fe_adminLib.inc 66.2 KB
Newer Older
Kasper Skårhøj's avatar
Kasper Skårhøj committed
1
2
3
<?php
/***************************************************************
*  Copyright notice
4
*
5
*  (c) 1999-2004 Kasper Skaarhoj (kasper@typo3.com)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
6
7
*  All rights reserved
*
8
*  This script is part of the TYPO3 project. The TYPO3 project is
Kasper Skårhøj's avatar
Kasper Skårhøj committed
9
10
11
12
*  free software; you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation; either version 2 of the License, or
*  (at your option) any later version.
13
*
Kasper Skårhøj's avatar
Kasper Skårhøj committed
14
15
*  The GNU General Public License can be found at
*  http://www.gnu.org/copyleft/gpl.html.
16
*  A copy is found in the textfile GPL.txt and important notices to the license
Kasper Skårhøj's avatar
Kasper Skårhøj committed
17
18
*  from the author is found in LICENSE.txt distributed with these scripts.
*
19
*
Kasper Skårhøj's avatar
Kasper Skårhøj committed
20
21
22
23
24
25
26
27
28
29
*  This script is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
/**
 * FE admin lib
 *
30
31
 * $Id$
 * Revised for TYPO3 3.6 June/2003 by Kasper Skaarhoj
Kasper Skårhøj's avatar
Kasper Skårhøj committed
32
 *
33
 * @author	Kasper Skaarhoj <kasper@typo3.com>
Kasper Skårhøj's avatar
Kasper Skårhøj committed
34
35
36
37
38
39
 */
/**
 * [CLASS/FUNCTION INDEX of SCRIPT]
 *
 *
 *
40
41
 *  132: class user_feAdmin
 *  179:     function init($content,$conf)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
42
43
 *
 *              SECTION: Data processing
44
45
46
47
48
49
50
 *  409:     function parseValues()
 *  504:     function processFiles($cmdParts,$theField)
 *  610:     function overrideValues()
 *  626:     function defaultValues()
 *  645:     function evalValues()
 *  767:     function userProcess($mConfKey,$passVar)
 *  785:     function userProcess_alt($confVal,$confArr,$passVar)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
51
52
 *
 *              SECTION: Database manipulation functions
53
54
55
 *  827:     function save()
 *  885:     function deleteRecord()
 *  915:     function deleteFilesFromRecord($uid)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
56
57
 *
 *              SECTION: Command "display" functions
58
59
60
61
62
 *  972:     function displayDeleteScreen()
 * 1000:     function displayCreateScreen()
 * 1023:     function displayEditScreen()
 * 1074:     function displayEditForm($origArr)
 * 1102:     function procesSetFixed()
Kasper Skårhøj's avatar
Kasper Skårhøj committed
63
64
 *
 *              SECTION: Template processing functions
65
66
67
68
 * 1189:     function removeRequired($templateCode,$failure)
 * 1207:     function getPlainTemplate($key,$r='')
 * 1224:     function modifyDataArrForFormUpdate($inputArr)
 * 1293:     function setCObjects($templateCode,$currentArr=array(),$markerArray='',$specialPrefix='')
Kasper Skårhøj's avatar
Kasper Skårhøj committed
69
70
 *
 *              SECTION: Emailing
71
72
73
74
75
 * 1355:     function sendInfoMail()
 * 1403:     function compileMail($key, $DBrows, $recipient, $setFixedConfig=array())
 * 1449:     function sendMail($recipient, $admin, $content='', $adminContent='')
 * 1494:     function isHTMLContent($c)
 * 1515:     function sendHTMLMail($content,$recipient,$dummy,$fromEmail,$fromName,$replyTo='')
Kasper Skårhøj's avatar
Kasper Skårhøj committed
76
77
 *
 *              SECTION: Various helper functions
78
79
80
81
82
83
84
85
 * 1599:     function aCAuth($r)
 * 1613:     function authCode($r,$extra='')
 * 1639:     function setfixed($markerArray, $setfixed, $r)
 * 1675:     function setfixedHash($recCopy,$fields='')
 * 1696:     function isPreview()
 * 1705:     function createFileFuncObj()
 * 1716:     function clearCacheIfSet()
 * 1731:     function getFailure($theField, $theCmd, $label)
Kasper Skårhøj's avatar
Kasper Skårhøj committed
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 *
 * TOTAL FUNCTIONS: 33
 * (This index is automatically created/updated by the extension "extdeveval")
 *
 */

require_once (PATH_t3lib.'class.t3lib_basicfilefunc.php');		// For use with images.



























/**
 * This library provides a HTML-template file based framework for Front End creating/editing/deleting records authenticated by email or fe_user login.
 * It is used in the extensions "direct_mail_subscription" and "feuser_admin" (and the depreciated(!) static template "plugin.feadmin.dmailsubscription" and "plugin.feadmin.fe_users" which are the old versions of these two extensions)
 * Further the extensions "t3consultancies" and "t3references" also uses this library but contrary to the "direct_mail_subscription" and "feuser_admin" extensions which relies on external HTML templates which must be adapted these two extensions delivers the HTML template code from inside.
 * Generally the fe_adminLib appears to be hard to use. Personally I feel turned off by all the template-file work involved and since it is very feature rich (and for that sake pretty stable!) there are lots of things that can go wrong - you feel. Therefore I like the concept used by "t3consultancies"/"t3references" since those extensions uses the library by supplying the HTML-template code automatically.
 * Suggestions for improvement and streamlining is welcome so this powerful class could be used more and effectively.
126
 *
127
128
129
 * @author	Kasper Skaarhoj <kasper@typo3.com>
 * @package TYPO3
 * @subpackage tslib
Kasper Skårhøj's avatar
Kasper Skårhøj committed
130
131
132
 * @link http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=396&cHash=d267c36546
 */
class user_feAdmin	{
133
134
135
136

		// External, static:
	var $recInMarkersHSC = TRUE;		// If true, values from the record put into markers going out into HTML will be passed through htmlspecialchars()!

