public function moveFiles(\DataContainer $dc)
{
$arrPost = Request::getPost();
foreach ($arrPost as $key => $value) {
$arrData = $GLOBALS['TL_DCA'][$dc->table]['fields'][$key];
if ($arrData['inputType'] != MultiFileUpload::NAME) {
continue;
}
$arrFiles = deserialize($dc->activeRecord->{$key});
$strUploadFolder = Files::getFolderFromDca($arrData['eval']['uploadFolder'], $dc);
if ($strUploadFolder === null) {
throw new \Exception(sprintf($GLOBALS['TL_LANG']['ERR']['uploadNoUploadFolderDeclared'], $key, MultiFileUpload::UPLOAD_TMP));
}
if (!is_array($arrFiles)) {
$arrFiles = array($arrFiles);
}
$objFileModels = FilesModel::findMultipleByUuids($arrFiles);
if ($objFileModels === null) {
continue;
}
$arrPaths = $objFileModels->fetchEach('path');
$arrTargets = array();
// do not loop over $objFileModels as $objFile->close() will pull models away
foreach ($arrPaths as $strPath) {
$objFile = new \File($strPath);
$strName = $objFile->name;
$strTarget = $strUploadFolder . '/' . $strName;
// upload_path_callback
if (is_array($arrData['upload_path_callback'])) {
foreach ($arrData['upload_path_callback'] as $callback) {
$strTarget = \System::importStatic($callback[0])->{$callback[1]}($strTarget, $objFile, $dc) ?: $strTarget;
}
}
if (StringUtil::startsWith($objFile->path, ltrim($strTarget, '/'))) {
continue;
}
if ($objFile->renameTo($strTarget)) {
$arrTargets[] = $strTarget;
$objFile->close();
continue;
}
$arrTargets[] = $strPath;
}
// HOOK: post upload callback
if (isset($GLOBALS['TL_HOOKS']['postUpload']) && is_array($GLOBALS['TL_HOOKS']['postUpload'])) {
foreach ($GLOBALS['TL_HOOKS']['postUpload'] as $callback) {
if (is_array($callback)) {
\System::importStatic($callback[0])->{$callback[1]}($arrTargets);
} elseif (is_callable($callback)) {
$callback($arrTargets);
}
}
}
}
}
protected function getArguments()
{
$arrArgumentValues = array();
$arrArguments = $this->arrAttributes['arguments'];
$arrOptional = is_array($this->arrAttributes['optional']) ? $this->arrAttributes['optional'] : array();
$strMethod = Request::getInstance()->getMethod();
foreach ($arrArguments as $argument) {
if (is_array($argument) || is_bool($argument)) {
$arrArgumentValues[] = $argument;
continue;
}
if (!in_array($argument, $arrOptional) && ($strMethod == 'POST' && !isset($_POST[$argument]) || $strMethod == 'GET' && !isset($_GET[$argument]))) {
header('HTTP/1.1 400 Bad Request');
die('Bad Request, missing argument ' . $argument);
}
$varValue = $strMethod == 'POST' ? Request::getPost($argument) : Request::getGet($argument);
if ($varValue === 'true' || $varValue === 'false') {
$varValue = filter_var($varValue, FILTER_VALIDATE_BOOLEAN);
}
$arrArgumentValues[] = $varValue;
}
return $arrArgumentValues;
}
/**
* Toggle Subpalette
* @param $id
* @param $strField
* @param bool $blnLoad
*
* @return ResponseError|ResponseSuccess
*/
function toggleSubpalette($id, $strField, $blnLoad = false)
{
if (!$this->dc->isSubmitted()) {
return;
}
$varValue = Request::getPost($strField) ?: 0;
if (!is_array($this->dca['palettes']['__selector__']) || !in_array($strField, $this->dca['palettes']['__selector__'])) {
\Controller::log('Field "' . $strField . '" is not an allowed selector field (possible SQL injection attempt)', __METHOD__, TL_ERROR);
return new ResponseError();
}
$arrData = $this->dca['fields'][$strField];
if (!Validator::isValidOption($varValue, $arrData, $this->dc)) {
\Controller::log('Field "' . $strField . '" value is not an allowed option (possible SQL injection attempt)', __METHOD__, TL_ERROR);
return new ResponseError();
}
if (empty(FormHelper::getFieldOptions($arrData, $this->dc))) {
$varValue = intval($varValue) ? 1 : '';
}
$this->dc->setSkipValidation(true);
// do not validate fields
$this->dc->setDoNotSubmit(true);
$this->dc->activeRecord->{$strField} = $varValue;
$objResponse = new ResponseSuccess();
if ($blnLoad) {
$objResponse->setResult(new ResponseData($this->dc->edit(false, $id)));
}
return $objResponse;
}
