/** * Run the controller and parse the template */ public function run() { if ($this->strFile == '') { die('No file given'); } // Make sure there are no attempts to hack the file system if (preg_match('@^\\.+@i', $this->strFile) || preg_match('@\\.+/@i', $this->strFile) || preg_match('@(://)+@i', $this->strFile)) { die('Invalid file name'); } // Limit preview to the files directory if (!preg_match('@^' . preg_quote(Config::get('uploadPath'), '@') . '@i', $this->strFile)) { die('Invalid path'); } // Check whether the file exists if (!file_exists(TL_ROOT . '/' . $this->strFile)) { die('File not found'); } // Check whether the file is mounted (thanks to Marko Cupic) if (!$this->User->hasAccess($this->strFile, 'filemounts')) { die('Permission denied'); } // Open the download dialogue if (Input::get('download')) { $objFile = new File($this->strFile, true); $objFile->sendToBrowser(); } // Add the resource (see #6880) if (($objModel = FilesModel::findByPath($this->strFile)) === null) { $objModel = Dbafs::addResource($this->strFile); } $this->Template = new BackendTemplate('be_popup'); $this->Template->uuid = String::binToUuid($objModel->uuid); // see #5211 // Add the file info if (is_dir(TL_ROOT . '/' . $this->strFile)) { $objFile = new Folder($this->strFile, true); } else { $objFile = new File($this->strFile, true); // Image if ($objFile->isGdImage) { $this->Template->isImage = true; $this->Template->width = $objFile->width; $this->Template->height = $objFile->height; $this->Template->src = $this->urlEncode($this->strFile); } $this->Template->href = ampersand(Environment::get('request'), true) . '&download=1'; $this->Template->filesize = $this->getReadableSize($objFile->filesize) . ' (' . number_format($objFile->filesize, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)'; } $this->Template->icon = $objFile->icon; $this->Template->mime = $objFile->mime; $this->Template->ctime = Date::parse(Config::get('datimFormat'), $objFile->ctime); $this->Template->mtime = Date::parse(Config::get('datimFormat'), $objFile->mtime); $this->Template->atime = Date::parse(Config::get('datimFormat'), $objFile->atime); $this->Template->path = $this->strFile; $this->output(); }
/** * Exports all rules as XML * * @param \DataContainer $dc */ public function export(\DataContainer $dc) { if (($ruleCollection = RuleModel::findBy('pid', $dc->id, array('order' => 'sorting'))) === null) { return; } $this->doc = new \DOMDocument('1.1', 'UTF-8'); $rules = $this->doc->createElement('rules'); foreach ($ruleCollection as $rule) { $rules->appendChild($this->createRuleElement($rule)); } $this->doc->appendChild($rules); $file = new \File('system/tmp/' . md5(uniqid(mt_rand(), true)), true); $file->write($this->doc->saveXML()); $file->close(); $file->sendToBrowser('css_class_replacer_ruleset.xml'); $file->delete(); }
/** * Run the controller and parse the template */ public function run() { if ($this->strFile == '') { die('No file given'); } // Make sure there are no attempts to hack the file system if (preg_match('@^\\.+@i', $this->strFile) || preg_match('@\\.+/@i', $this->strFile) || preg_match('@(://)+@i', $this->strFile)) { die('Invalid file name'); } // Limit preview to the files directory if (!preg_match('@^' . preg_quote(\Config::get('uploadPath'), '@') . '@i', $this->strFile)) { die('Invalid path'); } // Check whether the file exists if (!file_exists(TL_ROOT . '/' . $this->strFile)) { die('File not found'); } // Check whether the file is mounted (thanks to Marko Cupic) if (!$this->User->hasAccess($this->strFile, 'filemounts')) { die('Permission denied'); } // Open the download dialogue if (\Input::get('download')) { $objFile = new \File($this->strFile, true); $objFile->sendToBrowser(); } /** @var \BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_popup'); // Add the resource (see #6880) if (($objModel = \FilesModel::findByPath($this->strFile)) === null) { if (\Dbafs::shouldBeSynchronized($this->strFile)) { $objModel = \Dbafs::addResource($this->strFile); } } if ($objModel !