Usage:
if (Validator::isEmail($recipient))
{
$email->sendTo($recipient);
}
/**
* Remove the recipient
*/
protected function removeSubscriber()
{
$varInput = Idna::encodeEmail(Input::get('email', true));
// Validate e-mail address
if (!Validator::isEmail($varInput)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
$this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
}
$objCleverReach = new CleverReach();
switch ($this->clr_unsubscribe) {
case 'inactive':
foreach ($this->clr_groups as $strGroupId) {
$objCleverReach->receiverSetInactive($varInput, $strGroupId);
}
break;
case 'delete':
foreach ($this->clr_groups as $strGroupId) {
$objCleverReach->receiverDelete($varInput, $strGroupId);
}
break;
case 'email':
default:
$objCleverReach->sendUnsubscribeMail($varInput, $this->clr_form);
break;
}
$this->redirect($this->generateFrontendUrl($this->objModel->getRelated('jumpTo')->row()));
}
public function __construct($arrAttributes = null)
{
// check against arrAttributes, as 'onsubmit_callback' => 'multifileupload_moveFiles' does not provide valid attributes
if ($arrAttributes !== null && !$arrAttributes['uploadFolder']) {
throw new \Exception(sprintf($GLOBALS['TL_LANG']['ERR']['noUploadFolderDeclared'], $this->name));
}
$arrAttributes['uploadAction'] = static::$uploadAction;
if (TL_MODE == 'FE') {
$arrAttributes['uploadActionParams'] = http_build_query(AjaxAction::getParams(MultiFileUpload::NAME, static::$uploadAction));
}
$arrAttributes['addRemoveLinks'] = isset($arrAttributes['addRemoveLinks']) ? $arrAttributes['addRemoveLinks'] : true;
if (!is_array($arrAttributes['value']) && !Validator::isBinaryUuid($arrAttributes['value'])) {
$arrAttributes['value'] = json_decode($arrAttributes['value']);
}
// bin to string -> never pass binary to the widget!!
if ($arrAttributes['value']) {
if (is_array($arrAttributes['value'])) {
$arrAttributes['value'] = array_map(function ($val) {
return \Validator::isBinaryUuid($val) ? \StringUtil::binToUuid($val) : $val;
}, $arrAttributes['value']);
} else {
$arrAttributes['value'] = array(\Validator::isBinaryUuid($arrAttributes['value']) ? \StringUtil::binToUuid($arrAttributes['value']) : $arrAttributes['value']);
}
}
parent::__construct($arrAttributes);
$this->objUploader = new MultiFileUpload($arrAttributes);
// add onsubmit_callback: move files after form submission
$GLOBALS['TL_DCA'][$this->strTable]['config']['onsubmit_callback']['multifileupload_moveFiles'] = array('HeimrichHannot\\MultiFileUpload\\FormMultiFileUpload', 'moveFiles');
Ajax::runActiveAction(MultiFileUpload::NAME, MultiFileUpload::ACTION_UPLOAD, $this);
}
private function setContaoFile($file)
{
if (is_array($file)) {
return serialize(array_map([__CLASS__, 'setContaoFile'], $file));
}
if ($file instanceof FilesModel) {
return $file->uuid;
}
if (Validator::isStringUuid($file)) {
return StringUtil::uuidToBin($file);
}
return $file;
}
public function scopeUuid(Builder $query, $uuid)
{
if (is_array($uuid)) {
$uuid = array_map(function ($uuid) {
return Validator::isStringUuid($uuid) ? StringUtil::uuidToBin($uuid) : $uuid;
}, $uuid);
return $query->whereIn('uuid', $uuid);
}
if (Validator::isStringUuid($uuid)) {
$uuid = StringUtil::uuidToBin($uuid);
}
return $query->where('uuid', $uuid);
}
/**
* Find a particular template file and return its path
*
* @param string $strTemplate The name of the template
* @param string $strFormat The file extension
*
* @return string The path to the template file
*
* @throws \InvalidArgumentException If $strFormat is unknown
* @throws \RuntimeException If the template group folder is insecure
*/
public static function getTemplate($strTemplate, $strFormat = 'html5')
{
$arrAllowed = trimsplit(',', \Config::get('templateFiles'));
array_push($arrAllowed, 'html5');
// see #3398
if (!in_array($strFormat, $arrAllowed)) {
throw new \InvalidArgumentException('Invalid output format ' . $strFormat);
}
$strTemplate = basename($strTemplate);
// Check for a theme folder
if (TL_MODE == 'FE') {
/** @var \PageModel $objPage */
global $objPage;
if ($objPage->templateGroup != '') {
if (\Validator::isInsecurePath($objPage->templateGroup)) {
throw new \RuntimeException('Invalid path ' . $objPage->templateGroup);
}
return \TemplateLoader::getPath($strTemplate, $strFormat, $objPage->templateGroup);
}
}
return \TemplateLoader::getPath($strTemplate, $strFormat);
}
/**
* @return string
*/
public function generate()
{
if (TL_MODE == 'BE') {
$objTemplate = new BackendTemplate('be_wildcard');
$objTemplate->wildcard = '### LOGO MODULE ###';
return $objTemplate->parse();
}
if ($this->singleSRC == '') {
return '';
}
$objFile = FilesModel::findByUuid($this->singleSRC);
if ($objFile === null) {
if (!Validator::isUuid($this->singleSRC)) {
return '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
}
return '';
}
if (!is_file(TL_ROOT . '/' . $objFile->path)) {
return '';
}
$this->singleSRC = $objFile->path;
return parent::generate();
}
/**
* Return a form to choose a CSV file and import it
*
* @return string
*/
public function importRecipients()
{
if (\Input::get('key') != 'import') {
return '';
}
$this->import('BackendUser', 'User');
$class = $this->User->uploader;
// See #4086 and #7046
if (!class_exists($class) || $class == 'DropZone') {
$class = 'FileUpload';
}
/** @var FileUpload $objUploader */
$objUploader = new $class();
// Import recipients
if (\Input::post('FORM_SUBMIT') == 'tl_recipients_import') {
$arrUploaded = $objUploader->uploadTo('system/tmp');
if (empty($arrUploaded)) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['all_fields']);
$this->reload();
}
$time = time();
$intTotal = 0;
$intInvalid = 0;
foreach ($arrUploaded as $strCsvFile) {
$objFile = new \File($strCsvFile);
if ($objFile->extension != 'csv') {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
continue;
}
// Get separator
switch (\Input::post('separator')) {
case 'semicolon':
$strSeparator = ';';
break;
case 'tabulator':
$strSeparator = "\t";
break;
case 'linebreak':
$strSeparator = "\n";
break;
default:
$strSeparator = ',';
break;
}
$arrRecipients = array();
$resFile = $objFile->handle;
while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) {
$arrRecipients = array_merge($arrRecipients, $arrRow);
}
$arrRecipients = array_filter(array_unique($arrRecipients));
foreach ($arrRecipients as $strRecipient) {
// Skip invalid entries
if (!\Validator::isEmail($strRecipient)) {
$this->log('Recipient address "' . $strRecipient . '" seems to be invalid and was not imported', __METHOD__, TL_ERROR);
++$intInvalid;
continue;
}
// Check whether the e-mail address exists
$objRecipient = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_recipients WHERE pid=? AND email=?")->execute(\Input::get('id'), $strRecipient);
if ($objRecipient->count > 0) {
continue;
}
// Check whether the e-mail address has been blacklisted
$objBlacklist = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_blacklist WHERE pid=? AND hash=?")->execute(\Input::get('id'), md5($strRecipient));
if ($objBlacklist->count > 0) {
$this->log('Recipient address "' . $strRecipient . '" has been unsubscribed and was not imported', __METHOD__, TL_ERROR);
continue;
}
$this->Database->prepare("INSERT INTO tl_newsletter_recipients SET pid=?, tstamp={$time}, email=?, active=1")->execute(\Input::get('id'), $strRecipient);
++$intTotal;
}
}
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['confirm'], $intTotal));
if ($intInvalid > 0) {
\Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['invalid'], $intInvalid));
}
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$this->reload();
}
// Return form
return '
<div id="tl_buttons">
<a href="' . ampersand(str_replace('&key=import', '', \Environment::get('request'))) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_recipients_import" class="tl_form" method="post" enctype="multipart/form-data">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_recipients_import">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '">
<div class="tl_tbox">
<h3><label for="separator">' . $GLOBALS['TL_LANG']['MSC']['separator'][0] . '</label></h3>
<select name="separator" id="separator" class="tl_select" onfocus="Backend.getScrollOffset()">
<option value="comma">' . $GLOBALS['TL_LANG']['MSC']['comma'] . '</option>
<option value="semicolon">' . $GLOBALS['TL_LANG']['MSC']['semicolon'] . '</option>
<option value="tabulator">' . $GLOBALS['TL_LANG']['MSC']['tabulator'] . '</option>
<option value="linebreak">' . $GLOBALS['TL_LANG']['MSC']['linebreak'] . '</option>
</select>' . ($GLOBALS['TL_LANG']['MSC']['separator'][1] != '' ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['separator'][1] . '</p>' : '') . '
<h3>' . $GLOBALS['TL_LANG']['MSC']['source'][0] . '</h3>' . $objUploader->generateMarkup() . (isset($GLOBALS['TL_LANG']['MSC']['source'][1]) ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['source'][1] . '</p>' : '') . '
</div>
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
<button type="submit" name="save" id="save" class="tl_submit" accesskey="s">' . $GLOBALS['TL_LANG']['tl_newsletter_recipients']['import'][0] . '</button>
</div>
</div>
</form>';
}
/**
* Render a news.