Kasper Skårhøj's avatar
Kasper Skårhøj committed
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
	var $dataArr = array();
	var $failureMsg = array();
	var $theTable = '';
	var $thePid = 0;
	var $markerArray = array();
	var $templateCode='';
	var $cObj;

	var $cmd;
	var $preview;
	var $backURL;
	var $recUid;
	var $failure=0;		// is set if data did not have the required fields set.
	var $error='';
	var $saved=0;		// is set if data is saved
	var $requiredArr;
	var $currentArr = array();
	var $previewLabel='';
	var $nc = '';		// '&no_cache=1' if you want that parameter sent.
	var $additionalUpdateFields='';
	var $emailMarkPrefix = 'EMAIL_TEMPLATE_';
	var $codeLength;
	var $cmdKey;
160
	var $fileFunc='';	// Set to a basic_filefunc object
Kasper Skårhøj's avatar
Kasper Skårhøj committed
161
162
	var $filesStoredInUploadFolders=array();		// This array will hold the names of files transferred to the uploads/* folder if any. If the records are NOT saved, these files should be deleted!! Currently this is not working!

Kasper Skårhøj's avatar
Kasper Skårhøj committed
163
164
		// Internal vars, dynamic:
	var $unlinkTempFiles = array();			// Is loaded with all temporary filenames used for upload which should be deleted before exit...
165

Kasper Skårhøj's avatar
Kasper Skårhøj committed
166
167
	/**
	 * Main function. Called from TypoScript.
168
169
	 * This
	 * - initializes internal variables,
Kasper Skårhøj's avatar
Kasper Skårhøj committed
170
171
172
	 * - fills in the markerArray with default substitution string
	 * - saves/emails if such commands are sent
	 * - calls functions for display of the screen for editing/creation/deletion etc.
173
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
174
175
176
177
178
179
180
181
182
183
184
185
	 * @param	string		Empty string, ignore.
	 * @param	array		TypoScript properties following the USER_INT object which uses this library
	 * @return	string		HTML content
	 * @link http://typo3.org/doc.0.html?&tx_extrepmgm_pi1[extUid]=270&tx_extrepmgm_pi1[tocEl]=396&cHash=d267c36546
	 */
	function init($content,$conf)	{
		$this->conf = $conf;

			// template file is fetched.
		$this->templateCode = $this->conf['templateContent'] ? $this->conf['templateContent'] : $this->cObj->fileResource($this->conf['templateFile']);

			// Getting the cmd var
Kasper Skårhøj's avatar
Kasper Skårhøj committed
186
		$this->cmd = (string)t3lib_div::_GP('cmd');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
187
			// Getting the preview var
Kasper Skårhøj's avatar
Kasper Skårhøj committed
188
		$this->preview = (string)t3lib_div::_GP('preview');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
189
			// backURL is a given URL to return to when login is performed
Kasper Skårhøj's avatar
Kasper Skårhøj committed
190
		$this->backURL = t3lib_div::_GP('backURL');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
191
			// Uid to edit:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
192
		$this->recUid = t3lib_div::_GP('rU');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
193
			// Authentication code:
Kasper Skårhøj's avatar
Kasper Skårhøj committed
194
		$this->authCode = t3lib_div::_GP('aC');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
195
196
			// get table
		$this->theTable = $this->conf['table'];
197

Kasper Skårhøj's avatar
Kasper Skårhøj committed
198
199
200
		$this->nc = $this->conf['no_cache'] ? '&no_cache=1' : $this->nc;
			// pid
		$this->thePid = intval($this->conf['pid']) ? intval($this->conf['pid']) : $GLOBALS['TSFE']->id;
201
			//
Kasper Skårhøj's avatar
Kasper Skårhøj committed
202
		$this->codeLength = intval($this->conf['authcodeFields.']['codeLength']) ? intval($this->conf['authcodeFields.']['codeLength']) : 8;
203

Kasper Skårhøj's avatar
Kasper Skårhøj committed
204
205
			// Setting the hardcoded lists of fields allowed for editing and creation.
		$this->fieldList=implode(',',t3lib_div::trimExplode(',',$GLOBALS['TCA'][$this->theTable]['feInterface']['fe_admin_fieldList'],1));
206
207

			// globally substituted markers, fonts and colors.
Kasper Skårhøj's avatar
Kasper Skårhøj committed
208
209
210
211
212
213
214
215
		$splitMark = md5(microtime());
		list($this->markerArray['###GW1B###'],$this->markerArray['###GW1E###']) = explode($splitMark,$this->cObj->stdWrap($splitMark,$this->conf['wrap1.']));
		list($this->markerArray['###GW2B###'],$this->markerArray['###GW2E###']) = explode($splitMark,$this->cObj->stdWrap($splitMark,$this->conf['wrap2.']));
		$this->markerArray['###GC1###'] = $this->cObj->stdWrap($this->conf['color1'],$this->conf['color1.']);
		$this->markerArray['###GC2###'] = $this->cObj->stdWrap($this->conf['color2'],$this->conf['color2.']);
		$this->markerArray['###GC3###'] = $this->cObj->stdWrap($this->conf['color3'],$this->conf['color3.']);

			// Initialize markerArray, setting FORM_URL and HIDDENFIELDS
Kasper Skårhøj's avatar
Kasper Skårhøj committed
216
		$this->markerArray['###FORM_URL###'] = 'index.php?id='.$GLOBALS['TSFE']->id.'&type='.$GLOBALS['TSFE']->type.$this->nc.$this->conf['addParams'];
217
		$this->markerArray['###FORM_URL_ENC###'] = rawurlencode($this->markerArray['###FORM_URL###']);
218
219
		$this->markerArray['###FORM_URL_HSC###'] = htmlspecialchars($this->markerArray['###FORM_URL###']);

Kasper Skårhøj's avatar
Kasper Skårhøj committed
220
221
		$this->markerArray['###BACK_URL###'] = $this->backURL;
		$this->markerArray['###BACK_URL_ENC###'] = rawurlencode($this->markerArray['###BACK_URL###']);
222
		$this->markerArray['###BACK_URL_HSC###'] = htmlspecialchars($this->markerArray['###BACK_URL###']);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
223

