Usage: if (Validator::isEmail($recipient)) { $email->sendTo($recipient); }
 /**
  * Remove the recipient
  */
 protected function removeSubscriber()
 {
     $varInput = Idna::encodeEmail(Input::get('email', true));
     // Validate e-mail address
     if (!Validator::isEmail($varInput)) {
         $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
         $this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
     }
     $objCleverReach = new CleverReach();
     switch ($this->clr_unsubscribe) {
         case 'inactive':
             foreach ($this->clr_groups as $strGroupId) {
                 $objCleverReach->receiverSetInactive($varInput, $strGroupId);
             }
             break;
         case 'delete':
             foreach ($this->clr_groups as $strGroupId) {
                 $objCleverReach->receiverDelete($varInput, $strGroupId);
             }
             break;
         case 'email':
         default:
             $objCleverReach->sendUnsubscribeMail($varInput, $this->clr_form);
             break;
     }
     $this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
 }
 public function __construct($arrAttributes = null)
 {
     // check against arrAttributes, as 'onsubmit_callback' => 'multifileupload_moveFiles' does not provide valid attributes
     if ($arrAttributes !== null && !$arrAttributes['uploadFolder']) {
         throw new \Exception(sprintf($GLOBALS['TL_LANG']['ERR']['noUploadFolderDeclared'], $this->name));
     }
     $arrAttributes['uploadAction'] = static::$uploadAction;
     if (TL_MODE == 'FE') {
         $arrAttributes['uploadActionParams'] = http_build_query(AjaxAction::getParams(MultiFileUpload::NAME, static::$uploadAction));
     }
     $arrAttributes['addRemoveLinks'] = isset($arrAttributes['addRemoveLinks']) ? $arrAttributes['addRemoveLinks'] : true;
     if (!is_array($arrAttributes['value']) && !Validator::isBinaryUuid($arrAttributes['value'])) {
         $arrAttributes['value'] = json_decode($arrAttributes['value']);
     }
     // bin to string -> never pass binary to the widget!!
     if ($arrAttributes['value']) {
         if (is_array($arrAttributes['value'])) {
             $arrAttributes['value'] = array_map(function ($val) {
                 return \Validator::isBinaryUuid($val) ? \StringUtil::binToUuid($val) : $val;
             }, $arrAttributes['value']);
         } else {
             $arrAttributes['value'] = array(\Validator::isBinaryUuid($arrAttributes['value']) ? \StringUtil::binToUuid($arrAttributes['value']) : $arrAttributes['value']);
         }
     }
     parent::__construct($arrAttributes);
     $this->objUploader = new MultiFileUpload($arrAttributes);
     // add onsubmit_callback: move files after form submission
     $GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback']['multifileupload_moveFiles'] = array('HeimrichHannot\\MultiFileUpload\\FormMultiFileUpload', 'moveFiles');
     Ajax::runActiveAction(MultiFileUpload::NAME, MultiFileUpload::ACTION_UPLOAD, $this);
 }
 private function setContaoFile($file)
 {
     if (is_array($file)) {
         return serialize(array_map([__CLASS__, 'setContaoFile'], $file));
     }
     if ($file instanceof FilesModel) {
         return $file->uuid;
     }
     if (Validator::isStringUuid($file)) {
         return StringUtil::uuidToBin($file);
     }
     return $file;
 }
 public function scopeUuid(Builder $query, $uuid)
 {
     if (is_array($uuid)) {
         $uuid = array_map(function ($uuid) {
             return Validator::isStringUuid($uuid) ? StringUtil::uuidToBin($uuid) : $uuid;
         }, $uuid);
         return $query->whereIn('uuid', $uuid);
     }
     if (Validator::isStringUuid($uuid)) {
         $uuid = StringUtil::uuidToBin($uuid);
     }
     return $query->where('uuid', $uuid);
 }
 /**
  * Find a particular template file and return its path
  *
  * @param string $strTemplate The name of the template
  * @param string $strFormat   The file extension
  *
  * @return string The path to the template file
  *
  * @throws \InvalidArgumentException If $strFormat is unknown
  * @throws \RuntimeException         If the template group folder is insecure
  */
 public static function getTemplate($strTemplate, $strFormat = 'html5')
 {
     $arrAllowed = trimsplit(',', \Config::get('templateFiles'));
     array_push($arrAllowed, 'html5');
     // see #3398
     if (!in_array($strFormat, $arrAllowed)) {
         throw new \InvalidArgumentException('Invalid output format ' . $strFormat);
     }
     $strTemplate = basename($strTemplate);
     // Check for a theme folder
     if (TL_MODE == 'FE') {
         /** @var \PageModel $objPage */
         global $objPage;
         if ($objPage->templateGroup != '') {
             if (\Validator::isInsecurePath($objPage->templateGroup)) {
                 throw new \RuntimeException('Invalid path ' . $objPage->templateGroup);
             }
             return \TemplateLoader::getPath($strTemplate, $strFormat, $objPage->templateGroup);
         }
     }
     return \TemplateLoader::getPath($strTemplate, $strFormat);
 }
Exemple #6
0
 /**
  * @return string
  */
 public function generate()
 {
     if (TL_MODE == 'BE') {
         $objTemplate = new BackendTemplate('be_wildcard');
         $objTemplate->wildcard = '### LOGO MODULE ###';
         return $objTemplate->parse();
     }
     if ($this->singleSRC == '') {
         return '';
     }
     $objFile = FilesModel::findByUuid($this->singleSRC);
     if ($objFile === null) {
         if (!Validator::isUuid($this->singleSRC)) {
             return '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
         }
         return '';
     }
     if (!is_file(TL_ROOT . '/' . $objFile->path)) {
         return '';
     }
     $this->singleSRC = $objFile->path;
     return parent::generate();
 }
Exemple #7
0
    /**
     * Return a form to choose a CSV file and import it
     *
     * @return string
     */
    public function importRecipients()
    {
        if (\Input::get('key') != 'import') {
            return '';
        }
        $this->import('BackendUser', 'User');
        $class = $this->User->uploader;
        // See #4086 and #7046
        if (!class_exists($class) || $class == 'DropZone') {
            $class = 'FileUpload';
        }
        /** @var FileUpload $objUploader */
        $objUploader = new $class();
        // Import recipients
        if (\Input::post('FORM_SUBMIT') == 'tl_recipients_import') {
            $arrUploaded = $objUploader->uploadTo('system/tmp');
            if (empty($arrUploaded)) {
                \Message::addError($GLOBALS['TL_LANG']['ERR']['all_fields']);
                $this->reload();
            }
            $time = time();
            $intTotal = 0;
            $intInvalid = 0;
            foreach ($arrUploaded as $strCsvFile) {
                $objFile = new \File($strCsvFile);
                if ($objFile->extension != 'csv') {
                    \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
                    continue;
                }
                // Get separator
                switch (\Input::post('separator')) {
                    case 'semicolon':
                        $strSeparator = ';';
                        break;
                    case 'tabulator':
                        $strSeparator = "\t";
                        break;
                    case 'linebreak':
                        $strSeparator = "\n";
                        break;
                    default:
                        $strSeparator = ',';
                        break;
                }
                $arrRecipients = array();
                $resFile = $objFile->handle;
                while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) {
                    $arrRecipients = array_merge($arrRecipients, $arrRow);
                }
                $arrRecipients = array_filter(array_unique($arrRecipients));
                foreach ($arrRecipients as $strRecipient) {
                    // Skip invalid entries
                    if (!\Validator::isEmail($strRecipient)) {
                        $this->log('Recipient address "' . $strRecipient . '" seems to be invalid and was not imported', __METHOD__, TL_ERROR);
                        ++$intInvalid;
                        continue;
                    }
                    // Check whether the e-mail address exists
                    $objRecipient = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_recipients WHERE pid=? AND email=?")->execute(\Input::get('id'), $strRecipient);
                    if ($objRecipient->count > 0) {
                        continue;
                    }
                    // Check whether the e-mail address has been blacklisted
                    $objBlacklist = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_blacklist WHERE pid=? AND hash=?")->execute(\Input::get('id'), md5($strRecipient));
                    if ($objBlacklist->count > 0) {
                        $this->log('Recipient address "' . $strRecipient . '" has been unsubscribed and was not imported', __METHOD__, TL_ERROR);
                        continue;
                    }
                    $this->Database->prepare("INSERT INTO tl_newsletter_recipients SET pid=?, tstamp={$time}, email=?, active=1")->execute(\Input::get('id'), $strRecipient);
                    ++$intTotal;
                }
            }
            \Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['confirm'], $intTotal));
            if ($intInvalid > 0) {
                \Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['invalid'], $intInvalid));
            }
            \System::setCookie('BE_PAGE_OFFSET', 0, 0);
            $this->reload();
        }
        // Return form
        return '
<div id="tl_buttons">
<a href="' . ampersand(str_replace('&key=import', '', \Environment::get('request'))) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_recipients_import" class="tl_form" method="post" enctype="multipart/form-data">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_recipients_import">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '">

<div class="tl_tbox">
  <h3><label for="separator">' . $GLOBALS['TL_LANG']['MSC']['separator'][0] . '</label></h3>
  <select name="separator" id="separator" class="tl_select" onfocus="Backend.getScrollOffset()">
    <option value="comma">' . $GLOBALS['TL_LANG']['MSC']['comma'] . '</option>
    <option value="semicolon">' . $GLOBALS['TL_LANG']['MSC']['semicolon'] . '</option>
    <option value="tabulator">' . $GLOBALS['TL_LANG']['MSC']['tabulator'] . '</option>
    <option value="linebreak">' . $GLOBALS['TL_LANG']['MSC']['linebreak'] . '</option>
  </select>' . ($GLOBALS['TL_LANG']['MSC']['separator'][1] != '' ? '
  <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['separator'][1] . '</p>' : '') . '
  <h3>' . $GLOBALS['TL_LANG']['MSC']['source'][0] . '</h3>' . $objUploader->generateMarkup() . (isset($GLOBALS['TL_LANG']['MSC']['source'][1]) ? '
  <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['source'][1] . '</p>' : '') . '
</div>

</div>

<div class="tl_formbody_submit">

<div class="tl_submit_container">
  <button type="submit" name="save" id="save" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['tl_newsletter_recipients']['import'][0] . '</button>
</div>

</div>
</form>';
    }
 /**
  * Render a news.
