/**
* Renders the checkbox.
*
* @param boolean $checked Specifies that the input element should be preselected
* @throws \TYPO3\CMS\Fluid\Core\ViewHelper\Exception
* @return string
* @api
*/
public function render($checked = TRUE)
{
if (!$this->arguments['value'] instanceof \TYPO3\CMS\Extbase\Domain\Model\FileReference) {
var_dump($this->arguments['value']);
throw new \InvalidArgumentException('The value assigned to Form.Multiupload.DeleteViewhelper must be of type FileReference', 1421848917);
}
$resourcePointerValue = $this->arguments['value']->getUid();
if ($resourcePointerValue === NULL) {
// Newly created file reference which is not persisted yet.
// Use the file UID instead, but prefix it with "file:" to communicate this to the type converter
$resourcePointerValue = 'file:' . $this->arguments['value']->getOriginalResource()->getOriginalFile()->getUid();
}
$index = $this->viewHelperVariableContainer->get('Helhum\\UploadExample\\ViewHelpers\\Form\\MultiuploadViewHelper', 'fileReferenceIndex');
$this->viewHelperVariableContainer->addOrUpdate('Helhum\\UploadExample\\ViewHelpers\\Form\\MultiuploadViewHelper', 'fileReferenceIndex', ++$index);
// TODO: Fluid automatically adds the __identity key if the argument to the
// viewhelper is a persisted model, but stripping the key on our own
// is ugly here. Generate the name on ourselves?
$name = $this->getName();
$name = (strpos($name, '[__identity]') === FALSE ? $name : substr($name, 0, -strlen('[__identity]'))) . '[' . $index . ']';
$this->registerFieldNameForFormTokenGeneration($name);
$this->tag->addAttribute('name', $name . '[submittedFile][resourcePointer]');
$this->tag->addAttribute('type', 'checkbox');
$this->tag->addAttribute('value', htmlspecialchars($this->hashService->appendHmac((string) $resourcePointerValue)));
if ($checked) {
$this->tag->addAttribute('checked', 'checked');
}
return $this->tag->render();
}
/**
* Renders the upload field with possible resource pointer
*
* @return string
* @api
*/
public function render()
{
$output = '';
$resource = $this->getUploadedResource();
if ($resource !== NULL) {
$resourcePointerIdAttribute = '';
if ($this->hasArgument('id')) {
$resourcePointerIdAttribute = ' id="' . htmlspecialchars($this->arguments['id']) . '-file-reference"';
}
$resourcePointerValue = $resource->getUid();
if ($resourcePointerValue === NULL) {
// Newly created file reference which is not persisted yet.
// Use the file UID instead, but prefix it with "file:" to communicate this to the type converter
$resourcePointerValue = 'file:' . $resource->getOriginalResource()->getOriginalFile()->getUid();
}
$output .= '<input type="hidden" name="' . $this->getName() . '[submittedFile][resourcePointer]" value="' . htmlspecialchars($this->hashService->appendHmac((string) $resourcePointerValue)) . '"' . $resourcePointerIdAttribute . ' />';
}
$output .= parent::render();
$this->templateVariableContainer->add('resource', $resource);
$this->templateVariableContainer->add('property', $this->arguments['property']);
$output .= $this->renderChildren();
$this->templateVariableContainer->remove('resource');
$this->templateVariableContainer->remove('property');
return $output;
}
/**
* Returns the hmac for the given registration in order to cancel the registration
*
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration
*
* @return array
*/
public function render($registration)
{
$result = '';
if ($registration) {
$result = $this->hashService->generateHmac('reg-' . $registration->getUid());
}
return $result;
}
/**
* @return void
*/
public function indexAction()
{
//$GLOBALS['TSFE']->additionalHeaderData[md5('qbtools_jquery')] = '<script type="text/javascript" src="http://code.jquery.com/jquery-1.11.0.min.js"></script>';
$this->view->assign('required', $this->widgetConfiguration['required']);
