/**
* constructor
*
* @param TYPO3backend TYPO3 backend object reference
*/
public function __construct(TYPO3backend &$backendReference = null)
{
$this->backendReference = $backendReference;
$this->cacheActions = array();
$this->optionValues = array('all', 'pages');
// Clear cache for ALL tables!
if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->getTSConfigVal('options.clearCache.all')) {
$title = $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:rm.clearCacheMenu_all', true);
$this->cacheActions[] = array('id' => 'all', 'title' => $title, 'href' => $this->backPath . 'tce_db.php?vC=' . $GLOBALS['BE_USER']->veriCode() . '&cacheCmd=all&ajaxCall=1' . t3lib_BEfunc::getUrlToken('tceAction'), 'icon' => t3lib_iconWorks::getSpriteIcon('actions-system-cache-clear-impact-high'));
}
// Clear cache for either ALL pages
if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->getTSConfigVal('options.clearCache.pages')) {
$title = $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:rm.clearCacheMenu_pages', true);
$this->cacheActions[] = array('id' => 'pages', 'title' => $title, 'href' => $this->backPath . 'tce_db.php?vC=' . $GLOBALS['BE_USER']->veriCode() . '&cacheCmd=pages&ajaxCall=1' . t3lib_BEfunc::getUrlToken('tceAction'), 'icon' => t3lib_iconWorks::getSpriteIcon('actions-system-cache-clear-impact-medium'));
}
// Clearing of cache-files in typo3conf/ + menu
if ($GLOBALS['BE_USER']->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['EXT']['extCache']) {
$title = $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:rm.clearCacheMenu_allTypo3Conf', true);
$this->cacheActions[] = array('id' => 'temp_CACHED', 'title' => $title, 'href' => $this->backPath . 'tce_db.php?vC=' . $GLOBALS['BE_USER']->veriCode() . '&cacheCmd=temp_CACHED&ajaxCall=1' . t3lib_BEfunc::getUrlToken('tceAction'), 'icon' => t3lib_iconWorks::getSpriteIcon('actions-system-cache-clear-impact-low'));
}
// hook for manipulate cacheActions
if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['additionalBackendItems']['cacheActions'])) {
foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['additionalBackendItems']['cacheActions'] as $cacheAction) {
$hookObject = t3lib_div::getUserObj($cacheAction);
if (!$hookObject instanceof backend_cacheActionsHook) {
throw new UnexpectedValueException('$hookObject must implement interface backend_cacheActionsHook', 1228262000);
}
$hookObject->manipulateCacheActions($this->cacheActions, $this->optionValues);
}
}
t3lib_formprotection_Factory::get()->persistTokens();
}
/**
* Adds the ExtDirect code
*
* @param array $filterNamespaces limit the output to defined namespaces. If empty, all namespaces are generated
* @return void
*/
public function addExtDirectCode(array $filterNamespaces = array())
{
if ($this->extDirectCodeAdded) {
return;
}
$this->extDirectCodeAdded = TRUE;
if (count($filterNamespaces) === 0) {
$filterNamespaces = array('TYPO3');
}
// for ExtDirect we need flash message support
$this->addJsFile(t3lib_div::resolveBackPath($this->backPath . '../t3lib/js/extjs/ux/flashmessages.js'));
// add language labels for ExtDirect
if (TYPO3_MODE === 'FE') {
$this->addInlineLanguageLabelArray(array('extDirect_timeoutHeader' => $GLOBALS['TSFE']->sL('LLL:EXT:lang/locallang_misc.xml:extDirect_timeoutHeader'), 'extDirect_timeoutMessage' => $GLOBALS['TSFE']->sL('LLL:EXT:lang/locallang_misc.xml:extDirect_timeoutMessage')));
} else {
$this->addInlineLanguageLabelArray(array('extDirect_timeoutHeader' => $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_misc.xml:extDirect_timeoutHeader'), 'extDirect_timeoutMessage' => $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_misc.xml:extDirect_timeoutMessage')));
}
$token = $api = '';
if (TYPO3_MODE === 'BE') {
$formprotection = t3lib_formprotection_Factory::get();
$token = $formprotection->generateToken('extDirect');
