/** * Run the controller and parse the password template */ public function run() { /** @var \BackendTemplate|object $objTemplate */ $objTemplate = new \BackendTemplate('be_password'); if (\Input::post('FORM_SUBMIT') == 'tl_password') { $pw = \Input::postUnsafeRaw('password'); $cnf = \Input::postUnsafeRaw('confirm'); // The passwords do not match if ($pw != $cnf) { \Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']); } elseif (utf8_strlen($pw) < \Config::get('minPasswordLength')) { \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength'))); } elseif ($pw == $this->User->username) { \Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']); } else { // Make sure the password has been changed if (\Encryption::verify($pw, $this->User->password)) { \Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']); } else { $this->loadDataContainer('tl_user'); // Trigger the save_callback if (is_array($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_user']['fields']['password']['save_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $pw = $this->{$callback[0]}->{$callback[1]}($pw); } elseif (is_callable($callback)) { $pw = $callback($pw); } } } $objUser = \UserModel::findByPk($this->User->id); $objUser->pwChange = ''; $objUser->password = \Encryption::hash($pw); $objUser->save(); \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']); $this->redirect('' . $GLOBALS['TL_CONFIG']['backendPath'] . '/main.php'); } } $this->reload(); } $objTemplate->theme = \Backend::getTheme(); $objTemplate->messages = \Message::generate(); $objTemplate->base = \Environment::get('base'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->title = specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']); $objTemplate->charset = \Config::get('characterSet'); $objTemplate->action = ampersand(\Environment::get('request')); $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pw_change']; $objTemplate->submitButton = specialchars($GLOBALS['TL_LANG']['MSC']['continue']); $objTemplate->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $objTemplate->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0]; $objTemplate->output(); }
/** * Run the controller and parse the password template */ public function run() { $this->Template = new BackendTemplate('be_password'); if (Input::post('FORM_SUBMIT') == 'tl_password') { $pw = Input::post('password'); $cnf = Input::post('confirm'); // Do not allow special characters if (preg_match('/[#\\(\\)\\/<=>]/', html_entity_decode(Input::post('password')))) { Message::addError($GLOBALS['TL_LANG']['ERR']['extnd']); } elseif ($pw != $cnf) { Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']); } elseif (utf8_strlen($pw) < $GLOBALS['TL_CONFIG']['minPasswordLength']) { Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], $GLOBALS['TL_CONFIG']['minPasswordLength'])); } elseif ($pw == $this->User->username) { Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']); } else { list(, $strSalt) = explode(':', $this->User->password); $strPassword = sha1($strSalt . $pw); // Make sure the password has been changed if ($strPassword . ':' . $strSalt == $this->User->password) { Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']); } else { $strSalt = substr(md5(uniqid(mt_rand(), true)), 0, 23); $strPassword = sha1($strSalt . $pw); $objUser = UserModel::findByPk($this->User->id); $objUser->pwChange = ''; $objUser->password = $strPassword . ':' . $strSalt; $objUser->save(); Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']); $this->redirect('contao/main.php'); } } $this->reload(); } $this->Template->theme = $this->getTheme(); $this->Template->messages = Message::generate(); $this->Template->base = Environment::get('base'); $this->Template->language = $GLOBALS['TL_LANGUAGE']; $this->Template->title = specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']); $this->Template->charset = $GLOBALS['TL_CONFIG']['characterSet']; $this->Template->action = ampersand(Environment::get('request')); $this->Template->headline = $GLOBALS['TL_LANG']['MSC']['pw_change']; $this->Template->submitButton = specialchars($GLOBALS['TL_LANG']['MSC']['continue']); $this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $this->Template->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0]; $this->Template->output(); }
