/** * Renders the checkbox. * * @param boolean $checked Specifies that the input element should be preselected * @throws \TYPO3\CMS\Fluid\Core\ViewHelper\Exception * @return string * @api */ public function render($checked = TRUE) { if (!$this->arguments['value'] instanceof \TYPO3\CMS\Extbase\Domain\Model\FileReference) { var_dump($this->arguments['value']); throw new \InvalidArgumentException('The value assigned to Form.Multiupload.DeleteViewhelper must be of type FileReference', 1421848917); } $resourcePointerValue = $this->arguments['value']->getUid(); if ($resourcePointerValue === NULL) { // Newly created file reference which is not persisted yet. // Use the file UID instead, but prefix it with "file:" to communicate this to the type converter $resourcePointerValue = 'file:' . $this->arguments['value']->getOriginalResource()->getOriginalFile()->getUid(); } $index = $this->viewHelperVariableContainer->get('Helhum\\UploadExample\\ViewHelpers\\Form\\MultiuploadViewHelper', 'fileReferenceIndex'); $this->viewHelperVariableContainer->addOrUpdate('Helhum\\UploadExample\\ViewHelpers\\Form\\MultiuploadViewHelper', 'fileReferenceIndex', ++$index); // TODO: Fluid automatically adds the __identity key if the argument to the // viewhelper is a persisted model, but stripping the key on our own // is ugly here. Generate the name on ourselves? $name = $this->getName(); $name = (strpos($name, '[__identity]') === FALSE ? $name : substr($name, 0, -strlen('[__identity]'))) . '[' . $index . ']'; $this->registerFieldNameForFormTokenGeneration($name); $this->tag->addAttribute('name', $name . '[submittedFile][resourcePointer]'); $this->tag->addAttribute('type', 'checkbox'); $this->tag->addAttribute('value', htmlspecialchars($this->hashService->appendHmac((string) $resourcePointerValue))); if ($checked) { $this->tag->addAttribute('checked', 'checked'); } return $this->tag->render(); }
/** * Renders the upload field with possible resource pointer * * @return string * @api */ public function render() { $output = ''; $resource = $this->getUploadedResource(); if ($resource !== NULL) { $resourcePointerIdAttribute = ''; if ($this->hasArgument('id')) { $resourcePointerIdAttribute = ' id="' . htmlspecialchars($this->arguments['id']) . '-file-reference"'; } $resourcePointerValue = $resource->getUid(); if ($resourcePointerValue === NULL) { // Newly created file reference which is not persisted yet. // Use the file UID instead, but prefix it with "file:" to communicate this to the type converter $resourcePointerValue = 'file:' . $resource->getOriginalResource()->getOriginalFile()->getUid(); } $output .= '<input type="hidden" name="' . $this->getName() . '[submittedFile][resourcePointer]" value="' . htmlspecialchars($this->hashService->appendHmac((string) $resourcePointerValue)) . '"' . $resourcePointerIdAttribute . ' />'; } $output .= parent::render(); $this->templateVariableContainer->add('resource', $resource); $this->templateVariableContainer->add('property', $this->arguments['property']); $output .= $this->renderChildren(); $this->templateVariableContainer->remove('resource'); $this->templateVariableContainer->remove('property'); return $output; }
/** * @return void */ public function indexAction() { //$GLOBALS['TSFE']->additionalHeaderData[md5('qbtools_jquery')] = '<script type="text/javascript" src="http://code.jquery.com/jquery-1.11.0.min.js"></script>'; $this->view->assign('required', $this->widgetConfiguration['required']); //$this->view->assign("qbmailformid", "qbmailform-".$this->controllerContext->getRequest()->getWidgetContext()->getAjaxWidgetIdentifier()); $id = 'qbmailform-' . md5(uniqid(mt_rand(), true)); $this->view->assign('qbmailformid', $id); $this->widgetConfiguration['receiver_overwrite_email'] = $this->getReceiverOverwriteEmail(); $this->view->assign('absRefPrefix', $GLOBALS['TSFE']->absRefPrefix); $this->view->assign('qbmailformConfig', $this->hashService->appendHmac(base64_encode(serialize($this->widgetConfiguration)))); $this->view->setTemplateRootPath(GeneralUtility::getFileAbsFileName('EXT:qbtools/Resources/Private/Templates/')); }