*
* @param GetNewsEvent $event The event.
*
* @param string $eventName The event name.
*
* @param EventDispatcherInterface $eventDispatcher The event dispatcher.
*
* @return void
*
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
* @SuppressWarnings(PHPMD.Superglobals)
* @SuppressWarnings(PHPMD.CamelCaseVariableName)
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function handleNews(GetNewsEvent $event, $eventName, EventDispatcherInterface $eventDispatcher)
{
if ($event->getNewsHtml()) {
return;
}
$newsArchiveCollection = NewsArchiveModel::findAll();
$newsArchiveIds = $newsArchiveCollection ? $newsArchiveCollection->fetchEach('id') : array();
$newsModel = NewsModel::findPublishedByParentAndIdOrAlias($event->getNewsId(), $newsArchiveIds);
if (!$newsModel) {
return;
}
$newsModel = $newsModel->current();
$newsArchiveModel = $newsModel->getRelated('pid');
$objPage = PageModel::findWithDetails($newsArchiveModel->jumpTo);
$objTemplate = new FrontendTemplate($event->getTemplate());
$objTemplate->setData($newsModel->row());
$objTemplate->class = $newsModel->cssClass != '' ? ' ' . $newsModel->cssClass : '';
$objTemplate->newsHeadline = $newsModel->headline;
$objTemplate->subHeadline = $newsModel->subheadline;
$objTemplate->hasSubHeadline = $newsModel->subheadline ? true : false;
$objTemplate->linkHeadline = $this->generateLink($eventDispatcher, $newsModel->headline, $newsModel);
$objTemplate->more = $this->generateLink($eventDispatcher, $GLOBALS['TL_LANG']['MSC']['more'], $newsModel, false, true);
$objTemplate->link = $this->generateNewsUrl($eventDispatcher, $newsModel);
$objTemplate->archive = $newsModel->getRelated('pid');
$objTemplate->count = 0;
$objTemplate->text = '';
// Clean the RTE output.
if ($newsModel->teaser != '') {
if ($objPage->outputFormat == 'xhtml') {
$objTemplate->teaser = StringHelper::toXhtml($newsModel->teaser);
} else {
$objTemplate->teaser = StringHelper::toHtml5($newsModel->teaser);
}
$objTemplate->teaser = StringHelper::encodeEmail($objTemplate->teaser);
}
// Display the "read more" button for external/article links.
if ($newsModel->source != 'default') {
$objTemplate->text = true;
} else {
// Compile the news text.
$objElement = ContentModel::findPublishedByPidAndTable($newsModel->id, 'tl_news');
if ($objElement !== null) {
while ($objElement->next()) {
$getContentElementEvent = new GetContentElementEvent($objElement->id);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_GET_CONTENT_ELEMENT, $getContentElementEvent);
$objTemplate->text .= $getContentElementEvent->getContentElementHtml();
}
}
}
$arrMeta = $this->getMetaFields($newsModel);
// Add the meta information.
$objTemplate->date = $arrMeta['date'];
$objTemplate->hasMetaFields = !empty($arrMeta);
$objTemplate->numberOfComments = $arrMeta['ccount'];
$objTemplate->commentCount = $arrMeta['comments'];
$objTemplate->timestamp = $newsModel->date;
$objTemplate->author = $arrMeta['author'];
$objTemplate->datetime = date('Y-m-d\\TH:i:sP', $newsModel->date);
$objTemplate->addImage = false;
// Add an image.
if ($newsModel->addImage && $newsModel->singleSRC != '') {
$objModel = FilesModel::findByUuid($newsModel->singleSRC);
if ($objModel === null) {
if (!Validator::isUuid($newsModel->singleSRC)) {
$objTemplate->text = '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
}
} elseif (is_file(TL_ROOT . '/' . $objModel->path)) {
// Do not override the field now that we have a model registry (see #6303).
$arrArticle = $newsModel->row();
// Override the default image size.
// This is always false!
if ($this->imgSize != '') {
$size = deserialize($this->imgSize);
if ($size[0] > 0 || $size[1] > 0) {
$arrArticle['size'] = $this->imgSize;
}
}
$arrArticle['singleSRC'] = $objModel->path;
$addImageToTemplateEvent = new AddImageToTemplateEvent($arrArticle, $objTemplate);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_IMAGE_TO_TEMPLATE, $addImageToTemplateEvent);
}
}
$objTemplate->enclosure = array();
// Add enclosures.
if ($newsModel->addEnclosure) {
$addEnclosureToTemplateEvent = new AddEnclosureToTemplateEvent($newsModel->row(), $objTemplate);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_ENCLOSURE_TO_TEMPLATE, $addEnclosureToTemplateEvent);
}
$news = $objTemplate->parse();
$event->setNewsHtml($news);
}
/**
* Check a file operation
*
* @param string $strFile
*
* @return boolean
*
* @throws AccessDeniedException
*/
protected function isValid($strFile)
{
$strFolder = \Input::get('pid', true);
// Check the path
if (\Validator::isInsecurePath($strFile)) {
throw new AccessDeniedException('Invalid file name "' . $strFile . '" (hacking attempt).');
} elseif (\Validator::isInsecurePath($strFolder)) {
throw new AccessDeniedException('Invalid folder name "' . $strFolder . '" (hacking attempt).');
}
// Check for valid file types
if (!empty($this->arrValidFileTypes) && is_file(TL_ROOT . '/' . $strFile)) {
$fileinfo = preg_replace('/.*\\.(.*)$/ui', '$1', $strFile);
if (!in_array(strtolower($fileinfo), $this->arrValidFileTypes)) {
throw new AccessDeniedException('File "' . $strFile . '" is not an allowed file type.');
}
}
// Check whether the file is within the files directory
if (!preg_match('/^' . preg_quote(\Config::get('uploadPath'), '/') . '/i', $strFile)) {
throw new AccessDeniedException('File or folder "' . $strFile . '" is not within the files directory.');
}
// Check whether the parent folder is within the files directory
if ($strFolder && !preg_match('/^' . preg_quote(\Config::get('uploadPath'), '/') . '/i', $strFolder)) {
throw new AccessDeniedException('Parent folder "' . $strFolder . '" is not within the files directory.');
}
// Do not allow file operations on root folders
if (\Input::get('act') == 'edit' || \Input::get('act') == 'paste' || \Input::get('act') == 'delete') {
$this->import('BackendUser', 'User');
if (!$this->User->isAdmin && in_array($strFile, $this->User->filemounts)) {
throw new AccessDeniedException('Attempt to edit, copy, move or delete the root folder "' . $strFile . '".');
}
}
return true;
}
/**
* Run the controller and parse the template
*
* @return Response
*/
public function run()
{
/** @var SessionInterface $objSession */
$objSession = \System::getContainer()->get('session');
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_picker');
$objTemplate->main = '';
// Ajax request
if ($_POST && \Environment::get('isAjaxRequest')) {
$this->objAjax = new \Ajax(\Input::post('action'));
$this->objAjax->executePreActions();
}
$strTable = \Input::get('table');
$strField = \Input::get('field');
// Define the current ID
define('CURRENT_ID', \Input::get('table') ? $objSession->get('CURRENT_ID') : \Input::get('id'));
$this->loadDataContainer($strTable);
$strDriver = 'DC_' . $GLOBALS['TL_DCA'][$strTable]['config']['dataContainer'];
$objDca = new $strDriver($strTable);
$objDca->field = $strField;
// Set the active record
if ($this->Database->tableExists($strTable)) {
/** @var Model $strModel */
$strModel = \Model::getClassFromTable($strTable);
if (class_exists($strModel)) {
$objModel = $strModel::findByPk(\Input::get('id'));
if ($objModel !== null) {
$objDca->activeRecord = $objModel;
}
}
}
// AJAX request
if ($_POST && \Environment::get('isAjaxRequest')) {
$this->objAjax->executePostActions($objDca);
}
$objSession->set('filePickerRef', \Environment::get('request'));
$arrValues = array_filter(explode(',', \Input::get('value')));
// Convert UUIDs to binary
foreach ($arrValues as $k => $v) {
// Can be a UUID or a path
if (\Validator::isStringUuid($v)) {
$arrValues[$k] = \StringUtil::uuidToBin($v);
}
}
// Call the load_callback
if (is_array($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'])) {
foreach ($GLOBALS['TL_DCA'][$strTable]['fields'][$strField]['load_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$arrValues = $this->{$callback[0]}->{$callback[1]}($arrValues, $objDca);
} elseif (is_callable($callback)) {
