The class functions as an adapter for the global input arrays ($_GET, $_POST,
$_COOKIE) and safely returns their values. To prevent XSS vulnerabilities,
you should always use the class when reading user input.
Usage:
if (Input::get('action') == 'register')
{
$username = Input::post('username');
$password = Input::post('password');
}
/**
* Run the controller and parse the template
*
* @return Response
*/
public function run()
{
/** @var \BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_preview');
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = specialchars($GLOBALS['TL_LANG']['MSC']['fePreview']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->site = \Input::get('site', true);
$objTemplate->switchHref = \System::getContainer()->get('router')->generate('contao_backend_switch');
if (\Input::get('url')) {
$objTemplate->url = \Environment::get('base') . \Input::get('url');
} elseif (\Input::get('page')) {
$objTemplate->url = $this->redirectToFrontendPage(\Input::get('page'), \Input::get('article'), true);
} else {
$objTemplate->url = \System::getContainer()->get('router')->generate('contao_root', [], UrlGeneratorInterface::ABSOLUTE_URL);
}
// Switch to a particular member (see #6546)
if (\Input::get('user') && $this->User->isAdmin) {
$objUser = \MemberModel::findByUsername(\Input::get('user'));
if ($objUser !== null) {
$strHash = $this->getSessionHash('FE_USER_AUTH');
// Remove old sessions
$this->Database->prepare("DELETE FROM tl_session WHERE tstamp<? OR hash=?")->execute(time() - \Config::get('sessionTimeout'), $strHash);
// Insert the new session
$this->Database->prepare("INSERT INTO tl_session (pid, tstamp, name, sessionID, ip, hash) VALUES (?, ?, ?, ?, ?, ?)")->execute($objUser->id, time(), 'FE_USER_AUTH', \System::getContainer()->get('session')->getId(), \Environment::get('ip'), $strHash);
// Set the cookie
$this->setCookie('FE_USER_AUTH', $strHash, time() + \Config::get('sessionTimeout'), null, null, false, true);
$objTemplate->user = \Input::post('user');
}
}
return $objTemplate->getResponse();
}
/**
* Redirect to the content page when trying to access the content node.
*
* This fixes the edit links on the header.
*
* @return void
*/
public function redirect()
{
if ($this->input->get('table') === 'tl_content_node') {
$model = \ContentModel::findByPk($this->input->get('id'));
if (!$model) {
\Controller::log(sprintf('Content node "%s" not found', $this->input->get('id')), __METHOD__, TL_ERROR);
\Controller::redirect('contao/main.php?act=error');
}
$nodes = $model->ptable === 'tl_content_node' ? '1' : '';
$url = \Backend::addToUrl('table=tl_content&nodes=' . $nodes);
\Controller::redirect($url);
}
}
/**
* Run the controller and parse the login template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_login');
$strHeadline = sprintf($GLOBALS['TL_LANG']['MSC']['loginTo'], \Config::get('websiteTitle'));
$objTemplate->theme = \Backend::getTheme();
$objTemplate->messages = \Message::generate();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->languages = \System::getLanguages(true);
$objTemplate->title = \StringUtil::specialchars($strHeadline);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->userLanguage = $GLOBALS['TL_LANG']['tl_user']['language'][0];
$objTemplate->headline = $strHeadline;
$objTemplate->curLanguage = \Input::post('language') ?: str_replace('-', '_', $GLOBALS['TL_LANGUAGE']);
$objTemplate->curUsername = \Input::post('username') ?: '';
$objTemplate->uClass = $_POST && empty($_POST['username']) ? ' class="login_error"' : '';
$objTemplate->pClass = $_POST && empty($_POST['password']) ? ' class="login_error"' : '';
$objTemplate->loginButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['loginBT']);
$objTemplate->username = $GLOBALS['TL_LANG']['tl_user']['username'][0];
$objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$objTemplate->feLink = $GLOBALS['TL_LANG']['MSC']['feLink'];
$objTemplate->default = $GLOBALS['TL_LANG']['MSC']['default'];
$objTemplate->jsDisabled = $GLOBALS['TL_LANG']['MSC']['jsDisabled'];
return $objTemplate->getResponse();
}
/**
* @param $id
* @param \Contao\DataContainer $dca
*/
public function onCopyAddFView($id, \Contao\DataContainer $dca)
{
$view = \Contao\Input::get('view');
if ($id && $view) {
$this->Database->prepare('UPDATE tl_content SET fview = ? WHERE id = ? LIMIT 1')->execute($view, $id);
}
}
/**
* F Module Ajax Api
* More: http://fmodul.alexandernaumov.de/ressourcen.html
*/
public function getAjaxResponse()
{
$action = Input::get('do');
if ($action) {
switch ($action) {
case 'getEntities':
$this->getEntities();
break;
case 'getDetail':
$this->getDetail();
break;
case 'getAutoCompletion':
$this->getAutoCompletion();
break;
default:
$this->getDefault();
break;
}
} else {
header('HTTP/1.1 500 Internal Server');
header('Content-Type: application/json; charset=UTF-8');
echo json_encode(array("No method defined"));
exit;
}
}
/**
* @param $intId
* @param $blnVisible
* @param DataContainer|null $dc
*/
public function toggleVisibility($intId, $blnVisible, DataContainer $dc = null)
{
// Set the ID and action
Input::setGet('id', $intId);
Input::setGet('act', 'toggle');
if ($dc) {
$dc->id = $intId;
// see #8043
}
// Check the field access
if (!$this->User->hasAccess('tl_api_client::disable', 'alexf')) {
throw new AccessDeniedException('Not enough permissions to activate/deactivate member ID ' . $intId . '.');
}
$objVersions = new Versions('tl_api_client', $intId);
$objVersions->initialize();
// Trigger the save_callback
if (is_array($GLOBALS['TL_DCA']['tl_api_client']['fields']['disable']['save_callback'])) {
foreach ($GLOBALS['TL_DCA']['tl_api_client']['fields']['disable']['save_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$blnVisible = $this->{$callback[0]}->{$callback[1]}($blnVisible, $dc ?: $this);
} elseif (is_callable($callback)) {
$blnVisible = $callback($blnVisible, $dc ?: $this);
}
}
}
$time = time();
// Update the database
$this->Database->prepare("UPDATE tl_api_client SET tstamp={$time}, disable='" . ($blnVisible ? '' : 1) . "' WHERE id=?")->execute($intId);
$objVersions->create();
$this->log('A new version of record "tl_api_client.id=' . $intId . '" has been created' . $this->getParentEntries('tl_api_client', $intId), __METHOD__, TL_GENERAL);
}
/**
* Remove the recipient
*/
protected function removeSubscriber()
{
$varInput = Idna::encodeEmail(Input::get('email', true));
// Validate e-mail address
if (!Validator::isEmail($varInput)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
$this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
}
$objCleverReach = new CleverReach();
switch ($this->clr_unsubscribe) {
case 'inactive':
foreach ($this->clr_groups as $strGroupId) {
$objCleverReach->receiverSetInactive($varInput, $strGroupId);
}
break;
case 'delete':
foreach ($this->clr_groups as $strGroupId) {
$objCleverReach->receiverDelete($varInput, $strGroupId);
}
break;
case 'email':
default:
$objCleverReach->sendUnsubscribeMail($varInput, $this->clr_form);
break;
}
$this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
}
/**
* Generate the module
*
* @return string
*/
public function run()
{
$arrJobs = array();
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_purge_data');
$objTemplate->isActive = $this->isActive();
$objTemplate->message = \Message::generateUnwrapped();
// Run the jobs
if (\Input::post('FORM_SUBMIT') == 'tl_purge') {
$purge = \Input::post('purge');
if (!empty($purge) && is_array($purge)) {
foreach ($purge as $group => $jobs) {
foreach ($jobs as $job) {
list($class, $method) = $GLOBALS['TL_PURGE'][$group][$job]['callback'];
$this->import($class);
$this->{$class}->{$method}();
}
}
}
\Message::addConfirmation($GLOBALS['TL_LANG']['tl_maintenance']['cacheCleared']);
$this->reload();
}
// Tables
foreach ($GLOBALS['TL_PURGE']['tables'] as $key => $config) {
$arrJobs[$key] = array('id' => 'purge_' . $key, 'title' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][0], 'description' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][1], 'group' => 'tables', 'affected' => '');
// Get the current table size
foreach ($config['affected'] as $table) {
$objCount = $this->Database->execute("SELECT COUNT(*) AS count FROM " . $table);
$arrJobs[$key]['affected'] .= '<br>' . $table . ': <span>' . sprintf($GLOBALS['TL_LANG']['MSC']['entries'], $objCount->count) . ', ' . $this->getReadableSize($this->Database->getSizeOf($table), 0) . '</span>';
}
}
$strCachePath = str_replace(TL_ROOT . DIRECTORY_SEPARATOR, '', \System::getContainer()->getParameter('kernel.cache_dir'));
// Folders
foreach ($GLOBALS['TL_PURGE']['folders'] as $key => $config) {
$arrJobs[$key] = array('id' => 'purge_' . $key, 'title' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][0], 'description' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][1], 'group' => 'folders', 'affected' => '');
// Get the current folder size
foreach ($config['affected'] as $folder) {
$total = 0;
$folder = sprintf($folder, $strCachePath);
// Only check existing folders
if (is_dir(TL_ROOT . '/' . $folder)) {
$objFiles = Finder::create()->in(TL_ROOT . '/' . $folder)->files();
$total = iterator_count($objFiles);
}
$arrJobs[$key]['affected'] .= '<br>' . $folder . ': <span>' . sprintf($GLOBALS['TL_LANG']['MSC']['files'], $total) . '</span>';
}
}
// Custom
foreach ($GLOBALS['TL_PURGE']['custom'] as $key => $job) {