224
225
226
227
		$this->markerArray['###THE_PID###'] = $this->thePid;
		$this->markerArray['###REC_UID###'] = $this->recUid;
		$this->markerArray['###AUTH_CODE###'] = $this->authCode;
		$this->markerArray['###THIS_ID###'] = $GLOBALS['TSFE']->id;
228
229
		$this->markerArray['###THIS_URL###'] = htmlspecialchars(t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR'));
		$this->markerArray['###HIDDENFIELDS###'] =
Kasper Skårhøj's avatar
Kasper Skårhøj committed
230
231
232
			($this->cmd?'<input type="hidden" name="cmd" value="'.htmlspecialchars($this->cmd).'" />':'').
			($this->authCode?'<input type="hidden" name="aC" value="'.htmlspecialchars($this->authCode).'" />':'').
			($this->backURL?'<input type="hidden" name="backURL" value="'.htmlspecialchars($this->backURL).'" />':'');
233
234


Kasper Skårhøj's avatar
Kasper Skårhøj committed
235
236
237
238
239
240
241
242
243
244
245
246
247
248
			// Setting cmdKey which is either 'edit' or 'create'
		switch($this->cmd)	{
			case 'edit':
				$this->cmdKey='edit';
			break;
			default:
				$this->cmdKey='create';
			break;
		}
			// Setting requiredArr to the fields in 'required' intersected field the total field list in order to remove invalid fields.
		$this->requiredArr = array_intersect(
			t3lib_div::trimExplode(',',$this->conf[$this->cmdKey.'.']['required'],1),
			t3lib_div::trimExplode(',',$this->conf[$this->cmdKey.'.']['fields'],1)
		);
249

Kasper Skårhøj's avatar
Kasper Skårhøj committed
250
			// Setting incoming data. Non-stripped
Kasper Skårhøj's avatar
Kasper Skårhøj committed
251
		$fe=t3lib_div::_GP('FE');
Kasper Skårhøj's avatar
Kasper Skårhøj committed
252
253
		$this->dataArr = $fe[$this->theTable];	// Incoming data.

Kasper Skårhøj's avatar
Kasper Skårhøj committed
254
/*
Kasper Skårhøj's avatar
Kasper Skårhøj committed
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
		debug($GLOBALS['HTTP_POST_VARS']);
		debug($GLOBALS['HTTP_GET_VARS']);
		debug($GLOBALS['HTTP_POST_FILES']);
*/
			// Checking template file and table value
		if (!$this->templateCode)	{
			$content = 'No template file found: '.$this->conf['templateFile'];
			return $content;
		}

		if (!$this->theTable || !$this->fieldList)	{
			$content = 'Wrong table: '.$this->theTable;
			return $content;		// Not listed or editable table!
		}

		// *****************
		// If data is submitted, we take care of it here.
		// *******************
Kasper Skårhøj's avatar
Kasper Skårhøj committed
273
		if ($this->cmd=='delete' && !$this->preview && !t3lib_div::_GP('doNotSave'))	{	// Delete record if delete command is sent + the preview flag is NOT set.
Kasper Skårhøj's avatar
Kasper Skårhøj committed
274
275
276
			$this->deleteRecord();
		}
			// If incoming data is seen...
277
		if (is_array($this->dataArr))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
278
279
280
281
282
283
284
285
286
287
288
289
290
291
				// Evaluation of data:
			$this->parseValues();
			$this->overrideValues();
			$this->evalValues();
			if ($this->conf['evalFunc'])	{
				$this->dataArr = $this->userProcess('evalFunc',$this->dataArr);
			}

		/*
		debug($this->dataArr);
		debug($this->failure);
		debug($this->preview);
		*/
				// if not preview and no failures, then set data...
Kasper Skårhøj's avatar
Kasper Skårhøj committed
292
			if (!$this->failure && !$this->preview && !t3lib_div::_GP('doNotSave'))	{	// doNotSave is a global var (eg a 'Cancel' submit button) that prevents the data from being processed
Kasper Skårhøj's avatar
Kasper Skårhøj committed
293
294
295
296
297
298
299
300
301
302
				$this->save();
			} else {
				if ($this->conf['debug'])		debug($this->failure);
			}
		} else {
			$this->defaultValues();	// If no incoming data, this will set the default values.
			$this->preview = 0;	// No preview if data is not received
		}
		if ($this->failure)	{$this->preview=0;}	// No preview flag if a evaluation failure has occured
		$this->previewLabel = $this->preview ? '_PREVIEW' : '';	// Setting preview label prefix.
303
304


Kasper Skårhøj's avatar
Kasper Skårhøj committed
305
306
307
308
309
310
			// *********************
			// DISPLAY FORMS:
			// ***********************
		if ($this->saved) {
				// Clear page cache
			$this->clearCacheIfSet();
311

Kasper Skårhøj's avatar
Kasper Skårhøj committed
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
				// Displaying the page here that says, the record has been saved. You're able to include the saved values by markers.
			switch($this->cmd)	{
				case 'delete':
					$key='DELETE';
				break;
				case 'edit':
					$key='EDIT';
				break;
				default:
					$key='CREATE';
				break;
			}
				// Output message
			$templateCode = $this->cObj->getSubpart($this->templateCode, '###TEMPLATE_'.$key.'_SAVED###');
			$this->setCObjects($templateCode,$this->currentArr);
327
			$markerArray = $this->cObj->fillInMarkerArray($this->markerArray, $this->currentArr, '', TRUE, 'FIELD_', $this->recInMarkersHSC);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
328
			$content = $this->cObj->substituteMarkerArray($templateCode, $markerArray);
329

Kasper Skårhøj's avatar
Kasper Skårhøj committed
330
331
				// email message:
			$this->compileMail(
332
				$key.'_SAVED',
Kasper Skårhøj's avatar
Kasper Skårhøj committed
333
334
335
336
				array($this->currentArr),
				$this->currentArr[$this->conf['email.']['field']],
				$this->conf['setfixed.']
			);
337

