public function executePostActionsHook($strAction, \DataContainer $dc)
{
if ($strAction !== static::$uploadAction) {
return false;
}
// Check whether the field is allowed for regular users
if (!isset($GLOBALS['TL_DCA'][$dc->table]['fields'][\Input::post('field')]) || $GLOBALS['TL_DCA'][$dc->table]['fields'][\Input::post('field')]['exclude'] && !\BackendUser::getInstance()->hasAccess($dc->table . '::' . \Input::post('field'), 'alexf')) {
\System::log('Field "' . \Input::post('field') . '" is not an allowed selector field (possible SQL injection attempt)', __METHOD__, TL_ERROR);
$objResponse = new ResponseError();
$objResponse->setMessage('Bad Request');
$objResponse->output();
}
$this->name = \Input::post('field');
$this->id = \Input::post('field');
$this->field = \Input::post('field');
if ($dc->activeRecord === null) {
$dc->activeRecord = General::getModelInstance($dc->table, $dc->id);
}
// add dca attributes
$this->addAttributes(\Widget::getAttributesFromDca($GLOBALS['TL_DCA'][$dc->table]['fields'][$this->name], $this->name));
$objResponse = $this->upload();
/** @var Response */
if ($objResponse instanceof Response) {
$objResponse->output();
}
}
public static function getArchiveParent($intSubmission)
{
if (($objSubmissionArchive = static::getArchive($intSubmission)) !== null && $objSubmissionArchive->parentTable && $objSubmissionArchive->pid) {
if (($objArchiveParent = General::getModelInstance($objSubmissionArchive->parentTable, $objSubmissionArchive->pid)) !== null) {
return $objArchiveParent;
}
}
}
public static function generateAlias()
{
if (TL_MODE == 'FE') {
if (($objNews = \NewsModel::findByPk(\Input::get('id'))) !== null && $objNews->type == 'pinboard') {
$objNews->alias = \HeimrichHannot\Haste\Dca\General::generateAlias($objNews->alias, $objNews->id, 'tl_news', $objNews->headline);
$objNews->save();
}
}
}
public static function getMemberContentLink($intId)
{
if (($objMemberContentArchive = MemberContentArchiveModel::findByPk($intId)) !== null) {
if (($objTag = MemberContentArchiveTagModel::findByPk($objMemberContentArchive->tag)) !== null && $objTag->jumpTo) {
if (($objMember = \MemberModel::findByPk($objMemberContentArchive->mid)) !== null) {
return Url::generateFrontendUrl($objTag->jumpTo) . '/' . General::getAliasIfAvailable($objMember);
}
}
}
}
public static function getArchiveName($strTable)
{
$strPTable = $GLOBALS['TL_DCA'][$strTable]['config']['ptable'];
$intPid = \Input::get('id');
if ($strPTable) {
$objInstance = General::getModelInstance($strPTable, $intPid);
return $objInstance->title;
} else {
return $strTable;
}
}
public static function getFields($varInputType = array())
{
$arrOptions = array();
foreach (\HeimrichHannot\Haste\Dca\General::getFields('tl_submission', false, $varInputType, array(), false) as $strField) {
if (!in_array($strField, static::getSkipFields())) {
$arrOptions[] = $strField;
}
}
if (empty($arrOptions) && TL_MODE == 'BE' && \Input::get('do') == 'submission') {
\Message::addInfo($GLOBALS['TL_LANG']['MSC']['noSubmissionFields']);
}
return $arrOptions;
}
/**
* Searches through all backend modules to find the linked tables for the selected global operation key
*
* @param \DataContainer $dc
*
* @return array
*/
public static function getLinkedTablesAsOptions(\DataContainer $objDc)
{
$arrTables = array();
$strGlobalOperationKey = $objDc->activeRecord->globalOperationKey;
switch ($objDc->activeRecord->type) {
case Exporter::TYPE_LIST:
if ($strGlobalOperationKey) {
foreach ($GLOBALS['BE_MOD'] as $arrSection) {
foreach ($arrSection as $strModule => $arrModule) {
foreach ($arrModule as $strKey => $varValue) {
if ($strKey === $strGlobalOperationKey) {
$arrTables[$strModule] = $arrModule['tables'];
}
}
}
}
}
break;
default:
$arrTables = General::getDataContainers();
}
return $arrTables;
}
public static function getFields($objDc)
{
if ($objDc->activeRecord->formHybridDataContainer) {
