/** * Main function * Will issue a location-header, redirecting either BACK or to a new alt_doc.php instance... * * @return void * @todo Define visibility */ public function main() { // Get this record $origRow = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord($this->P['table'], $this->P['uid']); // Get TSconfig for it. $TSconfig = \TYPO3\CMS\Backend\Utility\BackendUtility::getTCEFORM_TSconfig($this->table, is_array($origRow) ? $origRow : array('pid' => $this->P['pid'])); // Set [params][pid] if (substr($this->P['params']['pid'], 0, 3) == '###' && substr($this->P['params']['pid'], -3) == '###') { $this->pid = intval($TSconfig['_' . substr($this->P['params']['pid'], 3, -3)]); } else { $this->pid = intval($this->P['params']['pid']); } // Make redirect: // If pid is blank OR if id is set, then return... if (!strcmp($this->pid, '') || strcmp($this->id, '')) { $redirectUrl = \TYPO3\CMS\Core\Utility\GeneralUtility::sanitizeLocalUrl($this->P['returnUrl']); } else { // Otherwise, show the list: $urlParameters = array(); $urlParameters['id'] = $this->pid; $urlParameters['table'] = $this->P['params']['table']; $urlParameters['returnUrl'] = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('REQUEST_URI'); $redirectUrl = \TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('web_list', $urlParameters); } \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl); }
/** * Set defaults of auto configuration, mark installation as completed * * @return array<\TYPO3\CMS\Install\Status\StatusInterface> */ public function execute() { /** @var \TYPO3\CMS\Install\Configuration\FeatureManager $featureManager */ $featureManager = $this->objectManager->get('TYPO3\\CMS\\Install\\Configuration\\FeatureManager'); // Get best matching configuration presets $configurationValues = $featureManager->getBestMatchingConfigurationForAllFeatures(); // let the admin user redirect to the distributions page on first login if (isset($this->postValues['values']['loaddistributions'])) { // update the admin backend user to show the distribution management on login $adminUserFirstLogin = array('startModuleOnFirstLogin' => 'tools_ExtensionmanagerExtensionmanager->tx_extensionmanager_tools_extensionmanagerextensionmanager%5Baction%5D=distributions&tx_extensionmanager_tools_extensionmanagerextensionmanager%5Bcontroller%5D=List', 'ucSetByInstallTool' => '1'); $this->getDatabaseConnection()->exec_UPDATEquery('be_users', 'admin=1', array('uc' => serialize($adminUserFirstLogin))); } // Setting SYS/isInitialInstallationInProgress to FALSE marks this instance installation as complete $configurationValues['SYS/isInitialInstallationInProgress'] = FALSE; /** @var $configurationManager \TYPO3\CMS\Core\Configuration\ConfigurationManager */ $configurationManager = $this->objectManager->get('TYPO3\\CMS\\Core\\Configuration\\ConfigurationManager'); $configurationManager->setLocalConfigurationValuesByPathValuePairs($configurationValues); /** @var \TYPO3\CMS\Install\Service\SessionService $session */ $session = $this->objectManager->get('TYPO3\\CMS\\Install\\Service\\SessionService'); $session->destroySession(); /** @var $formProtection \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection */ $formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get('TYPO3\\CMS\\Core\\FormProtection\\InstallToolFormProtection'); $formProtection->clean(); if (!EnableFileService::isInstallToolEnableFilePermanent()) { EnableFileService::removeInstallToolEnableFile(); } \TYPO3\CMS\Core\Utility\HttpUtility::redirect('../../../index.php', \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303); }
/** * Check whether the vote exists or not. * * @param Vote $vote * @return void */ public function isValid($vote) { if ($this->getVoteRepository()->exists($vote)) { print 'Sorry, a vote already exists for this object.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } }
/** * Processed Backend session creation and redirect to backend.php * * @return void */ public function main() { if ($GLOBALS['BE_USER']->user['uid']) { \TYPO3\CMS\Core\Utility\GeneralUtility::cleanOutputBuffers(); $backendURL = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir . 'backend.php'; \TYPO3\CMS\Core\Utility\HttpUtility::redirect($backendURL); } }