Kasper Skårhøj's avatar
Kasper Skårhøj committed
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
		} elseif ($this->error) {	// If there was an error, we return the template-subpart with the error message
			$templateCode = $this->cObj->getSubpart($this->templateCode, $this->error);
			$this->setCObjects($templateCode);
			$content = $this->cObj->substituteMarkerArray($templateCode, $this->markerArray);
		} else {
				// Finally, if there has been no attempt to save. That is either preview or just displaying and empty or not correctly filled form:
			if (!$this->cmd)	{
				$this->cmd=$this->conf['defaultCmd'];
			}
			if ($this->conf['debug'])		debug('Display form: '.$this->cmd,1);
			switch($this->cmd)	{
				case 'setfixed':
					$content = $this->procesSetFixed();
				break;
				case 'infomail':
					$content = $this->sendInfoMail();
				break;
				case 'delete':
					$content = $this->displayDeleteScreen();
				break;
				case 'edit':
					$content = $this->displayEditScreen();
				break;
				case 'create':
					$content = $this->displayCreateScreen();
				break;
			}
365
366
		}

Kasper Skårhøj's avatar
Kasper Skårhøj committed
367
368
369
370
			// Delete temp files:
		foreach($this->unlinkTempFiles as $tempFileName)	{
			t3lib_div::unlink_tempfile($tempFileName);
		}
371

Kasper Skårhøj's avatar
Kasper Skårhøj committed
372
			// Return content:
373
		return $content;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
	}























	/*****************************************
399
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
400
	 * Data processing
401
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
402
403
404
405
406
407
408
	 *****************************************/

	/**
	 * Performs processing on the values found in the input data array, $this->dataArr.
	 * The processing is done according to configuration found in TypoScript
	 * Examples of this could be to force a value to an integer, remove all non-alphanumeric characters, trimming a value, upper/lowercase it, or process it due to special types like files submitted etc.
	 * Called from init() if the $this->dataArr is found to be an array
409
410
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
	 * @see init()
	 */
	function parseValues()	{
		if (is_array($this->conf['parseValues.']))	{
			reset($this->conf['parseValues.']);
			while(list($theField,$theValue)=each($this->conf['parseValues.']))	{
				$listOfCommands = t3lib_div::trimExplode(',',$theValue,1);
				while(list(,$cmd)=each($listOfCommands))	{
					$cmdParts = split('\[|\]',$cmd);	// Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array.
					$theCmd=trim($cmdParts[0]);
					switch($theCmd)	{
						case 'int':
							$this->dataArr[$theField]=intval($this->dataArr[$theField]);
						break;
						case 'lower':
						case 'upper':
							$this->dataArr[$theField] = $this->cObj->caseshift($this->dataArr[$theField],$theCmd);
						break;
						case 'nospace':
							$this->dataArr[$theField] = str_replace(' ', '', $this->dataArr[$theField]);
						break;
						case 'alpha':
							$this->dataArr[$theField] = ereg_replace('[^a-zA-Z]','',$this->dataArr[$theField]);
434
						break;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
435
436
						case 'num':
							$this->dataArr[$theField] = ereg_replace('[^0-9]','',$this->dataArr[$theField]);
437
						break;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
438
439
						case 'alphanum':
							$this->dataArr[$theField] = ereg_replace('[^a-zA-Z0-9]','',$this->dataArr[$theField]);
440
						break;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
441
442
443
444
445
446
447
448
449
450
						case 'alphanum_x':
							$this->dataArr[$theField] = ereg_replace('[^a-zA-Z0-9_-]','',$this->dataArr[$theField]);
						break;
						case 'trim':
							$this->dataArr[$theField] = trim($this->dataArr[$theField]);
						break;
						case 'random':
							$this->dataArr[$theField] = substr(md5(uniqid(microtime(),1)),0,intval($cmdParts[1]));
						break;
						case 'files':
Kasper Skårhøj's avatar
Kasper Skårhøj committed
451
							if ($this->cmdKey=='create' && !t3lib_div::_GP('doNotSave'))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
								$this->processFiles($cmdParts,$theField);
							} else unset($this->dataArr[$theField]);	// Fields with files cannot be edited - only created.
						break;
						case 'setEmptyIfAbsent':
							if (!isset($this->dataArr[$theField]))	{
								$this->dataArr[$theField]='';
							}
						break;
						case 'multiple':
							if (is_array($this->dataArr[$theField]))	{
								$this->dataArr[$theField] = implode(',',$this->dataArr[$theField]);
							}
						break;
						case 'checkArray':
							if (is_array($this->dataArr[$theField]))	{
								reset($this->dataArr[$theField]);
								$val = 0;
								while(list($kk,$vv)=each($this->dataArr[$theField]))	{
									$kk = t3lib_div::intInRange($kk,0);
									if ($kk<=30)	{
										if ($vv)	{
											$val|=pow(2,$kk);
										}
									}
								}
								$this->dataArr[$theField] = $val;
							} else {$this->dataArr[$theField]=0;}
						break;
						case 'uniqueHashInt':
							$otherFields = t3lib_div::trimExplode(';',$cmdParts[1],1);
							$hashArray=array();
							while(list(,$fN)=each($otherFields))	{
								$vv = $this->dataArr[$fN];
								$vv = ereg_replace('[[:space:]]','',$vv);
								$vv = ereg_replace('[^[:alnum:]]','',$vv);
								$vv = strtolower($vv);
								$hashArray[]=$vv;
							}
							$this->dataArr[$theField]=hexdec(substr(md5(serialize($hashArray)),0,8));
						break;
					}
				}
			}
		}
	}

