365 <label for="usergroup">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.usergroup') . '</label>
366 <select id="usergroup" name="data[usergroup][]" multiple="multiple">
367 ' . $this->getUsergroups($record, $vars) . '
368 </select>
369 </div>
370 <div class="row">
371 <label for="db_mountpoints">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.options_db_mounts') . '</label>
372 ' . $this->t3lib_TCEforms->dbFileIcons('data[db_mountpoints]', 'db', 'pages', $loadDB->itemArray, '', array('size' => 3)) . '
373 </div>
374 <div class="row">
375 <input type="hidden" name="data[key]" value="' . $key . '" />
376 <input type="hidden" name="data[sent]" value="1" />
377 <input type="submit" value="' . ($key === 'NEW' ? $GLOBALS['LANG']->getLL('action_Create') : $GLOBALS['LANG']->getLL('action_Update')) . '" />
378 </div>
379 </fieldset>
380 </form>';
381
382 $content .= $this->getCreatedUsers($record, $key);
383
384 return $content;
385 }
386
387 /**
388 * Delete a BE user and redirect to the action by its id
389 *
390 * @param int $userId: Id of the BE user
391 * @param int $actionId: Id of the action
392 * @return void
393 */
394 protected function deleteUser($userId, $actionId) {
395 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
396 'be_users',
397 'uid=' . $userId,
398 array (
399 'deleted' => 1,
400 'tstamp' => $GLOBALS['ACCESS_TIME']
401 )
402 );
403
404 // redirect to the original task
405 $redirectUrl = 'mod.php?M=user_task&show=' . $actionId;
406 t3lib_utility_Http::redirect($redirectUrl);
407 }
408
409 /**
410 * Check if a BE user is created by the current user
411 *
412 * @param int $id: Id of the BE user
413 * @param array $action: sys_action record.
414 * @return mixed the record of the BE user if found, otherwise false
415 */
416 protected function isCreatedByUser($id, $action) {
417 $record = t3lib_BEfunc::getRecord(
418 'be_users',
419 $id,
420 '*',
421 ' AND cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . intval($action['uid'])
422 );
423
424 if (is_array($record)) {
425 return $record;
426 } else {
427 return FALSE;
428 }
429 }
430
431
432 /**
433 * Render all users who are created by the current BE user including a link to edit the record
434 *
435 * @param array $action: sys_action record.
436 * @param int $selectedUser: Id of a selected user
437 * @return html list of users
438 */
439 protected function getCreatedUsers($action, $selectedUser) {
440 $content = '';
441 $lines = array();
442
443 // List of users
444 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
445 '*',
446 'be_users',
447 'cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . intval($action['uid']) . t3lib_BEfunc::deleteClause('be_users'),
448 '',
449 'username'
450 );
451
452 // render the user records
453 while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
454 $icon = t3lib_iconworks::getIconImage('be_users', $row, $GLOBALS['BACK_PATH'], 'title="uid=' . $row['uid'] . '" hspace="2" align="top"');
455 $line = $icon . $this->action_linkUserName($row['username'], $row['realName'], $action['uid'], $row['uid']);
456
457 // selected user
458 if ($row['uid'] == $selectedUser) {
459 $line = '<strong>' . $line . '</strong>';
460 }
461
462 $lines[] = $line;
463 }
464 $GLOBALS['TYPO3_DB']->sql_free_result($res);
465
466 // if any records found
467 if (count($lines)) {
468 $content .= '<br />' . $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t1_listOfUsers'), implode('<br />', $lines));
469 }
470
471 return $content;
472 }
473
474
475 /**
476 * Create a link to edit a user
477 *
478 * @param string $username: Username
479 * @param string $realName: Real name of the user
480 * @param int $sysActionUid: Id of the sys_action record
481 * @param int $userId: Id of the user
482 * @return html link
483 */
484 protected function action_linkUserName($username, $realName, $sysActionUid, $userId) {
485 if (!empty($realName)) {
486 $username .= ' (' . $realName . ')';
487 }
488
489 // link to update the user record
