/** * General processor for AJAX requests. * (called by typo3/ajax.php) * * @param array $params: additional parameters (not used here) * @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request * @return void * @author Oliver Hader <*****@*****.**> */ public function processAjaxRequest($params, TYPO3AJAX &$ajaxObj) { $this->ajaxObj = $ajaxObj; // Load the TSref XML information: $this->loadFile(t3lib_extMgm::extPath('t3editor') . 'res/tsref/tsref.xml'); $ajaxIdParts = explode('::', $ajaxObj->getAjaxID(), 2); $ajaxMethod = $ajaxIdParts[1]; $response = array(); // Process the AJAX requests: if ($ajaxMethod == 'getTypes') { $ajaxObj->setContent($this->getTypes()); $ajaxObj->setContentFormat('jsonbody'); } elseif ($ajaxMethod == 'getDescription') { $ajaxObj->addContent('', $this->getDescription(t3lib_div::_GP('typeId'), t3lib_div::_GP('parameterName'))); $ajaxObj->setContentFormat('plain'); } }
/** * Dispatches the incoming calls to methods about the ExtDirect API. * * @param aray $ajaxParams ajax parameters * @param TYPO3AJAX $ajaxObj typo3ajax instance * @return void */ public function route($ajaxParams, TYPO3AJAX $ajaxObj) { try { $isForm = FALSE; $isUpload = FALSE; $rawPostData = file_get_contents('php://input'); $postParameters = t3lib_div::_POST(); $namespace = t3lib_div::_GET('namespace'); if (!empty($postParameters['extAction'])) { $isForm = TRUE; $isUpload = $postParameters['extUpload'] === 'true'; $request->action = $postParameters['extAction']; $request->method = $postParameters['extMethod']; $request->tid = $postParameters['extTID']; $request->data = array($_POST + $_FILES); } elseif (!empty($rawPostData)) { $request = json_decode($rawPostData); } else { throw new t3lib_error_Exception('ExtDirect: Missing Parameters!'); } $response = NULL; if (is_array($request)) { $response = array(); foreach ($request as $singleRequest) { $response[] = $this->processRpc($singleRequest, $namespace); } } else { $response = $this->processRpc($request, $namespace); } if ($isForm && $isUpload) { $ajaxObj->setContentFormat('plain'); $response = json_encode($response); $response = preg_replace('/"/', '\\"', $response); $response = array('<html><body><textarea>' . $response . '</textarea></body></html>'); } else { $ajaxObj->setContentFormat('jsonbody'); } } catch (t3lib_error_Exception $exception) { $response = array('type' => 'exception', 'message' => $exception->getMessage(), 'where' => $exception->getTraceAsString()); } $ajaxObj->setContent($response); }
/** * General processor for AJAX requests. * (called by typo3/ajax.php) * * @param array $params: additional parameters (not used here) * @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request * @return void * @author Oliver Hader <*****@*****.**> */ public function processAjaxRequest($params, TYPO3AJAX &$ajaxObj) { $this->ajaxObj = $ajaxObj; $ajaxIdParts = explode('::', $ajaxObj->getAjaxID(), 2); $ajaxMethod = $ajaxIdParts[1]; $response = array(); // Process the AJAX requests: if ($ajaxMethod == 'loadTemplates') { $ajaxObj->setContent($this->loadTemplates(intval(t3lib_div::_GP('pageId')))); $ajaxObj->setContentFormat('jsonbody'); } }
/** * Create a tag * * @param array $params * @param TYPO3AJAX $ajaxObj * @return void * @throws Exception */ public function createTag(array $params, TYPO3AJAX $ajaxObj) { $request = t3lib_div::_POST(); try { // Check if a tag is submitted if (!isset($request['item']) || empty($request['item'])) { throw new Exception('error_no-tag'); } $newsUid = $request['newsid']; if ((int) $newsUid === 0 && (strlen($newsUid) == 16 && !t3lib_div::isFirstPartOfStr($newsUid, 'NEW'))) { throw new Exception('error_no-newsid'); } // Get tag uid $newTagId = $this->getTagUid($request); $ajaxObj->setContentFormat('javascript'); $ajaxObj->setContent(''); $response = array($newTagId, $request['item'], self::TAG, self::NEWS, 'tags', 'data[tx_news_domain_model_news][' . $newsUid . '][tags]', $newsUid); $ajaxObj->setJavascriptCallbackWrap(implode('-', $response)); } catch (Exception $e) { $errorMsg = $GLOBALS['LANG']->sL(self::LLPATH . $e->getMessage()); $ajaxObj->setError($errorMsg); } }
