Fixed bug #12838: Deactivated fields of $TYPO3_USER_SETTINGS are changed by the modul...
[Packages/TYPO3.CMS.git] / typo3 / sysext / sys_action / class.tx_sysaction.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
29 */
30
31 class tx_sysaction extends mod_user_task {
32 var $todoTypesCache = array();
33 var $insCounter=0;
34 var $xCol;
35
36 /**
37 * TCEforms instance
38 *
39 * @var t3lib_TCEforms
40 */
41 var $t3lib_TCEforms;
42
43 function overview_main() {
44 $mC = $this->renderActionList();
45 if ($mC) {
46 $icon = '<img src="'.$this->backPath.t3lib_extMgm::extRelPath("sys_action").'ext_icon.gif" width=18 height=16 class="absmiddle">';
47 return $this->mkMenuConfig($icon.$this->headLink("tx_sysaction",1),'',$mC);
48 }
49 }
50 function main() {
51 global $SOBE,$BE_USER,$LANG,$BACK_PATH,$TCA_DESCR,$TCA,$CLIENT,$TYPO3_CONF_VARS;
52
53 return $this->renderActions();
54 }
55 function JScode() {
56 $this->t3lib_TCEforms = t3lib_div::makeInstance("t3lib_TCEforms");
57 $this->t3lib_TCEforms->backPath = $GLOBALS["BACK_PATH"];
58 return $this->t3lib_TCEforms->dbFileCon();
59 }
60
61 // ************************
62 // ACTIONS
63 // ***********************
64 function renderActions() {
65 global $LANG;
66 $uid = t3lib_div::intInRange(t3lib_div::_GP("sys_action_uid"),0);
67 $out="";
68 $header="";
69 if ($uid) {
70 $res = $this->getActionResPointer($uid);
71 if($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
72
73 // Action header:
74 $header = t3lib_iconworks::getIconImage("sys_action",$actionRow,$this->backPath,'hspace="2" class="absmiddle"').'<b>'.htmlspecialchars($actionRow["title"]).'</b>';
75 $out.='<table border=0 cellpadding=0 cellspacing=1 width=100%>
76 <tr><td colspan=2 class="bgColor5">' . $header . '</td></tr>
77 <tr>
78 <td width=1% valign=top class="bgColor4">' . $LANG->sL(t3lib_BEfunc::getItemLabel('sys_action', 'type')). '&nbsp;' . '</td>
79 <td valign=top class="bgColor4">' . htmlspecialchars(t3lib_BEfunc::getProcessedValue('sys_action', 'type', $actionRow['type'])) . '</td>
80 </tr>
81 <tr>
82 <td width=1% valign=top class="bgColor4">' . $LANG->sL(t3lib_BEfunc::getItemLabel('sys_action', 'description')) . '&nbsp;' . '</td>
83 <td valign=top class="bgColor4">' . nl2br(htmlspecialchars($actionRow['description'])) . '</td>
84 </tr>';
85 $out.='</table>';
86 $theCode = $this->pObj->doc->section("",$out,0,1);
87
88
89
90 // Types of actions:
91 switch($actionRow["type"]) {
92 case 1: // new BE user
93 $actionContent="";
94 $beRec = t3lib_BEfunc::getRecord("be_users",intval($actionRow["t1_copy_of_user"]));
95 if (is_array($beRec)) {
96 // Create or update:
97 $inData = t3lib_div::_GP("data");
98 // debug($inData);
99 $userRecord="";
100 $newFlag=0;
101 if (is_array($inData["be_users"])) {
102 $nId = $this->action_t1_createUpdateBeUser($inData["be_users"],$actionRow);
103 $userRecord=t3lib_BEfunc::getRecord("be_users",$nId);
104 }
105 if (t3lib_div::_GP("be_users_uid")) {
106 $userRecord = t3lib_BEfunc::getRecord('be_users', t3lib_div::_GP('be_users_uid'), '*', ' AND cruser_id='.intval($this->BE_USER->user['uid']).' AND createdByAction='.intval($actionRow['uid']));
107 }
108 if (!is_array($userRecord)) {
109 $userRecord=array();
110 if (is_array($inData["be_users"]["NEW"])) { $userRecord=$inData["be_users"]["NEW"]; }
111 $userRecord["uid"]="NEW";
112 $newFlag=1;
113 }
114
115 // List of users...