490 $href = 'mod.php?M=user_task&SET[function]=sys_action.tasks&show=' . intval($sysActionUid) . '&be_users_uid=' . intval($userId);
491 $link = '<a href="' . $href . '">' . htmlspecialchars($username) . '</a>';
492
493 // link to delete the user record
494 $onClick = ' onClick="return confirm('.$GLOBALS['LANG']->JScharCode($GLOBALS['LANG']->getLL("lDelete_warning")).');"';
495 $link .= '
496 <a href="' . $href . '&delete=1" ' . $onClick . '>
497 <img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/delete_record.gif') . ' alt="" />
498 </a>';
499 return $link;
500 }
501
502 /**
503 * Save/Update a BE user
504 *
505 * @param array $record: Current action record
506 * @param array $vars: POST vars
507 * @return int Id of the new/updated user
508 */
509 protected function saveNewBackendUser($record, $vars) {
510 $content = '';
511
512 // check if the db mount is a page the current user is allowed to.);
513 $vars['db_mountpoints'] = $this->fixDbMount($vars['db_mountpoints']);
514 // check if the usergroup is allowed
515 $vars['usergroup'] = $this->fixUserGroup($vars['usergroup'], $record);
516 // check if md5 is used as password encryption
517 if (strpos($GLOBALS['TCA']['be_users']['columns']['password']['config']['eval'], 'md5') !== FALSE) {
518 $vars['password'] = md5($vars['password']);
519 }
520
521 $key = $vars['key'];
522 $data = '';
523 $newUserId = 0;
524
525 if ($key === 'NEW') {
526 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
527 if (is_array($beRec)) {
528 $data = array();
529 $data['be_users'][$key] = $beRec;
530 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
531 $data['be_users'][$key]['password'] = (trim($vars['password']));
532 $data['be_users'][$key]['realName'] = $vars['realName'];
533 $data['be_users'][$key]['email'] = $vars['email'];
534 $data['be_users'][$key]['disable'] = intval($vars['disable']);
535 $data['be_users'][$key]['admin'] = 0;
536 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
537 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
538 $data['be_users'][$key]['createdByAction'] = $record['uid'];
539 }
540 } else {
541 // check ownership
542 $beRec = t3lib_BEfunc::getRecord('be_users', intval($key));
543 if (is_array($beRec) && $beRec['cruser_id'] == $GLOBALS['BE_USER']->user['uid']) {
544 $data=array();
545 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
546 if (trim($vars['password'])) {
547 $data['be_users'][$key]['password'] = (trim($vars['password']));
548 }
549
550 $data['be_users'][$key]['realName'] = $vars['realName'];
551 $data['be_users'][$key]['email'] = $vars['email'];
552 $data['be_users'][$key]['disable'] = intval($vars['disable']);
553 $data['be_users'][$key]['admin'] = 0;
554 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
555 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
556 $newUserId = $key;
557 }
558 }
559
560 // save/update user by using TCEmain
561 if (is_array($data)) {
562 $tce = t3lib_div::makeInstance("t3lib_TCEmain");
563 $tce->stripslashes_values = 0;
564 $tce->start($data, array(), $GLOBALS['BE_USER']);
565 $tce->admin = 1;
566 $tce->process_datamap();
567 $newUserId = intval($tce->substNEWwithIDs['NEW']);
568
569 if ($newUserId) {
570 // Create
571 $this->action_createDir($newUserId);
572 } else {
573 // update
574 $newUserId = intval($key);
575 }
576 unset($tce);
577 }
578 return $newUserId;
579 }
580
581 /**
582 * Create the username based on the given username and the prefix
583 *
584 * @param string $username: username
585 * @param string $prefix: prefix
586 * @return string Combined username
587 */
588 private function fixUsername($username, $prefix) {
589 return trim($prefix) . trim($username);
590 }
591
592 /**
593 * Clean the to be applied usergroups from not allowed ones
594 *
595 * @param array $appliedUsergroups: array of to be applied user groups
596 * @return array Cleaned array
597 */
598 protected function fixUserGroup($appliedUsergroups, $actionRecord) {
599 if (is_array($appliedUsergroups)) {
600 $cleanGroupList = array();
601