return \HeimrichHannot\Haste\Dca\General::getFields($objDc->activeRecord->formHybridDataContainer, false);
}
}
<?php
$GLOBALS['TL_DCA']['tl_member_content_archive'] = array('config' => array('dataContainer' => 'Table', 'enableVersioning' => true, 'sql' => array('keys' => array('id' => 'primary'))), 'list' => array('label' => array('fields' => array('title', 'id'), 'label_callback' => array('tl_member_content_archive', 'listRecords')), 'sorting' => array('mode' => 1, 'fields' => array('mid'), 'headerFields' => array('mid'), 'panelLayout' => 'filter;search,limit'), 'global_operations' => array('tags' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['tags'], 'href' => 'do=member_content_archive_tags', 'class' => 'header_tags', 'icon' => '/system/modules/member_content_archives/assets/img/icon_tags.png', 'attributes' => 'onclick="Backend.getScrollOffset();"'), 'all' => array('label' => &$GLOBALS['TL_LANG']['MSC']['all'], 'href' => 'act=select', 'class' => 'header_edit_all', 'attributes' => 'onclick="Backend.getScrollOffset();"')), 'operations' => array('edit' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['edit'], 'href' => 'table=tl_content', 'icon' => 'edit.gif'), 'editheader' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['editheader'], 'href' => 'act=edit', 'icon' => 'header.gif'), 'copy' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['copy'], 'href' => 'act=copy', 'icon' => 'copy.gif'), 'delete' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['delete'], 'href' => 'act=delete', 'icon' => 'delete.gif', 'attributes' => 'onclick="if(!confirm(\'' . $GLOBALS['TL_LANG']['MSC']['deleteConfirm'] . '\'))return false;Backend.getScrollOffset()"'), 'toggle' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['toggle'], 'icon' => 'visible.gif', 'attributes' => 'onclick="Backend.getScrollOffset();return AjaxRequest.toggleVisibility(this,%s)"', 'button_callback' => array('tl_member_content_archive', 'toggleIcon')), 'show' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['show'], 'href' => 'act=show', 'icon' => 'show.gif'))), 'palettes' => array('__selector__' => array('type'), 'default' => '{general_legend},type,tag,mid,title,teaser;{publish_legend},published;'), 'fields' => array('id' => array('sql' => "int(10) unsigned NOT NULL auto_increment"), 'tstamp' => array('sql' => "int(10) unsigned NOT NULL default '0'"), 'title' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['title'], 'exclude' => true, 'inputType' => 'text', 'eval' => array('maxlength' => 255, 'tl_class' => 'long'), 'sql' => "varchar(255) NOT NULL default ''"), 'mid' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['mid'], 'filter' => true, 'inputType' => 'select', 'options_callback' => array('tl_member_content_archive', 'getMembersAsOptions'), 'eval' => array('mandatory' => true, 'tl_class' => 'w50', 'chosen' => true, 'includeBlankOption' => true), 'sql' => "int(10) unsigned NOT NULL default '0'"), 'teaser' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['teaser'], 'exclude' => true, 'search' => true, 'inputType' => 'textarea', 'eval' => array('rte' => 'tinyMCE', 'tl_class' => 'clr'), 'sql' => "text NULL"), 'tag' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['tag'], 'filter' => true, 'inputType' => 'select', 'options_callback' => array('tl_member_content_archive', 'getAvailableContentArchiveTags'), 'eval' => array('mandatory' => true, 'chosen' => true, 'tl_class' => 'w50', 'includeBlankOption' => true), 'sql' => "varchar(255) NOT NULL default ''"), 'published' => array('label' => &$GLOBALS['TL_LANG']['tl_member_content_archive']['published'], 'exclude' => true, 'filter' => true, 'inputType' => 'checkbox', 'eval' => array('tl_class' => 'w50', 'doNotCopy' => true), 'sql' => "char(1) NOT NULL default '0'")));
// add member dca to this dca in order to get the opportunity to override member fields in member content archives