116 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'be_users', 'pid=0 AND cruser_id='.intval($this->BE_USER->user['uid']).' AND createdByAction='.intval($actionRow['uid']).t3lib_BEfunc::deleteClause('be_users'), '', 'username');
117 $lines = array();
118 while($uRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
119 $lines[] = "<nobr>".($uRow["uid"]==$userRecord["uid"]?"<b>":"").$this->action_linkUserName(t3lib_iconworks::getIconImage("be_users",$uRow,$this->backPath,'title="uid='.$uRow["uid"].'" hspace="2" align="top"').$uRow["username"]." (".$uRow["realName"].")".($uRow["uid"]==$userRecord["uid"]?"</b>":"")."</nobr>",$actionRow["uid"],$uRow["uid"])."<br>";
120 }
121 if (count($lines)) {
122 $theCode.= $this->pObj->doc->section($LANG->getLL("action_t1_listOfUsers"),implode("",$lines),0,1);
123 }
124
125 $formA=Array();
126 $opt=array();
127
128 $grList = t3lib_div::trimExplode(",",$actionRow["t1_allowed_groups"],1);
129 reset($grList);
130 $opt[]='<option value=""></option>';
131 while(list(,$gu)=each($grList)) {
132 $checkGr = t3lib_BEfunc::getRecord("be_groups",$gu);
133 if (is_array($checkGr)) $opt[]='<option value="'.$checkGr["uid"].'"'.(t3lib_div::inList($userRecord["usergroup"],$checkGr["uid"])?" selected":"").'>'.htmlspecialchars($checkGr["title"]).'</option>';
134 }
135
136 $formA[]=array($LANG->getLL("action_BEu_hidden").":&nbsp;", '<input type="checkbox" name="data[be_users]['.$userRecord["uid"].'][disable]" value=1'.($userRecord["disable"]?" checked":"").'>');
137 $formA[]=array($LANG->getLL("action_BEu_username").":&nbsp;", '<input type="text" name="data[be_users]['.$userRecord["uid"].'][username]" max=15 value="'.htmlspecialchars($userRecord["username"]).'"'.$this->pObj->doc->formWidth(15).'>');
138 $formA[]=array($LANG->getLL("action_BEu_password").":&nbsp;", '<input type="password" name="data[be_users]['.$userRecord["uid"].'][password]" max=40'.$this->pObj->doc->formWidth(15).'>');
139 $formA[]=array($LANG->getLL("action_BEu_realName").":&nbsp;", '<input type="text" name="data[be_users]['.$userRecord["uid"].'][realName]" value="'.htmlspecialchars($userRecord["realName"]).'"'.$this->pObj->doc->formWidth(30).'>');
140 $formA[]=array($LANG->getLL("action_BEu_email").":&nbsp;", '<input type="text" name="data[be_users]['.$userRecord["uid"].'][email]" value="'.htmlspecialchars($userRecord["email"]).'"'.$this->pObj->doc->formWidth(30).'>');
141 if (count($grList)) {
142 $formA[]=array($LANG->getLL("action_BEu_usergroups").":&nbsp;", '<select size='.t3lib_div::intInRange(count($opt),2).' multiple name="data[be_users]['.$userRecord["uid"].'][usergroups][]">'.implode("",$opt).'</select>');
143 }
144 // DB mounts:
145 $loadDB = t3lib_div::makeInstance("t3lib_loadDBGroup");
146 $loadDB->start($userRecord["db_mountpoints"],"pages");
147 $params=array(
148 "size" => 3
149 );