== null) { $objTemplate->uuid = \StringUtil::binToUuid($objModel->uuid); // see #5211 } // Add the file info if (is_dir(TL_ROOT . '/' . $this->strFile)) { $objFile = new \Folder($this->strFile, true); $objTemplate->filesize = $this->getReadableSize($objFile->size) . ' (' . number_format($objFile->size, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)'; } else { $objFile = new \File($this->strFile, true); // Image if ($objFile->isImage) { $objTemplate->isImage = true; $objTemplate->width = $objFile->width; $objTemplate->height = $objFile->height; $objTemplate->src = $this->urlEncode($this->strFile); } $objTemplate->href = ampersand(\Environment::get('request'), true) . '&download=1'; $objTemplate->filesize = $this->getReadableSize($objFile->filesize) . ' (' . number_format($objFile->filesize, 0, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' Byte)'; } $objTemplate->icon = $objFile->icon; $objTemplate->mime = $objFile->mime; $objTemplate->ctime = \Date::parse(\Config::get('datimFormat'), $objFile->ctime); $objTemplate->mtime = \Date::parse(\Config::get('datimFormat'), $objFile->mtime); $objTemplate->atime = \Date::parse(\Config::get('datimFormat'), $objFile->atime); $objTemplate->path = specialchars($this->strFile); $objTemplate->theme = \Backend::getTheme(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = specialchars($this->strFile); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->headline = basename(utf8_convert_encoding($this->strFile, \Config::get('characterSet'))); $objTemplate->label_uuid = $GLOBALS['TL_LANG']['MSC']['fileUuid']; $objTemplate->label_imagesize = $GLOBALS['TL_LANG']['MSC']['fileImageSize']; $objTemplate->label_filesize = $GLOBALS['TL_LANG']['MSC']['fileSize']; $objTemplate->label_ctime = $GLOBALS['TL_LANG']['MSC']['fileCreated']; $objTemplate->label_mtime = $GLOBALS['TL_LANG']['MSC']['fileModified']; $objTemplate->label_atime = $GLOBALS['TL_LANG']['MSC']['fileAccessed']; $objTemplate->label_path = $GLOBALS['TL_LANG']['MSC']['filePath']; $objTemplate->download = specialchars($GLOBALS['TL_LANG']['MSC']['fileDownload']); \Config::set('debugMode', false); $objTemplate->output(); }
/** * Export a theme * * @param \DataContainer $dc */ public function exportTheme($dc) { // Get the theme meta data $objTheme = $this->Database->prepare("SELECT * FROM tl_theme WHERE id=?")->limit(1)->execute($dc->id); if ($objTheme->numRows < 1) { return; } // Romanize the name $strName = utf8_romanize($objTheme->name); $strName = strtolower(str_replace(' ', '_', $strName)); $strName = preg_replace('/[^A-Za-z0-9._-]/', '', $strName); $strName = basename($strName); // Create a new XML document $xml = new \DOMDocument('1.0', 'UTF-8'); $xml->formatOutput = true; // Root element $tables = $xml->createElement('tables'); $tables = $xml->appendChild($tables); // Add the tables $this->addTableTlTheme($xml, $tables, $objTheme); $this->addTableTlStyleSheet($xml, $tables, $objTheme); $this->addTableTlModule($xml, $tables, $objTheme); $this->addTableTlLayout($xml, $tables, $objTheme); $this->addTableTlImageSize($xml, $tables, $objTheme); // Generate the archive $strTmp = md5(uniqid(mt_rand(), true)); $objArchive = new \ZipWriter('system/tmp/' . $strTmp); // Add the files $this->addTableTlFiles($xml, $tables, $objTheme, $objArchive); // Add the template files $this->addTemplatesToArchive($objArchive, $objTheme->templates); // HOOK: add custom logic if (isset($GLOBALS['TL_HOOKS']['exportTheme']) && is_array($GLOBALS['TL_HOOKS']['exportTheme'])) { foreach ($GLOBALS['TL_HOOKS']['exportTheme'] as $callback) { \System::importStatic($callback[0])->{$callback}[1]($xml, $objArchive, $objTheme->id); } } // Add the XML document $objArchive->addString($xml->saveXML(), 'theme.xml'); // Close the archive $objArchive->close(); // Open the "save as …" dialogue $objFile = new \File('system/tmp/' . $strTmp, true); $objFile->sendToBrowser($strName . '.cto'); }