//$this->view->assign("qbmailformid", "qbmailform-".$this->controllerContext->getRequest()->getWidgetContext()->getAjaxWidgetIdentifier());
$id = 'qbmailform-' . md5(uniqid(mt_rand(), true));
$this->view->assign('qbmailformid', $id);
$this->widgetConfiguration['receiver_overwrite_email'] = $this->getReceiverOverwriteEmail();
$this->view->assign('absRefPrefix', $GLOBALS['TSFE']->absRefPrefix);
$this->view->assign('qbmailformConfig', $this->hashService->appendHmac(base64_encode(serialize($this->widgetConfiguration))));
$this->view->setTemplateRootPath(GeneralUtility::getFileAbsFileName('EXT:qbtools/Resources/Private/Templates/'));
}
/**
* @test
*/
public function validateAndStripHmacReturnsTheStringWithoutHmac()
{
$string = ' Some arbitrary string with special characters: öäüß!"§$ ';
$hashedString = $this->hashService->appendHmac($string);
$actualResult = $this->hashService->validateAndStripHmac($hashedString);
$this->assertSame($string, $actualResult);
}
/**
* Import a resource and respect configuration given for properties
*
* @param array $uploadInfo
* @param PropertyMappingConfigurationInterface $configuration
* @return \TYPO3\CMS\Extbase\Domain\Model\FileReference
* @throws TypeConverterException
* @throws ExistingTargetFileNameException
*/
protected function importUploadedResource(array $uploadInfo, PropertyMappingConfigurationInterface $configuration)
{
if (!GeneralUtility::verifyFilenameAgainstDenyPattern($uploadInfo['name'])) {
throw new TypeConverterException('Uploading files with PHP file extensions is not allowed!', 1399312430);
}
$allowedFileExtensions = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_ALLOWED_EXTENSIONS);
if ($allowedFileExtensions !== null) {
$filePathInfo = PathUtility::pathinfo($uploadInfo['name']);
if (!GeneralUtility::inList($allowedFileExtensions, strtolower($filePathInfo['extension']))) {
throw new TypeConverterException('File extension is not allowed!', 1399312430);
}
}
$uploadFolderId = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_FOLDER) ?: $this->defaultUploadFolder;
$conflictMode = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_CONFLICT_MODE) ?: $this->defaultConflictMode;
$uploadFolder = $this->resourceFactory->retrieveFileOrFolderObject($uploadFolderId);
$uploadedFile = $uploadFolder->addUploadedFile($uploadInfo, $conflictMode);
$resourcePointer = null;
if (isset($uploadInfo['submittedFile']['resourcePointer'])) {
$submittedResourcePointer = $uploadInfo['submittedFile']['resourcePointer'];
if (strpos($uploadInfo['submittedFile']['resourcePointer'], 'file:') === false) {
$resourcePointer = $this->hashService->validateAndStripHmac($submittedResourcePointer);
}
}
$fileReferenceModel = $this->createFileReferenceFromFalFileObject($uploadedFile, $resourcePointer);
return $fileReferenceModel;
}
/**
* Returns banners for the given parameters if given Hmac validation succeeds
*
* @param string $categories
* @param string $startingPoint
* @param string $displayMode
* @param int $currentPageUid
* @param string $hmac
* @return string
*/
public function getBannersAction($categories = '', $startingPoint = '', $displayMode = 'all', $currentPageUid = 0, $hmac = '')
{
$compareString = $currentPageUid . $categories . $startingPoint . $displayMode;
if ($this->hashService->validateHmac($compareString, $hmac)) {
/** @var \DERHANSEN\SfBanners\Domain\Model\BannerDemand $demand */
$demand = $this->objectManager->get('DERHANSEN\\SfBanners\\Domain\\Model\\BannerDemand');
$demand->setCategories($categories);
$demand->setStartingPoint($startingPoint);
$demand->setDisplayMode($displayMode);
$demand->setCurrentPageUid($currentPageUid);
/* Get banners */
$banners = $this->bannerRepository->findDemanded($demand);
/* Update Impressions */
$this->bannerRepository->updateImpressions($banners);
/* Collect identifier based on uids for all banners */