150 $formA[]=array($LANG->getLL("action_BEu_db_mount").":&nbsp;", $this->t3lib_TCEforms->dbFileIcons('data[be_users]['.$userRecord["uid"].'][db_mountpoints]','db','pages',$loadDB->itemArray,"",$params));
151
152 $formA[]=array("&nbsp;","&nbsp;");
153 $formA[]=array("&nbsp;", '<input type=hidden value="'.$uid.'" name="sys_action_uid"><input type=hidden value="'.t3lib_div::_GP("be_users_uid").'" name="be_users_uid"><input type=hidden value="'.$uid.'" name="sys_action_uid"><input type="submit" name="submit" value="'.$LANG->getLL($newFlag?"lCreate":"lUpdate").'">'.(!$newFlag?' <input type="submit" name="_delete_" value="'.$LANG->getLL("lDelete").'" onClick="return confirm('.$GLOBALS['LANG']->JScharCode($LANG->getLL("lDelete_warning")).');">':''));
154
155 if (!$newFlag) {
156 $p = 'uid='.$userRecord["uid"].", ".$LANG->getLL("lHomedir").": ";
157 $hPath=$this->action_getUserMainDir();
158 if ($hPath && @is_dir($hPath.$userRecord["uid"]."/")) {
159 $p.= $hPath;
160 } else {
161 $p.= $LANG->getLL("lNone");
162 }
163 $actionContent.=t3lib_iconworks::getIconImage("be_users",$userRecord,$this->backPath,'title="'.htmlspecialchars($p).'" hspace=2 align=top').$userRecord["username"]." (".$userRecord["realName"].")";
164 }
165 $actionContent.=$this->pObj->doc->table($formA);
166 $theCode.= $this->pObj->doc->section($LANG->getLL($newFlag?"action_Create":"action_Update"),$actionContent,0,1);
167 } else {
168 $theCode.= $this->pObj->doc->section($LANG->getLL("action_error"),'<span class="typo3-red">'.$LANG->getLL("action_notReady").'</span>',0,1);
169 }
170 break;
171 case 2: //SQL query
172 if (t3lib_extMgm::isLoaded("lowlevel")) {
173 $sql_query = unserialize($actionRow["t2_data"]);
174 if (is_array($sql_query) && strtoupper(substr(trim($sql_query["qSelect"]),0,6))=="SELECT") {
175 $fullsearch = t3lib_div::makeInstance("t3lib_fullsearch");
176 $fullsearch->formW = 40;
177 $fullsearch->noDownloadB=1;
178 $actionContent="";
179 // debug($sql_query);
180 $type = $sql_query["qC"]["search_query_makeQuery"];
181 $res = $GLOBALS['TYPO3_DB']->sql_query($sql_query["qSelect"]);
182 if (!$GLOBALS['TYPO3_DB']->sql_error()) {
183 $fullsearch->formW=48;
184 $cP=$fullsearch->getQueryResultCode($type,$res,$sql_query["qC"]["queryTable"]);
185 $actionContent=$cP["content"];
186 if ($type=="csv" || $type=="xml") {
187 $actionContent.='<BR><BR><a href="'.t3lib_div::getIndpEnv("REQUEST_URI").'&download_file=1"><strong>'.$LANG->getLL("action_download_file").'</strong></a>';
188 }
189 } else {
190 $actionContent.=$GLOBALS['TYPO3_DB']->sql_error();
191 }
192 if ($this->BE_USER->isAdmin()) {
193 $actionContent.="<HR>".$fullsearch->tableWrap($sql_query["qSelect"]);
194 $actionContent.='<BR><strong><a href="'.$this->backPath.t3lib_extMgm::extRelPath("lowlevel").'dbint/index.php?id='.
195 '&SET[function]=search'.
196 '&SET[search]=query'.
197 '&storeControl[STORE]=-'.$actionRow["uid"].