$arrJobs[$key] = array('id' => 'purge_' . $key, 'title' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][0], 'description' => $GLOBALS['TL_LANG']['tl_maintenance_jobs'][$key][1], 'group' => 'custom');
}
$objTemplate->jobs = $arrJobs;
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->headline = $GLOBALS['TL_LANG']['tl_maintenance']['clearCache'];
$objTemplate->job = $GLOBALS['TL_LANG']['tl_maintenance']['job'];
$objTemplate->description = $GLOBALS['TL_LANG']['tl_maintenance']['description'];
$objTemplate->submit = \StringUtil::specialchars($GLOBALS['TL_LANG']['tl_maintenance']['clearCache']);
$objTemplate->help = \Config::get('showHelp') && $GLOBALS['TL_LANG']['tl_maintenance']['cacheTables'][1] != '' ? $GLOBALS['TL_LANG']['tl_maintenance']['cacheTables'][1] : '';
return $objTemplate->parse();
}
/**
* Generate the module
*/
protected function compile()
{
/** @var PageModel $objPage */
global $objPage;
$this->Template->content = '';
$this->Template->referer = 'javascript:history.go(-1)';
$this->Template->back = $GLOBALS['TL_LANG']['MSC']['goBack'];
$objNewsletter = \NewsletterModel::findSentByParentAndIdOrAlias(\Input::get('items'), $this->nl_channels);
if (null === $objNewsletter) {
throw new PageNotFoundException('Page not found: ' . \Environment::get('uri'));
}
// Overwrite the page title (see #2853 and #4955)
if ($objNewsletter->subject != '') {
$objPage->pageTitle = strip_tags(\StringUtil::stripInsertTags($objNewsletter->subject));
}
// Add enclosure
if ($objNewsletter->addFile) {
$this->addEnclosuresToTemplate($this->Template, $objNewsletter->row(), 'files');
}
// Support plain text newsletters (thanks to Hagen Klemp)
if ($objNewsletter->sendText) {
$strContent = nl2br_html5($objNewsletter->text);
} else {
$strContent = str_ireplace(' align="center"', '', $objNewsletter->content);
}
// Parse simple tokens and insert tags
$strContent = $this->replaceInsertTags($strContent);
$strContent = \StringUtil::parseSimpleTokens($strContent, array());
// Encode e-mail addresses
$strContent = \StringUtil::encodeEmail($strContent);
$this->Template->content = $strContent;
$this->Template->subject = $objNewsletter->subject;
}
/**
* Generate the module
*/
protected function compile()
{
$this->import('FrontendUser', 'User');
// Initialize the password widget
$arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true));
$objWidget = new \FormTextField(\FormTextField::getAttributesFromDca($arrField, $arrField['name']));
$objWidget->rowClass = 'row_0 row_first even';
$strFormId = 'tl_close_account_' . $this->id;
// Validate widget
if (\Input::post('FORM_SUBMIT') == $strFormId) {
$objWidget->validate();
// Validate the password
if (!$objWidget->hasErrors()) {
// The password has been generated with crypt()
if (\Encryption::test($this->User->password)) {
$blnAuthenticated = \Encryption::verify($objWidget->value, $this->User->password);
} else {
list($strPassword, $strSalt) = explode(':', $this->User->password);
$blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value);
}
if (!$blnAuthenticated) {
$objWidget->value = '';
$objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']);
}
}
// Close account
if (!$objWidget->hasErrors()) {
// HOOK: send account ID
if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) {
foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($this->User->id, $this->reg_close, $this);
}
}
$objMember = \MemberModel::findByPk($this->User->id);
// Remove the account
if ($this->reg_close == 'close_delete') {
$objMember->delete();
$this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deleted', __METHOD__, TL_ACCESS);
} else {
$objMember->disable = 1;
$objMember->tstamp = time();
$objMember->save();
$this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deactivated', __METHOD__, TL_ACCESS);
}
$this->User->logout();
// Check whether there is a jumpTo page
if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
$this->jumpToOrReload($objJumpTo->row());
}
$this->reload();
}
}
$this->Template->fields = $objWidget->parse();
$this->Template->formId = $strFormId;
$this->Template->action = \Environment::get('indexFreeRequest');
$this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']);
$this->Template->rowLast = 'row_1 row_last odd';
}
public function executePreActions($strAction, DataContainer $dc)
{
if ($strAction === 'boxSystemChange') {
$elementId = Input::post('id');
$boxSystemId = Input::post('boxSystemId');
$this->Database->prepare("UPDATE tl_content SET tstamp=" . time() . ", boxSystem='" . $boxSystemId . "' WHERE id=?")->execute($elementId);
}
}
/**
* Generate the message filter
*
* @return string
*/
public function generateMessageFilter()
{
if (Input::post('FORM_SUBMIT') === 'tl_filters' && Input::post($this->filterName, true) !== 'tl_' . $this->filterName) {
