DataHandler.php 450 KB
Newer Older
1
<?php
2
namespace TYPO3\CMS\Core\DataHandling;
3

4
/*
5
 * This file is part of the TYPO3 CMS project.
6
 *
7
8
9
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
10
 *
11
12
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
13
 *
14
15
 * The TYPO3 project - inspiring people to share!
 */
Christian Kuhn's avatar
Christian Kuhn committed
16

17
use Doctrine\DBAL\DBALException;
18
use Doctrine\DBAL\Driver\Statement;
19
use Doctrine\DBAL\Platforms\PostgreSqlPlatform;
20
use Doctrine\DBAL\Platforms\SqlitePlatform;
21
use Doctrine\DBAL\Platforms\SQLServerPlatform;
22
use Doctrine\DBAL\Types\IntegerType;
23
24
use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerAwareTrait;
25
use TYPO3\CMS\Backend\Utility\BackendUtility;
26
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
27
use TYPO3\CMS\Core\Cache\CacheManager;
28
use TYPO3\CMS\Core\Cache\Frontend\FrontendInterface;
29
use TYPO3\CMS\Core\Compatibility\PublicPropertyDeprecationTrait;
30
31
32
33
34
use TYPO3\CMS\Core\Configuration\FlexForm\Exception\InvalidIdentifierException;
use TYPO3\CMS\Core\Configuration\FlexForm\Exception\InvalidParentRowException;
use TYPO3\CMS\Core\Configuration\FlexForm\Exception\InvalidParentRowLoopException;
use TYPO3\CMS\Core\Configuration\FlexForm\Exception\InvalidParentRowRootException;
use TYPO3\CMS\Core\Configuration\FlexForm\Exception\InvalidPointerFieldValueException;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
35
use TYPO3\CMS\Core\Configuration\FlexForm\FlexFormTools;
36
use TYPO3\CMS\Core\Configuration\Richtext;
37
use TYPO3\CMS\Core\Core\Environment;
38
39
use TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
40
use TYPO3\CMS\Core\Database\Connection;
41
use TYPO3\CMS\Core\Database\ConnectionPool;
42
use TYPO3\CMS\Core\Database\Query\QueryHelper;
43
use TYPO3\CMS\Core\Database\Query\Restriction\BackendWorkspaceRestriction;
44
45
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Database\Query\Restriction\QueryRestrictionContainerInterface;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
46
47
use TYPO3\CMS\Core\Database\ReferenceIndex;
use TYPO3\CMS\Core\Database\RelationHandler;
48
use TYPO3\CMS\Core\DataHandling\History\RecordHistoryStore;
49
use TYPO3\CMS\Core\DataHandling\Localization\DataMapProcessor;
Christian Kuhn's avatar
Christian Kuhn committed
50
use TYPO3\CMS\Core\Html\RteHtmlParser;
51
use TYPO3\CMS\Core\Localization\LanguageService;
52
use TYPO3\CMS\Core\Messaging\FlashMessage;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
53
54
use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Resource\ResourceFactory;
55
use TYPO3\CMS\Core\Service\OpcodeCacheService;
56
use TYPO3\CMS\Core\Type\Bitmask\Permission;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
57
use TYPO3\CMS\Core\Utility\ArrayUtility;
58
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
59
use TYPO3\CMS\Core\Utility\File\BasicFileUtility;
60
use TYPO3\CMS\Core\Utility\GeneralUtility;
Sebastian Michaelsen's avatar
Sebastian Michaelsen committed
61
62
use TYPO3\CMS\Core\Utility\MathUtility;
use TYPO3\CMS\Core\Utility\PathUtility;
63
use TYPO3\CMS\Core\Utility\StringUtility;
64
use TYPO3\CMS\Core\Versioning\VersionState;
65

66
/**
67
68
 * The main data handler class which takes care of correctly updating and inserting records.
 * This class was formerly known as TCEmain.
69
70
 *
 * This is the TYPO3 Core Engine class for manipulation of the database
71
 * This class is used by eg. the tce_db BE route (SimpleDataHandlerController) which provides an the interface for POST forms to this class.
72
73
74
75
76
 *
 * Dependencies:
 * - $GLOBALS['TCA'] must exist
 * - $GLOBALS['LANG'] must exist
 *
77
 * Also see document 'TYPO3 Core API' for details.
78
 */
79
class DataHandler implements LoggerAwareInterface
80
{
81
    use LoggerAwareTrait;
82
83
84
85
86
87
88
89
90
    use PublicPropertyDeprecationTrait;