/** * Resolve the user from the session. * * @return \UserModel * * @internal */ public function resolveBackendUser() { if (TL_MODE == 'FE') { // request the BE_USER_AUTH login status $hash = $this->input->cookie(self::COOKIE_NAME); // Check the cookie hash if ($this->validateHash($hash)) { $session = $this->database->prepare("SELECT * FROM tl_session WHERE hash=? AND name=?")->execute($hash, self::COOKIE_NAME); // Try to find the session in the database if ($session->next() && $this->validateUserSession($hash, $session)) { $userId = $session->pid; $user = \UserModel::findByPk($userId); return $user; } } } return null; }
/** * Run the controller and parse the password template */ public function run() { $this->Template = new BackendTemplate('be_password'); if (Input::post('FORM_SUBMIT') == 'tl_password') { $pw = Input::post('password', true); $cnf = Input::post('confirm', true); // The passwords do not match if ($pw != $cnf) { Message::addError($GLOBALS['TL_LANG']['ERR']['passwordMatch']); } elseif (utf8_strlen($pw) < $GLOBALS['TL_CONFIG']['minPasswordLength']) { Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], $GLOBALS['TL_CONFIG']['minPasswordLength'])); } elseif ($pw == $this->User->username) { Message::addError($GLOBALS['TL_LANG']['ERR']['passwordName']); } else { // Make sure the password has been changed if (crypt($pw, $this->User->password) == $this->User->password) { Message::addError($GLOBALS['TL_LANG']['MSC']['pw_change']); } else { $objUser = UserModel::findByPk($this->User->id); $objUser->pwChange = ''; $objUser->password = Encryption::hash($pw); $objUser->save(); Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['pw_changed']); $this->redirect('contao/main.php'); } } $this->reload(); } $this->Template->theme = $this->getTheme(); $this->Template->messages = Message::generate(); $this->Template->base = Environment::get('base'); $this->Template->language = $GLOBALS['TL_LANGUAGE']; $this->Template->title = specialchars($GLOBALS['TL_LANG']['MSC']['pw_new']); $this->Template->charset = $GLOBALS['TL_CONFIG']['characterSet']; $this->Template->action = ampersand(Environment::get('request')); $this->Template->headline = $GLOBALS['TL_LANG']['MSC']['pw_change']; $this->Template->submitButton = specialchars($GLOBALS['TL_LANG']['MSC']['continue']); $this->Template->password = $GLOBALS['TL_LANG']['MSC']['password'][0]; $this->Template->confirm = $GLOBALS['TL_LANG']['MSC']['confirm'][0]; $this->Template->output(); }
public function renderRow($row, $label) { $intEditTime = $row['last_activity'] - $row['login_time']; $strActivity = $row['do_activity']; if (isset($GLOBALS['TL_LANG']['MOD'][$row['do_activity']]) && is_array($GLOBALS['TL_LANG']['MOD'][$row['do_activity']])) { $strActivity = $GLOBALS['TL_LANG']['MOD'][$row['do_activity']][0]; } if (isset($GLOBALS['time_tracker'][$row['pid']][date('d.m.Y', $row['last_activity'])])) { $intUserTime = $GLOBALS['time_tracker'][$row['pid']][date('d.m.Y', $row['last_activity'])] + $intEditTime; } else { $intUserTime = $intEditTime; } $GLOBALS['time_tracker'][$row['pid']][date('d.m.Y', $row['last_activity'])] = $intUserTime; $objUser = \UserModel::findByPk($row['pid']); $strIcon = ($objUser->admin == '1' ? 'admin' : 'user') . ($row['logout_time'] > 0 ? '_' : ''); $label = sprintf($this->rowTemplate, $strIcon, $objUser->name, date('d.m. H:i', $row['login_time']), date('H:i:s', $row['last_activity']), $strActivity, $row['edit_count'], $this->getReadableTime($intEditTime), $this->getReadableTime($intUserTime)); if ($row['logout_time'] > 0) { $label = '<span style="color:#888;">' . $label . '</span>'; } return $label; }
/** * Check permissions to edit table tl_photoalbums2_archive */ public function checkPermission() { if ($this->User->isAdmin) { return; } // Set root IDs if (!is_array($this->User->photoalbums2s) || empty($this->User->photoalbums2s)) { $root = array(0); } else { $root = $this->User->photoalbums2s; } $GLOBALS['TL_DCA']['tl_photoalbums2_archive']['list']['sorting']['root'] = $root; // Check permissions to add archives if (!$this->User->hasAccess('create', 'photoalbums2p')) { $GLOBALS['TL_DCA']['tl_photoalbums2_archive']['config']['closed'] = true; } // Check current action switch ($this->Input->get('act')) { case 'create': case 'select': // Allow break; case 'edit': // Dynamically add the record to the user profile if (!in_array($this->Input->get('id'), $root)) { $arrNew = $this->Session->get('new_records'); if (is_array($arrNew['tl_photoalbums2_archive']) && in_array($this->Input->get('id'), $arrNew['tl_photoalbums2_archive'])) { // Add permissions on user level if ($this->User->inherit == 'custom' || !