/** * Set defaults of auto configuration, mark installation as completed * * @return array<\TYPO3\CMS\Install\Status\StatusInterface> */ public function execute() { /** @var \TYPO3\CMS\Install\Configuration\FeatureManager $featureManager */ $featureManager = GeneralUtility::makeInstance(\TYPO3\CMS\Install\Configuration\FeatureManager::class); // Get best matching configuration presets $configurationValues = $featureManager->getBestMatchingConfigurationForAllFeatures(); // let the admin user redirect to the distributions page on first login switch ($this->postValues['values']['sitesetup']) { // Update the admin backend user to show the distribution management on login case 'loaddistribution': $adminUserFirstLogin = array('startModuleOnFirstLogin' => 'tools_ExtensionmanagerExtensionmanager->tx_extensionmanager_tools_extensionmanagerextensionmanager%5Baction%5D=distributions&tx_extensionmanager_tools_extensionmanagerextensionmanager%5Bcontroller%5D=List', 'ucSetByInstallTool' => '1'); $this->getDatabaseConnection()->exec_UPDATEquery('be_users', 'admin=1', array('uc' => serialize($adminUserFirstLogin))); break; // Create a page with UID 1 and PID1 and fluid_styled_content for page TS config, respect ownership // Create a page with UID 1 and PID1 and fluid_styled_content for page TS config, respect ownership case 'createsite': $this->getDatabaseConnection()->exec_INSERTquery('pages', array('pid' => 0, 'crdate' => time(), 'cruser_id' => 1, 'tstamp' => time(), 'title' => 'Home', 'doktype' => 1, 'is_siteroot' => 1, 'perms_userid' => 1, 'perms_groupid' => 1, 'perms_user' => 32, 'perms_group' => 32, 'perms_everybody' => 1)); $pageUid = $this->getDatabaseConnection()->sql_insert_id(); // add a root sys_template with fluid_styled_content and a default PAGE typoscript snippet $this->getDatabaseConnection()->exec_INSERTquery('sys_template', array('pid' => $pageUid, 'crdate' => time(), 'cruser_id' => 1, 'tstamp' => time(), 'title' => 'Main TypoScript Rendering', 'sitetitle' => $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], 'root' => 1, 'clear' => 1, 'include_static_file' => 'EXT:fluid_styled_content/Configuration/TypoScript/Static/,EXT:fluid_styled_content/Configuration/TypoScript/Styling/', 'constants' => '', 'config' => 'page = PAGE page.10 = TEXT page.10.value ( <div style="width: 800px; margin: 15% auto;"> <div style="width: 300px;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 150 42"><path d="M60.2 14.4v27h-3.8v-27h-6.7v-3.3h17.1v3.3h-6.6zm20.2 12.9v14h-3.9v-14l-7.7-16.2h4.1l5.7 12.2 5.7-12.2h3.9l-7.8 16.2zm19.5 2.6h-3.6v11.4h-3.8V11.1s3.7-.3 7.3-.3c6.6 0 8.5 4.1 8.5 9.4 0 6.5-2.3 9.7-8.4 9.7m.4-16c-2.4 0-4.1.3-4.1.3v12.6h4.1c2.4 0 4.1-1.6 4.1-6.3 0-4.4-1-6.6-4.1-6.6m21.5 27.7c-7.1 0-9-5.2-9-15.8 0-10.2 1.9-15.1 9-15.1s9 4.9 9 15.1c.1 10.6-1.8 15.8-9 15.8m0-27.7c-3.9 0-5.2 2.6-5.2 12.1 0 9.3 1.3 12.4 5.2 12.4 3.9 0 5.2-3.1 5.2-12.4 0-9.4-1.3-12.1-5.2-12.1m19.9 27.7c-2.1 0-5.3-.6-5.7-.7v-3.1c1 .2 3.7.7 5.6.7 2.2 0 3.6-1.9 3.6-5.2 0-3.9-.6-6-3.7-6H138V24h3.1c3.5 0 3.7-3.6 3.7-5.3 0-3.4-1.1-4.8-3.2-4.8-1.9 0-4.1.5-5.3.7v-3.2c.5-.1 3-.7 5.2-.7 4.4 0 7 1.9 7 8.3 0 2.9-1 5.5-3.3 6.3 2.6.2 3.8 3.1 3.8 7.3 0 6.6-2.5 9-7.3 9"/><path fill="#FF8700" d="M31.7 28.8c-.6.2-1.1.2-1.7.2-5.2 0-12.9-18.2-12.9-24.3 0-2.2.5-3 1.3-3.6C12 1.9 4.3 4.2 1.9 7.2 1.3 8 1 9.1 1 10.6c0 9.5 10.1 31 17.3 31 3.3 0 8.8-5.4 13.4-12.8M28.4.5c6.6 0 13.2 1.1 13.2 4.8 0 7.6-4.8 16.7-7.2 16.7-4.4 0-9.9-12.1-9.9-18.2C24.5 1 25.6.5 28.4.5"/></svg> </div> <h4 style="font-family: sans-serif;">Welcome to a default website made with <a href="https://typo3.org">TYPO3</a></h4> </div> ) page.100 < styles.content.get', 'description' => 'This is an Empty Site Package TypoScript template. For each website you need a TypoScript template on the main page of your website (on the top level). For better maintenance all TypoScript should be extracted into external files via <INCLUDE_TYPOSCRIPT: source="FILE:EXT:site_myproject/Configuration/TypoScript/setup.ts">.')); break; } // Setting SYS/isInitialInstallationInProgress to FALSE marks this instance installation as complete $configurationValues['SYS/isInitialInstallationInProgress'] = false; // Mark upgrade wizards as done $this->loadExtLocalconfDatabaseAndExtTables(); if (!empty($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update'])) { $registry = GeneralUtility::makeInstance(Registry::class); foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update'] as $updateClassName) { $registry->set('installUpdate', $updateClassName, 1); } } /** @var $configurationManager \TYPO3\CMS\Core\Configuration\ConfigurationManager */ $configurationManager = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Configuration\ConfigurationManager::class); $configurationManager->setLocalConfigurationValuesByPathValuePairs($configurationValues); /** @var \TYPO3\CMS\Install\Service\SessionService $session */ $session = GeneralUtility::makeInstance(\TYPO3\CMS\Install\Service\SessionService::class); $session->destroySession(); /** @var $formProtection \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection */ $formProtection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get(\TYPO3\CMS\Core\FormProtection\InstallToolFormProtection::class); $formProtection->clean(); if (!EnableFileService::isInstallToolEnableFilePermanent()) { EnableFileService::removeInstallToolEnableFile(); } \TYPO3\CMS\Core\Utility\HttpUtility::redirect('../../../index.php', \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303); }
/** * Redirect to a page with given id * * @param integer $pageId * * @return void */ protected function redirectToPage($pageId) { /** @var \TYPO3\CMS\Extbase\Object\ObjectManager $objectManager */ $objectManager = GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Object\ObjectManager::class); /** @var \TYPO3\CMS\Extbase\Mvc\Web\Routing\UriBuilder $uriBuilder */ $uriBuilder = $objectManager->get(\TYPO3\CMS\Extbase\Mvc\Web\Routing\UriBuilder::class); $url = $uriBuilder->setTargetPageUid($pageId)->build(); \TYPO3\CMS\Core\Utility\HttpUtility::redirect($url); }
/** * Redirect user after form submit * * @return void */ public function redirectToUriFinisher() { /** @var RedirectUriService $redirectService */ $redirectService = $this->objectManager->get(RedirectUriService::class, $this->contentObject); $uri = $redirectService->getRedirectUri(); if (!empty($uri) && $this->isRedirectEnabled()) { HttpUtility::redirect($uri); } }
/** * Switch backend user session. * * @param array $params * @param AbstractUserAuthentication $authentication * @see AbstractUserAuthentication * @return void */ public function switchBack($params, AbstractUserAuthentication $authentication) { if ($this->isAHandledBackendSession($authentication)) { $objectManager = GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Object\ObjectManager::class); $backendUserSessionRepository = $objectManager->get(\TYPO3\CMS\Beuser\Domain\Repository\BackendUserSessionRepository::class); $backendUserSessionRepository->switchBackToOriginalUser($authentication); HttpUtility::redirect(\TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('main')); } }
/** * Switch backend user session. * * @param array $params * @param AbstractUserAuthentication $authentication * @see AbstractUserAuthentication * @return void */ public function switchBack($params, AbstractUserAuthentication $authentication) { if ($this->isAHandledBackendSession($authentication)) { $objectManager = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Extbase\\Object\\ObjectManager'); $backendUserSessionRepository = $objectManager->get('TYPO3\\CMS\\Beuser\\Domain\\Repository\\BackendUserSessionRepository'); $backendUserSessionRepository->switchBackToOriginalUser($authentication); \TYPO3\CMS\Core\Utility\HttpUtility::redirect($GLOBALS['BACK_PATH'] . 'backend.php'); } }
/** * Redirect user after form submit * * @return void */ public function redirectToUriFinisher() { /** @var RedirectUriService $redirectService */ $redirectService = $this->objectManager->get('In2code\\Powermail\\Domain\\Service\\RedirectUriService', $this->contentObject); $uri = $redirectService->getRedirectUri(); if (!empty($uri) && $this->isRedirectEnabled()) { HttpUtility::redirect($uri); } }
/** * Performs the logout processing * * @return void */ public function logout() { // Logout written to log $GLOBALS['BE_USER']->writelog(255, 2, 0, 1, 'User %s logged out from TYPO3 Backend', array($GLOBALS['BE_USER']->user['username'])); \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get()->removeSessionTokenFromRegistry(); $GLOBALS['BE_USER']->logoff(); $redirect = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('redirect')); $redirectUrl = $redirect ? $redirect : 'index.php'; \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl); }
/** * Performs the logout processing * * @return void */ public function logout() { // Logout written to log $this->getBackendUser()->writelog(255, 2, 0, 1, 'User %s logged out from TYPO3 Backend', array($this->getBackendUser()->user['username'])); /** @var \TYPO3\CMS\Core\FormProtection\BackendFormProtection $backendFormProtection */ $backendFormProtection = FormProtectionFactory::get(); $backendFormProtection->removeSessionTokenFromRegistry(); $this->getBackendUser()->logoff(); $redirect = GeneralUtility::sanitizeLocalUrl(GeneralUtility::_GP('redirect')); $redirectUrl = $redirect ? $redirect : 'index.php'; HttpUtility::redirect($redirectUrl); }