    /**
     * @var array
     */
    protected $deprecatedPublicProperties = [
        'updateModeL10NdiffData' => 'Using updateModeL10NdiffData is deprecated and will not be possible anymore in TYPO3 v10.',
        'updateModeL10NdiffDataClear' => 'Using updateModeL10NdiffDataClear is deprecated and will not be possible anymore in TYPO3 v10.',
    ];
91

92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
    // *********************
    // Public variables you can configure before using the class:
    // *********************
    /**
     * If TRUE, the default log-messages will be stored. This should not be necessary if the locallang-file for the
     * log-display is properly configured. So disabling this will just save some database-space as the default messages are not saved.
     *
     * @var bool
     */
    public $storeLogMessages = true;

    /**
     * If TRUE, actions are logged to sys_log.
     *
     * @var bool
     */
    public $enableLogging = true;

    /**
     * If TRUE, the datamap array is reversed in the order, which is a nice thing if you're creating a whole new
     * bunch of records.
     *
     * @var bool
     */
    public $reverseOrder = false;

    /**
     * If TRUE, only fields which are different from the database values are saved! In fact, if a whole input array
     * is similar, it's not saved then.
     *
     * @var bool
     */
    public $checkSimilar = true;

    /**
     * This will read the record after having updated or inserted it. If anything is not properly submitted an error
     * is written to the log. This feature consumes extra time by selecting records
     *
     * @var bool
     */
    public $checkStoredRecords = true;

    /**
     * If set, values '' and 0 will equal each other when the stored records are checked.
     *
     * @var bool
     */
    public $checkStoredRecords_loose = true;

    /**
     * If this is set, then a page is deleted by deleting the whole branch under it (user must have
     * delete permissions to it all). If not set, then the page is deleted ONLY if it has no branch.
     *
     * @var bool
     */
    public $deleteTree = false;

    /**
     * If set, then the 'hideAtCopy' flag for tables will be ignored.
     *
     * @var bool
     */
    public $neverHideAtCopy = false;

    /**
     * If set, then the TCE class has been instantiated during an import action of a T3D
     *
     * @var bool
     */
    public $isImporting = false;

    /**
     * If set, then transformations are NOT performed on the input.
     *
     * @var bool
     */
    public $dontProcessTransformations = false;

170
171
172
173
174
175
176
177
178
    /**
     * Will distinguish between translations (with parent) and localizations (without parent) while still using the same methods to copy the records
     * TRUE: translation of a record connected to the default language
     * FALSE: localization of a record without connection to the default language
     *
     * @var bool
     */
    protected $useTransOrigPointerField = true;

179
180
181
182
183
184
185
    /**
     * TRUE: (traditional) Updates when record is saved. For flexforms, updates if change is made to the localized value.
     * FALSE: Will not update anything.
     * "FORCE_FFUPD" (string): Like TRUE, but will force update to the FlexForm Field
     *
     * @var bool|string
     */
186
    protected $updateModeL10NdiffData = true;
187
188
189
190
191
192
193

    /**
     * If TRUE, the translation diff. fields will in fact be reset so that they indicate that all needs to change again!
     * It's meant as the opposite of declaring the record translated.
     *
     * @var bool
     */
194
    protected $updateModeL10NdiffDataClear = false;
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244

    /**
     * If TRUE, workspace restrictions are bypassed on edit an create actions (process_datamap()).
     * YOU MUST KNOW what you do if you use this feature!
     *
     * @var bool
     */
    public $bypassWorkspaceRestrictions = false;

    /**
     * If TRUE, file handling of attached files (addition, deletion etc) is bypassed - the value is saved straight away.
     * YOU MUST KNOW what you are doing with this feature!
     *
     * @var bool
     */
    public $bypassFileHandling = false;

    /**
     * If TRUE, access check, check for deleted etc. for records is bypassed.
     * YOU MUST KNOW what you are doing if you use this feature!
     *
     * @var bool
     */
    public $bypassAccessCheckForRecords = false;

