/**
* Run the controller and parse the template
*/
public function run()
{
if ($this->strFile == '') {
die('No file given');
}
// Make sure there are no attempts to hack the file system
if (preg_match('@^\\.+@i', $this->strFile) || preg_match('@\\.+/@i', $this->strFile) || preg_match('@(://)+@i', $this->strFile)) {
die('Invalid file name');
}
// Limit preview to the files directory
if (!preg_match('@^' . preg_quote(Config::get('uploadPath'), '@') . '@i', $this->strFile)) {
die('Invalid path');
}
// Check whether the file exists
if (!file_exists(TL_ROOT . '/' . $this->strFile)) {
die('File not found');
}
// Check whether the file is mounted (thanks to Marko Cupic)
if (!$this->User->hasAccess($this->strFile, 'filemounts')) {
die('Permission denied');
}
// Open the download dialogue
if (Input::get('download')) {
$objFile = new File($this->strFile, true);
$objFile->sendToBrowser();
}
// Add the resource (see #6880)
if (($objModel = FilesModel::findByPath($this->strFile)) === null) {
$objModel = Dbafs::addResource($this->strFile);
}
$this->Template = new BackendTemplate('be_popup');
$this->Template->uuid = String::binToUuid($objModel->uuid);
// see #5211
// Add the file info
if (is_dir(TL_ROOT . '/' . $this->strFile)) {
$objFile = new Folder($this->strFile, true);
} else {
$objFile = new File($this->strFile, true);
// Image
if ($objFile->isGdImage) {
$this->Template->isImage = true;
$this->Template->width = $objFile->width;
$this->Template->height = $objFile->height;
$this->Template->src = $this->urlEncode($this->strFile);
}
$this->Template->href = ampersand(Environment::get('request'), true) . '&download=1';
$this->Template->filesize = $this->getReadableSize($objFile->filesize) . ' (' . number_format($objFile->filesize, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)';
}
$this->Template->icon = $objFile->icon;
$this->Template->mime = $objFile->mime;
$this->Template->ctime = Date::parse(Config::get('datimFormat'), $objFile->ctime);
$this->Template->mtime = Date::parse(Config::get('datimFormat'), $objFile->mtime);
$this->Template->atime = Date::parse(Config::get('datimFormat'), $objFile->atime);
$this->Template->path = $this->strFile;
$this->output();
}
/**
* Exports all rules as XML
*
* @param \DataContainer $dc
*/
public function export(\DataContainer $dc)
{
if (($ruleCollection = RuleModel::findBy('pid', $dc->id, array('order' => 'sorting'))) === null) {
return;
}
$this->doc = new \DOMDocument('1.1', 'UTF-8');
$rules = $this->doc->createElement('rules');
foreach ($ruleCollection as $rule) {
$rules->appendChild($this->createRuleElement($rule));
}
$this->doc->appendChild($rules);
$file = new \File('system/tmp/' . md5(uniqid(mt_rand(), true)), true);
$file->write($this->doc->saveXML());
$file->close();
$file->sendToBrowser('css_class_replacer_ruleset.xml');
$file->delete();
}
/**
* Run the controller and parse the template
*/
public function run()
{
if ($this->strFile == '') {
die('No file given');
}
// Make sure there are no attempts to hack the file system
if (preg_match('@^\\.+@i', $this->strFile) || preg_match('@\\.+/@i', $this->strFile) || preg_match('@(://)+@i', $this->strFile)) {
die('Invalid file name');
}
// Limit preview to the files directory
if (!preg_match('@^' . preg_quote(\Config::get('uploadPath'), '@') . '@i', $this->strFile)) {
die('Invalid path');
}
// Check whether the file exists