$this->User->groups[0]) { $objUser = \UserModel::findByPk($this->User->id); $arrPhotoalbums2p = deserialize($objUser->photoalbums2p); if (is_array($arrPhotoalbums2p) && in_array('create', $arrPhotoalbums2p)) { $arrPhotoalbums2s = deserialize($objUser->photoalbums2s); $arrPhotoalbums2s[] = $this->Input->get('id'); $objUser->photoalbums2s = serialize($arrPhotoalbums2s); $objUser->save(); } } elseif ($this->User->groups[0] > 0) { $objGroup = \UserGroupModel::findByPk($this->User->groups[0]); $arrPhotoalbums2p = deserialize($objGroup->photoalbums2p); if (is_array($arrPhotoalbums2p) && in_array('create', $arrPhotoalbums2p)) { $arrPhotoalbums2s = deserialize($objGroup->photoalbums2s); $arrPhotoalbums2s[] = $this->Input->get('id'); $objGroup->photoalbums2s = serialize($arrPhotoalbums2s); $objGroup->save(); } } // Add new element to the user object $root[] = $this->Input->get('id'); $this->User->photoalbums2s = $root; } } // No break; // No break; case 'copy': case 'delete': case 'show': if (!in_array($this->Input->get('id'), $root) || $this->Input->get('act') == 'delete' && !$this->User->hasAccess('delete', 'photoalbums2p')) { $this->log('Not enough permissions to ' . $this->Input->get('act') . ' photoalbums2 archive ID "' . $this->Input->get('id') . '"', 'tl_photoalbums2_archive checkPermission', TL_ERROR); $this->redirect('contao/main.php?act=error'); } break; case 'editAll': case 'deleteAll': case 'overrideAll': $session = $this->Session->getData(); if ($this->Input->get('act') == 'deleteAll' && !$this->User->hasAccess('delete', 'photoalbums2p')) { $session['CURRENT']['IDS'] = array(); } else { $session['CURRENT']['IDS'] = array_intersect($session['CURRENT']['IDS'], $root); } $this->Session->setData($session); break; default: if (strlen($this->Input->get('act'))) { $this->log('Not enough permissions to ' . $this->Input->get('act') . ' photoalbums2 archives', 'tl_photoalbums2_archive checkPermission', TL_ERROR); $this->redirect('contao/main.php?act=error'); } break; } }
protected function commentsController() { $returnarray['error'] = $this->errorcode(0); $returnarray['changes'] = 1; $getTs = \Input::get($this->request['ts']); $getId = \Input::get($this->request['id']); $returnarray['ts'] = isset($getTs) ? $getTs : 0; if (isset($getId)) { if (\Input::get($this->request['action']) == 'add') { $comment = $_REQUEST[$this->request['comment']]; $name = $_REQUEST[$this->request['name']]; $email = $_REQUEST[$this->request['email']]; $key = $_REQUEST[$this->request['key']]; if (!$comment || $comment == "" || !$name || !$email) { $returnarray['error'] = $this->errorcode(30); } elseif (!\Validator::isEmail($email)) { $returnarray['error'] = $this->errorcode(31); } else { $ts = time(); $arrInsert = array('tstamp' => $ts, 'source' => 'tl_news', 'parent' => $getId, 'date' => $ts, 'name' => $name, 'email' => $email, 'comment' => trim($comment), 'published' => $this->settings['news_moderate'] == 1 ? 0 : 1, 'ip' => \Environment::get('remote_addr')); $objComment = new \CommentsModel(); $objComment->setRow($arrInsert)->save(); if ($objComment->id) { $strComment = $_REQUEST[$this->request['comment']]; $strComment = strip_tags($strComment); $strComment = \String::decodeEntities($strComment); $strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment); $objTemplate = new \FrontendTemplate('kommentar_email'); $objTemplate->name = $arrInsert['name'] . ' (' . $arrInsert['email'] . ')'; $objTemplate->comment = $strComment; $objTemplate->edit = \Idna::decode(\Environment::get('base')) . 'contao/main.php?do=comments&act=edit&id=' . $objComment->id; $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['com_subject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = $objTemplate->parse(); if ($GLOBALS['TL_ADMIN_EMAIL'] != '') { $objEmail->sendTo($GLOBALS['TL_ADMIN_EMAIL']); } $returnarray['error'] = $this->errorcode(0); $returnarray['ts'] = $ts; $returnarray['comment_id'] = $objComment->id; $returnarray['changes'] = 1; $returnarray['status'] = $this->settings['news_moderate'] == 1 ? 