    /**
     * Comma-separated list. This list of tables decides which tables will be copied. If empty then none will.
     * If '*' then all will (that the user has permission to of course)
     *
     * @var string
     */
    public $copyWhichTables = '*';

    /**
     * If 0 then branch is NOT copied.
     * If 1 then pages on the 1st level is copied.
     * If 2 then pages on the second level is copied ... and so on
     *
     * @var int
     */
    public $copyTree = 0;

    /**
     * [table][fields]=value: New records are created with default values and you can set this array on the
     * form $defaultValues[$table][$field] = $value to override the default values fetched from TCA.
     * If ->setDefaultsFromUserTS is called UserTSconfig default values will overrule existing values in this array
     * (thus UserTSconfig overrules externally set defaults which overrules TCA defaults)
     *
     * @var array
     */
245
    public $defaultValues = [];
246
247
248
249
250
251
252
253

    /**
     * [table][fields]=value: You can set this array on the form $overrideValues[$table][$field] = $value to
     * override the incoming data. You must set this externally. You must make sure the fields in this array are also
     * found in the table, because it's not checked. All columns can be set by this array!
     *
     * @var array
     */
254
    public $overrideValues = [];
255
256
257
258
259
260
261
262

    /**
     * [filename]=alternative_filename: Use this array to force another name onto a file.
     * Eg. if you set ['/tmp/blablabal'] = 'my_file.txt' and '/tmp/blablabal' is set for a certain file-field,
     * then 'my_file.txt' will be used as the name instead.
     *
     * @var array
     */
263
    public $alternativeFileName = [];
264
265
266
267
268
269

    /**
     * Array [filename]=alternative_filepath: Same as alternativeFileName but with relative path to the file
     *
     * @var array
     */
270
    public $alternativeFilePath = [];
271
272
273
274
275
276
277
278

    /**
     * If entries are set in this array corresponding to fields for update, they are ignored and thus NOT updated.
     * You could set this array from a series of checkboxes with value=0 and hidden fields before the checkbox with 1.
     * Then an empty checkbox will disable the field.
     *
     * @var array
     */
279
    public $data_disableFields = [];
280
281
282
283
284
285
286
287
288
289

    /**
     * Use this array to validate suggested uids for tables by setting [table]:[uid]. This is a dangerous option
     * since it will force the inserted record to have a certain UID. The value just have to be TRUE, but if you set
     * it to "DELETE" it will make sure any record with that UID will be deleted first (raw delete).
     * The option is used for import of T3D files when synchronizing between two mirrored servers.
     * As a security measure this feature is available only for Admin Users (for now)
     *
     * @var array
     */
290
    public $suggestedInsertUids = [];
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307

    /**
     * Object. Call back object for FlexForm traversal. Useful when external classes wants to use the
     * iteration functions inside DataHandler for traversing a FlexForm structure.
     *
     * @var object
     */
    public $callBackObj;

    // *********************
    // Internal variables (mapping arrays) which can be used (read-only) from outside
    // *********************
    /**
     * Contains mapping of auto-versionized records.
     *
     * @var array
     */
308
    public $autoVersionIdMap = [];
309
310
311
312
313
314

    /**
     * When new elements are created, this array contains a map between their "NEW..." string IDs and the eventual UID they got when stored in database
     *
     * @var array
     */
315
    public $substNEWwithIDs = [];
316
317
318
319
320
321

    /**
     * Like $substNEWwithIDs, but where each old "NEW..." id is mapped to the table it was from.
     *
     * @var array
     */
322
    public $substNEWwithIDs_table = [];
323
324
325
326
327
328

    /**
     * Holds the tables and there the ids of newly created child records from IRRE
     *
     * @var array
     */
329
    public $newRelatedIDs = [];
330
331
332
333
334
335

    /**
     * This array is the sum of all copying operations in this class. May be READ from outside, thus partly public.
     *
     * @var array
     */
336
    public $copyMappingArray_merged = [];
337

338
339
340
341
342
343
344
    /**
     * Per-table array with UIDs that have been deleted.
     *
     * @var array
     */
    protected $deletedRecords = [];

