public function testRegexpPrice()
{
\Input::setPost('test_rgxp_price', 'foobar');
$objWidget = new \TextField(array('name' => 'test_rgxp_price'));
$objWidget->rgxp = 'price';
$objWidget->validate();
$this->assertTrue($objWidget->hasErrors());
unset($objWidget);
\Input::setPost('test_rgxp_price', '20.00');
$objWidget = new \TextField(array('name' => 'test_rgxp_price'));
$objWidget->rgxp = 'price';
$objWidget->validate();
$this->assertFalse($objWidget->hasErrors());
unset($objWidget);
\Input::setPost('test_rgxp_price', '20');
$objWidget = new \TextField(array('name' => 'test_rgxp_price'));
$objWidget->rgxp = 'price';
$objWidget->validate();
$this->assertFalse($objWidget->hasErrors());
unset($objWidget);
\Input::setPost('test_rgxp_price', '-20');
$objWidget = new \TextField(array('name' => 'test_rgxp_price'));
$objWidget->rgxp = 'price';
$objWidget->validate();
$this->assertFalse($objWidget->hasErrors());
unset($objWidget);
\Input::setPost('test_rgxp_price', '20.-');
$objWidget = new \TextField(array('name' => 'test_rgxp_price'));
$objWidget->rgxp = 'price';
$objWidget->validate();
$this->assertFalse($objWidget->hasErrors());
unset($objWidget);
}
/**
* Adjust form fields to given page.
*
* @param \FormFieldModel[] $formFields
* @param string $formId
* @param \Form $form
*/
public function compileFormFields($formFields, $formId, \Form $form)
{
// Make sure empty form fields arrays are skipped
if (0 === count($formFields)) {
return $formFields;
}
$manager = new MPFormsFormManager($form->id);
// Don't try to render multi page form if no valid combination
if (!$manager->isValidFormFieldCombination()) {
return $manager->getFieldsWithoutPageBreaks();
}
// Do not let Contao validate anything if user wants to go back
if ('back' === $_POST['mp_form_pageswitch']) {
$this->redirectToStep($manager, $manager->getPreviousStep());
}
// Validate previous steps data
if (!$manager->isFirstStep()) {
$vResult = $manager->validateSteps(0, $manager->getCurrentStep() - 1);
if (true !== $vResult) {
$manager->setPreviousStepsWereInvalid();
$this->redirectToStep($manager, $vResult);
}
}
// If someone wanted to skip the page, fake form submission so fields
// are validated and show the error message.
if ($manager->getPreviousStepsWereInvalid()) {
\Input::setPost('FORM_SUBMIT', $manager->getFormId());
$manager->resetPreviousStepsWereInvalid();
}
return $manager->getFieldsForStep($manager->getCurrentStep());
}
/**
* @dataProvider inputProvider
*/
public function testInput($input, $output, $exception = null)
{
if ($exception) {
$this->setExpectedException($exception);
}
\Input::setPost('test_number_field', $input);
$objWidget = new BackendWidget(array('name' => 'test_number_field', 'value' => $input));
$objWidget->validate();
$this->assertEquals($output, $objWidget->value);
}
public function recordUsername($intId, &$arrData)
{
if (!strlen($arrData['username'])) {
$arrData['username'] = $arrData['email'];
\Input::setPost('username', $arrData['email']);
\Database::getInstance()->prepare("UPDATE tl_member SET username=? WHERE id=?")->execute($arrData['email'], $intId);
$memberModel = \MemberModel::findByPk($intId);
// Fix the problem with versions (see #7)
if (null !== $memberModel) {
$memberModel->refresh();
}
}
}
public function testBindModel()
{
$this->instance->addFormField('pageTitle', array('inputType' => 'text'))->addFormField('jumpTo', array('inputType' => 'text'));
$objModel = new \PageModel();
$this->instance->bindModel($objModel);
\Input::setPost('pageTitle', 'My page title test');
\Input::setPost('jumpTo', 42);
if ($this->instance->validate()) {
$objBoundModel = $this->instance->getBoundModel();
$this->assertTrue(spl_object_hash($objModel) === spl_object_hash($objBoundModel));
$this->assertEquals('My page title test', $objBoundModel->pageTitle);
$this->assertEquals(42, $objBoundModel->jumpTo);
}
}
/**
* This Hook provides case-insensitive contao-login by email usernames
*
* RFC 5321, section-2.3.11 says that email addresses should be treated as case-insensitive
*
* @param $strUser
* @param $strPassword
* @param $strTable
*
* @return bool
*/
public function importUserHook($strUser, $strPassword, $strTable)
{
if (!\Validator::isEmail($strUser)) {
return false;
}
switch ($strTable) {
case 'tl_member':
$objUser = \FrontendUser::getInstance();
if ($objUser->findBy('LOWER(username)', strtolower($strUser)) !== false) {
// set post user name to the users username
\Input::setPost('username', $objUser->username);
return true;
}
break;
}
return false;
}
/**
*
*/
public function changeAjaxPostActions()
{
if (version_compare(VERSION, '3.1', '>=')) {
if (Environment::get('isAjaxRequest')) {
switch (Input::post('action')) {
case 'reloadPagetree':
case 'reloadFiletree':
//get the fieldnames
$strRef = $this->Session->get('filePickerRef');
$strRef = substr($strRef, stripos($strRef, 'field=') + 6);
$arrRef = explode('&', $strRef);
$arrRefField = explode('__', $arrRef[0]);
$arrField = preg_split('/_row[0-9]*_/i', \Input::post('name'));
//change action if modal selector was found
if (count($arrRefField) > 1 && $arrRefField === $arrField) {
Input::setPost('action', Input::post('action') . '_mcw');
}
break;
}
}
}
}
/**
* @param array $arrClasses
* @param \DataContainer $dc
*/
protected function saveClassesToCssClass(array $arrClasses, \DataContainer $dc)
{
$strCssClassName = $this->getCssClassName($dc->id);
$strClasses = implode(' ', $arrClasses);
$strClasses = str_replace(' ', ' ', $strClasses);
$strClasses = trim($strClasses);
$dc->activeRecord->cssClass = $strClasses;
\Input::setPost($strCssClassName, $strClasses);
$objDatabase = \Database::getInstance();
$objDatabase->prepare("UPDATE {$dc->table} SET cssClass=? WHERE id=?")->execute($strClasses, $dc->id);
}
/**
* @param string $strAddresses
* @param $field
* @return array
*/
private function validateEmailAddresses($strAddresses = '', $field)
{
$arrEmailAddresses = array();
trim(strtolower($strAddresses));
if ($strAddresses == '') {
// update the db
$this->Database->prepare('UPDATE tl_be_email SET ' . $field . '=? WHERE id=?')->execute('', \Input::get('id'));
\Input::setPost($field, '');
return $arrEmailAddresses;
}
$arrEmailAddresses = array();
preg_match_all('/\\w[-._\\w]*\\w@\\w[-._\\w]*\\w\\.\\w{2,6}/i', $strAddresses, $arrEmailAddresses);
// remove doubble entries
$arrEmailAddresses = array_unique($arrEmailAddresses[0]);
// update the db
$this->Database->prepare('UPDATE tl_be_email SET ' . $field . '=? WHERE id=?')->execute(implode('; ', $arrEmailAddresses), \Input::get('id'));
\Input::setPost($field, implode('; ', $arrEmailAddresses));
return $arrEmailAddresses;
}
/**
* @param $strNewPassword
* @param null $intId
*/
protected function setPostPassword($strNewPassword, $intId = null)
{
if (\Input::get('act') == 'editAll' && is_numeric($intId)) {
\Input::setPost('password_' . $intId, $strNewPassword);
\Input::setPost('password_' . $intId . '_confirm', $strNewPassword);
} else {
\Input::setPost('password', $strNewPassword);
\Input::setPost('password_confirm', $strNewPassword);
}
}
/**
* Generate the module
*/
protected function compile()
{
global $objPage;
if (\Input::post('FORM_SUBMIT') == 'tl_bn_edit_entry' && (int) $this->User->library_id > 0) {
$bnImageArr = $this->getBnImages();
$set = array('bibliotheksname' => \Input::post('bibliotheksname'), 'zweigstellenname' => \Input::post('zweigstellenname'), 'traeger' => \Input::post('traeger'), 'medienbestand' => \Input::post('medienbestand'), 'strasse' => \Input::post('strasse'), 'hausnummer' => \Input::post('hausnummer'), 'plz' => \Input::post('plz'), 'ort' => \Input::post('ort'), 'gemeinde' => \Input::post('gemeinde'), 'landkreis' => \Input::post('landkreis'), 'leiter_name' => \Input::post('leiter_name'), 'telefon' => \Input::post('telefon'), 'fax' => \Input::post('fax'), 'email' => \Input::post('email'), 'website' => \Input::post('website'), 'blog' => \Input::post('blog'), 'facebook' => \Input::post('facebook'), 'twitter' => \Input::post('twitter'), 'gplus' => \Input::post('gplus'), 'onleihe' => \Input::post('onleihe'), 'webkatalog' => \Input::post('webkatalog'), 'medien' => \Input::post('medien'), 'leistungen' => \Input::post('leistungen'), 'sonst_oeffnungszeiten' => \Input::post('sonst_oeffnungszeiten'), 'sonstmedien' => \Input::post('sonstmedien'), 'sonstleistungen' => \Input::post('sonstleistungen'), 'image_1' => $bnImageArr[1], 'image_2' => $bnImageArr[2], 'image_3' => $bnImageArr[3], 'image_4' => $bnImageArr[4], 'image_5' => $bnImageArr[5]);