/** * @test */ public function validateAndStripHmacReturnsTheStringWithoutHmac() { $string = ' Some arbitrary string with special characters: öäüß!"§$ '; $hashedString = $this->hashService->appendHmac($string); $actualResult = $this->hashService->validateAndStripHmac($hashedString); $this->assertSame($string, $actualResult); }
/** * Returns the rendered HTML for the given template * * @param \DERHANSEN\SfEventMgt\Domain\Model\Event $event Event * @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration * @param string $template Template * @param array $settings Settings * * @return string */ protected function getNotificationBody($event, $registration, $template, $settings) { /** @var \TYPO3\CMS\Fluid\View\StandaloneView $emailView */ $emailView = $this->objectManager->get('TYPO3\\CMS\\Fluid\\View\\StandaloneView'); $emailView->setFormat('html'); $extbaseFrameworkConfiguration = $this->configurationManager->getConfiguration(ConfigurationManagerInterface::CONFIGURATION_TYPE_FULL_TYPOSCRIPT); $templateRootPath = GeneralUtility::getFileAbsFileName($extbaseFrameworkConfiguration['plugin.']['tx_sfeventmgt.']['view.']['templateRootPath']); $layoutRootPath = GeneralUtility::getFileAbsFileName($extbaseFrameworkConfiguration['plugin.']['tx_sfeventmgt.']['view.']['layoutRootPath']); $emailView->setLayoutRootPath($layoutRootPath); $emailView->setTemplatePathAndFilename($templateRootPath . $template); $emailView->assignMultiple(array('event' => $event, 'registration' => $registration, 'settings' => $settings, 'hmac' => $this->hashService->generateHmac('reg-' . $registration->getUid()), 'reghmac' => $this->hashService->appendHmac((string) $registration->getUid()))); $emailBody = $emailView->render(); return $emailBody; }
/** * Renders hidden form fields for referrer information about * the current controller and action. * * @return string Hidden fields with referrer information * @todo filter out referrer information that is equal to the target (e.g. same packageKey) */ protected function renderHiddenReferrerFields() { $request = $this->renderingContext->getControllerContext()->getRequest(); $extensionName = $request->getControllerExtensionName(); $vendorName = $request->getControllerVendorName(); $controllerName = $request->getControllerName(); $actionName = $request->getControllerActionName(); $result = LF; $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@extension]') . '" value="' . $extensionName . '" />' . LF; if ($vendorName !== null) { $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@vendor]') . '" value="' . $vendorName . '" />' . LF; } $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@controller]') . '" value="' . $controllerName . '" />' . LF; $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@action]') . '" value="' . $actionName . '" />' . LF; $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[arguments]') . '" value="' . htmlspecialchars($this->hashService->appendHmac(base64_encode(serialize($request->getArguments())))) . '" />' . LF; return $result; }
/** * Receive new file via XHR request and put it in storage. * Errors from validation are handled in the errorAction. * @param \TYPO3\CMS\Extbase\Domain\Model\FileReference $file * @param string $hmac * @return string */ public function putAction(\TYPO3\CMS\Extbase\Domain\Model\FileReference $file, $hmac = null) { $fileObject = $file->getOriginalResource()->getOriginalFile(); if ($hmac !== null) { $fileReferenceUid = $this->retrieveFileReferenceUid($hmac); $fileReference = $this->updateFileReference($fileReferenceUid, $file->getOriginalResource()); } // Genereate resourcePointerValue from updated fileReference or fallback from file if ($fileReference !== null) { $resourcePointerValue = $fileReference->getUid(); } if ($resourcePointerValue === null) { $resourcePointerValue = 'file:' . $fileObject->getUid(); } // Return success payload return $this->returnStatus(200, 'Upload successful', ['status' => 200, 'message' => 'Upload successful', 'file' => ['uid' => $fileObject->getUid(), 'name' => $fileObject->getName(), 'identifier' => $fileObject->getIdentifier(), 'storage' => $fileObject->getStorage()->getUid(), 'resourcePointerValue' => htmlspecialchars($this->hashService->appendHmac((string) $resourcePointerValue))]]); }