	/**
	 * Processing of files.
	 * NOTICE: for now files can be handled only on creation of records. But a more advanced feature is that PREVIEW of files is handled.
501
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
502
503
	 * @param	array		Array with cmd-parts (from parseValues()). This will for example contain information about allowed file extensions and max size of uploaded files.
	 * @param	string		The fieldname with the files.
504
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
505
506
507
508
509
	 * @access private
	 * @see parseValues()
	 */
	function processFiles($cmdParts,$theField)	{
//debug($GLOBALS['HTTP_POST_FILES']);
510
			// First, make an array with the filename and file reference, whether the file is just uploaded or a preview
Kasper Skårhøj's avatar
Kasper Skårhøj committed
511
		$filesArr = array();
512

Kasper Skårhøj's avatar
Kasper Skårhøj committed
513
514
515
516
517
518
519
520
521
522
523
524
525
526
		if (is_string($this->dataArr[$theField]))	{		// files from preview.
			$tmpArr = explode(',',$this->dataArr[$theField]);
			reset($tmpArr);
			while(list(,$val)=each($tmpArr))	{
				$valParts = explode('|',$val);
				$filesArr[] = array (
					'name'=>$valParts[1],
					'tmp_name'=>PATH_site.'typo3temp/'.$valParts[0]
				);
			}
		} elseif (is_array($GLOBALS['HTTP_POST_FILES']['FE'][$this->theTable][$theField]['name']))	{	// Files from upload
			reset($GLOBALS['HTTP_POST_FILES']['FE'][$this->theTable][$theField]['name']);
			while(list($kk,$vv)=each($GLOBALS['HTTP_POST_FILES']['FE'][$this->theTable][$theField]['name']))	{
				if ($vv)	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
527
528
529
530
531
532
533
534
					$tmpFile = t3lib_div::upload_to_tempfile($GLOBALS['HTTP_POST_FILES']['FE'][$this->theTable][$theField]['tmp_name'][$kk]);
					if ($tmpFile)	{
						$this->unlinkTempFiles[]=$tmpFile;
						$filesArr[] = array (
							'name'=>$vv,
							'tmp_name'=>$tmpFile
						);
					}
Kasper Skårhøj's avatar
Kasper Skårhøj committed
535
536
537
538
539
540
				}
			}
		} elseif (is_array($GLOBALS['HTTP_POST_FILES']['FE']['name'][$this->theTable][$theField]))	{	// Files from upload
			reset($GLOBALS['HTTP_POST_FILES']['FE']['name'][$this->theTable][$theField]);
			while(list($kk,$vv)=each($GLOBALS['HTTP_POST_FILES']['FE']['name'][$this->theTable][$theField]))	{
				if ($vv)	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
541
542
543
544
545
546
547
548
					$tmpFile = t3lib_div::upload_to_tempfile($GLOBALS['HTTP_POST_FILES']['FE']['tmp_name'][$this->theTable][$theField][$kk]);
					if ($tmpFile)	{
						$this->unlinkTempFiles[]=$tmpFile;
						$filesArr[] = array (
							'name'=>$vv,
							'tmp_name'=>$tmpFile
						);
					}
Kasper Skårhøj's avatar
Kasper Skårhøj committed
549
550
551
552
553
554
555
556
				}
			}
		}

			// Then verify the files in that array; check existence, extension and size
		$this->dataArr[$theField]='';
		$finalFilesArr=array();
		if (count($filesArr))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
557
			$extArray = t3lib_div::trimExplode(';',strtolower($cmdParts[1]),1);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
			$maxSize = intval($cmdParts[3]);
			reset($filesArr);
			while(list(,$infoArr)=each($filesArr))	{
				$fI = pathinfo($infoArr['name']);
				if (t3lib_div::verifyFilenameAgainstDenyPattern($fI['name']))	{
					if (!count($extArray) || in_array(strtolower($fI['extension']), $extArray))	{
						$tmpFile = $infoArr['tmp_name'];
						if (@is_file($tmpFile))	{
							if (!$maxSize || filesize($tmpFile)<$maxSize*1024)	{
								$finalFilesArr[]=$infoArr;
							} elseif ($this->conf['debug'])	{debug('Size is beyond '.$maxSize.' kb ('.filesize($tmpFile).' bytes) and the file cannot be saved.');}
						} elseif ($this->conf['debug'])	{debug('Surprisingly there was no file for '.$vv.' in '.$tmpFile);}
					} elseif ($this->conf['debug'])	{debug('Extension "'.$fI['extension'].'" not allowed');}
				} elseif ($this->conf['debug'])	{debug('Filename matched illegal pattern.');}
			}
		}
			// Copy the files in the resulting array to the proper positions based on preview/non-preview.
		reset($finalFilesArr);
		$fileNameList=array();
		while(list(,$infoArr)=each($finalFilesArr))	{
			if ($this->isPreview())	{		// If the form is a preview form (and data is therefore not going into the database...) do this.
				$this->createFileFuncObj();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
580
				$fI = pathinfo($infoArr['name']);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
581
582
583
584
				$tmpFilename = $this->theTable.'_'.t3lib_div::shortmd5(uniqid($infoArr['name'])).'.'.$fI['extension'];
				$theDestFile = $this->fileFunc->getUniqueName($this->fileFunc->cleanFileName($tmpFilename), PATH_site.'typo3temp/');
				t3lib_div::upload_copy_move($infoArr['tmp_name'],$theDestFile);
					// Setting the filename in the list
Kasper Skårhøj's avatar
Kasper Skårhøj committed
585
586
				$fI2 = pathinfo($theDestFile);
				$fileNameList[] = $fI2['basename'].'|'.$infoArr['name'];
Kasper Skårhøj's avatar
Kasper Skårhøj committed
587
588
589
590
591
			} else {
				$this->createFileFuncObj();
				$GLOBALS['TSFE']->includeTCA();
				t3lib_div::loadTCA($this->theTable);
				if (is_array($GLOBALS['TCA'][$this->theTable]['columns'][$theField]))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
592
					$uploadPath = $GLOBALS['TCA'][$this->theTable]['columns'][$theField]['config']['uploadfolder'];
Kasper Skårhøj's avatar
Kasper Skårhøj committed
593
594
595
				}
				if ($uploadPath)	{
					$theDestFile = $this->fileFunc->getUniqueName($this->fileFunc->cleanFileName($infoArr['name']), PATH_site.$uploadPath);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
596
					t3lib_div::upload_copy_move($infoArr['tmp_name'],$theDestFile);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
597
						// Setting the filename in the list
Kasper Skårhøj's avatar
Kasper Skårhøj committed
598
599
					$fI2 = pathinfo($theDestFile);
					$fileNameList[] = $fI2['basename'];
Kasper Skårhøj's avatar
Kasper Skårhøj committed
600
601
602
603
					$this->filesStoredInUploadFolders[]=$theDestFile;
				}
			}
				// Implode the list of filenames
Kasper Skårhøj's avatar
Kasper Skårhøj committed
604
			$this->dataArr[$theField] = implode(',',$fileNameList);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
605
606
607
608
609
		}
	}