$ident = $GLOBALS['TSFE']->id . $GLOBALS['TSFE']->sys_language_uid;
foreach ($banners as $banner) {
$ident .= $banner->getUid();
}
$ret = $this->cacheInstance->get(sha1($ident));
if ($ret === false || $ret === null) {
$this->view->assign('banners', $banners);
$this->view->assign('settings', $this->settings);
$ret = $this->view->render();
// Save value in cache
$this->cacheInstance->set(sha1($ident), $ret, array('sf_banners'), $this->settings['cacheLifetime']);
}
} else {
$ret = LocalizationUtility::translate('wrong_hmac', 'SfBanners');
}
return $ret;
}
/**
* Complete password reset
*
* @param string $hash Identification hash of a password reset token
* @param string $password New password of the user
* @param string $passwordRepeat Confirmation of the new password
* @return void
*
* @validate $password NotEmpty
* @validate $passwordRepeat NotEmpty
*/
public function completePasswordResetAction($hash, $password, $passwordRepeat)
{
$token = $this->tokenCache->get($hash);
if ($token !== FALSE) {
$user = $this->frontendUserRepository->findByIdentifier($token['uid']);
if ($user !== NULL) {
if ($this->hashService->validateHmac($user->getPassword(), $token['hmac'])) {
$user->setPassword($this->passwordService->applyTransformations($password));
$this->frontendUserRepository->update($user);
$this->tokenCache->remove($hash);
if ($this->getSettingValue('passwordReset.loginOnSuccess')) {
$this->authenticationService->authenticateUser($user);
$this->addLocalizedFlashMessage('resetPassword.completed.login', NULL, FlashMessage::OK);
} else {
$this->addLocalizedFlashMessage('resetPassword.completed', NULL, FlashMessage::OK);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.invalid', NULL, FlashMessage::ERROR);
}
} else {
$this->addLocalizedFlashMessage('resetPassword.failed.expired', NULL, FlashMessage::ERROR);
}
$loginPageUid = $this->getSettingValue('login.page');
$this->redirect('showLoginForm', NULL, NULL, NULL, $loginPageUid);
}
/**
* Import a resource and respect configuration given for properties
*
* @param array $uploadInfo
* @param PropertyMappingConfigurationInterface $configuration
* @return ExtbaseFileReference
* @throws TypeConverterException
*/
protected function importUploadedResource(array $uploadInfo, PropertyMappingConfigurationInterface $configuration) : ExtbaseFileReference
{
if (!GeneralUtility::verifyFilenameAgainstDenyPattern($uploadInfo['name'])) {
throw new TypeConverterException('Uploading files with PHP file extensions is not allowed!', 1471710357);
}
$uploadFolderId = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_FOLDER) ?: $this->defaultUploadFolder;
$conflictMode = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_CONFLICT_MODE) ?: $this->defaultConflictMode;
$uploadFolder = $this->resourceFactory->retrieveFileOrFolderObject($uploadFolderId);
$uploadedFile = $uploadFolder->addUploadedFile($uploadInfo, $conflictMode);
$validators = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_FILE_VALIDATORS);
if (is_array($validators)) {
foreach ($validators as $validator) {
if ($validator instanceof AbstractValidator) {
$validationResult = $validator->validate($uploadedFile);
if ($validationResult->hasErrors()) {
$uploadedFile->getStorage()->deleteFile($uploadedFile);
throw new TypeConverterException($validationResult->getErrors()[0]->getMessage(), 1471708999);
}
}
}
}
$resourcePointer = isset($uploadInfo['submittedFile']['resourcePointer']) && strpos($uploadInfo['submittedFile']['resourcePointer'], 'file:') === false ? $this->hashService->validateAndStripHmac($uploadInfo['submittedFile']['resourcePointer']) : null;
$fileReferenceModel = $this->createFileReferenceFromFalFileObject($uploadedFile, $resourcePointer);
return $fileReferenceModel;
}
/**
* Checks if the registration can be cancelled and returns an array of variables
*
* @param int $reguid UID of registration