$opendates = $this->getOpenDatesForDB();
$set = array_merge($set, $opendates);
$geoData = $this->getcurrentGeoData();
$set = array_merge($set, $geoData);
$this->Database->prepare('UPDATE `tl_bn_libraries` %s WHERE `id`=?')->set($set)->execute($this->User->library_id);
\Input::setPost('FORM_SUBMIT', '');
$this->reload();
}
// Get the total number of items
$objLibrary = \BnLibrariesModel::findLibByIdOrAlias($this->User->library_id);
if ($objLibrary === null) {
// Do not index or cache the page
$objPage->noSearch = 1;
$objPage->cache = 0;
// Send a 404 header
header('HTTP/1.1 404 Not Found');
$this->Template->articles = '<p class="error">' . sprintf($GLOBALS['TL_LANG']['MSC']['invalidPage'], \Input::get('items')) . '</p>';
return;
}
$libData = $objLibrary->row();
// print_r($libData);
// Leitungen
$leitungen = array();
$leitungenObj = $this->Database->prepare('SELECT * FROM `tl_bn_leitung` ORDER BY `sorting`')->execute();
if ($leitungenObj->numRows > 0) {
while ($leitungenObj->next()) {
$leitungen[$leitungenObj->id] = $leitungenObj->name;
}
}
$libData['leitungenArr'] = $leitungen;
// Traeger
$traeger = array();
$traegerObj = $this->Database->prepare('SELECT * FROM `tl_bn_traeger` ORDER BY `sorting`')->execute();
if ($traegerObj->numRows > 0) {
while ($traegerObj->next()) {
$traeger[$traegerObj->id] = $traegerObj->name;
}
}
$libData['traegerArr'] = $traeger;
// Medien
$medien = array();
$medienObj = $this->Database->prepare('SELECT * FROM `tl_bn_medien` ORDER BY `sorting`')->execute();
if ($medienObj->numRows > 0) {
while ($medienObj->next()) {
$medien[$medienObj->id] = $medienObj->name;
}
}
$libData['medienArr'] = $medien;
// Leistungen
$leistungen = array();
$leistungenObj = $this->Database->prepare('SELECT * FROM `tl_bn_leistungen` ORDER BY `sorting`')->execute();
if ($leistungenObj->numRows > 0) {
while ($leistungenObj->next()) {
$leistungen[$leistungenObj->id] = $leistungenObj->name;
}
}
$libData['leistungenArr'] = $leistungen;
// Email
$this->import('String');
$libData['email'] = $this->String->encodeEmail($libData['email']);
// Open-Status
$libData['open_status'] = $this->getCurrentOpenStatus($objLibrary);
$GLOBALS['TL_JAVASCRIPT'][] = '.' . BN_PATH . '/assets/js/bn_fe.js';
// Google-Maps url-search-string
$libData['gmapsplace'] = ampersand($libData['strasse'] . ' ' . $libData['hausnummer'] . ', ' . $libData['plz'] . ' ' . $libData['ort'] . ', Niedersachsen');
// media
$medienIds = unserialize($libData['medien']);
if (is_array($medienIds) && count($medienIds) > 0) {
$medienArr = array();
$medienObj = $this->Database->prepare("SELECT * FROM `tl_bn_medien` WHERE id IN(" . implode(',', array_map('intval', $medienIds)) . ")")->execute();
if ($medienObj->numRows > 0) {
while ($medienObj->next()) {
$medienArr[] = $medienObj->name;
}
$libData['medien'] = $medienArr;
}
}
// leistungen
$leistungenIds = unserialize($libData['leistungen']);
if (is_array($leistungenIds) && count($leistungenIds) > 0) {
$leistungenArr = array();
$leistungenObj = $this->Database->prepare("SELECT * FROM `tl_bn_leistungen` WHERE id IN(" . implode(',', array_map('intval', $leistungenIds)) . ")")->execute();
if ($leistungenObj->numRows > 0) {
while ($leistungenObj->next()) {
$leistungenArr[] = $leistungenObj->name;
}
$libData['leistungen'] = $leistungenArr;
}
}
$this->Template->data = $libData;
$this->Template->articles = '';
$this->Template->referer = 'javascript:history.go(-1)';
$this->Template->back = $GLOBALS['TL_LANG']['MSC']['goBack'];
}
/**
* @param array $events
* @param array $calendars
* @param $startTime
* @param $endTime
* @param \Module $eventList
*
* @return array
*/
public function filterAllEvents(array $events, array $calendars, $startTime, $endTime, \Module &$eventList)
{
global $container;
if (!$eventList->calendarFilterField) {
return $events;
}
$eventList->calendarFilterField = deserialize($eventList->calendarFilterField);
if (!empty($eventList->calendarFilterField)) {
if (empty($eventList->customTpl)) {
$eventList->Template->setName('mod_eventlist_filter');
}
$eventList->Template->filterForm = '';
if ($eventList->calendarFilterMergeMonth) {
$eventList->calendarFilterField = implode(',', $eventList->calendarFilterField);
$eventList->calendarFilterField = str_replace('startDate', 'startDate,mergeMonth', $eventList->calendarFilterField);
$eventList->calendarFilterField = explode(',', $eventList->calendarFilterField);
}
}
$this->eventList =& $eventList;
$this->events = $events;
$deleteSession = true;
foreach ($eventList->calendarFilterField as $filterField) {
if (\Input::post($filterField)) {
continue;
}
$deleteSession = false;
}
if ($deleteSession) {
\Session::getInstance()->remove('eventlistfilterreload_' . $this->eventList->id);
}
if (\Input::post('resetFilter') === '') {
foreach ($eventList->calendarFilterField as $filterField) {
if (!\Input::post($filterField)) {
continue;
}
\Input::setPost($filterField, '');
}
}
\Session::getInstance()->set('eventlistfilterreload_' . $this->eventList->id, true);
$restorePost = \Session::getInstance()->get('eventlistfilterpost_' . $this->eventList->id);
if ($restorePost) {
foreach ($restorePost as $postField => $postValue) {
if (\Input::post($postField) === null) {
\Input::setPost($postField, $postValue);
}
}
\Session::getInstance()->set('eventlistfilterreload_' . $this->eventList->id, false);
}
/** @var EventDispatcher $eventDispatcher */
$eventDispatcher = $container['event-dispatcher'];
if (!($filter = \Session::getInstance()->get('eventlistfilter_' . $this->eventList->id))) {
$filter = array();
foreach ($eventList->calendarFilterField as $filterField) {
$filter[$filterField] = '';
}
}
foreach ($filter as $post => $value) {
if ($postValue = \Input::post($post)) {
$filterEventsEvent = new PostFilterEventsEvent($post, $postValue);
$filterEventsEvent->setEvents($this->events);
$eventDispatcher->dispatch(PostFilterEventsEvent::NAME, $filterEventsEvent);
$this->events = $filterEventsEvent->getEvents();
$filterOptionsEvent = new GetFilterOptionsEvent();
$eventDispatcher->dispatch(GetFilterOptionsEvent::NAME, $filterOptionsEvent);
if ($filterOptionsEvent->hasOption($post)) {
continue;
}
$this->filterCalendar($this->events, array('field' => $post, 'value' => $postValue));
}
}
$this->getFilter($filter);
$postSession = array();
foreach (array_keys($filter) as $postField) {
$postValue = \Input::post($postField);
if (!$postValue || $postValue === '') {
continue;
}
$postSession[$postField] = $postValue;
}
if (count($postSession) > 0) {
\Session::getInstance()->set('eventlistfilterpost_' . $this->eventList->id, $postSession);
}
if (count($postSession) < 1) {
\Session::getInstance()->set('eventlistfilterpost_' . $this->eventList->id, null);
}
$this->eventList->Template->filterForm = $this->compileFilterForm($filter);
$reload = false;
if (\Session::getInstance()->get('eventlistfilterreload_' . $this->eventList->id)) {
foreach ($this->eventList->calendarFilterField as $filterField) {
if (\Input::post($filterField) != null && \Input::post($filterField) !== '0') {
$reload = true;
}
}
}
if ($reload) {
\Session::getInstance()->set('eventlistfilterreload_' . $this->eventList->id, true);
\Controller::reload();
}
return $this->events;
}
/**
* Display a login form
*
* @return string
*/
public function generate()
{
if (TL_MODE == 'BE') {
/** @var \BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_wildcard');
$objTemplate->wildcard = '### ' . utf8_strtoupper($GLOBALS['TL_LANG']['FMD']['login'][0]) . ' ###';
$objTemplate->title = $this->headline;
$objTemplate->id = $this->id;
$objTemplate->link = $this->name;
$objTemplate->href = '' . $GLOBALS['TL_CONFIG']['backendPath'] . '/main.php?do=themes&table=tl_module&act=edit&id=' . $this->id;
return $objTemplate->parse();
}
// Set the last page visited
if (!$_POST && $this->redirectBack) {
$_SESSION['LAST_PAGE_VISITED'] = $this->getReferer();
}
// Login
if (\Input::post('FORM_SUBMIT') == 'tl_login') {
// Check whether username and password are set
if (empty($_POST['username']) || empty($_POST['password'])) {