  *
  * @param GetNewsEvent             $event           The event.
  *
  * @param string                   $eventName       The event name.
  *
  * @param EventDispatcherInterface $eventDispatcher The event dispatcher.
  *
  * @return void
  *
  * @SuppressWarnings(PHPMD.CyclomaticComplexity)
  * @SuppressWarnings(PHPMD.NPathComplexity)
  * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
  * @SuppressWarnings(PHPMD.Superglobals)
  * @SuppressWarnings(PHPMD.CamelCaseVariableName)
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function handleNews(GetNewsEvent $event, $eventName, EventDispatcherInterface $eventDispatcher)
 {
     if ($event->getNewsHtml()) {
         return;
     }
     $newsArchiveCollection = NewsArchiveModel::findAll();
     $newsArchiveIds = $newsArchiveCollection ? $newsArchiveCollection->fetchEach('id') : array();
     $newsModel = NewsModel::findPublishedByParentAndIdOrAlias($event->getNewsId(), $newsArchiveIds);
     if (!$newsModel) {
         return;
     }
     $newsModel = $newsModel->current();
     $newsArchiveModel = $newsModel->getRelated('pid');
     $objPage = PageModel::findWithDetails($newsArchiveModel->jumpTo);
     $objTemplate = new FrontendTemplate($event->getTemplate());
     $objTemplate->setData($newsModel->row());
     $objTemplate->class = $newsModel->cssClass != '' ? ' ' . $newsModel->cssClass : '';
     $objTemplate->newsHeadline = $newsModel->headline;
     $objTemplate->subHeadline = $newsModel->subheadline;
     $objTemplate->hasSubHeadline = $newsModel->subheadline ? true : false;
     $objTemplate->linkHeadline = $this->generateLink($eventDispatcher, $newsModel->headline, $newsModel);
     $objTemplate->more = $this->generateLink($eventDispatcher, $GLOBALS['TL_LANG']['MSC']['more'], $newsModel, false, true);
     $objTemplate->link = $this->generateNewsUrl($eventDispatcher, $newsModel);
     $objTemplate->archive = $newsModel->getRelated('pid');
     $objTemplate->count = 0;
     $objTemplate->text = '';
     // Clean the RTE output.
     if ($newsModel->teaser != '') {
         if ($objPage->outputFormat == 'xhtml') {
             $objTemplate->teaser = StringHelper::toXhtml($newsModel->teaser);
         } else {
             $objTemplate->teaser = StringHelper::toHtml5($newsModel->teaser);
         }
         $objTemplate->teaser = StringHelper::encodeEmail($objTemplate->teaser);
     }
     // Display the "read more" button for external/article links.
     if ($newsModel->source != 'default') {
         $objTemplate->text = true;
     } else {
         // Compile the news text.
         $objElement = ContentModel::findPublishedByPidAndTable($newsModel->id, 'tl_news');
         if ($objElement !== null) {
             while ($objElement->next()) {
                 $getContentElementEvent = new GetContentElementEvent($objElement->id);
                 $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_GET_CONTENT_ELEMENT, $getContentElementEvent);
                 $objTemplate->text .= $getContentElementEvent->getContentElementHtml();
             }
         }
     }
     $arrMeta = $this->getMetaFields($newsModel);
     // Add the meta information.
     $objTemplate->date = $arrMeta['date'];
     $objTemplate->hasMetaFields = !empty($arrMeta);
     $objTemplate->numberOfComments = $arrMeta['ccount'];
     $objTemplate->commentCount = $arrMeta['comments'];
     $objTemplate->timestamp = $newsModel->date;
     $objTemplate->author = $arrMeta['author'];
     $objTemplate->datetime = date('Y-m-d\\TH:i:sP', $newsModel->date);
     $objTemplate->addImage = false;
     // Add an image.
     if ($newsModel->addImage && $newsModel->singleSRC != '') {
         $objModel = FilesModel::findByUuid($newsModel->singleSRC);
         if ($objModel === null) {
             if (!Validator::isUuid($newsModel->singleSRC)) {
                 $objTemplate->text = '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
             }
         } elseif (is_file(TL_ROOT . '/' . $objModel->path)) {
             // Do not override the field now that we have a model registry (see #6303).
             $arrArticle = $newsModel->row();
             // Override the default image size.
             // This is always false!
             if ($this->imgSize != '') {
                 $size = deserialize($this->imgSize);
                 if ($size[0] > 0 || $size[1] > 0) {
                     $arrArticle['size'] = $this->imgSize;
                 }
             }
             $arrArticle['singleSRC'] = $objModel->path;
             $addImageToTemplateEvent = new AddImageToTemplateEvent($arrArticle, $objTemplate);
             $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_IMAGE_TO_TEMPLATE, $addImageToTemplateEvent);
         }
     }
     $objTemplate->enclosure = array();
     // Add enclosures.
     if ($newsModel->addEnclosure) {
         $addEnclosureToTemplateEvent = new AddEnclosureToTemplateEvent($newsModel->row(), $objTemplate);
         $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_ENCLOSURE_TO_TEMPLATE, $addEnclosureToTemplateEvent);
     }
     $news = $objTemplate->parse();
     $event->setNewsHtml($news);
 }
Exemple #9
0
 /**
  * Check a file operation
  *
  * @param string $strFile
  *
  * @return boolean
  *
  * @throws AccessDeniedException
  */
 protected function isValid($strFile)
 {
     $strFolder = \Input::get('pid', true);
     // Check the path
     if (\Validator::isInsecurePath($strFile)) {
         throw new AccessDeniedException('Invalid file name "' . $strFile . '" (hacking attempt).');
     } elseif (\Validator::isInsecurePath($strFolder)) {
         throw new AccessDeniedException('Invalid folder name "' . $strFolder . '" (hacking attempt).');
     }
     // Check for valid file types
     if (!empty($this->arrValidFileTypes) && is_file(TL_ROOT . '/' . $strFile)) {
         $fileinfo = preg_replace('/.*\\.(.*)$/ui', '$1', $strFile);
         if (!in_array(strtolower($fileinfo), $this->arrValidFileTypes)) {
             throw new AccessDeniedException('File "' . $strFile . '" is not an allowed file type.');
         }
     }
     // Check whether the file is within the files directory
     if (!preg_match('/^' . preg_quote(\Config::get('uploadPath'), '/') . '/i', $strFile)) {
         throw new AccessDeniedException('File or folder "' . $strFile . '" is not within the files directory.');
     }
     // Check whether the parent folder is within the files directory
     if ($strFolder && !preg_match('/^' . preg_quote(\Config::get('uploadPath'), '/') . '/i', $strFolder)) {
         throw new AccessDeniedException('Parent folder "' . $strFolder . '" is not within the files directory.');
     }
     // Do not allow file operations on root folders
     if (\Input::get('act') == 'edit' || \Input::get('act') == 'paste' || \Input::get('act') == 'delete') {
         $this->import('BackendUser', 'User');
         if (!$this->User->isAdmin && in_array($strFile, $this->User->filemounts)) {
             throw new AccessDeniedException('Attempt to edit, copy, move or delete the root folder "' . $strFile . '".');
         }
     }
     return true;
 }
Exemple #10
0
 /**
  * Run the controller and parse the template
  *
  * @return Response
  */
 public function run()
 {
     /** @var SessionInterface $objSession */
     $objSession = \System::getContainer()->get('session');
     /** @var BackendTemplate|object $objTemplate */
     $objTemplate = new \BackendTemplate('be_picker');
     $objTemplate->main = '';
     // Ajax request
     if ($_POST && \Environment::get('isAjaxRequest')) {
         $this->objAjax = new \Ajax(\Input::post('action'));
         $this->objAjax->executePreActions();
     }
     $strTable = \Input::get('table');
     $strField = \Input::get('field');
     // Define the current ID
     define('CURRENT_ID', \Input::get('table') ? $objSession->get('CURRENT_ID') : \Input::get('id'));
     $this->loadDataContainer($strTable);
     $strDriver = 'DC_' . $GLOBALS['TL_DCA'][$strTable]['config']['dataContainer'];
     $objDca = new $strDriver($strTable);
     $objDca->field = $strField;
     // Set the active record
     if ($this->Database->tableExists($strTable)) {
         /** @var Model $strModel */
         $strModel = \Model::getClassFromTable($strTable);
         if (class_exists($strModel)) {
             $objModel = $strModel::findByPk(\Input::get('id'));
             if ($objModel !== null) {
                 $objDca->activeRecord = $objModel;
             }
         }
     }
     // AJAX request
     if ($_POST && \Environment::get('isAjaxRequest')) {
         $this->objAjax->executePostActions($objDca);
     }
     $objSession->set('filePickerRef', \Environment::get('request'));
     $arrValues = array_filter(explode(',', \Input::get('value')));
     // Convert UUIDs to binary
     foreach ($arrValues as $k => $v) {
         // Can be a UUID or a path
         if (\Validator::isStringUuid($v)) {
             $arrValues[$k] = \StringUtil::uuidToBin($v);
         }
     }
     // Call the load_callback
     if (is_array($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'])) {
         foreach ($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'] as $callback) {
             if (is_array($callback)) {
                 $this->import($callback[0]);
                 $arrValues = $this->{$callback[0]}->{$callback[1]}($arrValues, $objDca);
             } elseif (is_callable($callback)) {
                 $arrValues = $callback($arrValues, $objDca);
             }
         }
     }
     /** @var FileSelector $strClass */
     $strClass = $GLOBALS['BE_FFL']['fileSelector'];
     /** @var FileSelector $objFileTree */
     $objFileTree = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$strTable]['fields'][$strField], $strField, $arrValues, $strField, $strTable, $objDca));
     /** @var AttributeBagInterface $objSessionBag */
     $objSessionBag = $objSession->getBag('contao_backend');
     $objTemplate->main = $objFileTree->generate();
     $objTemplate->theme = \Backend::getTheme();
     $objTemplate->base = \Environment::get('base');
     $objTemplate->language = $GLOBALS['TL_LANGUAGE'];
     $objTemplate->title = specialchars($GLOBALS['TL_LANG']['MSC']['filepicker']);
     $objTemplate->charset = \Config::get('characterSet');
     $objTemplate->addSearch = true;
     $objTemplate->search = $GLOBALS['TL_LANG']['MSC']['search'];
     $objTemplate->searchExclude = $GLOBALS['TL_LANG']['MSC']['searchExclude'];
     $objTemplate->action = ampersand(\Environment::get('request'));
     $objTemplate->value = $objSessionBag->get('file_selector_search');
     $objTemplate->manager = $GLOBALS['TL_LANG']['MSC']['fileManager'];
     $objTemplate->managerHref = 'contao/main.php?do=files&amp;popup=1';
     $objTemplate->breadcrumb = $GLOBALS['TL_DCA']['tl_files']['list']['sorting']['breadcrumb'];
     if (\Input::get('switch')) {
         $objTemplate->switch = $GLOBALS['TL_LANG']['MSC']['pagePicker'];
         $objTemplate->switchHref = str_replace('contao/file?', 'contao/page?', ampersand(\Environment::get('request')));
     }
     return $objTemplate->getResponse();
 }
Exemple #11
0
 /**
  * Compare versions
  */
 public function compare()
 {
     $strBuffer = '';
     $arrVersions = array();
     $intTo = 0;
     $intFrom = 0;
     $objVersions = $this->Database->prepare("SELECT * FROM tl_version WHERE pid=? AND fromTable=? ORDER BY version DESC")->execute($this->intPid, $this->strTable);
     if ($objVersions->numRows < 2) {