* @param string $hmac HMAC for parameters
*
* @return array
*/
public function checkCancelRegistration($reguid, $hmac)
{
/* @var $registration Registration */
$registration = NULL;
$failed = FALSE;
$messageKey = 'event.message.cancel_successful';
$titleKey = 'cancelRegistration.title.successful';
if (!$this->hashService->validateHmac('reg-' . $reguid, $hmac)) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_wrong_hmac';
$titleKey = 'cancelRegistration.title.failed';
} else {
$registration = $this->registrationRepository->findByUid($reguid);
}
if (!$failed && is_null($registration)) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_registration_not_found_or_cancelled';
$titleKey = 'cancelRegistration.title.failed';
}
if (!$failed && $registration->getEvent()->getEnableCancel() === FALSE) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_cancel_disabled';
$titleKey = 'cancelRegistration.title.failed';
}
if (!$failed && $registration->getEvent()->getCancelDeadline() > 0 && $registration->getEvent()->getCancelDeadline() < new \DateTime()) {
$failed = TRUE;
$messageKey = 'event.message.cancel_failed_deadline_expired';
$titleKey = 'cancelRegistration.title.failed';
}
return array($failed, $registration, $messageKey, $titleKey);
}
/**
* Verify the request. Checks if there is an __hmac argument, and if yes, tries to validate and verify it.
*
* In the end, $request->setHmacVerified is set depending on the value.
*
* @param \TYPO3\CMS\Extbase\Mvc\Web\Request $request The request to verify
* @throws \TYPO3\CMS\Extbase\Security\Exception\SyntacticallyWrongRequestHashException
* @return void
*/
public function verifyRequest(\TYPO3\CMS\Extbase\Mvc\Web\Request $request)
{
if (!$request->getInternalArgument('__hmac')) {
$request->setHmacVerified(FALSE);
return;
}
$hmac = $request->getInternalArgument('__hmac');
if (strlen($hmac) < 40) {
throw new \TYPO3\CMS\Extbase\Security\Exception\SyntacticallyWrongRequestHashException('Request hash too short. This is a probably manipulation attempt!', 1255089361);
}
$serializedFieldNames = substr($hmac, 0, -40);
// TODO: Constant for hash length needs to be introduced
$hash = substr($hmac, -40);
if ($this->hashService->validateHmac($serializedFieldNames, $hash)) {
$requestArguments = $request->getArguments();
// Unset framework arguments
unset($requestArguments['__referrer']);
unset($requestArguments['__hmac']);
if ($this->checkFieldNameInclusion($requestArguments, unserialize($serializedFieldNames))) {
$request->setHmacVerified(TRUE);
} else {
$request->setHmacVerified(FALSE);
}
} else {
$request->setHmacVerified(FALSE);
}
}
/**
* Retrieve fileReference UID from hmac
* @param string $hmac
* @return integer
*/
protected function retrieveFileReferenceUid($hmac)
{
try {
return (int) $this->hashService->validateAndStripHmac($hmac);
} catch (Exception $e) {
return $this->returnStatus(500, $e->getMessage());
}
}
/**
* Returns the rendered HTML for the given template
*
* @param \DERHANSEN\SfEventMgt\Domain\Model\Event $event Event
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration
* @param string $template Template
* @param array $settings Settings
*
* @return string
*/
protected function getNotificationBody($event, $registration, $template, $settings)
{
/** @var \TYPO3\CMS\Fluid\View\StandaloneView $emailView */
$emailView = $this->objectManager->get('TYPO3\\CMS\\Fluid\\View\\StandaloneView');
$emailView->setFormat('html');
$extbaseFrameworkConfiguration = $this->configurationManager->getConfiguration(ConfigurationManagerInterface::CONFIGURATION_TYPE_FULL_TYPOSCRIPT);
$templateRootPath = GeneralUtility::getFileAbsFileName($extbaseFrameworkConfiguration['plugin.']['tx_sfeventmgt.']['view.']['templateRootPath']);
$layoutRootPath = GeneralUtility::getFileAbsFileName($extbaseFrameworkConfiguration['plugin.']['tx_sfeventmgt.']['view.']['layoutRootPath']);