/** * Returns the rendered HTML for the given template * * @param \DERHANSEN\SfEventMgt\Domain\Model\Event $event Event * @param \DERHANSEN\SfEventMgt\Domain\Model\Registration $registration Registration * @param string $template Template * @param array $settings Settings * * @return string */ protected function getNotificationBody($event, $registration, $template, $settings) { /** @var \TYPO3\CMS\Fluid\View\StandaloneView $emailView */ $emailView = $this->objectManager->get('TYPO3\\CMS\\Fluid\\View\\StandaloneView'); $emailView->setFormat('html'); $layoutRootPaths = $this->fluidStandaloneService->getTemplateFolders('layout'); $partialRootPaths = $this->fluidStandaloneService->getTemplateFolders('partial'); if (TYPO3_MODE === 'BE' && $registration->getLanguage() !== '') { // Temporary set Language of current BE user to given language $GLOBALS['BE_USER']->uc['lang'] = $registration->getLanguage(); $emailView->getRequest()->setControllerExtensionName('SfEventMgt'); } $emailView->setLayoutRootPaths($layoutRootPaths); $emailView->setPartialRootPaths($partialRootPaths); $emailView->setTemplatePathAndFilename($this->fluidStandaloneService->getTemplatePath($template)); $emailView->assignMultiple(['event' => $event, 'registration' => $registration, 'settings' => $settings, 'hmac' => $this->hashService->generateHmac('reg-' . $registration->getUid()), 'reghmac' => $this->hashService->appendHmac((string) $registration->getUid())]); $emailBody = $emailView->render(); return $emailBody; }
/** * Renders hidden form fields for referrer information about * the current controller and action. * * @return string Hidden fields with referrer information * @todo filter out referrer information that is equal to the target (e.g. same packageKey) */ protected function renderHiddenReferrerFields() { $request = $this->controllerContext->getRequest(); $extensionName = $request->getControllerExtensionName(); $controllerName = $request->getControllerName(); $actionName = $request->getControllerActionName(); $result = chr(10); if ($this->configurationManager->isFeatureEnabled('rewrittenPropertyMapper')) { $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@extension]') . '" value="' . $extensionName . '" />' . chr(10); $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@controller]') . '" value="' . $controllerName . '" />' . chr(10); $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[@action]') . '" value="' . $actionName . '" />' . chr(10); $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[arguments]') . '" value="' . htmlspecialchars($this->hashService->appendHmac(base64_encode(serialize($request->getArguments())))) . '" />' . chr(10); } else { // @deprecated since Extbase 1.4.0, will be removed with Extbase 1.6.0. $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[extensionName]') . '" value="' . $extensionName . '" />' . chr(10); $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[controllerName]') . '" value="' . $controllerName . '" />' . chr(10); $result .= '<input type="hidden" name="' . $this->prefixFieldName('__referrer[actionName]') . '" value="' . $actionName . '" />' . chr(10); } return $result; }
/** * Serialize and hash the form field array * * @param array $formFieldArray form field array to be serialized and hashed * * @return string Hash */ protected function serializeAndHashFormFieldArray(array $formFieldArray) { $serializedFormFieldArray = serialize($formFieldArray); return $this->hashService->appendHmac($serializedFormFieldArray); }