if (!file_exists(TL_ROOT . '/' . $this->strFile)) {
die('File not found');
}
// Check whether the file is mounted (thanks to Marko Cupic)
if (!$this->User->hasAccess($this->strFile, 'filemounts')) {
die('Permission denied');
}
// Open the download dialogue
if (\Input::get('download')) {
$objFile = new \File($this->strFile, true);
$objFile->sendToBrowser();
}
/** @var \BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_popup');
// Add the resource (see #6880)
if (($objModel = \FilesModel::findByPath($this->strFile)) === null) {
if (\Dbafs::shouldBeSynchronized($this->strFile)) {
$objModel = \Dbafs::addResource($this->strFile);
}
}
if ($objModel !== null) {
$objTemplate->uuid = \StringUtil::binToUuid($objModel->uuid);
// see #5211
}
// Add the file info
if (is_dir(TL_ROOT . '/' . $this->strFile)) {
$objFile = new \Folder($this->strFile, true);
$objTemplate->filesize = $this->getReadableSize($objFile->size) . ' (' . number_format($objFile->size, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)';
} else {
$objFile = new \File($this->strFile, true);
// Image
if ($objFile->isImage) {
$objTemplate->isImage = true;
$objTemplate->width = $objFile->width;
$objTemplate->height = $objFile->height;
$objTemplate->src = $this->urlEncode($this->strFile);
}
$objTemplate->href = ampersand(\Environment::get('request'), true) . '&download=1';
$objTemplate->filesize = $this->getReadableSize($objFile->filesize) . ' (' . number_format($objFile->filesize, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)';
}
$objTemplate->icon = $objFile->icon;
$objTemplate->mime = $objFile->mime;
$objTemplate->ctime = \Date::parse(\Config::get('datimFormat'), $objFile->ctime);
$objTemplate->mtime = \Date::parse(\Config::get('datimFormat'), $objFile->mtime);
$objTemplate->atime = \Date::parse(\Config::get('datimFormat'), $objFile->atime);
$objTemplate->path = specialchars($this->strFile);
$objTemplate->theme = \Backend::getTheme();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = specialchars($this->strFile);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->headline = basename(utf8_convert_encoding($this->strFile, \Config::get('characterSet')));
$objTemplate->label_uuid = $GLOBALS['TL_LANG']['MSC']['fileUuid'];
$objTemplate->label_imagesize = $GLOBALS['TL_LANG']['MSC']['fileImageSize'];
$objTemplate->label_filesize = $GLOBALS['TL_LANG']['MSC']['fileSize'];
$objTemplate->label_ctime = $GLOBALS['TL_LANG']['MSC']['fileCreated'];
$objTemplate->label_mtime = $GLOBALS['TL_LANG']['MSC']['fileModified'];
$objTemplate->label_atime = $GLOBALS['TL_LANG']['MSC']['fileAccessed'];
$objTemplate->label_path = $GLOBALS['TL_LANG']['MSC']['filePath'];
$objTemplate->download = specialchars($GLOBALS['TL_LANG']['MSC']['fileDownload']);
\Config::set('debugMode', false);
$objTemplate->output();
}
/**
* Export a theme
*
* @param \DataContainer $dc
*/
public function exportTheme($dc)
{
// Get the theme meta data
$objTheme = $this->Database->prepare("SELECT * FROM tl_theme WHERE id=?")->limit(1)->execute($dc->id);
if ($objTheme->numRows < 1) {
return;
}
// Romanize the name
$strName = utf8_romanize($objTheme->name);
$strName = strtolower(str_replace(' ', '_', $strName));
$strName = preg_replace('/[^A-Za-z0-9._-]/', '', $strName);
$strName = basename($strName);
// Create a new XML document
$xml = new \DOMDocument('1.0', 'UTF-8');
$xml->formatOutput = true;
// Root element