$emailView->setLayoutRootPath($layoutRootPath);
$emailView->setTemplatePathAndFilename($templateRootPath . $template);
$emailView->assignMultiple(array('event' => $event, 'registration' => $registration, 'settings' => $settings, 'hmac' => $this->hashService->generateHmac('reg-' . $registration->getUid()), 'reghmac' => $this->hashService->appendHmac((string) $registration->getUid())));
$emailBody = $emailView->render();
return $emailBody;
}
/**
* @param ElectionInvitation $electionInvitation
* @param string $hmac
* @return string
*/
public function voteAction(ElectionInvitation $electionInvitation = null, $hmac = '')
{
if (null !== $electionInvitation && '' !== $hmac) {
$saltedEmail = $electionInvitation->getSecret() . $electionInvitation->getElector()->getEmail();
if ($this->hashService->validateHmac($saltedEmail, $hmac)) {
if ($electionInvitation->isVoted()) {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.already_voted', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
} elseif ($electionInvitation->getElectionEndDateAsTimestamp() < time()) {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.election_finished', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
} else {
$this->view->assign('electionInvitation', $electionInvitation);
$this->view->assign('electionVoting', new ElectionVoting());
}
} else {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.hmac_invalid', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
}
} else {
$this->addFlashMessage(LocalizationUtility::translate('controller.fe.election.vote.no_election_or_hmac', 'election'), LocalizationUtility::translate('controller.fe.election.vote.request_failed', 'election'), AbstractMessage::ERROR);
$this->redirect(FeDashboardController::ACTION_INDEX, FeDashboardController::CONTROLLER_NAME);
}
}
/**
* Get a freshly built request object pointing to the Referrer.
*
* @return ReferringRequest the referring request, or null if no referrer found
*/
public function getReferringRequest()
{
if (isset($this->internalArguments['__referrer']['@request'])) {
$referrerArray = unserialize($this->hashService->validateAndStripHmac($this->internalArguments['__referrer']['@request']));
$arguments = [];
if (isset($this->internalArguments['__referrer']['arguments'])) {
// This case is kept for compatibility in 7.6 and 6.2, but will be removed in 8
$arguments = unserialize(base64_decode($this->hashService->validateAndStripHmac($this->internalArguments['__referrer']['arguments'])));
}
$referringRequest = new ReferringRequest();
$referringRequest->setArguments(array_replace_recursive($arguments, $referrerArray));
return $referringRequest;
}
return null;
}
/**
* Initialize the property mapping configuration in $controllerArguments if
* the trusted properties are set inside the request.
*
* @param \TYPO3\CMS\Extbase\Mvc\Request $request
* @param \TYPO3\CMS\Extbase\Mvc\Controller\Arguments $controllerArguments
*
* @return void
*/
public function initializePropertyMappingConfigurationFromRequest(\TYPO3\CMS\Extbase\Mvc\Request $request, \TYPO3\CMS\Extbase\Mvc\Controller\Arguments $controllerArguments)
{
$trustedPropertiesToken = $request->getInternalArgument('__trustedProperties');
if (!is_string($trustedPropertiesToken)) {
return;
}
$serializedTrustedProperties = $this->hashService->validateAndStripHmac($trustedPropertiesToken);
$trustedProperties = unserialize($serializedTrustedProperties);
foreach ($trustedProperties as $propertyName => $propertyConfiguration) {
if (!$controllerArguments->hasArgument($propertyName)) {
continue;
}
$propertyMappingConfiguration = $controllerArguments->getArgument($propertyName)->getPropertyMappingConfiguration();
$this->modifyPropertyMappingConfiguration($propertyConfiguration, $propertyMappingConfiguration);
}
}
/**
* Get a freshly built request object pointing to the Referrer.