'Kommentar wird geprüft.' : "Kommentar veröffentlicht."; } else { $returnarray['error'] = $this->errorcode(31); } } } else { $post = $this->getComment($getId); if ($post['commentStatus'] == 'open') { $returnarray['comment_status'] = $post['commentStatus']; $returnarray['comments_count'] = $post['commentsCount']; $returnarray['REQUEST_TOKEN'] = REQUEST_TOKEN; if ($post['commentsCount'] > 0) { $pos = 0; foreach ($post['items'] as $comment) { $tempArray = array(); $tempArray['pos'] = ++$pos; $tempArray['id'] = $comment->id; $tempArray['text'] = strip_tags($comment->comment); $tempArray['timestamp'] = (int) $comment->date; if ($tempArray['timestamp'] > $returnarray['ts']) { $returnarray['ts'] = $tempArray['timestamp']; $returnarray['changes'] = 1; } $tempArray['datum'] = date('d.m.Y, H:i', $tempArray['timestamp']); $tempArray['author']['name'] = $comment->name; $tempArray['author']['id'] = "0"; $tempArray['author']['email'] = $comment->email; $tempArray['author']['img'] = ""; if ($comment->addReply) { $objUser = \UserModel::findByPk($comment->author); $tempArray['subitems'] = array(array('pos' => 1, 'id' => 1, 'parent_id' => $comment->id, 'text' => strip_tags($comment->reply), 'timestamp' => (int) $comment->tstamp, 'datum' => date('d.m.Y, H:i', $comment->tstamp), 'author' => array('name' => $objUser->name, 'id' => $objUser->id, 'email' => $objUser->email, 'img' => ""))); } $returnarray['items'][] = $tempArray; } if ($returnarray['changes'] != 1) { unset($returnarray['items']); } } } else { $returnarray['error'] = $this->errorcode(29); } } } else { $returnarray['error'] = $this->errorcode(15); } return array('comments' => $returnarray); }
/** * Get the user avatar * @param integer * @param integer * @param integer * @return string */ public static function getUser($intId, $intWidth = null, $intHeight = null) { $objUser = \UserModel::findByPk($intId); // Use the default size if (!$intWidth || !$intHeight) { list($intWidth, $intHeight) = static::getUserSize(); } // Use the Gravatar if ($objUser->avatar_gravatar) { return static::getGravatar($objUser->email, $intWidth); } $strFile = static::find($intId, static::getUserPath()); // Use placeholder user has no avatar if ($strFile == '') { if (\Config::get('avatar_user_placeholder') == '') { return ''; } $objFile = \FilesModel::findByUuid(\Config::get('avatar_user_placeholder')); if ($objFile === null || !is_file(TL_ROOT . '/' . $objFile->path)) { return ''; } $strFile = $objFile->path; } return \Image::get($strFile, $intWidth, $intHeight); }
/** * revise tables * @param $albumId * @param bool $blnCleanDb */ public static function reviseTables($albumId, $blnCleanDb = false) { $_SESSION['GC_ERROR'] = array(); //Upload-Verzeichnis erstellen, falls nicht mehr vorhanden new \Folder(GALLERY_CREATOR_UPLOAD_PATH); // Get album model $objAlbum = \MCupic\GalleryCreatorAlbumsModel::findByPk($albumId); if ($objAlbum === null) { return; } // Check for valid album owner $objUser = \UserModel::findByPk($objAlbum->owner); if ($objUser !== null) { $owner = $objUser->name; } else { $owner = "no-name"; } $objAlbum->owners_name = $owner; $objAlbum->save(); // Check for valid pid if ($objAlbum->pid > 0) { $objParentAlb = $objAlbum->getRelated('pid'); if ($objParentAlb === null) { $objAlbum->pid = null; $objAlbum->save(); } } if (\Database::getInstance()->fieldExists('path', 'tl_gallery_creator_pictures')) { // Datensaetzen ohne gültige uuid über den Feldinhalt path versuchen zu "retten" $objPictures = \GalleryCreatorPicturesModel::findByPid($albumId); if ($objPictures !== null) { while ($objPictures->next()) { // Get parent album $objFile = \FilesModel::findByUuid($objPictures->uuid); if ($objFile === null) { if ($objPictures->path != '') { if (is_file(TL_ROOT . '/' . $objPictures->path)) { $objModel = \Dbafs::addResource($objPictures->path); if (\Validator::isUuid($objModel->uuid)) { $objPictures->uuid = $objModel->uuid; $objPictures->save(); continue; } } } if ($blnCleanDb !== false) { $msg = ' Deleted Datarecord with ID ' . $objPictures->id . '.'; $_SESSION['GC_ERROR'][] = $msg; $objPictures->delete(); } else { //show the error-message $path = $objPictures->path != '' ? $objPictures->path : 'unknown path'; $_SESSION['GC_ERROR'][] = sprintf($GLOBALS['TL_LANG']['ERR']['link_to_not_existing_file_1'], $objPictures->id, $path, $objAlbum->alias); } } elseif (!is_file(TL_ROOT . '/' . $objFile->path)) { // If file has an entry in Dbafs, but doesn't exist on the server anymore if ($blnCleanDb !== false) { $msg = 'Deleted Datarecord with ID ' . $objPictures->id . '.'; $_SESSION['GC_ERROR'][] = $msg; $objPictures->delete(); } else { $_SESSION['GC_ERROR'][] = sprintf($GLOBALS['TL_LANG']['ERR']['link_to_not_existing_file_1'], $objPictures->id, $objFile->path, $objAlbum->alias); } } else { // Pfadangaben mit tl_files.path abgleichen (Redundanz) if ($objPictures->path != $objFile->path) { $objPictures->path = $objFile->path; $objPictures->save(); } } } } } /** * Sorgt dafuer, dass in tl_content im Feld gc_publish_albums keine verwaisten AlbumId's vorhanden sind * Prueft, ob die im Inhaltselement definiertern Alben auch noch existieren. * Wenn nein, werden diese aus dem Array entfernt. */ $objCont = \Database::getInstance()->prepare('SELECT id, gc_publish_albums FROM tl_content WHERE type=?')