         $strBuffer = '<p>There are no versions of ' . $this->strTable . '.id=' . $this->intPid . '</p>';
     } else {
         $intIndex = 0;
         $from = array();
         // Store the versions and mark the active one
         while ($objVersions->next()) {
             if ($objVersions->active) {
                 $intIndex = $objVersions->version;
             }
             $arrVersions[$objVersions->version] = $objVersions->row();
             $arrVersions[$objVersions->version]['info'] = $GLOBALS['TL_LANG']['MSC']['version'] . ' ' . $objVersions->version . ' (' . \Date::parse(\Config::get('datimFormat'), $objVersions->tstamp) . ') ' . $objVersions->username;
         }
         // To
         if (\Input::post('to') && isset($arrVersions[\Input::post('to')])) {
             $intTo = \Input::post('to');
             $to = \StringUtil::deserialize($arrVersions[\Input::post('to')]['data']);
         } elseif (\Input::get('to') && isset($arrVersions[\Input::get('to')])) {
             $intTo = \Input::get('to');
             $to = \StringUtil::deserialize($arrVersions[\Input::get('to')]['data']);
         } else {
             $intTo = $intIndex;
             $to = \StringUtil::deserialize($arrVersions[$intTo]['data']);
         }
         // From
         if (\Input::post('from') && isset($arrVersions[\Input::post('from')])) {
             $intFrom = \Input::post('from');
             $from = \StringUtil::deserialize($arrVersions[\Input::post('from')]['data']);
         } elseif (\Input::get('from') && isset($arrVersions[\Input::get('from')])) {
             $intFrom = \Input::get('from');
             $from = \StringUtil::deserialize($arrVersions[\Input::get('from')]['data']);
         } elseif ($intIndex > 1) {
             $intFrom = $intIndex - 1;
             $from = \StringUtil::deserialize($arrVersions[$intFrom]['data']);
         }
         // Only continue if both version numbers are set
         if ($intTo > 0 && $intFrom > 0) {
             \System::loadLanguageFile($this->strTable);
             $this->loadDataContainer($this->strTable);
             // Get the order fields
             $objDcaExtractor = \DcaExtractor::getInstance($this->strTable);
             $arrOrder = $objDcaExtractor->getOrderFields();
             // Find the changed fields and highlight the changes
             foreach ($to as $k => $v) {
                 if ($from[$k] != $to[$k]) {
                     if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['doNotShow'] || $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['hideInput']) {
                         continue;
                     }
                     $blnIsBinary = $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['inputType'] == 'fileTree' || in_array($k, $arrOrder);
                     // Decrypt the values
                     if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['encrypt']) {
                         $to[$k] = \Encryption::decrypt($to[$k]);
                         $from[$k] = \Encryption::decrypt($from[$k]);
                     }
                     // Convert serialized arrays into strings
                     if (is_array($tmp = \StringUtil::deserialize($to[$k])) && !is_array($to[$k])) {
                         $to[$k] = $this->implodeRecursive($tmp, $blnIsBinary);
                     }
                     if (is_array($tmp = \StringUtil::deserialize($from[$k])) && !is_array($from[$k])) {
                         $from[$k] = $this->implodeRecursive($tmp, $blnIsBinary);
                     }
                     unset($tmp);
                     // Convert binary UUIDs to their hex equivalents (see #6365)
                     if ($blnIsBinary && \Validator::isBinaryUuid($to[$k])) {
                         $to[$k] = \StringUtil::binToUuid($to[$k]);
                     }
                     if ($blnIsBinary && \Validator::isBinaryUuid($from[$k])) {
                         $to[$k] = \StringUtil::binToUuid($from[$k]);
                     }
                     // Convert date fields
                     if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'date') {
                         $to[$k] = \Date::parse(\Config::get('dateFormat'), $to[$k] ?: '');
                         $from[$k] = \Date::parse(\Config::get('dateFormat'), $from[$k] ?: '');
                     } elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'time') {
                         $to[$k] = \Date::parse(\Config::get('timeFormat'), $to[$k] ?: '');
                         $from[$k] = \Date::parse(\Config::get('timeFormat'), $from[$k] ?: '');
                     } elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'datim' || $k == 'tstamp') {
                         $to[$k] = \Date::parse(\Config::get('datimFormat'), $to[$k] ?: '');
                         $from[$k] = \Date::parse(\Config::get('datimFormat'), $from[$k] ?: '');
                     }
                     // Convert strings into arrays
                     if (!is_array($to[$k])) {
                         $to[$k] = explode("\n", $to[$k]);
                     }
                     if (!is_array($from[$k])) {
                         $from[$k] = explode("\n", $from[$k]);
                     }
                     $objDiff = new \Diff($from[$k], $to[$k]);
                     $strBuffer .= $objDiff->render(new DiffRenderer(array('field' => $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['label'][0] ?: (isset($GLOBALS['TL_LANG']['MSC'][$k]) ? is_array($GLOBALS['TL_LANG']['MSC'][$k]) ? $GLOBALS['TL_LANG']['MSC'][$k][0] : $GLOBALS['TL_LANG']['MSC'][$k] : $k))));
                 }
             }
         }
     }
     // Identical versions
     if ($strBuffer == '') {
         $strBuffer = '<p>' . $GLOBALS['TL_LANG']['MSC']['identicalVersions'] . '</p>';
     }
     /** @var BackendTemplate|object $objTemplate */
     $objTemplate = new \BackendTemplate('be_diff');
     // Template variables
     $objTemplate->content = $strBuffer;
     $objTemplate->versions = $arrVersions;
     $objTemplate->to = $intTo;
     $objTemplate->from = $intFrom;
     $objTemplate->showLabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']);
     $objTemplate->theme = \Backend::getTheme();
     $objTemplate->base = \Environment::get('base');
     $objTemplate->language = $GLOBALS['TL_LANGUAGE'];
     $objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']);
     $objTemplate->charset = \Config::get('characterSet');
     $objTemplate->action = ampersand(\Environment::get('request'));
     throw new ResponseException($objTemplate->getResponse());
 }
Exemple #12
0
 /**
  * Replace insert tags with their values
  *
  * @param string  $strBuffer The text with the tags to be replaced
  * @param boolean $blnCache  If false, non-cacheable tags will be replaced
  *
  * @return string The text with the replaced tags
  */
 protected function doReplace($strBuffer, $blnCache)
 {
     /** @var PageModel $objPage */
     global $objPage;
     // Preserve insert tags
     if (\Config::get('disableInsertTags')) {
         return \StringUtil::restoreBasicEntities($strBuffer);
     }
     $tags = preg_split('/{{([^{}]+)}}/', $strBuffer, -1, PREG_SPLIT_DELIM_CAPTURE);
     if (count($tags) < 2) {
         return \StringUtil::restoreBasicEntities($strBuffer);
     }
     $strBuffer = '';
     // Create one cache per cache setting (see #7700)
     static $arrItCache;
     $arrCache =& $arrItCache[$blnCache];
     for ($_rit = 0, $_cnt = count($tags); $_rit < $_cnt; $_rit += 2) {
         $strBuffer .= $tags[$_rit];
         $strTag = $tags[$_rit + 1];
         // Skip empty tags
         if ($strTag == '') {
             continue;
         }
         $flags = explode('|', $strTag);
         $tag = array_shift($flags);
         $elements = explode('::', $tag);
         // Load the value from cache
         if (isset($arrCache[$strTag]) && !in_array('refresh', $flags)) {
             $strBuffer .= $arrCache[$strTag];
             continue;
         }
         // Skip certain elements if the output will be cached
         if ($blnCache) {
             if ($elements[0] == 'date' || $elements[0] == 'ua' || $elements[0] == 'post' || $elements[0] == 'file' && !\Validator::isStringUuid($elements[1]) || $elements[1] == 'back' || $elements[1] == 'referer' || $elements[0] == 'request_token' || $elements[0] == 'toggle_view' || strncmp($elements[0], 'cache_', 6) === 0 || in_array('uncached', $flags)) {
                 /** @var FragmentHandler $fragmentHandler */
                 $fragmentHandler = \System::getContainer()->get('fragment.handler');
                 $strBuffer .= $fragmentHandler->render(new ControllerReference('contao.controller.insert_tags:renderAction', ['insertTag' => '{{' . $strTag . '}}']), 'esi');
                 continue;
             }
         }
         $arrCache[$strTag] = '';
         // Replace the tag
         switch (strtolower($elements[0])) {
             // Date
             case 'date':
                 $arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('dateFormat'));
                 break;
                 // Accessibility tags
             // Accessibility tags
             case 'lang':
                 if ($elements[1] == '') {
                     $arrCache[$strTag] = '</span>';
                 } else {
                     $arrCache[$strTag] = $arrCache[$strTag] = '<span lang="' . \StringUtil::specialchars($elements[1]) . '">';
                 }
                 break;
                 // Line break
             // Line break
             case 'br':
                 $arrCache[$strTag] = '<br>';
                 break;
                 // E-mail addresses
             // E-mail addresses
             case 'email':
             case 'email_open':
             case 'email_url':
                 if ($elements[1] == '') {
                     $arrCache[$strTag] = '';
                     break;
                 }
                 $strEmail = \StringUtil::encodeEmail($elements[1]);
                 // Replace the tag
                 switch (strtolower($elements[0])) {
                     case 'email':
                         $arrCache[$strTag] = '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;' . $strEmail . '" class="email">' . preg_replace('/\\?.*$/', '', $strEmail) . '</a>';
                         break;
                     case 'email_open':
                         $arrCache[$strTag] = '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;' . $strEmail . '" title="' . $strEmail . '" class="email">';
                         break;
                     case 'email_url':
                         $arrCache[$strTag] = $strEmail;
                         break;
                 }
                 break;
                 // Label tags
             // Label tags
             case 'label':
                 $keys = explode(':', $elements[1]);
                 if (count($keys) < 2) {
                     $arrCache[$strTag] = '';
                     break;
                 }
                 $file = $keys[0];
                 // Map the key (see #7217)
                 switch ($file) {
                     case 'CNT':
                         $file = 'countries';
                         break;
                     case 'LNG':
                         $file = 'languages';
                         break;
                     case 'MOD':
                     case 'FMD':
                         $file = 'modules';
                         break;
                     case 'FFL':
                         $file = 'tl_form_field';
                         break;