$session = Session::getInstance()->getData();
$session['seo_serp_expand_tree'] = 'tl_page';
Session::getInstance()->setData($session);
}
return parent::generateMessageFilter();
}
public function checkAccess()
{
$this->import('Input');
// If no access
if (Input::get('id') != '' && Input::get('id') != null && in_array(Input::get('id'), $this->filterFields(true))) {
$this->log('No access on secure access data ID "' . Input::get('id') . '"', 'tl_secure_accessdata __construct', TL_ERROR);
$this->redirect('main.php?act=error');
}
}
public function getAllEvents($arrEvents, $arrCalendars, $intStart, $intEnd, \Contao\Module $objModule)
{
// FIXME it's possible to filter a list for categories, it doesn't allow by its configuration
$result = array();
$modCats = deserialize($objModule->event_categories, true);
$hasCatCfg = is_array($modCats) && count($modCats) > 0;
$filterParam_ar = array('category');
$objFilterMod = Database::getInstance()->prepare("SELECT mae_event_catname FROM tl_module WHERE mae_event_catname != '' AND type='mae_event_filter' AND mae_event_list=?")->execute($objModule->id);
while ($objFilterMod->fetchAssoc()) {
$filterParam_ar[] = $objFilterMod->mae_event_catname;
}
foreach ($filterParam_ar as $paramName) {
$filterCat = Input::get($paramName);
if (!empty($filterCat) && $filterCat != "all") {
if (!is_numeric($filterCat)) {
$objCat = Database::getInstance()->prepare("SELECT id FROM tl_mae_event_cat WHERE alias=?")->execute($filterCat);
if ($objCat->numRows == 1) {
$filterCat = $objCat->id;
}
}
if ($hasCatCfg) {
$modCats = array($filterCat);
$hasCatCfg = false;
} else {
$modCats[] = $filterCat;
}
}
// have filter value
}
// each possible category url parameter
if (is_array($arrEvents) && count($arrEvents) > 0 && count($modCats) > 0) {
foreach ($arrEvents as $day => $times) {
foreach ($times as $time => $events) {
foreach ($events as $event) {
$evtCats = unserialize($event['categories']);
if (!is_array($evtCats)) {
$evtCats = array();
}
foreach ($modCats as $modCat) {
if (in_array($modCat, $evtCats)) {
$result[$day][$time][] = $event;
break;
}
}
// compare categories module <=> event
}
// event
}
// times
}
// days
} else {
$result = $arrEvents;
}
// if no category filter set
return $result;
}
/**
* Redirect to an internal page
*
* @param \PageModel $objPage
*/
public function generate($objPage)
{
// Forward to the jumpTo or first published page
if ($objPage->jumpTo) {
/** @var \PageModel $objNextPage */
$objNextPage = $objPage->getRelated('jumpTo');
} else {
$objNextPage = \PageModel::findFirstPublishedRegularByPid($objPage->id);
}
// Forward page does not exist
if ($objNextPage === null) {
$this->log('Forward page ID "' . $objPage->jumpTo . '" does not exist', __METHOD__, TL_ERROR);
throw new ForwardPageNotFoundException('Forward page not found');
}
$strForceLang = null;
// Check the target page language (see #4706)
if (\Config::get('addLanguageToUrl')) {
$objNextPage->loadDetails();
// see #3983
$strForceLang = $objNextPage->language;
}
$strGet = '';
$strQuery = \Environment::get('queryString');
$arrQuery = array();
// Extract the query string keys (see #5867)
if ($strQuery != '') {
$arrChunks = explode('&', $strQuery);
foreach ($arrChunks as $strChunk) {
list($k, ) = explode('=', $strChunk, 2);
$arrQuery[] = $k;
}
}
// Add $_GET parameters
if (!empty($_GET)) {
foreach (array_keys($_GET) as $key) {
if (\Config::get('addLanguageToUrl') && $key == 'language') {
continue;
}
// Ignore the query string parameters (see #5867)
if (in_array($key, $arrQuery)) {
continue;
}
// Ignore the auto_item parameter (see #5886)
if ($key == 'auto_item') {
$strGet .= '/' . \Input::get($key);
} else {
$strGet .= '/' . $key . '/' . \Input::get($key);
}
}
}
// Append the query string (see #5867)
if ($strQuery != '') {
$strQuery = '?' . $strQuery;
}
$this->redirect($this->generateFrontendUrl($objNextPage->row(), $strGet, $strForceLang) . $strQuery, $objPage->redirect == 'temporary' ? 302 : 301);
}
/**
* Generate the module
*/
protected function compile()
{
$limit = null;
$offset = intval($this->skipFirst);
// Maximum number of items
if ($this->numberOfItems > 0) {
$limit = $this->numberOfItems;
}
// Handle featured news
if ($this->news_featured == 'featured') {
$blnFeatured = true;
} elseif ($this->news_featured == 'unfeatured') {
$blnFeatured = false;
} else {
$blnFeatured = null;
}
$this->Template->articles = array();
$this->Template->empty = $GLOBALS['TL_LANG']['MSC']['emptyList'];
// Get the total number of items
$intTotal = $this->countItems($this->news_archives, $blnFeatured);
if ($intTotal < 1) {
return;
}
$total = $intTotal - $offset;
// Split the results
if ($this->perPage > 0 && (!isset($limit) || $this->numberOfItems > $this->perPage)) {