$arrDca =& $GLOBALS['TL_DCA']['tl_member_content_archive'];
\Controller::loadDataContainer('tl_member');
$arrDcaMember = $GLOBALS['TL_DCA']['tl_member'];
\HeimrichHannot\Haste\Dca\General::addDateAddedToDca('tl_member_content_archive');
/**
* Subpalettes
*/
$arrDca['palettes']['__selector__'] += array_map(function ($val) {
return tl_member_content_archive::fixFieldName($val);
}, $arrDcaMember['palettes']['__selector__']);
if (!is_array($arrDca['subpalettes'])) {
$arrDca['subpalettes'] = array();
}
$arrDca['subpalettes'] += tl_member_content_archive::fixPalettes($arrDcaMember['subpalettes']);
/**
* Palettes
*/
$arrOverridableMemberFields = deserialize(\Config::get('overridableMemberFields'));
if (!empty($arrOverridableMemberFields)) {
// add fields to dca
foreach ($arrOverridableMemberFields as $strField) {
$arrDca['fields']['member' . ucfirst($strField)] = $arrDcaMember['fields'][$strField];
}
// add fields to palettes
// at first remove the fields already present in subpalettes
foreach ($arrDcaMember['subpalettes'] as $strPalette => $strFields) {
foreach (explode(',', $strFields) as $strField) {
public static function getTableArchives(\DataContainer $objDc)
{
$arrOptions = array();
if ($objDc->activeRecord->linkedTable) {
$objArchives = General::getTableArchives($objDc->activeRecord->linkedTable, array('order' => 'title ASC'));
if ($objArchives !== null) {
while ($objArchives->next()) {
$arrOptions[$objArchives->id] = $objArchives->title;
}
}
}
return $arrOptions;
}
public static function prepareSpecialValueForPrint($varValue, $arrData, $strTable, $objDc, $objItem = null)
{
$varValue = deserialize($varValue);
$arrOpts = $arrData['options'];
$arrReference = $arrData['reference'];
$strRegExp = $arrData['eval']['rgxp'];
// get options
if ((is_array($arrData['options_callback']) || is_callable($arrData['options_callback'])) && !$arrData['reference']) {
if (is_array($arrData['options_callback'])) {
$strClass = $arrData['options_callback'][0];
$strMethod = $arrData['options_callback'][1];
$objInstance = \Controller::importStatic($strClass);
$arrOptionsCallback = @$objInstance->{$strMethod}($objDc);
} elseif (is_callable($arrData['options_callback'])) {
$arrOptionsCallback = @$arrData['options_callback']($objDc);
}
$arrOptions = !is_array($varValue) ? array($varValue) : $varValue;
if ($varValue !== null && is_array($arrOptionsCallback)) {
$varValue = array_intersect_key($arrOptionsCallback, array_flip($arrOptions));
}
}
// foreignKey
if (isset($arrData['foreignKey']) && !is_array($varValue)) {
list($strForeignTable, $strForeignField) = explode('.', $arrData['foreignKey']);
if (($objInstance = General::getModelInstance($strForeignTable, $varValue)) !== null) {
$varValue = $objInstance->{$strForeignField};
}
}
if ($arrData['inputType'] == 'explanation') {
$varValue = $arrData['eval']['text'];
} elseif ($strRegExp == 'date') {
$varValue = \Date::parse(\Config::get('dateFormat'), $varValue);
} elseif ($strRegExp == 'time') {
$varValue = \Date::parse(\Config::get('timeFormat'), $varValue);
} elseif ($strRegExp == 'datim') {
$varValue = \Date::parse(\Config::get('datimFormat'), $varValue);
} elseif ($arrData['inputType'] == 'tag' && in_array('tags_plus', \ModuleLoader::getActive())) {
if (($arrTags = \HeimrichHannot\TagsPlus\TagsPlus::loadTags($strTable, $objItem->id)) !== null) {
$varValue = $arrTags;
}
} elseif (!is_array($varValue) && \Validator::isBinaryUuid($varValue)) {
$strPath = Files::getPathFromUuid($varValue);
$varValue = $strPath ? \Environment::get('url') . '/' . $strPath : \StringUtil::binToUuid($varValue);
} elseif (is_array($varValue)) {
$varValue = Arrays::flattenArray($varValue);
$varValue = array_filter($varValue);
// remove empty elements
// transform binary uuids to paths
$varValue = array_map(function ($varValue) {
if (\Validator::isBinaryUuid($varValue)) {