$arrValues = $callback($arrValues, $objDca);
}
}
}
/** @var FileSelector $strClass */
$strClass = $GLOBALS['BE_FFL']['fileSelector'];
/** @var FileSelector $objFileTree */
$objFileTree = new $strClass($strClass::getAttributesFromDca($GLOBALS['TL_DCA'][$strTable]['fields'][$strField], $strField, $arrValues, $strField, $strTable, $objDca));
/** @var AttributeBagInterface $objSessionBag */
$objSessionBag = $objSession->getBag('contao_backend');
$objTemplate->main = $objFileTree->generate();
$objTemplate->theme = \Backend::getTheme();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = specialchars($GLOBALS['TL_LANG']['MSC']['filepicker']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->addSearch = true;
$objTemplate->search = $GLOBALS['TL_LANG']['MSC']['search'];
$objTemplate->searchExclude = $GLOBALS['TL_LANG']['MSC']['searchExclude'];
$objTemplate->action = ampersand(\Environment::get('request'));
$objTemplate->value = $objSessionBag->get('file_selector_search');
$objTemplate->manager = $GLOBALS['TL_LANG']['MSC']['fileManager'];
$objTemplate->managerHref = 'contao/main.php?do=files&popup=1';
$objTemplate->breadcrumb = $GLOBALS['TL_DCA']['tl_files']['list']['sorting']['breadcrumb'];
if (\Input::get('switch')) {
$objTemplate->switch = $GLOBALS['TL_LANG']['MSC']['pagePicker'];
$objTemplate->switchHref = str_replace('contao/file?', 'contao/page?', ampersand(\Environment::get('request')));
}
return $objTemplate->getResponse();
}
/**
* Compare versions
*/
public function compare()
{
$strBuffer = '';
$arrVersions = array();
$intTo = 0;
$intFrom = 0;
$objVersions = $this->Database->prepare("SELECT * FROM tl_version WHERE pid=? AND fromTable=? ORDER BY version DESC")->execute($this->intPid, $this->strTable);
if ($objVersions->numRows < 2) {
$strBuffer = '<p>There are no versions of ' . $this->strTable . '.id=' . $this->intPid . '</p>';
} else {
$intIndex = 0;
$from = array();
// Store the versions and mark the active one
while ($objVersions->next()) {
if ($objVersions->active) {
$intIndex = $objVersions->version;
}
$arrVersions[$objVersions->version] = $objVersions->row();
$arrVersions[$objVersions->version]['info'] = $GLOBALS['TL_LANG']['MSC']['version'] . ' ' . $objVersions->version . ' (' . \Date::parse(\Config::get('datimFormat'), $objVersions->tstamp) . ') ' . $objVersions->username;
}
// To
if (\Input::post('to') && isset($arrVersions[\Input::post('to')])) {
$intTo = \Input::post('to');
$to = \StringUtil::deserialize($arrVersions[\Input::post('to')]['data']);
} elseif (\Input::get('to') && isset($arrVersions[\Input::get('to')])) {
$intTo = \Input::get('to');
$to = \StringUtil::deserialize($arrVersions[\Input::get('to')]['data']);
} else {
$intTo = $intIndex;
$to = \StringUtil::deserialize($arrVersions[$intTo]['data']);
}
// From
if (\Input::post('from') && isset($arrVersions[\Input::post('from')])) {
$intFrom = \Input::post('from');
$from = \StringUtil::deserialize($arrVersions[\Input::post('from')]['data']);
} elseif (\Input::get('from') && isset($arrVersions[\Input::get('from')])) {
$intFrom = \Input::get('from');
$from = \StringUtil::deserialize($arrVersions[\Input::get('from')]['data']);
} elseif ($intIndex > 1) {
$intFrom = $intIndex - 1;
$from = \StringUtil::deserialize($arrVersions[$intFrom]['data']);
}
// Only continue if both version numbers are set
if ($intTo > 0 && $intFrom > 0) {
\System::loadLanguageFile($this->strTable);
$this->loadDataContainer($this->strTable);
// Get the order fields
$objDcaExtractor = \DcaExtractor::getInstance($this->strTable);
$arrOrder = $objDcaExtractor->getOrderFields();
// Find the changed fields and highlight the changes
foreach ($to as $k => $v) {
if ($from[$k] != $to[$k]) {
if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['doNotShow'] || $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['hideInput']) {
continue;
}
$blnIsBinary = $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['inputType'] == 'fileTree' || in_array($k, $arrOrder);
// Decrypt the values
if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['encrypt']) {
$to[$k] = \Encryption::decrypt($to[$k]);
$from[$k] = \Encryption::decrypt($from[$k]);
}
// Convert serialized arrays into strings
if (is_array($tmp = \StringUtil::deserialize($to[$k])) && !is_array($to[$k])) {
$to[$k] = $this->implodeRecursive($tmp, $blnIsBinary);
}
if (is_array($tmp = \StringUtil::deserialize($from[$k])) && !is_array($from[$k])) {
$from[$k] = $this->implodeRecursive($tmp, $blnIsBinary);
}
unset($tmp);
// Convert binary UUIDs to their hex equivalents (see #6365)
if ($blnIsBinary && \Validator::isBinaryUuid($to[$k])) {
$to[$k] = \StringUtil::binToUuid($to[$k]);
}
if ($blnIsBinary && \Validator::isBinaryUuid($from[$k])) {
$to[$k] = \StringUtil::binToUuid($from[$k]);
}
// Convert date fields
if ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'date') {
$to[$k] = \Date::parse(\Config::get('dateFormat'), $to[$k] ?: '');
$from[$k] = \Date::parse(\Config::get('dateFormat'), $from[$k] ?: '');
} elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'time') {
$to[$k] = \Date::parse(\Config::get('timeFormat'), $to[$k] ?: '');
$from[$k] = \Date::parse(\Config::get('timeFormat'), $from[$k] ?: '');
} elseif ($GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['eval']['rgxp'] == 'datim' || $k == 'tstamp') {
$to[$k] = \Date::parse(\Config::get('datimFormat'), $to[$k] ?: '');
$from[$k] = \Date::parse(\Config::get('datimFormat'), $from[$k] ?: '');
}
// Convert strings into arrays
if (!is_array($to[$k])) {
$to[$k] = explode("\n", $to[$k]);
}
if (!is_array($from[$k])) {
$from[$k] = explode("\n", $from[$k]);
}
$objDiff = new \Diff($from[$k], $to[$k]);
$strBuffer .= $objDiff->render(new DiffRenderer(array('field' => $GLOBALS['TL_DCA'][$this->strTable]['fields'][$k]['label'][0] ?: (isset($GLOBALS['TL_LANG']['MSC'][$k]) ? is_array($GLOBALS['TL_LANG']['MSC'][$k]) ? $GLOBALS['TL_LANG']['MSC'][$k][0] : $GLOBALS['TL_LANG']['MSC'][$k] : $k))));
}
}
}
}
// Identical versions
if ($strBuffer == '') {
$strBuffer = '<p>' . $GLOBALS['TL_LANG']['MSC']['identicalVersions'] . '</p>';
}
/** @var BackendTemplate|object $objTemplate */
$objTemplate = new \BackendTemplate('be_diff');
// Template variables
$objTemplate->content = $strBuffer;
$objTemplate->versions = $arrVersions;
$objTemplate->to = $intTo;
$objTemplate->from = $intFrom;
$objTemplate->showLabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']);
$objTemplate->theme = \Backend::getTheme();
$objTemplate->base = \Environment::get('base');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->title = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['showDifferences']);
$objTemplate->charset = \Config::get('characterSet');
$objTemplate->action = ampersand(\Environment::get('request'));
throw new ResponseException($objTemplate->getResponse());
}
/**
* Replace insert tags with their values
*
* @param string $strBuffer The text with the tags to be replaced
* @param boolean $blnCache If false, non-cacheable tags will be replaced
*
* @return string The text with the replaced tags
*/
protected function doReplace($strBuffer, $blnCache)
{
/** @var PageModel $objPage */
global $objPage;
// Preserve insert tags
if (\Config::get('disableInsertTags')) {
return \StringUtil::restoreBasicEntities($strBuffer);
}
$tags = preg_split('/{{([^{}]+)}}/', $strBuffer, -1, PREG_SPLIT_DELIM_CAPTURE);
if (count($tags) < 2) {
return \StringUtil::restoreBasicEntities($strBuffer);
}
$strBuffer = '';
// Create one cache per cache setting (see #7700)
static $arrItCache;
$arrCache =& $arrItCache[$blnCache];
for ($_rit = 0, $_cnt = count($tags); $_rit < $_cnt; $_rit += 2) {
$strBuffer .= $tags[$_rit];
$strTag = $tags[$_rit + 1];
// Skip empty tags
if ($strTag == '') {
continue;
}
$flags = explode('|', $strTag);
$tag = array_shift($flags);
$elements = explode('::', $tag);
// Load the value from cache