// Adjust the overall limit
if (isset($limit)) {
$total = min($limit, $total);
}
// Get the current page
$id = 'page_n' . $this->id;
$page = \Input::get($id) !== null ? \Input::get($id) : 1;
// Do not index or cache the page if the page number is outside the range
if ($page < 1 || $page > max(ceil($total / $this->perPage), 1)) {
throw new PageNotFoundException('Page not found');
}
// Set limit and offset
$limit = $this->perPage;
$offset += (max($page, 1) - 1) * $this->perPage;
$skip = intval($this->skipFirst);
// Overall limit
if ($offset + $limit > $total + $skip) {
$limit = $total + $skip - $offset;
}
// Add the pagination menu
$objPagination = new \Pagination($total, $this->perPage, \Config::get('maxPaginationLinks'), $id);
$this->Template->pagination = $objPagination->generate("\n ");
}
$objArticles = $this->fetchItems($this->news_archives, $blnFeatured, $limit ?: 0, $offset);
// Add the articles
if ($objArticles !== null) {
$this->Template->articles = $this->parseArticles($objArticles);
}
$this->Template->archives = $this->news_archives;
}
/**
* Generate the widget and return it as string
*
* @return string
*/
public function generate()
{
$arrOptions = array();
if (!$this->multiple && count($this->arrOptions) > 1) {
$this->arrOptions = array($this->arrOptions[0]);
}
// The "required" attribute only makes sense for single checkboxes
if ($this->mandatory && !$this->multiple) {
$this->arrAttributes['required'] = 'required';
}
/** @var AttributeBagInterface $objSessionBag */
$objSessionBag = \System::getContainer()->get('session')->getBag('contao_backend');
$state = $objSessionBag->get('checkbox_groups');
// Toggle the checkbox group
if (\Input::get('cbc')) {
$state[\Input::get('cbc')] = isset($state[\Input::get('cbc')]) && $state[\Input::get('cbc')] == 1 ? 0 : 1;
$objSessionBag->set('checkbox_groups', $state);
$this->redirect(preg_replace('/(&(amp;)?|\\?)cbc=[^& ]*/i', '', \Environment::get('request')));
}
$blnFirst = true;
$blnCheckAll = true;
foreach ($this->arrOptions as $i => $arrOption) {
// Single dimension array
if (is_numeric($i)) {
$arrOptions[] = $this->generateCheckbox($arrOption, $i);
continue;
}
$id = 'cbc_' . $this->strId . '_' . \StringUtil::standardize($i);
$img = 'folPlus.svg';
$display = 'none';
if (!isset($state[$id]) || !empty($state[$id])) {
$img = 'folMinus.svg';
$display = 'block';
}
$arrOptions[] = '<div class="checkbox_toggler' . ($blnFirst ? '_first' : '') . '"><a href="' . $this->addToUrl('cbc=' . $id) . '" onclick="AjaxRequest.toggleCheckboxGroup(this,\'' . $id . '\');Backend.getScrollOffset();return false">' . \Image::getHtml($img) . '</a>' . $i . '</div><fieldset id="' . $id . '" class="tl_checkbox_container checkbox_options" style="display:' . $display . '"><input type="checkbox" id="check_all_' . $id . '" class="tl_checkbox" onclick="Backend.toggleCheckboxGroup(this, \'' . $id . '\')"> <label for="check_all_' . $id . '" style="color:#a6a6a6"><em>' . $GLOBALS['TL_LANG']['MSC']['selectAll'] . '</em></label>';
// Multidimensional array
foreach ($arrOption as $k => $v) {
$arrOptions[] = $this->generateCheckbox($v, standardize($i) . '_' . $k);
}
$arrOptions[] = '</fieldset>';
$blnFirst = false;
$blnCheckAll = false;
}
// Add a "no entries found" message if there are no options
if (empty($arrOptions)) {
$arrOptions[] = '<p class="tl_noopt">' . $GLOBALS['TL_LANG']['MSC']['noResult'] . '</p>';
$blnCheckAll = false;
}
if ($this->multiple) {
return sprintf('<fieldset id="ctrl_%s" class="tl_checkbox_container%s"><legend>%s%s%s%s</legend><input type="hidden" name="%s" value="">%s%s</fieldset>%s', $this->strId, $this->strClass != '' ? ' ' . $this->strClass : '', $this->mandatory ? '<span class="invisible">' . $GLOBALS['TL_LANG']['MSC']['mandatory'] . ' </span>' : '', $this->strLabel, $this->mandatory ? '<span class="mandatory">*</span>' : '', $this->xlabel, $this->strName, $blnCheckAll ? '<input type="checkbox" id="check_all_' . $this->strId . '" class="tl_checkbox" onclick="Backend.toggleCheckboxGroup(this,\'ctrl_' . $this->strId . '\')' . ($this->onclick ? ';' . $this->onclick : '') . '"> <label for="check_all_' . $this->strId . '" style="color:#a6a6a6"><em>' . $GLOBALS['TL_LANG']['MSC']['selectAll'] . '</em></label><br>' : '', str_replace('<br></fieldset><br>', '</fieldset>', implode('<br>', $arrOptions)), $this->wizard);
} else {
return sprintf('<div id="ctrl_%s" class="tl_checkbox_single_container%s"><input type="hidden" name="%s" value="">%s</div>%s', $this->strId, $this->strClass != '' ? ' ' . $this->strClass : '', $this->strName, str_replace('<br></div><br>', '</div>', implode('<br>', $arrOptions)), $this->wizard);
}
}
/**
* Append all current palettes with the device-condition field.