198 '&storeControl[LOAD]=1'.
199 '">' . $GLOBALS['LANG']->getLL('action_editQuery') . '</a></strong>';
200 }
201 $theCode.= $this->pObj->doc->section($LANG->getLL("action_t2_result"),$actionContent,0,1);
202 } else {
203 $theCode.= $this->pObj->doc->section($LANG->getLL("action_error"),'<span class="typo3-red">'.$LANG->getLL("action_notReady").'</span>',0,1);
204 }
205 } else {
206 $theCode.= $this->pObj->doc->section(
207 $GLOBALS['LANG']->getLL('action_error'),
208 '<span class="typo3-red">' . $GLOBALS['LANG']->getLL('action_lowlevelMissing', true) . '</span>',
209 0, 1
210 );
211 }
212 break;
213 case 3: //list records
214 return htmlspecialchars($this->headLInk('tx_taskcenterrootlist', 1)). '<br />'. $this->urlInIframe($this->backPath."db_list.php?id=".intval($actionRow["t3_listPid"])."&table=".$actionRow["t3_tables"],1);
215 break;
216 case 4: //edit records
217 $dbAnalysis = t3lib_div::makeInstance("t3lib_loadDBGroup");
218 $dbAnalysis->fromTC=0;
219 $dbAnalysis->start($actionRow["t4_recordsToEdit"],"*");
220 $dbAnalysis->getFromDB();
221
222 $lines=array();
223 reset($dbAnalysis->itemArray);
224 while(list(,$el)=each($dbAnalysis->itemArray)) {
225 $path = t3lib_BEfunc::getRecordPath ($el["id"],$this->perms_clause,$this->BE_USER->uc["titleLen"]);
226 $lines[]='<tr>
227 <td nowrap class="bgColor4">'.
228 '<a href="'.$this->backPath.'alt_doc.php?returnUrl='.rawurlencode(t3lib_div::getIndpEnv("REQUEST_URI")).'&edit['.$el["table"].']['.$el["id"].']=edit">'.
229 t3lib_iconworks::getIconImage($el["table"],$dbAnalysis->results[$el["table"]][$el["id"]],$this->backPath,'hspace="2" align="top" title="'.htmlspecialchars($path).'"').
230 t3lib_BEfunc::getRecordTitle($el["table"],$dbAnalysis->results[$el["table"]][$el["id"]],TRUE).'</a></td>
231 </tr>';
232 }
233 $actionContent = '<table border=0 cellpadding=0 cellspacing=2>'.implode("",$lines).'</table>';
234 $theCode.= $this->pObj->doc->section($LANG->getLL("action_t4_edit"),$actionContent,0,1);
235 break;
236 case 5: //new record
237 return htmlspecialchars($this->headLInk('tx_taskcenterrootlist', 1)). '<br />'. $this->urlInIframe($this->backPath.'alt_doc.php?returnUrl='.rawurlencode('db_list.php?id='.intval($actionRow['t3_listPid']).'&table='.$actionRow['t3_tables']).'&edit['.$actionRow['t3_tables'].']['.intval($actionRow['t3_listPid']).']=new',1);
238 break;
239 default:
240 $theCode.= $this->pObj->doc->section($LANG->getLL("action_error"),'<span class="typo3-red">'.$LANG->getLL("action_noType").'</span>',0,1);
241 break;
242 }
243
244 }
245 }
246 return $theCode;
247 }
248 function getActionResPointer($uid=0) {
249 if ($this->BE_USER->isAdmin()) {
250 $wQ='';
251 if (intval($uid)>0) $wQ.=' AND sys_action.uid='.intval($uid);
252
253 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'sys_action', 'sys_action.pid=0'.$wQ, '', 'sys_action.sorting');
254 } else {
255 $wQ = 'be_groups.uid IN ('.($this->BE_USER->groupList?$this->BE_USER->groupList:0).')';
256 $hQ = 'AND sys_action.hidden=0 ';
257 if (intval($uid)>0) $wQ.=' AND sys_action.uid='.intval($uid);