                     case 'CACHE':
                         $file = 'tl_page';
                         break;
                     case 'XPL':
                         $file = 'explain';
                         break;
                     case 'XPT':
                         $file = 'exception';
                         break;
                     case 'MSC':
                     case 'ERR':
                     case 'CTE':
                     case 'PTY':
                     case 'FOP':
                     case 'CHMOD':
                     case 'DAYS':
                     case 'MONTHS':
                     case 'UNITS':
                     case 'CONFIRM':
                     case 'DP':
                     case 'COLS':
                         $file = 'default';
                         break;
                 }
                 \System::loadLanguageFile($file);
                 if (count($keys) == 2) {
                     $arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]];
                 } else {
                     $arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]][$keys[2]];
                 }
                 break;
                 // Front end user
             // Front end user
             case 'user':
                 if (FE_USER_LOGGED_IN) {
                     $this->import('FrontendUser', 'User');
                     $value = $this->User->{$elements[1]};
                     if ($value == '') {
                         $arrCache[$strTag] = $value;
                         break;
                     }
                     $this->loadDataContainer('tl_member');
                     if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['inputType'] == 'password') {
                         $arrCache[$strTag] = '';
                         break;
                     }
                     $value = \StringUtil::deserialize($value);
                     // Decrypt the value
                     if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['encrypt']) {
                         $value = \Encryption::decrypt($value);
                     }
                     $rgxp = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['rgxp'];
                     $opts = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['options'];
                     $rfrc = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['reference'];
                     if ($rgxp == 'date') {
                         $arrCache[$strTag] = \Date::parse(\Config::get('dateFormat'), $value);
                     } elseif ($rgxp == 'time') {
                         $arrCache[$strTag] = \Date::parse(\Config::get('timeFormat'), $value);
                     } elseif ($rgxp == 'datim') {
                         $arrCache[$strTag] = \Date::parse(\Config::get('datimFormat'), $value);
                     } elseif (is_array($value)) {
                         $arrCache[$strTag] = implode(', ', $value);
                     } elseif (is_array($opts) && array_is_assoc($opts)) {
                         $arrCache[$strTag] = isset($opts[$value]) ? $opts[$value] : $value;
                     } elseif (is_array($rfrc)) {
                         $arrCache[$strTag] = isset($rfrc[$value]) ? is_array($rfrc[$value]) ? $rfrc[$value][0] : $rfrc[$value] : $value;
                     } else {
                         $arrCache[$strTag] = $value;
                     }
                     // Convert special characters (see #1890)
                     $arrCache[$strTag] = \StringUtil::specialchars($arrCache[$strTag]);
                 }
                 break;
                 // Link
             // Link
             case 'link':
             case 'link_open':
             case 'link_url':
             case 'link_title':
             case 'link_target':
             case 'link_name':
                 $strTarget = null;
                 // Back link
                 if ($elements[1] == 'back') {
                     $strUrl = 'javascript:history.go(-1)';
                     $strTitle = $GLOBALS['TL_LANG']['MSC']['goBack'];
                     // No language files if the page is cached
                     if (!strlen($strTitle)) {
                         $strTitle = 'Go back';
                     }
                     $strName = $strTitle;
                 } elseif (strncmp($elements[1], 'http://', 7) === 0 || strncmp($elements[1], 'https://', 8) === 0) {
                     $strUrl = $elements[1];
                     $strTitle = $elements[1];
                     $strName = str_replace(array('http://', 'https://'), '', $elements[1]);
                 } else {
                     // User login page
                     if ($elements[1] == 'login') {
                         if (!FE_USER_LOGGED_IN) {
                             break;
                         }
                         $this->import('FrontendUser', 'User');
                         $elements[1] = $this->User->loginPage;
                     }
                     $objNextPage = \PageModel::findByIdOrAlias($elements[1]);
                     if ($objNextPage === null) {
                         break;
                     }
                     // Page type specific settings (thanks to Andreas Schempp)
                     switch ($objNextPage->type) {
                         case 'redirect':
                             $strUrl = $objNextPage->url;
                             if (strncasecmp($strUrl, 'mailto:', 7) === 0) {
                                 $strUrl = \StringUtil::encodeEmail($strUrl);
                             }
                             break;
                         case 'forward':
                             if ($objNextPage->jumpTo) {
                                 /** @var PageModel $objNext */
                                 $objNext = $objNextPage->getRelated('jumpTo');
                             } else {
                                 $objNext = \PageModel::findFirstPublishedRegularByPid($objNextPage->id);
                             }
                             if ($objNext instanceof PageModel) {
                                 $strUrl = $objNext->getFrontendUrl();
                                 break;
                             }
                             // DO NOT ADD A break; STATEMENT
                         // DO NOT ADD A break; STATEMENT
                         default:
                             $strUrl = $objNextPage->getFrontendUrl();
                             break;
                     }
                     $strName = $objNextPage->title;
                     $strTarget = $objNextPage->target ? ' target="_blank"' : '';
                     $strTitle = $objNextPage->pageTitle ?: $objNextPage->title;
                 }
                 // Replace the tag
                 switch (strtolower($elements[0])) {
                     case 'link':
                         $arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>%s</a>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget, $strName);
                         break;
                     case 'link_open':
                         $arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget);
                         break;
                     case 'link_url':
                         $arrCache[$strTag] = $strUrl;
                         break;
                     case 'link_title':
                         $arrCache[$strTag] = \StringUtil::specialchars($strTitle);
                         break;
                     case 'link_target':
                         $arrCache[$strTag] = $strTarget;
                         break;
                     case 'link_name':
                         $arrCache[$strTag] = $strName;
                         break;
                 }
                 break;
                 // Closing link tag
             // Closing link tag
             case 'link_close':
             case 'email_close':
                 $arrCache[$strTag] = '</a>';
                 break;
                 // Insert article
             // Insert article
             case 'insert_article':
                 if (($strOutput = $this->getArticle($elements[1], false, true)) !== false) {
                     $arrCache[$strTag] = ltrim($strOutput);
                 } else {
                     $arrCache[$strTag] = '<p class="error">' . sprintf($GLOBALS['TL_LANG']['MSC']['invalidPage'], $elements[1]) . '</p>';
                 }
                 break;
                 // Insert content element
             // Insert content element
             case 'insert_content':
                 $arrCache[$strTag] = $this->getContentElement($elements[1]);
                 break;
                 // Insert module
             // Insert module
             case 'insert_module':
                 $arrCache[$strTag] = $this->getFrontendModule($elements[1]);
                 break;
                 // Insert form
             // Insert form
             case 'insert_form':
                 $arrCache[$strTag] = $this->getForm($elements[1]);
                 break;
                 // Article
             // Article
             case 'article':
             case 'article_open':
             case 'article_url':
             case 'article_title':
                 if (($objArticle = \ArticleModel::findByIdOrAlias($elements[1])) === null || !($objPid = $objArticle->getRelated('pid')) instanceof PageModel) {
                     break;
                 }
                 /** @var PageModel $objPid */
                 $strUrl = $objPid->getFrontendUrl('/articles/' . ($objArticle->alias ?: $objArticle->id));
                 // Replace the tag
                 switch (strtolower($elements[0])) {
                     case 'article':
                         $arrCache[$strTag] = sprintf('<a href="%s" title="%s">%s</a>', $strUrl, \StringUtil::specialchars($objArticle->title), $objArticle->title);
                         break;
                     case 'article_open':
                         $arrCache[$strTag] = sprintf('<a href="%s" title="%s">', $strUrl, \StringUtil::specialchars($objArticle->title));
                         break;
                     case 'article_url':
                         $arrCache[$strTag] = $strUrl;
                         break;
                     case 'article_title':
                         $arrCache[$strTag] = \StringUtil::specialchars($objArticle->title);
                         break;
                 }
                 break;
                 // Article teaser
             // Article teaser
             case 'article_teaser':
                 $objTeaser = \ArticleModel::findByIdOrAlias($elements[1]);
                 if ($objTeaser !== null) {
                     $arrCache[$strTag] = \StringUtil::toHtml5($objTeaser->teaser);
                 }
                 break;
                 // Last update
             // Last update
             case 'last_update':
                 $strQuery = "SELECT MAX(tstamp) AS tc";
                 $bundles = \System::getContainer()->getParameter('kernel.bundles');
                 if (isset($bundles['ContaoNewsBundle'])) {
                     $strQuery .= ", (SELECT MAX(tstamp) FROM tl_news) AS tn";
                 }
                 if (isset($bundles['ContaoCalendarBundle'])) {
                     $strQuery .= ", (SELECT MAX(tstamp) FROM tl_calendar_events) AS te";
                 }
                 $strQuery .= " FROM tl_content";
                 $objUpdate = \Database::getInstance()->query($strQuery);