if (isset($arrCache[$strTag]) && !in_array('refresh', $flags)) {
$strBuffer .= $arrCache[$strTag];
continue;
}
// Skip certain elements if the output will be cached
if ($blnCache) {
if ($elements[0] == 'date' || $elements[0] == 'ua' || $elements[0] == 'post' || $elements[0] == 'file' && !\Validator::isStringUuid($elements[1]) || $elements[1] == 'back' || $elements[1] == 'referer' || $elements[0] == 'request_token' || $elements[0] == 'toggle_view' || strncmp($elements[0], 'cache_', 6) === 0 || in_array('uncached', $flags)) {
/** @var FragmentHandler $fragmentHandler */
$fragmentHandler = \System::getContainer()->get('fragment.handler');
$strBuffer .= $fragmentHandler->render(new ControllerReference('contao.controller.insert_tags:renderAction', ['insertTag' => '{{' . $strTag . '}}']), 'esi');
continue;
}
}
$arrCache[$strTag] = '';
// Replace the tag
switch (strtolower($elements[0])) {
// Date
case 'date':
$arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('dateFormat'));
break;
// Accessibility tags
// Accessibility tags
case 'lang':
if ($elements[1] == '') {
$arrCache[$strTag] = '</span>';
} else {
$arrCache[$strTag] = $arrCache[$strTag] = '<span lang="' . \StringUtil::specialchars($elements[1]) . '">';
}
break;
// Line break
// Line break
case 'br':
$arrCache[$strTag] = '<br>';
break;
// E-mail addresses
// E-mail addresses
case 'email':
case 'email_open':
case 'email_url':
if ($elements[1] == '') {
$arrCache[$strTag] = '';
break;
}
$strEmail = \StringUtil::encodeEmail($elements[1]);
// Replace the tag
switch (strtolower($elements[0])) {
case 'email':
$arrCache[$strTag] = '<a href="mailto:' . $strEmail . '" class="email">' . preg_replace('/\\?.*$/', '', $strEmail) . '</a>';
break;
case 'email_open':
$arrCache[$strTag] = '<a href="mailto:' . $strEmail . '" title="' . $strEmail . '" class="email">';
break;
case 'email_url':
$arrCache[$strTag] = $strEmail;
break;
}
break;
// Label tags
// Label tags
case 'label':
$keys = explode(':', $elements[1]);
if (count($keys) < 2) {
$arrCache[$strTag] = '';
break;
}
$file = $keys[0];
// Map the key (see #7217)
switch ($file) {
case 'CNT':
$file = 'countries';
break;
case 'LNG':
$file = 'languages';
break;
case 'MOD':
case 'FMD':
$file = 'modules';
break;
case 'FFL':
$file = 'tl_form_field';
break;
case 'CACHE':
$file = 'tl_page';
break;
case 'XPL':
$file = 'explain';
break;
case 'XPT':
$file = 'exception';
break;
case 'MSC':
case 'ERR':
case 'CTE':
case 'PTY':
case 'FOP':
case 'CHMOD':
case 'DAYS':
case 'MONTHS':
case 'UNITS':
case 'CONFIRM':
case 'DP':
case 'COLS':
$file = 'default';
break;
}
\System::loadLanguageFile($file);
if (count($keys) == 2) {
$arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]];
} else {
$arrCache[$strTag] = $GLOBALS['TL_LANG'][$keys[0]][$keys[1]][$keys[2]];
}
break;
// Front end user
// Front end user
case 'user':
if (FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
$value = $this->User->{$elements[1]};
if ($value == '') {
$arrCache[$strTag] = $value;
break;
}
$this->loadDataContainer('tl_member');
if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['inputType'] == 'password') {
$arrCache[$strTag] = '';
break;
}
$value = \StringUtil::deserialize($value);
// Decrypt the value
if ($GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['encrypt']) {
$value = \Encryption::decrypt($value);
}
$rgxp = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['eval']['rgxp'];
$opts = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['options'];
$rfrc = $GLOBALS['TL_DCA']['tl_member']['fields'][$elements[1]]['reference'];
if ($rgxp == 'date') {
$arrCache[$strTag] = \Date::parse(\Config::get('dateFormat'), $value);
} elseif ($rgxp == 'time') {
$arrCache[$strTag] = \Date::parse(\Config::get('timeFormat'), $value);
} elseif ($rgxp == 'datim') {
$arrCache[$strTag] = \Date::parse(\Config::get('datimFormat'), $value);
} elseif (is_array($value)) {
$arrCache[$strTag] = implode(', ', $value);
} elseif (is_array($opts) && array_is_assoc($opts)) {
$arrCache[$strTag] = isset($opts[$value]) ? $opts[$value] : $value;
} elseif (is_array($rfrc)) {
$arrCache[$strTag] = isset($rfrc[$value]) ? is_array($rfrc[$value]) ? $rfrc[$value][0] : $rfrc[$value] : $value;
} else {
$arrCache[$strTag] = $value;
}
// Convert special characters (see #1890)
$arrCache[$strTag] = \StringUtil::specialchars($arrCache[$strTag]);
}
break;
// Link
// Link
case 'link':
case 'link_open':
case 'link_url':
case 'link_title':
case 'link_target':
case 'link_name':
$strTarget = null;
// Back link
if ($elements[1] == 'back') {
$strUrl = 'javascript:history.go(-1)';
$strTitle = $GLOBALS['TL_LANG']['MSC']['goBack'];
// No language files if the page is cached
if (!strlen($strTitle)) {
$strTitle = 'Go back';
}
$strName = $strTitle;
} elseif (strncmp($elements[1], 'http://', 7) === 0 || strncmp($elements[1], 'https://', 8) === 0) {
$strUrl = $elements[1];
$strTitle = $elements[1];
$strName = str_replace(array('http://', 'https://'), '', $elements[1]);
} else {
// User login page
if ($elements[1] == 'login') {
if (!FE_USER_LOGGED_IN) {
break;
}
$this->import('FrontendUser', 'User');
$elements[1] = $this->User->loginPage;
}
$objNextPage = \PageModel::findByIdOrAlias($elements[1]);
if ($objNextPage === null) {
break;
}
// Page type specific settings (thanks to Andreas Schempp)
switch ($objNextPage->type) {
case 'redirect':
$strUrl = $objNextPage->url;
if (strncasecmp($strUrl, 'mailto:', 7) === 0) {
$strUrl = \StringUtil::encodeEmail($strUrl);
}
break;
case 'forward':
if ($objNextPage->jumpTo) {
/** @var PageModel $objNext */
$objNext = $objNextPage->getRelated('jumpTo');
} else {
$objNext = \PageModel::findFirstPublishedRegularByPid($objNextPage->id);
}
if ($objNext instanceof PageModel) {
$strUrl = $objNext->getFrontendUrl();
break;
}
// DO NOT ADD A break; STATEMENT
// DO NOT ADD A break; STATEMENT
default:
$strUrl = $objNextPage->getFrontendUrl();
break;
}
$strName = $objNextPage->title;
$strTarget = $objNextPage->target ? ' target="_blank"' : '';
$strTitle = $objNextPage->pageTitle ?: $objNextPage->title;
}
// Replace the tag
switch (strtolower($elements[0])) {
case 'link':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>%s</a>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget, $strName);
break;
case 'link_open':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s"%s>', $strUrl, \StringUtil::specialchars($strTitle), $strTarget);
break;
case 'link_url':
$arrCache[$strTag] = $strUrl;
break;
case 'link_title':
$arrCache[$strTag] = \StringUtil::specialchars($strTitle);
break;
case 'link_target':
$arrCache[$strTag] = $strTarget;
break;
case 'link_name':
$arrCache[$strTag] = $strName;
break;
}
break;
// Closing link tag
// Closing link tag
case 'link_close':
case 'email_close':
$arrCache[$strTag] = '</a>';
break;
// Insert article
// Insert article
case 'insert_article':
if (($strOutput = $this->getArticle($elements[1], false, true)) !== false) {
$arrCache[$strTag] = ltrim($strOutput);
} else {
$arrCache[$strTag] = '<p class="error">' . sprintf($GLOBALS['TL_LANG']['MSC']['invalidPage'], $elements[1]) . '</p>';
}
break;
// Insert content element
// Insert content element
case 'insert_content':
$arrCache[$strTag] = $this->getContentElement($elements[1]);
break;
// Insert module
// Insert module
case 'insert_module':
$arrCache[$strTag] = $this->getFrontendModule($elements[1]);
break;
// Insert form
// Insert form
case 'insert_form':
$arrCache[$strTag] = $this->getForm($elements[1]);
break;
// Article
// Article
case 'article':
case 'article_open':
case 'article_url':
case 'article_title':
if (($objArticle = \ArticleModel::findByIdOrAlias($elements[1])) === null || !($objPid = $objArticle->getRelated('pid')) instanceof PageModel) {
break;
}
/** @var PageModel $objPid */
$strUrl = $objPid->getFrontendUrl('/articles/' . ($objArticle->alias ?: $objArticle->id));
// Replace the tag