/** * Gets plugins that are defined at $TYPO3_CONF_VARS['EXTCONF']['t3editor']['plugins'] * (called by typo3/ajax.php) * * @param array $params: additional parameters (not used here) * @param TYPO3AJAX &$ajaxObj: the TYPO3AJAX object of this request * @return void * @author Oliver Hader <*****@*****.**> */ public function getPlugins($params, TYPO3AJAX &$ajaxObj) { $result = array(); $plugins =& $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['t3editor']['plugins']; if (is_array($plugins)) { $result = array_values($plugins); } $ajaxObj->setContent($result); $ajaxObj->setContentFormat('jsonbody'); }
/** * Parses the ExtDirect configuration array "$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect']" * and feeds the given typo3ajax instance with the resulting information. The get parameter * "namespace" will be used to filter the configuration. * * This method makes usage of the reflection mechanism to fetch the methods inside the * defined classes together with their amount of parameters. This information are building * the API and are required by ExtDirect. The result is cached to improve the overall * performance. * * @param array $ajaxParams ajax parameters * @param TYPO3AJAX $ajaxObj typo3ajax instance * @return void */ public function getAPI($ajaxParams, TYPO3AJAX $ajaxObj) { $filterNamespace = t3lib_div::_GET('namespace'); // Check GET-parameter no_cache and extCache setting $extCache = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache']) && ($GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache'] === 0 || $GLOBALS['TYPO3_CONF_VARS']['SYS']['extCache'] === '0'); $noCache = t3lib_div::_GET('no_cache') ? TRUE : $extCache; // look up into the cache $cacheIdentifier = 'ExtDirectApi'; $cacheHash = md5($cacheIdentifier . $filterNamespace . serialize($this->settings)); // with no_cache always generate the javascript content $cacheContent = $noCache ? '' : t3lib_pageSelect::getHash($cacheHash); // generate the javascript content if it wasn't found inside the cache and cache it! if (!$cacheContent) { $javascriptNamespaces = $this->generateAPI($filterNamespace); if (!empty($javascriptNamespaces)) { t3lib_pageSelect::storeHash($cacheHash, serialize($javascriptNamespaces), $cacheIdentifier); } } else { $javascriptNamespaces = unserialize($cacheContent); } // return the generated javascript API configuration if (count($javascriptNamespaces)) { $setup = ' if (typeof Ext.app.ExtDirectAPI !== "object") { Ext.app.ExtDirectAPI = {}; } if (typeof Object.extend !== "function") { Object.extend = function(destination, source) { for (var property in source) { destination[property] = source[property]; } return destination; }; } '; $ajaxObj->setContent($javascriptNamespaces); $ajaxObj->setContentFormat('javascript'); $ajaxObj->setJavascriptCallbackWrap($setup . 'Ext.app.ExtDirectAPI = Object.extend(Ext.app.ExtDirectAPI, |);'); } else { if ($filterNamespace) { // namespace error $errorMessage = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:ExtDirect.namespaceError'), __CLASS__, $filterNamespace); } else { // no namespace given $errorMessage = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:ExtDirect.noNamespace'), __CLASS__); } // make js multiline message $msg = t3lib_div::trimExplode(LF, str_replace('"', '\\"', $errorMessage), TRUE); $errorMessage = ''; foreach ($msg as $line) { $errorMessage .= '"' . $line . '" + ' . LF; } $errorMessage = substr(trim($errorMessage), 0, -1); //generate the javascript $ajaxObj->setContentFormat('javascript'); $ajaxObj->setJavascriptCallbackWrap(' errorMessage = ' . $errorMessage . '; if (typeof console === "object") { console.log(errorMessage); } else { alert(errorMessage); } '); } }