/** * Switch backen user session * * @param array $params * @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $that * @see t3lib_userauth::logoff() * @todo Define visibility */ public function switchBack($params, $that) { // Is a backend session handled? if ($that->session_table !== 'be_sessions' || !$that->user['uid'] || !$that->user['ses_backuserid']) { return; } // @TODO: Move update functionality to Tx_Beuser_Domain_Repository_BackendUserSessionRepository $updateData = array('ses_userid' => $that->user['ses_backuserid'], 'ses_backuserid' => 0); $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . intval($GLOBALS['BE_USER']->user['uid']), $updateData); $redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1'); \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl); }
/** * Send the content type header and the right file extension in front of the content * * @param $contentType * @param $fileExtension */ protected function sendHeaderAndFilename($contentType, $fileExtension) { $testMode = (bool) $this->settings['feed']['debugMode']; if ($testMode) { header('Content-Type: text/plain; charset=utf-8'); } else { header('Content-Type: ' . $contentType . '; charset=utf-8'); header('Content-Disposition: inline; filename=calendar.' . $fileExtension); } echo $this->response->getContent(); HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_200); }
/** * @param array $values * @param string $insertOrUpdate * @return array */ public function process(array $values, $insertOrUpdate = '') { // Redirect if ($this->shouldDelete()) { // Reset values. $values = []; $values['tstamp'] = time(); $values['deleted'] = 1; $tableName = $this->getTemplateService()->getPersistingTable(); $this->getDatabaseConnection()->exec_UPDATEquery($tableName, $this->getClause(), $values); HttpUtility::redirect($this->getUrl()); } return $values; }
/** * Check if $columns is valid. If it is not valid, throw an exception. * * @param Vote $vote * @return void */ public function isValid($vote) { // Check if User is logged in if (!$this->getUserService()->isAuthenticated()) { print 'Authentication required.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_401); } if (!$vote instanceof Vote) { print 'I could not instantiate the Vote object.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_400); } if (empty($vote->getVotedObject()->getContentType())) { print 'I miss a valid content type.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_400); } $object = $this->getVotedObjectRepository()->findOne($vote); if (empty($object)) { print 'I could not retrieve the voted object.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_404); } // Check the content element that contains the voting meta information. $contentElementIdentifier = (int) GeneralUtility::_GP('contentElement'); if ($contentElementIdentifier < 1) { print 'Invalid or missing content element parameter.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_400); } $content = $this->getContentElementService()->get($contentElementIdentifier); if (empty($content)) { print 'I could not retrieve this content element: ' . $contentElementIdentifier; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_404); } $settings = $this->getContentElementService()->getSettings($contentElementIdentifier); if ((int) $settings['closingDate'] > 0 && (int) $settings['closingDate'] < time()) { print 'Sorry, the vote is closed for this content element: ' . $contentElementIdentifier; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } $allowedFrequency = (int) $settings['allowedFrequency']; $userIdentifier = $vote->getUser(); $lastVote = $this->getVoteRepository()->findLastVote($settings['contentType'], $userIdentifier); if ($allowedFrequency > 0 && !empty($lastVote)) { if ($allowedFrequency === self::ALLOWED_ONLY_ONCE_PER_24 && time() - $lastVote['time'] < 86400) { print 'Sorry, you can not vote for this type of object today, please come back.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } elseif ($allowedFrequency === self::ALLOWED_ONLY_ONCE) { print 'Sorry, you can vote only once for this type of object.'; HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } } }
/** * Processes eID request. * * @return void */ public function main() { // Due to the nature of OpenID (redrections, etc) we need to force user // session fetching if there is no session around. This ensures that // our service is called even if there is no login data in the request. // Inside the service we will process OpenID response and authenticate // the user. $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']['FE_fetchUserIfNoSession'] = TRUE; // Initialize Frontend user \TYPO3\CMS\Frontend\Utility\EidUtility::connectDB(); \TYPO3\CMS\Frontend\Utility\EidUtility::initFeUser(); // Redirect to the original location in any case (authenticated or not) @ob_end_clean(); \TYPO3\CMS\Core\Utility\HttpUtility::redirect(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_location'), \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303); }
/** * Entry point for the backend module * * @return void */ public function main() { /** @var $installToolService \TYPO3\CMS\Install\EnableFileService */ $installToolService = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Install\\EnableFileService'); if ($installToolService->checkInstallToolEnableFile()) { // Install Tool is already enabled \TYPO3\CMS\Core\Utility\HttpUtility::redirect('install/'); } elseif ($this->isValidEnableRequest()) { // Install Tool should be enabled $installToolService->createInstallToolEnableFile(); \TYPO3\CMS\Core\Utility\HttpUtility::redirect('install/'); } else { // ask the user to enable the Install Tool $this->showInstallToolEnableRequest(); } }
/** * Performs a redirect if possible * * @param RequestInterface $request * @param array $settings * @return void */ public function processRedirect(RequestInterface $request, array $settings) { $formData = $request->getArgument('formData'); $redirectUrl = NULL; // May be set by anything if (!empty($formData['redirect_url'])) { $redirectUrl = $formData['redirect_url']; } // May be set via config.typolinkLinkAccessRestrictedPages_addParams if (!empty($formData['return_url'])) { $redirectUrl = $formData['return_url']; } if ($redirectUrl !== NULL) { HttpUtility::redirect($redirectUrl); } }
/** * Main method to dump a file * * @param ServerRequestInterface $request * @param ResponseInterface $response * @return NULL|ResponseInterface * * @throws \InvalidArgumentException * @throws \RuntimeException * @throws \TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException * @throws \UnexpectedValueException */ public function dumpAction(ServerRequestInterface $request, ResponseInterface $response) { $parameters = array('eID' => 'dumpFile'); $t = $this->getGetOrPost($request, 't'); if ($t) { $parameters['t'] = $t; } $f = $this->getGetOrPost($request, 'f'); if ($f) { $parameters['f'] = $f; } $p = $this->getGetOrPost($request, 'p'); if ($p) { $parameters['p'] = $p; } if (GeneralUtility::hmac(implode('|', $parameters), 'resourceStorageDumpFile') === $this->getGetOrPost($request, 'token')) { if (isset($parameters['f'])) { $file = ResourceFactory::getInstance()->getFileObject($parameters['f']); if ($file->isDeleted() || $file->isMissing()) { $file = null; } } else { $file = GeneralUtility::makeInstance(ProcessedFileRepository::class)->findByUid($parameters['p']); if ($file->isDeleted()) { $file = null; } } if ($file === null) { HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_404); } // Hook: allow some other process to do some security/access checks. Hook should issue 403 if access is rejected if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'] as $classRef) { $hookObject = GeneralUtility::getUserObj($classRef); if (!$hookObject instanceof FileDumpEIDHookInterface) { throw new \UnexpectedValueException('FileDump hook object must implement interface ' . FileDumpEIDHookInterface::class, 1394442417); } $hookObject->checkFileAccess($file); } } $file->getStorage()->dumpFileContents($file); // @todo Refactor FAL to not echo directly, but to implement a stream for output here and use response return null; } else { return $response->withStatus(403); } }