345
346
347
348
349
    /**
     * A map between input file name and final destination for files being attached to records.
     *
     * @var array
     */
350
    public $copiedFileMap = [];
351
352
353
354
355
356

    /**
     * Contains [table][id][field] of fiels where RTEmagic images was copied. Holds old filename as key and new filename as value.
     *
     * @var array
     */
357
    public $RTEmagic_copyIndex = [];
358
359
360
361
362
363

    /**
     * Errors are collected in this variable.
     *
     * @var array
     */
364
    public $errorLog = [];
365
366
367
368
369
370

    /**
     * Fields from the pages-table for which changes will trigger a pagetree refresh
     *
     * @var array
     */
371
    public $pagetreeRefreshFieldsFromPages = ['pid', 'sorting', 'deleted', 'hidden', 'title', 'doktype', 'is_siteroot', 'fe_group', 'nav_hide', 'nav_title', 'module', 'starttime', 'endtime', 'content_from_pid', 'extendToSubpages'];
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418

    /**
     * Indicates whether the pagetree needs a refresh because of important changes
     *
     * @var bool
     */
    public $pagetreeNeedsRefresh = false;

    // *********************
    // Internal Variables, do not touch.
    // *********************

    // Variables set in init() function:

    /**
     * The user-object the script uses. If not set from outside, this is set to the current global $BE_USER.
     *
     * @var BackendUserAuthentication
     */
    public $BE_USER;

    /**
     * Will be set to uid of be_user executing this script
     *
     * @var int
     */
    public $userid;

    /**
     * Will be set to username of be_user executing this script
     *
     * @var string
     */
    public $username;

    /**
     * Will be set if user is admin
     *
     * @var bool
     */
    public $admin;

    /**
     * Can be overridden from $GLOBALS['TYPO3_CONF_VARS']
     *
     * @var array
     */
419
    public $defaultPermissions = [
420
421
422
        'user' => 'show,edit,delete,new,editcontent',
        'group' => 'show,edit,new,editcontent',
        'everybody' => ''
423
    ];
424
425
426
427
428
429

    /**
     * The list of <table>-<fields> that cannot be edited by user. This is compiled from TCA/exclude-flag combined with non_exclude_fields for the user.
     *
     * @var array
     */
430
    protected $excludedTablesAndFields = [];
431
432
433
434
435
436
437

    /**
     * Data submitted from the form view, used to control behaviours,
     * e.g. this is used to activate/deactivate fields and thus store NULL values
     *
     * @var array
     */
438
    protected $control = [];
439
440
441
442
443
444

    /**
     * Set with incoming data array
     *
     * @var array
     */
445
    public $datamap = [];
446
447
448
449
450
451

    /**
     * Set with incoming cmd array
     *
     * @var array
     */
452
    public $cmdmap = [];
453
454
455
456
457
458

    /**
     * List of changed old record ids to new records ids
     *
     * @var array
     */
459
    protected $mmHistoryRecords = [];
460
461
462
463
464
465

    /**
     * List of changed old record ids to new records ids
     *
     * @var array
     */
466
    protected $historyRecords = [];
467
468
469
470
471
472
473

    // Internal static:
    /**
     * Permission mapping
     *
     * @var array
     */
474
    public $pMap = [
475
476
477
478
479
480
481
482
483
        'show' => 1,
        // 1st bit
        'edit' => 2,
        // 2nd bit
        'delete' => 4,
        // 3rd bit
        'new' => 8,
        // 4th bit
        'editcontent' => 16
484
    ];
485
486

    /**
487
488
489
     * The interval between sorting numbers used with tables with a 'sorting' field defined.
     *
     * Min 1, should be power of 2
490
491
492
493
494
495
496
497
498
499
500
     *
     * @var int
     */
    public $sortIntervals = 256;

    // Internal caching arrays
    /**
     * Used by function checkRecordUpdateAccess() to store whether a record is updatable or not.
     *
     * @var array
     */
501
    protected $recUpdateAccessCache = [];
502
503
504
505
506
507

    /**
     * User by function checkRecordInsertAccess() to store whether a record can be inserted on a page id
     *
     * @var array
     */
508
    protected $recInsertAccessCache = [];
509
510
511
512
513
514