                 if ($objUpdate->numRows) {
                     $arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('datimFormat'), max($objUpdate->tc, $objUpdate->tn, $objUpdate->te));
                 }
                 break;
                 // Version
             // Version
             case 'version':
                 $arrCache[$strTag] = VERSION . '.' . BUILD;
                 break;
                 // Request token
             // Request token
             case 'request_token':
                 $arrCache[$strTag] = REQUEST_TOKEN;
                 break;
                 // POST data
             // POST data
             case 'post':
                 $arrCache[$strTag] = \Input::post($elements[1]);
                 break;
                 // Mobile/desktop toggle (see #6469)
             // Mobile/desktop toggle (see #6469)
             case 'toggle_view':
                 $strUrl = ampersand(\Environment::get('request'));
                 $strGlue = strpos($strUrl, '?') === false ? '?' : '&amp;';
                 if (\Input::cookie('TL_VIEW') == 'mobile' || \Environment::get('agent')->mobile && \Input::cookie('TL_VIEW') != 'desktop') {
                     $arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=desktop" class="toggle_desktop" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleDesktop'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleDesktop'][0] . '</a>';
                 } else {
                     $arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=mobile" class="toggle_mobile" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleMobile'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleMobile'][0] . '</a>';
                 }
                 break;
                 // Conditional tags (if)
             // Conditional tags (if)
             case 'iflng':
                 if ($elements[1] != '' && $elements[1] != $objPage->language) {
                     for (; $_rit < $_cnt; $_rit += 2) {
                         if ($tags[$_rit + 1] == 'iflng' || $tags[$_rit + 1] == 'iflng::' . $objPage->language) {
                             break;
                         }
                     }
                 }
                 unset($arrCache[$strTag]);
                 break;
                 // Conditional tags (if not)
             // Conditional tags (if not)
             case 'ifnlng':
                 if ($elements[1] != '') {
                     $langs = \StringUtil::trimsplit(',', $elements[1]);
                     if (in_array($objPage->language, $langs)) {
                         for (; $_rit < $_cnt; $_rit += 2) {
                             if ($tags[$_rit + 1] == 'ifnlng') {
                                 break;
                             }
                         }
                     }
                 }
                 unset($arrCache[$strTag]);
                 break;
                 // Environment
             // Environment
             case 'env':
                 switch ($elements[1]) {
                     case 'host':
                         $arrCache[$strTag] = \Idna::decode(\Environment::get('host'));
                         break;
                     case 'http_host':
                         $arrCache[$strTag] = \Idna::decode(\Environment::get('httpHost'));
                         break;
                     case 'url':
                         $arrCache[$strTag] = \Idna::decode(\Environment::get('url'));
                         break;
                     case 'path':
                         $arrCache[$strTag] = \Idna::decode(\Environment::get('base'));
                         break;
                     case 'request':
                         $arrCache[$strTag] = \Environment::get('indexFreeRequest');
                         break;
                     case 'ip':
                         $arrCache[$strTag] = \Environment::get('ip');
                         break;
                     case 'referer':
                         $arrCache[$strTag] = $this->getReferer(true);
                         break;
                     case 'files_url':
                         $arrCache[$strTag] = TL_FILES_URL;
                         break;
                     case 'assets_url':
                     case 'plugins_url':
                     case 'script_url':
                         $arrCache[$strTag] = TL_ASSETS_URL;
                         break;
                     case 'base_url':
                         $arrCache[$strTag] = \System::getContainer()->get('request_stack')->getCurrentRequest()->getBaseUrl();
                         break;
                 }
                 break;
                 // Page
             // Page
             case 'page':
                 if ($elements[1] == 'pageTitle' && $objPage->pageTitle == '') {
                     $elements[1] = 'title';
                 } elseif ($elements[1] == 'parentPageTitle' && $objPage->parentPageTitle == '') {
                     $elements[1] = 'parentTitle';
                 } elseif ($elements[1] == 'mainPageTitle' && $objPage->mainPageTitle == '') {
                     $elements[1] = 'mainTitle';
                 }
                 // Do not use \StringUtil::specialchars() here (see #4687)
                 $arrCache[$strTag] = $objPage->{$elements[1]};
                 break;
                 // User agent
             // User agent
             case 'ua':
                 $ua = \Environment::get('agent');
                 if ($elements[1] != '') {
                     $arrCache[$strTag] = $ua->{$elements[1]};
                 } else {
                     $arrCache[$strTag] = '';
                 }
                 break;
                 // Abbreviations
             // Abbreviations
             case 'abbr':
             case 'acronym':
                 if ($elements[1] != '') {
                     $arrCache[$strTag] = '<abbr title="' . \StringUtil::specialchars($elements[1]) . '">';
                 } else {
                     $arrCache[$strTag] = '</abbr>';
                 }
                 break;
                 // Images
             // Images
             case 'image':
             case 'picture':
                 $width = null;
                 $height = null;
                 $alt = '';
                 $class = '';
                 $rel = '';
                 $strFile = $elements[1];
                 $mode = '';
                 $size = null;
                 $strTemplate = 'picture_default';
                 // Take arguments
                 if (strpos($elements[1], '?') !== false) {
                     $arrChunks = explode('?', urldecode($elements[1]), 2);
                     $strSource = \StringUtil::decodeEntities($arrChunks[1]);
                     $strSource = str_replace('[&]', '&', $strSource);
                     $arrParams = explode('&', $strSource);
                     foreach ($arrParams as $strParam) {
                         list($key, $value) = explode('=', $strParam);
                         switch ($key) {
                             case 'width':
                                 $width = $value;
                                 break;
                             case 'height':
                                 $height = $value;
                                 break;
                             case 'alt':
                                 $alt = $value;
                                 break;
                             case 'class':
                                 $class = $value;
                                 break;
                             case 'rel':
                                 $rel = $value;
                                 break;
                             case 'mode':
                                 $mode = $value;
                                 break;
                             case 'size':
                                 $size = (int) $value;
                                 break;
                             case 'template':
                                 $strTemplate = preg_replace('/[^a-z0-9_]/i', '', $value);
                                 break;
                         }
                     }
                     $strFile = $arrChunks[0];
                 }
                 if (\Validator::isUuid($strFile)) {
                     // Handle UUIDs
                     $objFile = \FilesModel::findByUuid($strFile);
                     if ($objFile === null) {
                         $arrCache[$strTag] = '';
                         break;
                     }
                     $strFile = $objFile->path;
                 } elseif (is_numeric($strFile)) {
                     // Handle numeric IDs (see #4805)
                     $objFile = \FilesModel::findByPk($strFile);
                     if ($objFile === null) {
                         $arrCache[$strTag] = '';
                         break;
                     }
                     $strFile = $objFile->path;
                 } else {
                     // Check the path
                     if (\Validator::isInsecurePath($strFile)) {
                         throw new \RuntimeException('Invalid path ' . $strFile);
                     }
                 }
                 // Check the maximum image width
                 if (\Config::get('maxImageWidth') > 0 && $width > \Config::get('maxImageWidth')) {
                     $width = \Config::get('maxImageWidth');
                     $height = null;
                 }
                 // Generate the thumbnail image
                 try {
                     // Image
                     if (strtolower($elements[0]) == 'image') {
                         $dimensions = '';
                         $src = \System::getContainer()->get('contao.image.image_factory')->create(TL_ROOT . '/' . rawurldecode($strFile), array($width, $height, $mode))->getUrl(TL_ROOT);
                         $objFile = new \File(rawurldecode($src));
                         // Add the image dimensions
                         if (($imgSize = $objFile->imageSize) !== false) {
                             $dimensions = ' width="' . \StringUtil::specialchars($imgSize[0]) . '" height="' . \StringUtil::specialchars($imgSize[1]) . '"';
                         }
                         $arrCache[$strTag] = '<img src="' . TL_FILES_URL . $src . '" ' . $dimensions . ' alt="' . \StringUtil::specialchars($alt) . '"' . ($class != '' ? ' class="' . \StringUtil::specialchars($class) . '"' : '') . '>';
                     } else {
                         $picture = \System::getContainer()->get('contao.image.picture_factory')->create(TL_ROOT . '/' . $strFile, $size);
                         $picture = array('img' => $picture->getImg(TL_ROOT), 'sources' => $picture->getSources(TL_ROOT));
                         $picture['alt'] = $alt;
                         $picture['class'] = $class;
                         $pictureTemplate = new \FrontendTemplate($strTemplate);
                         $pictureTemplate->setData($picture);
                         $arrCache[$strTag] = $pictureTemplate->parse();
                     }
                     // Add a lightbox link
                     if ($rel != '') {
                         if (strncmp($rel, 'lightbox', 8) !== 0) {
                             $attribute = ' rel="' . \StringUtil::specialchars($rel) . '"';
                         } else {
                             $attribute = ' data-lightbox="' . \StringUtil::specialchars(substr($rel, 8)) . '"';
                         }