$_SESSION['LOGIN_ERROR'] = $GLOBALS['TL_LANG']['MSC']['emptyField'];
$this->reload();
}
$this->import('FrontendUser', 'User');
$strRedirect = \Environment::get('request');
// Redirect to the last page visited
if ($this->redirectBack && $_SESSION['LAST_PAGE_VISITED'] != '') {
$strRedirect = $_SESSION['LAST_PAGE_VISITED'];
} else {
// Redirect to the jumpTo page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
$strRedirect = $this->generateFrontendUrl($objTarget->row());
}
// Overwrite the jumpTo page with an individual group setting
$objMember = \MemberModel::findByUsername(\Input::post('username'));
if ($objMember !== null) {
$arrGroups = deserialize($objMember->groups);
if (!empty($arrGroups) && is_array($arrGroups)) {
$objGroupPage = \MemberGroupModel::findFirstActiveWithJumpToByIds($arrGroups);
if ($objGroupPage !== null) {
$strRedirect = $this->generateFrontendUrl($objGroupPage->row());
}
}
}
}
// Auto login is not allowed
if (isset($_POST['autologin']) && !$this->autologin) {
unset($_POST['autologin']);
\Input::setPost('autologin', null);
}
// Login and redirect
if ($this->User->login()) {
$this->redirect($strRedirect);
}
$this->reload();
}
// Logout and redirect to the website root if the current page is protected
if (\Input::post('FORM_SUBMIT') == 'tl_logout') {
/** @var \PageModel $objPage */
global $objPage;
$this->import('FrontendUser', 'User');
$strRedirect = \Environment::get('request');
// Redirect to last page visited
if ($this->redirectBack && strlen($_SESSION['LAST_PAGE_VISITED'])) {
$strRedirect = $_SESSION['LAST_PAGE_VISITED'];
} elseif ($objPage->protected) {
$strRedirect = \Environment::get('base');
}
// Logout and redirect
if ($this->User->logout()) {
$this->redirect($strRedirect);
}
$this->reload();
}
return parent::generate();
}
/**
* Pre-fill the "alt" and "caption" fields with the file meta data
* @param mixed
* @param \DataContainer
* @return mixed
*/
public function storeFileMetaInformation($varValue, \DataContainer $dc)
{
if ($dc->activeRecord->singleSRC == $varValue) {
return $varValue;
}
$objFile = \FilesModel::findByUuid($varValue);
if ($objFile !== null) {
$arrMeta = deserialize($objFile->meta);
if (!empty($arrMeta)) {
$strLanguage = "de";
if (isset($arrMeta[$strLanguage])) {
\Input::setPost('alt', $arrMeta[$strLanguage]['title']);
\Input::setPost('caption', $arrMeta[$strLanguage]['caption']);
}
}
}
return $varValue;
}
/**
* loadDataContainer hook
*
* - Saves the referrer in the session if it is a frontend URL
* - Preselects the original template in the template editor
*
* @param string $table The data container table name
* @return void
*/
public function loadDataContainerHook($table)
{
if (TL_MODE !== 'BE') {
return;
}
if (defined('TL_REFERER_ID') && \Input::get('ref')) {
$referrerSession = \Session::getInstance()->get('referer');
if (!empty($referrerSession[\Input::get('ref')]['current'])) {
$referrerSession[\Input::get('ref')]['current'] = preg_replace('(([&?])rsfhr=1(&|$))', '$1', $referrerSession[\Input::get('ref')]['current']);
\Session::getInstance()->set('referer', $referrerSession);
}
}
// Only handle requests from the frontend helper
if (!\Input::get('rsfhr')) {
return;
}
if ($table === 'tl_templates' && \Input::get('key') === 'new_tpl') {
if (\Input::get('original') && !\Input::post('original')) {
// Preselect the original template
\Input::setPost('original', \Input::get('original'));
}
if (\Input::get('target') && !\Input::post('target')) {
// Preselect the target template folder
\Input::setPost('target', \Input::get('target'));
}
}
$base = \Environment::get('path');
if (version_compare(VERSION, '4.0', '>=')) {
$base .= \System::getContainer()->get('router')->generate('contao_backend');
} else {
$base .= '/contao';
}
$referrer = parse_url(\Environment::get('httpReferer'));
$referrer = $referrer['path'] . ($referrer['query'] ? '?' . $referrer['query'] : '');
// Stop if the referrer is a backend URL
if (substr($referrer, 0, strlen($base)) === $base && in_array(substr($referrer, strlen($base), 1), array(false, '/', '?'), true)) {
return;
}
// Fix empty referrers
if (empty($referrer)) {
$referrer = '/';
}
// Make homepage possible as referrer
if ($referrer === \Environment::get('path') . '/') {
$referrer .= '?';
}
$assetsDir = version_compare(VERSION, '4.0', '>=') ? 'bundles/rocksolidfrontendhelper' : 'system/modules/rocksolid-frontend-helper/assets';
$referrer = \Environment::get('path') . '/' . $assetsDir . '/html/referrer.html?referrer=' . rawurlencode($referrer);
// set the frontend URL as referrer
$referrerSession = \Session::getInstance()->get('referer');
if (defined('TL_REFERER_ID') && !\Input::get('ref')) {
$referrer = substr($referrer, strlen(TL_PATH) + 1);
$tlRefererId = substr(md5(TL_START - 1), 0, 8);
$referrerSession[$tlRefererId]['current'] = $referrer;
\Input::setGet('ref', $tlRefererId);
$requestUri = \Environment::get('requestUri');
$requestUri .= (strpos($requestUri, '?') === false ? '?' : '&') . 'ref=' . $tlRefererId;
\Environment::set('requestUri', $requestUri);
if (version_compare(VERSION, '4.0', '>=')) {
\System::getContainer()->get('request_stack')->getCurrentRequest()->query->set('ref', $tlRefererId);
}
} else {
if (!defined('TL_REFERER_ID')) {
$referrerSession['current'] = $referrer;
}
}
\Session::getInstance()->set('referer', $referrerSession);
}
/**
* generate an albumalias based on the albumname and create a directory of the same name
* and register the directory in tl files
* @param $strAlias
* @param \Contao\DataContainer $dc
* @return mixed|string
*/
public function saveCbGenerateAlias($strAlias, \Contao\DataContainer $dc)
{
$blnDoNotCreateDir = false;
// get current row
$objAlbum = GalleryCreatorAlbumsModel::findByPk($dc->id);
if ($objAlbum === null) {
return;
}
// Save assigned Dir if it was defined.
if ($this->Input->post('FORM_SUBMIT') && strlen($this->Input->post('assignedDir'))) {
$objAlbum->assignedDir = $this->Input->post('assignedDir');
$objAlbum->save();
$blnDoNotCreateDir = true;
}
$strAlias = standardize($strAlias);
// if there isn't an existing albumalias generate one from the albumname
if (!strlen($strAlias)) {
$strAlias = standardize($dc->activeRecord->name);
}
// limit alias to 50 characters
$strAlias = substr($strAlias, 0, 43);
// remove invalid characters
$strAlias = preg_replace("/[^a-z0-9\\_\\-]/", "", $strAlias);
// if alias already exists add the album-id to the alias
$objAlb = $this->Database->prepare('SELECT * FROM tl_gallery_creator_albums WHERE id!=? AND alias=?')->execute($dc->activeRecord->id, $strAlias);
if ($objAlb->numRows) {
$strAlias = 'id-' . $dc->id . '-' . $strAlias;
}
// Create default upload folder
if ($blnDoNotCreateDir === false) {
// create the new folder and register it in tl_files
$objFolder = new Folder($this->uploadPath . '/' . $strAlias);
$oFolder = Dbafs::addResource($objFolder->path, true);
$objAlbum->assignedDir = $oFolder->uuid;
$objAlbum->save();
// Important
Input::setPost('assignedDir', String::binToUuid($objAlbum->assignedDir));
}
return $strAlias;
}
/**
* Validate input and return address data
* @return array
*/
protected function validateFields($blnValidate)
{
$arrAddress = array();
$arrWidgets = $this->getWidgets();
foreach ($arrWidgets as $strName => $objWidget) {
$arrData =& $GLOBALS['TL_DCA'][\Isotope\Model\Address::getTable()]['fields'][$strName];
// Validate input
if ($blnValidate) {
$objWidget->validate();
$varValue = $objWidget->value;
// Convert date formats into timestamps
if (strlen($varValue) && in_array($arrData['eval']['rgxp'], array('date', 'time', 'datim'))) {
try {
$objDate = new \Date($varValue, $GLOBALS['TL_CONFIG'][$arrData['eval']['rgxp'] . 'Format']);
$varValue = $objDate->tstamp;
} catch (\OutOfBoundsException $e) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR'][$arrData['eval']['rgxp']], $GLOBALS['TL_CONFIG'][$arrData['eval']['rgxp'] . 'Format']));
}
}
// Do not submit if there are errors
if ($objWidget->hasErrors()) {
$this->blnError = true;
} elseif ($objWidget->submitInput()) {
$arrAddress[$strName] = $varValue;
}
} else {
\Input::setPost($objWidget->name, $objWidget->value);
$objValidator = clone $objWidget;
$objValidator->validate();
if ($objValidator->hasErrors()) {
$this->blnError = true;
}
}
}
return $arrAddress;
}
/**
* Validates a field.