switch (strtolower($elements[0])) {
case 'article':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s">%s</a>', $strUrl, \StringUtil::specialchars($objArticle->title), $objArticle->title);
break;
case 'article_open':
$arrCache[$strTag] = sprintf('<a href="%s" title="%s">', $strUrl, \StringUtil::specialchars($objArticle->title));
break;
case 'article_url':
$arrCache[$strTag] = $strUrl;
break;
case 'article_title':
$arrCache[$strTag] = \StringUtil::specialchars($objArticle->title);
break;
}
break;
// Article teaser
// Article teaser
case 'article_teaser':
$objTeaser = \ArticleModel::findByIdOrAlias($elements[1]);
if ($objTeaser !== null) {
$arrCache[$strTag] = \StringUtil::toHtml5($objTeaser->teaser);
}
break;
// Last update
// Last update
case 'last_update':
$strQuery = "SELECT MAX(tstamp) AS tc";
$bundles = \System::getContainer()->getParameter('kernel.bundles');
if (isset($bundles['ContaoNewsBundle'])) {
$strQuery .= ", (SELECT MAX(tstamp) FROM tl_news) AS tn";
}
if (isset($bundles['ContaoCalendarBundle'])) {
$strQuery .= ", (SELECT MAX(tstamp) FROM tl_calendar_events) AS te";
}
$strQuery .= " FROM tl_content";
$objUpdate = \Database::getInstance()->query($strQuery);
if ($objUpdate->numRows) {
$arrCache[$strTag] = \Date::parse($elements[1] ?: \Config::get('datimFormat'), max($objUpdate->tc, $objUpdate->tn, $objUpdate->te));
}
break;
// Version
// Version
case 'version':
$arrCache[$strTag] = VERSION . '.' . BUILD;
break;
// Request token
// Request token
case 'request_token':
$arrCache[$strTag] = REQUEST_TOKEN;
break;
// POST data
// POST data
case 'post':
$arrCache[$strTag] = \Input::post($elements[1]);
break;
// Mobile/desktop toggle (see #6469)
// Mobile/desktop toggle (see #6469)
case 'toggle_view':
$strUrl = ampersand(\Environment::get('request'));
$strGlue = strpos($strUrl, '?') === false ? '?' : '&';
if (\Input::cookie('TL_VIEW') == 'mobile' || \Environment::get('agent')->mobile && \Input::cookie('TL_VIEW') != 'desktop') {
$arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=desktop" class="toggle_desktop" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleDesktop'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleDesktop'][0] . '</a>';
} else {
$arrCache[$strTag] = '<a href="' . $strUrl . $strGlue . 'toggle_view=mobile" class="toggle_mobile" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['toggleMobile'][1]) . '">' . $GLOBALS['TL_LANG']['MSC']['toggleMobile'][0] . '</a>';
}
break;
// Conditional tags (if)
// Conditional tags (if)
case 'iflng':
if ($elements[1] != '' && $elements[1] != $objPage->language) {
for (; $_rit < $_cnt; $_rit += 2) {
if ($tags[$_rit + 1] == 'iflng' || $tags[$_rit + 1] == 'iflng::' . $objPage->language) {
break;
}
}
}
unset($arrCache[$strTag]);
break;
// Conditional tags (if not)
// Conditional tags (if not)
case 'ifnlng':
if ($elements[1] != '') {
$langs = \StringUtil::trimsplit(',', $elements[1]);
if (in_array($objPage->language, $langs)) {
for (; $_rit < $_cnt; $_rit += 2) {
if ($tags[$_rit + 1] == 'ifnlng') {
break;
}
}
}
}
unset($arrCache[$strTag]);
break;
// Environment
// Environment
case 'env':
switch ($elements[1]) {
case 'host':
$arrCache[$strTag] = \Idna::decode(\Environment::get('host'));
break;
case 'http_host':
$arrCache[$strTag] = \Idna::decode(\Environment::get('httpHost'));
break;
case 'url':
$arrCache[$strTag] = \Idna::decode(\Environment::get('url'));
break;
case 'path':
$arrCache[$strTag] = \Idna::decode(\Environment::get('base'));
break;
case 'request':
$arrCache[$strTag] = \Environment::get('indexFreeRequest');
break;
case 'ip':
$arrCache[$strTag] = \Environment::get('ip');
break;
case 'referer':
$arrCache[$strTag] = $this->getReferer(true);
break;
case 'files_url':
$arrCache[$strTag] = TL_FILES_URL;
break;
case 'assets_url':
case 'plugins_url':
case 'script_url':
$arrCache[$strTag] = TL_ASSETS_URL;
break;
case 'base_url':
$arrCache[$strTag] = \System::getContainer()->get('request_stack')->getCurrentRequest()->getBaseUrl();
break;
}
break;
// Page
// Page
case 'page':
if ($elements[1] == 'pageTitle' && $objPage->pageTitle == '') {
$elements[1] = 'title';
} elseif ($elements[1] == 'parentPageTitle' && $objPage->parentPageTitle == '') {
$elements[1] = 'parentTitle';
} elseif ($elements[1] == 'mainPageTitle' && $objPage->mainPageTitle == '') {
$elements[1] = 'mainTitle';
}
// Do not use \StringUtil::specialchars() here (see #4687)
$arrCache[$strTag] = $objPage->{$elements[1]};
break;
// User agent
// User agent
case 'ua':
$ua = \Environment::get('agent');
if ($elements[1] != '') {
$arrCache[$strTag] = $ua->{$elements[1]};
} else {
$arrCache[$strTag] = '';
}
break;
// Abbreviations
// Abbreviations
case 'abbr':
case 'acronym':
if ($elements[1] != '') {
$arrCache[$strTag] = '<abbr title="' . \StringUtil::specialchars($elements[1]) . '">';
} else {
$arrCache[$strTag] = '</abbr>';
}
break;
// Images
// Images
case 'image':
case 'picture':
$width = null;
$height = null;
$alt = '';
$class = '';
$rel = '';
$strFile = $elements[1];
$mode = '';
$size = null;
$strTemplate = 'picture_default';
// Take arguments
if (strpos($elements[1], '?') !== false) {
$arrChunks = explode('?', urldecode($elements[1]), 2);
$strSource = \StringUtil::decodeEntities($arrChunks[1]);
$strSource = str_replace('[&]', '&', $strSource);
$arrParams = explode('&', $strSource);
foreach ($arrParams as $strParam) {
list($key, $value) = explode('=', $strParam);
switch ($key) {
case 'width':
$width = $value;
break;
case 'height':
$height = $value;
break;
case 'alt':
$alt = $value;
break;
case 'class':
$class = $value;
break;
case 'rel':
$rel = $value;
break;
case 'mode':
$mode = $value;
break;
case 'size':
$size = (int) $value;
break;
case 'template':
$strTemplate = preg_replace('/[^a-z0-9_]/i', '', $value);
break;
}
}
$strFile = $arrChunks[0];
}
if (\Validator::isUuid($strFile)) {
// Handle UUIDs
$objFile = \FilesModel::findByUuid($strFile);
if ($objFile === null) {
$arrCache[$strTag] = '';
break;
}
$strFile = $objFile->path;
} elseif (is_numeric($strFile)) {
// Handle numeric IDs (see #4805)
$objFile = \FilesModel::findByPk($strFile);
if ($objFile === null) {
$arrCache[$strTag] = '';
break;
}
$strFile = $objFile->path;
} else {
// Check the path
if (\Validator::isInsecurePath($strFile)) {
throw new \RuntimeException('Invalid path ' . $strFile);
}
}
// Check the maximum image width
if (\Config::get('maxImageWidth') > 0 && $width > \Config::get('maxImageWidth')) {
$width = \Config::get('maxImageWidth');
$height = null;
}
// Generate the thumbnail image
try {
// Image
if (strtolower($elements[0]) == 'image') {
$dimensions = '';
$src = \System::getContainer()->get('contao.image.image_factory')->create(TL_ROOT . '/' . rawurldecode($strFile), array($width, $height, $mode))->getUrl(TL_ROOT);
$objFile = new \File(rawurldecode($src));
// Add the image dimensions
if (($imgSize = $objFile->imageSize) !== false) {
$dimensions = ' width="' . \StringUtil::specialchars($imgSize[0]) . '" height="' . \StringUtil::specialchars($imgSize[1]) . '"';
}
$arrCache[$strTag] = '<img src="' . TL_FILES_URL . $src . '" ' . $dimensions . ' alt="' . \StringUtil::specialchars($alt) . '"' . ($class != '' ? ' class="' . \StringUtil::specialchars($class) . '"' : '') . '>';
} else {
$picture = \System::getContainer()->get('contao.image.picture_factory')->create(TL_ROOT . '/' . $strFile, $size);
$picture = array('img' => $picture->getImg(TL_ROOT), 'sources' => $picture->getSources(TL_ROOT));
$picture['alt'] = $alt;
$picture['class'] = $class;
$pictureTemplate = new \FrontendTemplate($strTemplate);
$pictureTemplate->setData($picture);
$arrCache[$strTag] = $pictureTemplate->parse();
}
// Add a lightbox link
if ($rel != '') {
if (strncmp($rel, 'lightbox', 8) !== 0) {
$attribute = ' rel="' . \StringUtil::specialchars($rel) . '"';
} else {
$attribute = ' data-lightbox="' . \StringUtil::specialchars(substr($rel, 8)) . '"';
}