                         $arrCache[$strTag] = '<a href="' . TL_FILES_URL . $strFile . '"' . ($alt != '' ? ' title="' . \StringUtil::specialchars($alt) . '"' : '') . $attribute . '>' . $arrCache[$strTag] . '</a>';
                     }
                 } catch (\Exception $e) {
                     $arrCache[$strTag] = '';
                 }
                 break;
                 // Files (UUID or template path)
             // Files (UUID or template path)
             case 'file':
                 if (\Validator::isUuid($elements[1])) {
                     $objFile = \FilesModel::findByUuid($elements[1]);
                     if ($objFile !== null) {
                         $arrCache[$strTag] = $objFile->path;
                         break;
                     }
                 }
                 $arrGet = $_GET;
                 \Input::resetCache();
                 $strFile = $elements[1];
                 // Take arguments and add them to the $_GET array
                 if (strpos($elements[1], '?') !== false) {
                     $arrChunks = explode('?', urldecode($elements[1]));
                     $strSource = \StringUtil::decodeEntities($arrChunks[1]);
                     $strSource = str_replace('[&]', '&', $strSource);
                     $arrParams = explode('&', $strSource);
                     foreach ($arrParams as $strParam) {
                         $arrParam = explode('=', $strParam);
                         $_GET[$arrParam[0]] = $arrParam[1];
                     }
                     $strFile = $arrChunks[0];
                 }
                 // Check the path
                 if (\Validator::isInsecurePath($strFile)) {
                     throw new \RuntimeException('Invalid path ' . $strFile);
                 }
                 // Include .php, .tpl, .xhtml and .html5 files
                 if (preg_match('/\\.(php|tpl|xhtml|html5)$/', $strFile) && file_exists(TL_ROOT . '/templates/' . $strFile)) {
                     ob_start();
                     include TL_ROOT . '/templates/' . $strFile;
                     $arrCache[$strTag] = ob_get_clean();
                 }
                 $_GET = $arrGet;
                 \Input::resetCache();
                 break;
                 // HOOK: pass unknown tags to callback functions
             // HOOK: pass unknown tags to callback functions
             default:
                 if (isset($GLOBALS['TL_HOOKS']['replaceInsertTags']) && is_array($GLOBALS['TL_HOOKS']['replaceInsertTags'])) {
                     foreach ($GLOBALS['TL_HOOKS']['replaceInsertTags'] as $callback) {
                         $this->import($callback[0]);
                         $varValue = $this->{$callback[0]}->{$callback[1]}($tag, $blnCache, $arrCache[$strTag], $flags, $tags, $arrCache, $_rit, $_cnt);
                         // see #6672
                         // Replace the tag and stop the loop
                         if ($varValue !== false) {
                             $arrCache[$strTag] = $varValue;
                             break;
                         }
                     }
                 }
                 \System::getContainer()->get('monolog.logger.contao')->log(LogLevel::INFO, 'Unknown insert tag: ' . $strTag);
                 break;
         }
         // Handle the flags
         if (!empty($flags)) {
             foreach ($flags as $flag) {
                 switch ($flag) {
                     case 'addslashes':
                     case 'standardize':
                     case 'ampersand':
                     case 'specialchars':
                     case 'nl2br':
                     case 'nl2br_pre':
                     case 'strtolower':
                     case 'utf8_strtolower':
                     case 'strtoupper':
                     case 'utf8_strtoupper':
                     case 'ucfirst':
                     case 'lcfirst':
                     case 'ucwords':
                     case 'trim':
                     case 'rtrim':
                     case 'ltrim':
                     case 'utf8_romanize':
                     case 'urlencode':
                     case 'rawurlencode':
                         $arrCache[$strTag] = $flag($arrCache[$strTag]);
                         break;
                     case 'encodeEmail':
                         $arrCache[$strTag] = \StringUtil::$flag($arrCache[$strTag]);
                         break;
                     case 'number_format':
                         $arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 0);
                         break;
                     case 'currency_format':
                         $arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 2);
                         break;
                     case 'readable_size':
                         $arrCache[$strTag] = \System::getReadableSize($arrCache[$strTag]);
                         break;
                     case 'flatten':
                         if (!is_array($arrCache[$strTag])) {
                             break;
                         }
                         $it = new \RecursiveIteratorIterator(new \RecursiveArrayIterator($arrCache[$strTag]));
                         $result = array();
                         foreach ($it as $leafValue) {
                             $keys = array();
                             foreach (range(0, $it->getDepth()) as $depth) {
                                 $keys[] = $it->getSubIterator($depth)->key();
                             }
                             $result[] = implode('.', $keys) . ': ' . $leafValue;
                         }
                         $arrCache[$strTag] = implode(', ', $result);
                         break;
                         // HOOK: pass unknown flags to callback functions
                     // HOOK: pass unknown flags to callback functions
                     default:
                         if (isset($GLOBALS['TL_HOOKS']['insertTagFlags']) && is_array($GLOBALS['TL_HOOKS']['insertTagFlags'])) {
                             foreach ($GLOBALS['TL_HOOKS']['insertTagFlags'] as $callback) {
                                 $this->import($callback[0]);
                                 $varValue = $this->{$callback[0]}->{$callback[1]}($flag, $tag, $arrCache[$strTag], $flags, $blnCache, $tags, $arrCache, $_rit, $_cnt);
                                 // see #5806
                                 // Replace the tag and stop the loop
                                 if ($varValue !== false) {
                                     $arrCache[$strTag] = $varValue;
                                     break;
                                 }
                             }
                         }
                         \System::getContainer()->get('monolog.logger.contao')->log(LogLevel::INFO, 'Unknown insert tag flag: ' . $flag);
                         break;
                 }
             }
         }
         $strBuffer .= $arrCache[$strTag];
     }
     return \StringUtil::restoreBasicEntities($strBuffer);
 }
 protected function addSubscriber()
 {
     $varInput = Idna::encodeEmail(Input::post('email', true));
     // Validate the e-mail address
     if (!Validator::isEmail($varInput)) {
         $_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
         $this->reload();
     }
     $objCleverReach = new CleverReach();
     foreach ($this->clr_groups as $strGroupId) {
         $objCleverReach->addReceiver($varInput, $strGroupId);
     }
     $objCleverReach->sendActivationMail($varInput, $this->clr_form);
     // Redirect to the jumpTo page
     if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
         $this->redirect($this->generateFrontendUrl($objTarget->row()));
     }
     $_SESSION['SUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_confirm'];
     $this->reload();
 }
 /**
  * Create an admin user
  */
 protected function createAdminUser()
 {
     try {
         $objAdmin = $this->Database->execute("SELECT COUNT(*) AS count FROM tl_user WHERE admin=1");
         if ($objAdmin->count > 0) {
             $this->Template->adminCreated = true;
         } elseif (\Input::post('FORM_SUBMIT') == 'tl_admin') {
             // Do not allow special characters in usernames
             if (preg_match('/[#\\(\\)\\/<=>]/', \Input::post('username', true))) {
                 $this->Template->usernameError = $GLOBALS['TL_LANG']['ERR']['extnd'];
             } elseif (strpos(\Input::post('username', true), ' ') !== false) {
                 $this->Template->usernameError = sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $GLOBALS['TL_LANG']['MSC']['username']);
             } elseif (!\Validator::isEmail(\Input::post('email', true))) {
                 $this->Template->emailError = $GLOBALS['TL_LANG']['ERR']['email'];
             } elseif (\Input::post('pass', true) != \Input::post('confirm_pass', true)) {
                 $this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordMatch'];
             } elseif (utf8_strlen(\Input::post('pass', true)) < \Config::get('minPasswordLength')) {
                 $this->Template->passwordError = sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength'));
             } elseif (\Input::post('pass', true) == \Input::post('username', true)) {
                 $this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordName'];
             } elseif (\Input::post('name') != '' && \Input::post('email', true) != '' && \Input::post('username', true) != '') {
                 $time = time();
                 $strPassword = \Encryption::hash(\Input::post('pass', true));
                 $this->Database->prepare("INSERT INTO tl_user (tstamp, name, email, username, password, language, backendTheme, admin, showHelp, useRTE, useCE, thumbnails, dateAdded) VALUES ({$time}, ?, ?, ?, ?, ?, ?, 1, 1, 1, 1, 1, {$time})")->execute(\Input::post('name'), \Input::post('email', true), \Input::post('username', true), $strPassword, str_replace('-', '_', $GLOBALS['TL_LANGUAGE']), \Config::get('backendTheme'));
                 \Config::persist('adminEmail', \Input::post('email', true));
                 // Scan the upload folder (see #6134)
                 if ($this->Database->tableExists('tl_files') && $this->Database->query("SELECT COUNT(*) AS count FROM tl_files")->count < 1) {
                     $this->import('Database\\Updater', 'Updater');
                     $this->Updater->scanUploadFolder();
                 }
                 $this->reload();
             }
             $this->Template->adminName = \Input::post('name');
             $this->Template->adminEmail = \Input::post('email', true);
             $this->Template->adminUser = \Input::post('username', true);
         }
     } catch (ResponseException $e) {
         throw $e;
         // see #267
     } catch (\Exception $e) {
         $this->Template->adminCreated = false;
     }
 }
Exemple #15
0
 /**
  * Validate an e-mail address
  *
  * @param string $strEmail The e-mail address
  *
  * @return boolean True if it is a valid e-mail address
  *
  * @deprecated Deprecated since Contao 4.0, to be removed in Contao 5.0.
  *             Use Validator::isEmail() instead.
  */
 protected function isValidEmailAddress($strEmail)
 {
     @trigger_error('Using System::isValidEmailAddress() has been deprecated and will no longer work in Contao 5.0. Use Validator::isEmail() instead.', E_USER_DEPRECATED);
     return \Validator::isEmail($strEmail);
 }
Exemple #16
0
 /**
  * Tests the isEmail() method.