}
/** @var $extDirect t3lib_extjs_ExtDirectApi */
$extDirect = t3lib_div::makeInstance('t3lib_extjs_ExtDirectApi');
$api = $extDirect->getApiPhp($filterNamespaces);
if ($api) {
$this->addJsInlineCode('TYPO3ExtDirectAPI', $api);
}
// Note: we need to iterate thru the object, because the addProvider method
// does this only with multiple arguments
$this->addExtOnReadyCode('
(function() {
TYPO3.ExtDirectToken = "' . $token . '-extDirect";
for (var api in Ext.app.ExtDirectAPI) {
var provider = Ext.Direct.addProvider(Ext.app.ExtDirectAPI[api]);
provider.on("beforecall", function(provider, transaction, meta) {
if (transaction.data) {
transaction.data[transaction.data.length] = TYPO3.ExtDirectToken;
} else {
transaction.data = [TYPO3.ExtDirectToken];
}
});
provider.on("call", function(provider, transaction, meta) {
if (transaction.isForm) {
transaction.params.securityToken = TYPO3.ExtDirectToken;
}
});
}
})();
var extDirectDebug = function(message, header, group) {
var TYPO3ViewportInstance = null;
if (top && top.TYPO3 && typeof top.TYPO3.Backend === "object") {
TYPO3ViewportInstance = top.TYPO3.Backend;
} else if (typeof TYPO3 === "object" && typeof TYPO3.Backend === "object") {
TYPO3ViewportInstance = TYPO3.Backend;
}
if (TYPO3ViewportInstance !== null) {
TYPO3ViewportInstance.DebugConsole.addTab(message, header, group);
} else if (typeof console === "object") {
console.log(message);
} else {
document.write(message);
}
};
Ext.Direct.on("exception", function(event) {
if (event.code === Ext.Direct.exceptions.TRANSPORT && !event.where) {
TYPO3.Flashmessage.display(
TYPO3.Severity.error,
TYPO3.lang.extDirect_timeoutHeader,
TYPO3.lang.extDirect_timeoutMessage,
30
);
} else {
var backtrace = "";
if (event.code === "parse") {
extDirectDebug(
"<p>" + event.xhr.responseText + "<\\/p>",
event.type,
"ExtDirect - Exception"
);
} else if (event.code === "router") {
TYPO3.Flashmessage.display(
TYPO3.Severity.error,
event.code,
event.message,
30
);
} else if (event.where) {
backtrace = "<p style=\\"margin-top: 20px;\\">" +
"<strong>Backtrace:<\\/strong><br \\/>" +
event.where.replace(/#/g, "<br \\/>#") +
"<\\/p>";
extDirectDebug(
"<p>" + event.message + "<\\/p>" + backtrace,
event.method,
"ExtDirect - Exception"
);
}
}
});
Ext.Direct.on("event", function(event, provider) {
if (typeof event.debug !== "undefined" && event.debug !== "") {
extDirectDebug(event.debug, event.method, "ExtDirect - Debug");
}
});
', TRUE);
}
$setupArr = $this->docHandler[$currentDocFromHandlerMD5];
} else {
reset($this->docHandler);
$setupArr = current($this->docHandler);
}
if ($setupArr[2]) {
$sParts = parse_url(t3lib_div::getIndpEnv('REQUEST_URI'));
$retUrl = $sParts['path'] . '?' . $setupArr[2] . '&returnUrl=' . rawurlencode($retUrl);
}
}
t3lib_utility_Http::redirect($retUrl);
}
}
if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/alt_doc.php'])) {
include_once $GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['typo3/alt_doc.php'];
}
// Make instance:
$SOBE = t3lib_div::makeInstance('SC_alt_doc');
// Preprocessing, storing data if submitted to
$SOBE->preInit();
$formprotection = t3lib_formprotection_Factory::get();
if ($SOBE->doProcessData()) {
// Checks, if a save button has been clicked (or the doSave variable is sent)
if ($formprotection->validateToken(t3lib_div::_GP('formToken'), 'editRecord')) {
$SOBE->processData();
}
}
// Main:
$SOBE->init();
$SOBE->main();
$SOBE->printContent();
/**
* Generate new token.
*
* @param string $oldToken
* @return string regenerated Token
*/
protected function generateNewToken($oldToken)
{
list($tokenId, $formName) = explode('-', $oldToken);
return t3lib_formprotection_Factory::get()->generateToken($formName) . '-' . $formName;
}
/**
* Main function of the module. Writes the content to $this->content.
*
* No return value; output is directly written to the page.