602 // create an array from the allowed usergroups using the uid as key
603 $allowedUsergroups = array_flip(explode(',', $actionRecord['t1_allowed_groups']));
604
605 // walk through the array and check every uid if it is undder the allowed ines
606 foreach ($appliedUsergroups as $group) {
607 if (isset($allowedUsergroups[$group])) {
608 $cleanGroupList[] = $group;
609 }
610 }
611 $appliedUsergroups = $cleanGroupList;
612 }
613
614 return $appliedUsergroups;
615 }
616
617 /**
618 * Clean the to be applied DB-Mounts from not allowed ones
619 *
620 * @param string $appliedDbMounts: List of pages like pages_123,pages456
621 * @return string Cleaned list
622 */
623 protected function fixDbMount($appliedDbMounts) {
624 // Admins can see any page, no need to check there
625 if (!empty($appliedDbMounts) && !$GLOBALS['BE_USER']->isAdmin()) {
626 $cleanDbMountList = array();
627 $dbMounts = t3lib_div::trimExplode(',', $appliedDbMounts, 1);
628
629 // walk through every wanted DB-Mount and check if it allowed for the current user
630 foreach ($dbMounts as $dbMount) {
631 $uid = intval(substr($dbMount, (strrpos($dbMount, '_') + 1)));
632 $page = t3lib_BEfunc::getRecord('pages', $uid);
633
634 // check rootline and access rights
635 if ($this->checkRootline($uid) && $GLOBALS['BE_USER']->calcPerms($page)) {
636 $cleanDbMountList[] = 'pages' . $uid;
637 }
638 }
639 // build the clean list
640 $appliedDbMounts = implode(',', $cleanDbMountList);
641 }
642
643 return $appliedDbMounts;
644 }
645
646 /**
647 * Check if a page is inside the rootline the current user can see
648 *
649 * @param int $pageId: Id of the the page to be checked
650 * @return boolean Access to the page
651 */
652 protected function checkRootline($pageId) {
653 $access = FALSE;
654
655 $dbMounts = array_flip(explode(',', trim($GLOBALS['BE_USER']->dataLists['webmount_list'], ',')));
656 $rootline = t3lib_BEfunc::BEgetRootLine($pageId);
657 foreach ($rootline as $page) {
658 if (isset($dbMounts[$page['uid']]) && !$access) {
659 $access = TRUE;
660 }
661 }
662 return $access;
663 }
664
665 /**
666 * Add additional JavaScript to use the tceform select box
667 *
668 * @param int $uid: Id of the user record
669 * @return void
670 */
671 protected function JScode() {
672 $this->t3lib_TCEforms = t3lib_div::makeInstance("t3lib_TCEforms");
673 $this->t3lib_TCEforms->backPath = $GLOBALS['BACK_PATH'];
674 $js = $this->t3lib_TCEforms->dbFileCon();
675 $this->taskObject->doc->JScodeArray[] = $js;
676
677 return $js;
678 }
679
680 /**
681 * Create a user directory if defined
682 *
683 * @param int $uid: Id of the user record
684 * @return void
685 */
686 protected function action_createDir($uid) {
687 $path = $this->action_getUserMainDir();
688 if ($path) {
689 t3lib_div::mkdir($path . $uid);
690 t3lib_div::mkdir($path . $uid . '/_temp_/');
691 }
692 }
693
694 /**
695 * Get the path to the user home directory which is set in the localconf.php
696 *
697 * @return string path
698 */
699 protected function action_getUserMainDir() {
700 $path = $GLOBALS['TYPO3_CONF_VARS']['BE']['userHomePath'];
701
702 // if path is set and a valid directory
703 if ($path && @is_dir($path) &&
704 $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath'] &&
705 t3lib_div::isFirstPartOfStr($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath']) &&
706 substr($path,-1) == '/'
707 ) {
708 return $path;
709 }
710 }
711
712 protected function getUsergroups($record, $vars) {
713 $content = '';
714 // do nothing if no groups are allowed
715 if (empty($record['t1_allowed_groups'])) {
716 return $content;
717 }
718
719 $content .= '<option value=""></option>';
720 $grList = t3lib_div::trimExplode(',', $record['t1_allowed_groups'], 1);
721 foreach($grList as $group) {
722 $checkGroup = t3lib_BEfunc::getRecord('be_groups', $group);
723 if (is_array($checkGroup)) {
724 $selected = (is_array($vars['usergroup']) && t3lib_div::inList(implode(',', $vars['usergroup']), $checkGroup['uid'])) ? ' selected="selected" ' : '';