*
* @return Request the referring request, or NULL if no referrer found
*/
public function getReferringRequest() {
if (isset($this->internalArguments['__referrer']) && is_array($this->internalArguments['__referrer'])) {
$referrerArray = $this->internalArguments['__referrer'];
$referringRequest = new \TYPO3\CMS\Extbase\Mvc\Web\Request();
$arguments = array();
if (isset($referrerArray['arguments'])) {
$serializedArgumentsWithHmac = $referrerArray['arguments'];
$serializedArguments = $this->hashService->validateAndStripHmac($serializedArgumentsWithHmac);
$arguments = unserialize(base64_decode($serializedArguments));
unset($referrerArray['arguments']);
}
$referringRequest->setArguments(\TYPO3\CMS\Extbase\Utility\ArrayUtility::arrayMergeRecursiveOverrule($arguments, $referrerArray));
return $referringRequest;
}
return NULL;
}
/**
* Renders hidden form fields for referrer information about
* the current controller and action.
*
* @return string Hidden fields with referrer information
* @todo filter out referrer information that is equal to the target (e.g. same packageKey)
*/
protected function renderHiddenReferrerFields()
{
$request = $this->renderingContext->getControllerContext()->getRequest();
$extensionName = $request->getControllerExtensionName();
$vendorName = $request->getControllerVendorName();
$controllerName = $request->getControllerName();
$actionName = $request->getControllerActionName();
$result = LF;
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@extension]') . '" value="' . $extensionName . '" />' . LF;
if ($vendorName !== null) {
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@vendor]') . '" value="' . $vendorName . '" />' . LF;
}
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@controller]') . '" value="' . $controllerName . '" />' . LF;
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@action]') . '" value="' . $actionName . '" />' . LF;
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[arguments]') . '" value="' . htmlspecialchars($this->hashService->appendHmac(base64_encode(serialize($request->getArguments())))) . '" />' . LF;
return $result;
}
/**
* Returns the rendered HTML for the given template
*
* @param \DERHANSEN\SfEventMgt\Domain\Model\Event $event Event
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration
* @param string $template Template
* @param array $settings Settings
*
* @return string
*/
protected function getNotificationBody($event, $registration, $template, $settings)
{
/** @var \TYPO3\CMS\Fluid\View\StandaloneView $emailView */
$emailView = $this->objectManager->get('TYPO3\\CMS\\Fluid\\View\\StandaloneView');
$emailView->setFormat('html');
$layoutRootPaths = $this->fluidStandaloneService->getTemplateFolders('layout');
$partialRootPaths = $this->fluidStandaloneService->getTemplateFolders('partial');
if (TYPO3_MODE === 'BE' && $registration->getLanguage() !== '') {
// Temporary set Language of current BE user to given language
$GLOBALS['BE_USER']->uc['lang'] = $registration->getLanguage();
$emailView->getRequest()->setControllerExtensionName('SfEventMgt');
}
$emailView->setLayoutRootPaths($layoutRootPaths);
$emailView->setPartialRootPaths($partialRootPaths);
$emailView->setTemplatePathAndFilename($this->fluidStandaloneService->getTemplatePath($template));
$emailView->assignMultiple(['event' => $event, 'registration' => $registration, 'settings' => $settings, 'hmac' => $this->hashService->generateHmac('reg-' . $registration->getUid()), 'reghmac' => $this->hashService->appendHmac((string) $registration->getUid())]);
$emailBody = $emailView->render();
return $emailBody;
}
/**
* Renders hidden form fields for referrer information about
* the current controller and action.