$arrCache[$strTag] = '<a href="' . TL_FILES_URL . $strFile . '"' . ($alt != '' ? ' title="' . \StringUtil::specialchars($alt) . '"' : '') . $attribute . '>' . $arrCache[$strTag] . '</a>';
}
} catch (\Exception $e) {
$arrCache[$strTag] = '';
}
break;
// Files (UUID or template path)
// Files (UUID or template path)
case 'file':
if (\Validator::isUuid($elements[1])) {
$objFile = \FilesModel::findByUuid($elements[1]);
if ($objFile !== null) {
$arrCache[$strTag] = $objFile->path;
break;
}
}
$arrGet = $_GET;
\Input::resetCache();
$strFile = $elements[1];
// Take arguments and add them to the $_GET array
if (strpos($elements[1], '?') !== false) {
$arrChunks = explode('?', urldecode($elements[1]));
$strSource = \StringUtil::decodeEntities($arrChunks[1]);
$strSource = str_replace('[&]', '&', $strSource);
$arrParams = explode('&', $strSource);
foreach ($arrParams as $strParam) {
$arrParam = explode('=', $strParam);
$_GET[$arrParam[0]] = $arrParam[1];
}
$strFile = $arrChunks[0];
}
// Check the path
if (\Validator::isInsecurePath($strFile)) {
throw new \RuntimeException('Invalid path ' . $strFile);
}
// Include .php, .tpl, .xhtml and .html5 files
if (preg_match('/\\.(php|tpl|xhtml|html5)$/', $strFile) && file_exists(TL_ROOT . '/templates/' . $strFile)) {
ob_start();
include TL_ROOT . '/templates/' . $strFile;
$arrCache[$strTag] = ob_get_clean();
}
$_GET = $arrGet;
\Input::resetCache();
break;
// HOOK: pass unknown tags to callback functions
// HOOK: pass unknown tags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['replaceInsertTags']) && is_array($GLOBALS['TL_HOOKS']['replaceInsertTags'])) {
foreach ($GLOBALS['TL_HOOKS']['replaceInsertTags'] as $callback) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($tag, $blnCache, $arrCache[$strTag], $flags, $tags, $arrCache, $_rit, $_cnt);
// see #6672
// Replace the tag and stop the loop
if ($varValue !== false) {
$arrCache[$strTag] = $varValue;
break;
}
}
}
\System::getContainer()->get('monolog.logger.contao')->log(LogLevel::INFO, 'Unknown insert tag: ' . $strTag);
break;
}
// Handle the flags
if (!empty($flags)) {
foreach ($flags as $flag) {
switch ($flag) {
case 'addslashes':
case 'standardize':
case 'ampersand':
case 'specialchars':
case 'nl2br':
case 'nl2br_pre':
case 'strtolower':
case 'utf8_strtolower':
case 'strtoupper':
case 'utf8_strtoupper':
case 'ucfirst':
case 'lcfirst':
case 'ucwords':
case 'trim':
case 'rtrim':
case 'ltrim':
case 'utf8_romanize':
case 'urlencode':
case 'rawurlencode':
$arrCache[$strTag] = $flag($arrCache[$strTag]);
break;
case 'encodeEmail':
$arrCache[$strTag] = \StringUtil::$flag($arrCache[$strTag]);
break;
case 'number_format':
$arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 0);
break;
case 'currency_format':
$arrCache[$strTag] = \System::getFormattedNumber($arrCache[$strTag], 2);
break;
case 'readable_size':
$arrCache[$strTag] = \System::getReadableSize($arrCache[$strTag]);
break;
case 'flatten':
if (!is_array($arrCache[$strTag])) {
break;
}
$it = new \RecursiveIteratorIterator(new \RecursiveArrayIterator($arrCache[$strTag]));
$result = array();
foreach ($it as $leafValue) {
$keys = array();
foreach (range(0, $it->getDepth()) as $depth) {
$keys[] = $it->getSubIterator($depth)->key();
}
$result[] = implode('.', $keys) . ': ' . $leafValue;
}
$arrCache[$strTag] = implode(', ', $result);
break;
// HOOK: pass unknown flags to callback functions
// HOOK: pass unknown flags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['insertTagFlags']) && is_array($GLOBALS['TL_HOOKS']['insertTagFlags'])) {
foreach ($GLOBALS['TL_HOOKS']['insertTagFlags'] as $callback) {
$this->import($callback[0]);
$varValue = $this->{$callback[0]}->{$callback[1]}($flag, $tag, $arrCache[$strTag], $flags, $blnCache, $tags, $arrCache, $_rit, $_cnt);
// see #5806
// Replace the tag and stop the loop
if ($varValue !== false) {
$arrCache[$strTag] = $varValue;
break;
}
}
}
\System::getContainer()->get('monolog.logger.contao')->log(LogLevel::INFO, 'Unknown insert tag flag: ' . $flag);
break;
}
}
}
$strBuffer .= $arrCache[$strTag];
}
return \StringUtil::restoreBasicEntities($strBuffer);
}
protected function addSubscriber()
{
$varInput = Idna::encodeEmail(Input::post('email', true));
// Validate the e-mail address
if (!Validator::isEmail($varInput)) {
$_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
$this->reload();
}
$objCleverReach = new CleverReach();
foreach ($this->clr_groups as $strGroupId) {
$objCleverReach->addReceiver($varInput, $strGroupId);
}
$objCleverReach->sendActivationMail($varInput, $this->clr_form);
// Redirect to the jumpTo page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
$this->redirect($this->generateFrontendUrl($objTarget->row()));
}
$_SESSION['SUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_confirm'];
$this->reload();
}
/**
* Create an admin user
*/
protected function createAdminUser()
{
try {
$objAdmin = $this->Database->execute("SELECT COUNT(*) AS count FROM tl_user WHERE admin=1");
if ($objAdmin->count > 0) {
$this->Template->adminCreated = true;
} elseif (\Input::post('FORM_SUBMIT') == 'tl_admin') {
// Do not allow special characters in usernames
if (preg_match('/[#\\(\\)\\/<=>]/', \Input::post('username', true))) {
$this->Template->usernameError = $GLOBALS['TL_LANG']['ERR']['extnd'];
} elseif (strpos(\Input::post('username', true), ' ') !== false) {
$this->Template->usernameError = sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $GLOBALS['TL_LANG']['MSC']['username']);
} elseif (!\Validator::isEmail(\Input::post('email', true))) {
$this->Template->emailError = $GLOBALS['TL_LANG']['ERR']['email'];
} elseif (\Input::post('pass', true) != \Input::post('confirm_pass', true)) {
$this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordMatch'];
} elseif (utf8_strlen(\Input::post('pass', true)) < \Config::get('minPasswordLength')) {
$this->Template->passwordError = sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength'));
} elseif (\Input::post('pass', true) == \Input::post('username', true)) {
$this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordName'];
} elseif (\Input::post('name') != '' && \Input::post('email', true) != '' && \Input::post('username', true) != '') {
$time = time();
$strPassword = \Encryption::hash(\Input::post('pass', true));
$this->Database->prepare("INSERT INTO tl_user (tstamp, name, email, username, password, language, backendTheme, admin, showHelp, useRTE, useCE, thumbnails, dateAdded) VALUES ({$time}, ?, ?, ?, ?, ?, ?, 1, 1, 1, 1, 1, {$time})")->execute(\Input::post('name'), \Input::post('email', true), \Input::post('username', true), $strPassword, str_replace('-', '_', $GLOBALS['TL_LANGUAGE']), \Config::get('backendTheme'));
\Config::persist('adminEmail', \Input::post('email', true));
// Scan the upload folder (see #6134)
if ($this->Database->tableExists('tl_files') && $this->Database->query("SELECT COUNT(*) AS count FROM tl_files")->count < 1) {
$this->import('Database\\Updater', 'Updater');
$this->Updater->scanUploadFolder();
}
$this->reload();
}
$this->Template->adminName = \Input::post('name');
$this->Template->adminEmail = \Input::post('email', true);
$this->Template->adminUser = \Input::post('username', true);
}
} catch (ResponseException $e) {
throw $e;
// see #267
} catch (\Exception $e) {
$this->Template->adminCreated = false;
}
}
/**
* Validate an e-mail address
*
* @param string $strEmail The e-mail address
*
* @return boolean True if it is a valid e-mail address
*
* @deprecated Deprecated since Contao 4.0, to be removed in Contao 5.0.
* Use Validator::isEmail() instead.
*/
protected function isValidEmailAddress($strEmail)
{
@trigger_error('Using System::isValidEmailAddress() has been deprecated and will no longer work in Contao 5.0. Use Validator::isEmail() instead.', E_USER_DEPRECATED);
return \Validator::isEmail($strEmail);
}
/**
* Tests the isEmail() method.