	/**
	 * Overriding values in $this->dataArr if configured for that in TypoScript ([edit/create].overrideValues)
610
611
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
612
613
614
615
616
617
618
619
620
621
622
623
624
625
	 * @see init()
	 */
	function overrideValues()	{
		// Addition of overriding values
		if (is_array($this->conf[$this->cmdKey.'.']['overrideValues.']))	{
			reset($this->conf[$this->cmdKey.'.']['overrideValues.']);
			while(list($theField,$theValue)=each($this->conf[$this->cmdKey.'.']['overrideValues.']))	{
				$this->dataArr[$theField] = $theValue;
			}
		}
	}

	/**
	 * Called if there is no input array in $this->dataArr. Then this function sets the default values configured in TypoScript
626
627
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
628
629
630
631
632
633
634
635
636
637
638
639
640
	 * @see init()
	 */
	function defaultValues()	{
			// Addition of default values
		if (is_array($this->conf[$this->cmdKey.'.']['defaultValues.']))	{
			reset($this->conf[$this->cmdKey.'.']['defaultValues.']);
			while(list($theField,$theValue)=each($this->conf[$this->cmdKey.'.']['defaultValues.']))	{
				$this->dataArr[$theField] = $theValue;
			}
		}
	}

	/**
641
	 * This will evaluate the input values from $this->dataArr to see if they conforms with the requirements configured in TypoScript per field.
Kasper Skårhøj's avatar
Kasper Skårhøj committed
642
643
644
	 * For example this could be checking if a field contains a valid email address, a unique value, a value within a certain range etc.
	 * It will populate arrays like $this->failure and $this->failureMsg with error messages (which can later be displayed in the template). Mostly it does NOT alter $this->dataArr (such parsing of values was done by parseValues())
	 * Works based on configuration in TypoScript key [create/edit].evalValues
645
646
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
	 * @see init(), parseValues()
	 */
	function evalValues()	{
		// Check required, set failure if not ok.
		reset($this->requiredArr);
		$tempArr=array();
		while(list(,$theField)=each($this->requiredArr))	{
			if (!trim($this->dataArr[$theField]))	{
				$tempArr[]=$theField;
			}
		}

		// Evaluate: This evaluates for more advanced things than 'required' does. But it returns the same error code, so you must let the required-message tell, if further evaluation has failed!
		$recExist=0;
		if (is_array($this->conf[$this->cmdKey.'.']['evalValues.']))	{
			switch($this->cmd)	{
				case 'edit':
					if (isset($this->dataArr['pid']))	{			// This may be tricked if the input has the pid-field set but the edit-field list does NOT allow the pid to be edited. Then the pid may be false.
						$recordTestPid = intval($this->dataArr['pid']);
					} else {
						$tempRecArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$this->dataArr['uid']);
						$recordTestPid = intval($tempRecArr['pid']);
					}
					$recExist=1;
				break;
				default:
					$recordTestPid = $this->thePid ? $this->thePid : t3lib_div::intval_positive($this->dataArr['pid']);
				break;
			}

			reset($this->conf[$this->cmdKey.'.']['evalValues.']);
			while(list($theField,$theValue)=each($this->conf[$this->cmdKey.'.']['evalValues.']))	{
				$listOfCommands = t3lib_div::trimExplode(',',$theValue,1);
				while(list(,$cmd)=each($listOfCommands))	{
					$cmdParts = split('\[|\]',$cmd);	// Point is to enable parameters after each command enclosed in brackets [..]. These will be in position 1 in the array.
					$theCmd = trim($cmdParts[0]);
					switch($theCmd)	{
						case 'uniqueGlobal':
685
							if ($DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,$theField,$this->dataArr[$theField],'','','','1'))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
686
687
688
689
690
691
692
								if (!$recExist || $DBrows[0]['uid']!=$this->dataArr['uid'])	{	// Only issue an error if the record is not existing (if new...) and if the record with the false value selected was not our self.
									$tempArr[]=$theField;
									$this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'The value existed already. Enter a new value.');
								}
							}
						break;
						case 'uniqueLocal':
693
							if ($DBrows = $GLOBALS['TSFE']->sys_page->getRecordsByField($this->theTable,$theField,$this->dataArr[$theField], 'AND pid IN ('.$recordTestPid.')','','','1'))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
								if (!$recExist || $DBrows[0]['uid']!=$this->dataArr['uid'])	{	// Only issue an error if the record is not existing (if new...) and if the record with the false value selected was not our self.
									$tempArr[]=$theField;
									$this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'The value existed already. Enter a new value.');
								}
							}
						break;
						case 'twice':
							if (strcmp($this->dataArr[$theField], $this->dataArr[$theField.'_again']))	{
								$tempArr[]=$theField;
								$this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter the same value twice');
							}
						break;
						case 'email':
							if (!$this->cObj->checkEmail($this->dataArr[$theField]))	{
								$tempArr[]=$theField;
								$this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter a valid email address');
							}
						break;
						case 'required':
							if (!trim($this->dataArr[$theField]))	{
								$tempArr[]=$theField;
								$this->failureMsg[$theField][] = $this->getFailure($theField, $theCmd, 'You must enter a value!');
							}
						break;
						case 'atLeast':
							$chars=intval($cmdParts[1]);
							if (strlen($this->dataArr[$theField])<$chars)	{
								$tempArr[]=$theField;
								$this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'You must enter at least %s characters!'), $chars);
							}
						break;
						case 'atMost':
							$chars=intval($cmdParts[1]);
							if (strlen($this->dataArr[$theField])>$chars)	{
								$tempArr[]=$theField;
								$this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'You must enter at most %s characters!'), $chars);
							}
						break;
						case 'inBranch':
							$pars = explode(';',$cmdParts[1]);
							if (intval($pars[0]))	{
								$pid_list = $this->cObj->getTreeList(
									intval($pars[0]),
									intval($pars[1]) ? intval($pars[1]) : 999,
									intval($pars[2])
								);
								if (!$pid_list || !t3lib_div::inList($pid_list,$this->dataArr[$theField]))	{
									$tempArr[]=$theField;
									$this->failureMsg[$theField][] = sprintf($this->getFailure($theField, $theCmd, 'The value was not a valid valud from this list: %s'), $pid_list);
								}
							}
						break;
						case 'unsetEmpty':
							if (!$this->dataArr[$theField])	{
748
								$hash = array_flip($tempArr);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
								unset($hash[$theField]);
								$tempArr = array_keys($hash);
								unset($this->failureMsg[$theField]);
								unset($this->dataArr[$theField]);	// This should prevent the field from entering the database.
							}
						break;
					}
				}
				$this->markerArray['###EVAL_ERROR_FIELD_'.$theField.'###'] = is_array($this->failureMsg[$theField]) ? implode($this->failureMsg[$theField],'<br />') : '';
			}
		}
		$this->failure=implode($tempArr,',');	 //$failure will show which fields were not OK
	}