/** * Export a style sheet * * @param \DataContainer $dc * * @throws \Exception */ public function exportStyleSheet(\DataContainer $dc) { $objStyleSheet = $this->Database->prepare("SELECT * FROM tl_style_sheet WHERE id=?")->limit(1)->execute($dc->id); if ($objStyleSheet->numRows < 1) { throw new \Exception("Invalid style sheet ID {$dc->id}"); } $vars = array(); // Get the global theme variables $objTheme = $this->Database->prepare("SELECT vars FROM tl_theme WHERE id=?")->limit(1)->execute($objStyleSheet->pid); if ($objTheme->vars != '') { if (is_array($tmp = deserialize($objTheme->vars))) { foreach ($tmp as $v) { $vars[$v['key']] = $v['value']; } } } // Merge the global style sheet variables if ($objStyleSheet->vars != '') { if (is_array($tmp = deserialize($objStyleSheet->vars))) { foreach ($tmp as $v) { $vars[$v['key']] = $v['value']; } } } // Sort by key length (see #3316) uksort($vars, 'length_sort_desc'); // Create the file $objFile = new \File('system/tmp/' . md5(uniqid(mt_rand(), true)), true); $objFile->write(''); // Add the media query (see #7560) if ($objStyleSheet->mediaQuery != '') { $objFile->append($objStyleSheet->mediaQuery . ' {'); } $objDefinitions = $this->Database->prepare("SELECT * FROM tl_style WHERE pid=? AND invisible!='1' ORDER BY sorting")->execute($objStyleSheet->id); // Append the definition while ($objDefinitions->next()) { $objFile->append($this->compileDefinition($objDefinitions->row(), false, $vars, $objStyleSheet->row(), true), ''); } // Close the media query if ($objStyleSheet->mediaQuery != '') { $objFile->append('}'); } $objFile->close(); $objFile->sendToBrowser($objStyleSheet->name . '.css'); $objFile->delete(); }
/** * Export a theme * @param \DataContainer */ public function exportTheme(\DataContainer $dc) { // Get the theme meta data $objTheme = $this->Database->prepare("SELECT * FROM tl_theme WHERE id=?")->limit(1)->execute($dc->id); if ($objTheme->numRows < 1) { return; } // Romanize the name $strName = utf8_romanize($objTheme->name); $strName = strtolower(str_replace(' ', '_', $strName)); $strName = preg_replace('/[^A-Za-z0-9\\._-]/', '', $strName); $strName = basename($strName); // Create a new XML document $xml = new \DOMDocument('1.0', 'UTF-8'); $xml->formatOutput = true; // Root element $tables = $xml->createElement('tables'); $tables = $xml->appendChild($tables); // Add the tables $this->addTableTlTheme($xml, $tables, $objTheme); $this->addTableTlStyleSheet($xml, $tables, $objTheme); $this->addTableTlModule($xml, $tables, $objTheme); $this->addTableTlLayout($xml, $tables, $objTheme); // Generate the archive $strTmp = md5(uniqid(mt_rand(), true)); $objArchive = new \ZipWriter('system/tmp/' . $strTmp); // Add the XML document $objArchive->addString($xml->saveXML(), 'theme.xml'); // Add the folders $arrFolders = deserialize($objTheme->folders); if (!empty($arrFolders) && is_array($arrFolders)) { $objFolders = \FilesModel::findMultipleByUuids($arrFolders); if ($objFolders !== null) { foreach ($this->eliminateNestedPaths($objFolders->fetchEach('path')) as $strFolder) { $this->addFolderToArchive($objArchive, $strFolder); } } } // Add the template files $this->addTemplatesToArchive($objArchive, $objTheme->templates); // Close the archive $objArchive->close(); // Open the "save as …" dialogue $objFile = new \File('system/tmp/' . $strTmp, true); $objFile->sendToBrowser($strName . '.cto'); }
public function exportToDownload($objResult) { $strTmpFile = 'system/tmp/' . $this->strFilename; // send file to browser $objWriter = \PHPExcel_IOFactory::createWriter($objResult, $this->strWriterOutputType); $this->updateWriter($objWriter); $objWriter->save(TL_ROOT . '/' . $strTmpFile); $objFile = new \File($strTmpFile); $objFile->sendToBrowser(); }
public function downloadAll() { $strFile = 'download_' . $this->strHash; $objZip = new \ZipWriter('system/tmp/' . $strFile); while (list($id, $item) = each($this->arrItems)) { // get view class by type $strClass = $GLOBALS['WLV'][$item->type]; if (!class_exists($strClass)) { continue; } $strategy = new $strClass(); $view = new WatchlistItemView($strategy); $objZip = $view->generateArchiveOutput($item, $objZip); } $objZip->close(); // Open the "save as …" dialogue $objFile = new \File('system/tmp/' . $strFile, true); $objFile->sendToBrowser($strFile . '.zip'); }