*
* @param string $email The email
* @param bool $expected The expected result
*
* @dataProvider emailProvider
*/
public function testEmail($email, $expected)
{
$this->assertEquals($expected, Validator::isEmail($email), 'Original: ' . $email . ' idna: ' . Idna::encodeEmail($email));
}
/**
* Validate the subscription form
*
* @param Widget $objWidget
*
* @return array|bool
*/
protected function validateForm(Widget $objWidget = null)
{
// Validate the e-mail address
$varInput = \Idna::encodeEmail(\Input::post('email', true));
if (!\Validator::isEmail($varInput)) {
$this->Template->mclass = 'error';
$this->Template->message = $GLOBALS['TL_LANG']['ERR']['email'];
return false;
}
$this->Template->email = $varInput;
// Validate the channel selection
$arrChannels = \Input::post('channels');
if (!is_array($arrChannels)) {
$this->Template->mclass = 'error';
$this->Template->message = $GLOBALS['TL_LANG']['ERR']['noChannels'];
return false;
}
$arrChannels = array_intersect($arrChannels, $this->nl_channels);
// see #3240
if (!is_array($arrChannels) || empty($arrChannels)) {
$this->Template->mclass = 'error';
$this->Template->message = $GLOBALS['TL_LANG']['ERR']['noChannels'];
return false;
}
$this->Template->selectedChannels = $arrChannels;
// Check if there are any new subscriptions
$arrSubscriptions = array();
if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) {
$arrSubscriptions = $objSubscription->fetchEach('pid');
}
$arrRemove = array_intersect($arrChannels, $arrSubscriptions);
if (!is_array($arrRemove) || empty($arrRemove)) {
$this->Template->mclass = 'error';
$this->Template->message = $GLOBALS['TL_LANG']['ERR']['unsubscribed'];
return false;
}
// Validate the captcha
if ($objWidget !== null) {
$objWidget->validate();
if ($objWidget->hasErrors()) {
return false;
}
}
return array($varInput, $arrRemove);
}
/**
* Add a breadcrumb menu to the file tree
*
* @param string $strKey
*
* @throws AccessDeniedException
* @throws \RuntimeException
*/
public static function addFilesBreadcrumb($strKey = 'tl_files_node')
{
/** @var AttributeBagInterface $objSession */
$objSession = \System::getContainer()->get('session')->getBag('contao_backend');
// Set a new node
if (isset($_GET['fn'])) {
// Check the path (thanks to Arnaud Buchoux)
if (\Validator::isInsecurePath(\Input::get('fn', true))) {
throw new \RuntimeException('Insecure path ' . \Input::get('fn', true));
}
$objSession->set($strKey, \Input::get('fn', true));
\Controller::redirect(preg_replace('/(&|\\?)fn=[^&]*/', '', \Environment::get('request')));
}
$strNode = $objSession->get($strKey);
if ($strNode == '') {
return;
}
// Check the path (thanks to Arnaud Buchoux)
if (\Validator::isInsecurePath($strNode)) {
throw new \RuntimeException('Insecure path ' . $strNode);
}
// Currently selected folder does not exist
if (!is_dir(TL_ROOT . '/' . $strNode)) {
$objSession->set($strKey, '');
return;
}
$objUser = \BackendUser::getInstance();
$strPath = \Config::get('uploadPath');
$arrNodes = explode('/', preg_replace('/^' . preg_quote(\Config::get('uploadPath'), '/') . '\\//', '', $strNode));
$arrLinks = array();
// Add root link
$arrLinks[] = \Image::getHtml('filemounts.svg') . ' <a href="' . \Backend::addToUrl('fn=') . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectAllNodes']) . '">' . $GLOBALS['TL_LANG']['MSC']['filterAll'] . '</a>';
// Generate breadcrumb trail
foreach ($arrNodes as $strFolder) {
$strPath .= '/' . $strFolder;
// Do not show pages which are not mounted
if (!$objUser->hasAccess($strPath, 'filemounts')) {
continue;
}
// No link for the active folder
if ($strPath == $strNode) {
$arrLinks[] = \Image::getHtml('folderC.svg') . ' ' . $strFolder;
} else {
$arrLinks[] = \Image::getHtml('folderC.svg') . ' <a href="' . \Backend::addToUrl('fn=' . $strPath) . '" title="' . \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['selectNode']) . '">' . $strFolder . '</a>';
}
}
// Check whether the node is mounted
if (!$objUser->hasAccess($strNode, 'filemounts')) {
$objSession->set($strKey, '');
throw new AccessDeniedException('Folder ID "' . $strNode . '" is not mounted');
}
// Limit tree
$GLOBALS['TL_DCA']['tl_files']['list']['sorting']['root'] = array($strNode);
// Insert breadcrumb menu
$GLOBALS['TL_DCA']['tl_files']['list']['sorting']['breadcrumb'] .= '
<ul id="tl_breadcrumb">
<li>' . implode(' > </li><li>', $arrLinks) . '</li>
</ul>';
}
/**
* Add templates to the archive
*
* @param ZipWriter $objArchive
* @param string $strFolder
*/
protected function addTemplatesToArchive(ZipWriter $objArchive, $strFolder)
{
// Strip the templates folder name
$strFolder = preg_replace('@^templates/@', '', $strFolder);
// Re-add the templates folder name
if ($strFolder == '') {
$strFolder = 'templates';
} else {
$strFolder = 'templates/' . $strFolder;
}
if (\Validator::isInsecurePath($strFolder)) {
throw new \RuntimeException('Insecure path ' . $strFolder);
}
// Return if the folder does not exist
if (!is_dir(TL_ROOT . '/' . $strFolder)) {
return;
}
$arrAllowed = \StringUtil::trimsplit(',', strtolower(\Config::get('templateFiles')));
array_push($arrAllowed, 'sql');
// see #7048
// Add all template files to the archive
foreach (scan(TL_ROOT . '/' . $strFolder) as $strFile) {
if (preg_match('/\\.(' . implode('|', $arrAllowed) . ')$/', $strFile) && strncmp($strFile, 'be_', 3) !== 0 && strncmp($strFile, 'nl_', 3) !== 0) {
$objArchive->addFile($strFolder . '/' . $strFile);
}
}
}
/**
* Recursively validate an input variable
*
* @param mixed $varInput The user input
*
* @return mixed The original or modified user input
*/
protected function validator($varInput)
{
if (is_array($varInput)) {
foreach ($varInput as $k => $v) {
$varInput[$k] = $this->validator($v);
}
return $varInput;
}
if (!$this->doNotTrim) {
$varInput = trim($varInput);
}
if ($varInput == '') {
if (!$this->mandatory) {
return '';
} else {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
}
if ($this->minlength && $varInput != '' && Utf8::strlen($varInput) < $this->minlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength));
}
if ($this->maxlength && $varInput != '' && Utf8::strlen($varInput) > $this->maxlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength));
}
if ($this->minval && is_numeric($varInput) && $varInput < $this->minval) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minval'], $this->strLabel, $this->minval));
}
if ($this->maxval && is_numeric($varInput) && $varInput > $this->maxval) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxval'], $this->strLabel, $this->maxval));
}
if ($this->rgxp != '') {
switch ($this->rgxp) {
// Special validation rule for style sheets
case strncmp($this->rgxp, 'digit_', 6) === 0:
$textual = explode('_', $this->rgxp);
array_shift($textual);
if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) {
break;
}
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] and minus [-])
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] and minus [-])
case 'digit':
// Support decimal commas and convert them automatically (see #3488)
if (substr_count($varInput, ',') == 1 && strpos($varInput, '.') === false) {
$varInput = str_replace(',', '.', $varInput);
}
if (!\Validator::isNumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel));
}
break;
// Natural numbers (positive integers)
// Natural numbers (positive integers)
case 'natural':
if (!\Validator::isNatural($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['natural'], $this->strLabel));
}
break;
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
case 'alpha':
if (!\Validator::isAlphabetic($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel));
}
break;
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
case 'alnum':
if (!\Validator::isAlphanumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel));
}
break;
// Do not allow any characters that are usually encoded by class Input ([#<>()\=])
// Do not allow any characters that are usually encoded by class Input ([#<>()\=])
case 'extnd':
if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel));
}
break;
// Check whether the current value is a valid date format
// Check whether the current value is a valid date format
case 'date':
if (!\Validator::isDate($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], \Date::getInputFormat(\Date::getNumericDateFormat())));
} else {
// Validate the date (see #5086)
try {
new \Date($varInput, \Date::getNumericDateFormat());
} catch (\OutOfBoundsException $e) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
}
}
break;
// Check whether the current value is a valid time format
// Check whether the current value is a valid time format
case 'time':
if (!\Validator::isTime($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], \Date::getInputFormat(\Date::getNumericTimeFormat())));
}
break;
// Check whether the current value is a valid date and time format
// Check whether the current value is a valid date and time format
case 'datim':
if (!\Validator::isDatim($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], \Date::getInputFormat(\Date::getNumericDatimFormat())));
} else {
// Validate the date (see #5086)
try {
new \Date($varInput, \Date::getNumericDatimFormat());
} catch (\OutOfBoundsException $e) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
}
}
break;
// Check whether the current value is a valid friendly name e-mail address
// Check whether the current value is a valid friendly name e-mail address
case 'friendly':
list($strName, $varInput) = \StringUtil::splitFriendlyEmail($varInput);
// no break;
// Check whether the current value is a valid e-mail address
// no break;
// Check whether the current value is a valid e-mail address
case 'email':
if (!\Validator::isEmail($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel));
}
if ($this->rgxp == 'friendly' && !empty($strName)) {
$varInput = $strName . ' [' . $varInput . ']';
}
break;
// Check whether the current value is list of valid e-mail addresses
// Check whether the current value is list of valid e-mail addresses
case 'emails':
$arrEmails = \StringUtil::trimsplit(',', $varInput);
foreach ($arrEmails as $strEmail) {
$strEmail = \Idna::encodeEmail($strEmail);
if (!\Validator::isEmail($strEmail)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel));
break;
}
}
break;
// Check whether the current value is a valid URL
// Check whether the current value is a valid URL
case 'url':
if (!\Validator::isUrl($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel));
}
break;
// Check whether the current value is a valid alias
// Check whether the current value is a valid alias
case 'alias':
if (!\Validator::isAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel));
}
break;
// Check whether the current value is a valid folder URL alias
// Check whether the current value is a valid folder URL alias
case 'folderalias':
if (!\Validator::isFolderAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel));
}
break;
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
case 'phone':
if (!\Validator::isPhone(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel));
}
break;
// Check whether the current value is a percent value
// Check whether the current value is a percent value
case 'prcnt':
if (!\Validator::isPercent($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel));
}
break;
// Check whether the current value is a locale
// Check whether the current value is a locale
case 'locale':
if (!\Validator::isLocale($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['locale'], $this->strLabel));
}
break;
// Check whether the current value is a language code
// Check whether the current value is a language code
case 'language':
if (!\Validator::isLanguage($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['language'], $this->strLabel));
}
break;
// Check whether the current value is a Google+ ID or vanity name
// Check whether the current value is a Google+ ID or vanity name
case 'google+':
if (!\Validator::isGooglePlusId($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidGoogleId'], $this->strLabel));
}
break;
// Check whether the current value is a field name
// Check whether the current value is a field name
case 'fieldname':
if (!\Validator::isFieldName($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidFieldName'], $this->strLabel));
}
break;
// HOOK: pass unknown tags to callback functions
// HOOK: pass unknown tags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) {
foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) {
$this->import($callback[0]);
$break = $this->{$callback[0]}->{$callback[1]}($this->rgxp, $varInput, $this);
// Stop the loop if a callback returned true
if ($break === true) {
break;
}
}
}
break;
}
}
if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) {
$varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput);
}
if ($this->nospace && preg_match('/[\\t ]+/', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel));
}
if ($this->spaceToUnderscore) {
$varInput = preg_replace('/\\s+/', '_', trim($varInput));
}
if (is_bool($this->trailingSlash) && $varInput != '') {
$varInput = preg_replace('/\\/+$/', '', $varInput) . ($this->trailingSlash ? '/' : '');
}
return $varInput;
}
/**
* Render a calendar event.
