2 declare(strict_types
=1);
3 namespace TYPO3\CMS\Backend\Form\Wizard
;
6 * This file is part of the TYPO3 CMS project.
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
15 * The TYPO3 project - inspiring people to share!
18 use Psr\Http\Message\ResponseInterface
;
19 use Psr\Http\Message\ServerRequestInterface
;
20 use TYPO3\CMS\Core\
Resource\Exception\FileDoesNotExistException
;
21 use TYPO3\CMS\Core\
Resource\ResourceFactory
;
22 use TYPO3\CMS\Core\Utility\GeneralUtility
;
23 use TYPO3\CMS\Core\Utility\MathUtility
;
24 use TYPO3\CMS\Fluid\View\StandaloneView
;
27 * Wizard for rendering image manipulation view
29 class ImageManipulationWizard
34 private $templateView;
37 * @param StandaloneView $templateView
39 public function __construct(StandaloneView
$templateView = null)
42 $templateView = GeneralUtility
::makeInstance(StandaloneView
::class);
43 $templateView->setLayoutRootPaths([GeneralUtility
::getFileAbsFileName('EXT:backend/Resources/Private/Layouts/')]);
44 $templateView->setPartialRootPaths([GeneralUtility
::getFileAbsFileName('EXT:backend/Resources/Private/Partials/ImageManipulation/')]);
45 $templateView->setTemplatePathAndFilename(GeneralUtility
::getFileAbsFileName('EXT:backend/Resources/Private/Templates/ImageManipulation/ImageManipulationWizard.html'));
47 $this->templateView
= $templateView;
51 * Returns the HTML for the wizard inside the modal
53 * @param ServerRequestInterface $request
54 * @param ResponseInterface $response
55 * @return ResponseInterface $response
57 public function getWizardAction(ServerRequestInterface
$request, ResponseInterface
$response)
59 if ($this->isSignatureValid($request)) {
60 $queryParams = json_decode($request->getQueryParams()['arguments'], true);
61 $fileUid = $queryParams['image'];
63 if (MathUtility
::canBeInterpretedAsInteger($fileUid)) {
65 $image = ResourceFactory
::getInstance()->getFileObject($fileUid);
66 } catch (FileDoesNotExistException
$e) {
71 'cropVariants' => $queryParams['cropVariants']
73 $content = $this->templateView
->renderSection('Main', $viewData);
74 $response->getBody()->write($content);
78 return $response->withStatus(403);
83 * Check if hmac signature is correct
85 * @param ServerRequestInterface $request the request with the GET parameters
88 protected function isSignatureValid(ServerRequestInterface
$request)
90 $token = GeneralUtility
::hmac($request->getQueryParams()['arguments'], 'ajax_wizard_image_manipulation');
91 return $token === $request->getQueryParams()['signature'];