$strPath = Files::getPathFromUuid($varValue);
if ($strPath) {
return \Environment::get('url') . '/' . $strPath;
}
return \StringUtil::binToUuid($varValue);
}
return $varValue;
}, $varValue);
if (!$arrReference) {
$varValue = array_map(function ($varValue) use($arrOpts) {
return isset($arrOpts[$varValue]) ? $arrOpts[$varValue] : $varValue;
}, $varValue);
}
$varValue = array_map(function ($varValue) use($arrReference) {
if (is_array($arrReference)) {
return isset($arrReference[$varValue]) ? is_array($arrReference[$varValue]) ? $arrReference[$varValue][0] : $arrReference[$varValue] : $varValue;
} else {
return $varValue;
}
}, $varValue);
} else {
if ($arrData['eval']['isBoolean'] || $arrData['inputType'] == 'checkbox' && !$arrData['eval']['multiple']) {
$varValue = $varValue != '' ? $GLOBALS['TL_LANG']['MSC']['yes'] : $GLOBALS['TL_LANG']['MSC']['no'];
} elseif (is_array($arrOpts) && array_is_assoc($arrOpts)) {
$varValue = isset($arrOpts[$varValue]) ? $arrOpts[$varValue] : $varValue;
} elseif (is_array($arrReference)) {
$varValue = isset($arrReference[$varValue]) ? is_array($arrReference[$varValue]) ? $arrReference[$varValue][0] : $arrReference[$varValue] : $varValue;
}
}
if (is_array($varValue)) {
$varValue = implode(', ', $varValue);
}
// Convert special characters (see #1890)
return specialchars($varValue);
}
public function generateAlias($varValue, DataContainer $dc)
{
return \HeimrichHannot\Haste\Dca\General::generateAlias($varValue, $dc->id, 'tl_member', $dc->activeRecord->firstname . ' ' . $dc->activeRecord->lastname);
}
public function editParentEvent(DataContainer $objDc)
{
return \HeimrichHannot\Haste\Dca\General::getModalEditLink('calendar', $objDc->value, $GLOBALS['TL_LANG']['tl_calendar_events']['editparentevent'][1], 'tl_calendar_events');
}
<?php
/**
* Contao Open Source CMS
*
* Copyright (c) 2016 Heimrich & Hannot GmbH
*
* @author Rico Kaltofen <*****@*****.**>
* @license http://www.gnu.org/licences/lgpl-3.0.html LGPL
*/
$arrDca =& $GLOBALS['TL_DCA']['tl_submission'];
$arrDca['config']['onload_callback'][] = array('HeimrichHannot\\Submissions\\Creator\\Backend\\SubmissionBackend', 'modifyPalette', true);
$arrDca['config']['onsubmit_callback'][] = array('HeimrichHannot\\Submissions\\Creator\\Backend\\SubmissionBackend', 'setSubmissionArchiveByRelation');
$arrDca['config']['onsubmit_callback'][] = array('HeimrichHannot\\Submissions\\Creator\\Backend\\SubmissionBackend', 'sendNotificationsByArchive');
/**
* Fields
*/
$arrFields = array('news' => array('label' => &$GLOBALS['TL_LANG']['tl_submission']['news'], 'inputType' => 'select', 'exclude' => true, 'filter' => true, 'search' => true, 'options_callback' => array('HeimrichHannot\\Submissions\\Creator\\SubmissionCreator', 'getRelatedNews'), 'eval' => array('mandatory' => true, 'optgroup' => true), 'sql' => "int(10) unsigned NOT NULL default '0'"), 'event' => array('label' => &$GLOBALS['TL_LANG']['tl_submission']['event'], 'inputType' => 'select', 'filter' => true, 'exclude' => true, 'search' => true, 'options_callback' => array('HeimrichHannot\\Submissions\\Creator\\SubmissionCreator', 'getRelatedEvents'), 'eval' => array('mandatory' => true, 'optgroup' => true), 'sql' => "int(10) unsigned NOT NULL default '0'"));
$arrDca['fields'] = array_merge($arrDca['fields'], $arrFields);
\HeimrichHannot\Haste\Dca\General::addSessionIDFieldAndCallback('tl_submission');
/**
* @deprecated since 1.1 - use \HeimrichHannot\HastePlus\Dca\Calendar::setDateAdded()
* @param \DataContainer $objDc
*
* @return mixed
*/
public function setDateAdded(\DataContainer $objDc)
{
\HeimrichHannot\Haste\Dca\General::setDateAdded($objDc);
}
public function checkDeletePermission($intId)
{
if (!$this->allowDelete) {
return false;
}
if (($objItem = General::getModelInstance($this->formHybridDataContainer, $intId)) === null) {
return false;
}
$arrConditions = array();
// check session if not logged in...