*
* @param GetCalendarEventEvent $event The event.
*
* @param string $eventName The event name.
*
* @param EventDispatcherInterface $eventDispatcher The event dispatcher.
*
* @return void
*
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
* @SuppressWarnings(PHPMD.Superglobals)
* @SuppressWarnings(PHPMD.CamelCaseVariableName)
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function handleEvent(GetCalendarEventEvent $event, $eventName, EventDispatcherInterface $eventDispatcher)
{
if ($event->getCalendarEventHtml()) {
return;
}
$calendarCollection = CalendarModel::findAll();
if (!$calendarCollection) {
return;
}
$calendarIds = $calendarCollection->fetchEach('id');
$eventModel = CalendarEventsModel::findPublishedByParentAndIdOrAlias($event->getCalendarEventId(), $calendarIds);
if (!$eventModel) {
return;
}
$calendarModel = $eventModel->getRelated('pid');
$objPage = PageModel::findWithDetails($calendarModel->jumpTo);
if ($event->getDateTime()) {
$selectedStartDateTime = clone $event->getDateTime();
$selectedStartDateTime->setTime(date('H', $eventModel->startTime), date('i', $eventModel->startTime), date('s', $eventModel->startTime));
$secondsBetweenStartAndEndTime = $eventModel->endTime - $eventModel->startTime;
$intStartTime = $selectedStartDateTime->getTimestamp();
$intEndTime = $intStartTime + $secondsBetweenStartAndEndTime;
} else {
$intStartTime = $eventModel->startTime;
$intEndTime = $eventModel->endTime;
}
$span = Calendar::calculateSpan($intStartTime, $intEndTime);
// Do not show dates in the past if the event is recurring (see #923).
if ($eventModel->recurring) {
$arrRange = deserialize($eventModel->repeatEach);
while ($intStartTime < time() && $intEndTime < $eventModel->repeatEnd) {
$intStartTime = strtotime('+' . $arrRange['value'] . ' ' . $arrRange['unit'], $intStartTime);
$intEndTime = strtotime('+' . $arrRange['value'] . ' ' . $arrRange['unit'], $intEndTime);
}
}
if ($objPage->outputFormat == 'xhtml') {
$strTimeStart = '';
$strTimeEnd = '';
$strTimeClose = '';
} else {
$strTimeStart = '';
$strTimeEnd = '';
$strTimeClose = '';
// @codingStandardsIgnoreStart
/*
TODO $this->date and $this->time is used in the <a> title attribute and cannot contain HTML!
$strTimeStart = '<time datetime="' . date('Y-m-d\TH:i:sP', $intStartTime) . '">';
$strTimeEnd = '<time datetime="' . date('Y-m-d\TH:i:sP', $intEndTime) . '">';
$strTimeClose = '</time>';
*/
// @codingStandardsIgnoreEnd
}
// Get date.
if ($span > 0) {
$date = $strTimeStart . Date::parse($eventModel->addTime ? $objPage->datimFormat : $objPage->dateFormat, $intStartTime) . $strTimeClose . ' - ' . $strTimeEnd . Date::parse($eventModel->addTime ? $objPage->datimFormat : $objPage->dateFormat, $intEndTime) . $strTimeClose;
} elseif ($intStartTime == $intEndTime) {
$date = $strTimeStart . Date::parse($objPage->dateFormat, $intStartTime) . ($eventModel->addTime ? ' (' . Date::parse($objPage->timeFormat, $intStartTime) . ')' : '') . $strTimeClose;
} else {
$date = $strTimeStart . Date::parse($objPage->dateFormat, $intStartTime) . ($eventModel->addTime ? ' (' . Date::parse($objPage->timeFormat, $intStartTime) . $strTimeClose . ' - ' . $strTimeEnd . Date::parse($objPage->timeFormat, $intEndTime) . ')' : '') . $strTimeClose;
}
$until = '';
$recurring = '';
// Recurring event.
if ($eventModel->recurring) {
$arrRange = deserialize($eventModel->repeatEach);
$strKey = 'cal_' . $arrRange['unit'];
$recurring = sprintf($GLOBALS['TL_LANG']['MSC'][$strKey], $arrRange['value']);
if ($eventModel->recurrences > 0) {
$until = sprintf($GLOBALS['TL_LANG']['MSC']['cal_until'], Date::parse($objPage->dateFormat, $eventModel->repeatEnd));
}
}
// Override the default image size.
// This is always false.
if ($this->imgSize != '') {
$size = deserialize($this->imgSize);
if ($size[0] > 0 || $size[1] > 0) {
$eventModel->size = $this->imgSize;
}
}
$objTemplate = new FrontendTemplate($event->getTemplate());
$objTemplate->setData($eventModel->row());
$objTemplate->date = $date;
$objTemplate->start = $intStartTime;
$objTemplate->end = $intEndTime;
$objTemplate->class = $eventModel->cssClass != '' ? ' ' . $eventModel->cssClass : '';
$objTemplate->recurring = $recurring;
$objTemplate->until = $until;
$objTemplate->locationLabel = $GLOBALS['TL_LANG']['MSC']['location'];
$objTemplate->details = '';
$objElement = ContentModel::findPublishedByPidAndTable($eventModel->id, 'tl_calendar_events');
if ($objElement !== null) {
while ($objElement->next()) {
$getContentElementEvent = new GetContentElementEvent($objElement->id);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_GET_CONTENT_ELEMENT, $getContentElementEvent);
$objTemplate->details .= $getContentElementEvent->getContentElementHtml();
}
$objTemplate->hasDetails = true;
}
$objTemplate->addImage = false;
// Add an image.
if ($eventModel->addImage && $eventModel->singleSRC != '') {
$objModel = FilesModel::findByUuid($eventModel->singleSRC);
if ($objModel === null) {
if (!Validator::isUuid($eventModel->singleSRC)) {
$objTemplate->text = '<p class="error">' . $GLOBALS['TL_LANG']['ERR']['version2format'] . '</p>';
}
} elseif (is_file(TL_ROOT . '/' . $objModel->path)) {
// Do not override the field now that we have a model registry (see #6303).
$arrEvent = $eventModel->row();
$arrEvent['singleSRC'] = $objModel->path;
$addImageToTemplateEvent = new AddImageToTemplateEvent($arrEvent, $objTemplate);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_IMAGE_TO_TEMPLATE, $addImageToTemplateEvent);
}
}
$objTemplate->enclosure = array();
// Add enclosures.
if ($eventModel->addEnclosure) {
$addEnclosureToTemplateEvent = new AddEnclosureToTemplateEvent($eventModel->row(), $objTemplate);
$eventDispatcher->dispatch(ContaoEvents::CONTROLLER_ADD_ENCLOSURE_TO_TEMPLATE, $addEnclosureToTemplateEvent);
}
$calendarEvent = $objTemplate->parse();
$event->setCalendarEventHtml($calendarEvent);
}
/**
* Extract all e-mail addresses from a string
*
* @param string $strString The string
*
* @return array The e-mail addresses
*/
public static function extractEmail($strString)
{
$arrEmails = array();
preg_match_all('/(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', $strString, $arrEmails);
foreach ($arrEmails[0] as $strKey => $strEmail) {
if (!\Validator::isEmail($strEmail)) {
unset($arrEmails[0][$strKey]);
}
}
return array_values($arrEmails[0]);
}
/**
* Extract all e-mail addresses from a string
*
* @param string $strString The string
* @param string $strAllowedTags A list of allowed HTML tags
*
* @return array The e-mail addresses
*/
public static function extractEmail($strString, $strAllowedTags = '')
{
$arrEmails = array();
if (strpos($strString, '@') === false) {
return $arrEmails;
}
// Find all mailto: addresses
preg_match_all('/mailto:(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', $strString, $matches);
foreach ($matches[0] as &$strEmail) {
$strEmail = str_replace('mailto:', '', $strEmail);
if (\Validator::isEmail($strEmail)) {
$arrEmails[] = $strEmail;
}
}
// Encode opening arrow brackets (see #3998)
$strString = preg_replace_callback('@</?([^\\s<>/]*)@', function ($matches) use($strAllowedTags) {
if ($matches[1] == '' || strpos(strtolower($strAllowedTags), '<' . strtolower($matches[1]) . '>') === false) {
$matches[0] = str_replace('<', '<', $matches[0]);
}
return $matches[0];
}, $strString);
// Find all addresses in the plain text
preg_match_all('/(?:[^\\x00-\\x20\\x22\\x40\\x7F]+|\\x22[^\\x00-\\x1F\\x7F]+?\\x22)@(?:\\[(?:IPv)?[a-f0-9.:]+\\]|[\\w.-]+\\.[a-z]{2,63}\\b)/u', strip_tags($strString), $matches);
foreach ($matches[0] as &$strEmail) {
$strEmail = str_replace('<', '<', $strEmail);
if (\Validator::isEmail($strEmail)) {
$arrEmails[] = $strEmail;
}
}
return array_unique($arrEmails);
}