->execute('gallery_creator'); while ($objCont->next()) { $newArr = array(); $arrAlbums = unserialize($objCont->gc_publish_albums); if (is_array($arrAlbums)) { foreach ($arrAlbums as $AlbumID) { $objAlb = \Database::getInstance()->prepare('SELECT id FROM tl_gallery_creator_albums WHERE id=?')->limit('1')->execute($AlbumID); if ($objAlb->next()) { $newArr[] = $AlbumID; } } } \Database::getInstance()->prepare('UPDATE tl_content SET gc_publish_albums=? WHERE id=?')->execute(serialize($newArr), $objCont->id); } }
/** * List a single record */ protected function listSingleRecord() { global $objPage; /** * Prepare URL */ $page_get = 'page_fd' . $this->id; $strUrl = preg_replace('/\\?.*$/', '', urldecode(\Environment::get('request'))); $strUrlParams = ''; $blnQuery = false; foreach (preg_split('/&(amp;)?/', urldecode($_SERVER['QUERY_STRING'])) as $fragment) { if (strlen($fragment)) { if (strncasecmp($fragment, 'file', 5) !== 0 && strncasecmp($fragment, $this->strDetailKey, strlen($this->strDetailKey)) !== 0 && strncasecmp($fragment, 'order_by', 8) !== 0 && strncasecmp($fragment, 'sort', 4) !== 0 && strncasecmp($fragment, $page_get, strlen($page_get)) !== 0) { $strUrlParams .= (!$blnQuery ? '' : '&') . $fragment; $blnQuery = true; } } } // check record if (intval($this->intRecordId) < 1) { $strRed = preg_replace(array('/\\/' . $this->strDetailKey . '\\/' . \Input::get($this->strDetailKey) . '/i', '/' . $this->strDetailKey . '=' . \Input::get($this->strDetailKey) . '/i'), array('', ''), $strUrl) . (strlen($strUrlParams) ? '?' . $strUrlParams : ''); \Controller::redirect($strRed); } // check access if (strlen($this->efg_list_access) && $this->efg_list_access != 'public') { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (!in_array(intval($varOwner['fd_member']), $this->arrAllowedOwnerIds)) { $strRed = preg_replace(array('/\\/' . $this->strDetailKey . '\\/' . \Input::get($this->strDetailKey) . '/i', '/' . $this->strDetailKey . '=' . \Input::get($this->strDetailKey) . '/i'), array('', ''), $strUrl) . (strlen($strUrlParams) ? '?' . $strUrlParams : ''); \Controller::redirect($strRed); } } // check edit access $blnEditAllowed = false; if ($this->efg_fe_edit_access == 'none') { $blnEditAllowed = false; } elseif ($this->efg_fe_edit_access == 'public') { $blnEditAllowed = true; } elseif (strlen($this->efg_fe_edit_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedEditOwnerIds)) { $blnEditAllowed = true; } } // check delete access $blnDeleteAllowed = false; if ($this->efg_fe_delete_access == 'none') { $blnDeleteAllowed = false; } elseif ($this->efg_fe_delete_access == 'public') { $blnDeleteAllowed = true; } elseif (strlen($this->efg_fe_delete_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedDeleteOwnerIds)) { $blnDeleteAllowed = true; } } // check export access $blnExportAllowed = false; if ($this->efg_fe_export_access == 'none') { $blnExportAllowed = false; } elseif ($this->efg_fe_export_access == 'public') { $blnExportAllowed = true; } elseif (strlen($this->efg_fe_export_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedExportOwnerIds)) { $blnExportAllowed = true; } } $allowedDownload = trimsplit(',', strtolower($GLOBALS['TL_CONFIG']['allowedDownload'])); // Fallback template if ($this->list_info_layout == '') { $this->list_info_layout = 'info_fd_table_default'; } $this->Template = new \FrontendTemplate($this->list_info_layout); $this->Template->textlink_details = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_details']; $this->Template->textlink_edit = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_edit']; $this->Template->textlink_delete = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_delete']; $this->Template->text_confirmDelete = $GLOBALS['TL_LANG']['tl_formdata']['fe_deleteConfirm']; $this->Template->textlink_export = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_export']; $this->Template->iconFolder = $this->strIconFolder; $this->Template->editAllowed = $blnEditAllowed; $this->Template->deleteAllowed = $blnDeleteAllowed; $this->Template->exportAllowed = $blnExportAllowed; $this->list_info = deserialize($this->list_info); $this->Template->record = array(); // also store as single item $this->Template->listItem = array(); $arrListFields = explode(',', $this->list_info); $strSep = ''; // wildcards * and - if ($arrListFields[0] == '*') { $arrTempFields = array_merge($this->arrBaseFields, $this->arrDetailFields); foreach ($arrListFields as $field) { if (substr($field, 0, 1) == '-') { $intKey = array_search(substr($field, 1), $arrTempFields); if (!is_bool($intKey)) { unset($arrTempFields[$intKey]); } } } $arrListFields = $arrTempFields; } $strQuery = "SELECT "; $strWhere = ''; foreach ($arrListFields as $field) { if (in_array($field, $this->arrBaseFields)) { $strQuery .