*
* @param string $table The current table.
*
* @return void
*
* @SuppressWarnings(PHPMD.Superglobals)
*/
public function appendPalettes($table)
{
if (!is_array($GLOBALS['TL_DCA'][$table]['palettes']) || (!Input::get('do') == 'article' || !Input::get('do') == 'postmanager' || Input::get('task') == 'indexmanager')) {
return;
}
foreach (array_keys($GLOBALS['TL_DCA'][$table]['palettes']) as $palette) {
if ($palette != '__selector__') {
$GLOBALS['TL_DCA'][$table]['palettes'][$palette] .= ';{device_condition_legend},device_condition';
}
}
}
/**
* Tests the getPost() method.
*
* @dataProvider postProvider
*/
public function testGetPost($key, $input, $value, $expected)
{
$widget = $this->getMock('Contao\\Widget');
$class = new \ReflectionClass('Contao\\Widget');
$method = $class->getMethod('getPost');
$method->setAccessible(true);
$_POST[$input] = $value;
Input::resetCache();
Input::initialize();
$this->assertEquals($expected, $method->invoke($widget, $key));
}
/**
* Run the controller and parse the password template
*
* @return Response
*/
public function run()
{
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_password');
if (\Input::post('FORM_SUBMIT') == 'tl_password') {
$pw = \Input::postUnsafeRaw('password');
$cnf = \Input::postUnsafeRaw('confirm');
// The passwords do not match
if ($pw != $cnf) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']);
} elseif (Utf8::strlen($pw) < \Config::get('minPasswordLength')) {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength')));
} elseif ($pw == $this->User->username) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']);
} else {
// Make sure the password has been changed
if (\Encryption::verify($pw, $this->User->password)) {
\Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']);
} else {
$this->loadDataContainer('tl_user');
// Trigger the save_callback
if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'])) {
foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$pw = $this->{$callback[0]}->{$callback[1]}($pw);
} elseif (is_callable($callback)) {
$pw = $callback($pw);
}
}
}
$objUser = \UserModel::findByPk($this->User->id);
$objUser->pwChange = '';
$objUser->password = \Encryption::hash($pw);
$objUser->save();
\Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']);
$this->redirect('contao/main.php');
}
}
$this->reload();
}
$objTemplate->theme = \Backend::getTheme();
$objTemplate->messages = \Message::generate();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pw_change'];
$objTemplate->submitButton = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['continue']);
$objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0];
$objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0];
return $objTemplate->getResponse();
}
/**
* Run the controller
*
* @return RedirectResponse
*/
public function run()
{
switch (\Input::get('p')) {
case 'facebook':
return new RedirectResponse('https://www.facebook.com/sharer/sharer.php' . '?u=' . rawurlencode(\Input::get('u', true)));
case 'twitter':
return new RedirectResponse('https://twitter.com/intent/tweet' . '?url=' . rawurlencode(\Input::get('u', true)) . '&text=' . rawurlencode(\Input::get('t', true)));
case 'gplus':
return new RedirectResponse('https://plus.google.com/share' . '?url=' . rawurlencode(\Input::get('u', true)));
}
return new RedirectResponse('../');
}
/**
* Restrict the content elements.
*
* @param int $contentId The id of the current content element.
* @param Node $node The node type.
*
* @return void
* @throws AccessDeniedException When an invalid content element type is accessed.