*
* @return string Hidden fields with referrer information
* @todo filter out referrer information that is equal to the target (e.g. same packageKey)
*/
protected function renderHiddenReferrerFields()
{
$request = $this->controllerContext->getRequest();
$extensionName = $request->getControllerExtensionName();
$controllerName = $request->getControllerName();
$actionName = $request->getControllerActionName();
$result = chr(10);
if ($this->configurationManager->isFeatureEnabled('rewrittenPropertyMapper')) {
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@extension]') . '" value="' . $extensionName . '" />' . chr(10);
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@controller]') . '" value="' . $controllerName . '" />' . chr(10);
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@action]') . '" value="' . $actionName . '" />' . chr(10);
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[arguments]') . '" value="' . htmlspecialchars($this->hashService->appendHmac(base64_encode(serialize($request->getArguments())))) . '" />' . chr(10);
} else {
// @deprecated since Extbase 1.4.0, will be removed with Extbase 1.6.0.
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[extensionName]') . '" value="' . $extensionName . '" />' . chr(10);
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[controllerName]') . '" value="' . $controllerName . '" />' . chr(10);
$result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[actionName]') . '" value="' . $actionName . '" />' . chr(10);
}
return $result;
}
/**
* Saves the registration
*
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration
* @param \DERHANSEN\SfEventMgt\Domain\Model\Event $event Event
* @validate $registration \DERHANSEN\SfEventMgt\Validation\Validator\RegistrationValidator
*
* @return void
*/
public function saveRegistrationAction(Registration $registration, Event $event)
{
$autoConfirmation = (bool) $this->settings['registration']['autoConfirmation'];
$result = RegistrationResult::REGISTRATION_SUCCESSFUL;
$success = $this->checkRegistrationSuccess($event, $registration, $result);
// Save registration if no errors
if ($success) {
$linkValidity = (int) $this->settings['confirmation']['linkValidity'];
if ($linkValidity === 0) {
// Use 3600 seconds as default value if not set
$linkValidity = 3600;
}
$confirmationUntil = new \DateTime();
$confirmationUntil->add(new \DateInterval('PT' . $linkValidity . 'S'));
$registration->setEvent($event);
$registration->setPid($event->getPid());
$registration->setConfirmationUntil($confirmationUntil);
$registration->_setProperty('_languageUid', $GLOBALS['TSFE']->sys_language_uid);
$this->registrationRepository->add($registration);
// Persist registration, so we have an UID
$this->objectManager->get('TYPO3\\CMS\\Extbase\\Persistence\\Generic\\PersistenceManager')->persistAll();
// Send notifications to user and admin if confirmation link should be sent
if (!$autoConfirmation) {
$this->notificationService->sendUserMessage($event, $registration, $this->settings, MessageType::REGISTRATION_NEW);
$this->notificationService->sendAdminMessage($event, $registration, $this->settings, MessageType::REGISTRATION_NEW);
}
// Create given amount of registrations if necessary
if ($registration->getAmountOfRegistrations() > 1) {
$this->registrationService->createDependingRegistrations($registration);
}
// Clear cache for configured pages
$this->utilityService->clearCacheForConfiguredUids($this->settings);
}
if ($autoConfirmation && $success) {
$this->redirect('confirmRegistration', NULL, NULL, array('reguid' => $registration->getUid(), 'hmac' => $this->hashService->generateHmac('reg-' . $registration->getUid())));
} else {
$this->redirect('saveRegistrationResult', NULL, NULL, array('result' => $result));
}
}
/**
* Confirms the registration if possible and sends e-mails to admin and user
*
* @param int $reguid UID of registration
* @param string $hmac HMAC for parameters
*
* @return void
*/
public function confirmRegistrationAction($reguid, $hmac)
{
/* @var $registration Registration */
$registration = NULL;
$failed = FALSE;
$messageKey = 'event.message.confirmation_successful';
$titleKey = 'confirmRegistration.title.successful';
if (!$this->hashService->validateHmac('reg-' . $reguid, $hmac)) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_wrong_hmac';