= $strSep . $field; $strSep = ', '; } if (!empty($this->arrDetailFields) && in_array($field, $this->arrDetailFields)) { $strQuery .= $strSep . '(SELECT value FROM tl_formdata_details WHERE ff_name="' . $field . '" AND pid=f.id ) AS `' . $field . '`'; $strSep = ', '; } } $strQuery .= " FROM " . $this->list_table . " f"; $strWhere .= (strlen($strWhere) ? " AND " : " WHERE ") . "id=?"; $strQuery .= $strWhere; $objRecord = \Database::getInstance()->prepare($strQuery)->limit(1)->execute($this->intRecordId); if ($objRecord->numRows < 1) { return; } $arrFields = array(); $arrRow = $objRecord->fetchAssoc(); $count = -1; $strLinkEdit = ''; if ($blnEditAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkEdit = $strUrl . '?act=edit' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkEdit = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=edit' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $strLinkDelete = ''; if ($blnDeleteAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkDelete = $strUrl . '?act=delete' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkDelete = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=delete' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $strLinkExport = ''; if ($blnExportAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkExport = $strUrl . '?act=export' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkExport = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=export' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $arrItem = array(); foreach ($arrListFields as $intKey => $strVal) { $k = $strVal; $v = $arrRow[$k]; $value = $this->formatValue($k, $v); $v = deserialize(\String::decodeEntities($v)); if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'fileTree' && $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['eval']['multiple'] == true) { $v = is_string($v) && strpos($v, '|') !== false ? explode('|', $v) : deserialize($v); } $class = 'row_' . ++$count . ($count == 0 ? ' row_first' : '') . ($count >= count($arrListFields) - 1 ? ' row_last' : '') . ($count % 2 == 0 ? ' even' : ' odd'); // add CSS class defined in form generator if (isset($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class']) && strlen($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class'])) { $class .= ' ' . $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class']; } $arrFields[$class] = array('label' => strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['label'][0]) ? htmlspecialchars($label) : htmlspecialchars($this->arrFF[$k]['label']), 'content' => $value, 'raw' => $v); $arrItem[$k] = array('name' => $k, 'label' => strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['label'][0]) ? htmlspecialchars($label) : htmlspecialchars($this->arrFF[$k]['label']), 'content' => $value, 'raw' => $v, 'class' => str_replace('row_', 'field_', $class)); if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'fileTree') { if (is_dir(TL_ROOT . '/' . $arrFields[$class]['content'])) { $arrFields[$class]['content'] = ' '; $arrItem[$k]['content'] = ' '; } elseif (!is_array($arrFields[$class]['raw']) && strlen($arrFields[$class]['raw']) && is_file(TL_ROOT . '/' . $arrFields[$class]['raw'])) { $objFile = new \File($arrFields[$class]['content']); if (!in_array($objFile->extension, $allowedDownload)) { $arrFields[$class]['content'] = ' '; $arrItem[$k]['content'] = ' '; } else { $arrFields[$class]['type'] = 'file'; $arrFields[$class]['src'] = $this->urlEncode($arrFields[$class]['content']); $arrItem[$k]['type'] = 'file'; $arrItem[$k]['src'] = $this->urlEncode($arrFields[$class]['content']); if (substr($objFile->mime, 0, 6) == 'image/') { $arrFields[$class]['display'] = 'image'; $arrItem[$k]['display'] = 'image'; } else { $size = ' (' . number_format($objFile->filesize / 1024, 1, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' kB)'; $href = preg_replace('@(\\?|&)download=.*?(&|$)@si', '', \Environment::get('request')); $href .