*
* @SuppressWarnings(PHPMD.Superglobals)
*/
public function restrict($contentId, Node $node = null)
{
$nodeType = $node ? $node->getName() : null;
$allowedElements = $this->registry->filterContentElements($GLOBALS['TL_CTE'], $nodeType);
if (empty($allowedElements)) {
$this->closeDataContainer();
} elseif (!in_array($this->definition->get('fields/type/default'), $allowedElements)) {
$this->setDefaults($allowedElements);
}
if ($this->input->get('act') != '' && $this->input->get('act') !== 'select') {
$GLOBALS['TL_CTE'] = $allowedElements;
$this->restrictIds($allowedElements, $contentId);
}
}
/**
* Tests the getPost() method.
*
* @param string $key
* @param string $input
* @param mixed $value
* @param string $expected
*
* @dataProvider postProvider
*/
public function testGetPost($key, $input, $value, $expected)
{
// Prevent "undefined index" errors
$errorReporting = error_reporting();
error_reporting($errorReporting & ~E_NOTICE);
$widget = $this->getMock('Contao\\Widget');
$class = new \ReflectionClass('Contao\\Widget');
$method = $class->getMethod('getPost');
$method->setAccessible(true);
$_POST[$input] = $value;
Input::resetCache();
Input::initialize();
$this->assertEquals($expected, $method->invoke($widget, $key));
// Restore the error reporting level
error_reporting($errorReporting);
}
/**
* Generate the widget and return it as string
*
* @return string
*/
public function generate()
{
$action = Input::get('actionPSTag');
$tags = Input::get('ps_tags');
$requestUri = Environment::get('requestUri');
$requestUri = Helper::removeRequestTokenFromUri($requestUri);
if ($action && $action == 'updateTags') {
$this->updateTags($tags);
}
if ($action && $action == 'removeTags') {
$this->removeTags($tags);
}
$GLOBALS['TL_JAVASCRIPT'][] = $GLOBALS['PS_PUBLIC_PATH'] . 'vendor/mootagify.js|static';
$GLOBALS['TL_CSS'][] = $GLOBALS['PS_PUBLIC_PATH'] . 'css/mootagify-bootstrap.css|static';
$GLOBALS['TL_CSS'][] = $GLOBALS['PS_PUBLIC_PATH'] . 'css/mootagify.css|static';
$options = $this->options ? $this->options : array();
$script = sprintf('<script>' . 'window.addEvent("domready", function(){
var tagify = new mooTagify(document.id("tagWrap_%s"), null ,{
autoSuggest: true,
availableOptions: ' . json_encode($options) . '
});
tagify.addEvent("tagsUpdate", function(){
var tags = tagify.getTags();
document.id("ctrl_%s").set("value", tags.join());
new Request({url: "%s&actionPSTag=updateTags"}).get({"ps_tags": tags, "rt": Contao.request_token });
});
tagify.addEvent("tagRemove", function(tag){
var tags = tagify.getTags()
var deleted = tag;
document.id("ctrl_%s").set("value", tags.join());
new Request({url: "%s&actionPSTag=removeTags"}).get({ "ps_tags": deleted, "rt": Contao.request_token });
});
});' . '</script>', $this->strId, $this->strId, $requestUri, $this->strId, $requestUri);
return sprintf('<input type="hidden" id="ctrl_%s" name="%s" value="%s"><div id="tagWrap_%s" class="hide"> <div class="tag-wrapper"></div> <div class="tag-input"> <input type="text" id="listTags" class="tl_text" name="listTags" value="%s" placeholder="%s"> </div> <div class="clear"></div></div>' . $script . '', $this->strId, $this->strName, specialchars($this->varValue), $this->strId, specialchars($this->varValue), $GLOBALS['TL_LANG']['MSC']['TagTextField']['tag']);
}
protected function compile()
{
global $objPage;
// Get the current event
$objEvent = CalendarEventsModel::findPublishedByParentAndIdOrAlias(Input::get('events'), $this->cal_calendar);
if ($objEvent === null) {
parent::compile();
}
$objPage->canonicalType = $objEvent->canonicalType;
$objPage->canonicalJumpTo = $objEvent->canonicalJumpTo;
$objPage->canonicalWebsite = $objEvent->canonicalWebsite;
if ($objEvent->canonicalType == 'self') {
$objPage->canonicalType = 'external';
$objPage->canonicalWebsite = Environment::get('url') . TL_PATH . '/' . Environment::get('request');
}
parent::compile();
}
protected function compile()
{
global $objPage;
// Get the current news item
$objNewsItem = NewsModel::findPublishedByParentAndIdOrAlias(Input::get('items'), $this->news_archives);
if ($objNewsItem === null) {
parent::compile();
}
$objPage->canonicalType = $objNewsItem->canonicalType;
$objPage->canonicalJumpTo = $objNewsItem->canonicalJumpTo;
$objPage->canonicalWebsite = $objNewsItem->canonicalWebsite;
if ($objNewsItem->canonicalType == 'self') {
$objPage->canonicalType = 'external';
$objPage->canonicalWebsite = Environment::get('url') . TL_PATH . '/' . Environment::get('request');