$titleKey = 'confirmRegistration.title.failed';
} else {
$registration = $this->registrationRepository->findByUid($reguid);
}
if (!$failed && is_null($registration)) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_registration_not_found';
$titleKey = 'confirmRegistration.title.failed';
}
if (!$failed && $registration->getConfirmationUntil() < new \DateTime()) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_confirmation_until_expired';
$titleKey = 'confirmRegistration.title.failed';
}
if (!$failed && $registration->getConfirmed() === TRUE) {
$failed = TRUE;
$messageKey = 'event.message.confirmation_failed_already_confirmed';
$titleKey = 'confirmRegistration.title.failed';
}
if ($failed === FALSE) {
$registration->setConfirmed(TRUE);
$this->registrationRepository->update($registration);
// Send notifications to user and admin
$this->notificationService->sendUserMessage($registration->getEvent(), $registration, $this->settings, MessageType::REGISTRATION_CONFIRMED);
$this->notificationService->sendAdminMessage($registration->getEvent(), $registration, $this->settings, MessageType::REGISTRATION_CONFIRMED);
// Confirm registrations depending on main registration if necessary
if ($registration->getAmountOfRegistrations() > 1) {
$this->registrationService->confirmDependingRegistrations($registration);
}
}
$this->view->assign('messageKey', $messageKey);
$this->view->assign('titleKey', $titleKey);
}
/**
* Returns the payment Uri for the given action and registration
*
* @param string $action
* @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration
* @return string
* @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException
*/
protected function getPaymentUriForAction($action, $registration)
{
$this->uriBuilder->setCreateAbsoluteUri(true)->setUseCacheHash(false);
return $this->uriBuilder->uriFor($action, ['registration' => $registration, 'hmac' => $this->hashService->generateHmac($action . 'Action-' . $registration->getUid())], 'Payment', 'sfeventmgt', 'Pipayment');
}
/**
* @return void
*/
protected function initializeFormStateFromRequest()
{
$serializedFormStateWithHmac = $this->request->getInternalArgument('__state');
if ($serializedFormStateWithHmac === null) {
$this->formState = GeneralUtility::makeInstance(FormState::class);
} else {
$serializedFormState = $this->hashService->validateAndStripHmac($serializedFormStateWithHmac);
$this->formState = unserialize(base64_decode($serializedFormState));
}
}
/**
* Confirms the registration if possible and sends e-mails to admin and user
*
* @param int $reguid UID of registration
* @param string $hmac HMAC for parameters
*
* @return void
*/
public function confirmRegistrationAction($reguid, $hmac)
{
/* @var $registration Registration */
list($failed, $registration, $messageKey, $titleKey) = $this->registrationService->checkConfirmRegistration($reguid, $hmac);
if ($failed === false) {
$registration->setConfirmed(true);
$this->registrationRepository->update($registration);
$messageType = MessageType::REGISTRATION_CONFIRMED;
if ($registration->getWaitlist()) {
$messageType = MessageType::REGISTRATION_WAITLIST_CONFIRMED;
}
// Send notifications to user and admin
$this->notificationService->sendUserMessage($registration->getEvent(), $registration, $this->settings, $messageType);
$this->notificationService->sendAdminMessage($registration->getEvent(), $registration, $this->settings, $messageType);
// Confirm registrations depending on main registration if necessary
if ($registration->getAmountOfRegistrations() > 1) {
$this->registrationService->confirmDependingRegistrations($registration);
}
}
// Redirect to payment provider if payment/redirect is enabled
$paymentPid = (int) $this->settings['paymentPid'];
if (!$failed && $paymentPid > 0 && $this->registrationService->redirectPaymentEnabled($registration)) {
$this->uriBuilder->reset()->setTargetPageUid($paymentPid)->setUseCacheHash(false);
$uri = $this->uriBuilder->uriFor('redirect', ['registration' => $registration, 'hmac' => $this->hashService->generateHmac('redirectAction-' . $registration->getUid())], 'Payment', 'sfeventmgt', 'Pipayment');
$this->redirectToUri($uri);
}
$this->view->assign('messageKey', $messageKey);
$this->view->assign('titleKey', $titleKey);
}