725 $content .= '<option ' . $selected . 'value="' . $checkGroup['uid'] . '">' . htmlspecialchars($checkGroup['title']) . '</option>';
726 }
727 }
728
729 return $content;
730 }
731
732
733 /**
734 * Action to create a new record
735 *
736 * @param array $record: sys_action record
737 * @return redirect to form to create a record
738 */
739 protected function viewNewRecord($record) {
740 $returnUrl = rawurlencode('mod.php?M=user_task');
741 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[' . $record['t3_tables'] . '][' . intval($record['t3_listPid']) . ']=new';
742 t3lib_utility_Http::redirect($link);
743 }
744
745 /**
746 * Action to edit records
747 *
748 * @param array $record: sys_action record
749 * @return string list of records
750 */
751 protected function viewEditRecord($record) {
752 $content = '';
753 $lines = array();
754
755 $dbAnalysis = t3lib_div::makeInstance('t3lib_loadDBGroup');
756 $dbAnalysis->fromTC = 0;
757 $dbAnalysis->start($record['t4_recordsToEdit'], '*');
758 $dbAnalysis->getFromDB();
759
760 // collect the records
761 foreach ($dbAnalysis->itemArray as $el) {
762 $path = t3lib_BEfunc::getRecordPath ($el['id'], $this->taskObject->perms_clause, $GLOBALS['BE_USER']->uc['titleLen']);
763 $record = t3lib_BEfunc::getRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
764 $title = t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
765 $description = $GLOBALS['LANG']->sL($GLOBALS['TCA'][$el['table']]['ctrl']['title'], 1);
766 if (isset($record['crdate'])) { // @todo: which information could be needfull
767 $description .= ' - ' . t3lib_BEfunc::dateTimeAge($record['crdate']);
768 }
769
770 $lines[$el['id']] = array(
771 'title' => $title,
772 'description' => t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]),
773 'descriptionHtml' => $description,
774 'link' => $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv("REQUEST_URI")) . '&edit[' . $el['table'] . '][' . $el['id'] . ']=edit',
775 'icon' => t3lib_iconworks::getIconImage($el['table'], $dbAnalysis->results[$el['table']][$el['id']], $GLOBALS['BACK_PATH'], 'hspace="2" align="top" title="' . htmlspecialchars($path) . '"')
776 );
777 }
778
779 // render the record list
780 $content .= $this->taskObject->renderListMenu($lines);
781
782 return $content;
783 }
784
785 /**
786 * Action to view the result of a SQL query
787 *
788 * @param array $record: sys_action record
789 * @return string result of the query
790 */
791 protected function viewSqlQuery($record) {
792 $content = '';
793
794 if (t3lib_extMgm::isLoaded('lowlevel')) {
795 $sql_query = unserialize($record['t2_data']);
796
797 if (is_array($sql_query) && strtoupper(substr(trim($sql_query['qSelect']), 0, 6)) == 'SELECT') {
798 $actionContent = '';
799
800 $fullsearch = t3lib_div::makeInstance("t3lib_fullsearch");
801 $fullsearch->formW = 40;
802 $fullsearch->noDownloadB = 1;
803
804
805 $type = $sql_query['qC']['search_query_makeQuery'];
806 $res = $GLOBALS['TYPO3_DB']->sql_query($sql_query['qSelect']);
807
808 if (!$GLOBALS['TYPO3_DB']->sql_error()) {
809 $fullsearch->formW = 48;
810 // additional configuration
811 $GLOBALS['SOBE']->MOD_SETTINGS['search_result_labels'] = 1;
812 $cP = $fullsearch->getQueryResultCode($type, $res, $sql_query['qC']['queryTable']);
813 $actionContent = $cP['content'];
814
815 // if the result is rendered as csv or xml, show a download link
816 if ($type == 'csv' || $type == 'xml' ) {
817 $actionContent .= '<br /><br /><a href="' . t3lib_div::getIndpEnv('REQUEST_URI') . '&download_file=1"><strong>' . $GLOBALS['LANG']->getLL('action_download_file') . '</strong></a>';
818 }
819 } else {
820 $actionContent .= $GLOBALS['TYPO3_DB']->sql_error();
821 }
822
823 // Admin users are allowed to see and edit the query
824 if ($GLOBALS['BE_USER']->isAdmin()) {
825 $actionContent .= '<hr /> ' . $fullsearch->tableWrap($sql_query['qSelect']);
826 $actionContent .= '<br /><a title="' . $GLOBALS['LANG']->getLL('action_editQuery') . '" href="'.$GLOBALS['BACK_PATH'] . t3lib_extMgm::extRelPath('lowlevel') . 'dbint/index.php?id='.