/** * Used to broker incoming requests to other calls. * Called by typo3/ajax.php * * @param array $unused additional parameters (not used) * @param TYPO3AJAX $ajax the AJAX object for this request * * @return void */ public function ajaxBroker(array $unused, TYPO3AJAX $ajax) { $state = (bool) t3lib_div::_POST('state'); $checkbox = t3lib_div::_POST('checkbox'); if (in_array($checkbox, $this->validCheckboxKeys, TRUE)) { $ajax->setContentFormat('json'); $this->userSettingsService->set($checkbox, $state); $ajax->addContent('success', TRUE); } else { $ajax->setContentFormat('plain'); $ajax->setError('Illegal input parameters.'); } }
/** * sets the workspace for the backend * * @param unknown_type $params * @param TYPO3AJAX $ajaxObj */ public function setWorkspace($parameters = array(), TYPO3AJAX &$ajaxObj = null) { $workspaceId = (int) t3lib_div::_POST('workspaceId'); $GLOBALS['BE_USER']->setWorkspace($workspaceId); $ajaxObj->addContent('setWorkspaceId', $workspaceId); $ajaxObj->setContentFormat('json'); }
/** * gets called when a shortcut is changed, checks whether the user has * permissions to do so and saves the changes if everything is ok * * @param array array of parameters from the AJAX interface, currently unused * @param TYPO3AJAX object of type TYPO3AJAX * @return void */ public function setAjaxShortcut($params = array(), TYPO3AJAX &$ajaxObj = null) { $shortcutId = (int) t3lib_div::_POST('shortcutId'); $shortcutName = strip_tags(t3lib_div::_POST('value')); $shortcutGroupId = (int) t3lib_div::_POST('shortcut-group'); if ($shortcutGroupId > 0 || $GLOBALS['BE_USER']->isAdmin()) { // users can delete only their own shortcuts (except admins) $addUserWhere = !$GLOBALS['BE_USER']->isAdmin() ? ' AND userid=' . intval($GLOBALS['BE_USER']->user['uid']) : ''; $fieldValues = array('description' => $shortcutName, 'sc_group' => $shortcutGroupId); if ($fieldValues['sc_group'] < 0 && !$GLOBALS['BE_USER']->isAdmin()) { $fieldValues['sc_group'] = 0; } $GLOBALS['TYPO3_DB']->exec_UPDATEquery('sys_be_shortcuts', 'uid=' . $shortcutId . $addUserWhere, $fieldValues); $affectedRows = $GLOBALS['TYPO3_DB']->sql_affected_rows(); if ($affectedRows == 1) { $ajaxObj->addContent('shortcut', $shortcutName); } else { $ajaxObj->addContent('shortcut', 'failed'); } } $ajaxObj->setContentFormat('plain'); }
/** * Handles the actual process from within the ajaxExec function * therefore, it does exactly the same as the real typo3/tce_file.php * but without calling the "finish" method, thus makes it simpler to deal with the * actual return value * * * @param string $params always empty. * @param string $ajaxObj The Ajax object used to return content and set content types * @return void */ public function processAjaxRequest(array $params, TYPO3AJAX $ajaxObj) { $this->init(); $this->main(); $errors = $this->fileProcessor->getErrorMessages(); if (count($errors)) { $ajaxObj->setError(implode(',', $errors)); } else { $ajaxObj->addContent('result', $this->fileData); if ($this->redirect) { $ajaxObj->addContent('redirect', $this->redirect); } $ajaxObj->setContentFormat('json'); } }
/** * Generates new tokens for the ones found in the DOM. * * @param array $parameters: Parameters (not used) * @param TYPO3AJAX $parent: The calling parent AJAX object */ public function refreshTokens(array $parameters, TYPO3AJAX $parent) { $accessToken = (string) t3lib_div::_GP('accessToken'); $formprotection = t3lib_formprotection_Factory::get(); if ($formprotection->validateToken($accessToken, 'refreshTokens')) { $oldTokens = json_decode((string) t3lib_div::_GP('tokens')); $regeneratedTokens = new stdClass(); foreach ($oldTokens as $oldToken) { $newToken = $this->generateNewToken($oldToken); $regeneratedTokens->{$oldToken} = $newToken; } } $parent->addContent('newTokens', $regeneratedTokens); $parent->setContentFormat('json'); $formprotection->persistTokens(); }