$tables = $xml->createElement('tables');
$tables = $xml->appendChild($tables);
// Add the tables
$this->addTableTlTheme($xml, $tables, $objTheme);
$this->addTableTlStyleSheet($xml, $tables, $objTheme);
$this->addTableTlModule($xml, $tables, $objTheme);
$this->addTableTlLayout($xml, $tables, $objTheme);
$this->addTableTlImageSize($xml, $tables, $objTheme);
// Generate the archive
$strTmp = md5(uniqid(mt_rand(), true));
$objArchive = new \ZipWriter('system/tmp/' . $strTmp);
// Add the files
$this->addTableTlFiles($xml, $tables, $objTheme, $objArchive);
// Add the template files
$this->addTemplatesToArchive($objArchive, $objTheme->templates);
// HOOK: add custom logic
if (isset($GLOBALS['TL_HOOKS']['exportTheme']) && is_array($GLOBALS['TL_HOOKS']['exportTheme'])) {
foreach ($GLOBALS['TL_HOOKS']['exportTheme'] as $callback) {
\System::importStatic($callback[0])->{$callback}[1]($xml, $objArchive, $objTheme->id);
}
}
// Add the XML document
$objArchive->addString($xml->saveXML(), 'theme.xml');
// Close the archive
$objArchive->close();
// Open the "save as …" dialogue
$objFile = new \File('system/tmp/' . $strTmp, true);
$objFile->sendToBrowser($strName . '.cto');
}
/**
* Export a style sheet
*
* @param \DataContainer $dc
*
* @throws \Exception
*/
public function exportStyleSheet(\DataContainer $dc)
{
$objStyleSheet = $this->Database->prepare("SELECT * FROM tl_style_sheet WHERE id=?")->limit(1)->execute($dc->id);
if ($objStyleSheet->numRows < 1) {
throw new \Exception("Invalid style sheet ID {$dc->id}");
}
$vars = array();
// Get the global theme variables
$objTheme = $this->Database->prepare("SELECT vars FROM tl_theme WHERE id=?")->limit(1)->execute($objStyleSheet->pid);
if ($objTheme->vars != '') {
if (is_array($tmp = deserialize($objTheme->vars))) {
foreach ($tmp as $v) {
$vars[$v['key']] = $v['value'];
}
}
}
// Merge the global style sheet variables
if ($objStyleSheet->vars != '') {
if (is_array($tmp = deserialize($objStyleSheet->vars))) {
foreach ($tmp as $v) {
$vars[$v['key']] = $v['value'];
}
}
}
// Sort by key length (see #3316)
uksort($vars, 'length_sort_desc');
// Create the file
$objFile = new \File('system/tmp/' . md5(uniqid(mt_rand(), true)), true);
$objFile->write('');
// Add the media query (see #7560)
if ($objStyleSheet->mediaQuery != '') {
$objFile->append($objStyleSheet->mediaQuery . ' {');
}
$objDefinitions = $this->Database->prepare("SELECT * FROM tl_style WHERE pid=? AND invisible!='1' ORDER BY sorting")->execute($objStyleSheet->id);
// Append the definition
while ($objDefinitions->next()) {
$objFile->append($this->compileDefinition($objDefinitions->row(), false, $vars, $objStyleSheet->row(), true), '');
}
// Close the media query
if ($objStyleSheet->mediaQuery != '') {
$objFile->append('}');
}
$objFile->close();
$objFile->sendToBrowser($objStyleSheet->name . '.css');
$objFile->delete();
}
/**
* Export a theme
* @param \DataContainer
*/
public function exportTheme(\DataContainer $dc)
{
// Get the theme meta data
$objTheme = $this->Database->prepare("SELECT * FROM tl_theme WHERE id=?")->limit(1)->execute($dc->id);
if ($objTheme->numRows < 1) {
return;
}
// Romanize the name
$strName = utf8_romanize($objTheme->name);
$strName = strtolower(str_replace(' ', '_', $strName));
$strName = preg_replace('/[^A-Za-z0-9\\._-]/', '', $strName);
$strName = basename($strName);
// Create a new XML document