  *
  * @param string $email    The email
  * @param bool   $expected The expected result
  *
  * @dataProvider emailProvider
  */
 public function testEmail($email, $expected)
 {
     $this->assertEquals($expected, Validator::isEmail($email), 'Original: ' . $email . ' idna: ' . Idna::encodeEmail($email));
 }
Exemple #17
0
 /**
  * Validate the subscription form
  *
  * @param Widget $objWidget
  *
  * @return array|bool
  */
 protected function validateForm(Widget $objWidget = null)
 {
     // Validate the e-mail address
     $varInput = \Idna::encodeEmail(\Input::post('email', true));
     if (!\Validator::isEmail($varInput)) {
         $this->Template->mclass = 'error';
         $this->Template->message = $GLOBALS['TL_LANG']['ERR']['email'];
         return false;
     }
     $this->Template->email = $varInput;
     // Validate the channel selection
     $arrChannels = \Input::post('channels');
     if (!is_array($arrChannels)) {
         $this->Template->mclass = 'error';
         $this->Template->message = $GLOBALS['TL_LANG']['ERR']['noChannels'];
         return false;
     }
     $arrChannels = array_intersect($arrChannels, $this->nl_channels);
     // see #3240
     if (!is_array($arrChannels) || empty($arrChannels)) {
         $this->Template->mclass = 'error';
         $this->Template->message = $GLOBALS['TL_LANG']['ERR']['noChannels'];
         return false;
     }
     $this->Template->selectedChannels = $arrChannels;
     // Check if there are any new subscriptions
     $arrSubscriptions = array();
     if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) {
         $arrSubscriptions = $objSubscription->fetchEach('pid');
     }
     $arrRemove = array_intersect($arrChannels, $arrSubscriptions);
     if (!is_array($arrRemove) || empty($arrRemove)) {
         $this->Template->mclass = 'error';
         $this->Template->message = $GLOBALS['TL_LANG']['ERR']['unsubscribed'];
         return false;
     }
     // Validate the captcha
     if ($objWidget !== null) {
         $objWidget->validate();
         if ($objWidget->hasErrors()) {
             return false;
         }
     }
     return array($varInput, $arrRemove);
 }
Exemple #18
0
    /**
     * Add a breadcrumb menu to the file tree
     *
     * @param string $strKey
     *
     * @throws AccessDeniedException
     * @throws \RuntimeException
     */
    public static function addFilesBreadcrumb($strKey = 'tl_files_node')
    {
        /** @var AttributeBagInterface $objSession */
        $objSession = \System::getContainer()->get('session')->getBag('contao_backend');
        // Set a new node
        if (isset($_GET['fn'])) {
            // Check the path (thanks to Arnaud Buchoux)
            if (\Validator::isInsecurePath(\Input::get('fn', true))) {
                throw new \RuntimeException('Insecure path ' . \Input::get('fn', true));
            }
            $objSession->set($strKey, \Input::get('fn', true));
            \Controller::redirect(preg_replace('/(&|\\?)fn=[^&]*/', '', \Environment::get('request')));
        }
        $strNode = $objSession->get($strKey);
        if ($strNode == '') {
            return;
        }
        // Check the path (thanks to Arnaud Buchoux)
        if (\Validator::isInsecurePath($strNode)) {
            throw new \RuntimeException('Insecure path ' . $strNode);
        }
        // Currently selected folder does not exist
        if (!is_dir(TL_ROOT . '/' . $strNode)) {
            $objSession->set($strKey, '');
            return;
        }
        $objUser = \BackendUser::getInstance();
        $strPath = \Config::get('uploadPath');
        $arrNodes = explode('/', preg_replace('/^' . preg_quote(\Config::get('uploadPath'), '/') . '\\//', '', $strNode));
        $arrLinks = array();
        // Add root link
        $arrLinks[] = \Image::getHtml('filemounts.svg') . ' <a href="' . \Backend::addToUrl('fn=') . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectAllNodes']) . '">' . $GLOBALS['TL_LANG']['MSC']['filterAll'] . '</a>';
        // Generate breadcrumb trail
        foreach ($arrNodes as $strFolder) {
            $strPath .= '/' . $strFolder;
            // Do not show pages which are not mounted
            if (!$objUser->hasAccess($strPath, 'filemounts')) {
                continue;
            }
            // No link for the active folder
            if ($strPath == $strNode) {
                $arrLinks[] = \Image::getHtml('folderC.svg') . ' ' . $strFolder;
            } else {
                $arrLinks[] = \Image::getHtml('folderC.svg') . ' <a href="' . \Backend::addToUrl('fn=' . $strPath) . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectNode']) . '">' . $strFolder . '</a>';
            }
        }
        // Check whether the node is mounted
        if (!$objUser->hasAccess($strNode, 'filemounts')) {
            $objSession->set($strKey, '');
            throw new AccessDeniedException('Folder ID "' . $strNode . '" is not mounted');
        }
        // Limit tree
        $GLOBALS['TL_DCA']['tl_files']['list']['sorting']['root'] = array($strNode);
        // Insert breadcrumb menu
        $GLOBALS['TL_DCA']['tl_files']['list']['sorting']['breadcrumb'] .= '

<ul id="tl_breadcrumb">
  <li>' . implode(' &gt; </li><li>', $arrLinks) . '</li>
</ul>';
    }
Exemple #19
0
 /**
  * Add templates to the archive
  *
  * @param ZipWriter $objArchive
  * @param string    $strFolder
  */
 protected function addTemplatesToArchive(ZipWriter $objArchive, $strFolder)
 {
     // Strip the templates folder name
     $strFolder = preg_replace('@^templates/@', '', $strFolder);
     // Re-add the templates folder name
     if ($strFolder == '') {
         $strFolder = 'templates';
     } else {
         $strFolder = 'templates/' . $strFolder;
     }
     if (\Validator::isInsecurePath($strFolder)) {
         throw new \RuntimeException('Insecure path ' . $strFolder);
     }
     // Return if the folder does not exist
     if (!is_dir(TL_ROOT . '/' . $strFolder)) {
         return;
     }
     $arrAllowed = \StringUtil::trimsplit(',', strtolower(\Config::get('templateFiles')));
     array_push($arrAllowed, 'sql');
     // see #7048
     // Add all template files to the archive
     foreach (scan(TL_ROOT . '/' . $strFolder) as $strFile) {
         if (preg_match('/\\.(' . implode('|', $arrAllowed) . ')$/', $strFile) && strncmp($strFile, 'be_', 3) !== 0 && strncmp($strFile, 'nl_', 3) !== 0) {
             $objArchive->addFile($strFolder . '/' . $strFile);
         }
     }
 }
Exemple #20
0
 /**
  * Recursively validate an input variable
  *
  * @param mixed $varInput The user input
  *
  * @return mixed The original or modified user input
  */
 protected function validator($varInput)
 {
     if (is_array($varInput)) {
         foreach ($varInput as $k => $v) {
             $varInput[$k] = $this->validator($v);
         }
         return $varInput;
     }
     if (!$this->doNotTrim) {
         $varInput = trim($varInput);
     }
     if ($varInput == '') {
         if (!$this->mandatory) {
             return '';
         } else {
             if ($this->strLabel == '') {
                 $this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
             } else {
                 $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
             }
         }
     }
     if ($this->minlength && $varInput != '' && Utf8::strlen($varInput) < $this->minlength) {
         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength));
     }
     if ($this->maxlength && $varInput != '' && Utf8::strlen($varInput) > $this->maxlength) {
         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength));
     }
     if ($this->minval && is_numeric($varInput) && $varInput < $this->minval) {
         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minval'], $this->strLabel, $this->minval));
     }
     if ($this->maxval && is_numeric($varInput) && $varInput > $this->maxval) {
         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxval'], $this->strLabel, $this->maxval));
     }
     if ($this->rgxp != '') {
         switch ($this->rgxp) {
             // Special validation rule for style sheets
             case strncmp($this->rgxp, 'digit_', 6) === 0:
                 $textual = explode('_', $this->rgxp);
                 array_shift($textual);
                 if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) {
                     break;
                 }
                 // DO NOT ADD A break; STATEMENT HERE
                 // Numeric characters (including full stop [.] and minus [-])
             // DO NOT ADD A break; STATEMENT HERE
             // Numeric characters (including full stop [.] and minus [-])
             case 'digit':
                 // Support decimal commas and convert them automatically (see #3488)
                 if (substr_count($varInput, ',') == 1 && strpos($varInput, '.') === false) {
                     $varInput = str_replace(',', '.', $varInput);
                 }
                 if (!\Validator::isNumeric($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel));
                 }
                 break;
                 // Natural numbers (positive integers)
             // Natural numbers (positive integers)
             case 'natural':
                 if (!\Validator::isNatural($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['natural'], $this->strLabel));
                 }
                 break;
                 // Alphabetic characters (including full stop [.] minus [-] and space [ ])
             // Alphabetic characters (including full stop [.] minus [-] and space [ ])
             case 'alpha':
                 if (!\Validator::isAlphabetic($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel));
                 }
                 break;
                 // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
             // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
             case 'alnum':
                 if (!\Validator::isAlphanumeric($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel));
                 }
                 break;
                 // Do not allow any characters that are usually encoded by class Input ([#<>()\=])
             // Do not allow any characters that are usually encoded by class Input ([#<>()\=])
             case 'extnd':
                 if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a valid date format
             // Check whether the current value is a valid date format
             case 'date':
                 if (!\Validator::isDate($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], \Date::getInputFormat(\Date::getNumericDateFormat())));
                 } else {
                     // Validate the date (see #5086)
                     try {
                         new \Date($varInput, \Date::getNumericDateFormat());
                     } catch (\OutOfBoundsException $e) {
                         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
                     }
                 }
                 break;
                 // Check whether the current value is a valid time format
             // Check whether the current value is a valid time format
             case 'time':
                 if (!\Validator::isTime($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], \Date::getInputFormat(\Date::getNumericTimeFormat())));
                 }
                 break;
                 // Check whether the current value is a valid date and time format
             // Check whether the current value is a valid date and time format
             case 'datim':
                 if (!\Validator::isDatim($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], \Date::getInputFormat(\Date::getNumericDatimFormat())));
                 } else {
                     // Validate the date (see #5086)
                     try {
                         new \Date($varInput, \Date::getNumericDatimFormat());
                     } catch (\OutOfBoundsException $e) {
                         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
                     }
                 }
                 break;
                 // Check whether the current value is a valid friendly name e-mail address
             // Check whether the current value is a valid friendly name e-mail address
             case 'friendly':
                 list($strName, $varInput) = \StringUtil::splitFriendlyEmail($varInput);
                 // no break;
                 // Check whether the current value is a valid e-mail address
             // no break;
             // Check whether the current value is a valid e-mail address
             case 'email':
                 if (!\Validator::isEmail($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel));
                 }
                 if ($this->rgxp == 'friendly' && !empty($strName)) {
                     $varInput = $strName . ' [' . $varInput . ']';
                 }
                 break;
                 // Check whether the current value is list of valid e-mail addresses
             // Check whether the current value is list of valid e-mail addresses
             case 'emails':
                 $arrEmails = \StringUtil::trimsplit(',', $varInput);
                 foreach ($arrEmails as $strEmail) {
                     $strEmail = \Idna::encodeEmail($strEmail);
                     if (!\Validator::isEmail($strEmail)) {
                         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel));
                         break;
                     }
                 }
                 break;
                 // Check whether the current value is a valid URL
             // Check whether the current value is a valid URL
             case 'url':
                 if (!\Validator::isUrl($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a valid alias
             // Check whether the current value is a valid alias
             case 'alias':
                 if (!\Validator::isAlias($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a valid folder URL alias
             // Check whether the current value is a valid folder URL alias
             case 'folderalias':
                 if (!\Validator::isFolderAlias($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel));
                 }
                 break;
                 // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
             // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
             case 'phone':
                 if (!\Validator::isPhone(html_entity_decode($varInput))) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a percent value
             // Check whether the current value is a percent value
             case 'prcnt':
                 if (!\Validator::isPercent($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a locale
             // Check whether the current value is a locale
             case 'locale':
                 if (!\Validator::isLocale($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['locale'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a language code
             // Check whether the current value is a language code
             case 'language':
                 if (!\Validator::isLanguage($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['language'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a Google+ ID or vanity name
             // Check whether the current value is a Google+ ID or vanity name
             case 'google+':
                 if (!\Validator::isGooglePlusId($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidGoogleId'], $this->strLabel));
                 }
                 break;
                 // Check whether the current value is a field name
             // Check whether the current value is a field name
             case 'fieldname':
                 if (!\Validator::isFieldName($varInput)) {
                     $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidFieldName'], $this->strLabel));
                 }
                 break;
                 // HOOK: pass unknown tags to callback functions
             // HOOK: pass unknown tags to callback functions
             default:
                 if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) {
                     foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) {
                         $this->import($callback[0]);
                         $break = $this->{$callback[0]}->{$callback[1]}($this->rgxp, $varInput, $this);
                         // Stop the loop if a callback returned true
                         if ($break === true) {
                             break;
                         }
                     }
                 }
                 break;
         }
     }
     if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) {
         $varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput);
     }
     if ($this->nospace && preg_match('/[\\t ]+/', $varInput)) {
         $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel));
     }
     if ($this->spaceToUnderscore) {
         $varInput = preg_replace('/\\s+/', '_', trim($varInput));
     }
     if (is_bool($this->trailingSlash) && $varInput != '') {
         $varInput = preg_replace('/\\/+$/', '', $varInput) . ($this->trailingSlash ? '/' : '');
     }
     return $varInput;
 }
 /**
  * Render a calendar event.