/** * Get the contacts for the given node for AJAX * * @param array $params * @param TYPO3AJAX $ajaxObj */ public function ajaxGetNodeContacts($params, &$ajaxObj) { $node_id = t3lib_div::_GP('node'); $node_repository = tx_caretaker_NodeRepository::getInstance(); if ($node_id && ($node = $node_repository->id2node($node_id, true))) { $count = 0; $contacts = array(); $nodeContacts = $node->getContacts(); foreach ($nodeContacts as $nodeContact) { if ($role = $nodeContact->getRole()) { $role_assoc = array('uid' => $role->getUid(), 'id' => $role->getId(), 'name' => $role->getTitle(), 'description' => $role->getDescription()); } else { $role_assoc = array('uid' => '', 'id' => '', 'name' => '', 'description' => ''); } $address = $nodeContact->getAddress(); if ($address) { $address['email_md5'] = md5($address['email']); } $contact = array('num' => $count++, 'id' => $node->getCaretakerNodeId() . '_role_' . $role_assoc['uid'] . '_address_' . $address['uid'], 'node_title' => $node->getTitle(), 'node_type' => $node->getType(), 'node_type_ll' => $node->getTypeDescription(), 'node_id' => $node->getCaretakerNodeId(), 'role' => $role_assoc, 'address' => $address); foreach ($address as $key => $value) { $contact['address_' . $key] = $value; } foreach ($role_assoc as $key => $value) { $contact['role_' . $key] = $value; } $contacts[] = $contact; } $content = array(); $content['contacts'] = $contacts; $content['totalCount'] = $count; $ajaxObj->setContent($content); $ajaxObj->setContentFormat('jsonbody'); } }
/** * Gets a MD5 challenge. * * @param array $parameters: Parameters (not used) * @param TYPO3AJAX $parent: The calling parent AJAX object * @return void */ public function getChallenge(array $parameters, TYPO3AJAX $parent) { session_start(); $_SESSION['login_challenge'] = md5(uniqid('') . getmypid()); session_commit(); $parent->addContent('challenge', $_SESSION['login_challenge']); $parent->setContentFormat('json'); }
/** * Dispatches the incoming calls to methods about the ExtDirect API. * * @param aray $ajaxParams ajax parameters * @param TYPO3AJAX $ajaxObj typo3ajax instance * @return void */ public function route($ajaxParams, TYPO3AJAX $ajaxObj) { $GLOBALS['error'] = t3lib_div::makeInstance('t3lib_extjs_ExtDirectDebug'); $isForm = FALSE; $isUpload = FALSE; $rawPostData = file_get_contents('php://input'); $postParameters = t3lib_div::_POST(); $namespace = t3lib_div::_GET('namespace'); $response = array(); $request = NULL; $isValidRequest = TRUE; if (!empty($postParameters['extAction'])) { $isForm = TRUE; $isUpload = $postParameters['extUpload'] === 'true'; $request = new stdClass(); $request->action = $postParameters['extAction']; $request->method = $postParameters['extMethod']; $request->tid = $postParameters['extTID']; unset($_POST['securityToken']); $request->data = array($_POST + $_FILES); $request->data[] = $postParameters['securityToken']; } elseif (!empty($rawPostData)) { $request = json_decode($rawPostData); } else { $response[] = array('type' => 'exception', 'message' => 'Something went wrong with an ExtDirect call!', 'code' => 'router'); $isValidRequest = FALSE; } if (!is_array($request)) { $request = array($request); } if ($isValidRequest) { $validToken = FALSE; $firstCall = TRUE; foreach ($request as $index => $singleRequest) { $response[$index] = array('tid' => $singleRequest->tid, 'action' => $singleRequest->action, 'method' => $singleRequest->method); $token = array_pop($singleRequest->data); if ($firstCall) { $firstCall = FALSE; $formprotection = t3lib_formprotection_Factory::get(); $validToken = $formprotection->validateToken($token, 'extDirect'); } try { if (!$validToken) { throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!'); } $response[$index]['type'] = 'rpc'; $response[$index]['result'] = $this->processRpc($singleRequest, $namespace); $response[$index]['debug'] = $GLOBALS['error']->toString(); } catch (Exception $exception) { $response[$index]['type'] = 'exception'; $response[$index]['message'] = $exception->getMessage(); $response[$index]['code'] = 'router'; } } } if ($isForm && $isUpload) { $ajaxObj->setContentFormat('plain'); $response = json_encode($response); $response = preg_replace('/"/', '\\"', $response); $response = array('<html><body><textarea>' . $response . '</textarea></body></html>'); } else { $ajaxObj->setContentFormat('jsonbody'); } $ajaxObj->setContent($response); }