$xml = new \DOMDocument('1.0', 'UTF-8');
$xml->formatOutput = true;
// Root element
$tables = $xml->createElement('tables');
$tables = $xml->appendChild($tables);
// Add the tables
$this->addTableTlTheme($xml, $tables, $objTheme);
$this->addTableTlStyleSheet($xml, $tables, $objTheme);
$this->addTableTlModule($xml, $tables, $objTheme);
$this->addTableTlLayout($xml, $tables, $objTheme);
// Generate the archive
$strTmp = md5(uniqid(mt_rand(), true));
$objArchive = new \ZipWriter('system/tmp/' . $strTmp);
// Add the XML document
$objArchive->addString($xml->saveXML(), 'theme.xml');
// Add the folders
$arrFolders = deserialize($objTheme->folders);
if (!empty($arrFolders) && is_array($arrFolders)) {
$objFolders = \FilesModel::findMultipleByUuids($arrFolders);
if ($objFolders !== null) {
foreach ($this->eliminateNestedPaths($objFolders->fetchEach('path')) as $strFolder) {
$this->addFolderToArchive($objArchive, $strFolder);
}
}
}
// Add the template files
$this->addTemplatesToArchive($objArchive, $objTheme->templates);
// Close the archive
$objArchive->close();
// Open the "save as …" dialogue
$objFile = new \File('system/tmp/' . $strTmp, true);
$objFile->sendToBrowser($strName . '.cto');
}
public function exportToDownload($objResult)
{
$strTmpFile = 'system/tmp/' . $this->strFilename;
// send file to browser
$objWriter = \PHPExcel_IOFactory::createWriter($objResult, $this->strWriterOutputType);
$this->updateWriter($objWriter);
$objWriter->save(TL_ROOT . '/' . $strTmpFile);
$objFile = new \File($strTmpFile);
$objFile->sendToBrowser();
}
public function downloadAll()
{
$strFile = 'download_' . $this->strHash;
$objZip = new \ZipWriter('system/tmp/' . $strFile);
while (list($id, $item) = each($this->arrItems)) {
// get view class by type
$strClass = $GLOBALS['WLV'][$item->type];
if (!class_exists($strClass)) {
continue;
}
$strategy = new $strClass();
$view = new WatchlistItemView($strategy);
$objZip = $view->generateArchiveOutput($item, $objZip);
}
$objZip->close();
// Open the "save as …" dialogue
$objFile = new \File('system/tmp/' . $strFile, true);
$objFile->sendToBrowser($strFile . '.zip');
}
/**
* Send a file to the browser so the "save as …" dialogue opens
*
* @param string $strFile The file path
*/
public static function sendFileToBrowser($strFile)
{
// Make sure there are no attempts to hack the file system
if (preg_match('@^\\.+@i', $strFile) || preg_match('@\\.+/@i', $strFile) || preg_match('@(://)+@i', $strFile)) {
header('HTTP/1.1 404 Not Found');
die('Invalid file name');
}
// Limit downloads to the files directory
if (!preg_match('@^' . preg_quote(\Config::get('uploadPath'), '@') . '@i', $strFile)) {
header('HTTP/1.1 404 Not Found');
die('Invalid path');
}
// Check whether the file exists
if (!file_exists(TL_ROOT . '/' . $strFile)) {
header('HTTP/1.1 404 Not Found');
die('File not found');
}
$objFile = new \File($strFile, true);
$arrAllowedTypes = trimsplit(',', strtolower(\Config::get('allowedDownload')));
// Check whether the file type is allowed to be downloaded
if (!in_array($objFile->extension, $arrAllowedTypes)) {
header('HTTP/1.1 403 Forbidden');
die(sprintf('File type "%s" is not allowed', $objFile->extension));
}
// HOOK: post download callback
if (isset($GLOBALS['TL_HOOKS']['postDownload']) && is_array($GLOBALS['TL_HOOKS']['postDownload'])) {
foreach ($GLOBALS['TL_HOOKS']['postDownload'] as $callback) {