*
* @return void
*/
public function main()
{
global $LANG, $BACK_PATH, $BE_USER;
$this->doc = t3lib_div::makeInstance('bigDoc');
$this->doc->backPath = $BACK_PATH;
$this->doc->docType = 'xhtml_strict';
$this->doc->getPageRenderer()->addCssFile('BackEnd.css', 'stylesheet', 'all', '', FALSE);
$this->doc->getPageRenderer()->addCssFile('../Resources/Public/CSS/BackEnd/Print.css', 'stylesheet', 'print', '', FALSE);
// draw the header
$this->content = $this->doc->startPage($LANG->getLL('title'));
$this->content .= $this->doc->header($LANG->getLL('title'));
$this->content .= $this->doc->spacer(5);
if ($this->id <= 0) {
/** @var t3lib_FlashMessage $message */
$message = t3lib_div::makeInstance('t3lib_FlashMessage', $GLOBALS['LANG']->getLL('message_noPageTypeSelected'), '', t3lib_FlashMessage::INFO);
$this->addFlashMessage($message);
echo $this->content . $this->getRenderedFlashMessages() . $this->doc->endPage();
return;
}
$pageAccess = t3lib_BEfunc::readPageAccess($this->id, $this->perms_clause);
if (!is_array($pageAccess) && !$BE_USER->user['admin']) {
echo $this->content . $this->getRenderedFlashMessages() . $this->doc->endPage();
return;
}
if (!$this->hasStaticTemplate()) {
/** @var t3lib_FlashMessage $message */
$message = t3lib_div::makeInstance('t3lib_FlashMessage', $GLOBALS['LANG']->getLL('message_noStaticTemplateFound'), '', t3lib_FlashMessage::WARNING);
$this->addFlashMessage($message);
echo $this->content . $this->getRenderedFlashMessages() . $this->doc->endPage();
return;
}
$this->setPageData($pageAccess);
// JavaScript function called within getDeleteIcon()
$this->doc->JScode = '<script type="text/javascript">function jumpToUrl(URL) {document.location = URL;}</script>';
// define the sub modules that should be available in the tab menu
$this->availableSubModules = array();
// only show the tabs if the back-end user has access to the
// corresponding tables
if ($BE_USER->check('tables_select', 'tx_seminars_seminars')) {
$this->availableSubModules[1] = $LANG->getLL('subModuleTitle_events');
}
if ($BE_USER->check('tables_select', 'tx_seminars_attendances')) {
$this->availableSubModules[2] = $LANG->getLL('subModuleTitle_registrations');
}
if ($BE_USER->check('tables_select', 'tx_seminars_speakers')) {
$this->availableSubModules[3] = $LANG->getLL('subModuleTitle_speakers');
}
if ($BE_USER->check('tables_select', 'tx_seminars_organizers')) {
$this->availableSubModules[4] = $LANG->getLL('subModuleTitle_organizers');
}
// Read the selected sub module (from the tab menu) and make it available within this class.
$this->subModule = (int) t3lib_div::_GET('subModule');
// If $this->subModule is not a key of $this->availableSubModules,
// set it to the key of the first element in $this->availableSubModules
// so the first tab is activated.
if (!array_key_exists($this->subModule, $this->availableSubModules)) {
reset($this->availableSubModules);
$this->subModule = key($this->availableSubModules);
}
// Only generate the tab menu if the current back-end user has the
// rights to show any of the tabs.
if ($this->subModule) {
$moduleToken = t3lib_formprotection_Factory::get()->generateToken('moduleCall', self::MODULE_NAME);
$this->content .= $this->doc->getTabMenu(array('M' => self::MODULE_NAME, 'moduleToken' => $moduleToken, 'id' => $this->id), 'subModule', $this->subModule, $this->availableSubModules);
$this->content .= $this->doc->spacer(5);
}
// Select which sub module to display.
