/**
* Creates the editing form with TCEforms, based on the input from GPvars.
*
* @return string HTML form elements wrapped in tables
*/
public function makeEditForm()
{
// Initialize variables:
$this->elementsData = array();
$this->errorC = 0;
$this->newC = 0;
$thePrevUid = '';
$editForm = '';
$trData = NULL;
$beUser = $this->getBackendUser();
// Traverse the GPvar edit array
// Tables:
foreach ($this->editconf as $table => $conf) {
if (is_array($conf) && $GLOBALS['TCA'][$table] && $beUser->check('tables_modify', $table)) {
// Traverse the keys/comments of each table (keys can be a commalist of uids)
foreach ($conf as $cKey => $cmd) {
if ($cmd == 'edit' || $cmd == 'new') {
// Get the ids:
$ids = GeneralUtility::trimExplode(',', $cKey, TRUE);
// Traverse the ids:
foreach ($ids as $theUid) {
// Checking if the user has permissions? (Only working as a precaution,
// because the final permission check is always down in TCE. But it's
// good to notify the user on beforehand...)
// First, resetting flags.
$hasAccess = 1;
$deniedAccessReason = '';
$deleteAccess = 0;
$this->viewId = 0;
// If the command is to create a NEW record...:
if ($cmd == 'new') {
// NOTICE: the id values in this case points to the page uid onto which the
// record should be create OR (if the id is negativ) to a record from the
// same table AFTER which to create the record.
if ((int) $theUid) {
// Find parent page on which the new record reside
// Less than zero - find parent page
if ($theUid < 0) {
$calcPRec = BackendUtility::getRecord($table, abs($theUid));
$calcPRec = BackendUtility::getRecord('pages', $calcPRec['pid']);
} else {
// always a page
$calcPRec = BackendUtility::getRecord('pages', abs($theUid));
}
// Now, calculate whether the user has access to creating new records on this position:
if (is_array($calcPRec)) {
// Permissions for the parent page
$CALC_PERMS = $beUser->calcPerms($calcPRec);
if ($table == 'pages') {
// If pages:
$hasAccess = $CALC_PERMS & Permission::PAGE_NEW ? 1 : 0;
$this->viewId = 0;
} else {
$hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
$this->viewId = $calcPRec['uid'];
}
}
}
// Don't save this document title in the document selector if the document is new.
$this->dontStoreDocumentRef = 1;
} else {
// Edit:
$calcPRec = BackendUtility::getRecord($table, $theUid);
BackendUtility::fixVersioningPid($table, $calcPRec);
if (is_array($calcPRec)) {
if ($table == 'pages') {
// If pages:
$CALC_PERMS = $beUser->calcPerms($calcPRec);
$hasAccess = $CALC_PERMS & Permission::PAGE_EDIT ? 1 : 0;
$deleteAccess = $CALC_PERMS & Permission::PAGE_DELETE ? 1 : 0;
$this->viewId = $calcPRec['uid'];
} else {
// Fetching pid-record first
$CALC_PERMS = $beUser->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
$hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
$deleteAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
$this->viewId = $calcPRec['pid'];
// Adding "&L=xx" if the record being edited has a languageField with a value larger than zero!
if ($GLOBALS['TCA'][$table]['ctrl']['languageField'] && $calcPRec[$GLOBALS['TCA'][$table]['ctrl']['languageField']] > 0) {
$this->viewId_addParams = '&L=' . $calcPRec[$GLOBALS['TCA'][$table]['ctrl']['languageField']];
}
}
// Check internals regarding access:
$isRootLevelRestrictionIgnored = BackendUtility::isRootLevelRestrictionIgnored($table);
if ($hasAccess || (int) $calcPRec['pid'] === 0 && $isRootLevelRestrictionIgnored) {
$hasAccess = $beUser->recordEditAccessInternals($table, $calcPRec);
$deniedAccessReason = $beUser->errorMsg;
}
} else {
$hasAccess = 0;
}
}
if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'])) {
foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'] as $_funcRef) {
$_params = array('table' => $table, 'uid' => $theUid, 'cmd' => $cmd, 'hasAccess' => $hasAccess);
$hasAccess = GeneralUtility::callUserFunction($_funcRef, $_params, $this);
}
}
// AT THIS POINT we have checked the access status of the editing/creation of
// records and we can now proceed with creating the form elements:
if ($hasAccess) {
/** @var DataPreprocessor $trData */
$prevPageID = is_object($trData) ? $trData->prevPageID : '';
$trData = GeneralUtility::makeInstance(DataPreprocessor::class);
$trData->addRawData = TRUE;
$trData->defVals = $this->defVals;
$trData->lockRecords = 1;
$trData->prevPageID = $prevPageID;
// 'new'
$trData->fetchRecord($table, $theUid, $cmd == 'new' ? 'new' : '');
$rec = reset($trData->regTableItems_data);
$rec['uid'] = $cmd == 'new' ? uniqid('NEW', TRUE) : $theUid;
if ($cmd == 'new') {
$rec['pid'] = $theUid == 'prev' ? $thePrevUid : $theUid;
}
$this->elementsData[] = array('table' => $table, 'uid' => $rec['uid'], 'pid' => $rec['pid'], 'cmd' => $cmd, 'deleteAccess' => $deleteAccess);
// Now, render the form:
if (is_array($rec)) {
// Setting visual path / title of form:
$this->generalPathOfForm = $this->tceforms->getRecordPath($table, $rec);
if (!$this->storeTitle) {
$this->storeTitle = $this->recTitle ? htmlspecialchars($this->recTitle) : BackendUtility::getRecordTitle($table, $rec, TRUE);
}
// Setting variables in TCEforms object:
if (is_array($this->overrideVals) && is_array($this->overrideVals[$table])) {
$this->tceforms->hiddenFieldListArr = array_keys($this->overrideVals[$table]);
}
// Create form for the record (either specific list of fields or the whole record):
$panel = '';
if ($this->columnsOnly) {
if (is_array($this->columnsOnly)) {
$panel .= $this->tceforms->getListedFields($table, $rec, $this->columnsOnly[$table]);
} else {
$panel .= $this->tceforms->getListedFields($table, $rec, $this->columnsOnly);
}
} else {
$panel .= $this->tceforms->getMainFields($table, $rec);
}
$panel = $this->tceforms->wrapTotal($panel, $rec, $table);
// Setting the pid value for new records:
if ($cmd == 'new') {
$panel .= '<input type="hidden" name="data[' . $table . '][' . $rec['uid'] . '][pid]" value="' . $rec['pid'] . '" />';
$this->newC++;
}
// Display "is-locked" message:
if ($lockInfo = BackendUtility::isRecordLocked($table, $rec['uid'])) {
/** @var $flashMessage \TYPO3\CMS\Core\Messaging\FlashMessage */
$flashMessage = GeneralUtility::makeInstance(FlashMessage::class, htmlspecialchars($lockInfo['msg']), '', FlashMessage::WARNING);
/** @var $flashMessageService \TYPO3\CMS\Core\Messaging\FlashMessageService */
$flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
/** @var $defaultFlashMessageQueue \TYPO3\CMS\Core\Messaging\FlashMessageQueue */
$defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
$defaultFlashMessageQueue->enqueue($flashMessage);
}
// Combine it all:
$editForm .= $panel;
}
$thePrevUid = $rec['uid'];
} else {
$this->errorC++;
$editForm .= $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.noEditPermission', TRUE) . '<br /><br />' . ($deniedAccessReason ? 'Reason: ' . htmlspecialchars($deniedAccessReason) . '<br /><br />' : '');
}
}
}
}
}
}
return $editForm;
}