	/**
	 * Preforms user processing of input array - triggered right after the function call to evalValues() IF TypoScript property "evalFunc" was set.
765
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
	 * @param	string		Key pointing to the property in TypoScript holding the configuration for this processing (here: "evalFunc.*"). Well: at least its safe to say that "parentObj" in this array passed to the function is a reference back to this object.
	 * @param	array		The $this->dataArr passed for processing
	 * @return	array		The processed $passVar ($this->dataArr)
	 * @see init(), evalValues()
	 */
	function userProcess($mConfKey,$passVar)	{
		if ($this->conf[$mConfKey])	{
			$funcConf = $this->conf[$mConfKey.'.'];
			$funcConf['parentObj']=&$this;
			$passVar = $GLOBALS['TSFE']->cObj->callUserFunction($this->conf[$mConfKey], $funcConf, $passVar);
		}
		return $passVar;
	}

	/**
	 * User processing of contnet
782
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
	 * @param	string		Value of the TypoScript object triggering the processing.
	 * @param	array		Properties of the TypoScript object triggering the processing. The key "parentObj" in this array is passed to the function as a reference back to this object.
	 * @param	mixed		Input variable to process
	 * @return	mixed		Processed input variable, $passVar
	 * @see userProcess(), save(), modifyDataArrForFormUpdate()
	 */
	function userProcess_alt($confVal,$confArr,$passVar)	{
		if ($confVal)	{
			$funcConf = $confArr;
			$funcConf['parentObj']=&$this;
			$passVar = $GLOBALS['TSFE']->cObj->callUserFunction($confVal, $funcConf, $passVar);
		}
		return $passVar;
	}






















	/*****************************************
820
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
821
	 * Database manipulation functions
822
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
823
824
825
826
	 *****************************************/

	/**
	 * Performs the saving of records, either edited or created.
827
828
	 *
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
829
830
831
832
833
834
835
836
837
838
	 * @see init()
	 */
	function save()	{
		switch($this->cmd)	{
			case 'edit':
				$theUid = $this->dataArr['uid'];
				$origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$theUid);		// Fetches the original record to check permissions
				if ($this->conf['edit'] && ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr)))	{	// Must be logged in in order to edit  (OR be validated by email)
					$newFieldList = implode(array_intersect(explode(',',$this->fieldList),t3lib_div::trimExplode(',',$this->conf['edit.']['fields'],1)),',');
					if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr,$GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf']))	{
839
						$this->cObj->DBgetUpdate($this->theTable, $theUid, $this->dataArr, $newFieldList, TRUE);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
840
841
842
843
844
845
846
847
848
849
850
						$this->currentArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$theUid);
						$this->userProcess_alt($this->conf['edit.']['userFunc_afterSave'],$this->conf['edit.']['userFunc_afterSave.'],array('rec'=>$this->currentArr, 'origRec'=>$origArr));
						$this->saved=1;
					} else {
						$this->error='###TEMPLATE_NO_PERMISSIONS###';
					}
				}
			break;
			default:
				if ($this->conf['create'])	{
					$newFieldList = implode(array_intersect(explode(',',$this->fieldList),t3lib_div::trimExplode(',',$this->conf['create.']['fields'],1)),',');
851
852
					$this->cObj->DBgetInsert($this->theTable, $this->thePid, $this->dataArr, $newFieldList, TRUE);
					$newId = $GLOBALS['TYPO3_DB']->sql_insert_id();
Kasper Skårhøj's avatar
Kasper Skårhøj committed
853
854
855
856
857

					if ($this->theTable=='fe_users' && $this->conf['fe_userOwnSelf'])	{		// enables users, creating logins, to own them self.
						$extraList='';
						$dataArr = array();
						if ($GLOBALS['TCA'][$this->theTable]['ctrl']['fe_cruser_id'])		{
858
							$field=$GLOBALS['TCA'][$this->theTable]['ctrl']['fe_cruser_id'];
Kasper Skårhøj's avatar
Kasper Skårhøj committed
859
860
861
862
							$dataArr[$field]=$newId;
							$extraList.=','.$field;
						}
						if ($GLOBALS['TCA'][$this->theTable]['ctrl']['fe_crgroup_id'])	{
863
864
865
							$field=$GLOBALS['TCA'][$this->theTable]['ctrl']['fe_crgroup_id'];
							list($dataArr[$field])=explode(',',$this->dataArr['usergroup']);
							$dataArr[$field]=intval($dataArr[$field]);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
866
867
868
							$extraList.=','.$field;
						}
						if (count($dataArr))	{
869
							$this->cObj->DBgetUpdate($this->theTable, $newId, $dataArr, $extraList, TRUE);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
870
871
						}
					}
872