258
259 $res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query(
260 'sys_action.*',
261 'sys_action',
262 'sys_action_asgr_mm',
263 'be_groups',
264 ' AND '.$wQ.' AND sys_action.pid=0 '.$hQ,
265 'sys_action.uid',
266 'sys_action.sorting'
267 );
268 }
269
270 return $res;
271 }
272 function renderActionList() {
273 global $LANG;
274
275 $res = $this->getActionResPointer();
276 $lines=array();
277 while($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
278 $lines[]='<nobr>'.t3lib_iconworks::getIconImage("sys_action",$actionRow,$this->backPath,'hspace="2" align="top"').$this->action_link($this->fixed_lgd(htmlspecialchars($actionRow['title'])),$actionRow['uid'],htmlspecialchars($actionRow['description'])).'</nobr><br />';
279 }
280 $out = implode("",$lines);
281 return $out;
282 }
283 function action_link($str,$id,$title="") {
284 $str='<a href="index.php?SET[function]=tx_sysaction&sys_action_uid='.$id.'" onClick="this.blur();" title="'.htmlspecialchars($title).'">'.$str.'</a>';
285 return $str;
286 }
287 function action_linkUserName($str,$id,$bid) {
288 $str='<a href="index.php?sys_action_uid='.$id.'&be_users_uid='.$bid.'" onClick="this.blur();">'.$str.'</a>';
289 return $str;
290 }
291 function action_t1_createUpdateBeUser($arr,$actionRow=array()) {
292 reset($arr);
293 $key = key($arr);
294 $data="";
295 $nId=0;
296 $BEuid = $actionRow["t1_copy_of_user"];
297 if ($key=="NEW") {
298 $beRec = t3lib_BEfunc::getRecord("be_users",intval($BEuid));
299 if (is_array($beRec) && trim($arr[$key]["password"]) && $this->fixUsername($arr[$key]["username"],$actionRow["t1_userprefix"])) {
300 // debug($arr[$key]);
301 $data=array();
302 $data["be_users"][$key]=$beRec;
303 $data["be_users"][$key]["username"]=$this->fixUsername($arr[$key]["username"],$actionRow["t1_userprefix"]);
304 $data["be_users"][$key]["password"]=md5(trim($arr[$key]["password"]));
305 $data["be_users"][$key]["realName"]=$arr[$key]["realName"];
306 $data["be_users"][$key]["email"]=$arr[$key]["email"];
307 $data["be_users"][$key]["disable"]=intval($arr[$key]["disable"]);
308 $data["be_users"][$key]["admin"]=0;
309 $data["be_users"][$key]["usergroup"] = $this->fixUserGroup($data["be_users"][$key]["usergroup"],$actionRow["t1_allowed_groups"],$arr[$key]["usergroups"]);
310 $data["be_users"][$key]["db_mountpoints"]=$arr[$key]["db_mountpoints"];
311 $data["be_users"][$key]["createdByAction"]=$actionRow["uid"];
312 }
313 } else {
314 $beRec = t3lib_BEfunc::getRecord("be_users",intval($key));
315 if (is_array($beRec) && $beRec["cruser_id"]==$this->BE_USER->user["uid"]) {
316 if (t3lib_div::_GP("_delete_")) {
317 // delete... ?
318 $cmd=array();
319 $cmd["be_users"][$key]["delete"]=1;
320
321 $tce = t3lib_div::makeInstance("t3lib_TCEmain");
322 $tce->stripslashes_values=0;
323 $tce->start(Array(),$cmd,$this->BE_USER);
324 $tce->admin=1;
325 $tce->process_cmdmap();
326 // debug($cmd);
327 $nId = 0;
328 } elseif ($this->fixUsername($arr[$key]["username"],$actionRow["t1_userprefix"])) {
329 // check ownership...