= (strpos($href, '?') >= 1 ? '&' : '?') . 'download=' . $this->intRecordId . '.' . $k; $href = ampersand($href); $arrFields[$class]['display'] = 'download'; $arrFields[$class]['size'] = $size; $arrFields[$class]['href'] = $href; $arrFields[$class]['linkTitle'] = basename($objFile->basename); $arrFields[$class]['icon'] = $this->strIconFolder . '/' . $objFile->icon; $arrItem[$k]['display'] = 'download'; $arrItem[$k]['size'] = $size; $arrItem[$k]['href'] = $href; $arrItem[$k]['linkTitle'] = basename($objFile->basename); $arrItem[$k]['icon'] = $this->strIconFolder . '/' . $objFile->icon; } } } elseif (is_array($arrFields[$class]['raw'])) { $arrTemp = array(); $keyTemp = -1; $arrFields[$class]['type'] = 'file'; $arrItem[$k]['type'] = 'file'; foreach ($arrFields[$class]['raw'] as $kF => $strFile) { if (strlen($strFile) && is_file(TL_ROOT . '/' . $strFile)) { $objFile = new \File($strFile); if (!in_array($objFile->extension, $allowedDownload)) { unset($arrFields[$class]['raw'][$kF]); continue; } else { $keyTemp++; $arrTemp[$keyTemp]['src'] = $this->urlEncode($strFile); if (substr($objFile->mime, 0, 6) == 'image/') { $arrTemp[$keyTemp]['display'] = 'image'; } else { $size = ' (' . number_format($objFile->filesize / 1024, 1, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' kB)'; $href = preg_replace('@(\\?|&)download=.*?(&|$)@si', '', \Environment::get('request')); $href .= (strpos($href, '?') >= 1 ? '&' : '?') . 'download=' . $this->intRecordId . '.' . $k; $href = ampersand($href); $arrTemp[$keyTemp]['display'] = 'download'; $arrTemp[$keyTemp]['size'] = $size; $arrTemp[$keyTemp]['href'] = $href; $arrTemp[$keyTemp]['linkTitle'] = basename($objFile->basename); $arrTemp[$keyTemp]['icon'] = $this->strIconFolder . '/' . $objFile->icon; } } } } $arrFields[$class]['content'] = $arrTemp; $arrItem[$k]['content'] = $arrTemp; $arrFields[$class]['multiple'] = true; $arrFields[$class]['number_of_items'] = count($arrTemp); $arrItem[$k]['multiple'] = true; $arrItem[$k]['number_of_items'] = count($arrTemp); unset($arrTemp); } } } /** * Prepare URL */ $strUrl = preg_replace('/\\?.*$/', '', urldecode(\Environment::get('request'))); $this->Template->url = $strUrl; $this->Template->listItem = $arrItem; $this->Template->record = $arrFields; $this->Template->recordID = $this->intRecordId; $this->Template->link_edit = $strLinkEdit; $this->Template->link_delete = $strLinkDelete; $this->Template->link_export = $strLinkExport; /** * Comments */ if (!$this->efg_com_allow_comments || !in_array('comments', \ModuleLoader::getActive())) { $this->Template->allowComments = false; return; } $this->Template->allowComments = true; // Adjust the comments headline level $intHl = min(intval(str_replace('h', '', $this->hl)), 5); $this->Template->hlc = 'h' . ($intHl + 1); $this->import('Comments'); $arrNotifies = array(); // Notify system administrator if ($this->efg_com_notify != 'notify_author') { $arrNotifies[] = $GLOBALS['TL_ADMIN_EMAIL']; } // Notify author if ($this->efg_com_notify != 'notify_admin') { if (intval($objRecord->fd_user) > 0) { $objUser = \UserModel::findByPk($objRecord->fd_user); if ($objUser !== null && !empty($objUser->email)) { $arrNotifies[] = $objUser->email; } } if (intval($objRecord->fd_member) > 0) { $objMember = \MemberModel::findByPk($objRecord->fd_member); if ($objMember !== null && !empty($objMember->email)) { $arrNotifies[] = $objMember->email; } } } $objConfig = new \stdClass(); $objConfig->perPage = $this->efg_com_per_page; $objConfig->order = $this->com_order; $objConfig->template = $this->com_template; $objConfig->requireLogin = $this->com_requireLogin; $objConfig->disableCaptcha = $this->com_disableCaptcha; $objConfig->bbcode = $this->com_bbcode; $objConfig->moderate = $this->com_moderate; $this->Comments->addCommentsToTemplate($this->Template, $objConfig, 'tl_formdata', $this->intRecordId, $arrNotifies); }