    /**
     * Caching array for check of whether records are in a webmount
     *
     * @var array
     */
515
    protected $isRecordInWebMount_Cache = [];
516
517
518
519
520
521

    /**
     * Caching array for page ids in webmounts
     *
     * @var array
     */
522
    protected $isInWebMount_Cache = [];
523
524
525
526
527
528

    /**
     * Used for caching page records in pageInfo()
     *
     * @var array
     */
529
    protected $pageCache = [];
530
531
532
533
534
535
536

    // Other arrays:
    /**
     * For accumulation of MM relations that must be written after new records are created.
     *
     * @var array
     */
537
    public $dbAnalysisStore = [];
538
539
540
541
542
543

    /**
     * For accumulation of files which must be deleted after processing of all input content
     *
     * @var array
     */
544
    public $removeFilesStore = [];
545
546
547
548
549
550

    /**
     * Uploaded files, set by process_uploads()
     *
     * @var array
     */
551
    public $uploadedFileArray = [];
552
553
554
555
556
557

    /**
     * Used for tracking references that might need correction after operations
     *
     * @var array
     */
558
    public $registerDBList = [];
559
560
561
562
563
564

    /**
     * Used for tracking references that might need correction in pid field after operations (e.g. IRRE)
     *
     * @var array
     */
565
    public $registerDBPids = [];
566
567
568
569
570
571
572
573
574
575
576

    /**
     * Used by the copy action to track the ids of new pages so subpages are correctly inserted!
     * THIS is internally cleared for each executed copy operation! DO NOT USE THIS FROM OUTSIDE!
     * Read from copyMappingArray_merged instead which is accumulating this information.
     *
     * NOTE: This is used by some outside scripts (e.g. hooks), as the results in $copyMappingArray_merged
     * are only available after an action has been completed.
     *
     * @var array
     */
577
    public $copyMappingArray = [];
578
579
580
581
582
583

    /**
     * Array used for remapping uids and values at the end of process_datamap
     *
     * @var array
     */
584
    public $remapStack = [];
585
586
587
588
589
590
591

    /**
     * Array used for remapping uids and values at the end of process_datamap
     * (e.g. $remapStackRecords[<table>][<uid>] = <index in $remapStack>)
     *
     * @var array
     */
592
    public $remapStackRecords = [];
593
594
595
596
597
598

    /**
     * Array used for checking whether new children need to be remapped
     *
     * @var array
     */
599
    protected $remapStackChildIds = [];
600
601
602
603
604
605

    /**
     * Array used for executing addition actions after remapping happened (set processRemapStack())
     *
     * @var array
     */
606
    protected $remapStackActions = [];
607
608
609
610
611
612

    /**
     * Array used for executing post-processing on the reference index
     *
     * @var array
     */
613
    protected $remapStackRefIndex = [];
614
615
616
617
618
619

    /**
     * Array used for additional calls to $this->updateRefIndex
     *
     * @var array
     */
620
    public $updateRefIndexStack = [];
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643

    /**
     * Tells, that this DataHandler instance was called from \TYPO3\CMS\Impext\ImportExport.
     * This variable is set by \TYPO3\CMS\Impext\ImportExport
     *
     * @var array
     */
    public $callFromImpExp = false;

    // Various
    /**
     * basicFileFunctions object
     * For "singleton" file-manipulation object
     *
     * @var BasicFileUtility
     */
    public $fileFunc;

    /**
     * Set to "currentRecord" during checking of values.
     *
     * @var array
     */
644
    public $checkValue_currentRecord = [];
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675

    /**
     * A signal flag used to tell file processing that auto versioning has happened and hence certain action should be applied.
     *
     * @var bool
     */
    public $autoVersioningUpdate = false;

    /**
     * Disable delete clause
     *
     * @var bool
     */
    protected $disableDeleteClause = false;

    /**
     * @var array
     */
    protected $checkModifyAccessListHookObjects;

    /**
     * @var array
     */
    protected $version_remapMMForVersionSwap_reg;

    /**
     * The outer most instance of \TYPO3\CMS\Core\DataHandling\DataHandler:
     * This object instantiates itself on versioning and localization ...
     *
     * @var \TYPO3\CMS\Core\DataHandling\DataHandler
     */
676
    protected $outerMostInstance;
677
678
679
680
681
682