330 $data=array();
331 $data["be_users"][$key]["username"]=$this->fixUsername($arr[$key]["username"],$actionRow["t1_userprefix"]);
332 if (trim($arr[$key]["password"])) {$data["be_users"][$key]["password"]=md5(trim($arr[$key]["password"]));}
333
334 $data["be_users"][$key]["realName"]=$arr[$key]["realName"];
335 $data["be_users"][$key]["email"]=$arr[$key]["email"];
336 $data["be_users"][$key]["disable"]=intval($arr[$key]["disable"]);
337 $data["be_users"][$key]["admin"]=0;
338 $data["be_users"][$key]["usergroup"] = $this->fixUserGroup($beRec["usergroup"],$actionRow["t1_allowed_groups"],$arr[$key]["usergroups"]);
339 $data["be_users"][$key]["db_mountpoints"]=$arr[$key]["db_mountpoints"];
340 $nId=$key;
341 }
342 }
343 }
344
345
346 if (is_array($data)) {
347 $tce = t3lib_div::makeInstance("t3lib_TCEmain");
348 $tce->stripslashes_values=0;
349 $tce->start($data,Array(),$this->BE_USER);
350 $tce->admin=1;
351 $tce->process_datamap();
352 $nId = intval($tce->substNEWwithIDs["NEW"]);
353 if ($nId) { // Create
354 $this->action_createDir($nId);
355 } else { // update
356 $nId=intval($key);
357 }
358 unset($tce);
359 }
360 return $nId;
361 }
362 function fixUsername($username,$prefix) {
363 $username=trim($username);
364 $prefix=trim($prefix);
365 $username=preg_replace('/^'.quotemeta($prefix).'/','',$username);
366
367 if ($username) {
368 return $prefix.$username;
369 } else return false;
370 }
371 function fixUserGroup($curUserGroup,$allowedGroups,$inGroups) {
372 // User group:
373 // All current groups:
374 $cGroups = array_flip(t3lib_div::trimExplode(",",$curUserGroup,1));
375 $grList = t3lib_div::intExplode(",",$allowedGroups);
376 reset($grList);
377 while(list(,$gu)=each($grList)) {
378 unset($cGroups[$gu]); // Remove the group if it's in the array for some reason...
379 }
380 // reverse array again and set incoming groups:
381 $cGroups=array_keys($cGroups);
382 if (is_array($inGroups)) {
383 reset($inGroups);
384 while(list(,$gu)=each($inGroups)) {
385 $checkGr = t3lib_BEfunc::getRecord("be_groups",$gu);
386 if (is_array($checkGr) && in_array($gu,$grList)) {
387 $cGroups[]=$gu;
388 }
389 }
390 }
391 return implode(",",$cGroups);
392 }
393 function action_createDir($uid) {
394 $path = $this->action_getUserMainDir();
395 if ($path) {
396 @mkdir($path.$uid,0755);
397 @mkdir($path.$uid."/_temp_",0755);
398 // debug($path);
399 }
400 }
401 function action_getUserMainDir() {
402 $path = $GLOBALS["TYPO3_CONF_VARS"]["BE"]["userHomePath"];
403 if ($path && @is_dir($path) &&
404 $GLOBALS["TYPO3_CONF_VARS"]["BE"]["lockRootPath"] &&
405 t3lib_div::isFirstPartOfStr($path,$GLOBALS["TYPO3_CONF_VARS"]["BE"]["lockRootPath"]) &&
406 substr($path,-1)=="/"
407 ) {
408 return $path;
409 }
410 }
411 }
412
413 if (defined("TYPO3_MODE") && $TYPO3_CONF_VARS[TYPO3_MODE]["XCLASS"]["ext/sys_action/class.tx_sysaction.php"]) {
414 include_once($TYPO3_CONF_VARS[TYPO3_MODE]["XCLASS"]["ext/sys_action/class.tx_sysaction.php"]);
415 }
416
417 ?>