/** * input-field-callback generate image information * Returns the html-table-tag containing some picture informations * * @param DataContainer $dc * @return string */ public function inputFieldCbGenerateImageInformation(DataContainer $dc) { $objImg = GalleryCreatorPicturesModel::findByPk($dc->id); $objUser = UserModel::findByPk($objImg->owner); $oFile = FilesModel::findByUuid($objImg->uuid); $output = ' <div class="album_infos"> <br><br> <table cellpadding="0" cellspacing="0" width="100%" summary=""> <tr class="odd"> <td style="width:20%"><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['pid'][0] . ': </strong></td> <td>' . $objImg->id . '</td> </tr> <tr> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['path'][0] . ': </strong></td> <td>' . $oFile->path . '</td> </tr> <tr class="odd"> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['filename'][0] . ': </strong></td> <td>' . basename($oFile->path) . '</td> </tr>'; if ($this->restrictedUser) { $output .= ' <tr> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['date'][0] . ': </strong></td> <td>' . Date::parse("Y-m-d", $objImg->date) . '</td> </tr> <tr class="odd"> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['owner'][0] . ': </strong></td> <td>' . ($objUser->name == "" ? "Couldn't find username with ID " . $objImg->owner . " in the db." : $objUser->name) . '</td> </tr> <tr> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['title'][0] . ': </strong></td> <td>' . $objImg->title . '</td> </tr> <tr class="odd"> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['video_href_social'][0] . ': </strong></td> <td>' . trim($objImg->video_href_social) != "" ? trim($objImg->video_href_social) : "-" . '</td> </tr> <tr> <td><strong>' . $GLOBALS['TL_LANG']['tl_gallery_creator_pictures']['video_id'][0] . ': </strong></td> <td>' . (trim($objImg->video_href_local) != '' ? trim($objImg->video_href_local) : '-') . '</td> </tr>'; } $output .= ' </table> </div> '; return $output; }
/** * @param $row * @param $label * @param DataContainer $dc * @param $args * @return mixed */ public function labelCallback($row, $label, DataContainer $dc, $args) { // Set image $image = 'protect'; if (\Encryption::decrypt($row['protect']) == '1') { $image .= '_'; } $args[0] = sprintf('<div class="list_icon_new" style="background-image:url(\'%ssystem/modules/secure-accessdata/assets/images/%s.gif\')"> </div>', TL_SCRIPT_URL, $image); // Set User if (is_numeric($args[3])) { $objUser = \UserModel::findByPk($args[3]); if ($objUser !== null) { $args[3] = $objUser->name; } } switch ($row['type']) { case 'weblogin': $args[4] = sprintf('%s<br>%s', \Encryption::decrypt($row['weblogin_name']), \Encryption::decrypt($row['weblogin_pwd'])); break; case 'contao_login': $args[4] = sprintf('%s<br>%s', \Encryption::decrypt($row['contao_user']), \Encryption::decrypt($row['contao_pwd'])); break; case 'encryption_key': $strEncryptionKey = \Encryption::decrypt($row['encryption_key']); if (strlen($strEncryptionKey) <= 32) { $args[4] = $strEncryptionKey; } else { $args[4] = substr($strEncryptionKey, 0, 29) . '...'; } break; case 'mail': $args[4] = sprintf('%s<br>%s<br>%s', \Encryption::decrypt($row['mail_email']), \Encryption::decrypt($row['mail_loginname']), \Encryption::decrypt($row['mail_pwd'])); break; case 'project': break; case 'online_project': break; } return $args; }
/** * addComments function. * * @access public * @return void */ public function addComments($objAlbum) { // HOOK: comments extension required if ($objAlbum->noComments || !in_array('comments', $this->Template->Config->getActiveModules())) { $this->Template->allowComments = false; return; } // Check whether comments are allowed $objArchive = \Photoalbums2ArchiveModel::findByPk($objAlbum->pid); if ($objArchive === null || !$objArchive->allowComments) { $this->Template->allowComments = false; return; } $this->Template->allowComments = true; // Adjust the comments headline level $intHl = min(intval(str_replace('h', '', $this->hl)), 5); $this->Template->hlc = 'h' . ($intHl + 1); $this->import('Comments'); $arrNotifies = array(); // Notify system administrator if ($objArchive->notify != 'notify_author') { $arrNotifies[] = $GLOBALS['TL_ADMIN_EMAIL']; } // Notify author if ($objArchive->notify != 'notify_admin') { $objAuthor = \UserModel::findByPk($objAlbum->author); if ($objAuthor !== null) { $arrNotifies[] = $objAuthor->email; } } $objConfig = new \stdClass(); $objConfig->perPage = $objArchive->perPage; $objConfig->order = $objArchive->sortOrder; $objConfig->template = $this->com_template; $objConfig->requireLogin = $objArchive->requireLogin; $objConfig->disableCaptcha = $objArchive->disableCaptcha; $objConfig->bbcode = $objArchive->bbcode; $objConfig->moderate = $objArchive->moderate; $this->Comments->addCommentsToTemplate($this->Template, $objConfig, 'tl_photoalbums2_album', $objAlbum->id, $arrNotifies); }
public static function getEditor($intLock) { if (($objLock = static::findByPk($intLock)) === null) { return null; } return $objLock->editorType == EntityLock::EDITOR_TYPE_MEMBER ? \MemberModel::findByPk($objLock->editor) : \UserModel::findByPk($objLock->editor); }