    /**
     * Internal cache for collecting records that should trigger cache clearing
     *
     * @var array
     */
683
    protected static $recordsToClearCacheFor = [];
684

685
686
687
688
689
690
    /**
     * Internal cache for pids of records which were deleted. It's not possible
     * to retrieve the parent folder/page at a later stage
     *
     * @var array
     */
691
    protected static $recordPidsForDeletedRecords = [];
692

693
694
695
    /**
     * Runtime Cache to store and retrieve data computed for a single request
     *
696
     * @var \TYPO3\CMS\Core\Cache\Frontend\FrontendInterface
697
     */
698
    protected $runtimeCache;
699
700
701
702
703
704
705
706
707

    /**
     * Prefix for the cache entries of nested element calls since the runtimeCache has a global scope.
     *
     * @var string
     */
    protected $cachePrefixNestedElementCalls = 'core-datahandler-nestedElementCalls-';

    /**
708
     * Sets up the data handler cache and some additional options, the main logic is done in the start() method.
709
710
711
     */
    public function __construct()
    {
712
713
        $this->checkStoredRecords = (bool)$GLOBALS['TYPO3_CONF_VARS']['BE']['checkStoredRecords'];
        $this->checkStoredRecords_loose = (bool)$GLOBALS['TYPO3_CONF_VARS']['BE']['checkStoredRecordsLoose'];
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
        $this->runtimeCache = $this->getRuntimeCache();
    }

    /**
     * @param array $control
     */
    public function setControl(array $control)
    {
        $this->control = $control;
    }

    /**
     * Initializing.
     * For details, see 'TYPO3 Core API' document.
     * This function does not start the processing of data, but merely initializes the object
     *
     * @param array $data Data to be modified or inserted in the database
     * @param array $cmd Commands to copy, move, delete, localize, versionize records.
732
     * @param BackendUserAuthentication|null $altUserObject An alternative userobject you can set instead of the default, which is $GLOBALS['BE_USER']
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
     */
    public function start($data, $cmd, $altUserObject = null)
    {
        // Initializing BE_USER
        $this->BE_USER = is_object($altUserObject) ? $altUserObject : $GLOBALS['BE_USER'];
        $this->userid = $this->BE_USER->user['uid'];
        $this->username = $this->BE_USER->user['username'];
        $this->admin = $this->BE_USER->user['admin'];
        if ($this->BE_USER->uc['recursiveDelete']) {
            $this->deleteTree = 1;
        }
        // Initializing default permissions for pages
        $defaultPermissions = $GLOBALS['TYPO3_CONF_VARS']['BE']['defaultPermissions'];
        if (isset($defaultPermissions['user'])) {
            $this->defaultPermissions['user'] = $defaultPermissions['user'];
        }
        if (isset($defaultPermissions['group'])) {
            $this->defaultPermissions['group'] = $defaultPermissions['group'];
        }
        if (isset($defaultPermissions['everybody'])) {
            $this->defaultPermissions['everybody'] = $defaultPermissions['everybody'];
        }
        // generates the excludelist, based on TCA/exclude-flag and non_exclude_fields for the user:
        if (!$this->admin) {
            $this->excludedTablesAndFields = array_flip($this->getExcludeListArray());
        }
        // Setting the data and cmd arrays
        if (is_array($data)) {
            reset($data);
            $this->datamap = $data;
        }
        if (is_array($cmd)) {
            reset($cmd);
            $this->cmdmap = $cmd;
        }
    }

    /**
     * Function that can mirror input values in datamap-array to other uid numbers.
     * Example: $mirror[table][11] = '22,33' will look for content in $this->datamap[table][11] and copy it to $this->datamap[table][22] and $this->datamap[table][33]
     *
     * @param array $mirror This array has the syntax $mirror[table_name][uid] = [list of uids to copy data-value TO!]
     */
    public function setMirror($mirror)
    {
        if (!is_array($mirror)) {
            return;
        }

        foreach ($mirror as $table => $uid_array) {
            if (!isset($this->datamap[$table])) {
                continue;
            }

            foreach ($uid_array as $id => $uidList) {
                if (!isset($this->datamap[$table][$id])) {
                    continue;
                }