*
* @param \FormFieldModel $formField
* @param int $step
*
* @return bool
*/
public function validateField(\FormFieldModel $formField, $step)
{
$class = $GLOBALS['TL_FFL'][$formField->type];
if (!class_exists($class)) {
return true;
}
/** @var \Widget $widget */
$widget = new $class($formField->row());
$widget->required = $formField->mandatory ? true : false;
// Needed for the hook
$form = $this->createDummyForm();
// HOOK: load form field callback
if (isset($GLOBALS['TL_HOOKS']['loadFormField']) && is_array($GLOBALS['TL_HOOKS']['loadFormField'])) {
foreach ($GLOBALS['TL_HOOKS']['loadFormField'] as $callback) {
$objCallback = \System::importStatic($callback[0]);
$widget = $objCallback->{$callback[1]}($widget, $this->getFormId(), $this->formModel->row(), $form);
}
}
// Validation (needs to set POST values because the widget class searches
// only in POST values :-(
// This should only happen if value is not currently submitted and if
// the value is neither submitted in POST nor in the session, we have
// to default it to an empty string so the widget validates for mandatory
// fields
$fakeValidation = false;
if (!isset($_POST[$widget->name])) {
if ($this->isStoredInData($widget->name, $step)) {
$value = $this->fetchFromData($widget->name, $step);
} else {
$value = '';
}
\Input::setPost($formField->name, $value);
$fakeValidation = true;
}
$widget->validate();
// Reset fake validation
if ($fakeValidation) {
\Input::setPost($formField->name, null);
}
// Special hack for upload fields because they delete $_FILES and thus
// multiple validation calls will fail - sigh
if ($widget instanceof \uploadable && isset($_SESSION['FILES'][$widget->name])) {
$_FILES[$widget->name] = $_SESSION['FILES'][$widget->name];
}
// HOOK: validate form field callback
if (isset($GLOBALS['TL_HOOKS']['validateFormField']) && is_array($GLOBALS['TL_HOOKS']['validateFormField'])) {
foreach ($GLOBALS['TL_HOOKS']['validateFormField'] as $callback) {
$objCallback = \System::importStatic($callback[0]);
$widget = $objCallback->{$callback[1]}($widget, $this->getFormId(), $this->formModel->row(), $form);
}
}
return !$widget->hasErrors();
}
/**
* Add the file meta information to the request
*
* @param string $strUuid
* @param string $strPtable
* @param integer $intPid
*/
public static function addFileMetaInformationToRequest($strUuid, $strPtable, $intPid)
{
$objFile = \FilesModel::findByUuid($strUuid);
if ($objFile === null) {
return;
}
$arrMeta = deserialize($objFile->meta);
if (empty($arrMeta)) {
return;
}
$objPage = null;
$db = \Database::getInstance();
switch ($strPtable) {
case 'tl_article':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT pid FROM tl_article WHERE id=?)")->execute($intPid);
break;
case 'tl_news':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT jumpTo FROM tl_news_archive WHERE id=(SELECT pid FROM tl_news WHERE id=?))")->execute($intPid);
break;
case 'tl_news_archive':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT jumpTo FROM tl_news_archive WHERE id=?)")->execute($intPid);
break;
case 'tl_calendar_events':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT jumpTo FROM tl_calendar WHERE id=(SELECT pid FROM tl_calendar_events WHERE id=?))")->execute($intPid);
break;
case 'tl_calendar':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT jumpTo FROM tl_calendar WHERE id=?)")->execute($intPid);
break;
case 'tl_faq_category':
$objPage = $db->prepare("SELECT * FROM tl_page WHERE id=(SELECT jumpTo FROM tl_faq_category WHERE id=?)")->execute($intPid);
break;
default:
// HOOK: support custom modules
if (isset($GLOBALS['TL_HOOKS']['addFileMetaInformationToRequest']) && is_array($GLOBALS['TL_HOOKS']['addFileMetaInformationToRequest'])) {
foreach ($GLOBALS['TL_HOOKS']['addFileMetaInformationToRequest'] as $callback) {
if (($val = \System::importStatic($callback[0])->{$callback[1]}($strPtable, $intPid)) !== false) {
$objPage = $val;
}
}
}
break;
}
if ($objPage === null || $objPage->numRows < 1) {
return;
}
$objModel = new \PageModel();
$objModel->setRow($objPage->row());
$objModel->loadDetails();
// Convert the language to a locale (see #5678)
$strLanguage = str_replace('-', '_', $objModel->rootLanguage);
if (isset($arrMeta[$strLanguage])) {
if (\Input::post('alt') == '' && !empty($arrMeta[$strLanguage]['title'])) {
\Input::setPost('alt', $arrMeta[$strLanguage]['title']);
}
if (\Input::post('caption') == '' && !empty($arrMeta[$strLanguage]['caption'])) {
\Input::setPost('caption', $arrMeta[$strLanguage]['caption']);
}
}
}
public function generate()
{
if (TL_MODE == 'BE') {
$objTemplate = new \BackendTemplate('be_wildcard');
$objTemplate->wildcard = '### ' . utf8_strtoupper($GLOBALS['TL_LANG']['FMD']['loginregistration'][0]) . ' ###';
$objTemplate->title = $this->headline;
$objTemplate->id = $this->id;
$objTemplate->link = $this->name;
$objTemplate->href = 'contao/main.php?do=themes&table=tl_module&act=edit&id=' . $this->id;
return $objTemplate->parse();
}
// required by ModuleRegistration::generate();
$this->editable = array('username', 'password');
$this->allowedMailDomains = deserialize($this->allowedMailDomains, true);
$this->domainCheck = false;
$this->domainList = $this->getDomainList();
if (is_array($this->domainList) && !empty($this->domainList)) {
$this->domainCheck = true;
}
// Set the last page visited
if ($this->redirectBack) {
$_SESSION['LAST_PAGE_VISITED'] = $this->getReferer();
}
// Redirect to the jumpTo page if user is logged in and permanentRedirect is enables
if (FE_USER_LOGGED_IN && $this->redirectPermanent) {
$this->redirect($this->getJumpTo());
}
// Login
if (\Input::post('FORM_SUBMIT') == 'tl_login') {
// Check whether username and password are set
if (empty($_POST['username']) || empty($_POST['password'])) {
$_SESSION['LOGIN_ERROR'] = $GLOBALS['TL_LANG']['MSC']['emptyField'];
$this->reload();
}
$strRedirect = $this->getJumpTo();
$this->import('FrontendUser', 'User');
// Auto login is not allowed
if (isset($_POST['autologin']) && !$this->autologin) {
unset($_POST['autologin']);
\Input::setPost('autologin', null);
}
// Login existing user, or try to get username-domain-combination or register
if ($this->User->login()) {
$this->redirect($strRedirect);
} else {
$username = $_POST['username'];
if ($this->domainCheck || \Validator::isEmail($username)) {
if (($username = $this->getValidDomainUsername()) === null) {
$this->reload();
}
// overwrite the username
$username = strtolower($username);
$_POST['username'] = $username;
\Input::setPost('username', $username);
if ($this->User->login()) {
$this->redirect($strRedirect);
}
$this->registerUser($username);
}
}
$this->reload();
}
// Logout and redirect to the website root if the current page is protected
if (\Input::post('FORM_SUBMIT') == 'tl_logout') {
global $objPage;
$this->import('FrontendUser', 'User');
$strRedirect = \Environment::get('request');
// Redirect to last page visited
if ($this->redirectBack && strlen($_SESSION['LAST_PAGE_VISITED'])) {
$strRedirect = $_SESSION['LAST_PAGE_VISITED'];
} elseif ($objPage->protected) {
$strRedirect = \Environment::get('base');
}
// Logout and redirect
if ($this->User->logout()) {
$this->redirect($strRedirect);
}
$this->reload();
}
return parent::generate();
}
/**
* Run the communication as client
*
* @return void
*/
public function run()
{
// If we have a ping, just do nothing
if (\Input::get("act") == "ping") {
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
/* ---------------------------------------------------------------------
* Check if we have a old AES or a new AES with IV.
* Set codifyengine keys.
* Check the connection ID and refresh/delete it.
