Fixed issue #15601: Change all core PHP files to UTF8 encoding
[Packages/TYPO3.CMS.git] / typo3 / wizard_tsconfig.php
index b61895f..7063e5a 100644 (file)
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
+*  (c) 1999-2010 Kasper Skårhøj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
  * Wizard for inserting TSconfig in form fields. (page,user or TS)
  *
  * $Id$
- * Revised for TYPO3 3.6 November/2003 by Kasper Skaarhoj
+ * Revised for TYPO3 3.6 November/2003 by Kasper Skårhøj
  * XHTML compliant
  *
- * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
+ * @author     Kasper Skårhøj <kasperYYYY@typo3.com>
  */
 /**
  * [CLASS/FUNCTION INDEX of SCRIPT]
@@ -83,7 +83,7 @@ $LANG->includeLLFile('EXT:lang/locallang_wizards.xml');
 /**
  * TypoScript parser extension class.
  *
- * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
+ * @author     Kasper Skårhøj <kasperYYYY@typo3.com>
  * @package TYPO3
  * @subpackage core
  */
@@ -112,7 +112,7 @@ class ext_TSparser extends t3lib_tsparser_ext {
 /**
  * Script Class for rendering the TSconfig/TypoScript property browser.
  *
- * @author     Kasper Skaarhoj <kasperYYYY@typo3.com>
+ * @author     Kasper Skårhøj <kasperYYYY@typo3.com>
  * @package TYPO3
  * @subpackage core
  */
@@ -156,7 +156,9 @@ class SC_wizard_tsconfig {
                $this->objString = t3lib_div::_GP('objString');
                $this->onlyProperty = t3lib_div::_GP('onlyProperty');
                        // Preparing some JavaScript code:
-               if (!is_array($this->P['fieldChangeFunc']))     $this->P['fieldChangeFunc']=array();
+               if (!$this->areFieldChangeFunctionsValid()) {
+                       $this->P['fieldChangeFunc']=array();
+               }
                unset($this->P['fieldChangeFunc']['alert']);
                $update='';
                foreach($this->P['fieldChangeFunc'] as $k=>$v)  {
@@ -165,7 +167,7 @@ class SC_wizard_tsconfig {
                }
 
                        // Init the document table object:
-               $this->doc = t3lib_div::makeInstance('mediumDoc');
+               $this->doc = t3lib_div::makeInstance('template');
                $this->doc->backPath = $BACK_PATH;
                $this->doc->form='<form action="" name="editform">';
 
@@ -347,7 +349,7 @@ class SC_wizard_tsconfig {
 
                                // Title and description:
                        $out.='<a href="'.htmlspecialchars(t3lib_div::linkThisScript(array('show'=>''))).'" class="typo3-goBack">'.
-                                       t3lib_iconWorks::getSpriteIcon('actions-view-go-back') . 
+                                       t3lib_iconWorks::getSpriteIcon('actions-view-go-back') .
                                        htmlspecialchars($obj_string).
                                        '</a><br />';
                        if ($rec['title'])      $out.= '<strong>'.htmlspecialchars($rec['title']).': </strong>';
@@ -388,7 +390,8 @@ class SC_wizard_tsconfig {
                        <!--
                                TSconfig, object tree:
                        -->
-                               <table border="0" cellpadding="0" cellspacing="0" id="typo3-objtree">
+                               <table border="0" cellpadding="0" cellspacing="0" class="t3-tree t3-tree-config" id="typo3-objtree">
+                                       <tr class="t3-row-header"><td>TSref</td></tr>
                                        <tr>
                                                <td nowrap="nowrap">'.$tmpl->ext_getObjTree($this->removePointerObjects($objTree[$mode.'.']),'','','','','1').'</td>
                                        </tr>
@@ -530,22 +533,15 @@ class SC_wizard_tsconfig {
 
                                // Adding header:
                        $lines[]='
-                               <tr>
-                                       <td><img src="clear.gif" width="175" height="1" alt="" /></td>
-                                       <td><img src="clear.gif" width="100" height="1" alt="" /></td>
-                                       <td><img src="clear.gif" width="400" height="1" alt="" /></td>
-                                       <td><img src="clear.gif" width="70" height="1" alt="" /></td>
-                               </tr>';
-                       $lines[]='
-                               <tr class="bgColor5">
-                                       <td><strong>Property:</strong></td>
-                                       <td><strong>Data type:</strong></td>
-                                       <td><strong>Description:</strong></td>
-                                       <td><strong>Default:</strong></td>
+                               <tr class="t3-row-header">
+                                       <td>Property:</td>
+                                       <td>Data type:</td>
+                                       <td>Description:</td>
+                                       <td>Default:</td>
                                </tr>';
 
                                // Traverse the content of "rows":
-                       foreach($table['rows'] as $row) {
+                       foreach($table['rows'] as $i => $row)   {
 
                                        // Linking:
                                $lP=t3lib_div::trimExplode(LF,$row['property'],1);
@@ -573,8 +569,8 @@ class SC_wizard_tsconfig {
 
 
                                $lines[]='
-                                       <tr class="bgColor4">
-                                               <td valign="top" class="bgColor4-20"><strong>'.$linkedProperties.'</strong></td>
+                                       <tr class="t3-row ' . ($i % 2 ? 't3-row-even' : 't3-row-odd') . '">
+                                               <td valign="top" class="bgColor4-20" nowrap="nowrap"><strong>'.$linkedProperties.'</strong></td>
                                                <td valign="top">'.nl2br($dataType.'&nbsp;').'</td>
                                                <td valign="top">'.nl2br($row['description']).'</td>
                                                <td valign="top">'.nl2br($row['default']).'</td>
@@ -588,7 +584,7 @@ class SC_wizard_tsconfig {
                        <!--
                                TSconfig, attribute selector:
                        -->
-                               <table border="0" cellpadding="0" cellspacing="1" width="500" id="typo3-attributes">
+                               <table border="0" cellpadding="0" cellspacing="1" width="98%" class="t3-table" id="typo3-attributes">
                                        '.implode('',$lines).'
                                </table>';
                }
@@ -615,7 +611,7 @@ class SC_wizard_tsconfig {
                if(!$this->onlyProperty)        {
                        $aOnClick = 'document.editform.mixer.value=unescape(\'  '.rawurlencode($propertyName.'='.$propertyVal).'\')+\'\n\'+document.editform.mixer.value; return false;';
                        $out.= '<a href="#" onclick="'.htmlspecialchars($aOnClick).'">'.
-                                       t3lib_iconWorks::getSpriteIcon('actions-edit-add', array('title' => $GLOBALS['LANG']->getLL('tsprop_addToList', TRUE))) . 
+                                       t3lib_iconWorks::getSpriteIcon('actions-edit-add', array('title' => $GLOBALS['LANG']->getLL('tsprop_addToList', TRUE))) .
                        '</a>';
                        $propertyName = $prefix.'.'.$propertyName;
                }
@@ -627,6 +623,19 @@ class SC_wizard_tsconfig {
                        // Return link:
                return $out;
        }
+
+       /**
+        * Determines whether submitted field change functions are valid
+        * and are coming from the system and not from an external abuse.
+        *
+        * @return boolean Whether the submitted field change functions are valid
+        */
+       protected function areFieldChangeFunctionsValid() {
+               return (
+                       isset($this->P['fieldChangeFunc']) && is_array($this->P['fieldChangeFunc']) && isset($this->P['fieldChangeFuncHash'])
+                       && $this->P['fieldChangeFuncHash'] == t3lib_div::hmac(serialize($this->P['fieldChangeFunc']))
+               );
+       }
 }