  *
  * @param GetCalendarEventEvent    $event           The event.
  *
  * @param string                   $eventName       The event name.
  *
  * @param EventDispatcherInterface $eventDispatcher The event dispatcher.
  *
  * @return void
  *
  * @SuppressWarnings(PHPMD.CyclomaticComplexity)
  * @SuppressWarnings(PHPMD.NPathComplexity)
  * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
  * @SuppressWarnings(PHPMD.Superglobals)
  * @SuppressWarnings(PHPMD.CamelCaseVariableName)
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function handleEvent(GetCalendarEventEvent $event, $eventName, EventDispatcherInterface $eventDispatcher)
 {
     if ($event->getCalendarEventHtml()) {
         return;
     }
     $calendarCollection = CalendarModel::findAll();
     if (!$calendarCollection) {
         return;
     }
     $calendarIds = $calendarCollection->fetchEach('id');
     $eventModel = CalendarEventsModel::findPublishedByParentAndIdOrAlias($event->getCalendarEventId(), $calendarIds);
     if (!$eventModel) {
         return;
     }
     $calendarModel = $eventModel->getRelated('pid');
     $objPage = PageModel::findWithDetails($calendarModel->jumpTo);
     if ($event->getDateTime()) {
         $selectedStartDateTime = clone $event->getDateTime();
         $selectedStartDateTime->setTime(date('H', $eventModel->startTime), date('i', $eventModel->startTime), date('s', $eventModel->startTime));
         $secondsBetweenStartAndEndTime = $eventModel->endTime - $eventModel->startTime;
         $intStartTime = $selectedStartDateTime->getTimestamp();
         $intEndTime = $intStartTime + $secondsBetweenStartAndEndTime;
     } else {
         $intStartTime = $eventModel->startTime;
         $intEndTime = $eventModel->endTime;
     }
     $span = Calendar::calculateSpan($intStartTime, $intEndTime);
     // Do not show dates in the past if the event is recurring (see #923).
     if ($eventModel->recurring) {
         $arrRange = deserialize($eventModel->repeatEach);
         while ($intStartTime < time() && $intEndTime < $eventModel->repeatEnd) {
             $intStartTime = strtotime('+' . $arrRange['value'] . ' ' . $arrRange['unit'], $intStartTime);
             $intEndTime = strtotime('+' . $arrRange['value'] . ' ' . $arrRange['unit'], $intEndTime);
         }
     }
     if ($objPage->outputFormat == 'xhtml') {
         $strTimeStart = '';
         $strTimeEnd = '';
         $strTimeClose = '';
     } else {
         $strTimeStart = '';
         $strTimeEnd = '';
         $strTimeClose = '';
         // @codingStandardsIgnoreStart
         /*
         TODO $this->date and $this->time is used in the <a> title attribute and cannot contain HTML!
         $strTimeStart = '<time datetime="' . date('Y-m-d\TH:i:sP', $intStartTime) . '">';
         $strTimeEnd   = '<time datetime="' . date('Y-m-d\TH:i:sP', $intEndTime) . '">';
         $strTimeClose = '</time>';
         */
         // @codingStandardsIgnoreEnd
     }
     // Get date.
     if ($span > 0) {
         $date = $strTimeStart . Date::parse($eventModel->addTime ? $objPage->datimFormat : $objPage->dateFormat, $intStartTime) . $strTimeClose . ' - ' . $strTimeEnd . Date::parse($eventModel->addTime ? $objPage->datimFormat : $objPage->dateFormat, $intEndTime) . $strTimeClose;
     } elseif ($intStartTime == $intEndTime) {
         $date = $strTimeStart . Date::parse($objPage->dateFormat, $intStartTime) . ($eventModel->addTime ? ' (' . Date::parse($objPage->timeFormat, $intStartTime) . ')' : '') . $strTimeClose;
     } else {
         $date = $strTimeStart . Date::parse($objPage->dateFormat, $intStartTime) . ($eventModel->addTime ? ' (' . Date::parse($objPage->timeFormat, $intStartTime) . $strTimeClose . ' - ' . $strTimeEnd . Date::parse($objPage->timeFormat, $intEndTime) . ')' : '') . $strTimeClose;
     }
     $until = '';
     $recurring = '';
     // Recurring event.
     if ($eventModel->recurring) {
         $arrRange = deserialize($eventModel->repeatEach);
         $strKey = 'cal_' . $arrRange['unit'];
         $recurring = sprintf($GLOBALS['TL_LANG']['MSC'][$strKey], $arrRange['value']);
         if ($eventModel->recurrences > 0) {
             $until = sprintf($GLOBALS['TL_LANG']['MSC']['cal_until'], Date::parse($objPage->dateFormat, $eventModel->repeatEnd));
         }
     }
     // Override the default image size.
     // This is always false.
     if ($this->imgSize != '') {
         $size = deserialize($this->imgSize);
         if ($size[0] > 0 || $size[1] > 0) {
             $eventModel->size = $this->imgSize;
         }
     }
     $objTemplate = new FrontendTemplate($event->getTemplate());
     $objTemplate->setData($eventModel->row());
     $objTemplate->date = $date;
     $objTemplate->start = $intStartTime;
     $objTemplate->end = $intEndTime;
     $objTemplate->class = $eventModel->cssClass != '' ? ' ' . $eventModel->cssClass : '';
     $objTemplate->recurring = $recurring;
     $objTemplate->until = $until;
     $objTemplate->locationLabel = $GLOBALS['TL_LANG']['MSC']['location'];
     $objTemplate->details = '';
     $objElement = ContentModel::findPublishedByPidAndTable($eventModel->id, 'tl_calendar_events');
     if ($objElement !== null) {
         while ($objElement->next()) {
             $getContentElementEvent = new GetContentElementEvent($objElement->id);
             $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_GET_CONTENT_ELEMENT, $getContentElementEvent);
             $objTemplate->details .= $getContentElementEvent->getContentElementHtml();
         }
         $objTemplate->hasDetails = true;
     }
     $objTemplate->addImage = false;
     // Add an image.
     if ($eventModel->addImage && $eventModel->singleSRC != '') {
         $objModel = FilesModel::findByUuid($eventModel->singleSRC);
         if ($objModel === null) {
             if (!Validator::isUuid($eventModel->singleSRC)) {
                 $objTemplate->text = '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
             }
         } elseif (is_file(TL_ROOT . '/' . $objModel->path)) {
             // Do not override the field now that we have a model registry (see #6303).
             $arrEvent = $eventModel->row();
             $arrEvent['singleSRC'] = $objModel->path;
             $addImageToTemplateEvent = new AddImageToTemplateEvent($arrEvent, $objTemplate);
             $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_IMAGE_TO_TEMPLATE, $addImageToTemplateEvent);
         }
     }
     $objTemplate->enclosure = array();
     // Add enclosures.
     if ($eventModel->addEnclosure) {
         $addEnclosureToTemplateEvent = new AddEnclosureToTemplateEvent($eventModel->row(), $objTemplate);
         $eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_ENCLOSURE_TO_TEMPLATE, $addEnclosureToTemplateEvent);
     }
     $calendarEvent = $objTemplate->parse();
     $event->setCalendarEventHtml($calendarEvent);
 }
 /**
  * Extract all e-mail addresses from a string
  *
  * @param string $strString The string
  *
  * @return array The e-mail addresses
  */
 public static function extractEmail($strString)
 {
     $arrEmails = array();
     preg_match_all('/(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', $strString, $arrEmails);
     foreach ($arrEmails[0] as $strKey => $strEmail) {
         if (!\Validator::isEmail($strEmail)) {
             unset($arrEmails[0][$strKey]);
         }
     }
     return array_values($arrEmails[0]);
 }
Exemple #23
0
 /**
  * Extract all e-mail addresses from a string
  *
  * @param string $strString      The string
  * @param string $strAllowedTags A list of allowed HTML tags
  *
  * @return array The e-mail addresses
  */
 public static function extractEmail($strString, $strAllowedTags = '')
 {
     $arrEmails = array();
     if (strpos($strString, '@') === false) {
         return $arrEmails;
     }
     // Find all mailto: addresses
     preg_match_all('/mailto:(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', $strString, $matches);
     foreach ($matches[0] as &$strEmail) {
         $strEmail = str_replace('mailto:', '', $strEmail);
         if (\Validator::isEmail($strEmail)) {
             $arrEmails[] = $strEmail;
         }
     }
     // Encode opening arrow brackets (see #3998)
     $strString = preg_replace_callback('@</?([^\\s<>/]*)@', function ($matches) use($strAllowedTags) {
         if ($matches[1] == '' || strpos(strtolower($strAllowedTags), '<' . strtolower($matches[1]) . '>') === false) {
             $matches[0] = str_replace('<', '&lt;', $matches[0]);
         }
         return $matches[0];
     }, $strString);
     // Find all addresses in the plain text
     preg_match_all('/(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', strip_tags($strString), $matches);
     foreach ($matches[0] as &$strEmail) {
         $strEmail = str_replace('&lt;', '<', $strEmail);
         if (\Validator::isEmail($strEmail)) {
             $arrEmails[] = $strEmail;
         }
     }
     return array_unique($arrEmails);
 }