*/
// Check if IV was send, when send use the new AES else the old one.
try {
$this->objCodifyengineBasic = Factory::getEngine("aes");
$this->setCodifyengine(\Input::get("engine"));
} catch (\RuntimeException $exc) {
\System::log("Try to load the engine for ctoCommunication with error: " . $exc->getMessage(), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
// Check if we have a incomming connection for handshake
if (in_array(\Input::get("act"), array("CTOCOM_HELLO", "CTOCOM_START_HANDSHAKE", "CTOCOM_CHECK_HANDSHAKE", "CTOCOM_VERSION"))) {
$this->objCodifyengine->setKey($GLOBALS['TL_CONFIG']['ctoCom_APIKey']);
$this->objCodifyengineBasic->setKey($GLOBALS['TL_CONFIG']['ctoCom_APIKey']);
$strCodifyKey = $GLOBALS['TL_CONFIG']['ctoCom_APIKey'];
} else {
// Use the private key from connection pool
if (strlen(\Input::get("con")) != 0) {
// Check if we have some data
$arrConnections = \Database::getInstance()->prepare("SELECT * FROM tl_ctocom_cache WHERE uid=?")->execute(\Input::get("con"))->fetchAllAssoc();
if (count($arrConnections) == 0) {
\System::log(vsprintf("Call from %s with a unknown connection ID.", \Environment::get('ip')), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
// Check if time out isn't reached.
if ($arrConnections[0]["tstamp"] + $this->intHandshakeTimeout < time()) {
\Database::getInstance()->prepare("DELETE FROM tl_ctocom_cache WHERE uid=?")->execute(\Input::get("con"));
\System::log(vsprintf("Call from %s with a expired connection ID.", \Environment::get('ip')), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
// Reset timestamp
\Database::getInstance()->prepare("UPDATE tl_ctocom_cache %s WHERE uid=?")->set(array("tstamp" => time()))->execute(\Input::get("con"));
// Set codify key from database
$this->objCodifyengineBasic->setKey($arrConnections[0]["shared_secret_key"]);
$this->objCodifyengine->setKey($arrConnections[0]["shared_secret_key"]);
$strCodifyKey = $arrConnections[0]["shared_secret_key"];
} else {
\System::log(vsprintf("Call from %s without a connection ID.", \Environment::get('ip')), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
}
/* ---------------------------------------------------------------------
* Check the API key.
* Check if the API Key was send.
* Check if the API key contains the RPC Call and the API Key from this
* Contao Version.
*/
// Check if a API-Key was send
if (strlen(\Input::get("apikey")) == 0) {
\System::log(vsprintf("Call from %s without a API Key.", \Environment::get('ip')), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
// Check RPC Call from get and the RPC Call from API-Key
$mixVar = $this->objCodifyengineBasic->Decrypt(base64_decode(\Input::get("apikey", true)));
$mixVar = trimsplit("@\\|@", $mixVar);
$strApiKey = $mixVar[1];
$strAction = $mixVar[0];
if ($strAction != \Input::get("act")) {
\System::log(vsprintf("Error Api Key from %s. Request action: %s | Key action: %s | Api: %s", array(\Environment::get('ip'), \Input::get("act"), $strAction, $strApiKey)), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
if ($GLOBALS['TL_CONFIG']['ctoCom_APIKey'] != $strApiKey) {
\System::log(vsprintf("Call from %s with a wrong API Key: %s", array(\Environment::get('ip'), \Input::get("apikey"))), __FUNCTION__ . " | " . __CLASS__, TL_ERROR);
// Clean output buffer
while (@ob_end_clean()) {
}
exit;
}
/* ---------------------------------------------------------------------
* Check language settings
*/
if (empty($GLOBALS['TL_LANGUAGE'])) {
$GLOBALS['TL_LANGUAGE'] = "en";
}
/* ---------------------------------------------------------------------
* Set I/O System
*/
if (strlen(\Input::get("format")) != 0) {
if (\CtoCommunication\InputOutput\Factory::engineExist(\Input::get("format"))) {
$this->setIOEngine(\Input::get("format"));
} else {
$this->setIOEngine();
$this->objError = new Error();
$this->objError->setLanguage("unknown_io");
$this->objError->setID(10);
$this->objError->setObject("");
$this->objError->setMessage("No I/O Interface found for accept.");
$this->objError->setRPC("");
$this->objError->setClass("");
$this->objError->setFunction("");
$this->generateOutput();
exit;
}
} else {
$strAccept = $_SERVER['HTTP_ACCEPT'];
$strAccept = preg_replace("/;q=\\d\\.\\d/", "", $strAccept);
$arrAccept = trimsplit(",", $strAccept);
$strIOEngine = false;
foreach ($arrAccept as $key => $value) {
$strIOEngine = \CtoCommunication\InputOutput\Factory::getEngingenameForAccept($value);
if ($strIOEngine !== false) {
break;
}
}
if ($strIOEngine === false) {
$this->objIOEngine = \CtoCommunication\InputOutput\Factory::getEngine('default');
$this->objError = new Error();
$this->objError->setLanguage("unknown_io");
$this->objError->setID(10);
$this->objError->setObject("");
$this->objError->setMessage("No I/O Interface found for accept: {$strAccept}");
$this->objError->setRPC("");
$this->objError->setClass("");
$this->objError->setFunction("");
$this->generateOutput();
exit;
} else {
$this->setIOEngine($strIOEngine);
}
}
/* ---------------------------------------------------------------------
* Run RPC-Check function
*/
// Check if act is set
$mixRPCCall = \Input::get("act");
if (strlen($mixRPCCall) == 0) {
$this->objError = new Error();
$this->objError->setLanguage("rpc_missing");
$this->objError->setID(1);
$this->objError->setObject("");
$this->objError->setMessage("Missing RPC Call");
$this->objError->setRPC($mixRPCCall);
$this->objError->setClass("");
$this->objError->setFunction("");
$this->generateOutput();
exit;
}
if (!array_key_exists($mixRPCCall, $this->arrRpcList)) {
$this->objError = new Error();
$this->objError->setLanguage("rpc_unknown");
$this->objError->setID(1);
$this->objError->setObject("");
$this->objError->setMessage("Unknown RPC Call");
$this->objError->setRPC($mixRPCCall);
$this->objError->setClass("");
$this->objError->setFunction("");
$this->generateOutput();
exit;
}
/* ---------------------------------------------------------------------
* Build a list with parameter from the POST
*/
$arrParameter = array();
if ($this->arrRpcList[$mixRPCCall]["parameter"] != false && is_array($this->arrRpcList[$mixRPCCall]["parameter"])) {
switch ($this->arrRpcList[$mixRPCCall]["typ"]) {
// Decode post
case "POST":
// Decode each post
$arrPostValues = array();
foreach ($_POST as $key => $value) {
if (version_compare('3.2.16', VERSION . '.' . BUILD, '<=') && version_compare('3.3.0', VERSION . '.' . BUILD, '>') || version_compare('3.3.7', VERSION . '.' . BUILD, '<=')) {
// Get the raw data.
$mixPost = \Input::postUnsafeRaw($key);
} else {
// Get the raw data for older contao versions.
$mixPost = \Input::postRaw($key);
}
$mixPost = $this->objIOEngine->InputPost($mixPost, $this->objCodifyengine);
$arrPostValues[$key] = $mixPost;
\Input::setPost($key, $mixPost);
}
// Check if all post are set
foreach ($this->arrRpcList[$mixRPCCall]["parameter"] as $value) {
$arrPostKey = array_keys($arrPostValues);
if (!in_array($value, $arrPostKey)) {
$arrParameter[$value] = null;
} else {
// Get the raw data.