/** * Handles any backend request * * @param ServerRequestInterface $request * @return ResponseInterface */ public function handleRequest(ServerRequestInterface $request) { // Allow the login page to be displayed if routing is not used and on index.php $pathToRoute = (string) $request->getQueryParams()['route'] ?: '/login'; $request = $request->withAttribute('routePath', $pathToRoute); // skip the BE user check on the login page // should be handled differently in the future by checking the Bootstrap directly $this->boot($pathToRoute === '/login'); // Check if the router has the available route and dispatch. try { return $this->dispatch($request); // When token was invalid redirect to login } catch (InvalidRequestTokenException $e) { $url = GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . TYPO3_mainDir; \TYPO3\CMS\Core\Utility\HttpUtility::redirect($url); } }
/** * Processes eID request. * * @return void */ public function main() { // Due to the nature of OpenID (redrections, etc) we need to force user // session fetching if there is no session around. This ensures that // our service is called even if there is no login data in the request. // Inside the service we will process OpenID response and authenticate // the user. $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth']['FE_fetchUserIfNoSession'] = true; // Initialize Frontend user EidUtility::initFeUser(); // Redirect to the original location in any case (authenticated or not) @ob_end_clean(); $location = GeneralUtility::_GP('tx_openid_location'); $signature = GeneralUtility::hmac($location, 'openid'); if ($signature === GeneralUtility::_GP('tx_openid_location_signature')) { HttpUtility::redirect($location, HttpUtility::HTTP_STATUS_303); } }
/** * Dump file content * Copy from /sysext/core/Resources/PHP/FileDumpEID.php * * @param array $params * @param \TYPO3\CMS\Core\Http\AjaxRequestHandler $ajaxObj */ public function dumpFile($params = array(), \TYPO3\CMS\Core\Http\AjaxRequestHandler &$ajaxObj = null) { $parameters = array('eID' => 'dumpFile'); if (GeneralUtility::_GP('t')) { $parameters['t'] = GeneralUtility::_GP('t'); } if (GeneralUtility::_GP('f')) { $parameters['f'] = (int) GeneralUtility::_GP('f'); } if (GeneralUtility::_GP('p')) { $parameters['p'] = (int) GeneralUtility::_GP('p'); } if (GeneralUtility::hmac(implode('|', $parameters), 'BeResourceStorageDumpFile') === GeneralUtility::_GP('token')) { if (isset($parameters['f'])) { $file = \TYPO3\CMS\Core\Resource\ResourceFactory::getInstance()->getFileObject($parameters['f']); if ($file->isDeleted() || $file->isMissing()) { $file = null; } $orgFile = $file; } else { /** @var \TYPO3\CMS\Core\Resource\ProcessedFile $file */ $file = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Resource\\ProcessedFileRepository')->findByUid($parameters['p']); if ($file->isDeleted()) { $file = null; } $orgFile = $file->getOriginalFile(); } // Check file read permissions if (!$orgFile->getStorage()->checkFileActionPermission('read', $orgFile)) { HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } if ($file === null) { HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_404); } ob_start(); $file->getStorage()->dumpFileContents($file); exit; } else { HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } }
/** * Checks if the sys_domain record for this domain has the forceSSL option * enabled, and redirects to the https:// version of the URL. * * @param array $parameters * @param TypoScriptFrontendController $parentObject */ public function redirectCurrentDomainToHttps($parameters, $parentObject) { // SSL is active, nothing to be done if (GeneralUtility::getIndpEnv('TYPO3_SSL')) { return; } $domain = explode(':', GeneralUtility::getIndpEnv('HTTP_HOST')); $domain = strtolower(preg_replace('/\\.$/', '', $domain[0])); // Removing extra trailing slashes from path $path = GeneralUtility::getIndpEnv('SCRIPT_NAME'); $path = trim(preg_replace('/\\/[^\\/]*$/', '', $path)); $domain = preg_replace('/\\/*$/', '', $domain . $path); $databaseRecord = $this->getDatabaseConnection()->exec_SELECTgetSingleRow('domainName,forcessl,redirectTo', 'sys_domain', 'hidden=0 AND redirectTo="" AND forcessl=1 AND (domainName=' . $this->getDatabaseConnection()->fullQuoteStr($domain, 'sys_domain') . ' OR domainName=' . $this->getDatabaseConnection()->fullQuoteStr($domain . '/', 'sys_domain') . ')'); if (is_array($databaseRecord)) { // exchange http:// with https:// and keep everything else $currentUrl = GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'); if (strpos($currentUrl, 'http://') === 0) { $currentUrlWithSsl = 'https://' . substr($currentUrl, 7); HttpUtility::redirect($currentUrlWithSsl); } } }