Kasper Skårhøj's avatar
Kasper Skårhøj committed
873
874
875
876
877
878
879
880
881
882
883
884
					$this->currentArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,$newId);
					$this->userProcess_alt($this->conf['create.']['userFunc_afterSave'],$this->conf['create.']['userFunc_afterSave.'],array('rec'=>$this->currentArr));
					$this->saved=1;
				}
			break;
		}
	}

	/**
	 * Deletes the record from table/uid, $this->theTable/$this->recUid, IF the fe-user has permission to do so.
	 * If the deleted flag should just be set, then it is done so. Otherwise the record truely is deleted along with any attached files.
	 * Called from init() if "cmd" was set to "delete" (and some other conditions)
885
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
886
887
888
889
890
891
892
893
	 * @return	string		void
	 * @see init()
	 */
	function deleteRecord()	{
		if ($this->conf['delete'])	{	// If deleting is enabled
			$origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,  $this->recUid);
			if ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr))	{	// Must be logged in OR be authenticated by the aC code in order to delete
					// If the recUid selects a record.... (no check here)
894
				if (is_array($origArr))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
895
896
897
898
					if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr, $GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf']))	{	// Display the form, if access granted.
						if (!$GLOBALS['TCA'][$this->theTable]['ctrl']['delete'])	{	// If the record is fully deleted... then remove the image (or any file) attached.
							$this->deleteFilesFromRecord($this->recUid);
						}
899
						$this->cObj->DBgetDelete($this->theTable, $this->recUid, TRUE);
Kasper Skårhøj's avatar
Kasper Skårhøj committed
900
						$this->currentArr = $origArr;
901
						$this->saved = 1;
Kasper Skårhøj's avatar
Kasper Skårhøj committed
902
					} else {
903
						$this->error = '###TEMPLATE_NO_PERMISSIONS###';
Kasper Skårhøj's avatar
Kasper Skårhøj committed
904
905
906
907
908
909
910
911
912
					}
				}
			}
		}
	}

	/**
	 * Deletes the files attached to a record and updates the record.
	 * Table/uid is $this->theTable/$uid
913
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
914
	 * @param	integer		Uid number of the record to delete from $this->theTable
915
	 * @return	void
Kasper Skårhøj's avatar
Kasper Skårhøj committed
916
917
918
919
920
921
	 * @access private
	 * @see deleteRecord()
	 */
	function deleteFilesFromRecord($uid)	{
		$table = $this->theTable;
		$rec = $GLOBALS['TSFE']->sys_page->getRawRecord($table,$uid);
922

Kasper Skårhøj's avatar
Kasper Skårhøj committed
923
924
925
926
927
928
		$GLOBALS['TSFE']->includeTCA();
		t3lib_div::loadTCA($table);
		reset($GLOBALS['TCA'][$table]['columns']);
		$iFields=array();
		while(list($field,$conf)=each($GLOBALS['TCA'][$table]['columns']))	{
			if ($conf['config']['type']=='group' && $conf['config']['internal_type']=='file')	{
929

930
931
				$GLOBALS['TYPO3_DB']->exec_UPDATEquery($table, 'uid='.intval($uid), array($field => ''));

Kasper Skårhøj's avatar
Kasper Skårhøj committed
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
				$delFileArr = explode(',',$rec[$field]);
				reset($delFileArr);
				while(list(,$n)=each($delFileArr))	{
					if ($n)	{
						$fpath = $conf['config']['uploadfolder'].'/'.$n;
						unlink($fpath);
					}
				}
			}
		}
	}





















	/*****************************************
965
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
966
	 * Command "display" functions
967
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
968
969
970
971
	 *****************************************/

	/**
	 * Creates the preview display of delete actions
972
	 *
Kasper Skårhøj's avatar
Kasper Skårhøj committed
973
974
975
976
977
978
979
980
	 * @return	string		HTML content
	 * @see init()
	 */
	function displayDeleteScreen()	{
		if ($this->conf['delete'])	{	// If deleting is enabled
			$origArr = $GLOBALS['TSFE']->sys_page->getRawRecord($this->theTable,  $this->recUid);
			if ($GLOBALS['TSFE']->loginUser || $this->aCAuth($origArr))	{	// Must be logged in OR be authenticated by the aC code in order to delete
					// If the recUid selects a record.... (no check here)
981
				if (is_array($origArr))	{
Kasper Skårhøj's avatar
Kasper Skårhøj committed
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
					if ($this->aCAuth($origArr) || $this->cObj->DBmayFEUserEdit($this->theTable,$origArr, $GLOBALS['TSFE']->fe_user->user,$this->conf['allowedGroups'],$this->conf['fe_userEditSelf']))	{	// Display the form, if access granted.
						$this->markerArray['###HIDDENFIELDS###'].= '<input type="hidden" name="rU" value="'.$this->recUid.'" />';
						$content = $this->getPlainTemplate('###TEMPLATE_DELETE_PREVIEW###', $origArr);
					} else {	// Else display error, that you could not edit that particular record...
						$content = $this->getPlainTemplate('###TEMPLATE_NO_PERMISSIONS###');
					}
				}
			} else {	// Finally this is if there is no login user. This must tell that you must login. Perhaps link to a page with create-user or login information.
				$content = $this->getPlainTemplate('###TEMPLATE_AUTH###');
			}
		} else {
			$content.='Delete-option is not set in TypoScript';
		}
		return $content;
	}

	/**
	 * Creates the "create" screen for records
1000
	 *
For faster browsing, not all history is shown. View entire blame