$arrParameter[$value] = $arrPostValues[$value];
}
}
unset($arrPostValues);
break;
default:
break;
}
}
/* ---------------------------------------------------------------------
* Call function
*/
try {
$strClassname = $this->arrRpcList[$mixRPCCall]["class"];
if (!class_exists($strClassname)) {
$this->objError = new Error();
$this->objError->setLanguage("rpc_class_not_exists");
$this->objError->setID(4);
$this->objError->setObject($value);
$this->objError->setMessage("The choosen class didn`t exists.");
$this->objError->setRPC($mixRPCCall);
$this->objError->setClass($this->arrRpcList[$mixRPCCall]["class"]);
$this->objError->setFunction($this->arrRpcList[$mixRPCCall]["function"]);
$this->generateOutput();
exit;
}
$objReflection = new \ReflectionClass($strClassname);
if ($objReflection->hasMethod("getInstance")) {
$object = call_user_func_array(array($this->arrRpcList[$mixRPCCall]["class"], "getInstance"), array());
$this->mixOutput = call_user_func_array(array($object, $this->arrRpcList[$mixRPCCall]["function"]), $arrParameter);
} else {
$object = new $this->arrRpcList[$mixRPCCall]["class"]();
$this->mixOutput = call_user_func_array(array($object, $this->arrRpcList[$mixRPCCall]["function"]), $arrParameter);
}
} catch (\Exception $exc) {
$this->objError = new Error();
$this->objError->setLanguage("rpc_unknown_exception");
$this->objError->setID(3);
$this->objError->setObject("");
$this->objError->setMessage($exc->getMessage());
$this->objError->setRPC($mixRPCCall);
$this->objError->setClass($this->arrRpcList[$mixRPCCall]["class"]);
$this->objError->setFunction($this->arrRpcList[$mixRPCCall]["function"]);
$this->objError->setException($exc);
\System::log(vsprintf("RPC Exception: %s | %s", array($exc->getMessage(), nl2br($exc->getTraceAsString()))), __CLASS__ . " | " . __FUNCTION__, TL_ERROR);
$this->generateOutput();
exit;
}
$this->generateOutput();
exit;
}
/**
* Restore the GET and POST vars to Contao's Input class
*/
public static function restore()
{
if (isset(static::$arrCache['getEncoded'])) {
foreach (static::$arrCache['getEncoded'] as $strKey => $varValue) {
\Input::setGet($strKey, $varValue);
}
}
if (isset(static::$arrCache['postEncoded'])) {
foreach (static::$arrCache['postEncoded'] as $strKey => $varValue) {
\Input::setPost($strKey, $varValue);
}
}
}
/**
* @param \File $objCsvFile
* @param $strTable
* @param $strImportMode
* @param null $arrSelectedFields
* @param string $strFieldseparator
* @param string $strFieldenclosure
* @param string $strPrimaryKey
* @param string $arrDelim
*/
public function importCsv(\File $objCsvFile, $strTable, $strImportMode, $arrSelectedFields = null, $strFieldseparator = ';', $strFieldenclosure = '', $strPrimaryKey = 'id', $arrDelim = '||', $blnTestMode = false)
{
// store sucess or failure message in the session
$_SESSION['import_from_csv']['report'] = array();
// load language file
\System::loadLanguageFile($strTable);
// load dca
$this->loadDataContainer($strTable);
// store the options in $this->arrData
$this->arrData = array('tablename' => $strTable, 'primaryKey' => $strPrimaryKey, 'importMode' => $strImportMode, 'selectedFields' => is_array($arrSelectedFields) ? $arrSelectedFields : array(), 'fieldSeparator' => $strFieldseparator, 'fieldEnclosure' => $strFieldenclosure);
// truncate table
if ($this->arrData['importMode'] == 'truncate_table') {
$this->Database->execute('TRUNCATE TABLE `' . $strTable . '`');
}
if (count($this->arrData['selectedFields']) < 1) {
return;
}
// get content as array
$arrFileContent = $objCsvFile->getContentAsArray();
$arrFieldnames = explode($this->arrData['fieldSeparator'], $arrFileContent[0]);
// trim quotes in the first line and get the fieldnames
$arrFieldnames = array_map(array($this, 'myTrim'), $arrFieldnames);
// count rows
$rows = 0;
// count errors
$insertError = 0;
// store each line as an entry in the db
foreach ($arrFileContent as $line => $lineContent) {
$doNotSave = false;
// line 0 contains the fieldnames
if ($line == 0) {
continue;
}
// count rows
$rows++;
// separate the line into the different fields
$arrLine = explode($this->arrData['fieldSeparator'], $lineContent);
// Set the associative Array with the line content
$assocArrayLine = array();
foreach ($arrFieldnames as $k => $fieldname) {
$assocArrayLine[$fieldname] = $arrLine[$k];
}
$set = array();
foreach ($arrFieldnames as $k => $fieldname) {
$blnCustomValidation = false;
// continue if field is excluded from import
if (!in_array($fieldname, $this->arrData['selectedFields'])) {
continue;
}
// if entries are appended autoincrement id
if ($this->arrData['importMode'] == 'append_entries' && strtolower($fieldname) == $this->arrData['primaryKey']) {
continue;
}
// get the field content
$fieldValue = $arrLine[$k];
// trim quotes
$fieldValue = $this->myTrim($fieldValue);
// convert variable to a string (see #2)
$fieldValue = strval($fieldValue);
// get the DCA of the current field
$arrDCA =& $GLOBALS['TL_DCA'][$strTable]['fields'][$fieldname];
$arrDCA = is_array($arrDCA) ? $arrDCA : array();
// Prepare FormWidget object !set inputType to "text" if there is no definition
$inputType = $arrDCA['inputType'] != '' ? $arrDCA['inputType'] : 'text';
// Map checkboxWizards to regular checkbox widgets
if ($inputType == 'checkboxWizard') {
$inputType = 'checkbox';
}
$strClass =& $GLOBALS['TL_FFL'][$inputType];
// HOOK: add custom validation
if (isset($GLOBALS['TL_HOOKS']['importFromCsv']) && is_array($GLOBALS['TL_HOOKS']['importFromCsv'])) {
$arrCustomValidation = array('strTable' => $strTable, 'arrDCA' => $arrDCA, 'fieldname' => $fieldname, 'value' => $fieldValue, 'arrayLine' => $assocArrayLine, 'line' => $line, 'objCsvFile' => $objCsvFile, 'skipWidgetValidation' => false, 'hasErrors' => false, 'errorMsg' => null, 'doNotSave' => false, 'blnTestMode' => $blnTestMode);
$blnCustomValidation = false;
foreach ($GLOBALS['TL_HOOKS']['importFromCsv'] as $callback) {
$this->import($callback[0]);
$arrCustomValidation = $this->{$callback[0]}->{$callback[1]}($arrCustomValidation, $this);
if (!is_array($arrCustomValidation)) {
die('Als Rückgabewert wird ein Array erwartet. Fehler in ' . __FILE__ . ' in Zeile ' . __LINE__ . '.');
}
$fieldValue = $arrCustomValidation['value'];
// Check if widget-validation should be skipped
if ($blnCustomValidation['skipWidgetValidation'] === true) {
$blnCustomValidation = true;
}
}
if ($arrCustomValidation['errorMsg'] != '') {
$fieldValue = sprintf('<span class="errMsg">%s</span>', $arrCustomValidation['errorMsg']);
}
if ($arrCustomValidation['doNotSave']) {
$doNotSave = true;
}
}
// Continue if the class does not exist
// Use form widgets for input validation
if (class_exists($strClass) && $blnCustomValidation === false) {
$objWidget = new $strClass($strClass::getAttributesFromDca($arrDCA, $fieldname, $fieldValue, '', '', $this));
$objWidget->storeValues = false;
// Set post var, so the content can be validated
\Input::setPost($fieldname, $fieldValue);
if ($fieldname == 'password') {
\Input::setPost('password_confirm', $fieldValue);
}
// add option values in the csv like this: value1||value2||value3
if ($inputType == 'radio' || $inputType == 'checkbox' || $inputType == 'select') {
if ($arrDCA['eval']['multiple'] === true) {
// Security issues in Contao #6695
if (version_compare(VERSION . BUILD, '3.2.5', '>=')) {
$fieldValue = $fieldValue != '' ? explode($arrDelim, $fieldValue) : null;
}
\Input::setPost($fieldname, $fieldValue);
$objWidget->value = $fieldValue;
}
}
// validate input
$objWidget->validate();
$fieldValue = $objWidget->value;
// Convert date formats into timestamps
$rgxp = $arrDCA['eval']['rgxp'];
if (($rgxp == 'date' || $rgxp == 'time' || $rgxp == 'datim') && $fieldValue != '' && !$objWidget->hasErrors()) {
try {
$strTimeFormat = $GLOBALS['TL_CONFIG'][$rgxp . 'Format'];
$objDate = new \Date($fieldValue, $strTimeFormat);
$fieldValue = $objDate->tstamp;
} catch (\OutOfBoundsException $e) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $fieldValue));
}
}
// Make sure that unique fields are unique
if ($arrDCA['eval']['unique'] && $fieldValue != '' && !$this->Database->isUniqueValue($strTable, $fieldname, $fieldValue, null)) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrDCA['label'][0] ?: $fieldname));
}
// Do not save the field if there are errors
if ($objWidget->hasErrors()) {
$doNotSave = true;
$fieldValue = sprintf('"%s" => <span class="errMsg">%s</span>', $fieldValue, $objWidget->getErrorsAsString());