/** * Returns the html for the AJAX API * * @param array $params * @param \TYPO3\CMS\Core\Http\AjaxRequestHandler $ajaxRequestHandler * @return void */ public function getHtmlForImageManipulationWizard($params, $ajaxRequestHandler) { if (!$this->checkHmacToken()) { HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_403); } $fileUid = GeneralUtility::_GET('file'); $image = NULL; if (MathUtility::canBeInterpretedAsInteger($fileUid)) { try { $image = ResourceFactory::getInstance()->getFileObject($fileUid); } catch (FileDoesNotExistException $e) {} } $view = $this->getFluidTemplateObject($this->templatePath . 'Wizards/ImageManipulationWizard.html'); $view->assign('image', $image); $view->assign('zoom', (bool)GeneralUtility::_GET('zoom')); $view->assign('ratios', $this->getRatiosArray()); $content = $view->render(); $ajaxRequestHandler->addContent('content', $content); $ajaxRequestHandler->setContentFormat('html'); }
/** * Main function * Makes a header-location redirect to an edit form IF POSSIBLE from the passed data - otherwise the window will just close. * * @return void * @todo Define visibility */ public function main() { if ($this->doClose) { $this->closeWindow(); } else { // Initialize: $table = $this->P['table']; $field = $this->P['field']; \TYPO3\CMS\Core\Utility\GeneralUtility::loadTCA($table); $config = $GLOBALS['TCA'][$table]['columns'][$field]['config']; $fTable = $this->P['currentValue'] < 0 ? $config['neg_foreign_table'] : $config['foreign_table']; // Detecting the various allowed field type setups and acting accordingly. if (is_array($config) && $config['type'] == 'select' && !$config['MM'] && $config['maxitems'] <= 1 && \TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($this->P['currentValue']) && $this->P['currentValue'] && $fTable) { // SINGLE value: $redirectUrl = 'alt_doc.php?returnUrl=' . rawurlencode('wizard_edit.php?doClose=1') . '&edit[' . $fTable . '][' . $this->P['currentValue'] . ']=edit'; \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl); } elseif (is_array($config) && $this->P['currentSelectedValues'] && ($config['type'] == 'select' && $config['foreign_table'] || $config['type'] == 'group' && $config['internal_type'] == 'db')) { // MULTIPLE VALUES: // Init settings: $allowedTables = $config['type'] == 'group' ? $config['allowed'] : $config['foreign_table'] . ',' . $config['neg_foreign_table']; $prependName = 1; $params = ''; // Selecting selected values into an array: $dbAnalysis = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Database\\RelationHandler'); $dbAnalysis->start($this->P['currentSelectedValues'], $allowedTables); $value = $dbAnalysis->getValueArray($prependName); // Traverse that array and make parameters for alt_doc.php: foreach ($value as $rec) { $recTableUidParts = \TYPO3\CMS\Core\Utility\GeneralUtility::revExplode('_', $rec, 2); $params .= '&edit[' . $recTableUidParts[0] . '][' . $recTableUidParts[1] . ']=edit'; } // Redirect to alt_doc.php: \TYPO3\CMS\Core\Utility\HttpUtility::redirect('alt_doc.php?returnUrl=' . rawurlencode('wizard_edit.php?doClose=1') . $params); } else { $this->closeWindow(); } } }
/** * Main action * * @throws \Exception */ public function main() { $parameter = GeneralUtility::_GET(); $fileObject = FileUtility::getFileByMetaData((int) $parameter['P']['uid']); if (isset($parameter['save']) && $fileObject) { $values = array('focus_point_y' => $parameter['yValue'] * 100, 'focus_point_x' => $parameter['xValue'] * 100); $uid = (int) $parameter['P']['uid']; GlobalUtility::getDatabaseConnection()->exec_UPDATEquery('sys_file_metadata', 'uid=' . $uid, $values); HttpUtility::redirect($parameter['P']['returnUrl']); } $saveArguments = array('save' => 1, 'P' => array('uid' => $parameter['P']['uid'], 'returnUrl' => $parameter['P']['returnUrl'])); $saveUri = BackendUtility::getModuleUrl('focuspoint', $saveArguments); // current point $information = $this->getCurrentFocusPoint($parameter['P']['uid']); /** @var \TYPO3\CMS\Fluid\View\StandaloneView $template */ $template = GeneralUtility::makeInstance('TYPO3\\CMS\\Fluid\\View\\StandaloneView'); $template->setTemplatePathAndFilename(ExtensionManagementUtility::extPath('focuspoint', 'Resources/Private/Templates/Wizard/Focuspoint.html')); $template->assign('filePath', $fileObject->getPublicUrl(TRUE)); $template->assign('saveUri', $saveUri); $template->assign('currentLeft', ($information['focus_point_x'] + 100) / 2 . '%'); $template->assign('currentTop', ($information['focus_point_y'] - 100) / -2 . '%'); echo $template->render(); }