                $theIdsInArray = GeneralUtility::trimExplode(',', $uidList, true);
                foreach ($theIdsInArray as $copyToUid) {
                    $this->datamap[$table][$copyToUid] = $this->datamap[$table][$id];
                }
            }
        }
    }

    /**
     * Initializes default values coming from User TSconfig
     *
     * @param array $userTS User TSconfig array
     */
    public function setDefaultsFromUserTS($userTS)
    {
        if (!is_array($userTS)) {
            return;
        }

        foreach ($userTS as $k => $v) {
812
            $k = mb_substr($k, 0, -1);
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
            if (!$k || !is_array($v) || !isset($GLOBALS['TCA'][$k])) {
                continue;
            }

            if (is_array($this->defaultValues[$k])) {
                $this->defaultValues[$k] = array_merge($this->defaultValues[$k], $v);
            } else {
                $this->defaultValues[$k] = $v;
            }
        }
    }

    /**
     * Processing of uploaded files.
     * It turns out that some versions of PHP arranges submitted data for files different if sent in an array. This function will unify this so the internal array $this->uploadedFileArray will always contain files arranged in the same structure.
     *
     * @param array $postFiles $_FILES array
     */
    public function process_uploads($postFiles)
    {
        if (!is_array($postFiles)) {
            return;
        }

        // Editing frozen:
        if ($this->BE_USER->workspace !== 0 && $this->BE_USER->workspaceRec['freeze']) {
839
            $this->newlog('All editing in this workspace has been frozen!', 1);
840
841
842
843
844
845
            return;
        }
        $subA = reset($postFiles);
        if (is_array($subA)) {
            if (is_array($subA['name']) && is_array($subA['type']) && is_array($subA['tmp_name']) && is_array($subA['size'])) {
                // Initialize the uploadedFilesArray:
846
                $this->uploadedFileArray = [];
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
                // For each entry:
                foreach ($subA as $key => $values) {
                    $this->process_uploads_traverseArray($this->uploadedFileArray, $values, $key);
                }
            } else {
                $this->uploadedFileArray = $subA;
            }
        }
    }

    /**
     * Traverse the upload array if needed to rearrange values.
     *
     * @param array $outputArr $this->uploadedFileArray passed by reference
     * @param array $inputArr Input array  ($_FILES parts)
     * @param string $keyToSet The current $_FILES array key to set on the outermost level.
     * @access private
     * @see process_uploads()
     */
    public function process_uploads_traverseArray(&$outputArr, $inputArr, $keyToSet)
    {
        if (is_array($inputArr)) {
            foreach ($inputArr as $key => $value) {
                $this->process_uploads_traverseArray($outputArr[$key], $inputArr[$key], $keyToSet);
            }
        } else {
            $outputArr[$keyToSet] = $inputArr;
        }
    }

    /*********************************************
     *
     * HOOKS
     *
     *********************************************/
    /**
     * Hook: processDatamap_afterDatabaseOperations
     * (calls $hookObj->processDatamap_afterDatabaseOperations($status, $table, $id, $fieldArray, $this);)
     *
     * Note: When using the hook after INSERT operations, you will only get the temporary NEW... id passed to your hook as $id,
     * but you can easily translate it to the real uid of the inserted record using the $this->substNEWwithIDs array.
     *
     * @param array $hookObjectsArr (reference) Array with hook objects
     * @param string $status (reference) Status of the current operation, 'new' or 'update
     * @param string $table (reference) The table currently processing data for
     * @param string $id (reference) The record uid currently processing data for, [integer] or [string] (like 'NEW...')
     * @param array $fieldArray (reference) The field array of a record
     */
    public function hook_processDatamap_afterDatabaseOperations(&$hookObjectsArr, &$status, &$table, &$id, &$fieldArray)
    {
        // Process hook directly:
        if (!isset($this->remapStackRecords[$table][$id])) {
            foreach ($hookObjectsArr as $hookObj) {
                if (method_exists($hookObj, 'processDatamap_afterDatabaseOperations')) {
                    $hookObj->processDatamap_afterDatabaseOperations($status, $table, $id, $fieldArray, $this);
                }
            }
        } else {
905
            $this->remapStackRecords[$table][$id]['processDatamap_afterDatabaseOperations'] = [
906
907
908
                'status' => $status,
                'fieldArray' => $fieldArray,
                'hookObjectsArr' => $hookObjectsArr
909
            ];
910
911
912
913
914
915
916
917
918
919
920
921
922
        }
    }