}
parent::compile();
}
/**
* Redirect to the selected page
*
* @return string
*/
public function generate()
{
if (TL_MODE == 'BE') {
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_wildcard');
$objTemplate->wildcard = '### ' . Utf8::strtoupper($GLOBALS['TL_LANG']['FMD']['quicknav'][0]) . ' ###';
$objTemplate->title = $this->headline;
$objTemplate->id = $this->id;
$objTemplate->link = $this->name;
$objTemplate->href = 'contao/main.php?do=themes&table=tl_module&act=edit&id=' . $this->id;
return $objTemplate->parse();
}
if (\Input::post('FORM_SUBMIT') == 'tl_quicknav_' . $this->id) {
$this->redirect(\Input::post('target', true));
}
return parent::generate();
}
/**
* Generate the module
*
* @throws \Exception
*/
protected function compile()
{
if (Input::get($this->redirectParamName)) {
$this->redirectToModule(Input::get($this->redirectParamName, true));
}
System::loadLanguageFile('seo_serp_module');
$this->Template->backHref = System::getReferer(true);
$modules = $this->getModules();
if (count($modules) > 0) {
$GLOBALS['TL_CSS'][] = 'system/modules/seo_serp_preview/assets/css/module.min.css';
$GLOBALS['TL_CSS'][] = 'system/modules/seo_serp_preview/assets/css/tests.min.css';
$this->Template->modules = $this->generateModules($modules);
}
// Rebuild the cache in status manager
$statusManager = new StatusManager();
$statusManager->rebuildCache();
}
/**
* Generate the widget and return it as string
*
* @return string
*/
public function generate()
{
if (!is_array($this->varValue)) {
$this->varValue = [];
}
$options = [];
// Generate the options
foreach ((array) $this->options as $option) {
$linkId = sprintf('ctrl_%s_%s_%s_%s_link', $this->objDca->field, $this->objDca->id, $this->strId, $option['value']);
$reference = $GLOBALS['TL_DCA'][$this->objDca->table]['fields'][$this->objDca->field]['reference'][$option['value']];
$options[] = ['type' => ['label' => $option['label'], 'hint' => is_array($reference) ? $reference[1] : ''], 'picker' => ['tag' => $linkId, 'url' => sprintf('contao/page.php?do=%s&table=%s&field=%s&value=%s', Input::get('do'), $this->objDca->table, $this->objDca->field, str_replace(['{{link_url::', '}}'], '', $this->varValue[$option['value']]['link']))], 'link' => ['id' => $linkId, 'name' => sprintf('%s[%s][link]', $this->strId, $option['value']), 'value' => $this->varValue[$option['value']]['link']], 'title' => ['name' => sprintf('%s[%s][title]', $this->strId, $option['value']), 'value' => $this->varValue[$option['value']]['title']]];
}
$template = new BackendTemplate('be_cfg_link_registry_widget');
$template->options = $options;
$template->field = $this->objDca->field;
$template->picker = ['id' => $this->objDca->field, 'title' => str_replace("'", "\\'", $GLOBALS['TL_LANG']['MOD']['page'][0]), 'image' => Image::getHtml('pickpage.gif', $GLOBALS['TL_LANG']['MSC']['pagepicker'], 'style="vertical-align:top;cursor:pointer"')];
return $template->parse();
}
/**
* Run the controller and parse the template
*/
public function run()
{
$template = new BackendTemplate('be_main');
$template->main = '';
// Ajax request
if ($_POST && Environment::get('isAjaxRequest')) {
$this->objAjax = new Ajax(Input::post('action'));
$this->objAjax->executePreActions();
}
$strTable = Input::get('table');
$strField = Input::get('field');
// Define the current ID
define('CURRENT_ID', Input::get('table') ? $this->Session->get('CURRENT_ID') : Input::get('id'));
Controller::loadDataContainer($strTable);
$strDriver = 'DC_' . $GLOBALS['TL_DCA'][$strTable]['config']['dataContainer'];
$objDca = new $strDriver($strTable);
$objDca->field = $strField;
// Set the active record
if ($this->Database->tableExists($strTable)) {
/** @var Model $strModel $strModel */
$strModel = Model::getClassFromTable($strTable);
if (class_exists($strModel)) {
$objModel = $strModel::findByPk(Input::get('id'));
if ($objModel !== null) {
$objDca->activeRecord = $objModel;
}
}
}
// AJAX request
if ($_POST && Environment::get('isAjaxRequest')) {
$this->objAjax->executePostActions($objDca);
}
$partial = new BackendTemplate('be_rte_table_editor');
$template->isPopup = true;
$template->main = $partial->parse();
$template->theme = Backend::getTheme();
$template->base = Environment::get('base');
$template->language = $GLOBALS['TL_LANGUAGE'];
$template->title = specialchars($GLOBALS['TL_LANG']['MSC']['pagepicker']);
$template->charset = Config::get('characterSet');
Config::set('debugMode', false);
$template->output();
}