if (!FE_USER_LOGGED_IN) {
if (!$this->disableSessionCheck) {
if (!\Database::getInstance()->fieldExists(General::PROPERTY_SESSION_ID, $this->formHybridDataContainer)) {
throw new \Exception(sprintf('No session field in %s available, either create field %s or set `disableSessionCheck` to true.', $this->formHybridDataContainer, General::PROPERTY_SESSION_ID));
}
$arrConditions[] = array('field' => General::PROPERTY_SESSION_ID, 'value' => session_id());
}
} else {
if (!$this->disableAuthorCheck) {
if (!\Database::getInstance()->fieldExists(General::PROPERTY_AUTHOR_TYPE, $this->formHybridDataContainer)) {
throw new \Exception(sprintf('No session field in %s available, either create field %s or set `disableAuthorCheck` to true.', $this->formHybridDataContainer, General::PROPERTY_AUTHOR_TYPE));
}
$arrConditions[] = array('field' => General::PROPERTY_AUTHOR_TYPE, 'value' => General::AUTHOR_TYPE_MEMBER);
if (!\Database::getInstance()->fieldExists(General::PROPERTY_AUTHOR, $this->formHybridDataContainer)) {
throw new \Exception(sprintf('No session field in %s available, either create field %s or set `disableAuthorCheck` to true.', $this->formHybridDataContainer, General::PROPERTY_AUTHOR));
}
$arrConditions[] = array('field' => General::PROPERTY_AUTHOR, 'value' => \FrontendUser::getInstance()->id);
}
}
if ($this->addDeleteConditions) {
$arrConditions = array_merge(deserialize($this->deleteConditions, true), $arrConditions);
}
if (!empty($arrConditions)) {
foreach ($arrConditions as $arrCondition) {
if ($objItem->{$arrCondition['field']} != $this->replaceInsertTags($arrCondition['value'])) {
return false;
}
}
}
return true;
}
public static function getParentFields(\DataContainer $objDc)
{
if ($objDc->activeRecord->parentTable) {
return \HeimrichHannot\Haste\Dca\General::getFields($objDc->activeRecord->parentTable, false, 'text');
}
}
public function addItemColumns($objItem, &$arrItem)
{
global $objPage;
// details url
if (($objPageJumpTo = \PageModel::findByPk($this->jumpToDetails)) !== null || ($objPageJumpTo = $objPage)) {
$arrItem['detailsUrl'] = \Controller::generateFrontendUrl($objPageJumpTo->row(), '/' . General::getAliasIfAvailable($objItem));
}
// share url
$this->addShareColumn($objItem, $arrItem);
$arrItem['listUrl'] = $this->listUrl;
}
public static function getFields(\DataContainer $objDc)
{
if ($objDc->activeRecord->doubleCodeTable) {
return \HeimrichHannot\Haste\Dca\General::getFields($objDc->activeRecord->doubleCodeTable, false);
}
}
public static function getMultipleFields(\DataContainer $objDc)
{
if (!$objDc->activeRecord->formHybridDataContainer) {
return array();
}
return \HeimrichHannot\Haste\Dca\General::getFields($objDc->activeRecord->formHybridDataContainer, false, array('checkbox', 'select'));
}
public function generateAjax($strAction, \DataContainer $objDca)
{
// no tagsinput action --> return
if (!$this->isValidAjaxActions($strAction)) {
return;
}
$strField = $objDca->field = \Input::post('name');
\Controller::loadDataContainer($objDca->table);
$objActiveRecord = \HeimrichHannot\Haste\Dca\General::getModelInstance($objDca->table, $objDca->id);
if ($objActiveRecord === null) {
$this->log('No active record for "' . $strField . '" found (possible SQL injection attempt)', __METHOD__, TL_ERROR);
header('HTTP/1.1 400 Bad Request');
die('Bad Request');
}
$strField = \Input::post('name');
$objDca->activeRecord = $objActiveRecord;
$arrData = $GLOBALS['TL_DCA'][$objDca->table]['fields'][$strField];
if (!is_array($arrData)) {
$this->log('No valid field configuration (dca) found for "' . $objDca->table . '.' . $strField . '" (possible SQL injection attempt)', __METHOD__, TL_ERROR);
header('HTTP/1.1 400 Bad Request');
die('Bad Request');
}
$return = '';
switch ($strAction) {
case static::ACTION_FETCH_REMOTE_OPTIONS:
$objWidget = new \TagsInput(\Widget::getAttributesFromDca($arrData, $strField, $objActiveRecord->{$strField}, $strField, $this->strTable, $objDca));
$return = array_values($objWidget->getRemoteOptionsFromQuery(\Input::post('query')));
break;
}
die(json_encode($return));
}