827 '&SET[function]=search' .
828 '&SET[search]=query' .
829 '&storeControl[STORE]=-' . $record['uid'] .
830 '&storeControl[LOAD]=1' .
831 '">
832 <img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' alt="" />' .
833 $GLOBALS['LANG']->getLL('action_editQuery') . '</a><br /><br />';
834 }
835
836 $content .= $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t2_result'), $actionContent, 0, 1);
837 } else {
838 // query is not configured
839 $flashMessage = t3lib_div::makeInstance (
840 't3lib_FlashMessage',
841 $GLOBALS['LANG']->getLL('action_notReady', true),
842 $GLOBALS['LANG']->getLL('action_error'),
843 t3lib_FlashMessage::ERROR
844 );
845 $content .= '<br />' . $flashMessage->render();
846 }
847 } else {
848 // required sysext lowlevel is not installed
849 $flashMessage = t3lib_div::makeInstance (
850 't3lib_FlashMessage',
851 $GLOBALS['LANG']->getLL('action_lowlevelMissing', true),
852 $GLOBALS['LANG']->getLL('action_error'),
853 t3lib_FlashMessage::ERROR
854 );
855 $content .= '<br />' . $flashMessage->render();
856 }
857 return $content;
858 }
859
860 /**
861 * Action to create a list of records of a specific table and pid
862 *
863 * @param array $record: sys_action record
864 * @return string list of records
865 */
866 protected function viewRecordList($record) {
867 $content = '';
868
869 $this->id = intval($record['t3_listPid']);
870 $this->table = $record['t3_tables'];
871
872 if ($this->id == 0 || $this->table == '') {
873 $flashMessage = t3lib_div::makeInstance(
874 't3lib_FlashMessage',
875 $GLOBALS['LANG']->getLL('action_lowlevelMissing', true),
876 $GLOBALS['LANG']->getLL('action_error'),
877 t3lib_FlashMessage::ERROR
878 );
879 $content .= '<br />' . $flashMessage->render();
880
881 return $content;
882 }
883
884 require_once($GLOBALS['BACK_PATH'] . 'class.db_list.inc');
885 require_once($GLOBALS['BACK_PATH'] . 'class.db_list_extra.inc');
886
887
888 // Start document template object:
889 // $this->doc = t3lib_div::makeInstance('template');
890
891 // Loading current page record and checking access:
892 $this->pageinfo = t3lib_BEfunc::readPageAccess($this->id,$this->taskObject->perms_clause);
893 $access = is_array($this->pageinfo) ? 1 : 0;
894
895
896 // If there is access to the page, then render the list contents and set up the document template object:
897 if ($access) {
898 // Initialize the dblist object:
899 $dblist = t3lib_div::makeInstance('localRecordList');
900 $dblist->script = t3lib_div::getIndpEnv('REQUEST_URI');
901 $dblist->backPath = $GLOBALS['BACK_PATH'];
902 $dblist->calcPerms = $GLOBALS['BE_USER']->calcPerms($this->pageinfo);
903 $dblist->thumbs = $GLOBALS['BE_USER']->uc['thumbnailsByDefault'];
904 $dblist->returnUrl=$this->taskObject->returnUrl;
905 $dblist->allFields = 1;
906 $dblist->localizationView = 1;
907 $dblist->showClipboard = 0;
908 $dblist->disableSingleTableView = 1;
909 $dblist->pageRow = $this->pageinfo;
910 $dblist->counter++;
911 $dblist->MOD_MENU = array('bigControlPanel' => '', 'clipBoard' => '', 'localization' => '');
912 $dblist->modTSconfig = $this->taskObject->modTSconfig;
913 $dblist->dontShowClipControlPanels = $CLIENT['FORMSTYLE'] && !$this->taskObject->MOD_SETTINGS['bigControlPanel'] && $dblist->clipObj->current=='normal' && !$GLOBALS['BE_USER']->uc['disableCMlayers'] && !$this->modTSconfig['properties']['showClipControlPanelsDespiteOfCMlayers'];
914
915 // Initialize the listing object, dblist, for rendering the list:
916 $this->pointer = t3lib_div::intInRange($this->taskObject->pointer,0,100000);
917 $dblist->start($this->id,$this->table,$this->pointer,$this->taskObject->search_field,$this->taskObject->search_levels,$this->taskObject->showLimit);
918 $dblist->setDispFields();
919
920 // Render the list of tables:
921 $dblist->generateList();
922
923 // Add JavaScript functions to the page:
924 $this->taskObject->doc->JScode=$this->taskObject->doc->wrapScriptTags('
925
926 function jumpToUrl(URL) {
927 window.location.href = URL;
928 return false;
929 }
930 function jumpExt(URL,anchor) {
931 var anc = anchor?anchor:"";
932 window.location.href = URL+(T3_THIS_LOCATION?"&returnUrl="+T3_THIS_LOCATION:"")+anc;
933 return false;
934 }
935 function jumpSelf(URL) {
936 window.location.href = URL+(T3_RETURN_URL?"&returnUrl="+T3_RETURN_URL:"");
937 return false;
938 }
939
940 function setHighlight(id) {
941 top.fsMod.recentIds["web"]=id;
942 top.fsMod.navFrameHighlightedID["web"]="pages"+id+"_"+top.fsMod.currentBank; // For highlighting
943
944 if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) {
945 top.content.nav_frame.refresh_nav();
946 }
947 }
948
949 ' . $dblist->CBfunctions() . '
950 function editRecords(table,idList,addParams,CBflag) {
951 window.location.href="' . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) .
952 '&edit["+table+"]["+idList+"]=edit"+addParams;
953 }
954 function editList(table,idList) {
955 var list="";
956
957 // Checking how many is checked, how many is not
958 var pointer=0;
959 var pos = idList.indexOf(",");
960 while (pos!=-1) {
961 if (cbValue(table+"|"+idList.substr(pointer,pos-pointer))) {
962 list+=idList.substr(pointer,pos-pointer)+",";
963 }
964 pointer=pos+1;
965 pos = idList.indexOf(",",pointer);
966 }
967 if (cbValue(table+"|"+idList.substr(pointer))) {
968 list+=idList.substr(pointer)+",";
969 }
970
971 return list ? list : idList;
972 }
973 T3_THIS_LOCATION = "' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) . '";
974
975 if (top.fsMod) top.fsMod.recentIds["web"] = ' . intval($this->id) . ';
976 ');
977
978 // Setting up the context sensitive menu:
979 $this->taskObject->doc->getContextMenuCode();
980
981
982 // Begin to compile the whole page
983 $content .= '<form action="'.htmlspecialchars($dblist->listURL()).'" method="post" name="dblistForm">' .
984 $dblist->HTMLcode .
985 '<input type="hidden" name="cmd_table" /><input type="hidden" name="cmd" />
986 </form>';
987
988 // If a listing was produced, create the page footer with search form etc:
989 if ($dblist->HTMLcode) {
990
991 // Making field select box (when extended view for a single table is enabled):
992 if ($dblist->table) {
993 $tmpBackpath = $GLOBALS['BACK_PATH'];
994 $GLOBALS['BACK_PATH'] = '';
995 $content .= $dblist->fieldSelectBox($dblist->table);
996 $GLOBALS['BACK_PATH'] = $tmpBackpath;
997 }
998 }
999 } else {
1000 // not enough rights to access the list view or the page
1001 $flashMessage = t3lib_div::makeInstance(
1002 't3lib_FlashMessage',
1003 $GLOBALS['LANG']->getLL('action_error-access', true),
1004 $GLOBALS['LANG']->getLL('action_error'),
1005 t3lib_FlashMessage::ERROR
1006 );
1007 $content .= $flashMessage->render();
1008 }
1009
1010 return $content;
1011 }
1012
1013 }
1014
1015
1016 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']) {
1017 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']);
1018 }
1019
1020 ?>