} else {
// Set the correct empty value
if ($fieldValue === '') {
$fieldValue = $objWidget->getEmptyValue();
}
}
}
$set[$fieldname] = is_array($fieldValue) ? serialize($fieldValue) : $fieldValue;
}
// insert data record
if (!$doNotSave) {
// insert tstamp
if ($this->Database->fieldExists('tstamp', $strTable)) {
if (!$set['tstamp'] > 0) {
$set['tstamp'] = time();
}
}
// insert dateAdded (tl_member)
if ($this->Database->fieldExists('dateAdded', $strTable)) {
if (!$set['dateAdded'] > 0) {
$set['dateAdded'] = time();
}
}
// add new member to newsletter recipient list
if ($strTable == 'tl_member' && $set['email'] != '' && $set['newsletter'] != '') {
foreach (deserialize($set['newsletter'], true) as $newsletterId) {
// check for unique email-address
$objRecipient = $this->Database->prepare("SELECT * FROM tl_newsletter_recipients WHERE email=? AND pid=(SELECT pid FROM tl_newsletter_recipients WHERE id=?) AND id!=?")->execute($set['email'], $newsletterId, $newsletterId);
if (!$objRecipient->numRows) {
$arrRecipient = array();
$arrRecipient['tstamp'] = time();
$arrRecipient['pid'] = $newsletterId;
$arrRecipient['email'] = $set['email'];
$arrRecipient['active'] = '1';
if ($blnTestMode !== true) {
$this->Database->prepare('INSERT INTO tl_newsletter_recipients %s')->set($arrRecipient)->execute();
}
}
}
}
try {
if ($blnTestMode !== true) {
// insert entry into database
$this->Database->prepare('INSERT INTO ' . $strTable . ' %s')->set($set)->execute();
}
} catch (\Exception $e) {
$set['insertError'] = $e->getMessage();
$doNotSave = true;
}
}
// generate html markup for the import report table
$htmlReport = '';
$cssClass = 'allOk';
if ($doNotSave) {
$cssClass = 'error';
$htmlReport .= sprintf('<tr class="%s"><td class="tdTitle" colspan="2">#%s Datensatz konnte nicht angelegt werden!</td></tr>', $cssClass, $line);
// increment error counter if necessary
$insertError++;
} else {
$htmlReport .= sprintf('<tr class="%s"><td class="tdTitle" colspan="2">#%s Datensatz erfolgreich angelegt!</td></tr>', $cssClass, $line);
}
foreach ($set as $k => $v) {
if (is_array($v)) {
$v = serialize($v);
}
$htmlReport .= sprintf('<tr class="%s"><td>%s</td><td>%s</td></tr>', $cssClass, \StringUtil::substr($k, 30), \StringUtil::substrHtml($v, 90));
}
$htmlReport .= '<tr class="delim"><td> </td><td> </td></tr>';
$_SESSION['import_from_csv']['report'][] = $htmlReport;
}
$_SESSION['import_from_csv']['status'] = array('blnTestMode' => $blnTestMode, 'rows' => $rows, 'success' => $rows - $insertError, 'errors' => $insertError);
}
/**
* Pre-fill the "alt" and "caption" fields with the file meta data
*
* @param mixed $varValue
* @param DataContainer $dc
*
* @return mixed
*/
public function storeFileMetaInformation($varValue, DataContainer $dc)
{
if ($dc->activeRecord->singleSRC == $varValue) {
return $varValue;
}
$objFile = FilesModel::findByUuid($varValue);
if ($objFile !== null) {
$arrMeta = deserialize($objFile->meta);
if (!empty($arrMeta)) {
$objPage = $this->Database->prepare("SELECT * FROM tl_page WHERE id=(SELECT pid FROM " . ($dc->activeRecord->ptable ?: 'tl_article') . " WHERE id=?)")->execute($dc->activeRecord->pid);
if ($objPage->numRows) {
$objModel = new PageModel();
$objModel->setRow($objPage->row());
$objModel->loadDetails();
// Convert the language to a locale (see #5678)
$strLanguage = str_replace('-', '_', $objModel->rootLanguage);
if (isset($arrMeta[$strLanguage])) {
Input::setPost('alt', $arrMeta[$strLanguage]['title']);
Input::setPost('caption', $arrMeta[$strLanguage]['caption']);
}
}
}
}
return $varValue;
}
/**
* @param $arrData
* @throws \Exception
*/
protected function createNewEntity($arrData)
{
$tableData = $this->strTableData;
// set default values
$arrData['tstamp'] = time();
$arrData['pid'] = $this->strPid;
$arrData['alias'] = $this->generateAlias($arrData['alias'], $arrData);
// search for geo cords
$arrData = $this->createGeoCoding($arrData);
// set default values from fe
if ($this->fm_defaultValues) {
$defaultValues = $this->fm_defaultValues ? deserialize($this->fm_defaultValues) : array();
foreach ($defaultValues as $defaultValue) {
$col = $defaultValue['key'];
// parse value
$value = $defaultValue['value'];
$value = $this->decodeValue($value);
$value = $this->replaceInsertTags($value);
$dcaData = $this->dcaFields[$col];
$dcaData = $this->convertWidgetToField($dcaData);
\Input::setPost($col, $value);
// check if get or post
$strClass = $this->fieldClassExist($dcaData['inputType']);
if ($strClass == false) {
continue;
}
// validate
$objWidget = new $strClass($strClass::getAttributesFromDca($dcaData, $col, $dcaData['default'], '', '', $this));
$objWidget->storeValues = true;
$objWidget->validate();
$varValue = $objWidget->value;
$rgxp = $dcaData['eval']['rgxp'];
// Convert date formats into timestamps (check the eval setting first -> #3063)
if ($varValue != '' && in_array($rgxp, array('date', 'time', 'datim'))) {
try {
$objDate = new \Date($varValue, \Date::getFormatFromRgxp($rgxp));
$varValue = $objDate->tstamp;
} catch (\OutOfBoundsException $e) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue));
}
}
// Make sure that unique fields are unique (check the eval setting first -> #3063)
if ($dcaData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue($this->strTableData, $col, $varValue)) {
$objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $dcaData['label'][0] ?: $col));
}
// Save callback
if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($dcaData['save_callback'])) {
foreach ($dcaData['save_callback'] as $callback) {
try {
if (is_array($callback)) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($varValue, null);
} elseif (is_callable($callback)) {
$varValue = $callback($varValue, null);
}
} catch (\Exception $e) {
$objWidget->class = 'error';
$objWidget->addError($e->getMessage());
}
}
}
if (!$objWidget->hasErrors()) {
// Set the correct empty value (see #6284, #6373)
if ($varValue === '') {
$varValue = $objWidget->getEmptyValue();
}
// Encrypt the value (see #7815)
if ($dcaData['eval']['encrypt']) {
$varValue = \Encryption::encrypt($varValue);
}
// Set the new value
$arrData[$col] = $varValue;
}
}
}
// set author
if (!$arrData['author']) {
$arrData['author'] = $this->fm_EntityAuthor;
}
// generate sql query
$values = array();
$cols = array();
$placeholder = array();
$arrCheckBoxes = array('markerSRC' => 'addMarker', 'singleSRC' => 'addImage', 'enclosure' => 'addEnclosure');
// nur ein Hack
$arrActive = array();
foreach ($arrData as $col => $value) {
$eval = $this->dcaFields[$col]['eval'];
// activate palette in BE
if ($arrCheckBoxes[$col] && $value) {
$cols[] = $arrCheckBoxes[$col];
$values[] = '1';
$placeholder[] = '?';
}
$cols[] = $col;
// check for multiple values
if (isset($eval['multiple']) && $eval['multiple'] == true && isset($eval['csv'])) {
// delimiter
$delimiter = $eval['csv'];
if ($delimiter === ',' && is_array($value)) {
$value = implode($delimiter, $value);
}
}
// exception for cssID
if ($col == 'cssID') {
$value = explode(',', $value);
$value = serialize($value);
}
$arrActive[$col] = $value;
$values[] = $value;
$placeholder[] = '?';
}
$strCols = implode(',', $cols);
$strPlaceholder = implode(',', $placeholder);
$strQuery = 'INSERT INTO ' . $tableData . ' (' . $strCols . ') VALUES (' . $strPlaceholder . ')';
// save item
\Session::getInstance()->set('FModuleActiveAttributes', $arrActive);
unset($arrActive);
// create new entity
$this->Database->prepare($strQuery)->execute($values);
// send Notification
if ($this->fm_addNotificationEmail) {
$this->sendNotification($arrData);
}
// send Confirmation
if ($this->fm_addConfirmationEmail) {
$this->sendConfirmation($arrData);
}
// Check whether there is a jumpTo page
if ($this->jumpTo) {
$objPage = \PageModel::findWithDetails($this->jumpTo);
$this->jumpToOrReload($objPage->row());
}
$this->reload();
}
/**
* Set up the database connection
*/
protected function setUpDatabaseConnection()
{
$strDrivers = '';
$arrDrivers = array('');
if (class_exists('mysqli', false)) {
$arrDrivers[] = 'MySQLi';
}
if (function_exists('mysql_connect')) {
$arrDrivers[] = 'MySQL';
}
// If there is another driver defined, add it here as well
if (\Config::get('dbDriver') != '' && !in_array(\Config::get('dbDriver'), $arrDrivers)) {
$arrDrivers[] = \Config::get('dbDriver');
}
foreach ($arrDrivers as $strDriver) {
$strDrivers .= sprintf('<option value="%s"%s>%s</option>', $strDriver, $strDriver == \Config::get('dbDriver') ? ' selected="selected"' : '', $strDriver ?: '-');