// If no sub module is specified, an empty page will be displayed.
switch ($this->subModule) {
case 2:
/** @var tx_seminars_BackEnd_RegistrationsList $registrationsList */
$registrationsList = t3lib_div::makeInstance('tx_seminars_BackEnd_RegistrationsList', $this);
$this->content .= $registrationsList->show();
break;
case 3:
/** @var tx_seminars_BackEnd_SpeakersList $speakersList */
$speakersList = t3lib_div::makeInstance('tx_seminars_BackEnd_SpeakersList', $this);
$this->content .= $speakersList->show();
break;
case 4:
/** @var tx_seminars_BackEnd_OrganizersList $organizersList */
$organizersList = t3lib_div::makeInstance('tx_seminars_BackEnd_OrganizersList', $this);
$this->content .= $organizersList->show();
break;
case 1:
if ($this->isGeneralEmailFormRequested()) {
$this->content .= $this->getGeneralMailForm();
} elseif ($this->isConfirmEventFormRequested()) {
$this->content .= $this->getConfirmEventMailForm();
} elseif ($this->isCancelEventFormRequested()) {
$this->content .= $this->getCancelEventMailForm();
} else {
/** @var tx_seminars_BackEnd_EventsList $eventsList */
$eventsList = t3lib_div::makeInstance('tx_seminars_BackEnd_EventsList', $this);
$this->content .= $eventsList->show();
}
default:
}
echo $this->content . $this->doc->endPage();
}
/**
* Generates a token and returns a parameter for the URL
*
* @param string $formName Context of the token
* @param string $tokenName The name of the token GET variable
* @return string a URL GET variable including ampersand
*/
public static function getUrlToken($formName = 'securityToken', $tokenName = 'formToken')
{
$formprotection = t3lib_formprotection_Factory::get();
return '&' . $tokenName . '=' . $formprotection->generateToken($formName) . '-' . $formName;
}
/**
* Returns page end; This includes finishing form, div, body and html tags.
*
* @return string The HTML end of a page
* @see startPage()
*/
function endPage()
{
$str = $this->sectionEnd() . $this->postCode . $this->endPageJS() . $this->wrapScriptTags(t3lib_BEfunc::getUpdateSignalCode()) . $this->parseTime() . ($this->form ? '
</form>' : '');
// if something is in buffer like debug, put it to end of page
if (ob_get_contents()) {
$str .= ob_get_clean();
header('Content-Encoding: None');
}
if ($this->docType !== 'xhtml_frames') {
$str .= ($this->divClass ? '
<!-- Wrapping DIV-section for whole page END -->
</div>' : '') . $this->endOfPageJsBlock;
t3lib_formprotection_Factory::get()->persistTokens();
}
// Logging: Can't find better place to put it:
if (TYPO3_DLOG) {
t3lib_div::devLog('END of BACKEND session', 'template', 0, array('_FLUSH' => true));
}
return $str;
}
/**
* Generates a token and returns an input field with it
*
* @param string $formName Context of the token
* @param string $tokenName The name of the token GET/POST variable
* @return string a complete input field
*/
public static function getHiddenTokenField($formName = 'securityToken', $tokenName = 'formToken')
{
$formprotection = t3lib_formprotection_Factory::get();
return '<input type="hidden" name="' . $tokenName . '" value="' . $formprotection->generateToken($formName) . '-' . $formName . '" />';
}
/**
* End page and output content.
*
* @return void
*/
function printContent()
{
if (!$this->ajax) {
$this->content .= $this->doc->endPage();
$this->content = $this->doc->insertStylesAndJS($this->content);
echo $this->content;
} else {
t3lib_formprotection_Factory::get()->persistTokens();
$this->content = $GLOBALS['LANG']->csConvObj->utf8_encode($this->content, $GLOBALS['LANG']->charSet);
t3lib_ajax::outputXMLreply($this->content);
}
}
/**
* Checking, if we should perform some sort of redirection OR closing of windows.
*
* @return void
*/
function checkRedirect()
{
global $BE_USER, $TBE_TEMPLATE;
// Do redirect:
// If a user is logged in AND a) if either the login is just done (commandLI) or b) a loginRefresh is done or c) the interface-selector is NOT enabled (If it is on the other hand, it should not just load an interface, because people has to choose then...)
if ($BE_USER->user['uid'] && ($this->commandLI || $this->loginRefresh || !$this->interfaceSelector)) {
// If no cookie has been set previously we tell people that this is a problem. This assumes that a cookie-setting script (like this one) has been hit at least once prior to this instance.
if (!$_COOKIE[$BE_USER->name]) {
if ($this->commandLI == 'setCookie') {
// we tried it a second time but still no cookie
// 26/4 2005: This does not work anymore, because the saving of challenge values in $_SESSION means the system will act as if the password was wrong.