static::importStatic($callback[0])->{$callback[1]}($strFile);
}
}
// Send the file (will stop the script execution)
$objFile->sendToBrowser();
}
protected function exportToDownload()
{
$strTmpFile = 'system/tmp/' . $this->strFilename;
$strTmpFolder = str_replace('.' . $this->compressionType, '', $strTmpFile);
$arrExportFields = array();
$arrDca = $GLOBALS['TL_DCA'][$this->linkedTable]['fields'];
foreach (deserialize($this->tableFieldsForExport, true) as $strField) {
if (strpos($strField, EXPORTER_RAW_FIELD_SUFFIX) !== false) {
$arrExportFields[] = str_replace(EXPORTER_RAW_FIELD_SUFFIX, '', $strField) . ' AS ' . $strField;
} else {
$arrExportFields[] = $strField;
}
}
$objDbResult = \Database::getInstance()->prepare("SELECT " . implode(',', $arrExportFields) . " FROM " . $this->linkedTable)->execute();
if (!$objDbResult->numRows > 0) {
return;
}
switch ($this->compressionType) {
default:
$objZip = new ZipWriter($strTmpFile);
break;
}
// write files
while ($objDbResult->next()) {
$arrRow = $objDbResult->row();
foreach ($arrRow as $key => $varValue) {
$objDc = new DC_Table($this->linkedTable);
$objDc->activeRecord = $objDbResult;
$varValue = FormSubmission::prepareSpecialValueForPrint($varValue, $arrDca['fields'][$key], $this->linkedTable, $objDc);
if (!is_array($varValue)) {
$varValue = array($varValue);
}
foreach ($varValue as $strPath) {
if ($strPath && ($objFile = new \File($strPath, true)) !== null && $objFile->exists()) {
if (isset($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename']) && is_array($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename'])) {
foreach ($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename'] as $callback) {
$objCallback = \System::importStatic($callback[0]);
$strFixedFilename = $objCallback->{$callback}[1]($objFile, $key, $strPath, $this);
if ($strFixedFilename) {
$strTmpFixedFilename = $strTmpFolder . '/' . ltrim($strFixedFilename, '/');
$objFile->copyTo($strTmpFixedFilename);
$objFile->path = $strTmpFixedFilename;
}
}
}
switch ($this->compressionType) {
default:
$objZip->addFile($objFile->path);
break;
}
}
}
}
}
switch ($this->compressionType) {
default:
$objZip->close();
break;
}
$objTmpFolder = new \Folder($strTmpFolder);
if (is_dir(TL_ROOT . '/' . $objTmpFolder->path)) {
$objTmpFolder->delete();
}
$objFile = new \File($strTmpFile);
$objFile->sendToBrowser();
}
/**
* Export the file
* @param object
* @param boolean
* @param boolean
*/
protected function exportFile(\Haste\IO\Writer\WriterInterface $objWriter, $blnHeaderFields, $blnRawData)
{
$objMembers = \MemberModel::findAll();
// Reload if there are no members
if ($objMembers === null) {
$this->reload();
}
$objReader = new \Haste\IO\Reader\ModelCollectionReader($objMembers);
// Set header fields
if ($blnHeaderFields) {
$arrHeaderFields = array();
foreach ($GLOBALS['TL_DCA']['tl_member']['fields'] as $strField => $arrField) {
$arrHeaderFields[] = $blnRawData || !$arrField['label'][0] ? $strField : $arrField['label'][0];
}
$objReader->setHeaderFields($arrHeaderFields);
$objWriter->enableHeaderFields();
}
// Format the values
if (!$blnRawData) {
$objWriter->setRowCallback(function ($arrRow) {
foreach ($arrRow as $k => $v) {
$arrRow[$k] = \Haste\Util\Format::dcaValue('tl_member', $k, $v);
}
return $arrRow;
});
}
$objWriter->writeFrom($objReader);
$objFile = new \File($objWriter->getFilename());
$objFile->sendToBrowser();
}