}
$this->Template->drivers = $strDrivers;
$this->Template->driver = \Config::get('dbDriver');
$this->Template->host = \Config::get('dbHost');
$this->Template->user = \Config::get('dbUser');
$this->Template->pass = \Config::get('dbPass') != '' ? '*****' : '';
$this->Template->port = \Config::get('dbPort');
$this->Template->socket = \Config::get('dbSocket');
$this->Template->pconnect = \Config::get('dbPconnect');
$this->Template->dbcharset = \Config::get('dbCharset');
$this->Template->database = \Config::get('dbDatabase');
// Store the database connection parameters
if (\Input::post('FORM_SUBMIT') == 'tl_database_login') {
foreach (preg_grep('/^db/', array_keys($_POST)) as $strKey) {
if ($strKey == 'dbPass' && \Input::postUnsafeRaw($strKey) == '*****') {
continue;
}
// The port number must not be empty (see #7950)
if ($strKey == 'dbPort' && \Input::post($strKey, true) == '') {
\Input::setPost($strKey, 3306);
}
\Config::persist($strKey, $strKey == 'dbPass' ? \Input::postUnsafeRaw($strKey) : \Input::post($strKey, true));
}
$this->reload();
}
// No driver selected (see #6088)
if (\Config::get('dbDriver') == '') {
$this->Template->dbConnection = false;
$this->outputAndExit();
}
// Try to connect
try {
$this->import('Database');
$this->Database->listTables();
$this->Template->dbConnection = true;
} catch (\Exception $e) {
$this->Template->dbConnection = false;
$this->Template->dbError = $e->getMessage();
$this->outputAndExit();
}
}
public function importFile()
{
if (\Input::get('key') != 'import') {
return '';
}
if (null === $this->arrImportIgnoreFields) {
$this->arrImportIgnoreFields = array('id', 'pid', 'tstamp', 'form', 'ip', 'date', 'confirmationSent', 'confirmationDate', 'import_source');
}
if (null === $this->arrImportableFields) {
$arrFdFields = array_merge($this->arrBaseFields, $this->arrDetailFields);
$arrFdFields = array_diff($arrFdFields, $this->arrImportIgnoreFields);
foreach ($arrFdFields as $strFdField) {
$this->arrImportableFields[$strFdField] = $GLOBALS['TL_DCA']['tl_formdata']['fields'][$strFdField]['label'][0];
}
}
$arrSessionData = $this->Session->get('EFG');
if (null == $arrSessionData) {
$arrSessionData = array();
}
$this->Session->set('EFG', $arrSessionData);
// Import CSV
if ($_POST['FORM_SUBMIT'] == 'tl_formdata_import') {
$this->loadDataContainer('tl_files');
$strMode = 'preview';
$arrSessionData['import'][$this->strFormKey]['separator'] = $_POST['separator'];
$arrSessionData['import'][$this->strFormKey]['csv_has_header'] = $_POST['csv_has_header'] == '1' ? '1' : '';
$this->Session->set('EFG', $arrSessionData);
if (intval(\Input::post('import_source')) == 0) {
\Message::addError($GLOBALS['TL_LANG']['tl_formdata']['error_select_source']);
\Controller::reload();
}
$objFileModel = \FilesModel::findById(\Input::post('import_source'));
$objFile = new \File($objFileModel->path, true);
if ($objFile->extension != 'csv') {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
setcookie('BE_PAGE_OFFSET', 0, 0, '/');
\Controller::reload();
}
// Get separator
switch (\Input::post('separator')) {
case 'semicolon':
$strSeparator = ';';
break;
case 'tabulator':
$strSeparator = '\\t';
break;
case 'comma':
default:
$strSeparator = ',';
break;
}
if ($_POST['FORM_MODE'] == 'import') {
$strMode = 'import';
$time = time();
$intTotal = null;
$intInvalid = 0;
$intValid = 0;
$arrImportCols = \Input::post('import_cols');
$arrSessionData['import'][$this->strFormKey]['import_cols'] = $arrImportCols;
$this->Session->set('EFG', $arrSessionData);
$arrMapFields = array_flip($arrImportCols);
if (isset($arrMapFields['__IGNORE__'])) {
unset($arrMapFields['__IGNORE__']);
}
$blnUseCsvHeader = $arrSessionData['import'][$this->strFormKey]['csv_has_header'] == '1' ? true : false;
$arrEntries = array();
$resFile = $objFile->handle;
$timeNow = time();
$strFormTitle = $this->Formdata->arrFormsDcaKey[substr($this->strFormKey, 3)];
$strAliasField = strlen($this->Formdata->arrStoringForms[substr($this->strFormKey, 3)]['efgAliasField']) ? $this->Formdata->arrStoringForms[substr($this->strFormKey, 3)]['efgAliasField'] : '';
$objForm = \FormModel::findOneBy('title', $strFormTitle);
if ($objForm !== null) {
$arrFormFields = $this->Formdata->getFormfieldsAsArray($objForm->id);
}
while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) {
if (null === $intTotal) {
$intTotal = 0;
if ($blnUseCsvHeader) {
continue;
}
}
$strAlias = '';
if (isset($arrRow[$arrMapFields['alias']]) && strlen($arrRow[$arrMapFields['alias']])) {
$strAlias = $arrRow[$arrMapFields['alias']];
} elseif (isset($arrRow[$arrMapFields[$strAliasField]]) && strlen($arrRow[$arrMapFields[$strAliasField]])) {
\Input::setPost($strAliasField, $arrRow[$arrMapFields[$strAliasField]]);
}
$arrDetailSets = array();
// prepare base data
$arrSet = array('tstamp' => $timeNow, 'fd_member' => 0, 'fd_user' => intval($this->User->id), 'form' => $strFormTitle, 'ip' => \Environment::get('ip'), 'date' => $timeNow, 'published' => $GLOBALS['TL_DCA']['tl_formdata']['fields']['published']['default'] == '1' ? '1' : '');
foreach ($arrMapFields as $strField => $intCol) {
if (in_array($strField, $this->arrImportIgnoreFields)) {
continue;
}
if (in_array($strField, $this->arrBaseFields)) {
$arrField = $GLOBALS['TL_DCA']['tl_formdata']['fields'][$strField];
if (in_array($strField, $this->arrOwnerFields)) {
switch ($strField) {
case 'fd_user':
$array = 'arrUsers';
break;
case 'fd_member':
$array = 'arrMembers';
break;
case 'fd_user_group':
$array = 'arrUserGroups';
break;
case 'fd_member_group':
$array = 'arrMemberGroups';
break;
}
if (is_numeric($arrRow[$intCol]) && array_key_exists($arrRow[$intCol], $this->{$array})) {
$varValue = $arrRow[$intCol];
} elseif (is_string($arrRow[$intCol])) {
$varValue = intval(array_search($arrRow[$intCol], $this->{$array}));
}
} elseif ($strField == 'published') {
if ($arrRow[$intCol] == $arrField['label'][0] || intval($arrRow[$intCol]) == 1) {
$varValue = '1';
} else {
$varValue = '';
}
} elseif ($strField == 'alias') {
continue;
} else {
$varValue = $arrRow[$intCol];
}
$arrSet[$strField] = $varValue;
}
}
// prepare details data
foreach ($arrMapFields as $strField => $intCol) {
if (in_array($strField, $this->arrImportIgnoreFields)) {
continue;
}
if (in_array($strField, $this->arrDetailFields)) {
// $arrField = array_merge($arrFormFields[$strField], $GLOBALS['TL_DCA']['tl_formdata']['fields'][$strField]);
$arrField = $GLOBALS['TL_DCA']['tl_formdata']['fields'][$strField];
$varValue = $this->Formdata->prepareImportValueForDatabase($arrRow[$intCol], $arrField);
// prepare details data
$arrDetailSet = array('sorting' => $arrFormFields[$strField]['sorting'], 'tstamp' => $timeNow, 'ff_id' => $arrField['ff_id'], 'ff_name' => $strField, 'value' => $varValue);
$arrDetailSets[] = $arrDetailSet;
}
}
$intNewId = 0;
$blnSaved = true;
if (!empty($arrDetailSets)) {
$objNewFormdata = \Database::getInstance()->prepare("INSERT INTO tl_formdata %s")->set($arrSet)->execute();
$intNewId = $objNewFormdata->insertId;
$strAlias = $this->Formdata->generateAlias($strAlias, $this->strFormFilterValue, $intNewId);
if (strlen($strAlias)) {
\Database::getInstance()->prepare("UPDATE tl_formdata %s WHERE id=?")->set(array('alias' => $strAlias))->execute($intNewId);
}
foreach ($arrDetailSets as $kD => $arrDetailSet) {
$arrDetailSet['pid'] = $intNewId;
try {
$objNewFormdataDetails = \Database::getInstance()->prepare("INSERT INTO tl_formdata_details %s")->set($arrDetailSet)->execute();
} catch (\Exception $ee) {
$blnSaved = false;
}
}
if ($blnSaved === false && $intNewId > 0) {
\Database::getInstance()->prepare("DELETE FROM tl_formdata WHERE id=?")->execute($intNewId);
}
} else {
$blnSaved = false;
}
if ($blnSaved) {
$intValid++;
} else {
$intInvalid++;
}
$intTotal++;
}
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_formdata']['import_confirm'], $intValid));
if ($intInvalid > 0) {
\Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_formdata']['import_invalid'], $intInvalid));
}
// Add a log entry
$this->log('Imported file "' . $objFile->filename . '" into form data "' . $strFormTitle . '", created ' . $intValid . ' new records', __METHOD__, TL_GENERAL);
setcookie('BE_PAGE_OFFSET', 0, 0, '/');
\Controller::reload();
}
// Generate preview and form to select import fields
if ($strMode == 'preview') {
return $this->formImportPreview($objFile, $strSeparator);
}
}
return $this->formImportSource();
}