throw new RuntimeException('Login-error: Yeah, that\'s a classic. No cookies, no TYPO3.<br /><br />Please accept cookies from TYPO3 - otherwise you\'ll not be able to use the system.');
} else {
// try it once again - that might be needed for auto login
$this->redirectToURL = 'index.php?commandLI=setCookie';
}
}
if ($redirectToURL = (string) $BE_USER->getTSConfigVal('auth.BE.redirectToURL')) {
$this->redirectToURL = $redirectToURL;
$this->GPinterface = '';
}
// store interface
$BE_USER->uc['interfaceSetup'] = $this->GPinterface;
$BE_USER->writeUC();
// Based on specific setting of interface we set the redirect script:
switch ($this->GPinterface) {
case 'backend':
case 'backend_old':
$this->redirectToURL = 'backend.php';
break;
case 'frontend':
$this->redirectToURL = '../';
break;
}
// If there is a redirect URL AND if loginRefresh is not set...
if (!$this->loginRefresh) {
t3lib_utility_Http::redirect($this->redirectToURL);
} else {
$formprotection = t3lib_formprotection_Factory::get();
$accessToken = $formprotection->generateToken('refreshTokens');
$formprotection->persistTokens();
$TBE_TEMPLATE->JScode .= $TBE_TEMPLATE->wrapScriptTags('
if (parent.opener && (parent.opener.busy || parent.opener.TYPO3.loginRefresh)) {
if (parent.opener.TYPO3.loginRefresh) {
parent.opener.TYPO3.loginRefresh.startTimer();
} else {
parent.opener.busy.loginRefreshed();
}
parent.opener.TYPO3.loginRefresh.refreshTokens("' . $accessToken . '");
parent.close();
}
');
}
} elseif (!$BE_USER->user['uid'] && $this->commandLI) {
sleep(5);
// Wrong password, wait for 5 seconds
}
}
/**
* Dispatches the incoming calls to methods about the ExtDirect API.
*
* @param aray $ajaxParams ajax parameters
* @param TYPO3AJAX $ajaxObj typo3ajax instance
* @return void
*/
public function route($ajaxParams, TYPO3AJAX $ajaxObj)
{
$GLOBALS['error'] = t3lib_div::makeInstance('t3lib_extjs_ExtDirectDebug');
$isForm = FALSE;
$isUpload = FALSE;
$rawPostData = file_get_contents('php://input');
$postParameters = t3lib_div::_POST();
$namespace = t3lib_div::_GET('namespace');
$response = array();
$request = NULL;
$isValidRequest = TRUE;
if (!empty($postParameters['extAction'])) {
$isForm = TRUE;
$isUpload = $postParameters['extUpload'] === 'true';
$request = new stdClass();
$request->action = $postParameters['extAction'];
$request->method = $postParameters['extMethod'];
$request->tid = $postParameters['extTID'];
unset($_POST['securityToken']);
$request->data = array($_POST + $_FILES);
$request->data[] = $postParameters['securityToken'];
} elseif (!empty($rawPostData)) {
$request = json_decode($rawPostData);
} else {
$response[] = array('type' => 'exception', 'message' => 'Something went wrong with an ExtDirect call!', 'code' => 'router');
$isValidRequest = FALSE;
}
if (!is_array($request)) {
$request = array($request);
}
if ($isValidRequest) {
$validToken = FALSE;
$firstCall = TRUE;
foreach ($request as $index => $singleRequest) {
$response[$index] = array('tid' => $singleRequest->tid, 'action' => $singleRequest->action, 'method' => $singleRequest->method);
$token = array_pop($singleRequest->data);
if ($firstCall) {
$firstCall = FALSE;
$formprotection = t3lib_formprotection_Factory::get();
$validToken = $formprotection->validateToken($token, 'extDirect');
}
try {
if (!$validToken) {
throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
}
$response[$index]['type'] = 'rpc';
$response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
$response[$index]['debug'] = $GLOBALS['error']->toString();
} catch (Exception $exception) {
$response[$index]['type'] = 'exception';
$response[$index]['message'] = $exception->getMessage();
$response[$index]['code'] = 'router';
}
}
}
if ($isForm && $isUpload) {
$ajaxObj->setContentFormat('plain');
$response = json_encode($response);
$response = preg_replace('/"/', '\\"', $response);
$response = array('<html><body><textarea>' . $response . '</textarea></body></html>');
} else {
$ajaxObj->setContentFormat('jsonbody');
}
$ajaxObj->setContent($response);
}