/** * Send a file to the browser so the "save as …" dialogue opens * * @param string $strFile The file path */ public static function sendFileToBrowser($strFile) { // Make sure there are no attempts to hack the file system if (preg_match('@^\\.+@i', $strFile) || preg_match('@\\.+/@i', $strFile) || preg_match('@(://)+@i', $strFile)) { header('HTTP/1.1 404 Not Found'); die('Invalid file name'); } // Limit downloads to the files directory if (!preg_match('@^' . preg_quote(\Config::get('uploadPath'), '@') . '@i', $strFile)) { header('HTTP/1.1 404 Not Found'); die('Invalid path'); } // Check whether the file exists if (!file_exists(TL_ROOT . '/' . $strFile)) { header('HTTP/1.1 404 Not Found'); die('File not found'); } $objFile = new \File($strFile, true); $arrAllowedTypes = trimsplit(',', strtolower(\Config::get('allowedDownload'))); // Check whether the file type is allowed to be downloaded if (!in_array($objFile->extension, $arrAllowedTypes)) { header('HTTP/1.1 403 Forbidden'); die(sprintf('File type "%s" is not allowed', $objFile->extension)); } // HOOK: post download callback if (isset($GLOBALS['TL_HOOKS']['postDownload']) && is_array($GLOBALS['TL_HOOKS']['postDownload'])) { foreach ($GLOBALS['TL_HOOKS']['postDownload'] as $callback) { static::importStatic($callback[0])->{$callback[1]}($strFile); } } // Send the file (will stop the script execution) $objFile->sendToBrowser(); }
protected function exportToDownload() { $strTmpFile = 'system/tmp/' . $this->strFilename; $strTmpFolder = str_replace('.' . $this->compressionType, '', $strTmpFile); $arrExportFields = array(); $arrDca = $GLOBALS['TL_DCA'][$this->linkedTable]['fields']; foreach (deserialize($this->tableFieldsForExport, true) as $strField) { if (strpos($strField, EXPORTER_RAW_FIELD_SUFFIX) !== false) { $arrExportFields[] = str_replace(EXPORTER_RAW_FIELD_SUFFIX, '', $strField) . ' AS ' . $strField; } else { $arrExportFields[] = $strField; } } $objDbResult = \Database::getInstance()->prepare("SELECT " . implode(',', $arrExportFields) . " FROM " . $this->linkedTable)->execute(); if (!$objDbResult->numRows > 0) { return; } switch ($this->compressionType) { default: $objZip = new ZipWriter($strTmpFile); break; } // write files while ($objDbResult->next()) { $arrRow = $objDbResult->row(); foreach ($arrRow as $key => $varValue) { $objDc = new DC_Table($this->linkedTable); $objDc->activeRecord = $objDbResult; $varValue = FormSubmission::prepareSpecialValueForPrint($varValue, $arrDca['fields'][$key], $this->linkedTable, $objDc); if (!is_array($varValue)) { $varValue = array($varValue); } foreach ($varValue as $strPath) { if ($strPath && ($objFile = new \File($strPath, true)) !== null && $objFile->exists()) { if (isset($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename']) && is_array($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename'])) { foreach ($GLOBALS['TL_HOOKS']['exporter_modifyMediaFilename'] as $callback) { $objCallback = \System::importStatic($callback[0]); $strFixedFilename = $objCallback->{$callback}[1]($objFile, $key, $strPath, $this); if ($strFixedFilename) { $strTmpFixedFilename = $strTmpFolder . '/' . ltrim($strFixedFilename, '/'); $objFile->copyTo($strTmpFixedFilename); $objFile->path = $strTmpFixedFilename; } } } switch ($this->compressionType) { default: $objZip->addFile($objFile->path); break; } } } } } switch ($this->compressionType) { default: $objZip->close(); break; } $objTmpFolder = new \Folder($strTmpFolder); if (is_dir(TL_ROOT . '/' . $objTmpFolder->path)) { $objTmpFolder->delete(); } $objFile = new \File($strTmpFile); $objFile->sendToBrowser(); }
/** * Export the file * @param object * @param boolean * @param boolean */ protected function exportFile(\Haste\IO\Writer\WriterInterface $objWriter, $blnHeaderFields, $blnRawData) { $objMembers = \MemberModel::findAll(); // Reload if there are no members if ($objMembers === null) { $this->reload(); } $objReader = new \Haste\IO\Reader\ModelCollectionReader($objMembers); // Set header fields if ($blnHeaderFields) { $arrHeaderFields = array(); foreach ($GLOBALS['TL_DCA']['tl_member']['fields'] as $strField => $arrField) { $arrHeaderFields[] = $blnRawData || !$arrField['label'][0] ? $strField : $arrField['label'][0]; } $objReader->setHeaderFields($arrHeaderFields); $objWriter->enableHeaderFields(); } // Format the values if (!$blnRawData) { $objWriter->setRowCallback(function ($arrRow) { foreach ($arrRow as $k => $v) { $arrRow[$k] = \Haste\Util\Format::dcaValue('tl_member', $k, $v); } return $arrRow; }); } $objWriter->writeFrom($objReader); $objFile = new \File($objWriter->getFilename()); $objFile->sendToBrowser(); }