/** * Main action * * @throws \Exception * @return string */ public function main() { $handler = $this->getCurrentHandler(); $parameter = GeneralUtility::_GET(); if (isset($parameter['save'])) { if (is_object($handler)) { $handler->setCurrentPoint($parameter['xValue'] * 100, $parameter['yValue'] * 100); } HttpUtility::redirect($parameter['P']['returnUrl']); } $saveArguments = ['save' => 1, 'P' => ['returnUrl' => $parameter['P']['returnUrl']]]; /** @var \TYPO3\CMS\Fluid\View\StandaloneView $template */ $template = GeneralUtility::makeInstance('TYPO3\\CMS\\Fluid\\View\\StandaloneView'); $template->setTemplatePathAndFilename(ExtensionManagementUtility::extPath('focuspoint', 'Resources/Private/Templates/Wizard/Focuspoint.html')); if (is_object($handler)) { ArrayUtility::mergeRecursiveWithOverrule($saveArguments, $handler->getArguments()); list($x, $y) = $handler->getCurrentPoint(); $template->assign('filePath', $handler->getPublicUrl()); $template->assign('currentLeft', ($x + 100) / 2 . '%'); $template->assign('currentTop', ($y - 100) / -2 . '%'); } $template->assign('saveUri', BackendUtility::getModuleUrl('focuspoint', $saveArguments)); return $template->render(); }
/** * Call the inliner CSS processor * * @param string $content * * @return string */ public function process($content) { GeneralUtility::requireOnce(ExtensionManagementUtility::extPath('ink', 'Resources/Private/Php/vendor/autoload.php')); $pattern = '%<(link|style)(?=[^<>]*?(?:type="(text/css)"|>))(?=[^<>]*?(?:media="([^<>"]*)"|>))(?=[^<>]*?(?:href="(.*?)"|>))(?=[^<>]*(?:rel="([^<>"]*)"|>))(?:.*?</\\1>|[^<>]*>)%si'; $matches = array(); $css = ''; preg_match_all($pattern, $content, $matches); if (isset($matches[0])) { foreach ($matches[0] as $key => $match) { if ($matches[1][$key] === 'style') { $css .= strip_tags($match); } elseif (strpos($match, 'type="text/css"') !== FALSE) { $file = preg_replace('/^(.+)\\.(\\d+)\\.css$/', '$1.css', $matches[4][$key]); $parts = parse_url($file); if (isset($parts['query'])) { unset($parts['query']); } if (!isset($parts['host'])) { $parts['path'] = ltrim($parts['path'], '/'); } if ($parts['host'] === GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY')) { unset($parts['scheme']); unset($parts['host']); $parts['path'] = ltrim($parts['path'], '/'); } $file = HttpUtility::buildUrl($parts); $css .= GeneralUtility::getUrl($file); } else { continue; } $content = str_replace($match, '', $content); } } $format = new CssToInlineStyles($content, $css); return $format->convert(); }
/** * HTTP redirect to self, preserving allowed GET variables. * WARNING: This exits the script execution! * * @param string $controller Can be set to 'tool' to redirect from step to tool controller * @param string $action Set specific action for next request, used in step controller to specify next step * @return void */ protected function redirect($controller = '', $action = '') { $getPostValues = GeneralUtility::_GP('install'); $parameters = array(); // Current redirect count if (isset($getPostValues['redirectCount'])) { $redirectCount = (int) $getPostValues['redirectCount'] + 1; } else { $redirectCount = 0; } if ($redirectCount >= 10) { // Abort a redirect loop by throwing an exception. Calling this method // some times in a row is ok, but break a loop if this happens too often. throw new Exception\RedirectLoopException('Redirect loop aborted. If this message is shown again after a reload,' . ' your setup is so weird that the install tool is unable to handle it.' . ' Please make sure to remove the "install[redirectCount]" parameter from your request or' . ' restart the install tool from the backend navigation.', 1380581244); } $parameters[] = 'install[redirectCount]=' . $redirectCount; // Add context parameter in case this script was called within backend scope $context = 'install[context]=standalone'; if (isset($getPostValues['context']) && $getPostValues['context'] === 'backend') { $context = 'install[context]=backend'; } $parameters[] = $context; // Add controller parameter $controllerParameter = 'install[controller]=step'; if (isset($getPostValues['controller']) && $getPostValues['controller'] === 'tool' || $controller === 'tool') { $controllerParameter = 'install[controller]=tool'; } $parameters[] = $controllerParameter; // Add action if specified if ((string) $action !== '') { $parameters[] = 'install[action]=' . $action; } $redirectLocation = 'Install.php?' . implode('&', $parameters); \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectLocation, \TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_303); }