    /**
     * Gets the 'checkModifyAccessList' hook objects.
     * The first call initializes the accordant objects.
     *
     * @return array The 'checkModifyAccessList' hook objects (if any)
     * @throws \UnexpectedValueException
     */
    protected function getCheckModifyAccessListHookObjects()
    {
        if (!isset($this->checkModifyAccessListHookObjects)) {
923
            $this->checkModifyAccessListHookObjects = [];
924
925
926
927
            foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['checkModifyAccessList'] ?? [] as $className) {
                $hookObject = GeneralUtility::makeInstance($className);
                if (!$hookObject instanceof DataHandlerCheckModifyAccessListHookInterface) {
                    throw new \UnexpectedValueException($className . ' must implement interface ' . DataHandlerCheckModifyAccessListHookInterface::class, 1251892472);
928
                }
929
                $this->checkModifyAccessListHookObjects[] = $hookObject;
930
931
932
933
934
935
936
937
938
939
940
941
942
943
            }
        }
        return $this->checkModifyAccessListHookObjects;
    }

    /*********************************************
     *
     * PROCESSING DATA
     *
     *********************************************/
    /**
     * Processing the data-array
     * Call this function to process the data-array set by start()
     *
944
     * @return bool|void
945
946
947
948
949
950
     */
    public function process_datamap()
    {
        $this->controlActiveElements();

        // Keep versionized(!) relations here locally:
951
        $registerDBList = [];
952
953
954
955
        $this->registerElementsToBeDeleted();
        $this->datamap = $this->unsetElementsToBeDeleted($this->datamap);
        // Editing frozen:
        if ($this->BE_USER->workspace !== 0 && $this->BE_USER->workspaceRec['freeze']) {
956
            $this->newlog('All editing in this workspace has been frozen!', 1);
957
958
959
            return false;
        }
        // First prepare user defined objects (if any) for hooks which extend this function:
960
        $hookObjectsArr = [];
961
962
963
964
        foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'] ?? [] as $className) {
            $hookObject = GeneralUtility::makeInstance($className);
            if (method_exists($hookObject, 'processDatamap_beforeStart')) {
                $hookObject->processDatamap_beforeStart($this);
965
            }
966
            $hookObjectsArr[] = $hookObject;
967
        }
968
969
        // Pre-process data-map and synchronize localization states
        $this->datamap = DataMapProcessor::instance($this->datamap, $this->BE_USER)->process();
970
        // Organize tables so that the pages-table is always processed first. This is required if you want to make sure that content pointing to a new page will be created.
971
        $orderOfTables = [];
972
973
974
975
976
977
978
979
980
981
982
983
984
        // Set pages first.
        if (isset($this->datamap['pages'])) {
            $orderOfTables[] = 'pages';
        }
        $orderOfTables = array_unique(array_merge($orderOfTables, array_keys($this->datamap)));
        // Process the tables...
        foreach ($orderOfTables as $table) {
            // Check if
            //	   - table is set in $GLOBALS['TCA'],
            //	   - table is NOT readOnly
            //	   - the table is set with content in the data-array (if not, there's nothing to process...)
            //	   - permissions for tableaccess OK
            $modifyAccessList = $this->checkModifyAccessList($table);
985
            if (!$modifyAccessList) {
986
                $this->log($table, 0, 2, 0, 1, 'Attempt to modify table \'%s\' without permission', 1, [$table]);
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
            }
            if (!isset($GLOBALS['TCA'][$table]) || $this->tableReadOnly($table) || !is_array($this->datamap[$table]) || !$modifyAccessList) {
                continue;
            }

            if ($this->reverseOrder) {
                $this->datamap[$table] = array_reverse($this->datamap[$table], 1);
            }
            // For each record from the table, do:
            // $id is the record uid, may be a string if new records...
            // $incomingFieldArray is the array of fields
            foreach ($this->datamap[$table] as $id => $incomingFieldArray) {
                if (!is_array($incomingFieldArray)) {
                    continue;